English | Deutsch | Español
 
Startseite ▼
Startseite Über uns Kontact Datenschutz Partnerprogramme Zeugnisse In der Presse Mailinglisten Missbrauch Developer APIs
Bookkeeping
Online ▼
Home Free Trial FAQ
Open/Create Company File Accept an Invite Order/Renew
Sicherheits
Überprüfungs ▼
Home Dediziert Erweitert Standard Wiederkehrend Risikolos Desktop Basis Sicherheits Segal FAQ Preis/Funktionszusammenfassung Bestellen Neue Anfälligkeiten Alle Anfälligkeiten Vertraulichkeit Anfälligkeiten Suche Durchführen Terminkalender IP Permissions Maßgeschneidert Warteschlange Erinnerer Siegel Berichte Berichts Stil
Verwaltetes
DNS ▼
Info Bestellen/Erneuern FAQ AUP Dynamic DNS Clients
Domaine konfigurieren Dyanmic DNS Update Password
Netzwerk
Überwachung ▼
Enterprise Erweiterte Standard Gratis Test FAQ Preis/Funktionszusammenfassung Bestellen Beispiele
Konfigurieren/Status Alarm Profile
Recherce
Berichte ▼
Home FAQ Glossary Archive
 Anmeldung/Registrierung 
 
 Anfälligkeitssuche        Suche in 324607 CVE Beschreibungen
und 145615 Test Beschreibungen,
Zugriff auf 10,000+ Quellverweise.
Tests   CVE   Alle  

Test Kennung:1.3.6.1.4.1.25623.1.1.10.2023.0173
Kategorie:Mageia Linux Local Security Checks
Titel:Mageia: Security Advisory (MGASA-2023-0173)
Zusammenfassung:The remote host is missing an update for the 'kernel-linus' package(s) announced via the MGASA-2023-0173 advisory.
Beschreibung:Summary:
The remote host is missing an update for the 'kernel-linus' package(s) announced via the MGASA-2023-0173 advisory.

Vulnerability Insight:
This kernel-linus update is based on upstream 5.15.110 and fixes at least
the following security issues:

A slab-out-of-bound read problem was found in brcmf_get_assoc_ies in
drivers/net/wireless/broadcom/brcm80211/brcmfmac/cfg80211.c.
This issue could occur when assoc_info->req_len data is bigger than the
size of the buffer, defined as WL_EXTRA_BUF_MAX, leading to a denial of
service (CVE-2023-1380).

It was discovered that a race condition existed in the Xen transport layer
implementation for the 9P file system protocol in the Linux kernel, leading
to a use-after-free vulnerability. A local attacker could use this to cause
a denial of service or expose sensitive information (CVE-2023-1859).

An insufficient permission check has been found in the Bluetooth subsystem
of the Linux kernel when handling ioctl system calls of HCI sockets.
This causes tasks without the proper CAP_NET_ADMIN capability can easily
mark HCI sockets as _trusted_. Trusted sockets are intended to enable the
sending and receiving of management commands and events, such as pairing
or connecting with a new device. As a result, unprivileged users can
acquire a trusted socket, leading to unauthorized execution of management
commands (CVE-2023-2002).

A heap out-of-bounds read/write vulnerability in the Linux Kernel traffic
control (QoS) subsystem can be exploited to achieve local privilege
escalation. The qfq_change_class function does not properly limit the lmax
variable which can lead to out-of-bounds read/write. If the TCA_QFQ_LMAX
value is not offered through nlattr, lmax is determined by the MTU value
of the network device. The MTU of the loopback device can be set up to
2^31-1 and as a result, it is possible to have an lmax value that exceeds
QFQ_MIN_LMAX (CVE-2023-2248).

qfq_change_class in net/sched/sch_qfq.c in the Linux kernel before 6.2.13
allows an out-of-bounds write because lmax can exceed QFQ_MIN_LMAX
(CVE-2023-31436).

For other upstream fixes in this update, see the referenced changelogs.

Affected Software/OS:
'kernel-linus' package(s) on Mageia 8.

Solution:
Please install the updated package(s).

CVSS Score:
6.8

CVSS Vector:
AV:L/AC:L/Au:S/C:C/I:C/A:C

Querverweis: Common Vulnerability Exposure (CVE) ID: CVE-2023-1380
Debian Security Information: DSA-5480 (Google Search)
https://www.debian.org/security/2023/dsa-5480
http://packetstormsecurity.com/files/173087/Kernel-Live-Patch-Security-Notice-LSN-0095-1.html
http://packetstormsecurity.com/files/173757/Kernel-Live-Patch-Security-Notice-LSN-0096-1.html
https://bugzilla.redhat.com/show_bug.cgi?id=2177883
https://lore.kernel.org/linux-wireless/20230309104457.22628-1-jisoo.jang@yonsei.ac.kr/T/#u
https://www.openwall.com/lists/oss-security/2023/03/14/1
https://lists.debian.org/debian-lts-announce/2023/07/msg00030.html
https://lists.debian.org/debian-lts-announce/2023/10/msg00027.html
Common Vulnerability Exposure (CVE) ID: CVE-2023-1859
https://lore.kernel.org/all/20230313090002.3308025-1-zyytlz.wz@163.com/
Common Vulnerability Exposure (CVE) ID: CVE-2023-2002
https://www.openwall.com/lists/oss-security/2023/04/16/3
Common Vulnerability Exposure (CVE) ID: CVE-2023-2248
Common Vulnerability Exposure (CVE) ID: CVE-2023-31436
Debian Security Information: DSA-5402 (Google Search)
https://www.debian.org/security/2023/dsa-5402
http://packetstormsecurity.com/files/175963/Kernel-Live-Patch-Security-Notice-LSN-0099-1.html
https://cdn.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.2.13
https://github.com/torvalds/linux/commit/3037933448f60f9acb705997eae62013ecb81e0d
https://www.spinics.net/lists/stable-commits/msg294885.html
https://lists.debian.org/debian-lts-announce/2023/06/msg00008.html
CopyrightCopyright (C) 2023 Greenbone AG

Dies ist nur einer von 145615 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus.

Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.



© 1998-2025 E-Soft Inc. Alle Rechte vorbehalten.