Security update for the Linux Kernel SUSE Patch security@suse.de SUSE Security Team SUSE-SU-2024:0112-1 Final 1 1 2024-01-16T12:29:23Z current 2024-01-16T12:29:23Z 2024-01-16T12:29:23Z cve-database/bin/generate-cvrf.pl 2017-02-24T01:00:00Z Security update for the Linux Kernel The SUSE Linux Enterprise 11 SP4 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2020-26555: Fixed Bluetooth legacy BR/EDR PIN code pairing in Bluetooth Core Specification 1.0B that may permit an unauthenticated nearby device to spoof the BD_ADDR of the peer device to complete pairing without knowledge of the PIN (bsc#1179610 bsc#1215237). - CVE-2022-45887: Fixed a memory leak in ttusb_dec.c caused by the lack of a dvb_frontend_detach call (bsc#1205762). - CVE-2023-1206: Fixed a hash collision flaw in the IPv6 connection lookup table which could be exploited by network adjacent attackers, increasing CPU usage by 95% (bsc#1212703). - CVE-2023-31085: Fixed a divide-by-zero error in do_div(sz,mtd->erasesize) that could cause a local DoS (bsc#1210778). - CVE-2023-3111: Fixed a use-after-free vulnerability in prepare_to_relocate in fs/btrfs/relocation.c (bsc#1212051). - CVE-2023-39189: Fixed a flaw in the Netfilter subsystem that could allow a local privileged (CAP_NET_ADMIN) attacker to trigger an out-of-bounds read, leading to a crash or information disclosure (bsc#1216046). - CVE-2023-39192: Fixed an out of bounds read in the netfilter (bsc#1215858). - CVE-2023-39193: Fixed an out of bounds read in the xtables subsystem (bsc#1215860). - CVE-2023-39197: Fixed a out-of-bounds read in nf_conntrack_dccp_packet() (bsc#1216976). - CVE-2023-45863: Fixed a out-of-bounds write in fill_kobj_path() (bsc#1216058). - CVE-2023-51779: Fixed a use-after-free because of a bt_sock_ioctl race condition in bt_sock_recvmsg (bsc#1218559). - CVE-2023-6606: Fixed an out of bounds read in the SMB client when receiving a malformed length from a server (bsc#1217947). - CVE-2023-6932: Fixed a use-after-free vulnerability in the Linux kernel's ipv4: igmp component that could lead to local privilege escalation (bsc#1218253). The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). SUSE-2024-112,SUSE-SLE-SERVER-11-SP4-LTSS-EXTREME-CORE-2024-112 Copyright SUSE LLC under the Creative Commons License 4.0 with Attribution (CC-BY-4.0) https://www.suse.com/support/update/announcement/2024/suse-su-20240112-1/ Link for SUSE-SU-2024:0112-1 https://lists.suse.com/pipermail/sle-security-updates/2024-January/017672.html E-Mail link for SUSE-SU-2024:0112-1 https://www.suse.com/support/security/rating/ SUSE Security Ratings https://bugzilla.suse.com/1179610 SUSE Bug 1179610 https://bugzilla.suse.com/1205762 SUSE Bug 1205762 https://bugzilla.suse.com/1210778 SUSE Bug 1210778 https://bugzilla.suse.com/1212051 SUSE Bug 1212051 https://bugzilla.suse.com/1212703 SUSE Bug 1212703 https://bugzilla.suse.com/1215237 SUSE Bug 1215237 https://bugzilla.suse.com/1215858 SUSE Bug 1215858 https://bugzilla.suse.com/1215860 SUSE Bug 1215860 https://bugzilla.suse.com/1216046 SUSE Bug 1216046 https://bugzilla.suse.com/1216058 SUSE Bug 1216058 https://bugzilla.suse.com/1216976 SUSE Bug 1216976 https://bugzilla.suse.com/1217947 SUSE Bug 1217947 https://bugzilla.suse.com/1218253 SUSE Bug 1218253 https://bugzilla.suse.com/1218559 SUSE Bug 1218559 https://www.suse.com/security/cve/CVE-2020-26555/ SUSE CVE CVE-2020-26555 page https://www.suse.com/security/cve/CVE-2022-45887/ SUSE CVE CVE-2022-45887 page https://www.suse.com/security/cve/CVE-2023-1206/ SUSE CVE CVE-2023-1206 page https://www.suse.com/security/cve/CVE-2023-31085/ SUSE CVE CVE-2023-31085 page https://www.suse.com/security/cve/CVE-2023-3111/ SUSE CVE CVE-2023-3111 page https://www.suse.com/security/cve/CVE-2023-39189/ SUSE CVE CVE-2023-39189 page https://www.suse.com/security/cve/CVE-2023-39192/ SUSE CVE CVE-2023-39192 page https://www.suse.com/security/cve/CVE-2023-39193/ SUSE CVE CVE-2023-39193 page https://www.suse.com/security/cve/CVE-2023-39197/ SUSE CVE CVE-2023-39197 page https://www.suse.com/security/cve/CVE-2023-45863/ SUSE CVE CVE-2023-45863 page https://www.suse.com/security/cve/CVE-2023-51779/ SUSE CVE CVE-2023-51779 page https://www.suse.com/security/cve/CVE-2023-6606/ SUSE CVE CVE-2023-6606 page https://www.suse.com/security/cve/CVE-2023-6932/ SUSE CVE CVE-2023-6932 page SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE kernel-debug-3.0.101-108.150.1 kernel-debug-base-3.0.101-108.150.1 kernel-debug-devel-3.0.101-108.150.1 kernel-debug-extra-3.0.101-108.150.1 kernel-debug-hmac-3.0.101-108.150.1 kernel-default-3.0.101-108.150.1 kernel-default-base-3.0.101-108.150.1 kernel-default-devel-3.0.101-108.150.1 kernel-default-extra-3.0.101-108.150.1 