rpm package
suse/kernel-livepatch-SLE15-SP1_Update_43&distro=SUSE Linux Enterprise Live Patching 15 SP1
pkg:rpm/suse/kernel-livepatch-SLE15-SP1_Update_43&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2015%20SP1
Vulnerabilities (15)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2023-34319 | — | < 1-150100.3.3.1 | 1-150100.3.3.1 | Sep 22, 2023 | The fix for XSA-423 added logic to Linux'es netback driver to deal with a frontend splitting a packet in a way such that not all of the headers would come in one piece. Unfortunately the logic introduced there didn't account for the extreme case of the entire packet being split | ||
| CVE-2022-40982 | — | < 1-150100.3.3.1 | 1-150100.3.3.1 | Aug 11, 2023 | Information exposure through microarchitectural state after transient execution in certain vector execution units for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access. | ||
| CVE-2023-20569 | — | < 1-150100.3.3.1 | 1-150100.3.3.1 | Aug 8, 2023 | A side channel vulnerability on some of the AMD CPUs may allow an attacker to influence the return address prediction. This may result in speculative execution at an attacker-controlled address, potentially leading to information disclosure. | ||
| CVE-2023-4194 | — | < 1-150100.3.3.1 | 1-150100.3.3.1 | Aug 7, 2023 | A flaw was found in the Linux kernel's TUN/TAP functionality. This issue could allow a local user to bypass network filters and gain unauthorized access to some resources. The original patches fixing CVE-2023-1076 are incorrect or incomplete. The problem is that the following ups | ||
| CVE-2023-4133 | — | < 1-150100.3.3.1 | 1-150100.3.3.1 | Aug 3, 2023 | A use-after-free vulnerability was found in the cxgb4 driver in the Linux kernel. The bug occurs when the cxgb4 device is detaching due to a possible rearming of the flower_stats_timer from the work queue. This flaw allows a local user to crash the system, causing a denial of ser | ||
| CVE-2023-20593 | — | < 1-150100.3.3.1 | 1-150100.3.3.1 | Jul 24, 2023 | An issue in “Zen 2” CPUs, under specific microarchitectural circumstances, may allow an attacker to potentially access sensitive information. | ||
| CVE-2023-3812 | — | < 2-150100.2.1 | 2-150100.2.1 | Jul 24, 2023 | An out-of-bounds memory access flaw was found in the Linux kernel’s TUN/TAP device driver functionality in how a user generates a malicious (too big) networking packet when napi frags is enabled. This flaw allows a local user to crash or potentially escalate their privileges on t | ||
| CVE-2023-3567 | — | < 1-150100.3.3.1 | 1-150100.3.3.1 | Jul 24, 2023 | A use-after-free flaw was found in vcs_read in drivers/tty/vt/vc_screen.c in vc_screen in the Linux Kernel. This issue may allow an attacker with local user access to cause a system crash or leak internal kernel information. | ||
| CVE-2023-3776 | — | < 1-150100.3.3.1 | 1-150100.3.3.1 | Jul 21, 2023 | A use-after-free vulnerability in the Linux kernel's net/sched: cls_fw component can be exploited to achieve local privilege escalation. If tcf_change_indev() fails, fw_set_parms() will immediately return an error after incrementing or decrementing the reference counter in tcf_b | ||
| CVE-2023-3611 | — | < 1-150100.3.3.1 | 1-150100.3.3.1 | Jul 21, 2023 | An out-of-bounds write vulnerability in the Linux kernel's net/sched: sch_qfq component can be exploited to achieve local privilege escalation. The qfq_change_agg() function in net/sched/sch_qfq.c allows an out-of-bounds write because lmax is updated according to packet sizes wi | ||
| CVE-2023-3609 | — | < 1-150100.3.3.1 | 1-150100.3.3.1 | Jul 21, 2023 | A use-after-free vulnerability in the Linux kernel's net/sched: cls_u32 component can be exploited to achieve local privilege escalation. If tcf_change_indev() fails, u32_set_parms() will immediately return an error after incrementing or decrementing the reference counter in tcf | ||
| CVE-2023-35001 | — | < 1-150100.3.3.1 | 1-150100.3.3.1 | Jul 5, 2023 | Linux Kernel nftables Out-Of-Bounds Read/Write Vulnerability; nft_byteorder poorly handled vm register contents when CAP_NET_ADMIN is in any user or network namespace | ||
| CVE-2023-2985 | — | < 1-150100.3.3.1 | 1-150100.3.3.1 | Jun 1, 2023 | A use after free flaw was found in hfsplus_put_super in fs/hfsplus/super.c in the Linux Kernel. This flaw could allow a local user to cause a denial of service problem. | ||
| CVE-2023-0459 | — | < 1-150100.3.3.1 | 1-150100.3.3.1 | May 25, 2023 | Copy_from_user on 64-bit versions of the Linux kernel does not implement the __uaccess_begin_nospec allowing a user to bypass the "access_ok" check and pass a kernel pointer to copy_from_user(). This would allow an attacker to leak information. We recommend upgrading beyond commi | ||
| CVE-2023-1829 | — | < 2-150100.2.1 | 2-150100.2.1 | Apr 12, 2023 | A use-after-free vulnerability in the Linux Kernel traffic control index filter (tcindex) can be exploited to achieve local privilege escalation. The tcindex_delete function which does not properly deactivate filters in case of a perfect hashes while deleting the underlying struc |
- CVE-2023-34319Sep 22, 2023affected < 1-150100.3.3.1fixed 1-150100.3.3.1
The fix for XSA-423 added logic to Linux'es netback driver to deal with a frontend splitting a packet in a way such that not all of the headers would come in one piece. Unfortunately the logic introduced there didn't account for the extreme case of the entire packet being split
- CVE-2022-40982Aug 11, 2023affected < 1-150100.3.3.1fixed 1-150100.3.3.1
Information exposure through microarchitectural state after transient execution in certain vector execution units for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.
