SUSE-SU-2023:4965-1

Details

This update for ppp fixes the following issues:

CVE-2022-4603: Fixed improper validation of array index of the component pppdump (bsc#1218251).

Affected Packages

ppp

SUSE Linux Enterprise Micro 5.3SUSE Linux Enterprise Micro 5.4SUSE Linux Enterprise Micro 5.5SUSE Linux Enterprise Module for Desktop Applications 15 SP5SUSE Linux Enterprise Real Time 15 SP4

Fixed in:

2.4.7-150000.5.13.1

ppp-devel

SUSE Linux Enterprise Module for Desktop Applications 15 SP5SUSE Linux Enterprise Real Time 15 SP4openSUSE Leap 15.4openSUSE Leap 15.5

Fixed in:

2.4.7-150000.5.13.1

ppp-modem

openSUSE Leap 15.4openSUSE Leap 15.5

Fixed in:

2.4.7-150000.5.13.1

References

REPORT

https://bugzilla.suse.com/1218251

WEB

https://www.suse.com/security/cve/CVE-2022-4603

ADVISORY

https://www.suse.com/support/update/announcement/2023/suse-su-20234965-1/