Vulnerability-Lookup

CVE-2023-52566 (GCVE-0-2023-52566)

Vulnerability from cvelistv5 – Published: 2024-03-02 21:59 – Updated: 2025-05-04 07:38

Title

nilfs2: fix potential use after free in nilfs_gccache_submit_read_data()

Summary

In the Linux kernel, the following vulnerability has been resolved: nilfs2: fix potential use after free in nilfs_gccache_submit_read_data() In nilfs_gccache_submit_read_data(), brelse(bh) is called to drop the reference count of bh when the call to nilfs_dat_translate() fails. If the reference count hits 0 and its owner page gets unlocked, bh may be freed. However, bh->b_page is dereferenced to put the page after that, which may result in a use-after-free bug. This patch moves the release operation after unlocking and putting the page. NOTE: The function in question is only called in GC, and in combination with current userland tools, address translation using DAT does not occur in that function, so the code path that causes this issue will not be executed. However, it is possible to run that code path by intentionally modifying the userland GC library or by calling the GC ioctl directly. [konishi.ryusuke@gmail.com: NOTE added to the commit log]

Severity ?

5.5 (Medium)


                        
                          CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

CWE

CWE-416 - Use After Free

Assigner

Linux

References

URL

Tags

	https://git.kernel.org/stable/c/fb1084e63ee56958b…
	https://git.kernel.org/stable/c/bb61224f6abc8e71b…
	https://git.kernel.org/stable/c/193b5a1c6c67c36b4…
	https://git.kernel.org/stable/c/7130a87ca32396eb9…
	https://git.kernel.org/stable/c/3936e8714907cd55e…
	https://git.kernel.org/stable/c/980663f1d189eedaf…
	https://git.kernel.org/stable/c/28df4646ad8b43334…
	https://git.kernel.org/stable/c/7ee29facd8a9c5a26…

Impacted products

Vendor

Product

Version

Linux

Affected: a3d93f709e893187d301aa5458b2248db9f22bd1 , < fb1084e63ee56958b0a56e17a50a4fd86445b9c1 (git)
Affected: a3d93f709e893187d301aa5458b2248db9f22bd1 , < bb61224f6abc8e71bfdf06d7c984e23460875f5b (git)
Affected: a3d93f709e893187d301aa5458b2248db9f22bd1 , < 193b5a1c6c67c36b430989dc063fe7ea4e200a33 (git)
Affected: a3d93f709e893187d301aa5458b2248db9f22bd1 , < 7130a87ca32396eb9bf48b71a2d42259ae44c6c7 (git)
Affected: a3d93f709e893187d301aa5458b2248db9f22bd1 , < 3936e8714907cd55e37c7cc50e50229e4a9042e8 (git)
Affected: a3d93f709e893187d301aa5458b2248db9f22bd1 , < 980663f1d189eedafd18d80053d9cf3e2ceb5c8c (git)
Affected: a3d93f709e893187d301aa5458b2248db9f22bd1 , < 28df4646ad8b433340772edc90ca709cdefc53e2 (git)
Affected: a3d93f709e893187d301aa5458b2248db9f22bd1 , < 7ee29facd8a9c5a26079148e36bcf07141b3a6bc (git)

Linux

Affected: 2.6.30
Unaffected: 0 , < 2.6.30 (semver)
Unaffected: 4.14.327 , ≤ 4.14.* (semver)
Unaffected: 4.19.296 , ≤ 4.19.* (semver)
Unaffected: 5.4.258 , ≤ 5.4.* (semver)
Unaffected: 5.10.198 , ≤ 5.10.* (semver)
Unaffected: 5.15.134 , ≤ 5.15.* (semver)
Unaffected: 6.1.56 , ≤ 6.1.* (semver)
Unaffected: 6.5.6 , ≤ 6.5.* (semver)
Unaffected: 6.6 , ≤ * (original_commit_for_fix)

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "LOCAL",
              "availabilityImpact": "HIGH",
              "baseScore": 5.5,
              "baseSeverity": "MEDIUM",
              "confidentialityImpact": "NONE",
              "integrityImpact": "NONE",
              "privilegesRequired": "LOW",
              "scope": "UNCHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2023-52566",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-07-24T14:54:19.803278Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-416",
                "description": "CWE-416 Use After Free",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-06T14:43:57.106Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T23:03:21.025Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/fb1084e63ee56958b0a56e17a50a4fd86445b9c1"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/bb61224f6abc8e71bfdf06d7c984e23460875f5b"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/193b5a1c6c67c36b430989dc063fe7ea4e200a33"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/7130a87ca32396eb9bf48b71a2d42259ae44c6c7"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/3936e8714907cd55e37c7cc50e50229e4a9042e8"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/980663f1d189eedafd18d80053d9cf3e2ceb5c8c"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/28df4646ad8b433340772edc90ca709cdefc53e2"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/7ee29facd8a9c5a26079148e36bcf07141b3a6bc"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "fs/nilfs2/gcinode.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "fb1084e63ee56958b0a56e17a50a4fd86445b9c1",
              "status": "affected",
              "version": "a3d93f709e893187d301aa5458b2248db9f22bd1",
              "versionType": "git"
            },
            {
              "lessThan": "bb61224f6abc8e71bfdf06d7c984e23460875f5b",
              "status": "affected",
              "version": "a3d93f709e893187d301aa5458b2248db9f22bd1",
              "versionType": "git"
            },
            {
              "lessThan": "193b5a1c6c67c36b430989dc063fe7ea4e200a33",
              "status": "affected",
              "version": "a3d93f709e893187d301aa5458b2248db9f22bd1",
              "versionType": "git"
            },
            {
              "lessThan": "7130a87ca32396eb9bf48b71a2d42259ae44c6c7",
              "status": "affected",
              "version": "a3d93f709e893187d301aa5458b2248db9f22bd1",
              "versionType": "git"
            },
            {
              "lessThan": "3936e8714907cd55e37c7cc50e50229e4a9042e8",
              "status": "affected",
              "version": "a3d93f709e893187d301aa5458b2248db9f22bd1",
              "versionType": "git"
            },
            {
              "lessThan": "980663f1d189eedafd18d80053d9cf3e2ceb5c8c",
              "status": "affected",
              "version": "a3d93f709e893187d301aa5458b2248db9f22bd1",
              "versionType": "git"
            },
            {
              "lessThan": "28df4646ad8b433340772edc90ca709cdefc53e2",
              "status": "affected",
              "version": "a3d93f709e893187d301aa5458b2248db9f22bd1",
              "versionType": "git"
            },
            {
              "lessThan": "7ee29facd8a9c5a26079148e36bcf07141b3a6bc",
              "status": "affected",
              "version": "a3d93f709e893187d301aa5458b2248db9f22bd1",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "fs/nilfs2/gcinode.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "2.6.30"
            },
            {
              "lessThan": "2.6.30",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "4.14.*",
              "status": "unaffected",
              "version": "4.14.327",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "4.19.*",
              "status": "unaffected",
              "version": "4.19.296",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.4.*",
              "status": "unaffected",
              "version": "5.4.258",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.10.*",
              "status": "unaffected",
              "version": "5.10.198",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.15.*",
              "status": "unaffected",
              "version": "5.15.134",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.1.*",
              "status": "unaffected",
              "version": "6.1.56",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.5.*",
              "status": "unaffected",
              "version": "6.5.6",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "6.6",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "cpeApplicability": [
        {
          "nodes": [
            {
              "cpeMatch": [
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "4.14.327",
                  "versionStartIncluding": "2.6.30",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "4.19.296",
                  "versionStartIncluding": "2.6.30",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "5.4.258",
                  "versionStartIncluding": "2.6.30",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "5.10.198",
                  "versionStartIncluding": "2.6.30",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "5.15.134",
                  "versionStartIncluding": "2.6.30",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.1.56",
                  "versionStartIncluding": "2.6.30",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.5.6",
                  "versionStartIncluding": "2.6.30",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.6",
                  "versionStartIncluding": "2.6.30",
                  "vulnerable": true
                }
              ],
              "negate": false,
              "operator": "OR"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnilfs2: fix potential use after free in nilfs_gccache_submit_read_data()\n\nIn nilfs_gccache_submit_read_data(), brelse(bh) is called to drop the\nreference count of bh when the call to nilfs_dat_translate() fails.  If\nthe reference count hits 0 and its owner page gets unlocked, bh may be\nfreed.  However, bh-\u003eb_page is dereferenced to put the page after that,\nwhich may result in a use-after-free bug.  This patch moves the release\noperation after unlocking and putting the page.\n\nNOTE: The function in question is only called in GC, and in combination\nwith current userland tools, address translation using DAT does not occur\nin that function, so the code path that causes this issue will not be\nexecuted.  However, it is possible to run that code path by intentionally\nmodifying the userland GC library or by calling the GC ioctl directly.\n\n[konishi.ryusuke@gmail.com: NOTE added to the commit log]"
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-05-04T07:38:53.975Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/fb1084e63ee56958b0a56e17a50a4fd86445b9c1"
        },
        {
          "url": "https://git.kernel.org/stable/c/bb61224f6abc8e71bfdf06d7c984e23460875f5b"
        },
        {
          "url": "https://git.kernel.org/stable/c/193b5a1c6c67c36b430989dc063fe7ea4e200a33"
        },
        {
          "url": "https://git.kernel.org/stable/c/7130a87ca32396eb9bf48b71a2d42259ae44c6c7"
        },
        {
          "url": "https://git.kernel.org/stable/c/3936e8714907cd55e37c7cc50e50229e4a9042e8"
        },
        {
          "url": "https://git.kernel.org/stable/c/980663f1d189eedafd18d80053d9cf3e2ceb5c8c"
        },
        {
          "url": "https://git.kernel.org/stable/c/28df4646ad8b433340772edc90ca709cdefc53e2"
        },
        {
          "url": "https://git.kernel.org/stable/c/7ee29facd8a9c5a26079148e36bcf07141b3a6bc"
        }
      ],
      "title": "nilfs2: fix potential use after free in nilfs_gccache_submit_read_data()",
      "x_generator": {
        "engine": "bippy-1.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2023-52566",
    "datePublished": "2024-03-02T21:59:38.167Z",
    "dateReserved": "2024-03-02T21:55:42.567Z",
    "dateUpdated": "2025-05-04T07:38:53.975Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "vulnrichment": {
      "containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"https://git.kernel.org/stable/c/fb1084e63ee56958b0a56e17a50a4fd86445b9c1\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://git.kernel.org/stable/c/bb61224f6abc8e71bfdf06d7c984e23460875f5b\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://git.kernel.org/stable/c/193b5a1c6c67c36b430989dc063fe7ea4e200a33\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://git.kernel.org/stable/c/7130a87ca32396eb9bf48b71a2d42259ae44c6c7\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://git.kernel.org/stable/c/3936e8714907cd55e37c7cc50e50229e4a9042e8\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://git.kernel.org/stable/c/980663f1d189eedafd18d80053d9cf3e2ceb5c8c\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://git.kernel.org/stable/c/28df4646ad8b433340772edc90ca709cdefc53e2\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://git.kernel.org/stable/c/7ee29facd8a9c5a26079148e36bcf07141b3a6bc\", \"tags\": [\"x_transferred\"]}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2024-08-02T23:03:21.025Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 5.5, \"attackVector\": \"LOCAL\", \"baseSeverity\": \"MEDIUM\", \"vectorString\": \"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H\", \"integrityImpact\": \"NONE\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"LOW\", \"confidentialityImpact\": \"NONE\"}}, {\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2023-52566\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2024-07-24T14:54:19.803278Z\"}}}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-416\", \"description\": \"CWE-416 Use After Free\"}]}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2024-07-24T14:54:25.927Z\"}}], \"cna\": {\"title\": \"nilfs2: fix potential use after free in nilfs_gccache_submit_read_data()\", \"affected\": [{\"repo\": \"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git\", \"vendor\": \"Linux\", \"product\": \"Linux\", \"versions\": [{\"status\": \"affected\", \"version\": \"a3d93f709e893187d301aa5458b2248db9f22bd1\", \"lessThan\": \"fb1084e63ee56958b0a56e17a50a4fd86445b9c1\", \"versionType\": \"git\"}, {\"status\": \"affected\", \"version\": \"a3d93f709e893187d301aa5458b2248db9f22bd1\", \"lessThan\": \"bb61224f6abc8e71bfdf06d7c984e23460875f5b\", \"versionType\": \"git\"}, {\"status\": \"affected\", \"version\": \"a3d93f709e893187d301aa5458b2248db9f22bd1\", \"lessThan\": \"193b5a1c6c67c36b430989dc063fe7ea4e200a33\", \"versionType\": \"git\"}, {\"status\": \"affected\", \"version\": \"a3d93f709e893187d301aa5458b2248db9f22bd1\", \"lessThan\": \"7130a87ca32396eb9bf48b71a2d42259ae44c6c7\", \"versionType\": \"git\"}, {\"status\": \"affected\", \"version\": \"a3d93f709e893187d301aa5458b2248db9f22bd1\", \"lessThan\": \"3936e8714907cd55e37c7cc50e50229e4a9042e8\", \"versionType\": \"git\"}, {\"status\": \"affected\", \"version\": \"a3d93f709e893187d301aa5458b2248db9f22bd1\", \"lessThan\": \"980663f1d189eedafd18d80053d9cf3e2ceb5c8c\", \"versionType\": \"git\"}, {\"status\": \"affected\", \"version\": \"a3d93f709e893187d301aa5458b2248db9f22bd1\", \"lessThan\": \"28df4646ad8b433340772edc90ca709cdefc53e2\", \"versionType\": \"git\"}, {\"status\": \"affected\", \"version\": \"a3d93f709e893187d301aa5458b2248db9f22bd1\", \"lessThan\": \"7ee29facd8a9c5a26079148e36bcf07141b3a6bc\", \"versionType\": \"git\"}], \"programFiles\": [\"fs/nilfs2/gcinode.c\"], \"defaultStatus\": \"unaffected\"}, {\"repo\": \"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git\", \"vendor\": \"Linux\", \"product\": \"Linux\", \"versions\": [{\"status\": \"affected\", \"version\": \"2.6.30\"}, {\"status\": \"unaffected\", \"version\": \"0\", \"lessThan\": \"2.6.30\", \"versionType\": \"semver\"}, {\"status\": \"unaffected\", \"version\": \"4.14.327\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"4.14.*\"}, {\"status\": \"unaffected\", \"version\": \"4.19.296\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"4.19.*\"}, {\"status\": \"unaffected\", \"version\": \"5.4.258\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"5.4.*\"}, {\"status\": \"unaffected\", \"version\": \"5.10.198\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"5.10.*\"}, {\"status\": \"unaffected\", \"version\": \"5.15.134\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"5.15.*\"}, {\"status\": \"unaffected\", \"version\": \"6.1.56\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"6.1.*\"}, {\"status\": \"unaffected\", \"version\": \"6.5.6\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"6.5.*\"}, {\"status\": \"unaffected\", \"version\": \"6.6\", \"versionType\": \"original_commit_for_fix\", \"lessThanOrEqual\": \"*\"}], \"programFiles\": [\"fs/nilfs2/gcinode.c\"], \"defaultStatus\": \"affected\"}], \"references\": [{\"url\": \"https://git.kernel.org/stable/c/fb1084e63ee56958b0a56e17a50a4fd86445b9c1\"}, {\"url\": \"https://git.kernel.org/stable/c/bb61224f6abc8e71bfdf06d7c984e23460875f5b\"}, {\"url\": \"https://git.kernel.org/stable/c/193b5a1c6c67c36b430989dc063fe7ea4e200a33\"}, {\"url\": \"https://git.kernel.org/stable/c/7130a87ca32396eb9bf48b71a2d42259ae44c6c7\"}, {\"url\": \"https://git.kernel.org/stable/c/3936e8714907cd55e37c7cc50e50229e4a9042e8\"}, {\"url\": \"https://git.kernel.org/stable/c/980663f1d189eedafd18d80053d9cf3e2ceb5c8c\"}, {\"url\": \"https://git.kernel.org/stable/c/28df4646ad8b433340772edc90ca709cdefc53e2\"}, {\"url\": \"https://git.kernel.org/stable/c/7ee29facd8a9c5a26079148e36bcf07141b3a6bc\"}], \"x_generator\": {\"engine\": \"bippy-1.2.0\"}, \"descriptions\": [{\"lang\": \"en\", \"value\": \"In the Linux kernel, the following vulnerability has been resolved:\\n\\nnilfs2: fix potential use after free in nilfs_gccache_submit_read_data()\\n\\nIn nilfs_gccache_submit_read_data(), brelse(bh) is called to drop the\\nreference count of bh when the call to nilfs_dat_translate() fails.  If\\nthe reference count hits 0 and its owner page gets unlocked, bh may be\\nfreed.  However, bh-\u003eb_page is dereferenced to put the page after that,\\nwhich may result in a use-after-free bug.  This patch moves the release\\noperation after unlocking and putting the page.\\n\\nNOTE: The function in question is only called in GC, and in combination\\nwith current userland tools, address translation using DAT does not occur\\nin that function, so the code path that causes this issue will not be\\nexecuted.  However, it is possible to run that code path by intentionally\\nmodifying the userland GC library or by calling the GC ioctl directly.\\n\\n[konishi.ryusuke@gmail.com: NOTE added to the commit log]\"}], \"cpeApplicability\": [{\"nodes\": [{\"negate\": false, \"cpeMatch\": [{\"criteria\": \"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"4.14.327\", \"versionStartIncluding\": \"2.6.30\"}, {\"criteria\": \"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"4.19.296\", \"versionStartIncluding\": \"2.6.30\"}, {\"criteria\": \"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"5.4.258\", \"versionStartIncluding\": \"2.6.30\"}, {\"criteria\": \"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"5.10.198\", \"versionStartIncluding\": \"2.6.30\"}, {\"criteria\": \"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"5.15.134\", \"versionStartIncluding\": \"2.6.30\"}, {\"criteria\": \"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"6.1.56\", \"versionStartIncluding\": \"2.6.30\"}, {\"criteria\": \"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"6.5.6\", \"versionStartIncluding\": \"2.6.30\"}, {\"criteria\": \"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"6.6\", \"versionStartIncluding\": \"2.6.30\"}], \"operator\": \"OR\"}]}], \"providerMetadata\": {\"orgId\": \"416baaa9-dc9f-4396-8d5f-8c081fb06d67\", \"shortName\": \"Linux\", \"dateUpdated\": \"2025-05-04T07:38:53.975Z\"}}}",
      "cveMetadata": "{\"cveId\": \"CVE-2023-52566\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-05-04T07:38:53.975Z\", \"dateReserved\": \"2024-03-02T21:55:42.567Z\", \"assignerOrgId\": \"416baaa9-dc9f-4396-8d5f-8c081fb06d67\", \"datePublished\": \"2024-03-02T21:59:38.167Z\", \"assignerShortName\": \"Linux\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }
  }
}

GHSA-4C64-W6QG-97QW

Vulnerability from github – Published: 2024-03-03 00:30 – Updated: 2024-11-06 18:31

Details

In the Linux kernel, the following vulnerability has been resolved:

nilfs2: fix potential use after free in nilfs_gccache_submit_read_data()

In nilfs_gccache_submit_read_data(), brelse(bh) is called to drop the reference count of bh when the call to nilfs_dat_translate() fails. If the reference count hits 0 and its owner page gets unlocked, bh may be freed. However, bh->b_page is dereferenced to put the page after that, which may result in a use-after-free bug. This patch moves the release operation after unlocking and putting the page.

