rpm package

suse/kernel-livepatch-SLE15-SP2_Update_26&distro=SUSE Linux Enterprise Live Patching 15 SP2

pkg:rpm/suse/kernel-livepatch-SLE15-SP2_Update_26&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2015%20SP2

Vulnerabilities (59)

CVE	CVSS	KEV	Affected versions	Fixed in	Published	Description
CVE-2022-28389	—		< 1-150200.5.5.1	1-150200.5.5.1	Apr 3, 2022	mcba_usb_start_xmit in drivers/net/can/usb/mcba_usb.c in the Linux kernel through 5.17.1 has a double free.
CVE-2022-28390	—		< 1-150200.5.5.1	1-150200.5.5.1	Apr 3, 2022	ems_usb_start_xmit in drivers/net/can/usb/ems_usb.c in the Linux kernel through 5.17.1 has a double free.
CVE-2022-1055	—		< 1-150200.5.5.1	1-150200.5.5.1	Mar 29, 2022	A use-after-free exists in the Linux Kernel in tc_new_tfilter that could allow a local attacker to gain privilege escalation. The exploit requires unprivileged user namespaces. We recommend upgrading past commit 04c2a47ffb13c29778e2a14e414ad4cb5a5db4b5
CVE-2022-0854	—		< 1-150200.5.5.1	1-150200.5.5.1	Mar 23, 2022	A memory leak flaw was found in the Linux kernel’s DMA subsystem, in the way a user calls DMA_FROM_DEVICE. This flaw allows a local user to read random memory from the kernel space.
CVE-2022-27666	—		< 1-150200.5.5.1	1-150200.5.5.1	Mar 23, 2022	A heap buffer overflow flaw was found in IPsec ESP transformation code in net/ipv4/esp4.c and net/ipv6/esp6.c. This flaw allows a local attacker with a normal user privilege to overwrite kernel heap objects and may cause a local privilege escalation threat.
CVE-2021-45868	—		< 1-150200.5.5.1	1-150200.5.5.1	Mar 18, 2022	In the Linux kernel before 5.15.3, fs/quota/quota_tree.c does not validate the block number in the quota tree (on disk). This can, for example, lead to a kernel/locking/rwsem.c use-after-free if there is a corrupted quota file.
CVE-2022-1011	—		< 2-150200.2.1	2-150200.2.1	Mar 18, 2022	A use-after-free flaw was found in the Linux kernel’s FUSE filesystem in the way a user triggers write(). This flaw allows a local user to gain unauthorized access to data from the FUSE filesystem, resulting in privilege escalation.
CVE-2021-39698	—		< 1-150200.5.5.1	1-150200.5.5.1	Mar 16, 2022	In aio_poll_complete_work of aio.c, there is a possible memory corruption due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android ke
CVE-2022-26966	—		< 1-150200.5.5.1	1-150200.5.5.1	Mar 12, 2022	An issue was discovered in the Linux kernel before 5.16.12. drivers/net/usb/sr9700.c allows attackers to obtain sensitive information from heap memory via crafted frame lengths from a device.
CVE-2022-23042	—		< 1-150200.5.5.1	1-150200.5.5.1	Mar 10, 2022	Linux PV device frontends vulnerable to attacks by backends T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Several Linux PV device frontends are using the grant table interfaces for removing access
CVE-2022-23041	—		< 1-150200.5.5.1	1-150200.5.5.1	Mar 10, 2022	Linux PV device frontends vulnerable to attacks by backends T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Several Linux PV device frontends are using the grant table interfaces for removing access
CVE-2022-23040	—		< 1-150200.5.5.1	1-150200.5.5.1	Mar 10, 2022	Linux PV device frontends vulnerable to attacks by backends T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Several Linux PV device frontends are using the grant table interfaces for removing access
CVE-2022-23039	—		< 1-150200.5.5.1	1-150200.5.5.1	Mar 10, 2022	Linux PV device frontends vulnerable to attacks by backends T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Several Linux PV device frontends are using the grant table interfaces for removing access
CVE-2022-23038	—		< 1-150200.5.5.1	1-150200.5.5.1	Mar 10, 2022	Linux PV device frontends vulnerable to attacks by backends T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Several Linux PV device frontends are using the grant table interfaces for removing access
CVE-2022-23037	—		< 1-150200.5.5.1	1-150200.5.5.1	Mar 10, 2022	Linux PV device frontends vulnerable to attacks by backends T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Several Linux PV device frontends are using the grant table interfaces for removing access
CVE-2022-23036	—		< 1-150200.5.5.1	1-150200.5.5.1	Mar 10, 2022	Linux PV device frontends vulnerable to attacks by backends T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Several Linux PV device frontends are using the grant table interfaces for removing access
CVE-2022-26490	—		< 1-150200.5.5.1	1-150200.5.5.1	Mar 6, 2022	st21nfca_connectivity_event_received in drivers/nfc/st21nfca/se.c in the Linux kernel through 5.16.12 has EVT_TRANSACTION buffer overflows because of untrusted length parameters.
CVE-2020-36516	—		< 7-150200.2.2	7-150200.2.2	Feb 26, 2022	An issue was discovered in the Linux kernel through 5.16.11. The mixed IPID assignment method with the hash-based IPID assignment policy allows an off-path attacker to inject data into a victim's TCP session or terminate that session.
CVE-2021-0920	—	KEV	< 1-150200.5.5.1	1-150200.5.5.1	Dec 15, 2021	In unix_scm_to_skb of af_unix.c, there is a possible use after free bug due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndro

CVE-2022-28389Apr 3, 2022
affected < 1-150200.5.5.1fixed 1-150200.5.5.1
mcba_usb_start_xmit in drivers/net/can/usb/mcba_usb.c in the Linux kernel through 5.17.1 has a double free.
CVE-2022-28390Apr 3, 2022
affected < 1-150200.5.5.1fixed 1-150200.5.5.1
ems_usb_start_xmit in drivers/net/can/usb/ems_usb.c in the Linux kernel through 5.17.1 has a double free.
CVE-2022-1055Mar 29, 2022
affected < 1-150200.5.5.1fixed 1-150200.5.5.1
A use-after-free exists in the Linux Kernel in tc_new_tfilter that could allow a local attacker to gain privilege escalation. The exploit requires unprivileged user namespaces. We recommend upgrading past commit 04c2a47ffb13c29778e2a14e414ad4cb5a5db4b5
CVE-2022-0854Mar 23, 2022
affected < 1-150200.5.5.1fixed 1-150200.5.5.1
A memory leak flaw was found in the Linux kernel’s DMA subsystem, in the way a user calls DMA_FROM_DEVICE. This flaw allows a local user to read random memory from the kernel space.
CVE-2022-27666Mar 23, 2022
affected < 1-150200.5.5.1fixed 1-150200.5.5.1
A heap buffer overflow flaw was found in IPsec ESP transformation code in net/ipv4/esp4.c and net/ipv6/esp6.c. This flaw allows a local attacker with a normal user privilege to overwrite kernel heap objects and may cause a local privilege escalation threat.
CVE-2021-45868Mar 18, 2022
affected < 1-150200.5.5.1fixed 1-150200.5.5.1
In the Linux kernel before 5.15.3, fs/quota/quota_tree.c does not validate the block number in the quota tree (on disk). This can, for example, lead to a kernel/locking/rwsem.c use-after-free if there is a corrupted quota file.
CVE-2022-1011Mar 18, 2022
affected < 2-150200.2.1fixed 2-150200.2.1
A use-after-free flaw was found in the Linux kernel’s FUSE filesystem in the way a user triggers write(). This flaw allows a local user to gain unauthorized access to data from the FUSE filesystem, resulting in privilege escalation.
CVE-2021-39698Mar 16, 2022
affected < 1-150200.5.5.1fixed 1-150200.5.5.1
In aio_poll_complete_work of aio.c, there is a possible memory corruption due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android ke
CVE-2022-26966Mar 12, 2022
affected < 1-150200.5.5.1fixed 1-150200.5.5.1
An issue was discovered in the Linux kernel before 5.16.12. drivers/net/usb/sr9700.c allows attackers to obtain sensitive information from heap memory via crafted frame lengths from a device.
CVE-2022-23042Mar 10, 2022
affected < 1-150200.5.5.1fixed 1-150200.5.5.1
Linux PV device frontends vulnerable to attacks by backends T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Several Linux PV device frontends are using the grant table interfaces for removing access
CVE-2022-23041Mar 10, 2022
affected < 1-150200.5.5.1fixed 1-150200.5.5.1
Linux PV device frontends vulnerable to attacks by backends T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Several Linux PV device frontends are using the grant table interfaces for removing access
CVE-2022-23040Mar 10, 2022
affected < 1-150200.5.5.1fixed 1-150200.5.5.1
Linux PV device frontends vulnerable to attacks by backends T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Several Linux PV device frontends are using the grant table interfaces for removing access
CVE-2022-23039Mar 10, 2022
affected < 1-150200.5.5.1fixed 1-150200.5.5.1
Linux PV device frontends vulnerable to attacks by backends T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Several Linux PV device frontends are using the grant table interfaces for removing access
CVE-2022-23038Mar 10, 2022
affected < 1-150200.5.5.1fixed 1-150200.5.5.1
Linux PV device frontends vulnerable to attacks by backends T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Several Linux PV device frontends are using the grant table interfaces for removing access
CVE-2022-23037Mar 10, 2022
affected < 1-150200.5.5.1fixed 1-150200.5.5.1
Linux PV device frontends vulnerable to attacks by backends T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Several Linux PV device frontends are using the grant table interfaces for removing access
CVE-2022-23036Mar 10, 2022
affected < 1-150200.5.5.1fixed 1-150200.5.5.1
Linux PV device frontends vulnerable to attacks by backends T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Several Linux PV device frontends are using the grant table interfaces for removing access
CVE-2022-26490Mar 6, 2022
affected < 1-150200.5.5.1fixed 1-150200.5.5.1
st21nfca_connectivity_event_received in drivers/nfc/st21nfca/se.c in the Linux kernel through 5.16.12 has EVT_TRANSACTION buffer overflows because of untrusted length parameters.
CVE-2020-36516Feb 26, 2022
affected < 7-150200.2.2fixed 7-150200.2.2
An issue was discovered in the Linux kernel through 5.16.11. The mixed IPID assignment method with the hash-based IPID assignment policy allows an off-path attacker to inject data into a victim's TCP session or terminate that session.
CVE-2021-0920KEVDec 15, 2021
affected < 1-150200.5.5.1fixed 1-150200.5.5.1
In unix_scm_to_skb of af_unix.c, there is a possible use after free bug due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndro

Page 3 of 3