rpm package
suse/kernel-azure&distro=SUSE Linux Enterprise Module for Public Cloud 15 SP5
pkg:rpm/suse/kernel-azure&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Public%20Cloud%2015%20SP5
Vulnerabilities (2,432)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2023-0590 | Med | 4.7 | < 5.14.21-150500.33.3.1 | 5.14.21-150500.33.3.1 | Mar 23, 2023 | A use-after-free flaw was found in qdisc_graft in net/sched/sch_api.c in the Linux Kernel due to a race problem. This flaw leads to a denial of service issue. If patch ebda44da44f6 ("net: sched: fix race condition in qdisc_graft()") not applied yet, then kernel could be affected. | |
| CVE-2023-1118 | Hig | 7.8 | < 5.14.21-150500.33.3.1 | 5.14.21-150500.33.3.1 | Mar 2, 2023 | A flaw use after free in the Linux kernel integrated infrared receiver/transceiver driver was found in the way user detaching rc device. A local user could use this flaw to crash the system or potentially escalate their privileges on the system. | |
| CVE-2023-23006 | Med | 5.5 | < 5.14.21-150500.33.3.1 | 5.14.21-150500.33.3.1 | Mar 1, 2023 | In the Linux kernel before 5.15.13, drivers/net/ethernet/mellanox/mlx5/core/steering/dr_domain.c misinterprets the mlx5_get_uars_page return value (expects it to be NULL in the error case, whereas it is actually an error pointer). | |
| CVE-2023-23004 | Med | 5.5 | < 5.14.21-150500.33.3.1 | 5.14.21-150500.33.3.1 | Mar 1, 2023 | In the Linux kernel before 5.19, drivers/gpu/drm/arm/malidp_planes.c misinterprets the get_sg_table return value (expects it to be NULL in the error case, whereas it is actually an error pointer). | |
| CVE-2023-23001 | Med | 5.5 | < 5.14.21-150500.33.3.1 | 5.14.21-150500.33.3.1 | Mar 1, 2023 | In the Linux kernel before 5.16.3, drivers/scsi/ufs/ufs-mediatek.c misinterprets the regulator_get return value (expects it to be NULL in the error case, whereas it is actually an error pointer). | |
| CVE-2023-23000 | Med | 5.5 | < 5.14.21-150500.33.3.1 | 5.14.21-150500.33.3.1 | Mar 1, 2023 | In the Linux kernel before 5.17, drivers/phy/tegra/xusb.c mishandles the tegra_xusb_find_port_node return value. Callers expect NULL in the error case, but an error pointer is used. | |
| CVE-2023-1095 | Med | 5.5 | < 5.14.21-150500.33.3.1 | 5.14.21-150500.33.3.1 | Feb 28, 2023 | In nf_tables_updtable, if nf_tables_table_enable returns an error, nft_trans_destroy is called to free the transaction object. nft_trans_destroy() calls list_del(), but the transaction was never placed on a list -- the list head is all zeroes, this results in a NULL pointer deref | |
| CVE-2023-22998 | Med | 5.5 | < 5.14.21-150500.33.3.1 | 5.14.21-150500.33.3.1 | Feb 28, 2023 | In the Linux kernel before 6.0.3, drivers/gpu/drm/virtio/virtgpu_object.c misinterprets the drm_gem_shmem_get_sg_table return value (expects it to be NULL in the error case, whereas it is actually an error pointer). | |
| CVE-2023-0461 | Hig | 7.8 | < 5.14.21-150500.33.3.1 | 5.14.21-150500.33.3.1 | Feb 28, 2023 | There is a use-after-free vulnerability in the Linux Kernel which can be exploited to achieve local privilege escalation. To reach the vulnerability kernel configuration flag CONFIG_TLS or CONFIG_XFRM_ESPINTCP has to be configured, but the operation does not require any privilege | |
| CVE-2023-26545 | Med | 4.7 | < 5.14.21-150500.33.3.1 | 5.14.21-150500.33.3.1 | Feb 25, 2023 | In the Linux kernel before 6.1.13, there is a double free in net/mpls/af_mpls.c upon an allocation failure (for registering the sysctl table under a new location) during the renaming of a device. | |
| CVE-2023-0597 | Med | 5.5 | < 5.14.21-150500.33.3.1 | 5.14.21-150500.33.3.1 | Feb 23, 2023 | A flaw possibility of memory leak in the Linux kernel cpu_entry_area mapping of X86 CPU data to memory was found in the way user can guess location of exception stack(s) or other important data. A local user could use this flaw to get access to some important data with expected l | |
| CVE-2023-25012 | Med | 4.6 | < 5.14.21-150500.33.3.1 | 5.14.21-150500.33.3.1 | Feb 2, 2023 | The Linux kernel through 6.1.9 has a Use-After-Free in bigben_remove in drivers/hid/hid-bigbenff.c via a crafted USB device because the LED controllers remain registered for too long. | |