NOTE: The function in question is only called in GC, and in combination with current userland tools, address translation using DAT does not occur in that function, so the code path that causes this issue will not be executed. However, it is possible to run that code path by intentionally modifying the userland GC library or by calling the GC ioctl directly.

[konishi.ryusuke@gmail.com: NOTE added to the commit log]

Severity ?

5.5 (Medium)


                  
                    CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2023-52566"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-416"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-03-02T22:15:49Z",
    "severity": "MODERATE"
  },
  "details": "In the Linux kernel, the following vulnerability has been resolved:\n\nnilfs2: fix potential use after free in nilfs_gccache_submit_read_data()\n\nIn nilfs_gccache_submit_read_data(), brelse(bh) is called to drop the\nreference count of bh when the call to nilfs_dat_translate() fails.  If\nthe reference count hits 0 and its owner page gets unlocked, bh may be\nfreed.  However, bh-\u003eb_page is dereferenced to put the page after that,\nwhich may result in a use-after-free bug.  This patch moves the release\noperation after unlocking and putting the page.\n\nNOTE: The function in question is only called in GC, and in combination\nwith current userland tools, address translation using DAT does not occur\nin that function, so the code path that causes this issue will not be\nexecuted.  However, it is possible to run that code path by intentionally\nmodifying the userland GC library or by calling the GC ioctl directly.\n\n[konishi.ryusuke@gmail.com: NOTE added to the commit log]",
  "id": "GHSA-4c64-w6qg-97qw",
  "modified": "2024-11-06T18:31:03Z",
  "published": "2024-03-03T00:30:32Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-52566"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/193b5a1c6c67c36b430989dc063fe7ea4e200a33"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/28df4646ad8b433340772edc90ca709cdefc53e2"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/3936e8714907cd55e37c7cc50e50229e4a9042e8"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/7130a87ca32396eb9bf48b71a2d42259ae44c6c7"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/7ee29facd8a9c5a26079148e36bcf07141b3a6bc"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/980663f1d189eedafd18d80053d9cf3e2ceb5c8c"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/bb61224f6abc8e71bfdf06d7c984e23460875f5b"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/fb1084e63ee56958b0a56e17a50a4fd86445b9c1"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

FKIE_CVE-2023-52566

Vulnerability from fkie_nvd - Published: 2024-03-02 22:15 - Updated: 2025-04-08 15:08

Severity ?

5.5 (Medium) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Summary

References

URL	Tags
416baaa9-dc9f-4396-8d5f-8c081fb06d67	https://git.kernel.org/stable/c/193b5a1c6c67c36b430989dc063fe7ea4e200a33	Patch
416baaa9-dc9f-4396-8d5f-8c081fb06d67	https://git.kernel.org/stable/c/28df4646ad8b433340772edc90ca709cdefc53e2	Patch
416baaa9-dc9f-4396-8d5f-8c081fb06d67	https://git.kernel.org/stable/c/3936e8714907cd55e37c7cc50e50229e4a9042e8	Patch
416baaa9-dc9f-4396-8d5f-8c081fb06d67	https://git.kernel.org/stable/c/7130a87ca32396eb9bf48b71a2d42259ae44c6c7	Patch
416baaa9-dc9f-4396-8d5f-8c081fb06d67	https://git.kernel.org/stable/c/7ee29facd8a9c5a26079148e36bcf07141b3a6bc	Patch
416baaa9-dc9f-4396-8d5f-8c081fb06d67	https://git.kernel.org/stable/c/980663f1d189eedafd18d80053d9cf3e2ceb5c8c	Patch
416baaa9-dc9f-4396-8d5f-8c081fb06d67	https://git.kernel.org/stable/c/bb61224f6abc8e71bfdf06d7c984e23460875f5b	Patch
416baaa9-dc9f-4396-8d5f-8c081fb06d67	https://git.kernel.org/stable/c/fb1084e63ee56958b0a56e17a50a4fd86445b9c1	Patch
af854a3a-2127-422b-91ae-364da2661108	https://git.kernel.org/stable/c/193b5a1c6c67c36b430989dc063fe7ea4e200a33	Patch
af854a3a-2127-422b-91ae-364da2661108	https://git.kernel.org/stable/c/28df4646ad8b433340772edc90ca709cdefc53e2	Patch
af854a3a-2127-422b-91ae-364da2661108	https://git.kernel.org/stable/c/3936e8714907cd55e37c7cc50e50229e4a9042e8	Patch
af854a3a-2127-422b-91ae-364da2661108	https://git.kernel.org/stable/c/7130a87ca32396eb9bf48b71a2d42259ae44c6c7	Patch
af854a3a-2127-422b-91ae-364da2661108	https://git.kernel.org/stable/c/7ee29facd8a9c5a26079148e36bcf07141b3a6bc	Patch
af854a3a-2127-422b-91ae-364da2661108	https://git.kernel.org/stable/c/980663f1d189eedafd18d80053d9cf3e2ceb5c8c	Patch
af854a3a-2127-422b-91ae-364da2661108	https://git.kernel.org/stable/c/bb61224f6abc8e71bfdf06d7c984e23460875f5b	Patch
af854a3a-2127-422b-91ae-364da2661108	https://git.kernel.org/stable/c/fb1084e63ee56958b0a56e17a50a4fd86445b9c1	Patch

Impacted products

Vendor	Product	Version
linux	linux_kernel	*
linux	linux_kernel	*
linux	linux_kernel	*
linux	linux_kernel	*
linux	linux_kernel	*
linux	linux_kernel	*
linux	linux_kernel	*
linux	linux_kernel	6.6
linux	linux_kernel	6.6
linux	linux_kernel	6.6

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B58818EF-4D8C-46CE-8E39-5297CF2BD101",
              "versionEndExcluding": "4.14.327",
              "versionStartIncluding": "2.6.30",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "78DAD65C-4893-461B-91B2-F4E7C212F140",
              "versionEndExcluding": "4.19.296",
              "versionStartIncluding": "4.15",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "1208C905-CEAA-49F2-B357-72A5185B2656",
              "versionEndExcluding": "5.4.258",
              "versionStartIncluding": "4.20",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "66D916C3-4087-44FF-9CD9-D2826BCC9E3D",
              "versionEndExcluding": "5.10.198",
              "versionStartIncluding": "5.5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "346A7B1E-5048-460C-9640-5EFA2075158B",
              "versionEndExcluding": "5.15.134",
              "versionStartIncluding": "5.11",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "5EA89569-DD45-4A69-BB4D-8356FA9386BD",
              "versionEndExcluding": "6.1.56",
              "versionStartIncluding": "5.16",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "870FC772-173A-4A0F-B1AF-7976AD6057D3",
              "versionEndExcluding": "6.5.6",
              "versionStartIncluding": "6.2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:6.6:rc1:*:*:*:*:*:*",
              "matchCriteriaId": "84267A4F-DBC2-444F-B41D-69E15E1BEC97",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:6.6:rc2:*:*:*:*:*:*",
              "matchCriteriaId": "FB440208-241C-4246-9A83-C1715C0DAA6C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:6.6:rc3:*:*:*:*:*:*",
              "matchCriteriaId": "0DC421F1-3D5A-4BEF-BF76-4E468985D20B",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnilfs2: fix potential use after free in nilfs_gccache_submit_read_data()\n\nIn nilfs_gccache_submit_read_data(), brelse(bh) is called to drop the\nreference count of bh when the call to nilfs_dat_translate() fails.  If\nthe reference count hits 0 and its owner page gets unlocked, bh may be\nfreed.  However, bh-\u003eb_page is dereferenced to put the page after that,\nwhich may result in a use-after-free bug.  This patch moves the release\noperation after unlocking and putting the page.\n\nNOTE: The function in question is only called in GC, and in combination\nwith current userland tools, address translation using DAT does not occur\nin that function, so the code path that causes this issue will not be\nexecuted.  However, it is possible to run that code path by intentionally\nmodifying the userland GC library or by calling the GC ioctl directly.\n\n[konishi.ryusuke@gmail.com: NOTE added to the commit log]"
    },
    {
      "lang": "es",
      "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: nilfs2: soluciona el uso potencial despu\u00e9s de liberar en nilfs_gccache_submit_read_data() En nilfs_gccache_submit_read_data(), se llama a brelse(bh) para eliminar el recuento de referencias de bh cuando falla la llamada a nilfs_dat_translate(). Si el recuento de referencias llega a 0 y la p\u00e1gina del propietario se desbloquea, es posible que bh quede liberado. Sin embargo, se elimina la referencia a bh-\u0026gt;b_page para colocar la p\u00e1gina despu\u00e9s de eso, lo que puede provocar un error de Use After Free. Este parche mueve la operaci\u00f3n de lanzamiento despu\u00e9s de desbloquear y poner la p\u00e1gina. NOTA: La funci\u00f3n en cuesti\u00f3n solo se llama en GC y, en combinaci\u00f3n con las herramientas actuales del usuario, la traducci\u00f3n de direcciones usando DAT no ocurre en esa funci\u00f3n, por lo que la ruta del c\u00f3digo que causa este problema no se ejecutar\u00e1. Sin embargo, es posible ejecutar esa ruta de c\u00f3digo modificando intencionalmente la librer\u00eda GC del \u00e1rea de usuario o llamando directamente al GC ioctl. [konishi.ryusuke@gmail.com: NOTA agregada al registro de confirmaci\u00f3n]"
    }
  ],
  "id": "CVE-2023-52566",
  "lastModified": "2025-04-08T15:08:55.437",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "LOCAL",
          "availabilityImpact": "HIGH",
          "baseScore": 5.5,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 1.8,
        "impactScore": 3.6,
        "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
        "type": "Secondary"
      }
    ]
  },
  "published": "2024-03-02T22:15:49.023",
  "references": [
    {
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "tags": [
        "Patch"
      ],
      "url": "https://git.kernel.org/stable/c/193b5a1c6c67c36b430989dc063fe7ea4e200a33"
    },
    {
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "tags": [
        "Patch"
      ],
      "url": "https://git.kernel.org/stable/c/28df4646ad8b433340772edc90ca709cdefc53e2"
    },
    {
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "tags": [
        "Patch"
      ],
      "url": "https://git.kernel.org/stable/c/3936e8714907cd55e37c7cc50e50229e4a9042e8"
    },
    {
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "tags": [
        "Patch"
      ],
      "url": "https://git.kernel.org/stable/c/7130a87ca32396eb9bf48b71a2d42259ae44c6c7"
    },
    {
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "tags": [
        "Patch"
      ],
      "url": "https://git.kernel.org/stable/c/7ee29facd8a9c5a26079148e36bcf07141b3a6bc"
    },
    {
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "tags": [
        "Patch"
      ],
      "url": "https://git.kernel.org/stable/c/980663f1d189eedafd18d80053d9cf3e2ceb5c8c"
    },
    {
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "tags": [
        "Patch"
      ],
      "url": "https://git.kernel.org/stable/c/bb61224f6abc8e71bfdf06d7c984e23460875f5b"
    },
    {
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "tags": [
        "Patch"
      ],
      "url": "https://git.kernel.org/stable/c/fb1084e63ee56958b0a56e17a50a4fd86445b9c1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "https://git.kernel.org/stable/c/193b5a1c6c67c36b430989dc063fe7ea4e200a33"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "https://git.kernel.org/stable/c/28df4646ad8b433340772edc90ca709cdefc53e2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "https://git.kernel.org/stable/c/3936e8714907cd55e37c7cc50e50229e4a9042e8"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "https://git.kernel.org/stable/c/7130a87ca32396eb9bf48b71a2d42259ae44c6c7"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "https://git.kernel.org/stable/c/7ee29facd8a9c5a26079148e36bcf07141b3a6bc"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "https://git.kernel.org/stable/c/980663f1d189eedafd18d80053d9cf3e2ceb5c8c"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "https://git.kernel.org/stable/c/bb61224f6abc8e71bfdf06d7c984e23460875f5b"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "https://git.kernel.org/stable/c/fb1084e63ee56958b0a56e17a50a4fd86445b9c1"
    }
  ],
  "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
  "vulnStatus": "Analyzed",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-416"
        }
      ],
      "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
      "type": "Secondary"
    }
  ]
}

CERTFR-2024-AVI-0422

Vulnerability from certfr_avis - Published: 2024-05-17 - Updated: 2024-05-17

De multiples vulnérabilités ont été découvertes dans le noyau Linux d'Ubuntu. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire, une atteinte à la confidentialité des données et un déni de service.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
Ubuntu	Ubuntu	Ubuntu 16.04 ESM
Ubuntu	Ubuntu	Ubuntu 18.04 ESM
Ubuntu	Ubuntu	Ubuntu 20.04 LTS
Ubuntu	Ubuntu	Ubuntu 14.04 ESM
Ubuntu	Ubuntu	Ubuntu 23.10
Ubuntu	Ubuntu	Ubuntu 22.04 LTS

