rpm package
suse/kernel-default&distro=SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS
pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP5-LTSS
Vulnerabilities (2,310)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2024-26584 | — | < 5.14.21-150500.55.124.1 | 5.14.21-150500.55.124.1 | Feb 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: net: tls: handle backlogging of crypto requests Since we're setting the CRYPTO_TFM_REQ_MAY_BACKLOG flag on our requests to the crypto API, crypto_aead_{encrypt,decrypt} can return -EBUSY instead of -EINPROGRES | ||
| CVE-2024-26583 | — | < 5.14.21-150500.55.124.1 | 5.14.21-150500.55.124.1 | Feb 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: tls: fix race between async notify and socket close The submitting thread (one which called recvmsg/sendmsg) may exit as soon as the async crypto handler calls complete() so any code past that point risks touch | ||
| CVE-2024-26581 | — | < 5.14.21-150500.55.136.1 | 5.14.21-150500.55.136.1 | Feb 20, 2024 | In the Linux kernel, the following vulnerability has been resolved: netfilter: nft_set_rbtree: skip end interval element from gc rbtree lazy gc on insert might collect an end interval element that has been just added in this transactions, skip end interval elements that are not | ||
| CVE-2023-52433 | — | < 5.14.21-150500.55.136.1 | 5.14.21-150500.55.136.1 | Feb 20, 2024 | In the Linux kernel, the following vulnerability has been resolved: netfilter: nft_set_rbtree: skip sync GC for new elements in this transaction New elements in this transaction might expired before such transaction ends. Skip sync GC for such elements otherwise commit path mig | ||
| CVE-2024-24860 | — | < 5.14.21-150500.55.91.1 | 5.14.21-150500.55.91.1 | Feb 5, 2024 | A race condition was found in the Linux kernel's bluetooth device driver in {min,max}_key_size_set() function. This can result in a null pointer dereference issue, possibly leading to a kernel panic or denial of service issue. | ||
| CVE-2023-39197 | — | < 5.14.21-150500.55.124.1 | 5.14.21-150500.55.124.1 | Jan 23, 2024 | An out-of-bounds read vulnerability was found in Netfilter Connection Tracking (conntrack) in the Linux kernel. This flaw allows a remote user to disclose sensitive information via the DCCP protocol. | ||
| CVE-2022-2602 | — | < 5.14.21-150500.55.124.1 | 5.14.21-150500.55.124.1 | Jan 8, 2024 | io_uring UAF, Unix SCM garbage collection | ||
| CVE-2022-2586 | — | KEV | < 5.14.21-150500.55.113.1 | 5.14.21-150500.55.113.1 | Jan 8, 2024 | It was discovered that a nft object or expression could reference a nft set on a different nft table, leading to a use-after-free once that table was deleted. | |
| CVE-2022-2585 | — | < 5.14.21-150500.55.113.1 | 5.14.21-150500.55.113.1 | Jan 8, 2024 | It was discovered that when exec'ing from a non-leader thread, armed POSIX CPU timers would be left on a list but freed, leading to a use-after-free. | ||
| CVE-2023-1192 | — | < 5.14.21-150500.55.97.1 | 5.14.21-150500.55.97.1 | Nov 1, 2023 | A use-after-free flaw was found in smb2_is_status_io_timeout() in CIFS in the Linux Kernel. After CIFS transfers response data to a system call, there are still local variable points to the memory region, and if the system call frees it faster than CIFS uses it, CIFS will access | ||
| CVE-2023-42753 | — | < 5.14.21-150500.55.124.1 | 5.14.21-150500.55.124.1 | Sep 25, 2023 | An array indexing vulnerability was found in the netfilter subsystem of the Linux kernel. A missing macro could lead to a miscalculation of the `h->nets` array offset, providing attackers with the primitive to arbitrarily increment/decrement a memory buffer out-of-bound. This iss | ||
| CVE-2023-3772 | — | < 5.14.21-150500.55.124.1 | 5.14.21-150500.55.124.1 | Jul 25, 2023 | A flaw was found in the Linux kernel’s IP framework for transforming packets (XFRM subsystem). This issue may allow a malicious user with CAP_NET_ADMIN privileges to directly dereference a NULL pointer in xfrm_update_ae_params(), leading to a possible kernel crash and denial of s | ||
| CVE-2023-33951 | — | < 5.14.21-150500.55.91.1 | 5.14.21-150500.55.91.1 | Jul 24, 2023 | A race condition vulnerability was found in the vmwgfx driver in the Linux kernel. The flaw exists within the handling of GEM objects. The issue results from improper locking when performing operations on an object. This flaw allows a local privileged user to disclose information | ||
