VYPR

rpm package

suse/kernel-livepatch-SLE15-SP2_Update_30&distro=SUSE Linux Enterprise Live Patching 15 SP2

pkg:rpm/suse/kernel-livepatch-SLE15-SP2_Update_30&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2015%20SP2

Vulnerabilities (51)

  • CVE-2022-20368Aug 11, 2022
    affected < 1-150200.5.3.1fixed 1-150200.5.3.1

    Product: AndroidVersions: Android kernelAndroid ID: A-224546354References: Upstream kernel

  • CVE-2022-20369Aug 11, 2022
    affected < 1-150200.5.3.1fixed 1-150200.5.3.1

    In v4l2_m2m_querybuf of v4l2-mem2mem.c, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: An

  • CVE-2022-1012Aug 5, 2022
    affected < 1-150200.5.3.1fixed 1-150200.5.3.1

    A memory leak problem was found in the TCP source port generation algorithm in net/ipv4/tcp.c due to the small table perturb size. This flaw may allow an attacker to information leak and may cause a denial of service problem.

  • CVE-2022-36879Jul 27, 2022
    affected < 1-150200.5.3.1fixed 1-150200.5.3.1

    An issue was discovered in the Linux kernel through 5.18.14. xfrm_expand_policies in net/xfrm/xfrm_policy.c can cause a refcount to be dropped twice.

  • CVE-2022-20166Jun 15, 2022
    affected < 1-150200.5.3.1fixed 1-150200.5.3.1

    In various methods of kernel base drivers, there is a possible out of bounds write due to a heap buffer overflow. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: An

  • CVE-2022-32250Jun 2, 2022
    affected < 1-150200.5.3.1fixed 1-150200.5.3.1

    net/netfilter/nf_tables_api.c in the Linux kernel through 5.18.1 allows a local user (able to create user/net namespaces) to escalate privileges to root because an incorrect NFT_STATEFUL_EXPR check leads to a use-after-free.

  • CVE-2022-29581May 17, 2022
    affected < 1-150200.5.3.1fixed 1-150200.5.3.1

    Improper Update of Reference Count vulnerability in net/sched of Linux Kernel allows local attacker to cause privilege escalation to root. This issue affects: Linux Kernel versions prior to 5.18; version 4.14 and later versions.

  • CVE-2021-4203Mar 25, 2022
    affected < 1-150200.5.3.1fixed 1-150200.5.3.1

    A use-after-free read flaw was found in sock_getsockopt() in net/core/sock.c due to SO_PEERCRED and SO_PEERGROUPS race with listen() (and connect()) in the Linux kernel. In this flaw, an attacker with a user privileges may crash the system or leak internal kernel information.

  • CVE-2021-39698Mar 16, 2022
    affected < 2-150200.2.1fixed 2-150200.2.1

    In aio_poll_complete_work of aio.c, there is a possible memory corruption due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android ke

  • CVE-2020-36516Feb 26, 2022
    affected < 1-150200.5.3.1fixed 1-150200.5.3.1

    An issue was discovered in the Linux kernel through 5.16.11. The mixed IPID assignment method with the hash-based IPID assignment policy allows an off-path attacker to inject data into a victim's TCP session or terminate that session.

  • CVE-2016-3695MedDec 29, 2017
    affected < 1-150200.5.3.1fixed 1-150200.5.3.1

    The einj_error_inject function in drivers/acpi/apei/einj.c in the Linux kernel allows local users to simulate hardware errors and consequently cause a denial of service by leveraging failure to disable APEI error injection through EINJ when securelevel is set.

Page 3 of 3