rpm package
suse/kernel-default-base&distro=SUSE Linux Enterprise Micro 5.2
pkg:rpm/suse/kernel-default-base&distro=SUSE%20Linux%20Enterprise%20Micro%205.2
Vulnerabilities (1,696)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2023-1192 | — | < 5.3.18-150300.59.138.1.150300.18.80.2 | 5.3.18-150300.59.138.1.150300.18.80.2 | Nov 1, 2023 | A use-after-free flaw was found in smb2_is_status_io_timeout() in CIFS in the Linux Kernel. After CIFS transfers response data to a system call, there are still local variable points to the memory region, and if the system call frees it faster than CIFS uses it, CIFS will access | ||
| CVE-2023-5717 | — | < 5.3.18-150300.59.144.1.150300.18.84.1 | 5.3.18-150300.59.144.1.150300.18.84.1 | Oct 25, 2023 | A heap out-of-bounds write vulnerability in the Linux kernel's Linux Kernel Performance Events (perf) component can be exploited to achieve local privilege escalation. If perf_read_group() is called while an event's sibling_list is smaller than its child's sibling_list, it can i | ||
| CVE-2023-45871 | — | < 5.3.18-150300.59.144.1.150300.18.84.1 | 5.3.18-150300.59.144.1.150300.18.84.1 | Oct 15, 2023 | An issue was discovered in drivers/net/ethernet/intel/igb/igb_main.c in the IGB driver in the Linux kernel before 6.5.3. A buffer size may not be adequate for frames larger than the MTU. | ||
| CVE-2023-45863 | — | < 5.3.18-150300.59.144.1.150300.18.84.1 | 5.3.18-150300.59.144.1.150300.18.84.1 | Oct 14, 2023 | An issue was discovered in lib/kobject.c in the Linux kernel before 6.2.3. With root access, an attacker can trigger a race condition that results in a fill_kobj_path out-of-bounds write. | ||
| CVE-2023-45862 | — | < 5.3.18-150300.59.141.2.150300.18.82.2 | 5.3.18-150300.59.141.2.150300.18.82.2 | Oct 14, 2023 | An issue was discovered in drivers/usb/storage/ene_ub6250.c for the ENE UB6250 reader driver in the Linux kernel before 6.2.5. An object could potentially extend beyond the end of an allocation. | ||
| CVE-2023-39194 | — | < 5.3.18-150300.59.141.2.150300.18.82.2 | 5.3.18-150300.59.141.2.150300.18.82.2 | Oct 9, 2023 | A flaw was found in the XFRM subsystem in the Linux kernel. The specific flaw exists within the processing of state filters, which can result in a read past the end of an allocated buffer. This flaw allows a local privileged (CAP_NET_ADMIN) attacker to trigger an out-of-bounds re | ||
| CVE-2023-39193 | — | < 5.3.18-150300.59.141.2.150300.18.82.2 | 5.3.18-150300.59.141.2.150300.18.82.2 | Oct 9, 2023 | A flaw was found in the Netfilter subsystem in the Linux kernel. The sctp_mt_check did not validate the flag_count field. This flaw allows a local privileged (CAP_NET_ADMIN) attacker to trigger an out-of-bounds read, leading to a crash or information disclosure. | ||
| CVE-2023-39192 | — | < 5.3.18-150300.59.141.2.150300.18.82.2 | 5.3.18-150300.59.141.2.150300.18.82.2 | Oct 9, 2023 | A flaw was found in the Netfilter subsystem in the Linux kernel. The xt_u32 module did not validate the fields in the xt_u32 structure. This flaw allows a local privileged attacker to trigger an out-of-bounds read by setting the size fields with a value beyond the array boundarie | ||
| CVE-2023-39189 | — | < 5.3.18-150300.59.141.2.150300.18.82.2 | 5.3.18-150300.59.141.2.150300.18.82.2 | Oct 9, 2023 | A flaw was found in the Netfilter subsystem in the Linux kernel. The nfnl_osf_add_callback function did not validate the user mode controlled opt_num field. This flaw allows a local privileged (CAP_NET_ADMIN) attacker to trigger an out-of-bounds read, leading to a crash or inform | ||