| CVE-2023-0469 | Med | 5.5 | < 5.14.21-150500.33.3.1 | 5.14.21-150500.33.3.1 | Jan 26, 2023 | A use-after-free flaw was found in io_uring/filetable.c in io_install_fixed_file in the io_uring subcomponent in the Linux Kernel during call cleanup. This flaw may lead to a denial of service. | |
| CVE-2023-0394 | Med | 5.5 | < 5.14.21-150500.33.3.1 | 5.14.21-150500.33.3.1 | Jan 26, 2023 | A NULL pointer dereference flaw was found in rawv6_push_pending_frames in net/ipv6/raw.c in the network subcomponent in the Linux kernel. This flaw causes the system to crash. | |
| CVE-2023-0122 | Hig | 7.5 | < 5.14.21-150500.33.3.1 | 5.14.21-150500.33.3.1 | Jan 17, 2023 | A NULL pointer dereference vulnerability in the Linux kernel NVMe functionality, in nvmet_setup_auth(), allows an attacker to perform a Pre-Auth Denial of Service (DoS) attack on a remote machine. Affected versions v6.0-rc1 to v6.0-rc3, fixed in v6.0-rc4. | |
| CVE-2022-2196 | Med | 5.8 | < 5.14.21-150500.33.3.1 | 5.14.21-150500.33.3.1 | Jan 9, 2023 | A regression exists in the Linux Kernel within KVM: nVMX that allowed for speculative execution attacks. L2 can carry out Spectre v2 attacks on L1 due to L1 thinking it doesn't need retpolines or IBPB after running L2 due to KVM (L0) advertising eIBRS support to L1. An attacker a | |
| CVE-2022-4269 | Med | 5.5 | < 5.14.21-150500.33.3.1 | 5.14.21-150500.33.3.1 | Dec 5, 2022 | A flaw was found in the Linux kernel Traffic Control (TC) subsystem. Using a specific networking configuration (redirecting egress packets to ingress using TC action "mirred") a local unprivileged user could trigger a CPU soft lockup (ABBA deadlock) when the transport protocol in | |
| CVE-2022-45934 | Hig | 7.8 | < 5.14.21-150500.33.72.1 | 5.14.21-150500.33.72.1 | Nov 27, 2022 | An issue was discovered in the Linux kernel through 6.0.10. l2cap_config_req in net/bluetooth/l2cap_core.c has an integer wraparound via L2CAP_CONF_REQ packets. | |
| CVE-2022-45919 | Hig | 7.0 | < 5.14.21-150500.33.3.1 | 5.14.21-150500.33.3.1 | Nov 27, 2022 | An issue was discovered in the Linux kernel through 6.0.10. In drivers/media/dvb-core/dvb_ca_en50221.c, a use-after-free can occur is there is a disconnect after an open, because of the lack of a wait_event. | |
| CVE-2022-45887 | Med | 4.7 | < 5.14.21-150500.33.3.1 | 5.14.21-150500.33.3.1 | Nov 25, 2022 | An issue was discovered in the Linux kernel through 6.0.9. drivers/media/usb/ttusb-dec/ttusb_dec.c has a memory leak because of the lack of a dvb_frontend_detach call. |
- affected < 5.14.21-150500.33.3.1fixed 5.14.21-150500.33.3.1
A use-after-free flaw was found in qdisc_graft in net/sched/sch_api.c in the Linux Kernel due to a race problem. This flaw leads to a denial of service issue. If patch ebda44da44f6 ("net: sched: fix race condition in qdisc_graft()") not applied yet, then kernel could be affected.
- affected < 5.14.21-150500.33.3.1fixed 5.14.21-150500.33.3.1
A flaw use after free in the Linux kernel integrated infrared receiver/transceiver driver was found in the way user detaching rc device. A local user could use this flaw to crash the system or potentially escalate their privileges on the system.
- affected < 5.14.21-150500.33.3.1fixed 5.14.21-150500.33.3.1
In the Linux kernel before 5.15.13, drivers/net/ethernet/mellanox/mlx5/core/steering/dr_domain.c misinterprets the mlx5_get_uars_page return value (expects it to be NULL in the error case, whereas it is actually an error pointer).
- affected < 5.14.21-150500.33.3.1fixed 5.14.21-150500.33.3.1
In the Linux kernel before 5.19, drivers/gpu/drm/arm/malidp_planes.c misinterprets the get_sg_table return value (expects it to be NULL in the error case, whereas it is actually an error pointer).
- affected < 5.14.21-150500.33.3.1fixed 5.14.21-150500.33.3.1
In the Linux kernel before 5.16.3, drivers/scsi/ufs/ufs-mediatek.c misinterprets the regulator_get return value (expects it to be NULL in the error case, whereas it is actually an error pointer).
