VYPR

rpm package

suse/kernel-livepatch-SLE15-SP1_Update_42&distro=SUSE Linux Enterprise Live Patching 15 SP1

pkg:rpm/suse/kernel-livepatch-SLE15-SP1_Update_42&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2015%20SP1

Vulnerabilities (15)

  • CVE-2023-4623Sep 6, 2023
    affected < 4-150100.2.2fixed 4-150100.2.2

    A use-after-free vulnerability in the Linux kernel's net/sched: sch_hfsc (HFSC qdisc traffic control) component can be exploited to achieve local privilege escalation. If a class with a link-sharing curve (i.e. with the HFSC_FSC flag set) has a parent without a link-sharing curv

  • CVE-2023-3567Jul 24, 2023
    affected < 2-150100.2.1fixed 2-150100.2.1

    A use-after-free flaw was found in vcs_read in drivers/tty/vt/vc_screen.c in vc_screen in the Linux Kernel. This issue may allow an attacker with local user access to cause a system crash or leak internal kernel information.

  • CVE-2023-35001Jul 5, 2023
    affected < 2-150100.2.1fixed 2-150100.2.1

    Linux Kernel nftables Out-Of-Bounds Read/Write Vulnerability; nft_byteorder poorly handled vm register contents when CAP_NET_ADMIN is in any user or network namespace

  • CVE-2023-3090Jun 28, 2023
    affected < 1-150100.3.3.1fixed 1-150100.3.3.1

    A heap out-of-bounds write vulnerability in the Linux Kernel ipvlan network driver can be exploited to achieve local privilege escalation. The out-of-bounds write is caused by missing skb->cb initialization in the ipvlan network driver. The vulnerability is reachable if CONFIG_

  • CVE-2023-3358Jun 28, 2023
    affected < 1-150100.3.3.1fixed 1-150100.3.3.1

    A null pointer dereference was found in the Linux kernel's Integrated Sensor Hub (ISH) driver. This issue could allow a local user to crash the system.

  • CVE-2023-35824Jun 18, 2023
    affected < 1-150100.3.3.1fixed 1-150100.3.3.1

    An issue was discovered in the Linux kernel before 6.3.2. A use-after-free was found in dm1105_remove in drivers/media/pci/dm1105/dm1105.c.

  • CVE-2023-3268Jun 16, 2023
    affected < 1-150100.3.3.1fixed 1-150100.3.3.1

    An out of bounds (OOB) memory access flaw was found in the Linux kernel in relay_file_read_start_pos in kernel/relay.c in the relayfs. This flaw could allow a local attacker to crash the system or leak kernel internal information.

  • CVE-2023-3161Jun 12, 2023
    affected < 1-150100.3.3.1fixed 1-150100.3.3.1

    A flaw was found in the Framebuffer Console (fbcon) in the Linux Kernel. When providing font->width and font->height greater than 32 to fbcon_set_font, since there are no checks in place, a shift-out-of-bounds occurs leading to undefined behavior and possible denial of service.

  • CVE-2023-3159Jun 12, 2023
    affected < 1-150100.3.3.1fixed 1-150100.3.3.1

    A use after free issue was discovered in driver/firewire in outbound_phy_packet_callback in the Linux Kernel. In this flaw a local attacker with special privilege may cause a use after free problem when queue_event() fails.

  • CVE-2023-3141Jun 9, 2023
    affected < 1-150100.3.3.1fixed 1-150100.3.3.1

    A use-after-free flaw was found in r592_remove in drivers/memstick/host/r592.c in media access in the Linux Kernel. This flaw allows a local attacker to crash the system at device disconnect, possibly leading to a kernel information leak.

  • CVE-2023-3111Jun 5, 2023
    affected < 1-150100.3.3.1fixed 1-150100.3.3.1

    A use after free vulnerability was found in prepare_to_relocate in fs/btrfs/relocation.c in btrfs in the Linux Kernel. This possible flaw can be triggered by calling btrfs_ioctl_balance() before calling btrfs_ioctl_defrag().

  • CVE-2023-2002May 26, 2023
    affected < 1-150100.3.3.1fixed 1-150100.3.3.1

    A vulnerability was found in the HCI sockets implementation due to a missing capability check in net/bluetooth/hci_sock.c in the Linux Kernel. This flaw allows an attacker to unauthorized execution of management commands, compromising the confidentiality, integrity, and availabil

  • CVE-2023-1637Mar 27, 2023
    affected < 1-150100.3.3.1fixed 1-150100.3.3.1

    A flaw that boot CPU could be vulnerable for the speculative execution behavior kind of attacks in the Linux kernel X86 CPU Power management options functionality was found in the way user resuming CPU from suspend-to-RAM. A local user could use this flaw to potentially get unaut

  • CVE-2023-1079Mar 27, 2023
    affected < 1-150100.3.3.1fixed 1-150100.3.3.1

    A flaw was found in the Linux kernel. A use-after-free may be triggered in asus_kbd_backlight_set when plugging/disconnecting in a malicious USB device, which advertises itself as an Asus device. Similarly to the previous known CVE-2023-25012, but in asus devices, the work_struct

  • CVE-2023-1249Mar 23, 2023
    affected < 1-150100.3.3.1fixed 1-150100.3.3.1

    A use-after-free flaw was found in the Linux kernel’s core dump subsystem. This flaw allows a local user to crash the system. Only if patch 390031c94211 ("coredump: Use the vma snapshot in fill_files_note") not applied yet, then kernel could be affected.