English | Deutsch | Español
 
Home ▼
Home About Us Contact Us Privacy Partner Programs Testimonials In Press Mailing Lists Abuse Developer APIs
Bookkeeping
Online ▼
Home Free Trial FAQ
Open/Create Company File Accept an Invite Order/Renew
Security
Audits ▼
Home Dedicated audits Advanced audits Standard audits Recurring audits No Risk audits Desktop audits Basic audit Security Seal FAQ Price/Feature Summary Order New Tests All Tests Confidentiality Vulnerability search Run Audit Scheduler IP Permissions Audit Configuration Editor Scan Queue Reminder Notification Schedule Seal Reports Reports Style Editor
Managed
DNS ▼
About Order FAQ Acceptable Use Policy Dynamic DNS Clients
Configure Domains Dyanmic DNS Update Password
Network
Monitor ▼
Enterprise Package Advanced Package Standard Package Free Trial FAQ Price/Feature Summary Order/Renew Examples
Configure/Status Alert Profiles
Research
Reports ▼
Home FAQ Glossary Archive
 Login/Register 
 
 Vulnerability   
Search   		     Search 324607 CVE descriptions
and 145615 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.1.18.2.2024.0115.1
Category:openSUSE Local Security Checks
Title:openSUSE Security Advisory (SUSE-SU-2024:0115-1)
Summary:The remote host is missing an update for the 'the Linux Kernel' package(s) announced via the SUSE-SU-2024:0115-1 advisory.
Description:Summary:
The remote host is missing an update for the 'the Linux Kernel' package(s) announced via the SUSE-SU-2024:0115-1 advisory.

Vulnerability Insight:
The SUSE Linux Enterprise 15 SP5 RT kernel was updated to receive various security and bugfixes.


The following security bugs were fixed:

- CVE-2023-6531: Fixed a use-after-free flaw due to a race problem in the unix garbage collector's deletion of SKB races with unix_stream_read_generic()on the socket that the SKB is queued on (bsc#1218447).
- CVE-2023-6610: Fixed an out of bounds read in the SMB client when printing debug information (bsc#1217946).
- CVE-2023-51779: Fixed a use-after-free because of a bt_sock_ioctl race condition in bt_sock_recvmsg (bsc#1218559).
- CVE-2020-26555: Fixed Bluetooth legacy BR/EDR PIN code pairing in Bluetooth Core Specification 1.0B that may permit an unauthenticated nearby device to spoof the BD_ADDR of the peer device to complete pairing without knowledge of the PIN (bsc#1179610 bsc#1215237).
- CVE-2023-6606: Fixed an out of bounds read in the SMB client when receiving a malformed length from a server (bsc#1217947).
- CVE-2023-6546: Fixed a race condition in the GSM 0710 tty multiplexor via the GSMIOC_SETCONF ioctl that could lead to local privilege escalation (bsc#1218335).
- CVE-2023-6931: Fixed a heap out-of-bounds write vulnerability in the Linux kernel's Performance Events system component that could lead to local privilege escalation. (bsc#1218258).
- CVE-2023-6932: Fixed a use-after-free vulnerability in the Linux kernel's ipv4: igmp component that could lead to local privilege escalation (bsc#1218253).
- CVE-2023-6622: Fixed a null pointer dereference vulnerability in nft_dynset_init() that could allow a local attacker with CAP_NET_ADMIN user privilege to trigger a denial of service (bsc#1217938).
- CVE-2023-6121: Fixed an out-of-bounds read vulnerability in the NVMe-oF/TCP subsystem that could lead to information leak (bsc#1217250).

The following non-security bugs were fixed:

- Documentation: KVM: add separate directories for architecture-specific documentation (jsc#PED-7167).
- Documentation: KVM: update amd-memory-encryption.rst references (jsc#PED-7167).
- Documentation: KVM: update msr.rst reference (jsc#PED-7167).
- Documentation: KVM: update s390-diag.rst reference (jsc#PED-7167).
- Documentation: KVM: update s390-pv.rst reference (jsc#PED-7167).
- Documentation: drop more IDE boot options and ide-cd.rst (git-fixes).
- Documentation: qat: Use code block for qat sysfs example (git-fixes).
- Drop Documentation/ide/ (git-fixes).
- Fix crash on screen resize (bsc#1218229)
- Fix drm gem object underflow (bsc#1218092)
- KVM: arm64: Prevent kmemleak from accessing pKVM memory (jsc#PED-7167).
- KVM: s390/mm: Properly reset no-dat (git-fixes bsc#1218056).
- KVM: s390: vsie: fix wrong VIR 37 when MSO is used (git-fixes bsc#1217933).
- Revert 'PCI/ASPM: Remove pcie_aspm_pm_state_change()' (git-fixes).
- Revert 'PCI: acpiphp: Reassign resources on bridge if necessary' (git-fixes).
- Revert 'md: unlock mddev before reap ... [Please see the references for more information on the vulnerabilities]

Affected Software/OS:
'the Linux Kernel' package(s) on openSUSE Leap 15.5.

Solution:
Please install the updated package(s).