References

Title

Publication Time

Tags

Bulletin de sécurité Ubuntu USN-6767-2 du 14 mai 2024	None	vendor-advisory
Bulletin de sécurité Ubuntu USN-6777-1 du 16 mai 2024	None	vendor-advisory
Bulletin de sécurité Ubuntu USN-6778-1 du 16 mai 2024	None	vendor-advisory
Bulletin de sécurité Ubuntu USN-6774-1 du 16 mai 2024	None	vendor-advisory
Bulletin de sécurité Ubuntu USN-6766-2 du 15 mai 2024	None	vendor-advisory
Bulletin de sécurité Ubuntu USN-6775-1 du 16 mai 2024	None	vendor-advisory
Bulletin de sécurité Ubuntu USN-6776-1 du 16 mai 2024	None	vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Ubuntu 16.04 ESM",
      "product": {
        "name": "Ubuntu",
        "vendor": {
          "name": "Ubuntu",
          "scada": false
        }
      }
    },
    {
      "description": "Ubuntu 18.04 ESM",
      "product": {
        "name": "Ubuntu",
        "vendor": {
          "name": "Ubuntu",
          "scada": false
        }
      }
    },
    {
      "description": "Ubuntu 20.04 LTS",
      "product": {
        "name": "Ubuntu",
        "vendor": {
          "name": "Ubuntu",
          "scada": false
        }
      }
    },
    {
      "description": "Ubuntu 14.04 ESM",
      "product": {
        "name": "Ubuntu",
        "vendor": {
          "name": "Ubuntu",
          "scada": false
        }
      }
    },
    {
      "description": "Ubuntu 23.10",
      "product": {
        "name": "Ubuntu",
        "vendor": {
          "name": "Ubuntu",
          "scada": false
        }
      }
    },
    {
      "description": "Ubuntu 22.04 LTS",
      "product": {
        "name": "Ubuntu",
        "vendor": {
          "name": "Ubuntu",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2023-52633",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52633"
    },
    {
      "name": "CVE-2024-26825",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26825"
    },
    {
      "name": "CVE-2023-52622",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52622"
    },
    {
      "name": "CVE-2024-26696",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26696"
    },
    {
      "name": "CVE-2024-26614",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26614"
    },
    {
      "name": "CVE-2024-26715",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26715"
    },
    {
      "name": "CVE-2023-52637",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52637"
    },
    {
      "name": "CVE-2021-46939",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-46939"
    },
    {
      "name": "CVE-2023-52491",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52491"
    },
    {
      "name": "CVE-2024-26704",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26704"
    },
    {
      "name": "CVE-2024-26671",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26671"
    },
    {
      "name": "CVE-2024-26712",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26712"
    },
    {
      "name": "CVE-2023-52642",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52642"
    },
    {
      "name": "CVE-2024-26600",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26600"
    },
    {
      "name": "CVE-2023-52635",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52635"
    },
    {
      "name": "CVE-2023-52489",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52489"
    },
    {
      "name": "CVE-2023-52638",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52638"
    },
    {
      "name": "CVE-2023-52492",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52492"
    },
    {
      "name": "CVE-2024-26805",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26805"
    },
    {
      "name": "CVE-2024-26665",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26665"
    },
    {
      "name": "CVE-2024-26627",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26627"
    },
    {
      "name": "CVE-2024-26910",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26910"
    },
    {
      "name": "CVE-2023-52587",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52587"
    },
    {
      "name": "CVE-2024-26698",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26698"
    },
    {
      "name": "CVE-2024-26645",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26645"
    },
    {
      "name": "CVE-2024-26702",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26702"
    },
    {
      "name": "CVE-2024-26673",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26673"
    },
    {
      "name": "CVE-2024-26720",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26720"
    },
    {
      "name": "CVE-2024-26615",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26615"
    },
    {
      "name": "CVE-2024-26801",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26801"
    },
    {
      "name": "CVE-2023-52618",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52618"
    },
    {
      "name": "CVE-2023-52604",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52604"
    },
    {
      "name": "CVE-2023-52643",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52643"
    },
    {
      "name": "CVE-2023-52601",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52601"
    },
    {
      "name": "CVE-2024-26722",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26722"
    },
    {
      "name": "CVE-2024-26598",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26598"
    },
    {
      "name": "CVE-2024-26679",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26679"
    },
    {
      "name": "CVE-2023-52616",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52616"
    },
    {
      "name": "CVE-2023-52435",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52435"
    },
    {
      "name": "CVE-2024-26707",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26707"
    },
    {
      "name": "CVE-2024-26695",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26695"
    },
    {
      "name": "CVE-2023-52486",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52486"
    },
    {
      "name": "CVE-2023-52619",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52619"
    },
    {
      "name": "CVE-2023-52617",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52617"
    },
    {
      "name": "CVE-2024-26920",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26920"
    },
    {
      "name": "CVE-2024-26593",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26593"
    },
    {
      "name": "CVE-2024-26676",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26676"
    },
    {
      "name": "CVE-2024-26916",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26916"
    },
    {
      "name": "CVE-2024-26636",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26636"
    },
    {
      "name": "CVE-2023-52524",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52524"
    },
    {
      "name": "CVE-2024-26829",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26829"
    },
    {
      "name": "CVE-2023-52493",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52493"
    },
    {
      "name": "CVE-2024-26606",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26606"
    },
    {
      "name": "CVE-2024-26625",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26625"
    },
    {
      "name": "CVE-2024-26635",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26635"
    },
    {
      "name": "CVE-2023-52631",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52631"
    },
    {
      "name": "CVE-2023-52608",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52608"
    },
    {
      "name": "CVE-2024-26592",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26592"
    },
    {
      "name": "CVE-2024-26697",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26697"
    },
    {
      "name": "CVE-2024-26826",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26826"
    },
    {
      "name": "CVE-2024-26685",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26685"
    },
    {
      "name": "CVE-2023-52599",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52599"
    },
    {
      "name": "CVE-2024-26663",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26663"
    },
    {
      "name": "CVE-2023-52439",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52439"
    },
    {
      "name": "CVE-2024-26675",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26675"
    },
    {
      "name": "CVE-2024-26610",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26610"
    },
    {
      "name": "CVE-2023-52583",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52583"
    },
    {
      "name": "CVE-2023-52602",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52602"
    },
    {
      "name": "CVE-2023-52498",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52498"
    },
    {
      "name": "CVE-2024-1151",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-1151"
    },
    {
      "name": "CVE-2024-26668",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26668"
    },
    {
      "name": "CVE-2024-26735",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26735"
    },
    {
      "name": "CVE-2023-47233",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-47233"
    },
    {
      "name": "CVE-2024-26640",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26640"
    },
    {
      "name": "CVE-2024-26594",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26594"
    },
    {
      "name": "CVE-2023-52627",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52627"
    },
    {
      "name": "CVE-2023-52588",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52588"
    },
    {
      "name": "CVE-2024-26602",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26602"
    },
    {
      "name": "CVE-2024-26644",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26644"
    },
    {
      "name": "CVE-2023-52598",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52598"
    },
    {
      "name": "CVE-2023-52594",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52594"
    },
    {
      "name": "CVE-2024-26808",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26808"
    },
    {
      "name": "CVE-2023-52595",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52595"
    },
    {
      "name": "CVE-2023-52623",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52623"
    },
    {
      "name": "CVE-2024-26608",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26608"
    },
    {
      "name": "CVE-2023-52615",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52615"
    },
    {
      "name": "CVE-2024-26660",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26660"
    },
    {
      "name": "CVE-2024-26689",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26689"
    },
    {
      "name": "CVE-2023-52606",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52606"
    },
    {
      "name": "CVE-2023-52597",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52597"
    },
    {
      "name": "CVE-2024-26717",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26717"
    },
    {
      "name": "CVE-2023-52566",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52566"
    },
    {
      "name": "CVE-2021-46981",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-46981"
    },
    {
      "name": "CVE-2024-2201",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-2201"
    },
    {
      "name": "CVE-2024-26641",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26641"
    },
    {
      "name": "CVE-2023-52530",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52530"
    },
    {
      "name": "CVE-2023-52614",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52614"
    },
    {
      "name": "CVE-2024-26664",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26664"
    },
    {
      "name": "CVE-2023-52494",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52494"
    },
    {
      "name": "CVE-2023-52607",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52607"
    },
    {
      "name": "CVE-2024-23849",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-23849"
    },
    {
      "name": "CVE-2024-26684",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26684"
    },
    {
      "name": "CVE-2024-26622",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26622"
    }
  ],
  "initial_release_date": "2024-05-17T00:00:00",
  "last_revision_date": "2024-05-17T00:00:00",
  "links": [],
  "reference": "CERTFR-2024-AVI-0422",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2024-05-17T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Ex\u00e9cution de code arbitraire"
    },
    {
      "description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
    },
    {
      "description": "D\u00e9ni de service"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans le noyau Linux\nd\u0027Ubuntu. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer\nune ex\u00e9cution de code arbitraire, une atteinte \u00e0 la confidentialit\u00e9 des\ndonn\u00e9es et un d\u00e9ni de service.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans le noyau Linux d\u0027Ubuntu",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-6767-2 du 14 mai 2024",
      "url": "https://ubuntu.com/security/notices/USN-6767-2"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-6777-1 du 16 mai 2024",
      "url": "https://ubuntu.com/security/notices/USN-6777-1"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-6778-1 du 16 mai 2024",
      "url": "https://ubuntu.com/security/notices/USN-6778-1"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-6774-1 du 16 mai 2024",
      "url": "https://ubuntu.com/security/notices/USN-6774-1"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-6766-2 du 15 mai 2024",
      "url": "https://ubuntu.com/security/notices/USN-6766-2"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-6775-1 du 16 mai 2024",
      "url": "https://ubuntu.com/security/notices/USN-6775-1"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-6776-1 du 16 mai 2024",
      "url": "https://ubuntu.com/security/notices/USN-6776-1"
    }
  ]
}

CERTFR-2024-AVI-0439

Vulnerability from certfr_avis - Published: 2024-05-24 - Updated: 2024-05-24

Solutions

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

Impacted products

Vendor	Product	Description
Ubuntu	Ubuntu	Ubuntu 16.04 ESM
Ubuntu	Ubuntu	Ubuntu 20.04 LTS
Ubuntu	Ubuntu	Ubuntu 14.04 ESM
Ubuntu	Ubuntu	Ubuntu 22.04 LTS

References

Title

Publication Time

Tags

Bulletin de sécurité Ubuntu USN-6766-3	2024-05-20	vendor-advisory
Bulletin de sécurité Ubuntu USN-6777-4	2024-05-23	vendor-advisory
Bulletin de sécurité Ubuntu USN-6777-2	2024-05-20	vendor-advisory
Bulletin de sécurité Ubuntu USN-6775-2	2024-05-21	vendor-advisory
Bulletin de sécurité Ubuntu USN-6777-3	2024-05-21	vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Ubuntu 16.04 ESM",
      "product": {
        "name": "Ubuntu",
        "vendor": {
          "name": "Ubuntu",
          "scada": false
        }
      }
    },
    {
      "description": "Ubuntu 20.04 LTS",
      "product": {
        "name": "Ubuntu",
        "vendor": {
          "name": "Ubuntu",
          "scada": false
        }
      }
    },
    {
      "description": "Ubuntu 14.04 ESM",
      "product": {
        "name": "Ubuntu",
        "vendor": {
          "name": "Ubuntu",
          "scada": false
        }
      }
    },
    {
      "description": "Ubuntu 22.04 LTS",
      "product": {
        "name": "Ubuntu",
        "vendor": {
          "name": "Ubuntu",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": "",
  "content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
  "cves": [
    {
      "name": "CVE-2023-52633",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52633"
    },
    {
      "name": "CVE-2024-26825",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26825"
    },
    {
      "name": "CVE-2023-52622",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52622"
    },
    {
      "name": "CVE-2024-26696",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26696"
    },
    {
      "name": "CVE-2024-26614",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26614"
    },
    {
      "name": "CVE-2024-26715",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26715"
    },
    {
      "name": "CVE-2023-52637",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52637"
    },
    {
      "name": "CVE-2023-52491",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52491"
    },
    {
      "name": "CVE-2024-26704",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26704"
    },
    {
      "name": "CVE-2024-26671",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26671"
    },
    {
      "name": "CVE-2024-26712",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26712"
    },
    {
      "name": "CVE-2023-52642",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52642"
    },
    {
      "name": "CVE-2024-26600",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26600"
    },
    {
      "name": "CVE-2023-52635",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52635"
    },
    {
      "name": "CVE-2023-52489",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52489"
    },
    {
      "name": "CVE-2023-52638",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52638"
    },
    {
      "name": "CVE-2023-52492",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52492"
    },
    {
      "name": "CVE-2024-26805",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26805"
    },
    {
      "name": "CVE-2024-26665",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26665"
    },
    {
      "name": "CVE-2024-26627",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26627"
    },
    {
      "name": "CVE-2024-26910",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26910"
    },
    {
      "name": "CVE-2023-52587",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52587"
    },
    {
      "name": "CVE-2024-26698",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26698"
    },
    {
      "name": "CVE-2024-26645",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26645"
    },
    {
      "name": "CVE-2024-26702",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26702"
    },
    {
      "name": "CVE-2024-26673",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26673"
    },
    {
      "name": "CVE-2024-26720",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26720"
    },
    {
      "name": "CVE-2024-26615",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26615"
    },
    {
      "name": "CVE-2024-26801",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26801"
    },
    {
      "name": "CVE-2023-52618",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52618"
    },
    {
      "name": "CVE-2023-52604",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52604"
    },
    {
      "name": "CVE-2023-52643",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52643"
    },
    {
      "name": "CVE-2023-52601",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52601"
    },
    {
      "name": "CVE-2024-26722",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26722"
    },
    {
      "name": "CVE-2024-26679",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26679"
    },
    {
      "name": "CVE-2023-52616",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52616"
    },
    {
      "name": "CVE-2023-52435",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52435"
    },
    {
      "name": "CVE-2024-26707",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26707"
    },
    {
      "name": "CVE-2024-26695",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26695"
    },
    {
      "name": "CVE-2023-52486",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52486"
    },
    {
      "name": "CVE-2023-52619",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52619"
    },
    {
      "name": "CVE-2023-52617",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52617"
    },
    {
      "name": "CVE-2024-26920",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26920"
    },
    {
      "name": "CVE-2024-26593",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26593"
    },
    {
      "name": "CVE-2024-26676",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26676"
    },
    {
      "name": "CVE-2024-26916",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26916"
    },
    {
      "name": "CVE-2024-26636",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26636"
    },
    {
      "name": "CVE-2023-52524",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52524"
    },
    {
      "name": "CVE-2024-26829",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26829"
    },
    {
      "name": "CVE-2023-52493",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52493"
    },
    {
      "name": "CVE-2024-26606",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26606"
    },
    {
      "name": "CVE-2024-26625",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26625"
    },
    {
      "name": "CVE-2024-26635",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26635"
    },
    {
      "name": "CVE-2023-52631",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52631"
    },
    {
      "name": "CVE-2023-52608",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52608"
    },
    {
      "name": "CVE-2024-26592",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26592"
    },
    {
      "name": "CVE-2024-26697",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26697"
    },
    {
      "name": "CVE-2024-26826",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26826"
    },
    {
      "name": "CVE-2024-26685",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26685"
    },
    {
      "name": "CVE-2023-52599",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52599"
    },
    {
      "name": "CVE-2024-26663",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26663"
    },
    {
      "name": "CVE-2023-52439",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52439"
    },
    {
      "name": "CVE-2024-26675",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26675"
    },
    {
      "name": "CVE-2024-26610",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26610"
    },
    {
      "name": "CVE-2023-52583",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52583"
    },
    {
      "name": "CVE-2023-52602",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52602"
    },
    {
      "name": "CVE-2023-52498",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52498"
    },
    {
      "name": "CVE-2024-1151",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-1151"
    },
    {
      "name": "CVE-2024-26668",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26668"
    },
    {
      "name": "CVE-2024-26735",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26735"
    },
    {
      "name": "CVE-2023-47233",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-47233"
    },
    {
      "name": "CVE-2024-26640",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26640"
    },
    {
      "name": "CVE-2024-26594",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26594"
    },
    {
      "name": "CVE-2023-52627",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52627"
    },
    {
      "name": "CVE-2023-52588",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52588"
    },
    {
      "name": "CVE-2024-26602",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26602"
    },
    {
      "name": "CVE-2024-26644",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26644"
    },
    {
      "name": "CVE-2023-52598",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52598"
    },
    {
      "name": "CVE-2023-52594",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52594"
    },
    {
      "name": "CVE-2024-26808",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26808"
    },
    {
      "name": "CVE-2023-52595",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52595"
    },
    {
      "name": "CVE-2023-52623",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52623"
    },
    {
      "name": "CVE-2024-26608",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26608"
    },
    {
      "name": "CVE-2023-52615",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52615"
    },
    {
      "name": "CVE-2024-26660",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26660"
    },
    {
      "name": "CVE-2024-26689",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26689"
    },
    {
      "name": "CVE-2023-52606",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52606"
    },
    {
      "name": "CVE-2023-52597",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52597"
    },
    {
      "name": "CVE-2024-26717",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26717"
    },
    {
      "name": "CVE-2023-52566",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52566"
    },
    {
      "name": "CVE-2021-46981",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-46981"
    },
    {
      "name": "CVE-2024-2201",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-2201"
    },
    {
      "name": "CVE-2024-26641",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26641"
    },
    {
      "name": "CVE-2023-52530",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52530"
    },
    {
      "name": "CVE-2023-52614",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52614"
    },
    {
      "name": "CVE-2024-26664",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26664"
    },
    {
      "name": "CVE-2023-52494",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52494"
    },
    {
      "name": "CVE-2023-52607",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52607"
    },
    {
      "name": "CVE-2024-23849",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-23849"
    },
    {
      "name": "CVE-2024-26684",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26684"
    },
    {
      "name": "CVE-2024-26622",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26622"
    }
  ],
  "initial_release_date": "2024-05-24T00:00:00",
  "last_revision_date": "2024-05-24T00:00:00",
  "links": [],
  "reference": "CERTFR-2024-AVI-0439",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2024-05-24T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "Ex\u00e9cution de code arbitraire"
    },
    {
      "description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
    },
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans le noyau Linux d\u0027Ubuntu. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire, une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es et un contournement de la politique de s\u00e9curit\u00e9.",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans le noyau Linux d\u0027Ubuntu",
  "vendor_advisories": [
    {
      "published_at": "2024-05-20",
      "title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-6766-3",
      "url": "https://ubuntu.com/security/notices/USN-6766-3"
    },
    {
      "published_at": "2024-05-23",
      "title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-6777-4",
      "url": "https://ubuntu.com/security/notices/USN-6777-4"
    },
    {
      "published_at": "2024-05-20",
      "title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-6777-2",
      "url": "https://ubuntu.com/security/notices/USN-6777-2"
    },
    {
      "published_at": "2024-05-21",
      "title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-6775-2",
      "url": "https://ubuntu.com/security/notices/USN-6775-2"
    },
    {
      "published_at": "2024-05-21",
      "title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-6777-3",
      "url": "https://ubuntu.com/security/notices/USN-6777-3"
    }
  ]
}