- affected < 5.14.21-150500.33.3.1fixed 5.14.21-150500.33.3.1
In the Linux kernel before 5.17, drivers/phy/tegra/xusb.c mishandles the tegra_xusb_find_port_node return value. Callers expect NULL in the error case, but an error pointer is used.
- affected < 5.14.21-150500.33.3.1fixed 5.14.21-150500.33.3.1
In nf_tables_updtable, if nf_tables_table_enable returns an error, nft_trans_destroy is called to free the transaction object. nft_trans_destroy() calls list_del(), but the transaction was never placed on a list -- the list head is all zeroes, this results in a NULL pointer deref
- affected < 5.14.21-150500.33.3.1fixed 5.14.21-150500.33.3.1
In the Linux kernel before 6.0.3, drivers/gpu/drm/virtio/virtgpu_object.c misinterprets the drm_gem_shmem_get_sg_table return value (expects it to be NULL in the error case, whereas it is actually an error pointer).
- affected < 5.14.21-150500.33.3.1fixed 5.14.21-150500.33.3.1
There is a use-after-free vulnerability in the Linux Kernel which can be exploited to achieve local privilege escalation. To reach the vulnerability kernel configuration flag CONFIG_TLS or CONFIG_XFRM_ESPINTCP has to be configured, but the operation does not require any privilege
- affected < 5.14.21-150500.33.3.1fixed 5.14.21-150500.33.3.1
In the Linux kernel before 6.1.13, there is a double free in net/mpls/af_mpls.c upon an allocation failure (for registering the sysctl table under a new location) during the renaming of a device.
- affected < 5.14.21-150500.33.3.1fixed 5.14.21-150500.33.3.1
A flaw possibility of memory leak in the Linux kernel cpu_entry_area mapping of X86 CPU data to memory was found in the way user can guess location of exception stack(s) or other important data. A local user could use this flaw to get access to some important data with expected l
- affected < 5.14.21-150500.33.3.1fixed 5.14.21-150500.33.3.1
The Linux kernel through 6.1.9 has a Use-After-Free in bigben_remove in drivers/hid/hid-bigbenff.c via a crafted USB device because the LED controllers remain registered for too long.
- affected < 5.14.21-150500.33.3.1fixed 5.14.21-150500.33.3.1
A use-after-free flaw was found in io_uring/filetable.c in io_install_fixed_file in the io_uring subcomponent in the Linux Kernel during call cleanup. This flaw may lead to a denial of service.
- affected < 5.14.21-150500.33.3.1fixed 5.14.21-150500.33.3.1
A NULL pointer dereference flaw was found in rawv6_push_pending_frames in net/ipv6/raw.c in the network subcomponent in the Linux kernel. This flaw causes the system to crash.
- affected < 5.14.21-150500.33.3.1fixed 5.14.21-150500.33.3.1
A NULL pointer dereference vulnerability in the Linux kernel NVMe functionality, in nvmet_setup_auth(), allows an attacker to perform a Pre-Auth Denial of Service (DoS) attack on a remote machine. Affected versions v6.0-rc1 to v6.0-rc3, fixed in v6.0-rc4.
- affected < 5.14.21-150500.33.3.1fixed 5.14.21-150500.33.3.1
A regression exists in the Linux Kernel within KVM: nVMX that allowed for speculative execution attacks. L2 can carry out Spectre v2 attacks on L1 due to L1 thinking it doesn't need retpolines or IBPB after running L2 due to KVM (L0) advertising eIBRS support to L1. An attacker a
- affected < 5.14.21-150500.33.3.1fixed 5.14.21-150500.33.3.1
A flaw was found in the Linux kernel Traffic Control (TC) subsystem. Using a specific networking configuration (redirecting egress packets to ingress using TC action "mirred") a local unprivileged user could trigger a CPU soft lockup (ABBA deadlock) when the transport protocol in
- affected < 5.14.21-150500.33.72.1fixed 5.14.21-150500.33.72.1
An issue was discovered in the Linux kernel through 6.0.10. l2cap_config_req in net/bluetooth/l2cap_core.c has an integer wraparound via L2CAP_CONF_REQ packets.
- affected < 5.14.21-150500.33.3.1fixed 5.14.21-150500.33.3.1
An issue was discovered in the Linux kernel through 6.0.10. In drivers/media/dvb-core/dvb_ca_en50221.c, a use-after-free can occur is there is a disconnect after an open, because of the lack of a wait_event.
- affected < 5.14.21-150500.33.3.1fixed 5.14.21-150500.33.3.1
An issue was discovered in the Linux kernel through 6.0.9. drivers/media/usb/ttusb-dec/ttusb_dec.c has a memory leak because of the lack of a dvb_frontend_detach call.
Page 121 of 122