SUSE-SU-2023:4863-1 Security update for the Linux Kernel (Live Patch 5 for SLE 15 SP5)

This update for the Linux Kernel 5.14.21-1505005528 fixes several issues. The following security issues were fixed: - CVE-2023-3777: Fixed a use-after-free vulnerability in netfilter: nftables component can be exploited to achieve local privilege escalation. bsc1215097 - CVE-2023-5345: Fixed an...

SUSE SLES15: kernel-livepatch-5_14_21-150400_24_74-default / etc (SUSE-SU-2023:4805-1)

The remote SUSE Linux SLES15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:4805-1 advisory. This update for the Linux Kernel 5.14.21-1504002474 fixes several issues. The following security issues were fixed: - CVE-2023-3610: Fixed...

SUSE SLES15 Security Update : kernel (Live Patch 18 for SLE 15 SP4) (SUSE-SU-2023:4801-1)

The remote SUSE Linux SLES15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:4801-1 advisory. This update for the Linux Kernel 5.14.21-1504002488 fixes several issues. The following security issues were fixed: - CVE-2023-3777: Fixed a...

SUSE SLES15 Security Update : kernel (Live Patch 36 for SLE 15 SP2) (SUSE-SU-2023:4796-1)

The remote SUSE Linux SLES15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:4796-1 advisory. This update for the Linux Kernel 5.3.18-15020024151 fixes several issues. The following security issues were fixed: - CVE-2023-4622: Fixed a...

SUSE SLES15: kernel-livepatch-5_14_21-150400_15_53-rt / etc (SUSE-SU-2023:4775-1)

The remote SUSE Linux SLES15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:4775-1 advisory. This update for the Linux Kernel 5.14.21-1504001553 fixes several issues. The following security issues were fixed: - CVE-2023-3777: Fixed a...

SUSE SLES15: kernel-livepatch-5_14_21-150400_15_8-rt / etc (SUSE-SU-2023:4766-1)

The remote SUSE Linux SLES15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:4766-1 advisory. This update for the Linux Kernel 5.14.21-150400158 fixes several issues. The following security issues were fixed: - CVE-2023-3610: Fixed...

AlmaLinux 8 : kpatch-patch (ALSA-2023:7554)

The remote AlmaLinux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the ALSA-2023:7554 advisory. - Incorrect verifier pruning in BPF in Linux Kernel =5.4 leads to unsafe code paths being incorrectly marked as safe, resulting in arbitrary read/write in...

Oracle Linux 8 : kernel (ELSA-2023-7549)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2023-7549 advisory. - media: dvb-core: Fix use-after-free due to race at dvbregisterdevice Mauro Carvalho Chehab CVE-2022-45884 - cifs: Fix UAF in cifsdemultiplexthread...

RHEL 8 : kpatch-patch (RHSA-2023:7554)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2023:7554 advisory. This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel...

SUSE SLES15 / openSUSE 15 Security Update : kernel (SUSE-SU-2023:4343-1)

The remote SUSE Linux SLES15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:4343-1 advisory. - Incorrect verifier pruning in BPF in Linux Kernel =5.4 leads to unsafe code paths being incorrectly marked as safe, resulting i...

SUSE SLES15 / openSUSE 15 Security Update : kernel (SUSE-SU-2023:4348-1)

The remote SUSE Linux SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:4348-1 advisory. - Incorrect verifier pruning in BPF in Linux Kernel =5.4 leads to unsafe code paths being incorrectly marked as safe,...

SUSE SLES15: cluster-md-kmp-rt / dlm-kmp-rt / gfs2-kmp-rt / kernel-devel-rt / etc (SUSE-SU-2023:4351-1)

The remote SUSE Linux SLES15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:4351-1 advisory. The SUSE Linux Enterprise 15 SP4 RT kernel was updated to receive various security and bugfixes. The following security bugs were...

Incorrect Verifier Branch Pruning Logic Leads To Arbitrary Read/Write In Linux Kernel and Lateral Privilege Escalation

...

CVE-2023-2163

Incorrect verifier pruning in BPF in Linux Kernel =5.4 leads to unsafe code paths being incorrectly marked as safe, resulting in arbitrary read/write in kernel memory, lateral privilege escalation, and container escape...

CVE-2023-2163

Incorrect verifier pruning in BPF in Linux Kernel =5.4 leads to unsafe code paths being incorrectly marked as safe, resulting in arbitrary read/write in kernel memory, lateral privilege escalation, and container escape...

Privilege escalation

Incorrect verifier pruning in BPF in Linux Kernel =5.4 leads to unsafe code paths being incorrectly marked as safe, resulting in arbitrary read/write in kernel memory, lateral privilege escalation, and container escape...

CVE-2023-2163 Incorrect Verifier Branch Pruning Logic Leads To Arbitrary Read/Write In Linux Kernel and Lateral Privilege Escalation

Incorrect verifier pruning in BPF in Linux Kernel =5.4 leads to unsafe code paths being incorrectly marked as safe, resulting in arbitrary read/write in kernel memory, lateral privilege escalation, and container escape...

CVE-2023-2163 Incorrect Verifier Branch Pruning Logic Leads To Arbitrary Read/Write In Linux Kernel and Lateral Privilege Escalation

Incorrect verifier pruning in BPF in Linux Kernel =5.4 leads to unsafe code paths being incorrectly marked as safe, resulting in arbitrary read/write in kernel memory, lateral privilege escalation, and container escape...

CVE-2023-2163

Summary of CVE-2023-2163 : The issue is an incorrect verifier pruning in the kernel’s BPF verifier for Linux kernel versions >= 5.4, where unsafe code paths can be marked safe, enabling arbitrary reads/writes in kernel memory, lateral privilege escalation, and container escapes. Connected advi...

CVE-2023-2163

Incorrect verifier pruning in BPF in Linux Kernel =5.4 leads to unsafe code paths being incorrectly marked as safe, resulting in arbitrary read/write in kernel memory, lateral privilege escalation, and container escape...