CERTFR-2024-AVI-0363

Vulnerability from certfr_avis - Published: 2024-05-03 - Updated: 2024-05-03

De multiples vulnérabilités ont été découvertes dans le noyau Linux de SUSE. Certaines d'entre elles permettent à un attaquant de provoquer une élévation de privilèges, une atteinte à la confidentialité des données et une atteinte à l'intégrité des données.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
SUSE	SUSE Linux Enterprise High Performance Computing	SUSE Linux Enterprise High Performance Computing 15 SP5
SUSE	N/A	Legacy Module 15-SP5
SUSE	SUSE Linux Enterprise High Performance Computing	SUSE Linux Enterprise High Performance Computing LTSS 15 SP3
SUSE	openSUSE Leap	openSUSE Leap 15.5
SUSE	SUSE Linux Enterprise Live Patching	SUSE Linux Enterprise Live Patching 15-SP5
SUSE	SUSE Linux Enterprise Desktop	SUSE Linux Enterprise Desktop 15 SP5
SUSE	SUSE Manager Retail Branch Server	SUSE Manager Retail Branch Server 4.2
SUSE	openSUSE Leap	openSUSE Leap 15.3
SUSE	SUSE Manager Proxy	SUSE Manager Proxy 4.2
SUSE	SUSE Linux Enterprise Server	SUSE Linux Enterprise Server for SAP Applications 15 SP2
SUSE	SUSE Linux Enterprise Live Patching	SUSE Linux Enterprise Live Patching 15-SP2
SUSE	Public Cloud Module	Public Cloud Module 15-SP5
SUSE	SUSE Linux Enterprise Micro	SUSE Linux Enterprise Micro 5.2
SUSE	SUSE Manager Server	SUSE Manager Server 4.2
SUSE	N/A	SUSE Linux Enterprise High Availability Extension 15 SP5
SUSE	SUSE Linux Enterprise Server	SUSE Linux Enterprise Server 15 SP5
SUSE	SUSE Linux Enterprise Server	SUSE Linux Enterprise Server for SAP Applications 15 SP3
SUSE	SUSE Linux Enterprise Micro	SUSE Linux Enterprise Micro 5.1
SUSE	SUSE Real Time Module	SUSE Real Time Module 15-SP5
SUSE	Basesystem Module	Basesystem Module 15-SP5
SUSE	SUSE Linux Enterprise Server	SUSE Linux Enterprise Server for SAP Applications 15 SP5
SUSE	SUSE Manager Server	SUSE Manager Server 4.1
SUSE	N/A	SUSE Linux Enterprise High Availability Extension 15 SP3
SUSE	SUSE Linux Enterprise High Performance Computing	SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2
SUSE	SUSE Linux Enterprise Real Time	SUSE Linux Enterprise Real Time 15 SP5
SUSE	SUSE Manager Retail Branch Server	SUSE Manager Retail Branch Server 4.1
SUSE	SUSE Linux Enterprise Server	SUSE Linux Enterprise Server 15 SP3 Business Critical Linux 15-SP3
SUSE	SUSE Linux Enterprise Server	SUSE Linux Enterprise Server 15 SP2 Business Critical Linux 15-SP2
SUSE	N/A	SUSE Enterprise Storage 7.1
SUSE	SUSE Linux Enterprise Live Patching	SUSE Linux Enterprise Live Patching 15-SP3
SUSE	SUSE Linux Enterprise Micro	SUSE Linux Enterprise Micro for Rancher 5.2
SUSE	N/A	SUSE Linux Enterprise High Availability Extension 15 SP2
SUSE	SUSE Manager Proxy	SUSE Manager Proxy 4.1
SUSE	SUSE Linux Enterprise High Performance Computing	SUSE Linux Enterprise High Performance Computing 15 SP3
SUSE	SUSE Linux Enterprise Micro	SUSE Linux Enterprise Micro 5.5
SUSE	N/A	SUSE Linux Enterprise Workstation Extension 15 SP5
SUSE	N/A	Development Tools Module 15-SP5
SUSE	SUSE Linux Enterprise Server	SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3
SUSE	SUSE Linux Enterprise Server	SUSE Linux Enterprise Server 15 SP2
SUSE	SUSE Linux Enterprise Server	SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2
SUSE	SUSE Linux Enterprise Server	SUSE Linux Enterprise Server 15 SP3
SUSE	SUSE Linux Enterprise High Performance Computing	SUSE Linux Enterprise High Performance Computing 15 SP2

References

Title

Publication Time

Tags

Bulletin de sécurité SUSE SUSE-SU-2024:1465-1 du 29 avril 2024	None	vendor-advisory
Bulletin de sécurité SUSE SUSE-SU-2024:1490-1 du 03 mai 2024	None	vendor-advisory
Bulletin de sécurité SUSE SUSE-SU-2024:1489-1 du 03 mai 2024	None	vendor-advisory
Bulletin de sécurité SUSE SUSE-SU-2024:1454-1 du 26 avril 2024	None	vendor-advisory
Bulletin de sécurité SUSE SUSE-SU-2024:1466-1 du 29 avril 2024	None	vendor-advisory
Bulletin de sécurité SUSE SUSE-SU-2024:1480-1 du 30 avril 2024	None	vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "SUSE Linux Enterprise High Performance Computing 15 SP5",
      "product": {
        "name": "SUSE Linux Enterprise High Performance Computing",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "Legacy Module 15-SP5",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise High Performance Computing LTSS 15 SP3",
      "product": {
        "name": "SUSE Linux Enterprise High Performance Computing",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "openSUSE Leap 15.5",
      "product": {
        "name": "openSUSE Leap",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise Live Patching 15-SP5",
      "product": {
        "name": "SUSE Linux Enterprise Live Patching",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise Desktop 15 SP5",
      "product": {
        "name": "SUSE Linux Enterprise Desktop",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Manager Retail Branch Server 4.2",
      "product": {
        "name": "SUSE Manager Retail Branch Server",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "openSUSE Leap 15.3",
      "product": {
        "name": "openSUSE Leap",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Manager Proxy 4.2",
      "product": {
        "name": "SUSE Manager Proxy",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise Server for SAP Applications 15 SP2",
      "product": {
        "name": "SUSE Linux Enterprise Server",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise Live Patching 15-SP2",
      "product": {
        "name": "SUSE Linux Enterprise Live Patching",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "Public Cloud Module 15-SP5",
      "product": {
        "name": "Public Cloud Module",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise Micro 5.2",
      "product": {
        "name": "SUSE Linux Enterprise Micro",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Manager Server 4.2",
      "product": {
        "name": "SUSE Manager Server",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise High Availability Extension 15 SP5",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise Server 15 SP5",
      "product": {
        "name": "SUSE Linux Enterprise Server",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise Server for SAP Applications 15 SP3",
      "product": {
        "name": "SUSE Linux Enterprise Server",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise Micro 5.1",
      "product": {
        "name": "SUSE Linux Enterprise Micro",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Real Time Module 15-SP5",
      "product": {
        "name": "SUSE Real Time Module",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "Basesystem Module 15-SP5",
      "product": {
        "name": "Basesystem Module",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise Server for SAP Applications 15 SP5",
      "product": {
        "name": "SUSE Linux Enterprise Server",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Manager Server 4.1",
      "product": {
        "name": "SUSE Manager Server",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise High Availability Extension 15 SP3",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2",
      "product": {
        "name": "SUSE Linux Enterprise High Performance Computing",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise Real Time 15 SP5",
      "product": {
        "name": "SUSE Linux Enterprise Real Time",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Manager Retail Branch Server 4.1",
      "product": {
        "name": "SUSE Manager Retail Branch Server",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise Server 15 SP3 Business Critical Linux 15-SP3",
      "product": {
        "name": "SUSE Linux Enterprise Server",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise Server 15 SP2 Business Critical Linux 15-SP2",
      "product": {
        "name": "SUSE Linux Enterprise Server",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Enterprise Storage 7.1",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise Live Patching 15-SP3",
      "product": {
        "name": "SUSE Linux Enterprise Live Patching",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise Micro for Rancher 5.2",
      "product": {
        "name": "SUSE Linux Enterprise Micro",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise High Availability Extension 15 SP2",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Manager Proxy 4.1",
      "product": {
        "name": "SUSE Manager Proxy",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise High Performance Computing 15 SP3",
      "product": {
        "name": "SUSE Linux Enterprise High Performance Computing",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise Micro 5.5",
      "product": {
        "name": "SUSE Linux Enterprise Micro",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise Workstation Extension 15 SP5",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "Development Tools Module 15-SP5",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3",
      "product": {
        "name": "SUSE Linux Enterprise Server",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise Server 15 SP2",
      "product": {
        "name": "SUSE Linux Enterprise Server",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2",
      "product": {
        "name": "SUSE Linux Enterprise Server",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise Server 15 SP3",
      "product": {
        "name": "SUSE Linux Enterprise Server",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise High Performance Computing 15 SP2",
      "product": {
        "name": "SUSE Linux Enterprise High Performance Computing",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2021-29155",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-29155"
    },
    {
      "name": "CVE-2021-23134",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-23134"
    },
    {
      "name": "CVE-2022-0487",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-0487"
    },
    {
      "name": "CVE-2022-4744",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-4744"
    },
    {
      "name": "CVE-2023-4881",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-4881"
    },
    {
      "name": "CVE-2023-1192",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-1192"
    },
    {
      "name": "CVE-2023-6531",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-6531"
    },
    {
      "name": "CVE-2023-35827",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-35827"
    },
    {
      "name": "CVE-2023-6536",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-6536"
    },
    {
      "name": "CVE-2023-6356",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-6356"
    },
    {
      "name": "CVE-2023-6535",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-6535"
    },
    {
      "name": "CVE-2023-7192",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-7192"
    },
    {
      "name": "CVE-2023-0160",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-0160"
    },
    {
      "name": "CVE-2023-28746",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-28746"
    },
    {
      "name": "CVE-2024-26599",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26599"
    },
    {
      "name": "CVE-2023-52454",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52454"
    },
    {
      "name": "CVE-2024-26600",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26600"
    },
    {
      "name": "CVE-2023-52467",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52467"
    },
    {
      "name": "CVE-2023-52597",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52597"
    },
    {
      "name": "CVE-2023-52605",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52605"
    },
    {
      "name": "CVE-2023-52462",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52462"
    },
    {
      "name": "CVE-2023-52469",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52469"
    },
    {
      "name": "CVE-2023-52598",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52598"
    },
    {
      "name": "CVE-2023-52470",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52470"
    },
    {
      "name": "CVE-2023-52601",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52601"
    },
    {
      "name": "CVE-2023-52600",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52600"
    },
    {
      "name": "CVE-2023-52602",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52602"
    },
    {
      "name": "CVE-2024-26627",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26627"
    },
    {
      "name": "CVE-2023-52463",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52463"
    },
    {
      "name": "CVE-2023-52447",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52447"
    },
    {
      "name": "CVE-2023-52606",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52606"
    },
    {
      "name": "CVE-2023-52604",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52604"
    },
    {
      "name": "CVE-2023-52587",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52587"
    },
    {
      "name": "CVE-2023-52599",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52599"
    },
    {
      "name": "CVE-2023-52583",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52583"
    },
    {
      "name": "CVE-2023-52603",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52603"
    },
    {
      "name": "CVE-2023-52607",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52607"
    },
    {
      "name": "CVE-2023-52594",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52594"
    },
    {
      "name": "CVE-2023-52595",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52595"
    },
    {
      "name": "CVE-2024-26602",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26602"
    },
    {
      "name": "CVE-2021-47061",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-47061"
    },
    {
      "name": "CVE-2021-47013",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-47013"
    },
    {
      "name": "CVE-2024-23850",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-23850"
    },
    {
      "name": "CVE-2023-52559",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52559"
    },
    {
      "name": "CVE-2023-52574",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52574"
    },
    {
      "name": "CVE-2021-47083",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-47083"
    },
    {
      "name": "CVE-2021-47069",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-47069"
    },
    {
      "name": "CVE-2023-52530",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52530"
    },
    {
      "name": "CVE-2023-6270",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-6270"
    },
    {
      "name": "CVE-2023-52531",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52531"
    },
    {
      "name": "CVE-2023-52502",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52502"
    },
    {
      "name": "CVE-2023-52532",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52532"
    },
    {
      "name": "CVE-2021-46929",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-46929"
    },
    {
      "name": "CVE-2022-48628",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-48628"
    },
    {
      "name": "CVE-2023-52569",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52569"
    },
    {
      "name": "CVE-2021-46934",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-46934"
    },
    {
      "name": "CVE-2024-26607",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26607"
    },
    {
      "name": "CVE-2023-52482",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52482"
    },
    {
      "name": "CVE-2022-48627",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-48627"
    },
    {
      "name": "CVE-2023-52484",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52484"
    },
    {
      "name": "CVE-2021-46991",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-46991"
    },
    {
      "name": "CVE-2021-47077",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-47077"
    },
    {
      "name": "CVE-2021-46992",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-46992"
    },
    {
      "name": "CVE-2021-46921",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-46921"
    },
    {
      "name": "CVE-2024-2201",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-2201"
    },
    {
      "name": "CVE-2023-52612",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52612"
    },
    {
      "name": "CVE-2021-47104",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-47104"
    },
    {
      "name": "CVE-2023-52567",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52567"
    },
    {
      "name": "CVE-2023-52591",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52591"
    },
    {
      "name": "CVE-2023-52501",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52501"
    },
    {
      "name": "CVE-2023-52519",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52519"
    },
    {
      "name": "CVE-2023-52575",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52575"
    },
    {
      "name": "CVE-2024-26642",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26642"
    },
    {
      "name": "CVE-2024-26667",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26667"
    },
    {
      "name": "CVE-2023-52617",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52617"
    },
    {
      "name": "CVE-2023-52564",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52564"
    },
    {
      "name": "CVE-2024-26645",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26645"
    },
    {
      "name": "CVE-2023-52511",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52511"
    },
    {
      "name": "CVE-2024-0841",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-0841"
    },
    {
      "name": "CVE-2023-52476",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52476"
    },
    {
      "name": "CVE-2023-52563",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52563"
    },
    {
      "name": "CVE-2024-26695",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26695"
    },
    {
      "name": "CVE-2021-47107",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-47107"
    },
    {
      "name": "CVE-2021-47100",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-47100"
    },
    {
      "name": "CVE-2021-47087",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-47087"
    },
    {
      "name": "CVE-2023-52453",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52453"
    },
    {
      "name": "CVE-2023-52500",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52500"
    },
    {
      "name": "CVE-2021-47096",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-47096"
    },
    {
      "name": "CVE-2021-46926",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-46926"
    },
    {
      "name": "CVE-2023-52608",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52608"
    },
    {
      "name": "CVE-2022-48629",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-48629"
    },
    {
      "name": "CVE-2024-26717",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26717"
    },
    {
      "name": "CVE-2024-26670",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26670"
    },
    {
      "name": "CVE-2024-26654",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26654"
    },
    {
      "name": "CVE-2024-26612",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26612"
    },
    {
      "name": "CVE-2021-47101",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-47101"
    },
    {
      "name": "CVE-2023-52477",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52477"
    },
    {
      "name": "CVE-2023-52504",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52504"
    },
    {
      "name": "CVE-2023-52615",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52615"
    },
    {
      "name": "CVE-2024-26629",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26629"
    },
    {
      "name": "CVE-2024-26646",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26646"
    },
    {
      "name": "CVE-2023-52528",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52528"
    },
    {
      "name": "CVE-2023-52481",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52481"
    },
    {
      "name": "CVE-2024-26659",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26659"
    },
    {
      "name": "CVE-2023-52486",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52486"
    },
    {
      "name": "CVE-2021-47108",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-47108"
    },
    {
      "name": "CVE-2023-52628",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52628"
    },
    {
      "name": "CVE-2023-52474",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52474"
    },
    {
      "name": "CVE-2022-48630",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-48630"
    },
    {
      "name": "CVE-2023-52529",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52529"
    },
    {
      "name": "CVE-2023-52524",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52524"
    },
    {
      "name": "CVE-2021-47094",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-47094"
    },
    {
      "name": "CVE-2023-52493",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52493"
    },
    {
      "name": "CVE-2021-47095",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-47095"
    },
    {
      "name": "CVE-2024-26614",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26614"
    },
    {
      "name": "CVE-2023-52509",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52509"
    },
    {
      "name": "CVE-2023-52639",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52639"
    },
    {
      "name": "CVE-2023-52515",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52515"
    },
    {
      "name": "CVE-2023-52637",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52637"
    },
    {
      "name": "CVE-2023-52508",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52508"
    },
    {
      "name": "CVE-2023-52494",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52494"
    },
    {
      "name": "CVE-2021-46930",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-46930"
    },
    {
      "name": "CVE-2023-52497",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52497"
    },
    {
      "name": "CVE-2023-52507",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52507"
    },
    {
      "name": "CVE-2021-47082",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-47082"
    },
    {
      "name": "CVE-2021-46933",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-46933"
    },
    {
      "name": "CVE-2023-52492",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52492"
    },
    {
      "name": "CVE-2023-52582",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52582"
    },
    {
      "name": "CVE-2021-46931",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-46931"
    },
    {
      "name": "CVE-2023-52621",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52621"
    },
    {
      "name": "CVE-2024-25739",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-25739"
    },
    {
      "name": "CVE-2021-47105",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-47105"
    },
    {
      "name": "CVE-2021-47099",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-47099"
    },
    {
      "name": "CVE-2021-46925",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-46925"
    },
    {
      "name": "CVE-2021-47102",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-47102"
    },
    {
      "name": "CVE-2021-47091",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-47091"
    },
    {
      "name": "CVE-2023-52518",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52518"
    },
    {
      "name": "CVE-2021-47098",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-47098"
    },
    {
      "name": "CVE-2022-48626",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-48626"
    },
    {
      "name": "CVE-2023-52525",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52525"
    },
    {
      "name": "CVE-2023-52513",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52513"
    },
    {
      "name": "CVE-2024-25742",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-25742"
    },
    {
      "name": "CVE-2023-52450",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52450"
    },
    {
      "name": "CVE-2021-46927",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-46927"
    },
    {
      "name": "CVE-2024-22099",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-22099"
    },
    {
      "name": "CVE-2023-52566",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52566"
    },
    {
      "name": "CVE-2024-26664",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26664"
    },
    {
      "name": "CVE-2023-52576",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52576"
    },
    {
      "name": "CVE-2021-47093",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-47093"
    },
    {
      "name": "CVE-2023-52632",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52632"
    },
    {
      "name": "CVE-2023-52623",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52623"
    },
    {
      "name": "CVE-2024-26620",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26620"
    },
    {
      "name": "CVE-2023-52619",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52619"
    },
    {
      "name": "CVE-2021-46936",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-46936"
    },
    {
      "name": "CVE-2021-47097",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-47097"
    },
    {
      "name": "CVE-2024-26651",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26651"
    },
    {
      "name": "CVE-2023-52520",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52520"
    },
    {
      "name": "CVE-2023-7042",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-7042"
    },
    {
      "name": "CVE-2024-23307",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-23307"
    },
    {
      "name": "CVE-2023-52510",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52510"
    },
    {
      "name": "CVE-2023-52523",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52523"
    },
    {
      "name": "CVE-2023-52517",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52517"
    },
    {
      "name": "CVE-2024-26769",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26769"
    },
    {
      "name": "CVE-2024-26754",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26754"
    },
    {
      "name": "CVE-2024-26697",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26697"
    },
    {
      "name": "CVE-2024-26704",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26704"
    },
    {
      "name": "CVE-2024-26689",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26689"
    },
    {
      "name": "CVE-2024-26727",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26727"
    },
    {
      "name": "CVE-2024-26745",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26745"
    },
    {
      "name": "CVE-2024-26776",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26776"
    },
    {
      "name": "CVE-2024-26718",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26718"
    },
    {
      "name": "CVE-2024-26766",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26766"
    },
    {
      "name": "CVE-2024-26685",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26685"
    },
    {
      "name": "CVE-2024-26737",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26737"
    },
    {
      "name": "CVE-2024-26771",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26771"
    },
    {
      "name": "CVE-2024-26787",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26787"
    },
    {
      "name": "CVE-2024-26798",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26798"
    },
    {
      "name": "CVE-2024-26743",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26743"
    },
    {
      "name": "CVE-2024-26805",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26805"
    },
    {
      "name": "CVE-2024-26793",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26793"
    },
    {
      "name": "CVE-2024-26684",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26684"
    },
    {
      "name": "CVE-2024-26660",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26660"
    },
    {
      "name": "CVE-2024-26749",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26749"
    },
    {
      "name": "CVE-2024-26744",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26744"
    },
    {
      "name": "CVE-2024-26763",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26763"
    },
    {
      "name": "CVE-2024-26760",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26760"
    },
    {
      "name": "CVE-2024-26722",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26722"
    },
    {
      "name": "CVE-2024-26681",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26681"
    },
    {
      "name": "CVE-2024-26733",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26733"
    },
    {
      "name": "CVE-2024-26779",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26779"
    },
    {
      "name": "CVE-2024-26747",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26747"
    },
    {
      "name": "CVE-2024-26696",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26696"
    },
    {
      "name": "CVE-2024-26790",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26790"
    },
    {
      "name": "CVE-2024-26680",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26680"
    },
    {
      "name": "CVE-2024-26751",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26751"
    },
    {
      "name": "CVE-2024-26736",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26736"
    },
    {
      "name": "CVE-2021-46990",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-46990"
    },
    {
      "name": "CVE-2021-47180",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-47180"
    },
    {
      "name": "CVE-2020-36780",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-36780"
    },
    {
      "name": "CVE-2021-47014",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-47014"
    },
    {
      "name": "CVE-2021-47058",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-47058"
    },
    {
      "name": "CVE-2021-47167",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-47167"
    },
    {
      "name": "CVE-2021-46908",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-46908"
    },
    {
      "name": "CVE-2021-47035",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-47035"
    },
    {
      "name": "CVE-2023-52590",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52590"
    },
    {
      "name": "CVE-2021-47130",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-47130"
    },
    {
      "name": "CVE-2021-47056",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-47056"
    },
    {
      "name": "CVE-2021-46918",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-46918"
    },
    {
      "name": "CVE-2021-47138",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-47138"
    },
    {
      "name": "CVE-2021-46960",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-46960"
    },
    {
      "name": "CVE-2021-47046",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-47046"
    },
    {
      "name": "CVE-2024-26848",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26848"
    },
    {
      "name": "CVE-2021-47170",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-47170"
    },
    {
      "name": "CVE-2021-47164",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-47164"
    },
    {
      "name": "CVE-2021-47118",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-47118"
    },
    {
      "name": "CVE-2021-46920",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-46920"
    },
    {
      "name": "CVE-2021-47139",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-47139"
    },
    {
      "name": "CVE-2023-52488",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52488"
    },
    {
      "name": "CVE-2021-46976",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-46976"
    },
    {
      "name": "CVE-2021-46922",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-46922"
    },
    {
      "name": "CVE-2024-26807",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26807"
    },
    {
      "name": "CVE-2021-47150",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-47150"
    },
    {
      "name": "CVE-2021-46943",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-46943"
    },
    {
      "name": "CVE-2021-46914",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-46914"
    },
    {
      "name": "CVE-2021-46950",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-46950"
    },
    {
      "name": "CVE-2021-46971",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-46971"
    },
    {
      "name": "CVE-2021-47109",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-47109"
    },
    {
      "name": "CVE-2021-46988",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-46988"
    },
    {
      "name": "CVE-2021-46919",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-46919"
    },
    {
      "name": "CVE-2021-46944",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-46944"
    },
    {
      "name": "CVE-2021-46938",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-46938"
    },
    {
      "name": "CVE-2021-46981",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-46981"
    },
    {
      "name": "CVE-2021-47175",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-47175"
    },
    {
      "name": "CVE-2021-47049",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-47049"
    },
    {
      "name": "CVE-2023-52627",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52627"
    },
    {
      "name": "CVE-2021-47144",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-47144"
    },
    {
      "name": "CVE-2021-47068",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-47068"
    },
    {
      "name": "CVE-2021-47044",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-47044"
    },
    {
      "name": "CVE-2021-47137",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-47137"
    },
    {
      "name": "CVE-2021-47161",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-47161"
    },
    {
      "name": "CVE-2021-47177",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-47177"
    },
    {
      "name": "CVE-2021-46917",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-46917"
    },
    {
      "name": "CVE-2021-46958",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-46958"
    },
    {
      "name": "CVE-2021-47020",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-47020"
    },
    {
      "name": "CVE-2021-47110",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-47110"
    },
    {
      "name": "CVE-2021-47017",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-47017"
    },
    {
      "name": "CVE-2021-46983",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-46983"
    },
    {
      "name": "CVE-2021-47119",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-47119"
    },
    {
      "name": "CVE-2021-47165",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-47165"
    },
    {
      "name": "CVE-2021-46998",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-46998"
    },
    {
      "name": "CVE-2021-47176",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-47176"
    },
    {
      "name": "CVE-2021-47006",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-47006"
    },
    {
      "name": "CVE-2021-47073",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-47073"
    },
    {
      "name": "CVE-2021-47055",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-47055"
    },
    {
      "name": "CVE-2021-47141",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-47141"
    },
    {
      "name": "CVE-2021-47117",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-47117"
    },
    {
      "name": "CVE-2021-47172",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-47172"
    },
    {
      "name": "CVE-2023-52572",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52572"
    },
    {
      "name": "CVE-2020-36781",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-36781"
    },
    {
      "name": "CVE-2021-47189",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-47189"
    },
    {
      "name": "CVE-2023-52636",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52636"
    },
    {
      "name": "CVE-2021-47181",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-47181"
    },
    {
      "name": "CVE-2021-47001",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-47001"
    },
    {
      "name": "CVE-2024-25743",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-25743"
    },
    {
      "name": "CVE-2021-47173",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-47173"
    },
    {
      "name": "CVE-2021-46962",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-46962"
    },
    {
      "name": "CVE-2021-46984",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-46984"
    },
    {
      "name": "CVE-2021-47063",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-47063"
    },
    {
      "name": "CVE-2021-47179",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-47179"
    },
    {
      "name": "CVE-2021-47182",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-47182"
    },
    {
      "name": "CVE-2021-47065",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-47065"
    },
    {
      "name": "CVE-2021-47071",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-47071"
    },
    {
      "name": "CVE-2021-46911",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-46911"
    },
    {
      "name": "CVE-2021-47168",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-47168"
    },
    {
      "name": "CVE-2021-47038",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-47038"
    },
    {
      "name": "CVE-2021-46959",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-46959"
    },
    {
      "name": "CVE-2021-47153",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-47153"
    },
    {
      "name": "CVE-2021-47120",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-47120"
    },
    {
      "name": "CVE-2021-47174",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-47174"
    },
    {
      "name": "CVE-2021-47015",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-47015"
    },
    {
      "name": "CVE-2021-47142",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-47142"
    },
    {
      "name": "CVE-2021-46961",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-46961"
    },
    {
      "name": "CVE-2021-47003",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-47003"
    },
    {
      "name": "CVE-2021-47171",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-47171"
    },
    {
      "name": "CVE-2021-47202",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-47202"
    },
    {
      "name": "CVE-2021-47112",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-47112"
    },
    {
      "name": "CVE-2021-47169",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-47169"
    },
    {
      "name": "CVE-2021-47160",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-47160"
    },
    {
      "name": "CVE-2021-47136",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-47136"
    },
    {
      "name": "CVE-2021-47045",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-47045"
    },
    {
      "name": "CVE-2020-36783",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-36783"
    },
    {
      "name": "CVE-2021-47114",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-47114"
    },
    {
      "name": "CVE-2021-47034",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-47034"
    },
    {
      "name": "CVE-2021-47051",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-47051"
    },
    {
      "name": "CVE-2021-46909",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-46909"
    },
    {
      "name": "CVE-2021-47026",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-47026"
    },
    {
      "name": "CVE-2021-46963",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-46963"
    },
    {
      "name": "CVE-2023-52503",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52503"
    },
    {
      "name": "CVE-2021-46939",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-46939"
    },
    {
      "name": "CVE-2021-46951",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-46951"
    },
    {
      "name": "CVE-2021-47070",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-47070"
    },
    {
      "name": "CVE-2021-47183",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-47183"
    },
    {
      "name": "CVE-2021-46956",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-46956"
    },
    {
      "name": "CVE-2021-47166",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-47166"
    },
    {
      "name": "CVE-2021-47000",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-47000"
    },
    {
      "name": "CVE-2020-36782",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-36782"
    },
    {
      "name": "CVE-2021-47009",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-47009"
    },
    {
      "name": "CVE-2021-47185",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-47185"
    },
    {
      "name": "CVE-2023-52561",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52561"
    },
    {
      "name": "CVE-2021-46980",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-46980"
    }
  ],
  "initial_release_date": "2024-05-03T00:00:00",
  "last_revision_date": "2024-05-03T00:00:00",
  "links": [],
  "reference": "CERTFR-2024-AVI-0363",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2024-05-03T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
    },
    {
      "description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
    },
    {
      "description": "D\u00e9ni de service"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    },
    {
      "description": "\u00c9l\u00e9vation de privil\u00e8ges"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans \u003cspan\nclass=\"textit\"\u003ele noyau Linux de SUSE\u003c/span\u003e. Certaines d\u0027entre elles\npermettent \u00e0 un attaquant de provoquer une \u00e9l\u00e9vation de privil\u00e8ges, une\natteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es et une atteinte \u00e0 l\u0027int\u00e9grit\u00e9\ndes donn\u00e9es.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans le noyau Linux de SUSE",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2024:1465-1 du 29 avril 2024",
      "url": "https://www.suse.com/support/update/announcement/2024/suse-su-20241465-1"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2024:1490-1 du 03 mai 2024",
      "url": "https://www.suse.com/support/update/announcement/2024/suse-su-20241490-1"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2024:1489-1 du 03 mai 2024",
      "url": "https://www.suse.com/support/update/announcement/2024/suse-su-20241489-1"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2024:1454-1 du 26 avril 2024",
      "url": "https://www.suse.com/support/update/announcement/2024/suse-su-20241454-1"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2024:1466-1 du 29 avril 2024",
      "url": "https://www.suse.com/support/update/announcement/2024/suse-su-20241466-1"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2024:1480-1 du 30 avril 2024",
      "url": "https://www.suse.com/support/update/announcement/2024/suse-su-20241480-1"
    }
  ]
}

