rpm package
suse/kernel-default&distro=SUSE Linux Enterprise Live Patching 15 SP3
pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2015%20SP3
Vulnerabilities (1,750)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2023-45863 | Med | 6.4 | < 5.3.18-150300.59.144.1 | 5.3.18-150300.59.144.1 | Oct 14, 2023 | An issue was discovered in lib/kobject.c in the Linux kernel before 6.2.3. With root access, an attacker can trigger a race condition that results in a fill_kobj_path out-of-bounds write. | |
| CVE-2023-45862 | Med | 5.5 | < 5.3.18-150300.59.141.2 | 5.3.18-150300.59.141.2 | Oct 14, 2023 | An issue was discovered in drivers/usb/storage/ene_ub6250.c for the ENE UB6250 reader driver in the Linux kernel before 6.2.5. An object could potentially extend beyond the end of an allocation. | |
| CVE-2023-39194 | Low | 3.2 | < 5.3.18-150300.59.141.2 | 5.3.18-150300.59.141.2 | Oct 9, 2023 | A flaw was found in the XFRM subsystem in the Linux kernel. The specific flaw exists within the processing of state filters, which can result in a read past the end of an allocated buffer. This flaw allows a local privileged (CAP_NET_ADMIN) attacker to trigger an out-of-bounds re | |
| CVE-2023-39193 | Med | 6.1 | < 5.3.18-150300.59.141.2 | 5.3.18-150300.59.141.2 | Oct 9, 2023 | A flaw was found in the Netfilter subsystem in the Linux kernel. The sctp_mt_check did not validate the flag_count field. This flaw allows a local privileged (CAP_NET_ADMIN) attacker to trigger an out-of-bounds read, leading to a crash or information disclosure. | |
| CVE-2023-39192 | Med | 6.7 | < 5.3.18-150300.59.141.2 | 5.3.18-150300.59.141.2 | Oct 9, 2023 | A flaw was found in the Netfilter subsystem in the Linux kernel. The xt_u32 module did not validate the fields in the xt_u32 structure. This flaw allows a local privileged attacker to trigger an out-of-bounds read by setting the size fields with a value beyond the array boundarie | |
| CVE-2023-39189 | Med | 5.1 | < 5.3.18-150300.59.141.2 | 5.3.18-150300.59.141.2 | Oct 9, 2023 | A flaw was found in the Netfilter subsystem in the Linux kernel. The nfnl_osf_add_callback function did not validate the user mode controlled opt_num field. This flaw allows a local privileged (CAP_NET_ADMIN) attacker to trigger an out-of-bounds read, leading to a crash or inform | |
| CVE-2023-42754 | Med | 5.5 | < 5.3.18-150300.59.141.2 | 5.3.18-150300.59.141.2 | Oct 5, 2023 | A NULL pointer dereference flaw was found in the Linux kernel ipv4 stack. The socket buffer (skb) was assumed to be associated with a device before calling __ip_options_compile, which is not always the case if the skb is re-routed by ipvs. This issue may allow a local user with C | |
| CVE-2023-42753 | Hig | 7.0 | < 5.3.18-150300.59.138.1 | 5.3.18-150300.59.138.1 | Sep 25, 2023 | An array indexing vulnerability was found in the netfilter subsystem of the Linux kernel. A missing macro could lead to a miscalculation of the `h->nets` array offset, providing attackers with the primitive to arbitrarily increment/decrement a memory buffer out-of-bound. This iss | |
| CVE-2023-34319 | Hig | 7.8 | < 5.3.18-150300.59.133.1 | 5.3.18-150300.59.133.1 | Sep 22, 2023 | The fix for XSA-423 added logic to Linux'es netback driver to deal with a frontend splitting a packet in a way such that not all of the headers would come in one piece. Unfortunately the logic introduced there didn't account for the extreme case of the entire packet being split | |
| CVE-2023-2163 | Cri | 10.0 | < 5.3.18-150300.59.141.2 | 5.3.18-150300.59.141.2 | Sep 20, 2023 | Incorrect verifier pruning in BPF in Linux Kernel >=5.4 leads to unsafe code paths being incorrectly marked as safe, resulting in arbitrary read/write in kernel memory, lateral privilege escalation, and container escape. | |
| CVE-2020-36766 | Low | 3.3 | < 5.3.18-150300.59.138.1 | 5.3.18-150300.59.138.1 | Sep 18, 2023 | An issue was discovered in the Linux kernel before 5.8.6. drivers/media/cec/core/cec-api.c leaks one byte of kernel memory on specific hardware to unprivileged users, because of directly assigning log_addrs with a hole in the struct. | |
| CVE-2023-4921 | Hig | 7.8 | < 5.3.18-150300.59.138.1 | 5.3.18-150300.59.138.1 | Sep 12, 2023 | A use-after-free vulnerability in the Linux kernel's net/sched: sch_qfq component can be exploited to achieve local privilege escalation. When the plug qdisc is used as a class of the qfq qdisc, sending network packets triggers use-after-free in qfq_dequeue() due to the incorrec | |
