Security update for the Linux Kernel (Live Patch 39 for SLE 12 SP5) SUSE Patch security@suse.de SUSE Security Team SUSE-SU-2023:2415 Final 1 1 2023-06-06T15:09:43Z current 2023-06-06T15:09:43Z 2023-06-06T15:09:43Z cve-database/bin/generate-cvrf.pl 2017-02-24T01:00:00Z Security update for the Linux Kernel (Live Patch 39 for SLE 12 SP5) This update for the Linux Kernel 4.12.14-122_147 fixes several issues. The following security issues were fixed: - CVE-2023-28464: Fixed user-after-free that could lead to privilege escalation in hci_conn_cleanup in net/uetooth/hci_conn.c (bsc#1211111). - CVE-2023-1989: Fixed a use after free in btsdio_remove (bsc#1210500). - CVE-2023-1281: Fixed use after free that could lead to privilege escalation in tcindex (bsc#1209683). - CVE-2023-2162: Fixed an use-after-free flaw in iscsi_sw_tcp_session_create (bsc#1210662). The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). SUSE-SLE-Live-Patching-12-SP5-2023-2415 Copyright SUSE LLC under the Creative Commons License 4.0 with Attribution (CC-BY-4.0) https://www.suse.com/support/update/announcement/2023/suse-su-20232415/ Link for SUSE-SU-2023:2415 https://lists.suse.com/pipermail/sle-updates/2023-June/029742.html E-Mail link for SUSE-SU-2023:2415 https://www.suse.com/support/security/rating/ SUSE Security Ratings https://bugzilla.suse.com/1209683 SUSE Bug 1209683 https://bugzilla.suse.com/1210500 SUSE Bug 1210500 https://bugzilla.suse.com/1210662 SUSE Bug 1210662 https://bugzilla.suse.com/1211111 SUSE Bug 1211111 https://www.suse.com/security/cve/CVE-2023-1281/ SUSE CVE CVE-2023-1281 page https://www.suse.com/security/cve/CVE-2023-1989/ SUSE CVE CVE-2023-1989 page https://www.suse.com/security/cve/CVE-2023-2162/ SUSE CVE CVE-2023-2162 page https://www.suse.com/security/cve/CVE-2023-28464/ SUSE CVE CVE-2023-28464 page SUSE Linux Enterprise Live Patching 12 SP5 kgraft-patch-4_12_14-122_147-default-4-2.2 kgraft-patch-4_12_14-122_147-default-4-2.2 as a component of SUSE Linux Enterprise Live Patching 12 SP5 Use After Free vulnerability in Linux kernel traffic control index filter (tcindex) allows Privilege Escalation. The imperfect hash area can be updated while packets are traversing, which will cause a use-after-free when 'tcf_exts_exec()' is called with the destroyed tcf_ext. A local attacker user can use this vulnerability to elevate its privileges to root. This issue affects Linux Kernel: from 4.14 before git commit ee059170b1f7e94e55fa6cadee544e176a6e59c2. CVE-2023-1281 SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_147-default-4-2.2 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2023/suse-su-20232415/ https://www.suse.com/security/cve/CVE-2023-1281.html CVE-2023-1281 https://bugzilla.suse.com/1209634 SUSE Bug 1209634 https://bugzilla.suse.com/1209683 SUSE Bug 1209683 https://bugzilla.suse.com/1210335 SUSE Bug 1210335 https://bugzilla.suse.com/1210423 SUSE Bug 1210423 https://bugzilla.suse.com/1211833 SUSE Bug 1211833 A use-after-free flaw was found in btsdio_remove in drivers\bluetooth\btsdio.c in the Linux Kernel. In this flaw, a call to btsdio_remove with an unfinished job, may cause a race problem leading to a UAF on hdev devices. CVE-2023-1989 SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_147-default-4-2.2 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2023/suse-su-20232415/ https://www.suse.com/security/cve/CVE-2023-1989.html CVE-2023-1989 https://bugzilla.suse.com/1210336 SUSE Bug 1210336 https://bugzilla.suse.com/1210500 SUSE Bug 1210500 https://bugzilla.suse.com/1213841 SUSE Bug 1213841 https://bugzilla.suse.com/1213842 SUSE Bug 1213842 https://bugzilla.suse.com/1214128 SUSE Bug 1214128 A use-after-free vulnerability was found in iscsi_sw_tcp_session_create in drivers/scsi/iscsi_tcp.c in SCSI sub-component in the Linux Kernel. In this flaw an attacker could leak kernel internal information. CVE-2023-2162 SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_147-default-4-2.2 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2023/suse-su-20232415/ https://www.suse.com/security/cve/CVE-2023-2162.html CVE-2023-2162 https://bugzilla.suse.com/1210647 SUSE Bug 1210647 https://bugzilla.suse.com/1210662 SUSE Bug 1210662 https://bugzilla.suse.com/1213841 SUSE Bug 1213841 https://bugzilla.suse.com/1213842 SUSE Bug 1213842 https://bugzilla.suse.com/1214128 SUSE Bug 1214128 hci_conn_cleanup in net/bluetooth/hci_conn.c in the Linux kernel through 6.2.9 has a use-after-free (observed in hci_conn_hash_flush) because of calls to hci_dev_put and hci_conn_put. There is a double free that may lead to privilege escalation. CVE-2023-28464 SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_147-default-4-2.2 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2023/suse-su-20232415/ https://www.suse.com/security/cve/CVE-2023-28464.html CVE-2023-28464 https://bugzilla.suse.com/1209052 SUSE Bug 1209052 https://bugzilla.suse.com/1211111 SUSE Bug 1211111 https://bugzilla.suse.com/1220130 SUSE Bug 1220130