CERTFR-2024-AVI-0329

Vulnerability from certfr_avis - Published: 2024-04-19 - Updated: 2024-04-19

De multiples vulnérabilités ont été découvertes dans le noyau Linux de SUSE. Certaines d'entre elles permettent à un attaquant de provoquer un problème de sécurité non spécifié par l'éditeur, un déni de service à distance et un contournement de la politique de sécurité.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
SUSE	SUSE Linux Enterprise High Performance Computing	SUSE Linux Enterprise High Performance Computing 15 SP5
SUSE	openSUSE Leap	openSUSE Leap 15.5
SUSE	SUSE Linux Enterprise Live Patching	SUSE Linux Enterprise Live Patching 15-SP5
SUSE	openSUSE Leap	openSUSE Leap 15.3
SUSE	SUSE Linux Enterprise High Performance Computing	SUSE Linux Enterprise High Performance Computing 12 SP5
SUSE	SUSE Linux Enterprise High Performance Computing	SUSE Linux Enterprise High Performance Computing 15 SP4
SUSE	SUSE Linux Enterprise Server	SUSE Linux Enterprise Server for SAP Applications 15 SP2
SUSE	SUSE Linux Enterprise Live Patching	SUSE Linux Enterprise Live Patching 15-SP2
SUSE	SUSE Manager Retail Branch Server	SUSE Manager Retail Branch Server 4.3
SUSE	Public Cloud Module	Public Cloud Module 15-SP5
SUSE	SUSE Linux Enterprise Live Patching	SUSE Linux Enterprise Live Patching 12-SP5
SUSE	openSUSE Leap	openSUSE Leap 15.4
SUSE	N/A	SUSE Linux Enterprise High Availability Extension 15 SP4
SUSE	SUSE Linux Enterprise Server	SUSE Linux Enterprise Server for SAP Applications 12 SP5
SUSE	SUSE Linux Enterprise High Performance Computing	SUSE Linux Enterprise High Performance Computing LTSS 15 SP4
SUSE	SUSE Linux Enterprise Server	SUSE Linux Enterprise Server 12 SP5
SUSE	SUSE Linux Enterprise Micro	SUSE Linux Enterprise Micro 5.2
SUSE	SUSE Linux Enterprise Server	SUSE Linux Enterprise Server 15 SP5
SUSE	SUSE Linux Enterprise Server	SUSE Linux Enterprise Server for SAP Applications 15 SP3
SUSE	SUSE Linux Enterprise Micro	SUSE Linux Enterprise Micro 5.1
SUSE	SUSE Linux Enterprise Micro	SUSE Linux Enterprise Micro for Rancher 5.4
SUSE	SUSE Real Time Module	SUSE Real Time Module 15-SP5
SUSE	SUSE Linux Enterprise High Performance Computing	SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4
SUSE	SUSE Linux Enterprise Server	SUSE Linux Enterprise Server for SAP Applications 15 SP5
SUSE	SUSE Linux Enterprise Micro	SUSE Linux Enterprise Micro 5.3
SUSE	SUSE Linux Enterprise Real Time	SUSE Linux Enterprise Real Time 15 SP5
SUSE	openSUSE Leap	openSUSE Leap Micro 5.3
SUSE	SUSE Linux Enterprise Micro	SUSE Linux Enterprise Micro for Rancher 5.3
SUSE	SUSE Linux Enterprise Server	SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4
SUSE	SUSE Linux Enterprise Real Time	SUSE Linux Enterprise Real Time 15 SP4
SUSE	SUSE Manager Proxy	SUSE Manager Proxy 4.3
SUSE	SUSE Linux Enterprise Live Patching	SUSE Linux Enterprise Live Patching 15-SP3
SUSE	SUSE Linux Enterprise Server	SUSE Linux Enterprise Server for SAP Applications 15 SP4
SUSE	SUSE Linux Enterprise Desktop	SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4
SUSE	SUSE Linux Enterprise High Performance Computing	SUSE Linux Enterprise High Performance Computing 15 SP3
SUSE	SUSE Linux Enterprise Micro	SUSE Linux Enterprise Micro 5.5
SUSE	openSUSE Leap	openSUSE Leap Micro 5.4
SUSE	SUSE Linux Enterprise Server	SUSE Linux Enterprise Server 15 SP4
SUSE	SUSE Linux Enterprise Server	SUSE Linux Enterprise Server 15 SP2
SUSE	SUSE Manager Server	SUSE Manager Server 4.3
SUSE	SUSE Linux Enterprise Server	SUSE Linux Enterprise Server 15 SP3
SUSE	SUSE Linux Enterprise Micro	SUSE Linux Enterprise Micro 5.4
SUSE	SUSE Linux Enterprise Live Patching	SUSE Linux Enterprise Live Patching 15-SP4
SUSE	SUSE Linux Enterprise High Performance Computing	SUSE Linux Enterprise High Performance Computing 15 SP2