| CVE-2023-4623 | Hig | 7.8 | < 5.3.18-150300.59.138.1 | 5.3.18-150300.59.138.1 | Sep 6, 2023 | A use-after-free vulnerability in the Linux kernel's net/sched: sch_hfsc (HFSC qdisc traffic control) component can be exploited to achieve local privilege escalation. If a class with a link-sharing curve (i.e. with the HFSC_FSC flag set) has a parent without a link-sharing curv | |
| CVE-2023-4622 | Hig | 7.8 | < 5.3.18-150300.59.138.1 | 5.3.18-150300.59.138.1 | Sep 6, 2023 | A use-after-free vulnerability in the Linux kernel's af_unix component can be exploited to achieve local privilege escalation. The unix_stream_sendpage() function tries to add data to the last skb in the peer's recv queue without locking the queue. Thus there is a race where uni | |
| CVE-2023-4244 | Hig | 7.8 | < 5.3.18-150300.59.164.1 | 5.3.18-150300.59.164.1 | Sep 6, 2023 | A use-after-free vulnerability in the Linux kernel's netfilter: nf_tables component can be exploited to achieve local privilege escalation. Due to a race condition between nf_tables netlink control plane transaction and nft_set element garbage collection, it is possible to under | |
| CVE-2023-3777 | Hig | 7.8 | < 5.3.18-150300.59.141.2 | 5.3.18-150300.59.141.2 | Sep 6, 2023 | A use-after-free vulnerability in the Linux kernel's netfilter: nf_tables component can be exploited to achieve local privilege escalation. When nf_tables_delrule() is flushing table rules, it is not checked whether the chain is bound and the chain's owner rule can also release | |
| CVE-2023-4459 | Med | 5.5 | < 5.3.18-150300.59.133.1 | 5.3.18-150300.59.133.1 | Aug 21, 2023 | A NULL pointer dereference flaw was found in vmxnet3_rq_cleanup in drivers/net/vmxnet3/vmxnet3_drv.c in the networking sub-component in vmxnet3 in the Linux Kernel. This issue may allow a local attacker with normal user privilege to cause a denial of service due to a missing sani | |
| CVE-2023-4389 | Hig | 7.0 | < 5.3.18-150300.59.138.1 | 5.3.18-150300.59.138.1 | Aug 16, 2023 | A flaw was found in btrfs_get_root_ref in fs/btrfs/disk-io.c in the btrfs filesystem in the Linux Kernel due to a double decrement of the reference count. This issue may allow a local attacker with user privilege to crash the system or may lead to leaked internal kernel informati | |
| CVE-2023-4387 | Hig | 7.1 | < 5.3.18-150300.59.133.1 | 5.3.18-150300.59.133.1 | Aug 16, 2023 | A use-after-free flaw was found in vmxnet3_rq_alloc_rx_buf in drivers/net/vmxnet3/vmxnet3_drv.c in VMware's vmxnet3 ethernet NIC driver in the Linux Kernel. This issue could allow a local attacker to crash the system due to a double-free while cleaning up vmxnet3_rq_cleanup_all, | |
| CVE-2023-4385 | Med | 5.5 | < 5.3.18-150300.59.133.1 | 5.3.18-150300.59.133.1 | Aug 16, 2023 | A NULL pointer dereference flaw was found in dbFree in fs/jfs/jfs_dmap.c in the journaling file system (JFS) in the Linux Kernel. This issue may allow a local attacker to crash the system due to a missing sanity check. |
- affected < 5.3.18-150300.59.144.1fixed 5.3.18-150300.59.144.1
An issue was discovered in lib/kobject.c in the Linux kernel before 6.2.3. With root access, an attacker can trigger a race condition that results in a fill_kobj_path out-of-bounds write.
- affected < 5.3.18-150300.59.141.2fixed 5.3.18-150300.59.141.2
An issue was discovered in drivers/usb/storage/ene_ub6250.c for the ENE UB6250 reader driver in the Linux kernel before 6.2.5. An object could potentially extend beyond the end of an allocation.
- affected < 5.3.18-150300.59.141.2fixed 5.3.18-150300.59.141.2
A flaw was found in the XFRM subsystem in the Linux kernel. The specific flaw exists within the processing of state filters, which can result in a read past the end of an allocated buffer. This flaw allows a local privileged (CAP_NET_ADMIN) attacker to trigger an out-of-bounds re
- affected < 5.3.18-150300.59.141.2fixed 5.3.18-150300.59.141.2
A flaw was found in the Netfilter subsystem in the Linux kernel. The sctp_mt_check did not validate the flag_count field. This flaw allows a local privileged (CAP_NET_ADMIN) attacker to trigger an out-of-bounds read, leading to a crash or information disclosure.
