rpm package
opensuse/kernel-vanilla&distro=openSUSE Leap 15.4
pkg:rpm/opensuse/kernel-vanilla&distro=openSUSE%20Leap%2015.4
Vulnerabilities (213)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2022-3621 | — | < 4.12.14-150100.197.131.1 | 4.12.14-150100.197.131.1 | Oct 20, 2022 | A vulnerability was found in Linux Kernel. It has been classified as problematic. Affected is the function nilfs_bmap_lookup_at_level of the file fs/nilfs2/inode.c of the component nilfs2. The manipulation leads to null pointer dereference. It is possible to launch the attack rem | ||
| CVE-2022-3586 | — | < 4.12.14-150100.197.131.1 | 4.12.14-150100.197.131.1 | Oct 19, 2022 | A flaw was found in the Linux kernel’s networking code. A use-after-free was found in the way the sch_sfb enqueue function used the socket buffer (SKB) cb field after the same SKB had been enqueued (and freed) into a child qdisc. This flaw allows a local, unprivileged user to cra | ||
| CVE-2022-3594 | — | < 4.12.14-150100.197.131.1 | 4.12.14-150100.197.131.1 | Oct 18, 2022 | A vulnerability was found in Linux Kernel. It has been declared as problematic. Affected by this vulnerability is the function intr_callback of the file drivers/net/usb/r8152.c of the component BPF. The manipulation leads to logging of excessive data. The attack can be launched r | ||
| CVE-2022-3567 | — | < 4.12.14-150100.197.131.1 | 4.12.14-150100.197.131.1 | Oct 17, 2022 | A vulnerability has been found in Linux Kernel and classified as problematic. This vulnerability affects the function inet6_stream_ops/inet6_dgram_ops of the component IPv6 Handler. The manipulation leads to race condition. It is recommended to apply a patch to fix this issue. VD | ||
| CVE-2022-3566 | — | < 4.12.14-150100.197.148.1 | 4.12.14-150100.197.148.1 | Oct 17, 2022 | A vulnerability, which was classified as problematic, was found in Linux Kernel. This affects the function tcp_getsockopt/tcp_setsockopt of the component TCP Handler. The manipulation leads to race condition. It is recommended to apply a patch to fix this issue. The identifier VD | ||
| CVE-2022-3565 | — | < 4.12.14-150100.197.131.1 | 4.12.14-150100.197.131.1 | Oct 17, 2022 | A vulnerability, which was classified as critical, has been found in Linux Kernel. Affected by this issue is the function del_timer of the file drivers/isdn/mISDN/l1oip_core.c of the component Bluetooth. The manipulation leads to use after free. It is recommended to apply a patch | ||
| CVE-2022-3564 | — | < 4.12.14-150100.197.134.1 | 4.12.14-150100.197.134.1 | Oct 17, 2022 | A vulnerability classified as critical was found in Linux Kernel. Affected by this vulnerability is the function l2cap_reassemble_sdu of the file net/bluetooth/l2cap_core.c of the component Bluetooth. The manipulation leads to use after free. It is recommended to apply a patch to | ||
| CVE-2022-3545 | — | < 4.12.14-150100.197.131.1 | 4.12.14-150100.197.131.1 | Oct 17, 2022 | A vulnerability has been found in Linux Kernel and classified as critical. Affected by this vulnerability is the function area_cache_get of the file drivers/net/ethernet/netronome/nfp/nfpcore/nfp_cppcore.c of the component IPsec. The manipulation leads to use after free. It is re | ||
| CVE-2022-3524 | — | < 4.12.14-150100.197.131.1 | 4.12.14-150100.197.131.1 | Oct 16, 2022 | A vulnerability was found in Linux Kernel. It has been declared as problematic. Affected by this vulnerability is the function ipv6_renew_options of the component IPv6 Handler. The manipulation leads to memory leak. The attack can be launched remotely. It is recommended to apply | ||