| CVE-2023-42754 | — | < 5.3.18-150300.59.141.2.150300.18.82.2 | 5.3.18-150300.59.141.2.150300.18.82.2 | Oct 5, 2023 | A NULL pointer dereference flaw was found in the Linux kernel ipv4 stack. The socket buffer (skb) was assumed to be associated with a device before calling __ip_options_compile, which is not always the case if the skb is re-routed by ipvs. This issue may allow a local user with C | ||
| CVE-2023-42753 | — | < 5.3.18-150300.59.138.1.150300.18.80.2 | 5.3.18-150300.59.138.1.150300.18.80.2 | Sep 25, 2023 | An array indexing vulnerability was found in the netfilter subsystem of the Linux kernel. A missing macro could lead to a miscalculation of the `h->nets` array offset, providing attackers with the primitive to arbitrarily increment/decrement a memory buffer out-of-bound. This iss | ||
| CVE-2023-34319 | — | < 5.3.18-150300.59.133.1.150300.18.78.1 | 5.3.18-150300.59.133.1.150300.18.78.1 | Sep 22, 2023 | The fix for XSA-423 added logic to Linux'es netback driver to deal with a frontend splitting a packet in a way such that not all of the headers would come in one piece. Unfortunately the logic introduced there didn't account for the extreme case of the entire packet being split | ||
| CVE-2023-2163 | — | < 5.3.18-150300.59.141.2.150300.18.82.2 | 5.3.18-150300.59.141.2.150300.18.82.2 | Sep 20, 2023 | Incorrect verifier pruning in BPF in Linux Kernel >=5.4 leads to unsafe code paths being incorrectly marked as safe, resulting in arbitrary read/write in kernel memory, lateral privilege escalation, and container escape. | ||
| CVE-2020-36766 | — | < 5.3.18-150300.59.138.1.150300.18.80.2 | 5.3.18-150300.59.138.1.150300.18.80.2 | Sep 18, 2023 | An issue was discovered in the Linux kernel before 5.8.6. drivers/media/cec/core/cec-api.c leaks one byte of kernel memory on specific hardware to unprivileged users, because of directly assigning log_addrs with a hole in the struct. | ||
| CVE-2023-4921 | — | < 5.3.18-150300.59.138.1.150300.18.80.2 | 5.3.18-150300.59.138.1.150300.18.80.2 | Sep 12, 2023 | A use-after-free vulnerability in the Linux kernel's net/sched: sch_qfq component can be exploited to achieve local privilege escalation. When the plug qdisc is used as a class of the qfq qdisc, sending network packets triggers use-after-free in qfq_dequeue() due to the incorrec | ||
| CVE-2023-4623 | — | < 5.3.18-150300.59.138.1.150300.18.80.2 | 5.3.18-150300.59.138.1.150300.18.80.2 | Sep 6, 2023 | A use-after-free vulnerability in the Linux kernel's net/sched: sch_hfsc (HFSC qdisc traffic control) component can be exploited to achieve local privilege escalation. If a class with a link-sharing curve (i.e. with the HFSC_FSC flag set) has a parent without a link-sharing curv | ||
| CVE-2023-4622 | — | < 5.3.18-150300.59.138.1.150300.18.80.2 | 5.3.18-150300.59.138.1.150300.18.80.2 | Sep 6, 2023 | A use-after-free vulnerability in the Linux kernel's af_unix component can be exploited to achieve local privilege escalation. The unix_stream_sendpage() function tries to add data to the last skb in the peer's recv queue without locking the queue. Thus there is a race where uni | ||
| CVE-2023-4244 | — | < 5.3.18-150300.59.164.1.150300.18.96.1 | 5.3.18-150300.59.164.1.150300.18.96.1 | Sep 6, 2023 | A use-after-free vulnerability in the Linux kernel's netfilter: nf_tables component can be exploited to achieve local privilege escalation. Due to a race condition between nf_tables netlink control plane transaction and nft_set element garbage collection, it is possible to under | ||
