rpm package
suse/kernel-default&distro=SUSE Linux Enterprise Live Patching 15 SP3
pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2015%20SP3
Vulnerabilities (1,750)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2022-20141 | Hig | 7.0 | < 5.3.18-150300.59.87.1 | 5.3.18-150300.59.87.1 | Jun 15, 2022 | In ip_check_mc_rcu of igmp.c, there is a possible use after free due to improper locking. This could lead to local escalation of privilege when opening and closing inet sockets with no additional execution privileges needed. User interaction is not needed for exploitation.Product | |
| CVE-2022-20132 | Med | 4.6 | < 5.3.18-150300.59.87.1 | 5.3.18-150300.59.87.1 | Jun 15, 2022 | In lg_probe and related functions of hid-lg.c and other USB HID files, there is a possible out of bounds read due to improper input validation. This could lead to local information disclosure if a malicious USB HID device were plugged in, with no additional execution privileges n | |
| CVE-2022-32250 | Hig | 7.8 | < 5.3.18-150300.59.90.1 | 5.3.18-150300.59.90.1 | Jun 2, 2022 | net/netfilter/nf_tables_api.c in the Linux kernel through 5.18.1 allows a local user (able to create user/net namespaces) to escalate privileges to root because an incorrect NFT_STATEFUL_EXPR check leads to a use-after-free. | |
| CVE-2022-1652 | Hig | 7.8 | < 5.3.18-150300.59.71.2 | 5.3.18-150300.59.71.2 | Jun 2, 2022 | Linux Kernel could allow a local attacker to execute arbitrary code on the system, caused by a concurrency use-after-free flaw in the bad_flp_intr function. By executing a specially-crafted program, an attacker could exploit this vulnerability to execute arbitrary code or cause a | |
| CVE-2022-1462 | Med | 6.3 | < 5.3.18-150300.59.90.1 | 5.3.18-150300.59.90.1 | Jun 2, 2022 | An out-of-bounds read flaw was found in the Linux kernel’s TeleTYpe subsystem. The issue occurs in how a user triggers a race condition using ioctls TIOCSPTLCK and TIOCGPTPEER and TIOCSTI and TCXONC with leakage of memory in the flush_to_ldisc function. This flaw allows a local u | |
| CVE-2022-1419 | Hig | 7.8 | < 5.3.18-150300.59.68.1 | 5.3.18-150300.59.68.1 | Jun 2, 2022 | The root cause of this vulnerability is that the ioctl$DRM_IOCTL_MODE_DESTROY_DUMB can decrease refcount of *drm_vgem_gem_object *(created in *vgem_gem_dumb_create*) concurrently, and *vgem_gem_dumb_create *will access the freed drm_vgem_gem_object. | |
| CVE-2022-29581 | Hig | 7.8 | < 5.3.18-150300.59.90.1 | 5.3.18-150300.59.90.1 | May 17, 2022 | Improper Update of Reference Count vulnerability in net/sched of Linux Kernel allows local attacker to cause privilege escalation to root. This issue affects: Linux Kernel versions prior to 5.18; version 4.14 and later versions. | |
| CVE-2022-1116 | Hig | 7.8 | < 5.3.18-150300.59.90.1 | 5.3.18-150300.59.90.1 | May 17, 2022 | Integer Overflow or Wraparound vulnerability in io_uring of Linux Kernel allows local attacker to cause memory corruption and escalate privileges to root. This issue affects: Linux Kernel versions prior to 5.4.189; version 5.4.24 and later versions. | |
| CVE-2022-1679 | Hig | 7.8 | < 5.3.18-150300.59.87.1 | 5.3.18-150300.59.87.1 | May 16, 2022 | A use-after-free flaw was found in the Linux kernel’s Atheros wireless adapter driver in the way a user forces the ath9k_htc_wait_for_target function to fail with some input messages. This flaw allows a local user to crash or potentially escalate their privileges on the system. | |
| CVE-2022-30594 | Hig | 7.8 | < 5.3.18-150300.59.71.2 | 5.3.18-150300.59.71.2 | May 12, 2022 | The Linux kernel before 5.17.2 mishandles seccomp permissions. The PTRACE_SEIZE code path allows attackers to bypass intended restrictions on setting the PT_SUSPEND_SECCOMP flag. | |
