OESA-2023-1585

See a problem?
Please try reporting it to the source first.
Source
https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2023-1585
Import Source
https://repo.openeuler.org/security/data/osv/OESA-2023-1585.json
JSON Data
https://api.test.osv.dev/v1/vulns/OESA-2023-1585
Upstream
Published
2023-09-02T11:05:50Z
Modified
2025-08-12T05:17:25.859377Z
Summary
kernel security update
Details

The Linux Kernel, the operating system core itself.

Security Fix(es):

A hash collision flaw was found in the IPv6 connection lookup table in the Linux kernel’s IPv6 functionality when a user makes a new kind of SYN flood attack. A user located in the local network or with a high bandwidth connection can increase the CPU usage of the server that accepts IPV6 connections up to 95%.(CVE-2023-1206)

A buffer overrun vulnerability was found in the netback driver in Xen due to an unusual split packet. This flaw allows an unprivileged guest to cause a denial of service (DoS) of the host by sending network packets to the backend, causing the backend to crash.(CVE-2023-34319)

An issue was discovered in the Linux kernel before 6.3.10. fs/smb/server/smb2misc.c in ksmbd does not validate the relationship between the command payload size and the RFC1002 length specification, leading to an out-of-bounds read.(CVE-2023-38432)

(CVE-2023-3867)

An issue was discovered in l2capsockrelease in net/bluetooth/l2cap_sock.c in the Linux kernel before 6.4.10. There is a use-after-free because the children of an sk are mishandled.(CVE-2023-40283)

A flaw was found in the Linux kernel's TUN/TAP functionality. This issue could allow a local user to bypass network filters and gain unauthorized access to some resources. The original patches fixing CVE-2023-1076 are incorrect or incomplete. The problem is that the following upstream commits - a096ccca6e50 ("tun: tunchropen(): correctly initialize socket uid"), - 66b2c338adce ("tap: tapopen(): correctly initialize socket uid"), pass "inode->iuid" to sockinitdata_uid() as the last parameter and that turns out to not be accurate.(CVE-2023-4194)

A flaw was found in btrfsgetroot_ref in fs/btrfs/disk-io.c in the btrfs filesystem in the Linux Kernel due to a double decrement of the reference count. This issue may allow a local attacker with user privilege to crash the system or may lead to leaked internal kernel information.(CVE-2023-4389)

Database specific 
{
    "severity": "Critical"
}
References

Affected packages

openEuler:22.03-LTS / kernel

Package

Name
kernel
Purl
pkg:rpm/openEuler/kernel&distro=openEuler-22.03-LTS

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.10.0-60.109.0.136.oe2203

Ecosystem specific 

{
    "x86_64": [
        "kernel-5.10.0-60.109.0.136.oe2203.x86_64.rpm",
        "bpftool-debuginfo-5.10.0-60.109.0.136.oe2203.x86_64.rpm",
        "kernel-tools-devel-5.10.0-60.109.0.136.oe2203.x86_64.rpm",
        "kernel-debuginfo-5.10.0-60.109.0.136.oe2203.x86_64.rpm",
        "kernel-devel-5.10.0-60.109.0.136.oe2203.x86_64.rpm",
        "kernel-debugsource-5.10.0-60.109.0.136.oe2203.x86_64.rpm",
        "kernel-headers-5.10.0-60.109.0.136.oe2203.x86_64.rpm",
        "kernel-tools-5.10.0-60.109.0.136.oe2203.x86_64.rpm",
        "perf-debuginfo-5.10.0-60.109.0.136.oe2203.x86_64.rpm",
        "python3-perf-5.10.0-60.109.0.136.oe2203.x86_64.rpm",
        "python3-perf-debuginfo-5.10.0-60.109.0.136.oe2203.x86_64.rpm",
        "kernel-tools-debuginfo-5.10.0-60.109.0.136.oe2203.x86_64.rpm",
        "kernel-source-5.10.0-60.109.0.136.oe2203.x86_64.rpm",
        "perf-5.10.0-60.109.0.136.oe2203.x86_64.rpm",
        "bpftool-5.10.0-60.109.0.136.oe2203.x86_64.rpm"
    ],
    "src": [
        "kernel-5.10.0-60.109.0.136.oe2203.src.rpm"
    ],
    "aarch64": [
        "kernel-debugsource-5.10.0-60.109.0.136.oe2203.aarch64.rpm",
        "python3-perf-debuginfo-5.10.0-60.109.0.136.oe2203.aarch64.rpm",
        "kernel-5.10.0-60.109.0.136.oe2203.aarch64.rpm",
        "python3-perf-5.10.0-60.109.0.136.oe2203.aarch64.rpm",
        "perf-5.10.0-60.109.0.136.oe2203.aarch64.rpm",
        "kernel-tools-devel-5.10.0-60.109.0.136.oe2203.aarch64.rpm",
        "kernel-source-5.10.0-60.109.0.136.oe2203.aarch64.rpm",
        "kernel-tools-debuginfo-5.10.0-60.109.0.136.oe2203.aarch64.rpm",
        "bpftool-5.10.0-60.109.0.136.oe2203.aarch64.rpm",
        "kernel-tools-5.10.0-60.109.0.136.oe2203.aarch64.rpm",
        "kernel-debuginfo-5.10.0-60.109.0.136.oe2203.aarch64.rpm",
        "bpftool-debuginfo-5.10.0-60.109.0.136.oe2203.aarch64.rpm",
        "kernel-devel-5.10.0-60.109.0.136.oe2203.aarch64.rpm",
        "perf-debuginfo-5.10.0-60.109.0.136.oe2203.aarch64.rpm",
        "kernel-headers-5.10.0-60.109.0.136.oe2203.aarch64.rpm"
    ]
}