rpm package
suse/kernel-default-base&distro=SUSE Linux Enterprise Micro 5.3
pkg:rpm/suse/kernel-default-base&distro=SUSE%20Linux%20Enterprise%20Micro%205.3
Vulnerabilities (3,014)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2022-45934 | — | < 5.14.21-150400.24.141.1.150400.24.68.2 | 5.14.21-150400.24.141.1.150400.24.68.2 | Nov 27, 2022 | An issue was discovered in the Linux kernel through 6.0.10. l2cap_config_req in net/bluetooth/l2cap_core.c has an integer wraparound via L2CAP_CONF_REQ packets. | ||
| CVE-2022-45919 | — | < 5.14.21-150400.24.66.1.150400.24.29.1 | 5.14.21-150400.24.66.1.150400.24.29.1 | Nov 27, 2022 | An issue was discovered in the Linux kernel through 6.0.10. In drivers/media/dvb-core/dvb_ca_en50221.c, a use-after-free can occur is there is a disconnect after an open, because of the lack of a wait_event. | ||
| CVE-2022-45887 | — | < 5.14.21-150400.24.66.1.150400.24.29.1 | 5.14.21-150400.24.66.1.150400.24.29.1 | Nov 25, 2022 | An issue was discovered in the Linux kernel through 6.0.9. drivers/media/usb/ttusb-dec/ttusb_dec.c has a memory leak because of the lack of a dvb_frontend_detach call. | ||
| CVE-2022-45886 | — | < 5.14.21-150400.24.66.1.150400.24.29.1 | 5.14.21-150400.24.66.1.150400.24.29.1 | Nov 25, 2022 | An issue was discovered in the Linux kernel through 6.0.9. drivers/media/dvb-core/dvb_net.c has a .disconnect versus dvb_device_open race condition that leads to a use-after-free. | ||
| CVE-2022-45885 | — | < 5.14.21-150400.24.66.1.150400.24.29.1 | 5.14.21-150400.24.66.1.150400.24.29.1 | Nov 25, 2022 | An issue was discovered in the Linux kernel through 6.0.9. drivers/media/dvb-core/dvb_frontend.c has a race condition that can cause a use-after-free when a device is disconnected. | ||
| CVE-2022-45884 | — | < 5.14.21-150400.24.66.1.150400.24.29.1 | 5.14.21-150400.24.66.1.150400.24.29.1 | Nov 25, 2022 | An issue was discovered in the Linux kernel through 6.0.9. drivers/media/dvb-core/dvbdev.c has a use-after-free, related to dvb_register_device dynamically allocating fops. | ||
| CVE-2022-3903 | — | < 5.14.21-150400.24.170.2.150400.24.86.2 | 5.14.21-150400.24.170.2.150400.24.86.2 | Nov 14, 2022 | An incorrect read request flaw was found in the Infrared Transceiver USB driver in the Linux kernel. This issue occurs when a user attaches a malicious USB device. A local user could use this flaw to starve the resources, causing denial of service or potentially crashing the syst | ||
| CVE-2022-43945 | Hig | 7.5 | < 5.14.21-150400.24.179.1.150400.24.92.1 | 5.14.21-150400.24.179.1.150400.24.92.1 | Nov 4, 2022 | The Linux kernel NFSD implementation prior to versions 5.19.17 and 6.0.2 are vulnerable to buffer overflow. NFSD tracks the number of pages held by each NFSD thread by combining the receive and send buffers of a remote procedure call (RPC) into a single array of pages. A client c | |
| CVE-2022-43750 | — | < 5.14.21-150400.24.33.2.150400.24.11.4 | 5.14.21-150400.24.33.2.150400.24.11.4 | Oct 26, 2022 | drivers/usb/mon/mon_bin.c in usbmon in the Linux kernel before 5.19.15 and 6.x before 6.0.1 allows a user-space client to corrupt the monitor's internal memory. | ||
| CVE-2022-3344 | — | < 5.14.21-150400.24.41.1.150400.24.15.1 | 5.14.21-150400.24.41.1.150400.24.15.1 | Oct 24, 2022 | A flaw was found in the KVM's AMD nested virtualization (SVM). A malicious L1 guest could purposely fail to intercept the shutdown of a cooperative nested guest (L2), possibly leading to a page fault and kernel panic in the host (L0). | ||
| CVE-2022-3649 | — | < 5.14.21-150400.24.33.2.150400.24.11.4 | 5.14.21-150400.24.33.2.150400.24.11.4 | Oct 21, 2022 | A vulnerability was found in Linux Kernel. It has been classified as problematic. Affected is the function nilfs_new_inode of the file fs/nilfs2/inode.c of the component BPF. The manipulation leads to use after free. It is possible to launch the attack remotely. It is recommended | ||