| CVE-2022-20008 | Med | 4.6 | < 5.3.18-150300.59.71.2 | 5.3.18-150300.59.71.2 | May 10, 2022 | In mmc_blk_read_single of block.c, there is a possible way to read kernel heap memory due to uninitialized data. This could lead to local information disclosure if reading from an SD card that triggers errors, with no additional execution privileges needed. User interaction is no | |
| CVE-2022-1516 | Med | 5.5 | < 5.3.18-150300.59.68.1 | 5.3.18-150300.59.68.1 | May 5, 2022 | A NULL pointer dereference flaw was found in the Linux kernel’s X.25 set of standardized network protocols functionality in the way a user terminates their session using a simulated Ethernet card and continued usage of this connection. This flaw allows a local user to crash the s | |
| CVE-2022-1353 | Hig | 7.1 | < 5.3.18-150300.59.68.1 | 5.3.18-150300.59.68.1 | Apr 29, 2022 | A vulnerability was found in the pfkey_register function in net/key/af_key.c in the Linux kernel. This flaw allows a local, unprivileged user to gain access to kernel memory, leading to a system crash or a leak of internal kernel information. | |
| CVE-2022-1195 | Med | 5.5 | < 5.3.18-150300.59.63.1 | 5.3.18-150300.59.63.1 | Apr 29, 2022 | A use-after-free vulnerability was found in the Linux kernel in drivers/net/hamradio. This flaw allows a local attacker with a user privilege to cause a denial of service (DOS) when the mkiss or sixpack device is detached and reclaim resources early. | |
| CVE-2022-1048 | Hig | 7.0 | < 5.3.18-150300.59.63.1 | 5.3.18-150300.59.63.1 | Apr 29, 2022 | A use-after-free flaw was found in the Linux kernel’s sound subsystem in the way a user triggers concurrent calls of PCM hw_params. The hw_free ioctls or similar race condition happens inside ALSA PCM for other ioctls. This flaw allows a local user to crash or potentially escalat | |
| CVE-2022-1280 | Med | 6.3 | < 5.3.18-150300.59.68.1 | 5.3.18-150300.59.68.1 | Apr 13, 2022 | A use-after-free vulnerability was found in drm_lease_held in drivers/gpu/drm/drm_lease.c in the Linux kernel due to a race problem. This flaw allows a local user privilege attacker to cause a denial of service (DoS) or a kernel information leak. | |
| CVE-2022-29156 | Hig | 7.8 | < 5.3.18-150300.59.68.1 | 5.3.18-150300.59.68.1 | Apr 13, 2022 | drivers/infiniband/ulp/rtrs/rtrs-clt.c in the Linux kernel before 5.16.12 has a double free related to rtrs_clt_dev_release. | |
| CVE-2021-0707 | Hig | 7.8 | < 5.3.18-150300.59.68.1 | 5.3.18-150300.59.68.1 | Apr 12, 2022 | In dma_buf_release of dma-buf.c, there is a possible memory corruption due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kerne | |
| CVE-2022-28893 | Hig | 7.8 | < 5.3.18-150300.59.68.1 | 5.3.18-150300.59.68.1 | Apr 11, 2022 | The SUNRPC subsystem in the Linux kernel through 5.17.2 can call xs_xprt_free before ensuring that sockets are in the intended state. | |
| CVE-2022-28390 | Hig | 7.8 | < 5.3.18-150300.59.63.1 | 5.3.18-150300.59.63.1 | Apr 3, 2022 | ems_usb_start_xmit in drivers/net/can/usb/ems_usb.c in the Linux kernel through 5.17.1 has a double free. |
- affected < 5.3.18-150300.59.87.1fixed 5.3.18-150300.59.87.1
In ip_check_mc_rcu of igmp.c, there is a possible use after free due to improper locking. This could lead to local escalation of privilege when opening and closing inet sockets with no additional execution privileges needed. User interaction is not needed for exploitation.Product
- affected < 5.3.18-150300.59.87.1fixed 5.3.18-150300.59.87.1
In lg_probe and related functions of hid-lg.c and other USB HID files, there is a possible out of bounds read due to improper input validation. This could lead to local information disclosure if a malicious USB HID device were plugged in, with no additional execution privileges n
- affected < 5.3.18-150300.59.90.1fixed 5.3.18-150300.59.90.1
net/netfilter/nf_tables_api.c in the Linux kernel through 5.18.1 allows a local user (able to create user/net namespaces) to escalate privileges to root because an incorrect NFT_STATEFUL_EXPR check leads to a use-after-free.
