rpm package
opensuse/kernel-default&distro=openSUSE Leap Micro 5.4
pkg:rpm/opensuse/kernel-default&distro=openSUSE%20Leap%20Micro%205.4
Vulnerabilities (578)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2023-5158 | — | < 5.14.21-150400.24.100.2 | 5.14.21-150400.24.100.2 | Sep 25, 2023 | A flaw was found in vringh_kiov_advance in drivers/vhost/vringh.c in the host side of a virtio ring in the Linux Kernel. This issue may result in a denial of service from guest to host via zero length descriptor. | ||
| CVE-2023-2163 | — | < 5.14.21-150400.24.97.1 | 5.14.21-150400.24.97.1 | Sep 20, 2023 | Incorrect verifier pruning in BPF in Linux Kernel >=5.4 leads to unsafe code paths being incorrectly marked as safe, resulting in arbitrary read/write in kernel memory, lateral privilege escalation, and container escape. | ||
| CVE-2023-4921 | — | < 5.14.21-150400.24.108.1 | 5.14.21-150400.24.108.1 | Sep 12, 2023 | A use-after-free vulnerability in the Linux kernel's net/sched: sch_qfq component can be exploited to achieve local privilege escalation. When the plug qdisc is used as a class of the qfq qdisc, sending network packets triggers use-after-free in qfq_dequeue() due to the incorrec | ||
| CVE-2023-4244 | — | < 5.14.21-150400.24.100.2 | 5.14.21-150400.24.100.2 | Sep 6, 2023 | A use-after-free vulnerability in the Linux kernel's netfilter: nf_tables component can be exploited to achieve local privilege escalation. Due to a race condition between nf_tables netlink control plane transaction and nft_set element garbage collection, it is possible to under | ||
| CVE-2023-3777 | — | < 5.14.21-150400.24.97.1 | 5.14.21-150400.24.97.1 | Sep 6, 2023 | A use-after-free vulnerability in the Linux kernel's netfilter: nf_tables component can be exploited to achieve local privilege escalation. When nf_tables_delrule() is flushing table rules, it is not checked whether the chain is bound and the chain's owner rule can also release | ||
| CVE-2022-40982 | — | < 5.14.21-150400.24.81.1 | 5.14.21-150400.24.81.1 | Aug 11, 2023 | Information exposure through microarchitectural state after transient execution in certain vector execution units for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access. | ||
| CVE-2023-25775 | — | < 5.14.21-150400.24.100.2 | 5.14.21-150400.24.100.2 | Aug 11, 2023 | Improper access control in the Intel(R) Ethernet Controller RDMA driver for linux before version 1.9.30 may allow an unauthenticated user to potentially enable escalation of privilege via network access. | ||
| CVE-2023-20569 | — | < 5.14.21-150400.24.81.1 | 5.14.21-150400.24.81.1 | Aug 8, 2023 | A side channel vulnerability on some of the AMD CPUs may allow an attacker to influence the return address prediction. This may result in speculative execution at an attacker-controlled address, potentially leading to information disclosure. | ||
| CVE-2023-4004 | — | < 5.14.21-150400.24.81.1 | 5.14.21-150400.24.81.1 | Jul 31, 2023 | A use-after-free flaw was found in the Linux kernel's netfilter in the way a user triggers the nft_pipapo_remove function with the element, without a NFT_SET_EXT_KEY_END. This issue could allow a local user to crash the system or potentially escalate their privileges on the syste | ||
| CVE-2023-20593 | — | < 5.14.21-150400.24.74.1 | 5.14.21-150400.24.74.1 | Jul 24, 2023 | An issue in “Zen 2” CPUs, under specific microarchitectural circumstances, may allow an attacker to potentially access sensitive information. | ||
| CVE-2023-3812 | — | < 5.14.21-150400.24.74.1 | 5.14.21-150400.24.74.1 | Jul 24, 2023 | An out-of-bounds memory access flaw was found in the Linux kernel’s TUN/TAP device driver functionality in how a user generates a malicious (too big) networking packet when napi frags is enabled. This flaw allows a local user to crash or potentially escalate their privileges on t | ||
| CVE-2023-3567 | — | < 5.14.21-150400.24.81.1 | 5.14.21-150400.24.81.1 | Jul 24, 2023 | A use-after-free flaw was found in vcs_read in drivers/tty/vt/vc_screen.c in vc_screen in the Linux Kernel. This issue may allow an attacker with local user access to cause a system crash or leak internal kernel information. | ||
| CVE-2023-2860 | — | < 5.14.21-150400.24.122.2 | 5.14.21-150400.24.122.2 | Jul 24, 2023 | An out-of-bounds read vulnerability was found in the SR-IPv6 implementation in the Linux kernel. The flaw exists within the processing of seg6 attributes. The issue results from the improper validation of user-supplied data, which can result in a read past the end of an allocated | ||