| CVE-2023-3777 | — | < 5.3.18-150300.59.141.2.150300.18.82.2 | 5.3.18-150300.59.141.2.150300.18.82.2 | Sep 6, 2023 | A use-after-free vulnerability in the Linux kernel's netfilter: nf_tables component can be exploited to achieve local privilege escalation. When nf_tables_delrule() is flushing table rules, it is not checked whether the chain is bound and the chain's owner rule can also release | ||
| CVE-2023-4459 | — | < 5.3.18-150300.59.133.1.150300.18.78.1 | 5.3.18-150300.59.133.1.150300.18.78.1 | Aug 21, 2023 | A NULL pointer dereference flaw was found in vmxnet3_rq_cleanup in drivers/net/vmxnet3/vmxnet3_drv.c in the networking sub-component in vmxnet3 in the Linux Kernel. This issue may allow a local attacker with normal user privilege to cause a denial of service due to a missing sani |
- CVE-2023-1192Nov 1, 2023affected < 5.3.18-150300.59.138.1.150300.18.80.2fixed 5.3.18-150300.59.138.1.150300.18.80.2
A use-after-free flaw was found in smb2_is_status_io_timeout() in CIFS in the Linux Kernel. After CIFS transfers response data to a system call, there are still local variable points to the memory region, and if the system call frees it faster than CIFS uses it, CIFS will access
- CVE-2023-5717Oct 25, 2023affected < 5.3.18-150300.59.144.1.150300.18.84.1fixed 5.3.18-150300.59.144.1.150300.18.84.1
A heap out-of-bounds write vulnerability in the Linux kernel's Linux Kernel Performance Events (perf) component can be exploited to achieve local privilege escalation. If perf_read_group() is called while an event's sibling_list is smaller than its child's sibling_list, it can i
- CVE-2023-45871Oct 15, 2023affected < 5.3.18-150300.59.144.1.150300.18.84.1fixed 5.3.18-150300.59.144.1.150300.18.84.1
An issue was discovered in drivers/net/ethernet/intel/igb/igb_main.c in the IGB driver in the Linux kernel before 6.5.3. A buffer size may not be adequate for frames larger than the MTU.
- CVE-2023-45863Oct 14, 2023affected < 5.3.18-150300.59.144.1.150300.18.84.1fixed 5.3.18-150300.59.144.1.150300.18.84.1
An issue was discovered in lib/kobject.c in the Linux kernel before 6.2.3. With root access, an attacker can trigger a race condition that results in a fill_kobj_path out-of-bounds write.
- CVE-2023-45862Oct 14, 2023affected < 5.3.18-150300.59.141.2.150300.18.82.2fixed 5.3.18-150300.59.141.2.150300.18.82.2
An issue was discovered in drivers/usb/storage/ene_ub6250.c for the ENE UB6250 reader driver in the Linux kernel before 6.2.5. An object could potentially extend beyond the end of an allocation.
- CVE-2023-39194Oct 9, 2023affected < 5.3.18-150300.59.141.2.150300.18.82.2fixed 5.3.18-150300.59.141.2.150300.18.82.2
A flaw was found in the XFRM subsystem in the Linux kernel. The specific flaw exists within the processing of state filters, which can result in a read past the end of an allocated buffer. This flaw allows a local privileged (CAP_NET_ADMIN) attacker to trigger an out-of-bounds re
- CVE-2023-39193Oct 9, 2023affected < 5.3.18-150300.59.141.2.150300.18.82.2fixed 5.3.18-150300.59.141.2.150300.18.82.2
A flaw was found in the Netfilter subsystem in the Linux kernel. The sctp_mt_check did not validate the flag_count field. This flaw allows a local privileged (CAP_NET_ADMIN) attacker to trigger an out-of-bounds read, leading to a crash or information disclosure.
