rpm package
suse/kernel-default&distro=SUSE Linux Enterprise Server 12 SP3-BCL
pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP3-BCL
Vulnerabilities (414)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2021-34981 | — | < 4.4.180-94.150.1 | 4.4.180-94.150.1 | May 7, 2024 | Linux Kernel Bluetooth CMTP Module Double Free Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Linux Kernel. An attacker must first obtain the ability to execute high-privileged code on the target s | ||
| CVE-2022-2588 | — | < 4.4.180-94.174.1 | 4.4.180-94.174.1 | Jan 8, 2024 | It was discovered that the cls_route filter implementation in the Linux kernel would not remove an old filter from the hashtable before freeing it if its handle had the value 0. | ||
| CVE-2022-4095 | — | < 4.4.180-94.182.1 | 4.4.180-94.182.1 | Mar 22, 2023 | A use-after-free flaw was found in Linux kernel before 5.19.2. This issue occurs in cmd_hdl_filter in drivers/staging/rtl8712/rtl8712_cmd.c, allowing an attacker to launch a local denial of service attack and gain escalation of privileges. | ||
| CVE-2022-3424 | — | < 4.4.180-94.182.1 | 4.4.180-94.182.1 | Mar 6, 2023 | A use-after-free flaw was found in the Linux kernel’s SGI GRU driver in the way the first gru_file_unlocked_ioctl function is called by the user, where a fail pass occurs in the gru_check_chiplet_assignment function. This flaw allows a local user to crash or potentially escalate | ||
| CVE-2022-41858 | — | < 4.4.180-94.182.1 | 4.4.180-94.182.1 | Jan 17, 2023 | A flaw was found in the Linux kernel. A NULL pointer dereference may occur while a slip driver is in progress to detach in sl_tx_timeout in drivers/net/slip/slip.c. This issue could allow an attacker to crash the system or leak internal kernel information. | ||
| CVE-2022-3628 | — | < 4.4.180-94.182.1 | 4.4.180-94.182.1 | Jan 12, 2023 | A buffer overflow flaw was found in the Linux kernel Broadcom Full MAC Wi-Fi driver. This issue occurs when a user connects to a malicious USB device. This can allow a local user to crash the system or escalate their privileges. | ||
| CVE-2022-45934 | — | < 4.4.180-94.182.1 | 4.4.180-94.182.1 | Nov 27, 2022 | An issue was discovered in the Linux kernel through 6.0.10. l2cap_config_req in net/bluetooth/l2cap_core.c has an integer wraparound via L2CAP_CONF_REQ packets. | ||
| CVE-2022-3903 | — | < 4.4.180-94.182.1 | 4.4.180-94.182.1 | Nov 14, 2022 | An incorrect read request flaw was found in the Infrared Transceiver USB driver in the Linux kernel. This issue occurs when a user attaches a malicious USB device. A local user could use this flaw to starve the resources, causing denial of service or potentially crashing the syst | ||
| CVE-2022-43945 | Hig | 7.5 | < 4.4.180-94.182.1 | 4.4.180-94.182.1 | Nov 4, 2022 | The Linux kernel NFSD implementation prior to versions 5.19.17 and 6.0.2 are vulnerable to buffer overflow. NFSD tracks the number of pages held by each NFSD thread by combining the receive and send buffers of a remote procedure call (RPC) into a single array of pages. A client c | |
| CVE-2022-43750 | — | < 4.4.180-94.182.1 | 4.4.180-94.182.1 | Oct 26, 2022 | drivers/usb/mon/mon_bin.c in usbmon in the Linux kernel before 5.19.15 and 6.x before 6.0.1 allows a user-space client to corrupt the monitor's internal memory. | ||
| CVE-2022-3649 | — | < 4.4.180-94.182.1 | 4.4.180-94.182.1 | Oct 21, 2022 | A vulnerability was found in Linux Kernel. It has been classified as problematic. Affected is the function nilfs_new_inode of the file fs/nilfs2/inode.c of the component BPF. The manipulation leads to use after free. It is possible to launch the attack remotely. It is recommended | ||
| CVE-2022-3646 | — | < 4.4.180-94.182.1 | 4.4.180-94.182.1 | Oct 21, 2022 | A vulnerability, which was classified as problematic, has been found in Linux Kernel. This issue affects the function nilfs_attach_log_writer of the file fs/nilfs2/segment.c of the component BPF. The manipulation leads to memory leak. The attack may be initiated remotely. It is r | ||
| CVE-2022-3635 | — | < 4.4.180-94.182.1 | 4.4.180-94.182.1 | Oct 21, 2022 | A vulnerability, which was classified as critical, has been found in Linux Kernel. Affected by this issue is the function tst_timer of the file drivers/atm/idt77252.c of the component IPsec. The manipulation leads to use after free. It is recommended to apply a patch to fix this | ||