| CVE-2023-3776 | — | < 5.14.21-150400.24.81.1 | 5.14.21-150400.24.81.1 | Jul 21, 2023 | A use-after-free vulnerability in the Linux kernel's net/sched: cls_fw component can be exploited to achieve local privilege escalation. If tcf_change_indev() fails, fw_set_parms() will immediately return an error after incrementing or decrementing the reference counter in tcf_b | ||
| CVE-2023-3611 | — | < 5.14.21-150400.24.81.1 | 5.14.21-150400.24.81.1 | Jul 21, 2023 | An out-of-bounds write vulnerability in the Linux kernel's net/sched: sch_qfq component can be exploited to achieve local privilege escalation. The qfq_change_agg() function in net/sched/sch_qfq.c allows an out-of-bounds write because lmax is updated according to packet sizes wi | ||
| CVE-2023-3609 | — | < 5.14.21-150400.24.81.1 | 5.14.21-150400.24.81.1 | Jul 21, 2023 | A use-after-free vulnerability in the Linux kernel's net/sched: cls_u32 component can be exploited to achieve local privilege escalation. If tcf_change_indev() fails, u32_set_parms() will immediately return an error after incrementing or decrementing the reference counter in tcf | ||
| CVE-2023-0160 | — | < 5.14.21-150400.24.119.1 | 5.14.21-150400.24.119.1 | Jul 18, 2023 | A deadlock flaw was found in the Linux kernel’s BPF subsystem. This flaw allows a local user to potentially crash the system. | ||
| CVE-2023-21400 | — | < 5.14.21-150400.24.81.1 | 5.14.21-150400.24.81.1 | Jul 12, 2023 | In multiple functions of io_uring.c, there is a possible kernel memory corruption due to improper locking. This could lead to local escalation of privilege in the kernel with System execution privileges needed. User interaction is not needed for exploitation. | ||
| CVE-2023-35001 | — | < 5.14.21-150400.24.74.1 | 5.14.21-150400.24.74.1 | Jul 5, 2023 | Linux Kernel nftables Out-Of-Bounds Read/Write Vulnerability; nft_byteorder poorly handled vm register contents when CAP_NET_ADMIN is in any user or network namespace | ||
| CVE-2023-31248 | — | < 5.14.21-150400.24.74.1 | 5.14.21-150400.24.74.1 | Jul 5, 2023 | Linux Kernel nftables Use-After-Free Local Privilege Escalation Vulnerability; `nft_chain_lookup_byid()` failed to check whether a chain was active and CAP_NET_ADMIN is in any user or network namespace |
- CVE-2023-5158Sep 25, 2023affected < 5.14.21-150400.24.100.2fixed 5.14.21-150400.24.100.2
A flaw was found in vringh_kiov_advance in drivers/vhost/vringh.c in the host side of a virtio ring in the Linux Kernel. This issue may result in a denial of service from guest to host via zero length descriptor.
- CVE-2023-2163Sep 20, 2023affected < 5.14.21-150400.24.97.1fixed 5.14.21-150400.24.97.1
Incorrect verifier pruning in BPF in Linux Kernel >=5.4 leads to unsafe code paths being incorrectly marked as safe, resulting in arbitrary read/write in kernel memory, lateral privilege escalation, and container escape.
- CVE-2023-4921Sep 12, 2023affected < 5.14.21-150400.24.108.1fixed 5.14.21-150400.24.108.1
A use-after-free vulnerability in the Linux kernel's net/sched: sch_qfq component can be exploited to achieve local privilege escalation. When the plug qdisc is used as a class of the qfq qdisc, sending network packets triggers use-after-free in qfq_dequeue() due to the incorrec
- CVE-2023-4244Sep 6, 2023affected < 5.14.21-150400.24.100.2fixed 5.14.21-150400.24.100.2
A use-after-free vulnerability in the Linux kernel's netfilter: nf_tables component can be exploited to achieve local privilege escalation. Due to a race condition between nf_tables netlink control plane transaction and nft_set element garbage collection, it is possible to under
- CVE-2023-3777Sep 6, 2023affected < 5.14.21-150400.24.97.1fixed 5.14.21-150400.24.97.1
A use-after-free vulnerability in the Linux kernel's netfilter: nf_tables component can be exploited to achieve local privilege escalation. When nf_tables_delrule() is flushing table rules, it is not checked whether the chain is bound and the chain's owner rule can also release
- CVE-2022-40982Aug 11, 2023affected < 5.14.21-150400.24.81.1fixed 5.14.21-150400.24.81.1
Information exposure through microarchitectural state after transient execution in certain vector execution units for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.