kernel-default-hmac-3.0.101-108.150.1 kernel-docs-3.0.101-108.150.1 kernel-ec2-3.0.101-108.150.1 kernel-ec2-base-3.0.101-108.150.1 kernel-ec2-devel-3.0.101-108.150.1 kernel-ec2-extra-3.0.101-108.150.1 kernel-ec2-hmac-3.0.101-108.150.1 kernel-pae-3.0.101-108.150.1 kernel-pae-base-3.0.101-108.150.1 kernel-pae-devel-3.0.101-108.150.1 kernel-pae-extra-3.0.101-108.150.1 kernel-pae-hmac-3.0.101-108.150.1 kernel-source-3.0.101-108.150.1 kernel-source-vanilla-3.0.101-108.150.1 kernel-syms-3.0.101-108.150.1 kernel-trace-3.0.101-108.150.1 kernel-trace-base-3.0.101-108.150.1 kernel-trace-devel-3.0.101-108.150.1 kernel-trace-extra-3.0.101-108.150.1 kernel-trace-hmac-3.0.101-108.150.1 kernel-vanilla-3.0.101-108.150.1 kernel-vanilla-base-3.0.101-108.150.1 kernel-vanilla-devel-3.0.101-108.150.1 kernel-vanilla-hmac-3.0.101-108.150.1 kernel-xen-3.0.101-108.150.1 kernel-xen-base-3.0.101-108.150.1 kernel-xen-devel-3.0.101-108.150.1 kernel-xen-extra-3.0.101-108.150.1 kernel-xen-hmac-3.0.101-108.150.1 kernel-default-3.0.101-108.150.1 as a component of SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE kernel-default-base-3.0.101-108.150.1 as a component of SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE kernel-default-devel-3.0.101-108.150.1 as a component of SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE kernel-ec2-3.0.101-108.150.1 as a component of SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE kernel-ec2-base-3.0.101-108.150.1 as a component of SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE kernel-ec2-devel-3.0.101-108.150.1 as a component of SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE kernel-source-3.0.101-108.150.1 as a component of SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE kernel-syms-3.0.101-108.150.1 as a component of SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE kernel-trace-3.0.101-108.150.1 as a component of SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE kernel-trace-base-3.0.101-108.150.1 as a component of SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE kernel-trace-devel-3.0.101-108.150.1 as a component of SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE kernel-xen-3.0.101-108.150.1 as a component of SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE kernel-xen-base-3.0.101-108.150.1 as a component of SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE kernel-xen-devel-3.0.101-108.150.1 as a component of SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE Bluetooth legacy BR/EDR PIN code pairing in Bluetooth Core Specification 1.0B through 5.2 may permit an unauthenticated nearby device to spoof the BD_ADDR of the peer device to complete pairing without knowledge of the PIN. CVE-2020-26555 SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-3.0.101-108.150.1 SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-base-3.0.101-108.150.1 SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-devel-3.0.101-108.150.1 SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-3.0.101-108.150.1 SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-base-3.0.101-108.150.1 SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-devel-3.0.101-108.150.1 SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-source-3.0.101-108.150.1 SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-syms-3.0.101-108.150.1 SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-3.0.101-108.150.1 SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-base-3.0.101-108.150.1 SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-devel-3.0.101-108.150.1 SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-3.0.101-108.150.1 SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-base-3.0.101-108.150.1 SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-devel-3.0.101-108.150.1 moderate 4.8 AV:A/AC:L/Au:N/C:P/I:P/A:N To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2024/suse-su-20240112-1/ https://www.suse.com/security/cve/CVE-2020-26555.html CVE-2020-26555 https://bugzilla.suse.com/1179610 SUSE Bug 1179610 https://bugzilla.suse.com/1215237 SUSE Bug 1215237 https://bugzilla.suse.com/1220015 SUSE Bug 1220015 An issue was discovered in the Linux kernel through 6.0.9. drivers/media/usb/ttusb-dec/ttusb_dec.c has a memory leak because of the lack of a dvb_frontend_detach call. CVE-2022-45887 SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-3.0.101-108.150.1 SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-base-3.0.101-108.150.1 SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-devel-3.0.101-108.150.1 SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-3.0.101-108.150.1 SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-base-3.0.101-108.150.1 SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-devel-3.0.101-108.150.1 SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-source-3.0.101-108.150.1 SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-syms-3.0.101-108.150.1 SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-3.0.101-108.150.1 SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-base-3.0.101-108.150.1 SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-devel-3.0.101-108.150.1 SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-3.0.101-108.150.1 SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-base-3.0.101-108.150.1 SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-devel-3.0.101-108.150.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2024/suse-su-20240112-1/ https://www.suse.com/security/cve/CVE-2022-45887.html CVE-2022-45887 https://bugzilla.suse.com/1205762 SUSE Bug 1205762 https://bugzilla.suse.com/1220015 SUSE Bug 1220015 A hash collision flaw was found in the IPv6 connection lookup table in the Linux kernel's IPv6 functionality when a user makes a new kind of SYN flood attack. A user located in the local network or with a high bandwidth connection can increase the CPU usage of the server that accepts IPV6 connections up to 95%. CVE-2023-1206 SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-3.0.101-108.150.1 SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-base-3.0.101-108.150.1 SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-devel-3.0.101-108.150.1 SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-3.0.101-108.150.1 SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-base-3.0.101-108.150.1 SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-devel-3.0.101-108.150.1 SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-source-3.0.101-108.150.1 SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-syms-3.0.101-108.150.1 SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-3.0.101-108.150.1 SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-base-3.0.101-108.150.1 SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-devel-3.0.101-108.150.1 SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-3.0.101-108.150.1 SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-base-3.0.101-108.150.1 SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-devel-3.0.101-108.150.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2024/suse-su-20240112-1/ https://www.suse.com/security/cve/CVE-2023-1206.html CVE-2023-1206 https://bugzilla.suse.com/1212703 SUSE Bug 1212703 https://bugzilla.suse.com/1220015 SUSE Bug 1220015 An issue was discovered in drivers/mtd/ubi/cdev.c in the Linux kernel 6.2. There is a divide-by-zero error in do_div(sz,mtd->erasesize), used indirectly by ctrl_cdev_ioctl, when mtd->erasesize is 0. CVE-2023-31085 SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-3.0.101-108.150.1 SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-base-3.0.101-108.150.1 SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-devel-3.0.101-108.150.1 SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-3.0.101-108.150.1 SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-base-3.0.101-108.150.1 SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-devel-3.0.101-108.150.1 SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-source-3.0.101-108.150.1 SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-syms-3.0.101-108.150.1 SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-3.0.101-108.150.1 SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-base-3.0.101-108.150.1 SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-devel-3.0.101-108.150.1 SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-3.0.101-108.150.1 SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-base-3.0.101-108.150.1 SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-devel-3.0.101-108.150.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2024/suse-su-20240112-1/ https://www.suse.com/security/cve/CVE-2023-31085.html CVE-2023-31085 https://bugzilla.suse.com/1210778 SUSE Bug 1210778 https://bugzilla.suse.com/1220015 SUSE Bug 1220015 A use after free vulnerability was found in prepare_to_relocate in fs/btrfs/relocation.c in btrfs in the Linux Kernel. This possible flaw can be triggered by calling btrfs_ioctl_balance() before calling btrfs_ioctl_defrag(). CVE-2023-3111 SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-3.0.101-108.150.1 SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-base-3.0.101-108.150.1 SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-devel-3.0.101-108.150.1 SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-3.0.101-108.150.1 SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-base-3.0.101-108.150.1 SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-devel-3.0.101-108.150.1 SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-source-3.0.101-108.150.1 SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-syms-3.0.101-108.150.1 SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-3.0.101-108.150.1 SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-base-3.0.101-108.150.1 SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-devel-3.0.101-108.150.1 SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-3.0.101-108.150.1 SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-base-3.0.101-108.150.1 SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-devel-3.0.101-108.150.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2024/suse-su-20240112-1/ https://www.suse.com/security/cve/CVE-2023-3111.html CVE-2023-3111 https://bugzilla.suse.com/1212051 SUSE Bug 1212051 https://bugzilla.suse.com/1220015 SUSE Bug 1220015 A flaw was found in the Netfilter subsystem in the Linux kernel. The nfnl_osf_add_callback function did not validate the user mode controlled opt_num field. This flaw allows a local privileged (CAP_NET_ADMIN) attacker to trigger an out-of-bounds read, leading to a crash or information disclosure. CVE-2023-39189 SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-3.0.101-108.150.1 SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-base-3.0.101-108.150.1 SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-devel-3.0.101-108.150.1 SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-3.0.101-108.150.1 SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-base-3.0.101-108.150.1 SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-devel-3.0.101-108.150.1 SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-source-3.0.101-108.150.1 SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-syms-3.0.101-108.150.1 SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-3.0.101-108.150.1 SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-base-3.0.101-108.150.1 SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-devel-3.0.101-108.150.1 SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-3.0.101-108.150.1 SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-base-3.0.101-108.150.1 SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-devel-3.0.101-108.150.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2024/suse-su-20240112-1/ https://www.suse.com/security/cve/CVE-2023-39189.html CVE-2023-39189 https://bugzilla.suse.com/1216046 SUSE Bug 1216046 https://bugzilla.suse.com/1220015 SUSE Bug 1220015 A flaw was found in the Netfilter subsystem in the Linux kernel. The xt_u32 module did not validate the fields in the xt_u32 structure. This flaw allows a local privileged attacker to trigger an out-of-bounds read by setting the size fields with a value beyond the array boundaries, leading to a crash or information disclosure. CVE-2023-39192 SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-3.0.101-108.150.1 SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-base-3.0.101-108.150.1 SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-devel-3.0.101-108.150.1 SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-3.0.101-108.150.1 SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-base-3.0.101-108.150.1 SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-devel-3.0.101-108.150.1 SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-source-3.0.101-108.150.1 SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-syms-3.0.101-108.150.1 SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-3.0.101-108.150.1 SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-base-3.0.101-108.150.1 SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-devel-3.0.101-108.150.1 SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-3.0.101-108.150.1 SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-base-3.0.101-108.150.1 SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-devel-3.0.101-108.150.