| CVE-2022-3629 | — | < 4.4.180-94.182.1 | 4.4.180-94.182.1 | Oct 21, 2022 | A vulnerability was found in Linux Kernel. It has been declared as problematic. This vulnerability affects the function vsock_connect of the file net/vmw_vsock/af_vsock.c. The manipulation leads to memory leak. The complexity of an attack is rather high. The exploitation appears | ||
| CVE-2022-3621 | — | < 4.4.180-94.182.1 | 4.4.180-94.182.1 | Oct 20, 2022 | A vulnerability was found in Linux Kernel. It has been classified as problematic. Affected is the function nilfs_bmap_lookup_at_level of the file fs/nilfs2/inode.c of the component nilfs2. The manipulation leads to null pointer dereference. It is possible to launch the attack rem | ||
| CVE-2022-3586 | — | < 4.4.180-94.182.1 | 4.4.180-94.182.1 | Oct 19, 2022 | A flaw was found in the Linux kernel’s networking code. A use-after-free was found in the way the sch_sfb enqueue function used the socket buffer (SKB) cb field after the same SKB had been enqueued (and freed) into a child qdisc. This flaw allows a local, unprivileged user to cra | ||
| CVE-2022-3594 | — | < 4.4.180-94.182.1 | 4.4.180-94.182.1 | Oct 18, 2022 | A vulnerability was found in Linux Kernel. It has been declared as problematic. Affected by this vulnerability is the function intr_callback of the file drivers/net/usb/r8152.c of the component BPF. The manipulation leads to logging of excessive data. The attack can be launched r | ||
| CVE-2022-3567 | — | < 4.4.180-94.182.1 | 4.4.180-94.182.1 | Oct 17, 2022 | A vulnerability has been found in Linux Kernel and classified as problematic. This vulnerability affects the function inet6_stream_ops/inet6_dgram_ops of the component IPv6 Handler. The manipulation leads to race condition. It is recommended to apply a patch to fix this issue. VD | ||
| CVE-2022-3565 | — | < 4.4.180-94.182.1 | 4.4.180-94.182.1 | Oct 17, 2022 | A vulnerability, which was classified as critical, has been found in Linux Kernel. Affected by this issue is the function del_timer of the file drivers/isdn/mISDN/l1oip_core.c of the component Bluetooth. The manipulation leads to use after free. It is recommended to apply a patch | ||
| CVE-2022-3524 | — | < 4.4.180-94.182.1 | 4.4.180-94.182.1 | Oct 16, 2022 | A vulnerability was found in Linux Kernel. It has been declared as problematic. Affected by this vulnerability is the function ipv6_renew_options of the component IPv6 Handler. The manipulation leads to memory leak. The attack can be launched remotely. It is recommended to apply |
- CVE-2021-34981May 7, 2024affected < 4.4.180-94.150.1fixed 4.4.180-94.150.1
Linux Kernel Bluetooth CMTP Module Double Free Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Linux Kernel. An attacker must first obtain the ability to execute high-privileged code on the target s
- CVE-2022-2588Jan 8, 2024affected < 4.4.180-94.174.1fixed 4.4.180-94.174.1
It was discovered that the cls_route filter implementation in the Linux kernel would not remove an old filter from the hashtable before freeing it if its handle had the value 0.
- CVE-2022-4095Mar 22, 2023affected < 4.4.180-94.182.1fixed 4.4.180-94.182.1
A use-after-free flaw was found in Linux kernel before 5.19.2. This issue occurs in cmd_hdl_filter in drivers/staging/rtl8712/rtl8712_cmd.c, allowing an attacker to launch a local denial of service attack and gain escalation of privileges.
- CVE-2022-3424Mar 6, 2023affected < 4.4.180-94.182.1fixed 4.4.180-94.182.1
A use-after-free flaw was found in the Linux kernel’s SGI GRU driver in the way the first gru_file_unlocked_ioctl function is called by the user, where a fail pass occurs in the gru_check_chiplet_assignment function. This flaw allows a local user to crash or potentially escalate
- CVE-2022-41858Jan 17, 2023affected < 4.4.180-94.182.1fixed 4.4.180-94.182.1
A flaw was found in the Linux kernel. A NULL pointer dereference may occur while a slip driver is in progress to detach in sl_tx_timeout in drivers/net/slip/slip.c. This issue could allow an attacker to crash the system or leak internal kernel information.
- CVE-2022-3628Jan 12, 2023affected < 4.4.180-94.182.1fixed 4.4.180-94.182.1
A buffer overflow flaw was found in the Linux kernel Broadcom Full MAC Wi-Fi driver. This issue occurs when a user connects to a malicious USB device. This can allow a local user to crash the system or escalate their privileges.
- CVE-2022-45934Nov 27, 2022affected < 4.4.180-94.182.1fixed 4.4.180-94.182.1
An issue was discovered in the Linux kernel through 6.0.10. l2cap_config_req in net/bluetooth/l2cap_core.c has an integer wraparound via L2CAP_CONF_REQ packets.