| CVE-2023-3567 | — | < 5.14.21-150500.55.100.1 | 5.14.21-150500.55.100.1 | Jul 24, 2023 | A use-after-free flaw was found in vcs_read in drivers/tty/vt/vc_screen.c in vc_screen in the Linux Kernel. This issue may allow an attacker with local user access to cause a system crash or leak internal kernel information. | ||
| CVE-2023-33952 | — | < 5.14.21-150500.55.91.1 | 5.14.21-150500.55.91.1 | Jul 24, 2023 | A double-free vulnerability was found in handling vmw_buffer_object objects in the vmwgfx driver in the Linux kernel. This issue occurs due to the lack of validating the existence of an object prior to performing further free operations on the object, which may allow a local priv | ||
| CVE-2023-31248 | — | < 5.14.21-150500.55.124.1 | 5.14.21-150500.55.124.1 | Jul 5, 2023 | Linux Kernel nftables Use-After-Free Local Privilege Escalation Vulnerability; `nft_chain_lookup_byid()` failed to check whether a chain was active and CAP_NET_ADMIN is in any user or network namespace | ||
| CVE-2023-3111 | — | < 5.14.21-150500.55.113.1 | 5.14.21-150500.55.113.1 | Jun 5, 2023 | A use after free vulnerability was found in prepare_to_relocate in fs/btrfs/relocation.c in btrfs in the Linux Kernel. This possible flaw can be triggered by calling btrfs_ioctl_balance() before calling btrfs_ioctl_defrag(). | ||
| CVE-2023-28410 | — | < 5.14.21-150500.55.100.1 | 5.14.21-150500.55.100.1 | May 10, 2023 | Improper restriction of operations within the bounds of a memory buffer in some Intel(R) i915 Graphics drivers for linux before kernel version 6.2.10 may allow an authenticated user to potentially enable escalation of privilege via local access. | ||
| CVE-2023-28328 | — | < 5.14.21-150500.55.124.1 | 5.14.21-150500.55.124.1 | Apr 19, 2023 | A NULL pointer dereference flaw was found in the az6027 driver in drivers/media/usb/dev-usb/az6027.c in the Linux Kernel. The message from user space is not checked properly before transferring into the device. This flaw allows a local user to crash the system or potentially caus | ||
| CVE-2023-2162 | — | < 5.14.21-150500.55.100.1 | 5.14.21-150500.55.100.1 | Apr 19, 2023 | A use-after-free vulnerability was found in iscsi_sw_tcp_session_create in drivers/scsi/iscsi_tcp.c in SCSI sub-component in the Linux Kernel. In this flaw an attacker could leak kernel internal information. |
- CVE-2024-26584Feb 21, 2024affected < 5.14.21-150500.55.124.1fixed 5.14.21-150500.55.124.1
In the Linux kernel, the following vulnerability has been resolved: net: tls: handle backlogging of crypto requests Since we're setting the CRYPTO_TFM_REQ_MAY_BACKLOG flag on our requests to the crypto API, crypto_aead_{encrypt,decrypt} can return -EBUSY instead of -EINPROGRES
- CVE-2024-26583Feb 21, 2024affected < 5.14.21-150500.55.124.1fixed 5.14.21-150500.55.124.1
In the Linux kernel, the following vulnerability has been resolved: tls: fix race between async notify and socket close The submitting thread (one which called recvmsg/sendmsg) may exit as soon as the async crypto handler calls complete() so any code past that point risks touch
- CVE-2024-26581Feb 20, 2024affected < 5.14.21-150500.55.136.1fixed 5.14.21-150500.55.136.1
In the Linux kernel, the following vulnerability has been resolved: netfilter: nft_set_rbtree: skip end interval element from gc rbtree lazy gc on insert might collect an end interval element that has been just added in this transactions, skip end interval elements that are not
- CVE-2023-52433Feb 20, 2024affected < 5.14.21-150500.55.136.1fixed 5.14.21-150500.55.136.1
In the Linux kernel, the following vulnerability has been resolved: netfilter: nft_set_rbtree: skip sync GC for new elements in this transaction New elements in this transaction might expired before such transaction ends. Skip sync GC for such elements otherwise commit path mig
- CVE-2024-24860Feb 5, 2024affected < 5.14.21-150500.55.91.1fixed 5.14.21-150500.55.91.1
A race condition was found in the Linux kernel's bluetooth device driver in {min,max}_key_size_set() function. This can result in a null pointer dereference issue, possibly leading to a kernel panic or denial of service issue.
- CVE-2023-39197Jan 23, 2024affected < 5.14.21-150500.55.124.1fixed 5.14.21-150500.55.124.1
An out-of-bounds read vulnerability was found in Netfilter Connection Tracking (conntrack) in the Linux kernel. This flaw allows a remote user to disclose sensitive information via the DCCP protocol.