References

Title

Publication Time

Tags

Bulletin de sécurité SUSE suse-su-20241280-1 du 12 avril 2024	None	vendor-advisory
Bulletin de sécurité SUSE suse-su-20241257-1 du 12 avril 2024	None	vendor-advisory
Bulletin de sécurité SUSE suse-su-20241321-1 du 16 avril 2024	None	vendor-advisory
Bulletin de sécurité SUSE suse-su-20241299-1 du 15 avril 2024	None	vendor-advisory
Bulletin de sécurité SUSE suse-su-20241332-2 du 18 avril 2024	None	vendor-advisory
Bulletin de sécurité SUSE suse-su-20241278-1 du 12 avril 2024	None	vendor-advisory
Bulletin de sécurité SUSE suse-su-20241298-1 du 15 avril 2024	None	vendor-advisory
Bulletin de sécurité SUSE suse-su-20241274-1 du 12 avril 2024	None	vendor-advisory
Bulletin de sécurité SUSE suse-su-20241275-1 du 12 avril 2024	None	vendor-advisory
Bulletin de sécurité SUSE suse-su-20241322-2 du 18 avril 2024	None	vendor-advisory
Bulletin de sécurité SUSE suse-su-20241322-1 du 16 avril 2024	None	vendor-advisory
Bulletin de sécurité SUSE suse-su-20241320-1 du 16 avril 2024	None	vendor-advisory
Bulletin de sécurité SUSE suse-su-20241288-1 du 15 avril 2024	None	vendor-advisory
Bulletin de sécurité SUSE suse-su-20241276-1 du 12 avril 2024	None	vendor-advisory
Bulletin de sécurité SUSE suse-su-20241273-1 du 12 avril 2024	None	vendor-advisory
Bulletin de sécurité SUSE suse-su-20241292-1 du 15 avril 2024	None	vendor-advisory
Bulletin de sécurité SUSE suse-su-20241332-1 du 18 avril 2024	None	vendor-advisory
Bulletin de sécurité SUSE suse-su-20241312-1 du 16 avril 2024	None	vendor-advisory
Bulletin de sécurité SUSE suse-su-20241318-1 du 16 avril 2024	None	vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "SUSE Linux Enterprise High Performance Computing 15 SP5",
      "product": {
        "name": "SUSE Linux Enterprise High Performance Computing",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "openSUSE Leap 15.5",
      "product": {
        "name": "openSUSE Leap",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise Live Patching 15-SP5",
      "product": {
        "name": "SUSE Linux Enterprise Live Patching",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "openSUSE Leap 15.3",
      "product": {
        "name": "openSUSE Leap",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise High Performance Computing 12 SP5",
      "product": {
        "name": "SUSE Linux Enterprise High Performance Computing",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise High Performance Computing 15 SP4",
      "product": {
        "name": "SUSE Linux Enterprise High Performance Computing",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise Server for SAP Applications 15 SP2",
      "product": {
        "name": "SUSE Linux Enterprise Server",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise Live Patching 15-SP2",
      "product": {
        "name": "SUSE Linux Enterprise Live Patching",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Manager Retail Branch Server 4.3",
      "product": {
        "name": "SUSE Manager Retail Branch Server",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "Public Cloud Module 15-SP5",
      "product": {
        "name": "Public Cloud Module",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise Live Patching 12-SP5",
      "product": {
        "name": "SUSE Linux Enterprise Live Patching",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "openSUSE Leap 15.4",
      "product": {
        "name": "openSUSE Leap",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise High Availability Extension 15 SP4",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise Server for SAP Applications 12 SP5",
      "product": {
        "name": "SUSE Linux Enterprise Server",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise High Performance Computing LTSS 15 SP4",
      "product": {
        "name": "SUSE Linux Enterprise High Performance Computing",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise Server 12 SP5",
      "product": {
        "name": "SUSE Linux Enterprise Server",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise Micro 5.2",
      "product": {
        "name": "SUSE Linux Enterprise Micro",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise Server 15 SP5",
      "product": {
        "name": "SUSE Linux Enterprise Server",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise Server for SAP Applications 15 SP3",
      "product": {
        "name": "SUSE Linux Enterprise Server",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise Micro 5.1",
      "product": {
        "name": "SUSE Linux Enterprise Micro",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise Micro for Rancher 5.4",
      "product": {
        "name": "SUSE Linux Enterprise Micro",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Real Time Module 15-SP5",
      "product": {
        "name": "SUSE Real Time Module",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4",
      "product": {
        "name": "SUSE Linux Enterprise High Performance Computing",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise Server for SAP Applications 15 SP5",
      "product": {
        "name": "SUSE Linux Enterprise Server",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise Micro 5.3",
      "product": {
        "name": "SUSE Linux Enterprise Micro",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise Real Time 15 SP5",
      "product": {
        "name": "SUSE Linux Enterprise Real Time",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "openSUSE Leap Micro 5.3",
      "product": {
        "name": "openSUSE Leap",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise Micro for Rancher 5.3",
      "product": {
        "name": "SUSE Linux Enterprise Micro",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4",
      "product": {
        "name": "SUSE Linux Enterprise Server",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise Real Time 15 SP4",
      "product": {
        "name": "SUSE Linux Enterprise Real Time",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Manager Proxy 4.3",
      "product": {
        "name": "SUSE Manager Proxy",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise Live Patching 15-SP3",
      "product": {
        "name": "SUSE Linux Enterprise Live Patching",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise Server for SAP Applications 15 SP4",
      "product": {
        "name": "SUSE Linux Enterprise Server",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4",
      "product": {
        "name": "SUSE Linux Enterprise Desktop",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise High Performance Computing 15 SP3",
      "product": {
        "name": "SUSE Linux Enterprise High Performance Computing",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise Micro 5.5",
      "product": {
        "name": "SUSE Linux Enterprise Micro",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "openSUSE Leap Micro 5.4",
      "product": {
        "name": "openSUSE Leap",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise Server 15 SP4",
      "product": {
        "name": "SUSE Linux Enterprise Server",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise Server 15 SP2",
      "product": {
        "name": "SUSE Linux Enterprise Server",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Manager Server 4.3",
      "product": {
        "name": "SUSE Manager Server",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise Server 15 SP3",
      "product": {
        "name": "SUSE Linux Enterprise Server",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise Micro 5.4",
      "product": {
        "name": "SUSE Linux Enterprise Micro",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise Live Patching 15-SP4",
      "product": {
        "name": "SUSE Linux Enterprise Live Patching",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise High Performance Computing 15 SP2",
      "product": {
        "name": "SUSE Linux Enterprise High Performance Computing",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2023-35827",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-35827"
    },
    {
      "name": "CVE-2023-52567",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52567"
    },
    {
      "name": "CVE-2024-1085",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-1085"
    },
    {
      "name": "CVE-2023-52477",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52477"
    },
    {
      "name": "CVE-2021-47102",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-47102"
    },
    {
      "name": "CVE-2024-26654",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26654"
    },
    {
      "name": "CVE-2024-26614",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26614"
    },
    {
      "name": "CVE-2022-48626",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-48626"
    },
    {
      "name": "CVE-2023-52532",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52532"
    },
    {
      "name": "CVE-2023-52621",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52621"
    },
    {
      "name": "CVE-2024-26629",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26629"
    },
    {
      "name": "CVE-2024-25739",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-25739"
    },
    {
      "name": "CVE-2021-47100",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-47100"
    },
    {
      "name": "CVE-2023-52637",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52637"
    },
    {
      "name": "CVE-2023-52508",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52508"
    },
    {
      "name": "CVE-2023-52559",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52559"
    },
    {
      "name": "CVE-2023-6536",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-6536"
    },
    {
      "name": "CVE-2023-6531",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-6531"
    },
    {
      "name": "CVE-2023-52453",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52453"
    },
    {
      "name": "CVE-2024-26600",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26600"
    },
    {
      "name": "CVE-2023-28746",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-28746"
    },
    {
      "name": "CVE-2023-52563",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52563"
    },
    {
      "name": "CVE-2023-52492",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52492"
    },
    {
      "name": "CVE-2023-52515",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52515"
    },
    {
      "name": "CVE-2021-46926",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-46926"
    },
    {
      "name": "CVE-2023-52454",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52454"
    },
    {
      "name": "CVE-2024-26627",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26627"
    },
    {
      "name": "CVE-2021-47094",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-47094"
    },
    {
      "name": "CVE-2021-46929",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-46929"
    },
    {
      "name": "CVE-2023-52632",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52632"
    },
    {
      "name": "CVE-2023-52600",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52600"
    },
    {
      "name": "CVE-2023-52507",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52507"
    },
    {
      "name": "CVE-2023-52587",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52587"
    },
    {
      "name": "CVE-2024-26645",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26645"
    },
    {
      "name": "CVE-2023-52582",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52582"
    },
    {
      "name": "CVE-2023-7042",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-7042"
    },
    {
      "name": "CVE-2023-52340",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52340"
    },
    {
      "name": "CVE-2023-52605",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52605"
    },
    {
      "name": "CVE-2023-52604",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52604"
    },
    {
      "name": "CVE-2023-52518",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52518"
    },
    {
      "name": "CVE-2023-52601",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52601"
    },
    {
      "name": "CVE-2023-42753",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-42753"
    },
    {
      "name": "CVE-2024-23307",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-23307"
    },
    {
      "name": "CVE-2021-47099",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-47099"
    },
    {
      "name": "CVE-2021-47104",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-47104"
    },
    {
      "name": "CVE-2021-46933",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-46933"
    },
    {
      "name": "CVE-2023-52603",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52603"
    },
    {
      "name": "CVE-2023-52528",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52528"
    },
    {
      "name": "CVE-2024-26695",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26695"
    },
    {
      "name": "CVE-2023-52482",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52482"
    },
    {
      "name": "CVE-2022-20154",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-20154"
    },
    {
      "name": "CVE-2023-52486",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52486"
    },
    {
      "name": "CVE-2021-46931",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-46931"
    },
    {
      "name": "CVE-2024-26670",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26670"
    },
    {
      "name": "CVE-2023-52619",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52619"
    },
    {
      "name": "CVE-2023-52617",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52617"
    },
    {
      "name": "CVE-2021-47096",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-47096"
    },
    {
      "name": "CVE-2023-6270",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-6270"
    },
    {
      "name": "CVE-2022-48627",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-48627"
    },
    {
      "name": "CVE-2023-52462",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52462"
    },
    {
      "name": "CVE-2023-52524",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52524"
    },
    {
      "name": "CVE-2023-6356",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-6356"
    },
    {
      "name": "CVE-2023-52469",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52469"
    },
    {
      "name": "CVE-2023-52493",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52493"
    },
    {
      "name": "CVE-2021-47108",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-47108"
    },
    {
      "name": "CVE-2023-52484",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52484"
    },
    {
      "name": "CVE-2023-52569",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52569"
    },
    {
      "name": "CVE-2023-52481",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52481"
    },
    {
      "name": "CVE-2023-0160",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-0160"
    },
    {
      "name": "CVE-2024-26599",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26599"
    },
    {
      "name": "CVE-2023-52608",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52608"
    },
    {
      "name": "CVE-2021-47082",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-47082"
    },
    {
      "name": "CVE-2024-26642",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26642"
    },
    {
      "name": "CVE-2022-4744",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-4744"
    },
    {
      "name": "CVE-2023-52639",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52639"
    },
    {
      "name": "CVE-2021-47091",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-47091"
    },
    {
      "name": "CVE-2021-47095",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-47095"
    },
    {
      "name": "CVE-2023-52599",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52599"
    },
    {
      "name": "CVE-2024-26607",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26607"
    },
    {
      "name": "CVE-2023-52574",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52574"
    },
    {
      "name": "CVE-2023-52509",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52509"
    },
    {
      "name": "CVE-2023-52470",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52470"
    },
    {
      "name": "CVE-2023-52583",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52583"
    },
    {
      "name": "CVE-2023-52602",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52602"
    },
    {
      "name": "CVE-2023-52519",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52519"
    },
    {
      "name": "CVE-2023-6535",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-6535"
    },
    {
      "name": "CVE-2024-0841",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-0841"
    },
    {
      "name": "CVE-2021-47098",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-47098"
    },
    {
      "name": "CVE-2024-26651",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26651"
    },
    {
      "name": "CVE-2021-47083",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-47083"
    },
    {
      "name": "CVE-2022-48630",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-48630"
    },
    {
      "name": "CVE-2023-52510",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52510"
    },
    {
      "name": "CVE-2023-52497",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52497"
    },
    {
      "name": "CVE-2024-26646",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26646"
    },
    {
      "name": "CVE-2023-52612",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52612"
    },
    {
      "name": "CVE-2023-52500",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52500"
    },
    {
      "name": "CVE-2024-25742",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-25742"
    },
    {
      "name": "CVE-2024-26602",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26602"
    },
    {
      "name": "CVE-2021-47093",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-47093"
    },
    {
      "name": "CVE-2024-22099",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-22099"
    },
    {
      "name": "CVE-2023-1829",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-1829"
    },
    {
      "name": "CVE-2021-47097",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-47097"
    },
    {
      "name": "CVE-2023-52575",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52575"
    },
    {
      "name": "CVE-2021-46934",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-46934"
    },
    {
      "name": "CVE-2023-52517",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52517"
    },
    {
      "name": "CVE-2023-52598",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52598"
    },
    {
      "name": "CVE-2023-52525",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52525"
    },
    {
      "name": "CVE-2021-46927",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-46927"
    },
    {
      "name": "CVE-2024-26659",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26659"
    },
    {
      "name": "CVE-2023-52450",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52450"
    },
    {
      "name": "CVE-2022-48629",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-48629"
    },
    {
      "name": "CVE-2023-52594",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52594"
    },
    {
      "name": "CVE-2021-47087",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-47087"
    },
    {
      "name": "CVE-2023-52595",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52595"
    },
    {
      "name": "CVE-2024-26620",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26620"
    },
    {
      "name": "CVE-2021-46925",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-46925"
    },
    {
      "name": "CVE-2021-46936",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-46936"
    },
    {
      "name": "CVE-2023-52623",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52623"
    },
    {
      "name": "CVE-2023-52501",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52501"
    },
    {
      "name": "CVE-2023-52447",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52447"
    },
    {
      "name": "CVE-2023-52504",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52504"
    },
    {
      "name": "CVE-2023-52513",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52513"
    },
    {
      "name": "CVE-2023-52615",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52615"
    },
    {
      "name": "CVE-2021-47105",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-47105"
    },
    {
      "name": "CVE-2023-52511",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52511"
    },
    {
      "name": "CVE-2023-4881",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-4881"
    },
    {
      "name": "CVE-2023-52606",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52606"
    },
    {
      "name": "CVE-2023-52502",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52502"
    },
    {
      "name": "CVE-2024-26667",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26667"
    },
    {
      "name": "CVE-2023-7192",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-7192"
    },
    {
      "name": "CVE-2023-52597",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52597"
    },
    {
      "name": "CVE-2023-52531",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52531"
    },
    {
      "name": "CVE-2024-26717",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26717"
    },
    {
      "name": "CVE-2023-52566",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52566"
    },
    {
      "name": "CVE-2024-0565",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-0565"
    },
    {
      "name": "CVE-2024-2201",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-2201"
    },
    {
      "name": "CVE-2021-47101",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-47101"
    },
    {
      "name": "CVE-2023-52476",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52476"
    },
    {
      "name": "CVE-2023-52463",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52463"
    },
    {
      "name": "CVE-2023-52467",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52467"
    },
    {
      "name": "CVE-2023-52628",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52628"
    },
    {
      "name": "CVE-2023-52529",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52529"
    },
    {
      "name": "CVE-2023-52591",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52591"
    },
    {
      "name": "CVE-2023-52530",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52530"
    },
    {
      "name": "CVE-2023-52520",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52520"
    },
    {
      "name": "CVE-2021-47107",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-47107"
    },
    {
      "name": "CVE-2023-52523",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52523"
    },
    {
      "name": "CVE-2024-26664",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26664"
    },
    {
      "name": "CVE-2023-52494",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52494"
    },
    {
      "name": "CVE-2023-52576",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52576"
    },
    {
      "name": "CVE-2024-26612",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26612"
    },
    {
      "name": "CVE-2023-52474",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52474"
    },
    {
      "name": "CVE-2021-46930",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-46930"
    },
    {
      "name": "CVE-2023-52607",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52607"
    },
    {
      "name": "CVE-2022-48628",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-48628"
    },
    {
      "name": "CVE-2023-52564",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52564"
    }
  ],
  "initial_release_date": "2024-04-19T00:00:00",
  "last_revision_date": "2024-04-19T00:00:00",
  "links": [],
  "reference": "CERTFR-2024-AVI-0329",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2024-04-19T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
    },
    {
      "description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
    },
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    },
    {
      "description": "\u00c9l\u00e9vation de privil\u00e8ges"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans \u003cspan\nclass=\"textit\"\u003ele noyau Linux de SUSE\u003c/span\u003e. Certaines d\u0027entre elles\npermettent \u00e0 un attaquant de provoquer un probl\u00e8me de s\u00e9curit\u00e9 non\nsp\u00e9cifi\u00e9 par l\u0027\u00e9diteur, un d\u00e9ni de service \u00e0 distance et un\ncontournement de la politique de s\u00e9curit\u00e9.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans le noyau Linux de SUSE",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 SUSE suse-su-20241280-1 du 12 avril 2024",
      "url": "https://www.suse.com/support/update/announcement/2024/suse-su-20241280-1"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 SUSE suse-su-20241257-1 du 12 avril 2024",
      "url": "https://www.suse.com/support/update/announcement/2024/suse-su-20241257-1"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 SUSE suse-su-20241321-1 du 16 avril 2024",
      "url": "https://www.suse.com/support/update/announcement/2024/suse-su-20241321-1"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 SUSE suse-su-20241299-1 du 15 avril 2024",
      "url": "https://www.suse.com/support/update/announcement/2024/suse-su-20241299-1"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 SUSE suse-su-20241332-2 du 18 avril 2024",
      "url": "https://www.suse.com/support/update/announcement/2024/suse-su-20241332-2"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 SUSE suse-su-20241278-1 du 12 avril 2024",
      "url": "https://www.suse.com/support/update/announcement/2024/suse-su-20241278-1"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 SUSE suse-su-20241298-1 du 15 avril 2024",
      "url": "https://www.suse.com/support/update/announcement/2024/suse-su-20241298-1"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 SUSE suse-su-20241274-1 du 12 avril 2024",
      "url": "https://www.suse.com/support/update/announcement/2024/suse-su-20241274-1"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 SUSE suse-su-20241275-1 du 12 avril 2024",
      "url": "https://www.suse.com/support/update/announcement/2024/suse-su-20241275-1"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 SUSE suse-su-20241322-2 du 18 avril 2024",
      "url": "https://www.suse.com/support/update/announcement/2024/suse-su-20241322-2"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 SUSE suse-su-20241322-1 du 16 avril 2024",
      "url": "https://www.suse.com/support/update/announcement/2024/suse-su-20241322-1"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 SUSE suse-su-20241320-1 du 16 avril 2024",
      "url": "https://www.suse.com/support/update/announcement/2024/suse-su-20241320-1"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 SUSE suse-su-20241288-1 du 15 avril 2024",
      "url": "https://www.suse.com/support/update/announcement/2024/suse-su-20241288-1"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 SUSE suse-su-20241276-1 du 12 avril 2024",
      "url": "https://www.suse.com/support/update/announcement/2024/suse-su-20241276-1"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 SUSE suse-su-20241273-1 du 12 avril 2024",
      "url": "https://www.suse.com/support/update/announcement/2024/suse-su-20241273-1"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 SUSE suse-su-20241292-1 du 15 avril 2024",
      "url": "https://www.suse.com/support/update/announcement/2024/suse-su-20241292-1"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 SUSE suse-su-20241332-1 du 18 avril 2024",
      "url": "https://www.suse.com/support/update/announcement/2024/suse-su-20241332-1"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 SUSE suse-su-20241312-1 du 16 avril 2024",
      "url": "https://www.suse.com/support/update/announcement/2024/suse-su-20241312-1"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 SUSE suse-su-20241318-1 du 16 avril 2024",
      "url": "https://www.suse.com/support/update/announcement/2024/suse-su-20241318-1"
    }
  ]
}

