Oval Definition:oval:org.opensuse.security:def:20230459
Revision Date:2023-06-22Version:1
Title:CVE-2023-0459
Description:

Copy_from_user on 64-bit versions of the Linux kernel does not implement the __uaccess_begin_nospec allowing a user to bypass the "access_ok" check and pass a kernel pointer to copy_from_user(). This would allow an attacker to leak information. We recommend upgrading beyond commit?74e19ef0ff8061ef55957c3abd71614ef0f42f47
Family:unixClass:vulnerability
Status:Reference(s):Mitre CVE-2023-0459
SUSE CVE-2023-0459
Platform(s):SUSE Linux Enterprise Desktop 15 SP5
SUSE Linux Enterprise High Performance Computing 15 SP5
SUSE Linux Enterprise Module for Basesystem 15 SP5
SUSE Linux Enterprise Module for Development Tools 15 SP5
SUSE Linux Enterprise Module for Public Cloud 15 SP5
SUSE Linux Enterprise Server 15 SP5
SUSE Linux Enterprise Server for SAP Applications 15 SP5
Product(s):
Definition Synopsis
  • Release Information
  • SUSE Linux Enterprise Desktop 15 SP5 is installed
  • OR SUSE Linux Enterprise High Performance Computing 15 SP5 is installed
  • OR SUSE Linux Enterprise Module for Development Tools 15 SP5 is installed
  • OR SUSE Linux Enterprise Server 15 SP5 is installed
  • OR SUSE Linux Enterprise Server for SAP Applications 15 SP5 is installed
  • AND
  • kernel-default is affected
  • OR kernel-source is affected
  • OR Package Information
  • SUSE Linux Enterprise Desktop 15 SP5 is installed
  • OR SUSE Linux Enterprise High Performance Computing 15 SP5 is installed
  • OR SUSE Linux Enterprise Module for Basesystem 15 SP5 is installed
  • OR SUSE Linux Enterprise Server 15 SP5 is installed
  • OR SUSE Linux Enterprise Server for SAP Applications 15 SP5 is installed
  • AND
  • kernel-default is affected
  • OR kernel-default-devel is affected
  • OR kernel-devel is affected
  • OR kernel-macros is affected
  • OR Package Information
  • SUSE Linux Enterprise High Performance Computing 15 SP5 is installed
  • OR SUSE Linux Enterprise Module for Public Cloud 15 SP5 is installed
  • OR SUSE Linux Enterprise Server 15 SP5 is installed
  • OR SUSE Linux Enterprise Server for SAP Applications 15 SP5 is installed
  • AND
  • kernel-devel-azure is affected
  • OR kernel-source-azure is affected
    • BACK