- CVE-2022-2602Jan 8, 2024affected < 5.14.21-150500.55.124.1fixed 5.14.21-150500.55.124.1
io_uring UAF, Unix SCM garbage collection
- affected < 5.14.21-150500.55.113.1fixed 5.14.21-150500.55.113.1
It was discovered that a nft object or expression could reference a nft set on a different nft table, leading to a use-after-free once that table was deleted.
- CVE-2022-2585Jan 8, 2024affected < 5.14.21-150500.55.113.1fixed 5.14.21-150500.55.113.1
It was discovered that when exec'ing from a non-leader thread, armed POSIX CPU timers would be left on a list but freed, leading to a use-after-free.
- CVE-2023-1192Nov 1, 2023affected < 5.14.21-150500.55.97.1fixed 5.14.21-150500.55.97.1
A use-after-free flaw was found in smb2_is_status_io_timeout() in CIFS in the Linux Kernel. After CIFS transfers response data to a system call, there are still local variable points to the memory region, and if the system call frees it faster than CIFS uses it, CIFS will access
- CVE-2023-42753Sep 25, 2023affected < 5.14.21-150500.55.124.1fixed 5.14.21-150500.55.124.1
An array indexing vulnerability was found in the netfilter subsystem of the Linux kernel. A missing macro could lead to a miscalculation of the `h->nets` array offset, providing attackers with the primitive to arbitrarily increment/decrement a memory buffer out-of-bound. This iss
- CVE-2023-3772Jul 25, 2023affected < 5.14.21-150500.55.124.1fixed 5.14.21-150500.55.124.1
A flaw was found in the Linux kernel’s IP framework for transforming packets (XFRM subsystem). This issue may allow a malicious user with CAP_NET_ADMIN privileges to directly dereference a NULL pointer in xfrm_update_ae_params(), leading to a possible kernel crash and denial of s
- CVE-2023-33951Jul 24, 2023affected < 5.14.21-150500.55.91.1fixed 5.14.21-150500.55.91.1
A race condition vulnerability was found in the vmwgfx driver in the Linux kernel. The flaw exists within the handling of GEM objects. The issue results from improper locking when performing operations on an object. This flaw allows a local privileged user to disclose information
- CVE-2023-3567Jul 24, 2023affected < 5.14.21-150500.55.100.1fixed 5.14.21-150500.55.100.1
A use-after-free flaw was found in vcs_read in drivers/tty/vt/vc_screen.c in vc_screen in the Linux Kernel. This issue may allow an attacker with local user access to cause a system crash or leak internal kernel information.
- CVE-2023-33952Jul 24, 2023affected < 5.14.21-150500.55.91.1fixed 5.14.21-150500.55.91.1
A double-free vulnerability was found in handling vmw_buffer_object objects in the vmwgfx driver in the Linux kernel. This issue occurs due to the lack of validating the existence of an object prior to performing further free operations on the object, which may allow a local priv
- CVE-2023-31248Jul 5, 2023affected < 5.14.21-150500.55.124.1fixed 5.14.21-150500.55.124.1
Linux Kernel nftables Use-After-Free Local Privilege Escalation Vulnerability; `nft_chain_lookup_byid()` failed to check whether a chain was active and CAP_NET_ADMIN is in any user or network namespace
- CVE-2023-3111Jun 5, 2023affected < 5.14.21-150500.55.113.1fixed 5.14.21-150500.55.113.1
A use after free vulnerability was found in prepare_to_relocate in fs/btrfs/relocation.c in btrfs in the Linux Kernel. This possible flaw can be triggered by calling btrfs_ioctl_balance() before calling btrfs_ioctl_defrag().
- CVE-2023-28410May 10, 2023affected < 5.14.21-150500.55.100.1fixed 5.14.21-150500.55.100.1
Improper restriction of operations within the bounds of a memory buffer in some Intel(R) i915 Graphics drivers for linux before kernel version 6.2.10 may allow an authenticated user to potentially enable escalation of privilege via local access.
- CVE-2023-28328Apr 19, 2023affected < 5.14.21-150500.55.124.1fixed 5.14.21-150500.55.124.1
A NULL pointer dereference flaw was found in the az6027 driver in drivers/media/usb/dev-usb/az6027.c in the Linux Kernel. The message from user space is not checked properly before transferring into the device. This flaw allows a local user to crash the system or potentially caus
- CVE-2023-2162Apr 19, 2023affected < 5.14.21-150500.55.100.1fixed 5.14.21-150500.55.100.1
A use-after-free vulnerability was found in iscsi_sw_tcp_session_create in drivers/scsi/iscsi_tcp.c in SCSI sub-component in the Linux Kernel. In this flaw an attacker could leak kernel internal information.
Page 114 of 116