- CVE-2023-39192Oct 9, 2023affected < 5.3.18-150300.59.141.2.150300.18.82.2fixed 5.3.18-150300.59.141.2.150300.18.82.2
A flaw was found in the Netfilter subsystem in the Linux kernel. The xt_u32 module did not validate the fields in the xt_u32 structure. This flaw allows a local privileged attacker to trigger an out-of-bounds read by setting the size fields with a value beyond the array boundarie
- CVE-2023-39189Oct 9, 2023affected < 5.3.18-150300.59.141.2.150300.18.82.2fixed 5.3.18-150300.59.141.2.150300.18.82.2
A flaw was found in the Netfilter subsystem in the Linux kernel. The nfnl_osf_add_callback function did not validate the user mode controlled opt_num field. This flaw allows a local privileged (CAP_NET_ADMIN) attacker to trigger an out-of-bounds read, leading to a crash or inform
- CVE-2023-42754Oct 5, 2023affected < 5.3.18-150300.59.141.2.150300.18.82.2fixed 5.3.18-150300.59.141.2.150300.18.82.2
A NULL pointer dereference flaw was found in the Linux kernel ipv4 stack. The socket buffer (skb) was assumed to be associated with a device before calling __ip_options_compile, which is not always the case if the skb is re-routed by ipvs. This issue may allow a local user with C
- CVE-2023-42753Sep 25, 2023affected < 5.3.18-150300.59.138.1.150300.18.80.2fixed 5.3.18-150300.59.138.1.150300.18.80.2
An array indexing vulnerability was found in the netfilter subsystem of the Linux kernel. A missing macro could lead to a miscalculation of the `h->nets` array offset, providing attackers with the primitive to arbitrarily increment/decrement a memory buffer out-of-bound. This iss
- CVE-2023-34319Sep 22, 2023affected < 5.3.18-150300.59.133.1.150300.18.78.1fixed 5.3.18-150300.59.133.1.150300.18.78.1
The fix for XSA-423 added logic to Linux'es netback driver to deal with a frontend splitting a packet in a way such that not all of the headers would come in one piece. Unfortunately the logic introduced there didn't account for the extreme case of the entire packet being split
- CVE-2023-2163Sep 20, 2023affected < 5.3.18-150300.59.141.2.150300.18.82.2fixed 5.3.18-150300.59.141.2.150300.18.82.2
Incorrect verifier pruning in BPF in Linux Kernel >=5.4 leads to unsafe code paths being incorrectly marked as safe, resulting in arbitrary read/write in kernel memory, lateral privilege escalation, and container escape.
- CVE-2020-36766Sep 18, 2023affected < 5.3.18-150300.59.138.1.150300.18.80.2fixed 5.3.18-150300.59.138.1.150300.18.80.2
An issue was discovered in the Linux kernel before 5.8.6. drivers/media/cec/core/cec-api.c leaks one byte of kernel memory on specific hardware to unprivileged users, because of directly assigning log_addrs with a hole in the struct.
- CVE-2023-4921Sep 12, 2023affected < 5.3.18-150300.59.138.1.150300.18.80.2fixed 5.3.18-150300.59.138.1.150300.18.80.2
A use-after-free vulnerability in the Linux kernel's net/sched: sch_qfq component can be exploited to achieve local privilege escalation. When the plug qdisc is used as a class of the qfq qdisc, sending network packets triggers use-after-free in qfq_dequeue() due to the incorrec
- CVE-2023-4623Sep 6, 2023affected < 5.3.18-150300.59.138.1.150300.18.80.2fixed 5.3.18-150300.59.138.1.150300.18.80.2
A use-after-free vulnerability in the Linux kernel's net/sched: sch_hfsc (HFSC qdisc traffic control) component can be exploited to achieve local privilege escalation. If a class with a link-sharing curve (i.e. with the HFSC_FSC flag set) has a parent without a link-sharing curv
- CVE-2023-4622Sep 6, 2023affected < 5.3.18-150300.59.138.1.150300.18.80.2fixed 5.3.18-150300.59.138.1.150300.18.80.2
A use-after-free vulnerability in the Linux kernel's af_unix component can be exploited to achieve local privilege escalation. The unix_stream_sendpage() function tries to add data to the last skb in the peer's recv queue without locking the queue. Thus there is a race where uni
- CVE-2023-4244Sep 6, 2023affected < 5.3.18-150300.59.164.1.150300.18.96.1fixed 5.3.18-150300.59.164.1.150300.18.96.1
A use-after-free vulnerability in the Linux kernel's netfilter: nf_tables component can be exploited to achieve local privilege escalation. Due to a race condition between nf_tables netlink control plane transaction and nft_set element garbage collection, it is possible to under
- CVE-2023-3777Sep 6, 2023affected < 5.3.18-150300.59.141.2.150300.18.82.2fixed 5.3.18-150300.59.141.2.150300.18.82.2
A use-after-free vulnerability in the Linux kernel's netfilter: nf_tables component can be exploited to achieve local privilege escalation. When nf_tables_delrule() is flushing table rules, it is not checked whether the chain is bound and the chain's owner rule can also release
- CVE-2023-4459Aug 21, 2023affected < 5.3.18-150300.59.133.1.150300.18.78.1fixed 5.3.18-150300.59.133.1.150300.18.78.1
A NULL pointer dereference flaw was found in vmxnet3_rq_cleanup in drivers/net/vmxnet3/vmxnet3_drv.c in the networking sub-component in vmxnet3 in the Linux Kernel. This issue may allow a local attacker with normal user privilege to cause a denial of service due to a missing sani
Page 70 of 85