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2024/suse-su-20240112-1/ https://www.suse.com/security/cve/CVE-2023-39192.html CVE-2023-39192 https://bugzilla.suse.com/1215858 SUSE Bug 1215858 https://bugzilla.suse.com/1220015 SUSE Bug 1220015 A flaw was found in the Netfilter subsystem in the Linux kernel. The sctp_mt_check did not validate the flag_count field. This flaw allows a local privileged (CAP_NET_ADMIN) attacker to trigger an out-of-bounds read, leading to a crash or information disclosure. CVE-2023-39193 SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-3.0.101-108.150.1 SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-base-3.0.101-108.150.1 SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-devel-3.0.101-108.150.1 SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-3.0.101-108.150.1 SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-base-3.0.101-108.150.1 SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-devel-3.0.101-108.150.1 SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-source-3.0.101-108.150.1 SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-syms-3.0.101-108.150.1 SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-3.0.101-108.150.1 SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-base-3.0.101-108.150.1 SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-devel-3.0.101-108.150.1 SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-3.0.101-108.150.1 SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-base-3.0.101-108.150.1 SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-devel-3.0.101-108.150.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2024/suse-su-20240112-1/ https://www.suse.com/security/cve/CVE-2023-39193.html CVE-2023-39193 https://bugzilla.suse.com/1215860 SUSE Bug 1215860 https://bugzilla.suse.com/1220015 SUSE Bug 1220015 An out-of-bounds read vulnerability was found in Netfilter Connection Tracking (conntrack) in the Linux kernel. This flaw allows a remote user to disclose sensitive information via the DCCP protocol. CVE-2023-39197 SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-3.0.101-108.150.1 SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-base-3.0.101-108.150.1 SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-devel-3.0.101-108.150.1 SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-3.0.101-108.150.1 SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-base-3.0.101-108.150.1 SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-devel-3.0.101-108.150.1 SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-source-3.0.101-108.150.1 SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-syms-3.0.101-108.150.1 SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-3.0.101-108.150.1 SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-base-3.0.101-108.150.1 SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-devel-3.0.101-108.150.1 SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-3.0.101-108.150.1 SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-base-3.0.101-108.150.1 SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-devel-3.0.101-108.150.1 low To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2024/suse-su-20240112-1/ https://www.suse.com/security/cve/CVE-2023-39197.html CVE-2023-39197 https://bugzilla.suse.com/1216976 SUSE Bug 1216976 https://bugzilla.suse.com/1220015 SUSE Bug 1220015 An issue was discovered in lib/kobject.c in the Linux kernel before 6.2.3. With root access, an attacker can trigger a race condition that results in a fill_kobj_path out-of-bounds write. CVE-2023-45863 SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-3.0.101-108.150.1 SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-base-3.0.101-108.150.1 SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-devel-3.0.101-108.150.1 SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-3.0.101-108.150.1 SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-base-3.0.101-108.150.1 SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-devel-3.0.101-108.150.1 SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-source-3.0.101-108.150.1 SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-syms-3.0.101-108.150.1 SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-3.0.101-108.150.1 SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-base-3.0.101-108.150.1 SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-devel-3.0.101-108.150.1 SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-3.0.101-108.150.1 SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-base-3.0.101-108.150.1 SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-devel-3.0.101-108.150.