- CVE-2023-25775Aug 11, 2023affected < 5.14.21-150400.24.100.2fixed 5.14.21-150400.24.100.2
Improper access control in the Intel(R) Ethernet Controller RDMA driver for linux before version 1.9.30 may allow an unauthenticated user to potentially enable escalation of privilege via network access.
- CVE-2023-20569Aug 8, 2023affected < 5.14.21-150400.24.81.1fixed 5.14.21-150400.24.81.1
A side channel vulnerability on some of the AMD CPUs may allow an attacker to influence the return address prediction. This may result in speculative execution at an attacker-controlled address, potentially leading to information disclosure.
- CVE-2023-4004Jul 31, 2023affected < 5.14.21-150400.24.81.1fixed 5.14.21-150400.24.81.1
A use-after-free flaw was found in the Linux kernel's netfilter in the way a user triggers the nft_pipapo_remove function with the element, without a NFT_SET_EXT_KEY_END. This issue could allow a local user to crash the system or potentially escalate their privileges on the syste
- CVE-2023-20593Jul 24, 2023affected < 5.14.21-150400.24.74.1fixed 5.14.21-150400.24.74.1
An issue in “Zen 2” CPUs, under specific microarchitectural circumstances, may allow an attacker to potentially access sensitive information.
- CVE-2023-3812Jul 24, 2023affected < 5.14.21-150400.24.74.1fixed 5.14.21-150400.24.74.1
An out-of-bounds memory access flaw was found in the Linux kernel’s TUN/TAP device driver functionality in how a user generates a malicious (too big) networking packet when napi frags is enabled. This flaw allows a local user to crash or potentially escalate their privileges on t
- CVE-2023-3567Jul 24, 2023affected < 5.14.21-150400.24.81.1fixed 5.14.21-150400.24.81.1
A use-after-free flaw was found in vcs_read in drivers/tty/vt/vc_screen.c in vc_screen in the Linux Kernel. This issue may allow an attacker with local user access to cause a system crash or leak internal kernel information.
- CVE-2023-2860Jul 24, 2023affected < 5.14.21-150400.24.122.2fixed 5.14.21-150400.24.122.2
An out-of-bounds read vulnerability was found in the SR-IPv6 implementation in the Linux kernel. The flaw exists within the processing of seg6 attributes. The issue results from the improper validation of user-supplied data, which can result in a read past the end of an allocated
- CVE-2023-3776Jul 21, 2023affected < 5.14.21-150400.24.81.1fixed 5.14.21-150400.24.81.1
A use-after-free vulnerability in the Linux kernel's net/sched: cls_fw component can be exploited to achieve local privilege escalation. If tcf_change_indev() fails, fw_set_parms() will immediately return an error after incrementing or decrementing the reference counter in tcf_b
- CVE-2023-3611Jul 21, 2023affected < 5.14.21-150400.24.81.1fixed 5.14.21-150400.24.81.1
An out-of-bounds write vulnerability in the Linux kernel's net/sched: sch_qfq component can be exploited to achieve local privilege escalation. The qfq_change_agg() function in net/sched/sch_qfq.c allows an out-of-bounds write because lmax is updated according to packet sizes wi
- CVE-2023-3609Jul 21, 2023affected < 5.14.21-150400.24.81.1fixed 5.14.21-150400.24.81.1
A use-after-free vulnerability in the Linux kernel's net/sched: cls_u32 component can be exploited to achieve local privilege escalation. If tcf_change_indev() fails, u32_set_parms() will immediately return an error after incrementing or decrementing the reference counter in tcf
- CVE-2023-0160Jul 18, 2023affected < 5.14.21-150400.24.119.1fixed 5.14.21-150400.24.119.1
A deadlock flaw was found in the Linux kernel’s BPF subsystem. This flaw allows a local user to potentially crash the system.
- CVE-2023-21400Jul 12, 2023affected < 5.14.21-150400.24.81.1fixed 5.14.21-150400.24.81.1
In multiple functions of io_uring.c, there is a possible kernel memory corruption due to improper locking. This could lead to local escalation of privilege in the kernel with System execution privileges needed. User interaction is not needed for exploitation.
- CVE-2023-35001Jul 5, 2023affected < 5.14.21-150400.24.74.1fixed 5.14.21-150400.24.74.1
Linux Kernel nftables Out-Of-Bounds Read/Write Vulnerability; nft_byteorder poorly handled vm register contents when CAP_NET_ADMIN is in any user or network namespace
- CVE-2023-31248Jul 5, 2023affected < 5.14.21-150400.24.74.1fixed 5.14.21-150400.24.74.1
Linux Kernel nftables Use-After-Free Local Privilege Escalation Vulnerability; `nft_chain_lookup_byid()` failed to check whether a chain was active and CAP_NET_ADMIN is in any user or network namespace
Page 28 of 29