CVSS Score:
4.8

CVSS Vector:
AV:A/AC:L/Au:N/C:P/I:P/A:N

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2020-26555
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NSS6CTGE4UGTJLCOZOASDR3T3SLL6QJZ/
https://kb.cert.org/vuls/id/799380
https://www.bluetooth.com/learn-about-bluetooth/key-attributes/bluetooth-security/reporting-security/
Common Vulnerability Exposure (CVE) ID: CVE-2023-51779
https://github.com/torvalds/linux/commit/2e07e8348ea454615e268222ae3fc240421be768
Common Vulnerability Exposure (CVE) ID: CVE-2023-6121
RHBZ#2250043
https://bugzilla.redhat.com/show_bug.cgi?id=2250043
RHSA-2024:2394
https://access.redhat.com/errata/RHSA-2024:2394
RHSA-2024:2950
https://access.redhat.com/errata/RHSA-2024:2950
RHSA-2024:3138
https://access.redhat.com/errata/RHSA-2024:3138
https://access.redhat.com/security/cve/CVE-2023-6121
https://lists.debian.org/debian-lts-announce/2024/01/msg00005.html
Common Vulnerability Exposure (CVE) ID: CVE-2023-6531
RHBZ#2253034
https://bugzilla.redhat.com/show_bug.cgi?id=2253034
https://access.redhat.com/security/cve/CVE-2023-6531
https://lore.kernel.org/all/c716c88321939156909cfa1bd8b0faaf1c804103.1701868795.git.asml.silence@gmail.com/
Common Vulnerability Exposure (CVE) ID: CVE-2023-6546
RHBZ#2255498
https://bugzilla.redhat.com/show_bug.cgi?id=2255498
RHSA-2024:0930
https://access.redhat.com/errata/RHSA-2024:0930
RHSA-2024:0937
https://access.redhat.com/errata/RHSA-2024:0937
RHSA-2024:1018
https://access.redhat.com/errata/RHSA-2024:1018
RHSA-2024:1019
https://access.redhat.com/errata/RHSA-2024:1019
RHSA-2024:1055
https://access.redhat.com/errata/RHSA-2024:1055
RHSA-2024:1250
https://access.redhat.com/errata/RHSA-2024:1250
RHSA-2024:1253
https://access.redhat.com/errata/RHSA-2024:1253
RHSA-2024:1306
https://access.redhat.com/errata/RHSA-2024:1306
RHSA-2024:1607
https://access.redhat.com/errata/RHSA-2024:1607
RHSA-2024:1612
https://access.redhat.com/errata/RHSA-2024:1612
RHSA-2024:1614
https://access.redhat.com/errata/RHSA-2024:1614
RHSA-2024:2621
https://access.redhat.com/errata/RHSA-2024:2621
RHSA-2024:2697
https://access.redhat.com/errata/RHSA-2024:2697
http://www.openwall.com/lists/oss-security/2024/04/10/18
http://www.openwall.com/lists/oss-security/2024/04/10/21
http://www.openwall.com/lists/oss-security/2024/04/11/7
http://www.openwall.com/lists/oss-security/2024/04/11/9
http://www.openwall.com/lists/oss-security/2024/04/12/1
http://www.openwall.com/lists/oss-security/2024/04/12/2
http://www.openwall.com/lists/oss-security/2024/04/16/2
http://www.openwall.com/lists/oss-security/2024/04/17/1
https://access.redhat.com/security/cve/CVE-2023-6546
https://github.com/torvalds/linux/commit/3c4f8333b582487a2d1e02171f1465531cde53e3
https://www.zerodayinitiative.com/advisories/ZDI-CAN-20527
Common Vulnerability Exposure (CVE) ID: CVE-2023-6606
RHBZ#2253611
https://bugzilla.redhat.com/show_bug.cgi?id=2253611
RHSA-2024:0723
https://access.redhat.com/errata/RHSA-2024:0723
RHSA-2024:0725
https://access.redhat.com/errata/RHSA-2024:0725
RHSA-2024:0881
https://access.redhat.com/errata/RHSA-2024:0881
RHSA-2024:0897
https://access.redhat.com/errata/RHSA-2024:0897
RHSA-2024:1188
https://access.redhat.com/errata/RHSA-2024:1188
RHSA-2024:1248
https://access.redhat.com/errata/RHSA-2024:1248
RHSA-2024:1404
https://access.redhat.com/errata/RHSA-2024:1404
https://access.redhat.com/security/cve/CVE-2023-6606
https://bugzilla.kernel.org/show_bug.cgi?id=218218
https://lists.debian.org/debian-lts-announce/2024/01/msg00004.html
Common Vulnerability Exposure (CVE) ID: CVE-2023-6610
RHBZ#2253614
https://bugzilla.redhat.com/show_bug.cgi?id=2253614
RHSA-2024:0724
https://access.redhat.com/errata/RHSA-2024:0724
https://access.redhat.com/security/cve/CVE-2023-6610
https://bugzilla.kernel.org/show_bug.cgi?id=218219
Common Vulnerability Exposure (CVE) ID: CVE-2023-6622
RHBZ#2253632
https://bugzilla.redhat.com/show_bug.cgi?id=2253632
https://access.redhat.com/security/cve/CVE-2023-6622
https://github.com/torvalds/linux/commit/3701cd390fd731ee7ae8b8006246c8db82c72bea
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AAOVK2F3ALGKYIQ5IOMAYEC2DGI7BWAW/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/G3AGDVE3KBLOOYBPISFDS74R4YAZEDAY/
Common Vulnerability Exposure (CVE) ID: CVE-2023-6931
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?id=382c27f4ed28f803b1f1473ac2d8db0afc795a1b
https://kernel.dance/382c27f4ed28f803b1f1473ac2d8db0afc795a1b
Common Vulnerability Exposure (CVE) ID: CVE-2023-6932
http://packetstormsecurity.com/files/177029/Kernel-Live-Patch-Security-Notice-LSN-0100-1.html
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit?id=e2b706c691905fe78468c361aaabc719d0a496f1
https://kernel.dance/e2b706c691905fe78468c361aaabc719d0a496f1
CopyrightCopyright (C) 2025 Greenbone AG

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.



© 1998-2025 E-Soft Inc. All rights reserved.