Skip to main content

Mondoo Vulnerability Intelligence

Curated by Mondoo Research, enhanced with AI

Resources

Search Vulnerabilities
Trending CVEs
Browse Ecosystems
Terminology
Blog

Open Source

cnquery
cnspec

Star us on GitHub!

Company

Mondoo Platform
About
Contact

© 2026 Mondoo, Inc.

Privacy Policy Terms of Service Imprint

Vulnerability Intelligence

SUSE-SU-2023:2422-1 | Mondoo Vulnerability Intelligence

Vulnerability IntelligenceSUSE-SU-2023:2422-1

SUSE-SU-2023:2422-1

UNKNOWN

Security update for the Linux Kernel (Live Patch 27 for SLE 12 SP4)

Published Jun 6, 2023

Modified 2 years ago

Fix available

Details

This update for the Linux Kernel 4.12.14-95_99 fixes several issues.

The following security issues were fixed:

CVE-2023-28464: Fixed user-after-free that could lead to privilege escalation in hci_conn_cleanup in net/uetooth/hci_conn.c (bsc#1211111).
CVE-2023-1989: Fixed a use after free in btsdio_remove (bsc#1210500).
CVE-2023-2162: Fixed an use-after-free flaw in iscsi_sw_tcp_session_create (bsc#1210662).
CVE-2023-23454: Fixed a type-confusion in the CBQ network scheduler (bsc#1207188).

Affected Packages

kgraft-patch-4_12_14-95_99-default

SUSE Linux Enterprise Live Patching 12 SP4

Fixed in:

12-2.2

kgraft-patch-SLE12-SP4_Update_27

SUSE Linux Enterprise Live Patching 12 SP4

Fixed in:

12-2.2

References

https://bugzilla.suse.com/1207188

https://bugzilla.suse.com/1210500

https://bugzilla.suse.com/1210662

https://bugzilla.suse.com/1211111

https://www.suse.com/security/cve/CVE-2023-1989

https://www.suse.com/security/cve/CVE-2023-2162

https://www.suse.com/security/cve/CVE-2023-23454

https://www.suse.com/security/cve/CVE-2023-28464

https://www.suse.com/support/update/announcement/2023/suse-su-20232422-1/

Upstream

CVE-2023-1989 CVE-2023-2162 CVE-2023-23454 CVE-2023-28464

Related

CVE-2023-1989 CVE-2023-2162 CVE-2023-23454 CVE-2023-28464

Ecosystems

SUSE Linux Enterprise Live Patching 12 SP4

Timeline

PublishedJun 6, 2023

ModifiedJun 6, 2023