GSD-2023-52566

Vulnerability from gsd - Updated: 2024-03-03 06:01

Details

Aliases

CVE-2023-52566

JSON

To clipboard

{
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2023-52566"
      ],
      "details": "In the Linux kernel, the following vulnerability has been resolved:\n\nnilfs2: fix potential use after free in nilfs_gccache_submit_read_data()\n\nIn nilfs_gccache_submit_read_data(), brelse(bh) is called to drop the\nreference count of bh when the call to nilfs_dat_translate() fails.  If\nthe reference count hits 0 and its owner page gets unlocked, bh may be\nfreed.  However, bh-\u003eb_page is dereferenced to put the page after that,\nwhich may result in a use-after-free bug.  This patch moves the release\noperation after unlocking and putting the page.\n\nNOTE: The function in question is only called in GC, and in combination\nwith current userland tools, address translation using DAT does not occur\nin that function, so the code path that causes this issue will not be\nexecuted.  However, it is possible to run that code path by intentionally\nmodifying the userland GC library or by calling the GC ioctl directly.\n\n[konishi.ryusuke@gmail.com: NOTE added to the commit log]",
      "id": "GSD-2023-52566",
      "modified": "2024-03-03T06:01:51.522870Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "cve@kernel.org",
        "ID": "CVE-2023-52566",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "Linux",
                    "version": {
                      "version_data": [
                        {
                          "version_affected": "\u003c",
                          "version_name": "a3d93f709e89",
                          "version_value": "fb1084e63ee5"
                        },
                        {
                          "version_value": "not down converted",
                          "x_cve_json_5_version_data": {
                            "defaultStatus": "affected",
                            "versions": [
                              {
                                "status": "affected",
                                "version": "2.6.30"
                              },
                              {
                                "lessThan": "2.6.30",
                                "status": "unaffected",
                                "version": "0",
                                "versionType": "custom"
                              },
                              {
                                "lessThanOrEqual": "4.14.*",
                                "status": "unaffected",
                                "version": "4.14.327",
                                "versionType": "custom"
                              },
                              {
                                "lessThanOrEqual": "4.19.*",
                                "status": "unaffected",
                                "version": "4.19.296",
                                "versionType": "custom"
                              },
                              {
                                "lessThanOrEqual": "5.4.*",
                                "status": "unaffected",
                                "version": "5.4.258",
                                "versionType": "custom"
                              },
                              {
                                "lessThanOrEqual": "5.10.*",
                                "status": "unaffected",
                                "version": "5.10.198",
                                "versionType": "custom"
                              },
                              {
                                "lessThanOrEqual": "5.15.*",
                                "status": "unaffected",
                                "version": "5.15.134",
                                "versionType": "custom"
                              },
                              {
                                "lessThanOrEqual": "6.1.*",
                                "status": "unaffected",
                                "version": "6.1.56",
                                "versionType": "custom"
                              },
                              {
                                "lessThanOrEqual": "6.5.*",
                                "status": "unaffected",
                                "version": "6.5.6",
                                "versionType": "custom"
                              },
                              {
                                "lessThanOrEqual": "*",
                                "status": "unaffected",
                                "version": "6.6",
                                "versionType": "original_commit_for_fix"
                              }
                            ]
                          }
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "Linux"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnilfs2: fix potential use after free in nilfs_gccache_submit_read_data()\n\nIn nilfs_gccache_submit_read_data(), brelse(bh) is called to drop the\nreference count of bh when the call to nilfs_dat_translate() fails.  If\nthe reference count hits 0 and its owner page gets unlocked, bh may be\nfreed.  However, bh-\u003eb_page is dereferenced to put the page after that,\nwhich may result in a use-after-free bug.  This patch moves the release\noperation after unlocking and putting the page.\n\nNOTE: The function in question is only called in GC, and in combination\nwith current userland tools, address translation using DAT does not occur\nin that function, so the code path that causes this issue will not be\nexecuted.  However, it is possible to run that code path by intentionally\nmodifying the userland GC library or by calling the GC ioctl directly.\n\n[konishi.ryusuke@gmail.com: NOTE added to the commit log]"
          }
        ]
      },
      "generator": {
        "engine": "bippy-4986f5686161"
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "https://git.kernel.org/stable/c/fb1084e63ee56958b0a56e17a50a4fd86445b9c1",
            "refsource": "MISC",
            "url": "https://git.kernel.org/stable/c/fb1084e63ee56958b0a56e17a50a4fd86445b9c1"
          },
          {
            "name": "https://git.kernel.org/stable/c/bb61224f6abc8e71bfdf06d7c984e23460875f5b",
            "refsource": "MISC",
            "url": "https://git.kernel.org/stable/c/bb61224f6abc8e71bfdf06d7c984e23460875f5b"
          },
          {
            "name": "https://git.kernel.org/stable/c/193b5a1c6c67c36b430989dc063fe7ea4e200a33",
            "refsource": "MISC",
            "url": "https://git.kernel.org/stable/c/193b5a1c6c67c36b430989dc063fe7ea4e200a33"
          },
          {
            "name": "https://git.kernel.org/stable/c/7130a87ca32396eb9bf48b71a2d42259ae44c6c7",
            "refsource": "MISC",
            "url": "https://git.kernel.org/stable/c/7130a87ca32396eb9bf48b71a2d42259ae44c6c7"
          },
          {
            "name": "https://git.kernel.org/stable/c/3936e8714907cd55e37c7cc50e50229e4a9042e8",
            "refsource": "MISC",
            "url": "https://git.kernel.org/stable/c/3936e8714907cd55e37c7cc50e50229e4a9042e8"
          },
          {
            "name": "https://git.kernel.org/stable/c/980663f1d189eedafd18d80053d9cf3e2ceb5c8c",
            "refsource": "MISC",
            "url": "https://git.kernel.org/stable/c/980663f1d189eedafd18d80053d9cf3e2ceb5c8c"
          },
          {
            "name": "https://git.kernel.org/stable/c/28df4646ad8b433340772edc90ca709cdefc53e2",
            "refsource": "MISC",
            "url": "https://git.kernel.org/stable/c/28df4646ad8b433340772edc90ca709cdefc53e2"
          },
          {
            "name": "https://git.kernel.org/stable/c/7ee29facd8a9c5a26079148e36bcf07141b3a6bc",
            "refsource": "MISC",
            "url": "https://git.kernel.org/stable/c/7ee29facd8a9c5a26079148e36bcf07141b3a6bc"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "cve": {
        "descriptions": [
          {
            "lang": "en",
            "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnilfs2: fix potential use after free in nilfs_gccache_submit_read_data()\n\nIn nilfs_gccache_submit_read_data(), brelse(bh) is called to drop the\nreference count of bh when the call to nilfs_dat_translate() fails.  If\nthe reference count hits 0 and its owner page gets unlocked, bh may be\nfreed.  However, bh-\u003eb_page is dereferenced to put the page after that,\nwhich may result in a use-after-free bug.  This patch moves the release\noperation after unlocking and putting the page.\n\nNOTE: The function in question is only called in GC, and in combination\nwith current userland tools, address translation using DAT does not occur\nin that function, so the code path that causes this issue will not be\nexecuted.  However, it is possible to run that code path by intentionally\nmodifying the userland GC library or by calling the GC ioctl directly.\n\n[konishi.ryusuke@gmail.com: NOTE added to the commit log]"
          }
        ],
        "id": "CVE-2023-52566",
        "lastModified": "2024-03-04T13:58:23.447",
        "metrics": {},
        "published": "2024-03-02T22:15:49.023",
        "references": [
          {
            "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
            "url": "https://git.kernel.org/stable/c/193b5a1c6c67c36b430989dc063fe7ea4e200a33"
          },
          {
            "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
            "url": "https://git.kernel.org/stable/c/28df4646ad8b433340772edc90ca709cdefc53e2"
          },
          {
            "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
            "url": "https://git.kernel.org/stable/c/3936e8714907cd55e37c7cc50e50229e4a9042e8"
          },
          {
            "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
            "url": "https://git.kernel.org/stable/c/7130a87ca32396eb9bf48b71a2d42259ae44c6c7"
          },
          {
            "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
            "url": "https://git.kernel.org/stable/c/7ee29facd8a9c5a26079148e36bcf07141b3a6bc"
          },
          {
            "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
            "url": "https://git.kernel.org/stable/c/980663f1d189eedafd18d80053d9cf3e2ceb5c8c"
          },
          {
            "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
            "url": "https://git.kernel.org/stable/c/bb61224f6abc8e71bfdf06d7c984e23460875f5b"
          },
          {
            "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
            "url": "https://git.kernel.org/stable/c/fb1084e63ee56958b0a56e17a50a4fd86445b9c1"
          }
        ],
        "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "vulnStatus": "Awaiting Analysis"
      }
    }
  }
}

CVE-2023-52566

Vulnerability from fstec - Published: 29.09.2023

Title

Уязвимость функции nilfs_gccache_submit_read_data компонента nilfs2 ядра операционной системы Linux, позволяющая нарушителю вызвать отказ в обслуживании

Description

Уязвимость функции nilfs_gccache_submit_read_data компонента nilfs2 ядра операционной системы Linux связана с использованием памяти после её освобождения. Эксплуатация уязвимости может позволить нарушителю вызвать отказ в обслуживании

Severity ?


                    
                      AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Vendor

ООО «РусБИТех-Астра», ООО «Ред Софт», Сообщество свободного программного обеспечения

Software Name

Astra Linux Special Edition (запись в едином реестре российских программ №369), РЕД ОС (запись в едином реестре российских программ №3751), Linux

Software Version

1.6 «Смоленск» (Astra Linux Special Edition), 7.3 (РЕД ОС), 1.7 (Astra Linux Special Edition), 4.7 (Astra Linux Special Edition), от 6.2 до 6.5.5 включительно (Linux), от 5.11 до 5.15.133 включительно (Linux), от 5.16 до 6.1.55 включительно (Linux), от 5.5 до 5.10.197 включительно (Linux), от 4.15 до 4.19.295 включительно (Linux), от 4.20 до 5.4.257 включительно (Linux), от 2.6.30 до 4.14.326 включительно (Linux)

Possible Mitigations

В условиях отсутствия обновлений безопасности от производителя рекомендуется придерживаться "Рекомендаций по безопасной настройке операционных систем LINUX", изложенных в методическом документе ФСТЭК России, утверждённом 25 декабря 2022 года. Использование рекомендаций: Для Linux: https://kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.327 https://kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.296 https://kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.4.258 https://kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.198 https://kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.15.134 https://kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.1.56 https://kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.5.6 Для РедОС: http://repo.red-soft.ru/redos/7.3c/x86_64/updates/ Для ОС Astra Linux: - обновить пакет linux до 5.4.0-186.astra2+ci2 или более высокой версии, используя рекомендации производителя: https://wiki.astralinux.ru/astra-linux-se17-bulletin-2024-0830SE17 - обновить пакет linux-5.15 до 5.15.0-111.astra2+ci1 или более высокой версии, используя рекомендации производителя: https://wiki.astralinux.ru/astra-linux-se17-bulletin-2024-0830SE17 - обновить пакет linux-6.1 до 6.1.90-1.astra3+ci20 или более высокой версии, используя рекомендации производителя: https://wiki.astralinux.ru/astra-linux-se17-bulletin-2024-0830SE17 Для Astra Linux Special Edition 1.6 «Смоленск»:: - обновить пакет linux до 5.4.0-186.astra2+ci3 или более высокой версии, используя рекомендации производителя: https://wiki.astralinux.ru/astra-linux-se16-bulletin-20241017SE16 - обновить пакет linux-5.10 до 5.10.216-1.astra2+ci3 или более высокой версии, используя рекомендации производителя: https://wiki.astralinux.ru/astra-linux-se16-bulletin-20241017SE16 - обновить пакет linux-5.15 до 5.15.0-111.astra2+ci2 или более высокой версии, используя рекомендации производителя: https://wiki.astralinux.ru/astra-linux-se16-bulletin-20241017SE16 Для Astra Linux Special Edition 4.7 для архитектуры ARM: - обновить пакет linux до 5.4.0-186.astra2 или более высокой версии, используя рекомендации производителя: https://wiki.astralinux.ru/astra-linux-se47-bulletin-2024-1031SE47 - обновить пакет linux-5.10 до 5.10.216-1.astra2 или более высокой версии, используя рекомендации производителя: https://wiki.astralinux.ru/astra-linux-se47-bulletin-2024-1031SE47 - обновить пакет linux-5.15 до 5.15.0-111.astra2 или более высокой версии, используя рекомендации производителя: https://wiki.astralinux.ru/astra-linux-se47-bulletin-2024-1031SE47 - обновить пакет linux-6.1 до 6.1.90-1.astra3+ci156 или более высокой версии, используя рекомендации производителя: https://wiki.astralinux.ru/astra-linux-se47-bulletin-2024-1031SE47

Reference

http://repo.red-soft.ru/redos/7.3c/x86_64/updates/ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-52566 https://git.kernel.org/linus/7ee29facd8a9c5a26079148e36bcf07141b3a6bc https://git.kernel.org/stable/c/193b5a1c6c67c36b430989dc063fe7ea4e200a33 https://git.kernel.org/stable/c/28df4646ad8b433340772edc90ca709cdefc53e2 https://git.kernel.org/stable/c/3936e8714907cd55e37c7cc50e50229e4a9042e8 https://git.kernel.org/stable/c/7130a87ca32396eb9bf48b71a2d42259ae44c6c7 https://git.kernel.org/stable/c/7ee29facd8a9c5a26079148e36bcf07141b3a6bc https://git.kernel.org/stable/c/980663f1d189eedafd18d80053d9cf3e2ceb5c8c https://git.kernel.org/stable/c/bb61224f6abc8e71bfdf06d7c984e23460875f5b https://git.kernel.org/stable/c/fb1084e63ee56958b0a56e17a50a4fd86445b9c1 https://kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.327 https://kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.296 https://kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.198 https://kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.15.134 https://kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.4.258 https://kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.1.56 https://kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.5.6 https://lore.kernel.org/linux-cve-announce/2024030254-CVE-2023-52566-69f0@gregkh/ https://lore.kernel.org/linux-cve-announce/2024030254-CVE-2023-52566-69f0@gregkh/T/#u https://security-tracker.debian.org/tracker/CVE-2023-52566 https://ubuntu.com/security/notices/USN-6777-1 https://ubuntu.com/security/notices/USN-6777-2 https://ubuntu.com/security/notices/USN-6777-3 https://ubuntu.com/security/notices/USN-6777-4 https://ubuntu.com/security/notices/USN-6778-1 https://vuldb.com/ru/?id.255505 https://wiki.astralinux.ru/astra-linux-se16-bulletin-20241017SE16 https://wiki.astralinux.ru/astra-linux-se17-bulletin-2024-0830SE17 https://wiki.astralinux.ru/astra-linux-se47-bulletin-2024-1031SE47 https://www.cve.org/CVERecord?id=CVE-2023-52566