- CVE-2022-3903Nov 14, 2022affected < 4.4.180-94.182.1fixed 4.4.180-94.182.1
An incorrect read request flaw was found in the Infrared Transceiver USB driver in the Linux kernel. This issue occurs when a user attaches a malicious USB device. A local user could use this flaw to starve the resources, causing denial of service or potentially crashing the syst
- affected < 4.4.180-94.182.1fixed 4.4.180-94.182.1
The Linux kernel NFSD implementation prior to versions 5.19.17 and 6.0.2 are vulnerable to buffer overflow. NFSD tracks the number of pages held by each NFSD thread by combining the receive and send buffers of a remote procedure call (RPC) into a single array of pages. A client c
- CVE-2022-43750Oct 26, 2022affected < 4.4.180-94.182.1fixed 4.4.180-94.182.1
drivers/usb/mon/mon_bin.c in usbmon in the Linux kernel before 5.19.15 and 6.x before 6.0.1 allows a user-space client to corrupt the monitor's internal memory.
- CVE-2022-3649Oct 21, 2022affected < 4.4.180-94.182.1fixed 4.4.180-94.182.1
A vulnerability was found in Linux Kernel. It has been classified as problematic. Affected is the function nilfs_new_inode of the file fs/nilfs2/inode.c of the component BPF. The manipulation leads to use after free. It is possible to launch the attack remotely. It is recommended
- CVE-2022-3646Oct 21, 2022affected < 4.4.180-94.182.1fixed 4.4.180-94.182.1
A vulnerability, which was classified as problematic, has been found in Linux Kernel. This issue affects the function nilfs_attach_log_writer of the file fs/nilfs2/segment.c of the component BPF. The manipulation leads to memory leak. The attack may be initiated remotely. It is r
- CVE-2022-3635Oct 21, 2022affected < 4.4.180-94.182.1fixed 4.4.180-94.182.1
A vulnerability, which was classified as critical, has been found in Linux Kernel. Affected by this issue is the function tst_timer of the file drivers/atm/idt77252.c of the component IPsec. The manipulation leads to use after free. It is recommended to apply a patch to fix this
- CVE-2022-3629Oct 21, 2022affected < 4.4.180-94.182.1fixed 4.4.180-94.182.1
A vulnerability was found in Linux Kernel. It has been declared as problematic. This vulnerability affects the function vsock_connect of the file net/vmw_vsock/af_vsock.c. The manipulation leads to memory leak. The complexity of an attack is rather high. The exploitation appears
- CVE-2022-3621Oct 20, 2022affected < 4.4.180-94.182.1fixed 4.4.180-94.182.1
A vulnerability was found in Linux Kernel. It has been classified as problematic. Affected is the function nilfs_bmap_lookup_at_level of the file fs/nilfs2/inode.c of the component nilfs2. The manipulation leads to null pointer dereference. It is possible to launch the attack rem
- CVE-2022-3586Oct 19, 2022affected < 4.4.180-94.182.1fixed 4.4.180-94.182.1
A flaw was found in the Linux kernel’s networking code. A use-after-free was found in the way the sch_sfb enqueue function used the socket buffer (SKB) cb field after the same SKB had been enqueued (and freed) into a child qdisc. This flaw allows a local, unprivileged user to cra
- CVE-2022-3594Oct 18, 2022affected < 4.4.180-94.182.1fixed 4.4.180-94.182.1
A vulnerability was found in Linux Kernel. It has been declared as problematic. Affected by this vulnerability is the function intr_callback of the file drivers/net/usb/r8152.c of the component BPF. The manipulation leads to logging of excessive data. The attack can be launched r
- CVE-2022-3567Oct 17, 2022affected < 4.4.180-94.182.1fixed 4.4.180-94.182.1
A vulnerability has been found in Linux Kernel and classified as problematic. This vulnerability affects the function inet6_stream_ops/inet6_dgram_ops of the component IPv6 Handler. The manipulation leads to race condition. It is recommended to apply a patch to fix this issue. VD
- CVE-2022-3565Oct 17, 2022affected < 4.4.180-94.182.1fixed 4.4.180-94.182.1
A vulnerability, which was classified as critical, has been found in Linux Kernel. Affected by this issue is the function del_timer of the file drivers/isdn/mISDN/l1oip_core.c of the component Bluetooth. The manipulation leads to use after free. It is recommended to apply a patch
- CVE-2022-3524Oct 16, 2022affected < 4.4.180-94.182.1fixed 4.4.180-94.182.1
A vulnerability was found in Linux Kernel. It has been declared as problematic. Affected by this vulnerability is the function ipv6_renew_options of the component IPv6 Handler. The manipulation leads to memory leak. The attack can be launched remotely. It is recommended to apply
Page 1 of 21