SUSE-SU-2023:0767-1

Source
https://www.suse.com/support/update/announcement/2023/suse-su-20230767-1/
Import Source
https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2023:0767-1.json
JSON Data
https://api.osv.dev/v1/vulns/SUSE-SU-2023:0767-1
Related
Published
2023-03-16T12:17:04Z
Modified
2023-03-16T12:17:04Z
Summary
Security update for the Linux Kernel
Details

The SUSE Linux Enterprise 12 SP2 kernel was updated to receive various security and bugfixes.

The following security bugs were fixed:

  • CVE-2023-26545: Fixed double free in net/mpls/af_mpls.c upon an allocation failure (bsc#1208700).
  • CVE-2023-23559: Fixed integer overflow in rndis_wlan that leads to a buffer overflow (bsc#1207051).
  • CVE-2022-38096: Fixed NULL-ptr deref in vmwcmddxdefinequery() (bsc#1203331).
  • CVE-2022-36280: Fixed out-of-bounds memory access vulnerability found in vmwgfx driver (bsc#1203332).
  • CVE-2023-0590: Fixed race condition in qdisc_graft() (bsc#1207795).
References

Affected packages

SUSE:Linux Enterprise Server 12 SP2-BCL / kernel-default

Package

Name
kernel-default
Purl
purl:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP2-BCL

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.4.121-92.202.5

Ecosystem specific

{
    "binaries": [
        {
            "kernel-macros": "4.4.121-92.202.6",
            "kernel-devel": "4.4.121-92.202.6",
            "kernel-default-base": "4.4.121-92.202.5",
            "kernel-default": "4.4.121-92.202.5",
            "kernel-source": "4.4.121-92.202.6",
            "kernel-syms": "4.4.121-92.202.6",
            "kernel-default-devel": "4.4.121-92.202.5"
        }
    ]
}

SUSE:Linux Enterprise Server 12 SP2-BCL / kernel-source

Package

Name
kernel-source
Purl
purl:rpm/suse/kernel-source&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP2-BCL

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.4.121-92.202.6

Ecosystem specific

{
    "binaries": [
        {
            "kernel-macros": "4.4.121-92.202.6",
            "kernel-devel": "4.4.121-92.202.6",
            "kernel-default-base": "4.4.121-92.202.5",
            "kernel-default": "4.4.121-92.202.5",
            "kernel-source": "4.4.121-92.202.6",
            "kernel-syms": "4.4.121-92.202.6",
            "kernel-default-devel": "4.4.121-92.202.5"
        }
    ]
}

SUSE:Linux Enterprise Server 12 SP2-BCL / kernel-syms

Package

Name
kernel-syms
Purl
purl:rpm/suse/kernel-syms&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP2-BCL

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.4.121-92.202.6

Ecosystem specific

{
    "binaries": [
        {
            "kernel-macros": "4.4.121-92.202.6",
            "kernel-devel": "4.4.121-92.202.6",
            "kernel-default-base": "4.4.121-92.202.5",
            "kernel-default": "4.4.121-92.202.5",
            "kernel-source": "4.4.121-92.202.6",
            "kernel-syms": "4.4.121-92.202.6",
            "kernel-default-devel": "4.4.121-92.202.5"
        }
    ]
}