- affected < 5.3.18-150300.59.141.2fixed 5.3.18-150300.59.141.2
A flaw was found in the Netfilter subsystem in the Linux kernel. The xt_u32 module did not validate the fields in the xt_u32 structure. This flaw allows a local privileged attacker to trigger an out-of-bounds read by setting the size fields with a value beyond the array boundarie
- affected < 5.3.18-150300.59.141.2fixed 5.3.18-150300.59.141.2
A flaw was found in the Netfilter subsystem in the Linux kernel. The nfnl_osf_add_callback function did not validate the user mode controlled opt_num field. This flaw allows a local privileged (CAP_NET_ADMIN) attacker to trigger an out-of-bounds read, leading to a crash or inform
- affected < 5.3.18-150300.59.141.2fixed 5.3.18-150300.59.141.2
A NULL pointer dereference flaw was found in the Linux kernel ipv4 stack. The socket buffer (skb) was assumed to be associated with a device before calling __ip_options_compile, which is not always the case if the skb is re-routed by ipvs. This issue may allow a local user with C
- affected < 5.3.18-150300.59.138.1fixed 5.3.18-150300.59.138.1
An array indexing vulnerability was found in the netfilter subsystem of the Linux kernel. A missing macro could lead to a miscalculation of the `h->nets` array offset, providing attackers with the primitive to arbitrarily increment/decrement a memory buffer out-of-bound. This iss
- affected < 5.3.18-150300.59.133.1fixed 5.3.18-150300.59.133.1
The fix for XSA-423 added logic to Linux'es netback driver to deal with a frontend splitting a packet in a way such that not all of the headers would come in one piece. Unfortunately the logic introduced there didn't account for the extreme case of the entire packet being split
- affected < 5.3.18-150300.59.141.2fixed 5.3.18-150300.59.141.2
Incorrect verifier pruning in BPF in Linux Kernel >=5.4 leads to unsafe code paths being incorrectly marked as safe, resulting in arbitrary read/write in kernel memory, lateral privilege escalation, and container escape.
- affected < 5.3.18-150300.59.138.1fixed 5.3.18-150300.59.138.1
An issue was discovered in the Linux kernel before 5.8.6. drivers/media/cec/core/cec-api.c leaks one byte of kernel memory on specific hardware to unprivileged users, because of directly assigning log_addrs with a hole in the struct.
- affected < 5.3.18-150300.59.138.1fixed 5.3.18-150300.59.138.1
A use-after-free vulnerability in the Linux kernel's net/sched: sch_qfq component can be exploited to achieve local privilege escalation. When the plug qdisc is used as a class of the qfq qdisc, sending network packets triggers use-after-free in qfq_dequeue() due to the incorrec
- affected < 5.3.18-150300.59.138.1fixed 5.3.18-150300.59.138.1
A use-after-free vulnerability in the Linux kernel's net/sched: sch_hfsc (HFSC qdisc traffic control) component can be exploited to achieve local privilege escalation. If a class with a link-sharing curve (i.e. with the HFSC_FSC flag set) has a parent without a link-sharing curv
- affected < 5.3.18-150300.59.138.1fixed 5.3.18-150300.59.138.1
A use-after-free vulnerability in the Linux kernel's af_unix component can be exploited to achieve local privilege escalation. The unix_stream_sendpage() function tries to add data to the last skb in the peer's recv queue without locking the queue. Thus there is a race where uni
- affected < 5.3.18-150300.59.164.1fixed 5.3.18-150300.59.164.1
A use-after-free vulnerability in the Linux kernel's netfilter: nf_tables component can be exploited to achieve local privilege escalation. Due to a race condition between nf_tables netlink control plane transaction and nft_set element garbage collection, it is possible to under
- affected < 5.3.18-150300.59.141.2fixed 5.3.18-150300.59.141.2
A use-after-free vulnerability in the Linux kernel's netfilter: nf_tables component can be exploited to achieve local privilege escalation. When nf_tables_delrule() is flushing table rules, it is not checked whether the chain is bound and the chain's owner rule can also release
- affected < 5.3.18-150300.59.133.1fixed 5.3.18-150300.59.133.1
A NULL pointer dereference flaw was found in vmxnet3_rq_cleanup in drivers/net/vmxnet3/vmxnet3_drv.c in the networking sub-component in vmxnet3 in the Linux Kernel. This issue may allow a local attacker with normal user privilege to cause a denial of service due to a missing sani
- affected < 5.3.18-150300.59.138.1fixed 5.3.18-150300.59.138.1
A flaw was found in btrfs_get_root_ref in fs/btrfs/disk-io.c in the btrfs filesystem in the Linux Kernel due to a double decrement of the reference count. This issue may allow a local attacker with user privilege to crash the system or may lead to leaked internal kernel informati
- affected < 5.3.18-150300.59.133.1fixed 5.3.18-150300.59.133.1
A use-after-free flaw was found in vmxnet3_rq_alloc_rx_buf in drivers/net/vmxnet3/vmxnet3_drv.c in VMware's vmxnet3 ethernet NIC driver in the Linux Kernel. This issue could allow a local attacker to crash the system due to a double-free while cleaning up vmxnet3_rq_cleanup_all,
- affected < 5.3.18-150300.59.133.1fixed 5.3.18-150300.59.133.1
A NULL pointer dereference flaw was found in dbFree in fs/jfs/jfs_dmap.c in the journaling file system (JFS) in the Linux Kernel. This issue may allow a local attacker to crash the system due to a missing sanity check.
Page 65 of 88