rpm package
opensuse/kernel-default&distro=openSUSE Leap Micro 5.5
pkg:rpm/opensuse/kernel-default&distro=openSUSE%20Leap%20Micro%205.5
Vulnerabilities (928)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2023-24023 | — | < 5.14.21-150500.55.73.1 | 5.14.21-150500.55.73.1 | Nov 28, 2023 | Bluetooth BR/EDR devices with Secure Simple Pairing and Secure Connections pairing in Bluetooth Core Specification 4.2 through 5.4 allow certain man-in-the-middle attacks that force a short key length, and might lead to discovery of the encryption key and live injection, aka BLUF | ||
| CVE-2023-3610 | — | < 5.14.21-150500.55.80.2 | 5.14.21-150500.55.80.2 | Jul 21, 2023 | A use-after-free vulnerability in the Linux kernel's netfilter: nf_tables component can be exploited to achieve local privilege escalation. Flaw in the error handling of bound chains causes a use-after-free in the abort path of NFT_MSG_NEWRULE. The vulnerability requires CAP_NET | ||
| CVE-2022-4382 | — | < 5.14.21-150500.55.80.2 | 5.14.21-150500.55.80.2 | Jan 10, 2023 | A use-after-free flaw caused by a race among the superblock operations in the gadgetfs Linux driver was found. It could be triggered by yanking out a device that is running the gadgetfs side. | ||
| CVE-2022-40133 | — | < 5.14.21-150500.55.80.2 | 5.14.21-150500.55.80.2 | Sep 9, 2022 | A use-after-free(UAF) vulnerability was found in function 'vmw_execbuf_tie_context' in drivers/gpu/vmxgfx/vmxgfx_execbuf.c in Linux kernel's vmwgfx driver with device file '/dev/dri/renderD128 (or Dxxx)'. This flaw allows a local attacker with a user account on the system to gain | ||
| CVE-2022-38457 | — | < 5.14.21-150500.55.80.2 | 5.14.21-150500.55.80.2 | Sep 9, 2022 | A use-after-free(UAF) vulnerability was found in function 'vmw_cmd_res_check' in drivers/gpu/vmxgfx/vmxgfx_execbuf.c in Linux kernel's vmwgfx driver with device file '/dev/dri/renderD128 (or Dxxx)'. This flaw allows a local attacker with a user account on the system to gain privi | ||
| CVE-2021-4204 | — | < 5.14.21-150500.55.80.2 | 5.14.21-150500.55.80.2 | Aug 24, 2022 | An out-of-bounds (OOB) memory access flaw was found in the Linux kernel's eBPF due to an Improper Input Validation. This flaw allows a local attacker with a special privilege to crash the system or leak internal information. | ||
| CVE-2022-0500 | — | < 5.14.21-150500.55.80.2 | 5.14.21-150500.55.80.2 | Mar 25, 2022 | A flaw was found in unrestricted eBPF usage by the BPF_BTF_LOAD, leading to a possible out-of-bounds memory write in the Linux kernel’s BPF subsystem due to the way a user loads BTF. This flaw allows a local user to crash or escalate their privileges on the system. | ||
| CVE-2022-23222 | — | < 5.14.21-150500.55.80.2 | 5.14.21-150500.55.80.2 | Jan 14, 2022 | kernel/bpf/verifier.c in the Linux kernel through 5.15.14 allows local users to gain privileges because of the availability of pointer arithmetic via certain *_OR_NULL pointer types. |
- CVE-2023-24023Nov 28, 2023affected < 5.14.21-150500.55.73.1fixed 5.14.21-150500.55.73.1
Bluetooth BR/EDR devices with Secure Simple Pairing and Secure Connections pairing in Bluetooth Core Specification 4.2 through 5.4 allow certain man-in-the-middle attacks that force a short key length, and might lead to discovery of the encryption key and live injection, aka BLUF
- CVE-2023-3610Jul 21, 2023affected < 5.14.21-150500.55.80.2fixed 5.14.21-150500.55.80.2
A use-after-free vulnerability in the Linux kernel's netfilter: nf_tables component can be exploited to achieve local privilege escalation. Flaw in the error handling of bound chains causes a use-after-free in the abort path of NFT_MSG_NEWRULE. The vulnerability requires CAP_NET
- CVE-2022-4382Jan 10, 2023affected < 5.14.21-150500.55.80.2fixed 5.14.21-150500.55.80.2
A use-after-free flaw caused by a race among the superblock operations in the gadgetfs Linux driver was found. It could be triggered by yanking out a device that is running the gadgetfs side.
- CVE-2022-40133Sep 9, 2022affected < 5.14.21-150500.55.80.2fixed 5.14.21-150500.55.80.2
A use-after-free(UAF) vulnerability was found in function 'vmw_execbuf_tie_context' in drivers/gpu/vmxgfx/vmxgfx_execbuf.c in Linux kernel's vmwgfx driver with device file '/dev/dri/renderD128 (or Dxxx)'. This flaw allows a local attacker with a user account on the system to gain
- CVE-2022-38457Sep 9, 2022affected < 5.14.21-150500.55.80.2fixed 5.14.21-150500.55.80.2
A use-after-free(UAF) vulnerability was found in function 'vmw_cmd_res_check' in drivers/gpu/vmxgfx/vmxgfx_execbuf.c in Linux kernel's vmwgfx driver with device file '/dev/dri/renderD128 (or Dxxx)'. This flaw allows a local attacker with a user account on the system to gain privi
- CVE-2021-4204Aug 24, 2022affected < 5.14.21-150500.55.80.2fixed 5.14.21-150500.55.80.2
An out-of-bounds (OOB) memory access flaw was found in the Linux kernel's eBPF due to an Improper Input Validation. This flaw allows a local attacker with a special privilege to crash the system or leak internal information.
- CVE-2022-0500Mar 25, 2022affected < 5.14.21-150500.55.80.2fixed 5.14.21-150500.55.80.2
A flaw was found in unrestricted eBPF usage by the BPF_BTF_LOAD, leading to a possible out-of-bounds memory write in the Linux kernel’s BPF subsystem due to the way a user loads BTF. This flaw allows a local user to crash or escalate their privileges on the system.
- CVE-2022-23222Jan 14, 2022affected < 5.14.21-150500.55.80.2fixed 5.14.21-150500.55.80.2
kernel/bpf/verifier.c in the Linux kernel through 5.15.14 allows local users to gain privileges because of the availability of pointer arithmetic via certain *_OR_NULL pointer types.
Page 47 of 47