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2024/suse-su-20240112-1/ https://www.suse.com/security/cve/CVE-2023-45863.html CVE-2023-45863 https://bugzilla.suse.com/1216058 SUSE Bug 1216058 https://bugzilla.suse.com/1220015 SUSE Bug 1220015 bt_sock_recvmsg in net/bluetooth/af_bluetooth.c in the Linux kernel through 6.6.8 has a use-after-free because of a bt_sock_ioctl race condition. CVE-2023-51779 SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-3.0.101-108.150.1 SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-base-3.0.101-108.150.1 SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-devel-3.0.101-108.150.1 SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-3.0.101-108.150.1 SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-base-3.0.101-108.150.1 SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-devel-3.0.101-108.150.1 SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-source-3.0.101-108.150.1 SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-syms-3.0.101-108.150.1 SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-3.0.101-108.150.1 SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-base-3.0.101-108.150.1 SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-devel-3.0.101-108.150.1 SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-3.0.101-108.150.1 SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-base-3.0.101-108.150.1 SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-devel-3.0.101-108.150.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2024/suse-su-20240112-1/ https://www.suse.com/security/cve/CVE-2023-51779.html CVE-2023-51779 https://bugzilla.suse.com/1218559 SUSE Bug 1218559 https://bugzilla.suse.com/1218610 SUSE Bug 1218610 https://bugzilla.suse.com/1220015 SUSE Bug 1220015 https://bugzilla.suse.com/1220191 SUSE Bug 1220191 https://bugzilla.suse.com/1221578 SUSE Bug 1221578 https://bugzilla.suse.com/1221598 SUSE Bug 1221598 An out-of-bounds read vulnerability was found in smbCalcSize in fs/smb/client/netmisc.c in the Linux Kernel. This issue could allow a local attacker to crash the system or leak internal kernel information. CVE-2023-6606 SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-3.0.101-108.150.1 SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-base-3.0.101-108.150.1 SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-devel-3.0.101-108.150.1 SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-3.0.101-108.150.1 SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-base-3.0.101-108.150.1 SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-devel-3.0.101-108.150.1 SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-source-3.0.101-108.150.1 SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-syms-3.0.101-108.150.1 SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-3.0.101-108.150.1 SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-base-3.0.101-108.150.1 SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-devel-3.0.101-108.150.1 SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-3.0.101-108.150.1 SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-base-3.0.101-108.150.1 SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-devel-3.0.101-108.150.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2024/suse-su-20240112-1/ https://www.suse.com/security/cve/CVE-2023-6606.html CVE-2023-6606 https://bugzilla.suse.com/1217947 SUSE Bug 1217947 https://bugzilla.suse.com/1220015 SUSE Bug 1220015 A use-after-free vulnerability in the Linux kernel's ipv4: igmp component can be exploited to achieve local privilege escalation. A race condition can be exploited to cause a timer be mistakenly registered on a RCU read locked object which is freed by another thread. We recommend upgrading past commit e2b706c691905fe78468c361aaabc719d0a496f1. CVE-2023-6932 SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-3.0.101-108.150.1 SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-base-3.0.101-108.150.1 SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-devel-3.0.101-108.150.1 SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-3.0.101-108.150.1 SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-base-3.0.101-108.150.1 SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-devel-3.0.101-108.150.1 SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-source-3.0.101-108.150.1 SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-syms-3.0.101-108.150.1 SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-3.0.101-108.150.1 SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-base-3.0.101-108.150.1 SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-devel-3.0.101-108.150.1 SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-3.0.101-108.150.1 SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-base-3.0.101-108.150.1 SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-devel-3.0.101-108.150.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2024/suse-su-20240112-1/ https://www.suse.com/security/cve/CVE-2023-6932.html CVE-2023-6932 https://bugzilla.suse.com/1218253 SUSE Bug 1218253 https://bugzilla.suse.com/1218255 SUSE Bug 1218255 https://bugzilla.suse.com/1220015 SUSE Bug 1220015 https://bugzilla.suse.com/1220191 SUSE Bug 1220191 https://bugzilla.suse.com/1221578 SUSE Bug 1221578 https://bugzilla.suse.com/1221598 SUSE Bug 1221598