File _patchinfo of Package patchinfo.30013

Overview Repositories Revisions Requests Users Attributes Meta

File _patchinfo of Package patchinfo.30013

<patchinfo incident="30013">
  <issue id="1210566" tracker="bnc">VUL-0: CVE-2023-2002: kernel live patch: unauthorized management command execution</issue>
  <issue id="1212509" tracker="bnc">VUL-0: CVE-2023-35788: kernel live patch: out-of-bounds write in net/sched/cls_flower.c</issue>
  <issue id="2023-2002" tracker="cve" />
  <issue id="2023-35788" tracker="cve" />
  <category>security</category>
  <rating>important</rating>
  <packager>nstange</packager>
  <description>This update for the Linux Kernel 5.3.18-150300_59_106 fixes several issues.

The following security issues were fixed:

- CVE-2023-35788: Fixed an out-of-bounds write in the flower classifier code via TCA_FLOWER_KEY_ENC_OPTS_GENEVE packets in fl_set_geneve_opt in net/sched/cls_flower.c (bsc#1212509).
- CVE-2023-2002: Fixed a flaw that allowed an attacker to unauthorized execution of management commands, compromising the confidentiality, integrity, and availability of Bluetooth communication (bsc#1210566).
</description>
<summary>Security update for the Linux Kernel (Live Patch 27 for SLE 15 SP3)</summary>
</patchinfo>

Places

File _patchinfo of Package patchinfo.30013

Places