| CVE-2022-3521 | — | < 4.12.14-150100.197.131.1 | 4.12.14-150100.197.131.1 | Oct 16, 2022 | A vulnerability has been found in Linux Kernel and classified as problematic. This vulnerability affects the function kcm_tx_work of the file net/kcm/kcmsock.c of the component kcm. The manipulation leads to race condition. It is recommended to apply a patch to fix this issue. VD | ||
| CVE-2022-42703 | — | < 4.12.14-150100.197.131.1 | 4.12.14-150100.197.131.1 | Oct 9, 2022 | mm/rmap.c in the Linux kernel before 5.19.7 has a use-after-free related to leaf anon_vma double reuse. | ||
| CVE-2022-41848 | — | < 4.12.14-150100.197.126.1 | 4.12.14-150100.197.126.1 | Sep 30, 2022 | drivers/char/pcmcia/synclink_cs.c in the Linux kernel through 5.19.12 has a race condition and resultant use-after-free if a physically proximate attacker removes a PCMCIA device while calling ioctl, aka a race condition between mgslpc_ioctl and mgslpc_detach. | ||
| CVE-2022-41850 | — | < 4.12.14-150100.197.131.1 | 4.12.14-150100.197.131.1 | Sep 30, 2022 | roccat_report_event in drivers/hid/hid-roccat.c in the Linux kernel through 5.19.12 has a race condition and resultant use-after-free in certain situations where a report is received while copying a report->value is in progress. | ||
| CVE-2022-3303 | — | < 4.12.14-150100.197.126.1 | 4.12.14-150100.197.126.1 | Sep 27, 2022 | A race condition flaw was found in the Linux kernel sound subsystem due to improper locking. It could lead to a NULL pointer dereference while handling the SNDCTL_DSP_SYNC ioctl. A privileged local user (root or member of the audio group) could use this flaw to crash the system, | ||
| CVE-2022-41218 | — | < 4.12.14-150100.197.126.1 | 4.12.14-150100.197.126.1 | Sep 21, 2022 | In drivers/media/dvb-core/dmxdev.c in the Linux kernel through 5.19.10, there is a use-after-free caused by refcount races, affecting dvb_demux_open and dvb_dmxdev_release. | ||
| CVE-2022-3239 | — | < 4.12.14-150100.197.126.1 | 4.12.14-150100.197.126.1 | Sep 19, 2022 | A flaw use after free in the Linux kernel video4linux driver was found in the way user triggers em28xx_usb_probe() for the Empia 28xx based TV cards. A local user could use this flaw to crash the system or potentially escalate their privileges on the system. | ||
| CVE-2022-40768 | — | < 4.12.14-150100.197.131.1 | 4.12.14-150100.197.131.1 | Sep 18, 2022 | drivers/scsi/stex.c in the Linux kernel through 5.19.9 allows local users to obtain sensitive information from kernel memory because stex_queuecommand_lck lacks a memset for the PASSTHRU_CMD case. | ||
| CVE-2022-36402 | — | < 4.12.14-150100.197.157.1 | 4.12.14-150100.197.157.1 | Sep 16, 2022 | An integer overflow vulnerability was found in vmwgfx driver in drivers/gpu/vmxgfx/vmxgfx_execbuf.c in GPU component of Linux kernel with device file '/dev/dri/renderD128 (or Dxxx)'. This flaw allows a local attacker with a user account on the system to gain privilege, causing a | ||
| CVE-2022-2977 | — | < 4.12.14-150100.197.123.1 | 4.12.14-150100.197.123.1 | Sep 14, 2022 | A flaw was found in the Linux kernel implementation of proxied virtualized TPM devices. On a system where virtualized TPM devices are configured (this is not the default) a local attacker can create a use-after-free and create a situation where it may be possible to escalate priv | ||
| CVE-2022-38096 | Med | 6.3 | < 4.12.14-150100.197.137.2 | 4.12.14-150100.197.137.2 | Sep 9, 2022 | A NULL pointer dereference vulnerability was found in vmwgfx driver in drivers/gpu/vmxgfx/vmxgfx_execbuf.c in GPU component of Linux kernel with device file '/dev/dri/renderD128 (or Dxxx)'. This flaw allows a local attacker with a user account on the system to gain privilege, cau |
- CVE-2022-3621Oct 20, 2022affected < 4.12.14-150100.197.131.1fixed 4.12.14-150100.197.131.1
