SUSE SLES15 Security Update : kernel (Live Patch 41 for SLE 15 SP1) (SUSE-SU-2023:3571-1)

The remote SUSE Linux SLES15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:3571-1 advisory. - A heap out-of-bounds write vulnerability in the Linux Kernel ipvlan network driver can be exploited to achieve local privilege escalation. Th...

CVE-2023-3090

A heap out-of-bounds write vulnerability in the Linux Kernel ipvlan network driver can be exploited to achieve local privilege escalation. The out-of-bounds write is caused by missing skb-cb initialization in the ipvlan network driver. The vulnerability is reachable if CONFIGIPVLAN is enabled. We...

CVE-2023-3090

CVE-2023-3090 is a Linux kernel vulnerability affecting the ipvlan driver. It causes a heap out-of-bounds write due to missing skb->cb initialization, and is exploitable when CONFIG_IPVLAN is enabled. The issue enables local privilege escalation as described in multiple sources (e.g., Astra Li...

CVE-2023-3090 Out-of-bounds write in Linux kernel's ipvlan network driver

A heap out-of-bounds write vulnerability in the Linux Kernel ipvlan network driver can be exploited to achieve local privilege escalation. The out-of-bounds write is caused by missing skb-cb initialization in the ipvlan network driver. The vulnerability is reachable if CONFIGIPVLAN is enabled. We...