SUSE-SU-2023:2151-1 -- SLES kernel, reiserfs-kmp-defaultID: oval:org.secpod.oval:def:89048826 | Date: (C)2023-06-02 (M)2024-04-25 |
Class: PATCH | Family: unix |
The SUSE Linux Enterprise 15 SP1 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: * CVE-2023-2124: Fixed an out of bound access in the XFS subsystem that could have lead to denial-of-service or potentially privilege escalation . * CVE-2023-1670: Fixed a use after free in the Xircom 16-bit PCMCIA Ethernet driver. A local user could use this flaw to crash the system or potentially escalate their privileges on the system . * CVE-2023-2162: Fixed an use-after-free flaw in iscsi_sw_tcp_session_create . * CVE-2023-1998: Fixed a use after free during login when accessing the shost ipaddress . * CVE-2023-30772: Fixed a race condition and resultant use-after-free in da9150_charger_remove . * CVE-2023-1855: Fixed a use after free in xgene_hwmon_remove . * CVE-2023-1989: Fixed a use after free in btsdio_remove . * CVE-2023-1990: Fixed a use after free in ndlc_remove . * CVE-2022-43945: Fixed a buffer overflow in the NFSD implementation . * CVE-2023-1611: Fixed an use-after-free flaw in btrfs_search_slot . * CVE-2020-36691: Fixed a denial of service vulnerability via a nested Netlink policy with a back reference . The following non-security bugs were fixed: * cifs: fix negotiate context parsing . * cred: allow get_cred and put_cred to be given NULL . ## Special Instructions and Notes: * Please reboot the system after installing this update.
Platform: |
SUSE Linux Enterprise Server 15 SP1 |
Product: |
kernel |
reiserfs-kmp-default |