A vulnerability was found in Linux Kernel. It has been classified as problematic. Affected is the function nilfs_bmap_lookup_at_level of the file fs/nilfs2/inode.c of the component nilfs2. The manipulation leads to null pointer dereference. It is possible to launch the attack rem
- CVE-2022-3586Oct 19, 2022affected < 4.12.14-150100.197.131.1fixed 4.12.14-150100.197.131.1
A flaw was found in the Linux kernel’s networking code. A use-after-free was found in the way the sch_sfb enqueue function used the socket buffer (SKB) cb field after the same SKB had been enqueued (and freed) into a child qdisc. This flaw allows a local, unprivileged user to cra
- CVE-2022-3594Oct 18, 2022affected < 4.12.14-150100.197.131.1fixed 4.12.14-150100.197.131.1
A vulnerability was found in Linux Kernel. It has been declared as problematic. Affected by this vulnerability is the function intr_callback of the file drivers/net/usb/r8152.c of the component BPF. The manipulation leads to logging of excessive data. The attack can be launched r
- CVE-2022-3567Oct 17, 2022affected < 4.12.14-150100.197.131.1fixed 4.12.14-150100.197.131.1
A vulnerability has been found in Linux Kernel and classified as problematic. This vulnerability affects the function inet6_stream_ops/inet6_dgram_ops of the component IPv6 Handler. The manipulation leads to race condition. It is recommended to apply a patch to fix this issue. VD
- CVE-2022-3566Oct 17, 2022affected < 4.12.14-150100.197.148.1fixed 4.12.14-150100.197.148.1
A vulnerability, which was classified as problematic, was found in Linux Kernel. This affects the function tcp_getsockopt/tcp_setsockopt of the component TCP Handler. The manipulation leads to race condition. It is recommended to apply a patch to fix this issue. The identifier VD
- CVE-2022-3565Oct 17, 2022affected < 4.12.14-150100.197.131.1fixed 4.12.14-150100.197.131.1
A vulnerability, which was classified as critical, has been found in Linux Kernel. Affected by this issue is the function del_timer of the file drivers/isdn/mISDN/l1oip_core.c of the component Bluetooth. The manipulation leads to use after free. It is recommended to apply a patch
- CVE-2022-3564Oct 17, 2022affected < 4.12.14-150100.197.134.1fixed 4.12.14-150100.197.134.1
A vulnerability classified as critical was found in Linux Kernel. Affected by this vulnerability is the function l2cap_reassemble_sdu of the file net/bluetooth/l2cap_core.c of the component Bluetooth. The manipulation leads to use after free. It is recommended to apply a patch to
- CVE-2022-3545Oct 17, 2022affected < 4.12.14-150100.197.131.1fixed 4.12.14-150100.197.131.1
A vulnerability has been found in Linux Kernel and classified as critical. Affected by this vulnerability is the function area_cache_get of the file drivers/net/ethernet/netronome/nfp/nfpcore/nfp_cppcore.c of the component IPsec. The manipulation leads to use after free. It is re
- CVE-2022-3524Oct 16, 2022affected < 4.12.14-150100.197.131.1fixed 4.12.14-150100.197.131.1
A vulnerability was found in Linux Kernel. It has been declared as problematic. Affected by this vulnerability is the function ipv6_renew_options of the component IPv6 Handler. The manipulation leads to memory leak. The attack can be launched remotely. It is recommended to apply
- CVE-2022-3521Oct 16, 2022affected < 4.12.14-150100.197.131.1fixed 4.12.14-150100.197.131.1
A vulnerability has been found in Linux Kernel and classified as problematic. This vulnerability affects the function kcm_tx_work of the file net/kcm/kcmsock.c of the component kcm. The manipulation leads to race condition. It is recommended to apply a patch to fix this issue. VD
- CVE-2022-42703Oct 9, 2022affected < 4.12.14-150100.197.131.1fixed 4.12.14-150100.197.131.1
mm/rmap.c in the Linux kernel before 5.19.7 has a use-after-free related to leaf anon_vma double reuse.
