VYPR

rpm package

suse/kernel-default&distro=SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE

pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP4%20LTSS%20EXTREME%20CORE

Vulnerabilities (263)

  • CVE-2023-1989Apr 11, 2023
    affected < 3.0.101-108.141.1fixed 3.0.101-108.141.1

    A use-after-free flaw was found in btsdio_remove in drivers\bluetooth\btsdio.c in the Linux Kernel. In this flaw, a call to btsdio_remove with an unfinished job, may cause a race problem leading to a UAF on hdev devices.

  • CVE-2023-1670Mar 30, 2023
    affected < 3.0.101-108.141.1fixed 3.0.101-108.141.1

    A flaw use after free in the Linux kernel Xircom 16-bit PCMCIA (PC-card) Ethernet driver was found.A local user could use this flaw to crash the system or potentially escalate their privileges on the system.

  • CVE-2023-1077Mar 27, 2023
    affected < 3.0.101-108.147.1fixed 3.0.101-108.147.1

    In the Linux kernel, pick_next_rt_entity() may return a type confused entry, not detected by the BUG_ON condition, as the confused entry will not be NULL, but list_head.The buggy error condition would lead to a type confused entry with the list head,which would then be used as a

  • CVE-2023-1513Mar 23, 2023
    affected < 3.0.101-108.141.1fixed 3.0.101-108.141.1

    A flaw was found in KVM. When calling the KVM_GET_DEBUGREGS ioctl, on 32-bit systems, there might be some uninitialized portions of the kvm_debugregs structure that could be copied to userspace, causing an information leak.

  • CVE-2023-0590Mar 23, 2023
    affected < 3.0.101-108.141.1fixed 3.0.101-108.141.1

    A use-after-free flaw was found in qdisc_graft in net/sched/sch_api.c in the Linux Kernel due to a race problem. This flaw leads to a denial of service issue. If patch ebda44da44f6 ("net: sched: fix race condition in qdisc_graft()") not applied yet, then kernel could be affected.

  • CVE-2022-4095Mar 22, 2023
    affected < 3.0.101-108.138.1fixed 3.0.101-108.138.1

    A use-after-free flaw was found in Linux kernel before 5.19.2. This issue occurs in cmd_hdl_filter in drivers/staging/rtl8712/rtl8712_cmd.c, allowing an attacker to launch a local denial of service attack and gain escalation of privileges.

  • CVE-2022-3424Mar 6, 2023
    affected < 3.0.101-108.138.1fixed 3.0.101-108.138.1

    A use-after-free flaw was found in the Linux kernel’s SGI GRU driver in the way the first gru_file_unlocked_ioctl function is called by the user, where a fail pass occurs in the gru_check_chiplet_assignment function. This flaw allows a local user to crash or potentially escalate

  • CVE-2023-1118Mar 2, 2023
    affected < 3.0.101-108.141.1fixed 3.0.101-108.141.1

    A flaw use after free in the Linux kernel integrated infrared receiver/transceiver driver was found in the way user detaching rc device. A local user could use this flaw to crash the system or potentially escalate their privileges on the system.

  • CVE-2022-41858Jan 17, 2023
    affected < 3.0.101-108.138.1fixed 3.0.101-108.138.1

    A flaw was found in the Linux kernel. A NULL pointer dereference may occur while a slip driver is in progress to detach in sl_tx_timeout in drivers/net/slip/slip.c. This issue could allow an attacker to crash the system or leak internal kernel information.

  • CVE-2023-23559Jan 13, 2023
    affected < 3.0.101-108.141.1fixed 3.0.101-108.141.1

    In rndis_query_oid in drivers/net/wireless/rndis_wlan.c in the Linux kernel through 6.1.5, there is an integer overflow in an addition.

  • CVE-2023-23455Jan 12, 2023
    affected < 3.0.101-108.141.1fixed 3.0.101-108.141.1

    atm_tc_enqueue in net/sched/sch_atm.c in the Linux kernel through 6.1.4 allows attackers to cause a denial of service because of type confusion (non-negative numbers can sometimes indicate a TC_ACT_SHOT condition rather than valid classification results).

  • CVE-2023-23454Jan 12, 2023
    affected < 3.0.101-108.141.1fixed 3.0.101-108.141.1

    cbq_classify in net/sched/sch_cbq.c in the Linux kernel through 6.1.4 allows attackers to cause a denial of service (slab-out-of-bounds read) because of type confusion (non-negative numbers can sometimes indicate a TC_ACT_SHOT condition rather than valid classification results).

  • CVE-2022-45934Nov 27, 2022
    affected < 3.0.101-108.138.1fixed 3.0.101-108.138.1

    An issue was discovered in the Linux kernel through 6.0.10. l2cap_config_req in net/bluetooth/l2cap_core.c has an integer wraparound via L2CAP_CONF_REQ packets.

  • CVE-2022-45919Nov 27, 2022
    affected < 3.0.101-108.144.1fixed 3.0.101-108.144.1

    An issue was discovered in the Linux kernel through 6.0.10. In drivers/media/dvb-core/dvb_ca_en50221.c, a use-after-free can occur is there is a disconnect after an open, because of the lack of a wait_event.

  • CVE-2022-45887Nov 25, 2022
    affected < 3.0.101-108.150.1fixed 3.0.101-108.150.1

    An issue was discovered in the Linux kernel through 6.0.9. drivers/media/usb/ttusb-dec/ttusb_dec.c has a memory leak because of the lack of a dvb_frontend_detach call.

  • CVE-2022-3903Nov 14, 2022
    affected < 3.0.101-108.138.1fixed 3.0.101-108.138.1

    An incorrect read request flaw was found in the Infrared Transceiver USB driver in the Linux kernel. This issue occurs when a user attaches a malicious USB device. A local user could use this flaw to starve the resources, causing denial of service or potentially crashing the syst

  • CVE-2022-44033Oct 30, 2022
    affected < 3.0.101-108.138.1fixed 3.0.101-108.138.1

    An issue was discovered in the Linux kernel through 6.0.6. drivers/char/pcmcia/cm4040_cs.c has a race condition and resultant use-after-free if a physically proximate attacker removes a PCMCIA device while calling open(), aka a race condition between cm4040_open() and reader_deta

  • CVE-2022-44032Oct 30, 2022
    affected < 3.0.101-108.138.1fixed 3.0.101-108.138.1

    An issue was discovered in the Linux kernel through 6.0.6. drivers/char/pcmcia/cm4000_cs.c has a race condition and resultant use-after-free if a physically proximate attacker removes a PCMCIA device while calling open(), aka a race condition between cmm_open() and cm4000_detach(

  • CVE-2022-43750Oct 26, 2022
    affected < 3.0.101-108.138.1fixed 3.0.101-108.138.1

    drivers/usb/mon/mon_bin.c in usbmon in the Linux kernel before 5.19.15 and 6.x before 6.0.1 allows a user-space client to corrupt the monitor's internal memory.

  • CVE-2022-3649Oct 21, 2022
    affected < 3.0.101-108.138.1fixed 3.0.101-108.138.1

    A vulnerability was found in Linux Kernel. It has been classified as problematic. Affected is the function nilfs_new_inode of the file fs/nilfs2/inode.c of the component BPF. The manipulation leads to use after free. It is possible to launch the attack remotely. It is recommended

Page 10 of 14