{"schema_version":"1.7.2","id":"OESA-2023-1368","modified":"2023-06-27T11:05:26Z","published":"2023-06-27T11:05:26Z","upstream":["CVE-2023-31084","CVE-2023-2985"],"summary":"kernel security update","details":"The Linux Kernel, the operating system core itself.\n\nSecurity Fix(es):\n\nAn issue was discovered in drivers/media/dvb-core/dvb_frontend.c in the Linux kernel 6.2. There is a blocking operation when a task is in !TASK_RUNNING. In dvb_frontend_get_event, wait_event_interruptible is called; the condition is dvb_frontend_test_event(fepriv,events). In dvb_frontend_test_event, down(\u0026amp;fepriv-\u0026gt;sem) is called. However, wait_event_interruptible would put the process to sleep, and down(\u0026amp;fepriv-\u0026gt;sem) may block the process.(CVE-2023-31084)\n\nA use after free flaw was found in hfsplus_put_super in fs/hfsplus/super.c in the Linux Kernel. This flaw could allow a local user to cause a denial of service problem.(CVE-2023-2985)","affected":[{"package":{"ecosystem":"openEuler:20.03-LTS-SP3","name":"kernel","purl":"pkg:rpm/openEuler/kernel\u0026distro=openEuler-20.03-LTS-SP3"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.19.90-2306.4.0.0206.oe1"}]}],"ecosystem_specific":{"aarch64":["kernel-tools-debuginfo-4.19.90-2306.4.0.0206.oe1.aarch64.rpm","kernel-debugsource-4.19.90-2306.4.0.0206.oe1.aarch64.rpm","kernel-4.19.90-2306.4.0.0206.oe1.aarch64.rpm","perf-debuginfo-4.19.90-2306.4.0.0206.oe1.aarch64.rpm","bpftool-4.19.90-2306.4.0.0206.oe1.aarch64.rpm","kernel-debuginfo-4.19.90-2306.4.0.0206.oe1.aarch64.rpm","kernel-devel-4.19.90-2306.4.0.0206.oe1.aarch64.rpm","perf-4.19.90-2306.4.0.0206.oe1.aarch64.rpm","python3-perf-4.19.90-2306.4.0.0206.oe1.aarch64.rpm","python2-perf-debuginfo-4.19.90-2306.4.0.0206.oe1.aarch64.rpm","python3-perf-debuginfo-4.19.90-2306.4.0.0206.oe1.aarch64.rpm","kernel-tools-4.19.90-2306.4.0.0206.oe1.aarch64.rpm","bpftool-debuginfo-4.19.90-2306.4.0.0206.oe1.aarch64.rpm","kernel-tools-devel-4.19.90-2306.4.0.0206.oe1.aarch64.rpm","kernel-source-4.19.90-2306.4.0.0206.oe1.aarch64.rpm","python2-perf-4.19.90-2306.4.0.0206.oe1.aarch64.rpm"],"src":["kernel-4.19.90-2306.4.0.0206.oe1.src.rpm"],"x86_64":["kernel-debugsource-4.19.90-2306.4.0.0206.oe1.x86_64.rpm","kernel-source-4.19.90-2306.4.0.0206.oe1.x86_64.rpm","kernel-tools-4.19.90-2306.4.0.0206.oe1.x86_64.rpm","kernel-tools-debuginfo-4.19.90-2306.4.0.0206.oe1.x86_64.rpm","perf-4.19.90-2306.4.0.0206.oe1.x86_64.rpm","kernel-tools-devel-4.19.90-2306.4.0.0206.oe1.x86_64.rpm","python2-perf-debuginfo-4.19.90-2306.4.0.0206.oe1.x86_64.rpm","python3-perf-4.19.90-2306.4.0.0206.oe1.x86_64.rpm","python2-perf-4.19.90-2306.4.0.0206.oe1.x86_64.rpm","bpftool-debuginfo-4.19.90-2306.4.0.0206.oe1.x86_64.rpm","perf-debuginfo-4.19.90-2306.4.0.0206.oe1.x86_64.rpm","python3-perf-debuginfo-4.19.90-2306.4.0.0206.oe1.x86_64.rpm","kernel-4.19.90-2306.4.0.0206.oe1.x86_64.rpm","bpftool-4.19.90-2306.4.0.0206.oe1.x86_64.rpm","kernel-devel-4.19.90-2306.4.0.0206.oe1.x86_64.rpm","kernel-debuginfo-4.19.90-2306.4.0.0206.oe1.x86_64.rpm"]}}],"references":[{"type":"ADVISORY","url":"https://www.openeuler.org/en/security/safety-bulletin/detail.html?id=openEuler-SA-2023-1368"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2023-31084"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2023-2985"}],"database_specific":{"severity":"Medium"}}