| CVE-2022-3646 | — | < 5.14.21-150400.24.33.2.150400.24.11.4 | 5.14.21-150400.24.33.2.150400.24.11.4 | Oct 21, 2022 | A vulnerability, which was classified as problematic, has been found in Linux Kernel. This issue affects the function nilfs_attach_log_writer of the file fs/nilfs2/segment.c of the component BPF. The manipulation leads to memory leak. The attack may be initiated remotely. It is r | ||
| CVE-2022-3640 | — | < 5.14.21-150400.24.33.2.150400.24.11.4 | 5.14.21-150400.24.33.2.150400.24.11.4 | Oct 21, 2022 | A vulnerability, which was classified as critical, was found in Linux Kernel. Affected is the function l2cap_conn_del of the file net/bluetooth/l2cap_core.c of the component Bluetooth. The manipulation leads to use after free. It is recommended to apply a patch to fix this issue. | ||
| CVE-2022-3633 | — | < 5.14.21-150400.24.33.2.150400.24.11.4 | 5.14.21-150400.24.33.2.150400.24.11.4 | Oct 21, 2022 | A vulnerability classified as problematic has been found in Linux Kernel. Affected is the function j1939_session_destroy of the file net/can/j1939/transport.c. The manipulation leads to memory leak. It is recommended to apply a patch to fix this issue. The identifier of this vuln | ||
| CVE-2022-3629 | — | < 5.14.21-150400.24.33.2.150400.24.11.4 | 5.14.21-150400.24.33.2.150400.24.11.4 | Oct 21, 2022 | A vulnerability was found in Linux Kernel. It has been declared as problematic. This vulnerability affects the function vsock_connect of the file net/vmw_vsock/af_vsock.c. The manipulation leads to memory leak. The complexity of an attack is rather high. The exploitation appears | ||
| CVE-2022-3625 | — | < 5.14.21-150400.24.33.2.150400.24.11.4 | 5.14.21-150400.24.33.2.150400.24.11.4 | Oct 21, 2022 | A vulnerability was found in Linux Kernel. It has been classified as critical. This affects the function devlink_param_set/devlink_param_get of the file net/core/devlink.c of the component IPsec. The manipulation leads to use after free. It is recommended to apply a patch to fix | ||
| CVE-2022-3621 | — | < 5.14.21-150400.24.33.2.150400.24.11.4 | 5.14.21-150400.24.33.2.150400.24.11.4 | Oct 20, 2022 | A vulnerability was found in Linux Kernel. It has been classified as problematic. Affected is the function nilfs_bmap_lookup_at_level of the file fs/nilfs2/inode.c of the component nilfs2. The manipulation leads to null pointer dereference. It is possible to launch the attack rem | ||
| CVE-2022-3619 | — | < 5.14.21-150400.24.33.2.150400.24.11.4 | 5.14.21-150400.24.33.2.150400.24.11.4 | Oct 20, 2022 | A vulnerability has been found in Linux Kernel and classified as problematic. This vulnerability affects the function l2cap_recv_acldata of the file net/bluetooth/l2cap_core.c of the component Bluetooth. The manipulation leads to memory leak. It is recommended to apply a patch to | ||
| CVE-2022-3577 | — | < 5.14.21-150400.24.33.2.150400.24.11.4 | 5.14.21-150400.24.33.2.150400.24.11.4 | Oct 20, 2022 | An out-of-bounds memory write flaw was found in the Linux kernel’s Kid-friendly Wired Controller driver. This flaw allows a local user to crash or potentially escalate their privileges on the system. It is in bigben_probe of drivers/hid/hid-bigbenff.c. The reason is incorrect ass | ||
| CVE-2022-3586 | — | < 5.14.21-150400.24.33.2.150400.24.11.4 | 5.14.21-150400.24.33.2.150400.24.11.4 | Oct 19, 2022 | A flaw was found in the Linux kernel’s networking code. A use-after-free was found in the way the sch_sfb enqueue function used the socket buffer (SKB) cb field after the same SKB had been enqueued (and freed) into a child qdisc. This flaw allows a local, unprivileged user to cra |
- CVE-2022-45934Nov 27, 2022affected < 5.14.21-150400.24.141.1.150400.24.68.2fixed 5.14.21-150400.24.141.1.150400.24.68.2
An issue was discovered in the Linux kernel through 6.0.10. l2cap_config_req in net/bluetooth/l2cap_core.c has an integer wraparound via L2CAP_CONF_REQ packets.
