OESA-2023-1188
- Source
- https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2023-1188
- Import Source
- https://repo.openeuler.org/security/data/osv/OESA-2023-1188.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/OESA-2023-1188
- Upstream
- Published
- 2023-03-31T11:05:05Z
- Modified
- 2025-08-12T05:13:21.495045Z
- Summary
- kernel security update
- Details
-
The Linux Kernel, the operating system core itself.
Security Fix(es):
When SMT is enabled, certain AMD processors may speculatively execute instructions using a target from the sibling thread after an SMT mode switch potentially resulting in information disclosure.(CVE-2022-27672)
A flaw was found in the Linux kernel. A use-after-free may be triggered in asuskbdbacklightset when plugging/disconnecting in a malicious USB device, which advertises itself as an Asus device. Similarly to the previous known CVE-2023-25012, but in asus devices, the workstruct may be scheduled by the LED controller while the device is disconnecting, triggering a use-after-free on the struct asuskbdleds *led structure. A malicious USB device may exploit the issue to cause memory corruption with controlled data.(CVE-2023-1079)
In the Linux kernel before 5.19, drivers/gpu/drm/arm/malidpplanes.c misinterprets the getsg_table return value (expects it to be NULL in the error case, whereas it is actually an error pointer).(CVE-2023-23004)
A use-after-free flaw was found in the Linux kernel’s core dump subsystem. This flaw allows a local user to crash the system. Only if patch 390031c94211 ("coredump: Use the vma snapshot in fillfilesnote") not applied yet, then kernel could be affected.(CVE-2023-1249)
Kernel: denial of service in tipcconnclose(CVE-2023-1382)
dotlsgetsockopt in net/tls/tlsmain.c in the Linux kernel through 6.2.6 lacks a locksock call, leading to a race condition (with a resultant use-after-free or NULL pointer dereference).(CVE-2023-28466)
In the Linux kernel before 6.1.3, fs/ntfs3/inode.c does not validate the attribute name offset. An unhandled page fault may occur.(CVE-2022-48424)
In the Linux kernel before 6.1.3, fs/ntfs3/record.c does not validate resident attribute names. An out-of-bounds write may occur.(CVE-2022-48423)
In the Linux kernel through 6.2.7, fs/ntfs3/inode.c has an invalid kfree because it does not validate MFT flags before replaying logs.(CVE-2022-48425)
Use After Free vulnerability in Linux kernel traffic control index filter (tcindex) allows Privilege Escalation. The imperfect hash area can be updated while packets are traversing, which will cause a use-after-free when 'tcfextsexec()' is called with the destroyed tcf_ext. A local attacker user can use this vulnerability to elevate its privileges to root. This issue affects Linux Kernel: from 4.14 before git commit ee059170b1f7e94e55fa6cadee544e176a6e59c2.(CVE-2023-1281)
In the Linux kernel before 5.16.3, drivers/usb/dwc3/dwc3-qcom.c misinterprets the dwc3qcomcreateursusb_platdev return value (expects it to be NULL in the error case, whereas it is actually an error pointer).(CVE-2023-22999)
- Database specific
{ "severity": "High" }- References
-
- https://www.openeuler.org/en/security/safety-bulletin/detail.html?id=openEuler-SA-2023-1188
- https://nvd.nist.gov/vuln/detail/CVE-2022-27672
- https://nvd.nist.gov/vuln/detail/CVE-2023-1079
- https://nvd.nist.gov/vuln/detail/CVE-2023-23004
- https://nvd.nist.gov/vuln/detail/CVE-2023-1249
- https://nvd.nist.gov/vuln/detail/CVE-2023-1382
- https://nvd.nist.gov/vuln/detail/CVE-2023-28466
- https://nvd.nist.gov/vuln/detail/CVE-2022-48424
- https://nvd.nist.gov/vuln/detail/CVE-2022-48423
- https://nvd.nist.gov/vuln/detail/CVE-2022-48425
- https://nvd.nist.gov/vuln/detail/CVE-2023-1281
- https://nvd.nist.gov/vuln/detail/CVE-2023-22999
Affected packages
openEuler:22.03-LTS / kernel
Package
- Name
- kernel
- Purl
- pkg:rpm/openEuler/kernel&distro=openEuler-22.03-LTS
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed5.10.0-60.87.0.111.oe2203
Ecosystem specific
{
"x86_64": [
"kernel-tools-debuginfo-5.10.0-60.87.0.111.oe2203.x86_64.rpm",
"python3-perf-debuginfo-5.10.0-60.87.0.111.oe2203.x86_64.rpm",
"perf-debuginfo-5.10.0-60.87.0.111.oe2203.x86_64.rpm",
"python3-perf-5.10.0-60.87.0.111.oe2203.x86_64.rpm",
"kernel-debugsource-5.10.0-60.87.0.111.oe2203.x86_64.rpm",
"kernel-tools-5.10.0-60.87.0.111.oe2203.x86_64.rpm",
"kernel-debuginfo-5.10.0-60.87.0.111.oe2203.x86_64.rpm",
"bpftool-5.10.0-60.87.0.111.oe2203.x86_64.rpm",
"kernel-devel-5.10.0-60.87.0.111.oe2203.x86_64.rpm",
"kernel-headers-5.10.0-60.87.0.111.oe2203.x86_64.rpm",
"kernel-source-5.10.0-60.87.0.111.oe2203.x86_64.rpm",
"bpftool-debuginfo-5.10.0-60.87.0.111.oe2203.x86_64.rpm",
"perf-5.10.0-60.87.0.111.oe2203.x86_64.rpm",
"kernel-5.10.0-60.87.0.111.oe2203.x86_64.rpm",
"kernel-tools-devel-5.10.0-60.87.0.111.oe2203.x86_64.rpm"
],
"src": [
"kernel-5.10.0-60.87.0.111.oe2203.src.rpm"
],
"aarch64": [
"bpftool-5.10.0-60.87.0.111.oe2203.aarch64.rpm",
"kernel-tools-devel-5.10.0-60.87.0.111.oe2203.aarch64.rpm",
"kernel-devel-5.10.0-60.87.0.111.oe2203.aarch64.rpm",
"perf-debuginfo-5.10.0-60.87.0.111.oe2203.aarch64.rpm",
"kernel-headers-5.10.0-60.87.0.111.oe2203.aarch64.rpm",
"kernel-5.10.0-60.87.0.111.oe2203.aarch64.rpm",
"perf-5.10.0-60.87.0.111.oe2203.aarch64.rpm",
"python3-perf-5.10.0-60.87.0.111.oe2203.aarch64.rpm",
"kernel-debuginfo-5.10.0-60.87.0.111.oe2203.aarch64.rpm",
"python3-perf-debuginfo-5.10.0-60.87.0.111.oe2203.aarch64.rpm",
"kernel-tools-5.10.0-60.87.0.111.oe2203.aarch64.rpm",
"kernel-source-5.10.0-60.87.0.111.oe2203.aarch64.rpm",
"bpftool-debuginfo-5.10.0-60.87.0.111.oe2203.aarch64.rpm",
"kernel-tools-debuginfo-5.10.0-60.87.0.111.oe2203.aarch64.rpm",
"kernel-debugsource-5.10.0-60.87.0.111.oe2203.aarch64.rpm"
]
}