- affected < 5.3.18-150300.59.71.2fixed 5.3.18-150300.59.71.2
Linux Kernel could allow a local attacker to execute arbitrary code on the system, caused by a concurrency use-after-free flaw in the bad_flp_intr function. By executing a specially-crafted program, an attacker could exploit this vulnerability to execute arbitrary code or cause a
- affected < 5.3.18-150300.59.90.1fixed 5.3.18-150300.59.90.1
An out-of-bounds read flaw was found in the Linux kernel’s TeleTYpe subsystem. The issue occurs in how a user triggers a race condition using ioctls TIOCSPTLCK and TIOCGPTPEER and TIOCSTI and TCXONC with leakage of memory in the flush_to_ldisc function. This flaw allows a local u
- affected < 5.3.18-150300.59.68.1fixed 5.3.18-150300.59.68.1
The root cause of this vulnerability is that the ioctl$DRM_IOCTL_MODE_DESTROY_DUMB can decrease refcount of *drm_vgem_gem_object *(created in *vgem_gem_dumb_create*) concurrently, and *vgem_gem_dumb_create *will access the freed drm_vgem_gem_object.
- affected < 5.3.18-150300.59.90.1fixed 5.3.18-150300.59.90.1
Improper Update of Reference Count vulnerability in net/sched of Linux Kernel allows local attacker to cause privilege escalation to root. This issue affects: Linux Kernel versions prior to 5.18; version 4.14 and later versions.
- affected < 5.3.18-150300.59.90.1fixed 5.3.18-150300.59.90.1
Integer Overflow or Wraparound vulnerability in io_uring of Linux Kernel allows local attacker to cause memory corruption and escalate privileges to root. This issue affects: Linux Kernel versions prior to 5.4.189; version 5.4.24 and later versions.
- affected < 5.3.18-150300.59.87.1fixed 5.3.18-150300.59.87.1
A use-after-free flaw was found in the Linux kernel’s Atheros wireless adapter driver in the way a user forces the ath9k_htc_wait_for_target function to fail with some input messages. This flaw allows a local user to crash or potentially escalate their privileges on the system.
- affected < 5.3.18-150300.59.71.2fixed 5.3.18-150300.59.71.2
The Linux kernel before 5.17.2 mishandles seccomp permissions. The PTRACE_SEIZE code path allows attackers to bypass intended restrictions on setting the PT_SUSPEND_SECCOMP flag.
- affected < 5.3.18-150300.59.71.2fixed 5.3.18-150300.59.71.2
In mmc_blk_read_single of block.c, there is a possible way to read kernel heap memory due to uninitialized data. This could lead to local information disclosure if reading from an SD card that triggers errors, with no additional execution privileges needed. User interaction is no
- affected < 5.3.18-150300.59.68.1fixed 5.3.18-150300.59.68.1
A NULL pointer dereference flaw was found in the Linux kernel’s X.25 set of standardized network protocols functionality in the way a user terminates their session using a simulated Ethernet card and continued usage of this connection. This flaw allows a local user to crash the s
- affected < 5.3.18-150300.59.68.1fixed 5.3.18-150300.59.68.1
A vulnerability was found in the pfkey_register function in net/key/af_key.c in the Linux kernel. This flaw allows a local, unprivileged user to gain access to kernel memory, leading to a system crash or a leak of internal kernel information.
- affected < 5.3.18-150300.59.63.1fixed 5.3.18-150300.59.63.1
A use-after-free vulnerability was found in the Linux kernel in drivers/net/hamradio. This flaw allows a local attacker with a user privilege to cause a denial of service (DOS) when the mkiss or sixpack device is detached and reclaim resources early.
- affected < 5.3.18-150300.59.63.1fixed 5.3.18-150300.59.63.1
A use-after-free flaw was found in the Linux kernel’s sound subsystem in the way a user triggers concurrent calls of PCM hw_params. The hw_free ioctls or similar race condition happens inside ALSA PCM for other ioctls. This flaw allows a local user to crash or potentially escalat
- affected < 5.3.18-150300.59.68.1fixed 5.3.18-150300.59.68.1
A use-after-free vulnerability was found in drm_lease_held in drivers/gpu/drm/drm_lease.c in the Linux kernel due to a race problem. This flaw allows a local user privilege attacker to cause a denial of service (DoS) or a kernel information leak.
- affected < 5.3.18-150300.59.68.1fixed 5.3.18-150300.59.68.1
drivers/infiniband/ulp/rtrs/rtrs-clt.c in the Linux kernel before 5.16.12 has a double free related to rtrs_clt_dev_release.
- affected < 5.3.18-150300.59.68.1fixed 5.3.18-150300.59.68.1
In dma_buf_release of dma-buf.c, there is a possible memory corruption due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kerne
- affected < 5.3.18-150300.59.68.1fixed 5.3.18-150300.59.68.1
The SUNRPC subsystem in the Linux kernel through 5.17.2 can call xs_xprt_free before ensuring that sockets are in the intended state.
- affected < 5.3.18-150300.59.63.1fixed 5.3.18-150300.59.63.1
ems_usb_start_xmit in drivers/net/can/usb/ems_usb.c in the Linux kernel through 5.17.1 has a double free.
Page 78 of 88