An update for kernel is now available for openEuler-22.03-LTS-SP1
Security Advisory
openeuler-security@openeuler.org
openEuler security committee
openEuler-SA-2023-1072
Final
1.0
1.0
2023-02-10
Initial
2023-02-10
2023-02-10
openEuler SA Tool V1.0
2023-02-10
kernel security update
An update for kernel is now available for openEuler-22.03-LTS-SP1.
The Linux Kernel, the operating system core itself.
Security Fix(es):
A buffer overflow vulnerability was found in the Netfilter subsystem in the Linux Kernel. This issue could allow the leakage of both stack and heap addresses, and potentially allow Local Privilege Escalation to the root user via arbitrary code execution.(CVE-2023-0179)
atm_tc_enqueue in net/sched/sch_atm.c in the Linux kernel through 6.1.4 allows attackers to cause a denial of service because of type confusion (non-negative numbers can sometimes indicate a TC_ACT_SHOT condition rather than valid classification results).(CVE-2023-23455)
cbq_classify in net/sched/sch_cbq.c in the Linux kernel through 6.1.4 allows attackers to cause a denial of service (slab-out-of-bounds read) because of type confusion (non-negative numbers can sometimes indicate a TC_ACT_SHOT condition rather than valid classification results).(CVE-2023-23454)
An update for kernel is now available for openEuler-22.03-LTS-SP1.
openEuler Security has rated this update as having a security impact of high. A Common Vunlnerability Scoring System(CVSS)base score,which gives a detailed severity rating, is available for each vulnerability from the CVElink(s) in the References section.
High
kernel
https://www.openeuler.org/en/security/safety-bulletin/detail.html?id=openEuler-SA-2023-1072
https://www.openeuler.org/en/security/cve/detail.html?id=CVE-2023-0179
https://www.openeuler.org/en/security/cve/detail.html?id=CVE-2023-23455
https://www.openeuler.org/en/security/cve/detail.html?id=CVE-2023-23454
https://nvd.nist.gov/vuln/detail/CVE-2023-0179
https://nvd.nist.gov/vuln/detail/CVE-2023-23455
https://nvd.nist.gov/vuln/detail/CVE-2023-23454
openEuler-22.03-LTS-SP1
kernel-5.10.0-136.17.0.93.oe2203sp1.aarch64.rpm
kernel-headers-5.10.0-136.17.0.93.oe2203sp1.aarch64.rpm
perf-5.10.0-136.17.0.93.oe2203sp1.aarch64.rpm
bpftool-5.10.0-136.17.0.93.oe2203sp1.aarch64.rpm
python3-perf-debuginfo-5.10.0-136.17.0.93.oe2203sp1.aarch64.rpm
perf-debuginfo-5.10.0-136.17.0.93.oe2203sp1.aarch64.rpm
kernel-tools-devel-5.10.0-136.17.0.93.oe2203sp1.aarch64.rpm
kernel-devel-5.10.0-136.17.0.93.oe2203sp1.aarch64.rpm
kernel-tools-5.10.0-136.17.0.93.oe2203sp1.aarch64.rpm
kernel-tools-debuginfo-5.10.0-136.17.0.93.oe2203sp1.aarch64.rpm
kernel-debugsource-5.10.0-136.17.0.93.oe2203sp1.aarch64.rpm
python3-perf-5.10.0-136.17.0.93.oe2203sp1.aarch64.rpm
kernel-source-5.10.0-136.17.0.93.oe2203sp1.aarch64.rpm
bpftool-debuginfo-5.10.0-136.17.0.93.oe2203sp1.aarch64.rpm
kernel-debuginfo-5.10.0-136.17.0.93.oe2203sp1.aarch64.rpm
kernel-5.10.0-136.17.0.93.oe2203sp1.src.rpm
kernel-debugsource-5.10.0-136.17.0.93.oe2203sp1.x86_64.rpm
perf-debuginfo-5.10.0-136.17.0.93.oe2203sp1.x86_64.rpm
kernel-5.10.0-136.17.0.93.oe2203sp1.x86_64.rpm
perf-5.10.0-136.17.0.93.oe2203sp1.x86_64.rpm
kernel-tools-5.10.0-136.17.0.93.oe2203sp1.x86_64.rpm
kernel-source-5.10.0-136.17.0.93.oe2203sp1.x86_64.rpm
python3-perf-debuginfo-5.10.0-136.17.0.93.oe2203sp1.x86_64.rpm
bpftool-debuginfo-5.10.0-136.17.0.93.oe2203sp1.x86_64.rpm
kernel-tools-devel-5.10.0-136.17.0.93.oe2203sp1.x86_64.rpm
kernel-devel-5.10.0-136.17.0.93.oe2203sp1.x86_64.rpm
kernel-headers-5.10.0-136.17.0.93.oe2203sp1.x86_64.rpm
kernel-debuginfo-5.10.0-136.17.0.93.oe2203sp1.x86_64.rpm
python3-perf-5.10.0-136.17.0.93.oe2203sp1.x86_64.rpm
bpftool-5.10.0-136.17.0.93.oe2203sp1.x86_64.rpm
kernel-tools-debuginfo-5.10.0-136.17.0.93.oe2203sp1.x86_64.rpm
A buffer overflow vulnerability was found in the Netfilter subsystem in the Linux Kernel. This issue could allow the leakage of both stack and heap addresses, and potentially allow Local Privilege Escalation to the root user via arbitrary code execution.
2023-02-10
CVE-2023-0179
openEuler-22.03-LTS-SP1
High
7.8
AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
kernel security update
2023-02-10
https://www.openeuler.org/en/security/safety-bulletin/detail.html?id=openEuler-SA-2023-1072
atm_tc_enqueue in net/sched/sch_atm.c in the Linux kernel through 6.1.4 allows attackers to cause a denial of service because of type confusion (non-negative numbers can sometimes indicate a TC_ACT_SHOT condition rather than valid classification results).
2023-02-10
CVE-2023-23455
openEuler-22.03-LTS-SP1
Medium
5.5
AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
kernel security update
2023-02-10
https://www.openeuler.org/en/security/safety-bulletin/detail.html?id=openEuler-SA-2023-1072
cbq_classify in net/sched/sch_cbq.c in the Linux kernel through 6.1.4 allows attackers to cause a denial of service (slab-out-of-bounds read) because of type confusion (non-negative numbers can sometimes indicate a TC_ACT_SHOT condition rather than valid classification results).
2023-02-10
CVE-2023-23454
openEuler-22.03-LTS-SP1
Medium
5.5
AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
kernel security update
2023-02-10
https://www.openeuler.org/en/security/safety-bulletin/detail.html?id=openEuler-SA-2023-1072