- CVE-2022-45919Nov 27, 2022affected < 5.14.21-150400.24.66.1.150400.24.29.1fixed 5.14.21-150400.24.66.1.150400.24.29.1
An issue was discovered in the Linux kernel through 6.0.10. In drivers/media/dvb-core/dvb_ca_en50221.c, a use-after-free can occur is there is a disconnect after an open, because of the lack of a wait_event.
- CVE-2022-45887Nov 25, 2022affected < 5.14.21-150400.24.66.1.150400.24.29.1fixed 5.14.21-150400.24.66.1.150400.24.29.1
An issue was discovered in the Linux kernel through 6.0.9. drivers/media/usb/ttusb-dec/ttusb_dec.c has a memory leak because of the lack of a dvb_frontend_detach call.
- CVE-2022-45886Nov 25, 2022affected < 5.14.21-150400.24.66.1.150400.24.29.1fixed 5.14.21-150400.24.66.1.150400.24.29.1
An issue was discovered in the Linux kernel through 6.0.9. drivers/media/dvb-core/dvb_net.c has a .disconnect versus dvb_device_open race condition that leads to a use-after-free.
- CVE-2022-45885Nov 25, 2022affected < 5.14.21-150400.24.66.1.150400.24.29.1fixed 5.14.21-150400.24.66.1.150400.24.29.1
An issue was discovered in the Linux kernel through 6.0.9. drivers/media/dvb-core/dvb_frontend.c has a race condition that can cause a use-after-free when a device is disconnected.
- CVE-2022-45884Nov 25, 2022affected < 5.14.21-150400.24.66.1.150400.24.29.1fixed 5.14.21-150400.24.66.1.150400.24.29.1
An issue was discovered in the Linux kernel through 6.0.9. drivers/media/dvb-core/dvbdev.c has a use-after-free, related to dvb_register_device dynamically allocating fops.
- CVE-2022-3903Nov 14, 2022affected < 5.14.21-150400.24.170.2.150400.24.86.2fixed 5.14.21-150400.24.170.2.150400.24.86.2
An incorrect read request flaw was found in the Infrared Transceiver USB driver in the Linux kernel. This issue occurs when a user attaches a malicious USB device. A local user could use this flaw to starve the resources, causing denial of service or potentially crashing the syst
- affected < 5.14.21-150400.24.179.1.150400.24.92.1fixed 5.14.21-150400.24.179.1.150400.24.92.1
The Linux kernel NFSD implementation prior to versions 5.19.17 and 6.0.2 are vulnerable to buffer overflow. NFSD tracks the number of pages held by each NFSD thread by combining the receive and send buffers of a remote procedure call (RPC) into a single array of pages. A client c
- CVE-2022-43750Oct 26, 2022affected < 5.14.21-150400.24.33.2.150400.24.11.4fixed 5.14.21-150400.24.33.2.150400.24.11.4
drivers/usb/mon/mon_bin.c in usbmon in the Linux kernel before 5.19.15 and 6.x before 6.0.1 allows a user-space client to corrupt the monitor's internal memory.
- CVE-2022-3344Oct 24, 2022affected < 5.14.21-150400.24.41.1.150400.24.15.1fixed 5.14.21-150400.24.41.1.150400.24.15.1
A flaw was found in the KVM's AMD nested virtualization (SVM). A malicious L1 guest could purposely fail to intercept the shutdown of a cooperative nested guest (L2), possibly leading to a page fault and kernel panic in the host (L0).