- CVE-2023-20569Aug 8, 2023affected < 1-150100.3.3.1fixed 1-150100.3.3.1
A side channel vulnerability on some of the AMD CPUs may allow an attacker to influence the return address prediction. This may result in speculative execution at an attacker-controlled address, potentially leading to information disclosure.
- CVE-2023-4194Aug 7, 2023affected < 1-150100.3.3.1fixed 1-150100.3.3.1
A flaw was found in the Linux kernel's TUN/TAP functionality. This issue could allow a local user to bypass network filters and gain unauthorized access to some resources. The original patches fixing CVE-2023-1076 are incorrect or incomplete. The problem is that the following ups
- CVE-2023-4133Aug 3, 2023affected < 1-150100.3.3.1fixed 1-150100.3.3.1
A use-after-free vulnerability was found in the cxgb4 driver in the Linux kernel. The bug occurs when the cxgb4 device is detaching due to a possible rearming of the flower_stats_timer from the work queue. This flaw allows a local user to crash the system, causing a denial of ser
- CVE-2023-20593Jul 24, 2023affected < 1-150100.3.3.1fixed 1-150100.3.3.1
An issue in “Zen 2” CPUs, under specific microarchitectural circumstances, may allow an attacker to potentially access sensitive information.
- CVE-2023-3812Jul 24, 2023affected < 2-150100.2.1fixed 2-150100.2.1
An out-of-bounds memory access flaw was found in the Linux kernel’s TUN/TAP device driver functionality in how a user generates a malicious (too big) networking packet when napi frags is enabled. This flaw allows a local user to crash or potentially escalate their privileges on t
- CVE-2023-3567Jul 24, 2023affected < 1-150100.3.3.1fixed 1-150100.3.3.1
A use-after-free flaw was found in vcs_read in drivers/tty/vt/vc_screen.c in vc_screen in the Linux Kernel. This issue may allow an attacker with local user access to cause a system crash or leak internal kernel information.
- CVE-2023-3776Jul 21, 2023affected < 1-150100.3.3.1fixed 1-150100.3.3.1
A use-after-free vulnerability in the Linux kernel's net/sched: cls_fw component can be exploited to achieve local privilege escalation. If tcf_change_indev() fails, fw_set_parms() will immediately return an error after incrementing or decrementing the reference counter in tcf_b
- CVE-2023-3611Jul 21, 2023affected < 1-150100.3.3.1fixed 1-150100.3.3.1
An out-of-bounds write vulnerability in the Linux kernel's net/sched: sch_qfq component can be exploited to achieve local privilege escalation. The qfq_change_agg() function in net/sched/sch_qfq.c allows an out-of-bounds write because lmax is updated according to packet sizes wi
- CVE-2023-3609Jul 21, 2023affected < 1-150100.3.3.1fixed 1-150100.3.3.1
A use-after-free vulnerability in the Linux kernel's net/sched: cls_u32 component can be exploited to achieve local privilege escalation. If tcf_change_indev() fails, u32_set_parms() will immediately return an error after incrementing or decrementing the reference counter in tcf
- CVE-2023-35001Jul 5, 2023affected < 1-150100.3.3.1fixed 1-150100.3.3.1
Linux Kernel nftables Out-Of-Bounds Read/Write Vulnerability; nft_byteorder poorly handled vm register contents when CAP_NET_ADMIN is in any user or network namespace
- CVE-2023-2985Jun 1, 2023affected < 1-150100.3.3.1fixed 1-150100.3.3.1
A use after free flaw was found in hfsplus_put_super in fs/hfsplus/super.c in the Linux Kernel. This flaw could allow a local user to cause a denial of service problem.
- CVE-2023-0459May 25, 2023affected < 1-150100.3.3.1fixed 1-150100.3.3.1
Copy_from_user on 64-bit versions of the Linux kernel does not implement the __uaccess_begin_nospec allowing a user to bypass the "access_ok" check and pass a kernel pointer to copy_from_user(). This would allow an attacker to leak information. We recommend upgrading beyond commi
- CVE-2023-1829Apr 12, 2023affected < 2-150100.2.1fixed 2-150100.2.1
A use-after-free vulnerability in the Linux Kernel traffic control index filter (tcindex) can be exploited to achieve local privilege escalation. The tcindex_delete function which does not properly deactivate filters in case of a perfect hashes while deleting the underlying struc