Security Bulletin
This security bulletin contains information about 3 vulnerabilities.
EUVDB-ID: #VU74410
Risk: Low
CVSSv3.1:
CVE-ID: CVE-2023-0386
CWE-ID: CWE-264 - Permissions, Privileges, and Access Controls
Exploit availability: No
Description
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to unauthorized access to execution of setuid files in OverlayFS subsystem when copying a capable file from a nosuid mount into another mount. A local user can execute arbitrary code with root privileges.
Mitigation
Update the affected package the Linux Kernel RT (Live Patch 6 for SLE 15 SP4) to the latest version.
Vulnerable software versions
SUSE Linux Enterprise Micro: 5.3 - 5.4
SUSE Linux Enterprise Live Patching: 15-SP4 - 15-SP4
SUSE Linux Enterprise Server for SAP Applications 15: SP4 - SP4
SUSE Linux Enterprise Server 15: SP4 - SP4
SUSE Linux Enterprise Real Time 15: SP4 - SP4
SUSE Linux Enterprise High Performance Computing 15: SP4 - SP4
kernel-livepatch-5_14_21-150400_15_23-rt-debuginfo: before 2-150400.2.2
kernel-livepatch-5_14_21-150400_15_23-rt: before 2-150400.2.2
kernel-livepatch-SLE15-SP4-RT_Update_6-debugsource: before 2-150400.2.2
CPE2.3
External links
http://www.suse.com/support/update/announcement/2023/suse-su-20232368-1/
Q & A
Can this vulnerability be exploited remotely?
Is there known malware, which exploits this vulnerability?
EUVDB-ID: #VU75994
Risk: Low
CVSSv3.1:
CVE-ID: CVE-2023-2162