- CVE-2022-3649Oct 21, 2022affected < 5.14.21-150400.24.33.2.150400.24.11.4fixed 5.14.21-150400.24.33.2.150400.24.11.4
A vulnerability was found in Linux Kernel. It has been classified as problematic. Affected is the function nilfs_new_inode of the file fs/nilfs2/inode.c of the component BPF. The manipulation leads to use after free. It is possible to launch the attack remotely. It is recommended
- CVE-2022-3646Oct 21, 2022affected < 5.14.21-150400.24.33.2.150400.24.11.4fixed 5.14.21-150400.24.33.2.150400.24.11.4
A vulnerability, which was classified as problematic, has been found in Linux Kernel. This issue affects the function nilfs_attach_log_writer of the file fs/nilfs2/segment.c of the component BPF. The manipulation leads to memory leak. The attack may be initiated remotely. It is r
- CVE-2022-3640Oct 21, 2022affected < 5.14.21-150400.24.33.2.150400.24.11.4fixed 5.14.21-150400.24.33.2.150400.24.11.4
A vulnerability, which was classified as critical, was found in Linux Kernel. Affected is the function l2cap_conn_del of the file net/bluetooth/l2cap_core.c of the component Bluetooth. The manipulation leads to use after free. It is recommended to apply a patch to fix this issue.
- CVE-2022-3633Oct 21, 2022affected < 5.14.21-150400.24.33.2.150400.24.11.4fixed 5.14.21-150400.24.33.2.150400.24.11.4
A vulnerability classified as problematic has been found in Linux Kernel. Affected is the function j1939_session_destroy of the file net/can/j1939/transport.c. The manipulation leads to memory leak. It is recommended to apply a patch to fix this issue. The identifier of this vuln
- CVE-2022-3629Oct 21, 2022affected < 5.14.21-150400.24.33.2.150400.24.11.4fixed 5.14.21-150400.24.33.2.150400.24.11.4
A vulnerability was found in Linux Kernel. It has been declared as problematic. This vulnerability affects the function vsock_connect of the file net/vmw_vsock/af_vsock.c. The manipulation leads to memory leak. The complexity of an attack is rather high. The exploitation appears
- CVE-2022-3625Oct 21, 2022affected < 5.14.21-150400.24.33.2.150400.24.11.4fixed 5.14.21-150400.24.33.2.150400.24.11.4
A vulnerability was found in Linux Kernel. It has been classified as critical. This affects the function devlink_param_set/devlink_param_get of the file net/core/devlink.c of the component IPsec. The manipulation leads to use after free. It is recommended to apply a patch to fix
- CVE-2022-3621Oct 20, 2022affected < 5.14.21-150400.24.33.2.150400.24.11.4fixed 5.14.21-150400.24.33.2.150400.24.11.4
A vulnerability was found in Linux Kernel. It has been classified as problematic. Affected is the function nilfs_bmap_lookup_at_level of the file fs/nilfs2/inode.c of the component nilfs2. The manipulation leads to null pointer dereference. It is possible to launch the attack rem
- CVE-2022-3619Oct 20, 2022affected < 5.14.21-150400.24.33.2.150400.24.11.4fixed 5.14.21-150400.24.33.2.150400.24.11.4
A vulnerability has been found in Linux Kernel and classified as problematic. This vulnerability affects the function l2cap_recv_acldata of the file net/bluetooth/l2cap_core.c of the component Bluetooth. The manipulation leads to memory leak. It is recommended to apply a patch to
- CVE-2022-3577Oct 20, 2022affected < 5.14.21-150400.24.33.2.150400.24.11.4fixed 5.14.21-150400.24.33.2.150400.24.11.4
An out-of-bounds memory write flaw was found in the Linux kernel’s Kid-friendly Wired Controller driver. This flaw allows a local user to crash or potentially escalate their privileges on the system. It is in bigben_probe of drivers/hid/hid-bigbenff.c. The reason is incorrect ass
- CVE-2022-3586Oct 19, 2022affected < 5.14.21-150400.24.33.2.150400.24.11.4fixed 5.14.21-150400.24.33.2.150400.24.11.4
A flaw was found in the Linux kernel’s networking code. A use-after-free was found in the way the sch_sfb enqueue function used the socket buffer (SKB) cb field after the same SKB had been enqueued (and freed) into a child qdisc. This flaw allows a local, unprivileged user to cra
Page 148 of 151