- CVE-2022-41848Sep 30, 2022affected < 4.12.14-150100.197.126.1fixed 4.12.14-150100.197.126.1
drivers/char/pcmcia/synclink_cs.c in the Linux kernel through 5.19.12 has a race condition and resultant use-after-free if a physically proximate attacker removes a PCMCIA device while calling ioctl, aka a race condition between mgslpc_ioctl and mgslpc_detach.
- CVE-2022-41850Sep 30, 2022affected < 4.12.14-150100.197.131.1fixed 4.12.14-150100.197.131.1
roccat_report_event in drivers/hid/hid-roccat.c in the Linux kernel through 5.19.12 has a race condition and resultant use-after-free in certain situations where a report is received while copying a report->value is in progress.
- CVE-2022-3303Sep 27, 2022affected < 4.12.14-150100.197.126.1fixed 4.12.14-150100.197.126.1
A race condition flaw was found in the Linux kernel sound subsystem due to improper locking. It could lead to a NULL pointer dereference while handling the SNDCTL_DSP_SYNC ioctl. A privileged local user (root or member of the audio group) could use this flaw to crash the system,
- CVE-2022-41218Sep 21, 2022affected < 4.12.14-150100.197.126.1fixed 4.12.14-150100.197.126.1
In drivers/media/dvb-core/dmxdev.c in the Linux kernel through 5.19.10, there is a use-after-free caused by refcount races, affecting dvb_demux_open and dvb_dmxdev_release.
- CVE-2022-3239Sep 19, 2022affected < 4.12.14-150100.197.126.1fixed 4.12.14-150100.197.126.1
A flaw use after free in the Linux kernel video4linux driver was found in the way user triggers em28xx_usb_probe() for the Empia 28xx based TV cards. A local user could use this flaw to crash the system or potentially escalate their privileges on the system.
- CVE-2022-40768Sep 18, 2022affected < 4.12.14-150100.197.131.1fixed 4.12.14-150100.197.131.1
drivers/scsi/stex.c in the Linux kernel through 5.19.9 allows local users to obtain sensitive information from kernel memory because stex_queuecommand_lck lacks a memset for the PASSTHRU_CMD case.
- CVE-2022-36402Sep 16, 2022affected < 4.12.14-150100.197.157.1fixed 4.12.14-150100.197.157.1
An integer overflow vulnerability was found in vmwgfx driver in drivers/gpu/vmxgfx/vmxgfx_execbuf.c in GPU component of Linux kernel with device file '/dev/dri/renderD128 (or Dxxx)'. This flaw allows a local attacker with a user account on the system to gain privilege, causing a
- CVE-2022-2977Sep 14, 2022affected < 4.12.14-150100.197.123.1fixed 4.12.14-150100.197.123.1
A flaw was found in the Linux kernel implementation of proxied virtualized TPM devices. On a system where virtualized TPM devices are configured (this is not the default) a local attacker can create a use-after-free and create a situation where it may be possible to escalate priv
- affected < 4.12.14-150100.197.137.2fixed 4.12.14-150100.197.137.2
A NULL pointer dereference vulnerability was found in vmwgfx driver in drivers/gpu/vmxgfx/vmxgfx_execbuf.c in GPU component of Linux kernel with device file '/dev/dri/renderD128 (or Dxxx)'. This flaw allows a local attacker with a user account on the system to gain privilege, cau
Page 7 of 11