CWE

CWE-119, CWE-416

JSON

To clipboard

{
  "CVSS 2.0": "AV:L/AC:L/Au:S/C:N/I:N/A:C",
  "CVSS 3.0": "AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
  "CVSS 4.0": null,
  "remediation_\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": null,
  "remediation_\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435": null,
  "\u0412\u0435\u043d\u0434\u043e\u0440 \u041f\u041e": "\u041e\u041e\u041e \u00ab\u0420\u0443\u0441\u0411\u0418\u0422\u0435\u0445-\u0410\u0441\u0442\u0440\u0430\u00bb, \u041e\u041e\u041e \u00ab\u0420\u0435\u0434 \u0421\u043e\u0444\u0442\u00bb, \u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f",
  "\u0412\u0435\u0440\u0441\u0438\u044f \u041f\u041e": "1.6 \u00ab\u0421\u043c\u043e\u043b\u0435\u043d\u0441\u043a\u00bb (Astra Linux Special Edition), 7.3 (\u0420\u0415\u0414 \u041e\u0421), 1.7 (Astra Linux Special Edition), 4.7 (Astra Linux Special Edition), \u043e\u0442 6.2 \u0434\u043e 6.5.5 \u0432\u043a\u043b\u044e\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u043e (Linux), \u043e\u0442 5.11 \u0434\u043e 5.15.133 \u0432\u043a\u043b\u044e\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u043e (Linux), \u043e\u0442 5.16 \u0434\u043e 6.1.55 \u0432\u043a\u043b\u044e\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u043e (Linux), \u043e\u0442 5.5 \u0434\u043e 5.10.197 \u0432\u043a\u043b\u044e\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u043e (Linux), \u043e\u0442 4.15 \u0434\u043e 4.19.295 \u0432\u043a\u043b\u044e\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u043e (Linux), \u043e\u0442 4.20 \u0434\u043e 5.4.257 \u0432\u043a\u043b\u044e\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u043e (Linux), \u043e\u0442 2.6.30 \u0434\u043e 4.14.326 \u0432\u043a\u043b\u044e\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u043e (Linux)",
  "\u0412\u043e\u0437\u043c\u043e\u0436\u043d\u044b\u0435 \u043c\u0435\u0440\u044b \u043f\u043e \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044e": "\u0412 \u0443\u0441\u043b\u043e\u0432\u0438\u044f\u0445 \u043e\u0442\u0441\u0443\u0442\u0441\u0442\u0432\u0438\u044f \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0439 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u043e\u0442 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u044f \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u0442\u0441\u044f \u043f\u0440\u0438\u0434\u0435\u0440\u0436\u0438\u0432\u0430\u0442\u044c\u0441\u044f \"\u0420\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0439 \u043f\u043e \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0439 \u043d\u0430\u0441\u0442\u0440\u043e\u0439\u043a\u0435 \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u044b\u0445 \u0441\u0438\u0441\u0442\u0435\u043c LINUX\", \u0438\u0437\u043b\u043e\u0436\u0435\u043d\u043d\u044b\u0445 \u0432 \u043c\u0435\u0442\u043e\u0434\u0438\u0447\u0435\u0441\u043a\u043e\u043c \u0434\u043e\u043a\u0443\u043c\u0435\u043d\u0442\u0435 \u0424\u0421\u0422\u042d\u041a \u0420\u043e\u0441\u0441\u0438\u0438, \u0443\u0442\u0432\u0435\u0440\u0436\u0434\u0451\u043d\u043d\u043e\u043c 25 \u0434\u0435\u043a\u0430\u0431\u0440\u044f 2022 \u0433\u043e\u0434\u0430.\n\n\u0418\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0439:\n\u0414\u043b\u044f Linux:\nhttps://kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.327\nhttps://kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.296\nhttps://kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.4.258\nhttps://kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.198\nhttps://kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.15.134\nhttps://kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.1.56\nhttps://kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.5.6\n\n\u0414\u043b\u044f \u0420\u0435\u0434\u041e\u0421: http://repo.red-soft.ru/redos/7.3c/x86_64/updates/\n\n\u0414\u043b\u044f \u041e\u0421 Astra Linux:\n- \u043e\u0431\u043d\u043e\u0432\u0438\u0442\u044c \u043f\u0430\u043a\u0435\u0442 linux \u0434\u043e 5.4.0-186.astra2+ci2 \u0438\u043b\u0438 \u0431\u043e\u043b\u0435\u0435 \u0432\u044b\u0441\u043e\u043a\u043e\u0439 \u0432\u0435\u0440\u0441\u0438\u0438, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044f \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0438 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u044f: https://wiki.astralinux.ru/astra-linux-se17-bulletin-2024-0830SE17\n- \u043e\u0431\u043d\u043e\u0432\u0438\u0442\u044c \u043f\u0430\u043a\u0435\u0442 linux-5.15 \u0434\u043e 5.15.0-111.astra2+ci1 \u0438\u043b\u0438 \u0431\u043e\u043b\u0435\u0435 \u0432\u044b\u0441\u043e\u043a\u043e\u0439 \u0432\u0435\u0440\u0441\u0438\u0438, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044f \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0438 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u044f: https://wiki.astralinux.ru/astra-linux-se17-bulletin-2024-0830SE17\n- \u043e\u0431\u043d\u043e\u0432\u0438\u0442\u044c \u043f\u0430\u043a\u0435\u0442 linux-6.1 \u0434\u043e 6.1.90-1.astra3+ci20 \u0438\u043b\u0438 \u0431\u043e\u043b\u0435\u0435 \u0432\u044b\u0441\u043e\u043a\u043e\u0439 \u0432\u0435\u0440\u0441\u0438\u0438, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044f \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0438 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u044f: https://wiki.astralinux.ru/astra-linux-se17-bulletin-2024-0830SE17\n\n\u0414\u043b\u044f Astra Linux Special Edition 1.6 \u00ab\u0421\u043c\u043e\u043b\u0435\u043d\u0441\u043a\u00bb::\n- \u043e\u0431\u043d\u043e\u0432\u0438\u0442\u044c \u043f\u0430\u043a\u0435\u0442 linux \u0434\u043e 5.4.0-186.astra2+ci3 \u0438\u043b\u0438 \u0431\u043e\u043b\u0435\u0435 \u0432\u044b\u0441\u043e\u043a\u043e\u0439 \u0432\u0435\u0440\u0441\u0438\u0438, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044f \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0438 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u044f: https://wiki.astralinux.ru/astra-linux-se16-bulletin-20241017SE16\n- \u043e\u0431\u043d\u043e\u0432\u0438\u0442\u044c \u043f\u0430\u043a\u0435\u0442 linux-5.10 \u0434\u043e 5.10.216-1.astra2+ci3 \u0438\u043b\u0438 \u0431\u043e\u043b\u0435\u0435 \u0432\u044b\u0441\u043e\u043a\u043e\u0439 \u0432\u0435\u0440\u0441\u0438\u0438, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044f \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0438 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u044f: https://wiki.astralinux.ru/astra-linux-se16-bulletin-20241017SE16\n- \u043e\u0431\u043d\u043e\u0432\u0438\u0442\u044c \u043f\u0430\u043a\u0435\u0442 linux-5.15 \u0434\u043e 5.15.0-111.astra2+ci2 \u0438\u043b\u0438 \u0431\u043e\u043b\u0435\u0435 \u0432\u044b\u0441\u043e\u043a\u043e\u0439 \u0432\u0435\u0440\u0441\u0438\u0438, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044f \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0438 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u044f: https://wiki.astralinux.ru/astra-linux-se16-bulletin-20241017SE16\n\n\u0414\u043b\u044f Astra Linux Special Edition 4.7 \u0434\u043b\u044f \u0430\u0440\u0445\u0438\u0442\u0435\u043a\u0442\u0443\u0440\u044b ARM:\n- \u043e\u0431\u043d\u043e\u0432\u0438\u0442\u044c \u043f\u0430\u043a\u0435\u0442 linux \u0434\u043e 5.4.0-186.astra2 \u0438\u043b\u0438 \u0431\u043e\u043b\u0435\u0435 \u0432\u044b\u0441\u043e\u043a\u043e\u0439 \u0432\u0435\u0440\u0441\u0438\u0438, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044f \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0438 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u044f: https://wiki.astralinux.ru/astra-linux-se47-bulletin-2024-1031SE47\n- \u043e\u0431\u043d\u043e\u0432\u0438\u0442\u044c \u043f\u0430\u043a\u0435\u0442 linux-5.10 \u0434\u043e 5.10.216-1.astra2 \u0438\u043b\u0438 \u0431\u043e\u043b\u0435\u0435 \u0432\u044b\u0441\u043e\u043a\u043e\u0439 \u0432\u0435\u0440\u0441\u0438\u0438, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044f \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0438 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u044f: https://wiki.astralinux.ru/astra-linux-se47-bulletin-2024-1031SE47\n- \u043e\u0431\u043d\u043e\u0432\u0438\u0442\u044c \u043f\u0430\u043a\u0435\u0442 linux-5.15 \u0434\u043e 5.15.0-111.astra2 \u0438\u043b\u0438 \u0431\u043e\u043b\u0435\u0435 \u0432\u044b\u0441\u043e\u043a\u043e\u0439 \u0432\u0435\u0440\u0441\u0438\u0438, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044f \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0438 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u044f: https://wiki.astralinux.ru/astra-linux-se47-bulletin-2024-1031SE47\n- \u043e\u0431\u043d\u043e\u0432\u0438\u0442\u044c \u043f\u0430\u043a\u0435\u0442 linux-6.1 \u0434\u043e 6.1.90-1.astra3+ci156 \u0438\u043b\u0438 \u0431\u043e\u043b\u0435\u0435 \u0432\u044b\u0441\u043e\u043a\u043e\u0439 \u0432\u0435\u0440\u0441\u0438\u0438, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044f \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0438 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u044f: https://wiki.astralinux.ru/astra-linux-se47-bulletin-2024-1031SE47",
  "\u0414\u0430\u0442\u0430 \u0432\u044b\u044f\u0432\u043b\u0435\u043d\u0438\u044f": "29.09.2023",
  "\u0414\u0430\u0442\u0430 \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0435\u0433\u043e \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f": "25.02.2025",
  "\u0414\u0430\u0442\u0430 \u043f\u0443\u0431\u043b\u0438\u043a\u0430\u0446\u0438\u0438": "13.03.2024",
  "\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": "BDU:2024-01938",
  "\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440\u044b \u0434\u0440\u0443\u0433\u0438\u0445 \u0441\u0438\u0441\u0442\u0435\u043c \u043e\u043f\u0438\u0441\u0430\u043d\u0438\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "CVE-2023-52566",
  "\u0418\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f \u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0430",
  "\u041a\u043b\u0430\u0441\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043a\u043e\u0434\u0430",
  "\u041d\u0430\u0437\u0432\u0430\u043d\u0438\u0435 \u041f\u041e": "Astra Linux Special Edition (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u2116369), \u0420\u0415\u0414 \u041e\u0421 (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u21163751), Linux",
  "\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u041e\u0421 \u0438 \u0442\u0438\u043f \u0430\u043f\u043f\u0430\u0440\u0430\u0442\u043d\u043e\u0439 \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u044b": "\u041e\u041e\u041e \u00ab\u0420\u0443\u0441\u0411\u0418\u0422\u0435\u0445-\u0410\u0441\u0442\u0440\u0430\u00bb Astra Linux Special Edition 1.6 \u00ab\u0421\u043c\u043e\u043b\u0435\u043d\u0441\u043a\u00bb  (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u2116369), \u041e\u041e\u041e \u00ab\u0420\u0435\u0434 \u0421\u043e\u0444\u0442\u00bb \u0420\u0415\u0414 \u041e\u0421 7.3  (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u21163751), \u041e\u041e\u041e \u00ab\u0420\u0443\u0441\u0411\u0418\u0422\u0435\u0445-\u0410\u0441\u0442\u0440\u0430\u00bb Astra Linux Special Edition 1.7  (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u2116369), \u041e\u041e\u041e \u00ab\u0420\u0443\u0441\u0411\u0418\u0422\u0435\u0445-\u0410\u0441\u0442\u0440\u0430\u00bb Astra Linux Special Edition 4.7 ARM (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u2116369), \u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f Linux \u043e\u0442 6.2 \u0434\u043e 6.5.5 \u0432\u043a\u043b\u044e\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u043e , \u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f Linux \u043e\u0442 5.11 \u0434\u043e 5.15.133 \u0432\u043a\u043b\u044e\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u043e , \u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f Linux \u043e\u0442 5.16 \u0434\u043e 6.1.55 \u0432\u043a\u043b\u044e\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u043e , \u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f Linux \u043e\u0442 5.5 \u0434\u043e 5.10.197 \u0432\u043a\u043b\u044e\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u043e , \u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f Linux \u043e\u0442 4.0 \u0434\u043e 4.14.326 \u0432\u043a\u043b\u044e\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u043e , \u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f Linux \u043e\u0442 4.15 \u0434\u043e 4.19.295 \u0432\u043a\u043b\u044e\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u043e , \u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f Linux \u043e\u0442 4.20 \u0434\u043e 5.4.257 \u0432\u043a\u043b\u044e\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u043e ",
  "\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0444\u0443\u043d\u043a\u0446\u0438\u0438 nilfs_gccache_submit_read_data \u043a\u043e\u043c\u043f\u043e\u043d\u0435\u043d\u0442\u0430 nilfs2 \u044f\u0434\u0440\u0430 \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u043e\u0439 \u0441\u0438\u0441\u0442\u0435\u043c\u044b Linux, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0430\u044f \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e \u0432\u044b\u0437\u0432\u0430\u0442\u044c \u043e\u0442\u043a\u0430\u0437 \u0432 \u043e\u0431\u0441\u043b\u0443\u0436\u0438\u0432\u0430\u043d\u0438\u0438",
  "\u041d\u0430\u043b\u0438\u0447\u0438\u0435 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u0430": "\u0414\u0430\u043d\u043d\u044b\u0435 \u0443\u0442\u043e\u0447\u043d\u044f\u044e\u0442\u0441\u044f",
  "\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "\u0412\u044b\u0445\u043e\u0434 \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u0438 \u0437\u0430 \u0433\u0440\u0430\u043d\u0438\u0446\u044b \u0431\u0443\u0444\u0435\u0440\u0430 \u0432 \u043f\u0430\u043c\u044f\u0442\u0438 (CWE-119), \u0418\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u043f\u043e\u0441\u043b\u0435 \u043e\u0441\u0432\u043e\u0431\u043e\u0436\u0434\u0435\u043d\u0438\u044f (CWE-416)",
  "\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0444\u0443\u043d\u043a\u0446\u0438\u0438 nilfs_gccache_submit_read_data \u043a\u043e\u043c\u043f\u043e\u043d\u0435\u043d\u0442\u0430 nilfs2 \u044f\u0434\u0440\u0430 \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u043e\u0439 \u0441\u0438\u0441\u0442\u0435\u043c\u044b Linux \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435\u043c \u043f\u0430\u043c\u044f\u0442\u0438 \u043f\u043e\u0441\u043b\u0435 \u0435\u0451 \u043e\u0441\u0432\u043e\u0431\u043e\u0436\u0434\u0435\u043d\u0438\u044f. \u042d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e \u0432\u044b\u0437\u0432\u0430\u0442\u044c \u043e\u0442\u043a\u0430\u0437 \u0432 \u043e\u0431\u0441\u043b\u0443\u0436\u0438\u0432\u0430\u043d\u0438\u0438",
  "\u041f\u043e\u0441\u043b\u0435\u0434\u0441\u0442\u0432\u0438\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": null,
  "\u041f\u0440\u043e\u0447\u0430\u044f \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f": null,
  "\u0421\u0432\u044f\u0437\u044c \u0441 \u0438\u043d\u0446\u0438\u0434\u0435\u043d\u0442\u0430\u043c\u0438 \u0418\u0411": "\u0414\u0430\u043d\u043d\u044b\u0435 \u0443\u0442\u043e\u0447\u043d\u044f\u044e\u0442\u0441\u044f",
  "\u0421\u043e\u0441\u0442\u043e\u044f\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043d\u0430",
  "\u0421\u043f\u043e\u0441\u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f": "\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f",
  "\u0421\u043f\u043e\u0441\u043e\u0431 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438": "\u041c\u0430\u043d\u0438\u043f\u0443\u043b\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u0435 \u0441\u0442\u0440\u0443\u043a\u0442\u0443\u0440\u0430\u043c\u0438 \u0434\u0430\u043d\u043d\u044b\u0445",
  "\u0421\u0441\u044b\u043b\u043a\u0438 \u043d\u0430 \u0438\u0441\u0442\u043e\u0447\u043d\u0438\u043a\u0438": "http://repo.red-soft.ru/redos/7.3c/x86_64/updates/\nhttps://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-52566\nhttps://git.kernel.org/linus/7ee29facd8a9c5a26079148e36bcf07141b3a6bc\nhttps://git.kernel.org/stable/c/193b5a1c6c67c36b430989dc063fe7ea4e200a33\nhttps://git.kernel.org/stable/c/28df4646ad8b433340772edc90ca709cdefc53e2\nhttps://git.kernel.org/stable/c/3936e8714907cd55e37c7cc50e50229e4a9042e8\nhttps://git.kernel.org/stable/c/7130a87ca32396eb9bf48b71a2d42259ae44c6c7\nhttps://git.kernel.org/stable/c/7ee29facd8a9c5a26079148e36bcf07141b3a6bc\nhttps://git.kernel.org/stable/c/980663f1d189eedafd18d80053d9cf3e2ceb5c8c\nhttps://git.kernel.org/stable/c/bb61224f6abc8e71bfdf06d7c984e23460875f5b\nhttps://git.kernel.org/stable/c/fb1084e63ee56958b0a56e17a50a4fd86445b9c1\nhttps://kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.327\nhttps://kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.296\nhttps://kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.198\nhttps://kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.15.134\nhttps://kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.4.258\nhttps://kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.1.56\nhttps://kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.5.6\nhttps://lore.kernel.org/linux-cve-announce/2024030254-CVE-2023-52566-69f0@gregkh/\nhttps://lore.kernel.org/linux-cve-announce/2024030254-CVE-2023-52566-69f0@gregkh/T/#u\nhttps://security-tracker.debian.org/tracker/CVE-2023-52566\nhttps://ubuntu.com/security/notices/USN-6777-1\nhttps://ubuntu.com/security/notices/USN-6777-2\nhttps://ubuntu.com/security/notices/USN-6777-3\nhttps://ubuntu.com/security/notices/USN-6777-4\nhttps://ubuntu.com/security/notices/USN-6778-1\nhttps://vuldb.com/ru/?id.255505\nhttps://wiki.astralinux.ru/astra-linux-se16-bulletin-20241017SE16\nhttps://wiki.astralinux.ru/astra-linux-se17-bulletin-2024-0830SE17\nhttps://wiki.astralinux.ru/astra-linux-se47-bulletin-2024-1031SE47\nhttps://www.cve.org/CVERecord?id=CVE-2023-52566",
  "\u0421\u0442\u0430\u0442\u0443\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041f\u043e\u0434\u0442\u0432\u0435\u0440\u0436\u0434\u0435\u043d\u0430 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u0435\u043c",
  "\u0422\u0438\u043f \u041f\u041e": "\u041e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u0430\u044f \u0441\u0438\u0441\u0442\u0435\u043c\u0430",
  "\u0422\u0438\u043f \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "CWE-119, CWE-416",
  "\u0423\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0421\u0440\u0435\u0434\u043d\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 2.0 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 4,6)\n\u0421\u0440\u0435\u0434\u043d\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 3.0 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 5,5)\n\u041d\u0435\u0442 \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u043e\u0446\u0435\u043d\u043a\u0430 CVSS 4.0 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 0)"
}

Tags

Taxonomy of the tags.

All sightings related to this event Export sightings related to this event

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2023-52566 (GCVE-0-2023-52566)

Solution

Solutions

Solution

Solution

Tags

Sightings

Nomenclature