rpm package
suse/kernel-livepatch-SLE15-SP2_Update_31&distro=SUSE Linux Enterprise Live Patching 15 SP2
pkg:rpm/suse/kernel-livepatch-SLE15-SP2_Update_31&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2015%20SP2
Vulnerabilities (36)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2022-42721 | Med | 5.5 | < 1-150200.5.3.2 | 1-150200.5.3.2 | Oct 14, 2022 | A list management bug in BSS handling in the mac80211 stack in the Linux kernel 5.1 through 5.19.x before 5.19.16 could be used by local attackers (able to inject WLAN frames) to corrupt a linked list and, in turn, potentially execute code. | |
| CVE-2022-42720 | Hig | 7.8 | < 1-150200.5.3.2 | 1-150200.5.3.2 | Oct 14, 2022 | Various refcounting bugs in the multi-BSS handling in the mac80211 stack in the Linux kernel 5.1 through 5.19.x before 5.19.16 could be used by local attackers (able to inject WLAN frames) to trigger use-after-free conditions to potentially execute code. | |
| CVE-2022-41674 | Hig | 8.1 | < 1-150200.5.3.2 | 1-150200.5.3.2 | Oct 14, 2022 | An issue was discovered in the Linux kernel before 5.19.16. Attackers able to inject WLAN frames could cause a buffer overflow in the ieee80211_bss_info_update function in net/mac80211/scan.c. | |
| CVE-2022-42719 | Hig | 8.8 | < 1-150200.5.3.2 | 1-150200.5.3.2 | Oct 13, 2022 | A use-after-free in the mac80211 stack when parsing a multi-BSSID element in the Linux kernel 5.2 through 5.19.x before 5.19.16 could be used by attackers (able to inject WLAN frames) to crash the kernel and potentially execute code. | |
| CVE-2022-41849 | Med | 4.2 | < 1-150200.5.3.2 | 1-150200.5.3.2 | Sep 30, 2022 | drivers/video/fbdev/smscufx.c in the Linux kernel through 5.19.12 has a race condition and resultant use-after-free if a physically proximate attacker removes a USB device while calling open(), aka a race condition between ufx_ops_open and ufx_usb_disconnect. | |
| CVE-2022-41848 | Med | 4.2 | < 1-150200.5.3.2 | 1-150200.5.3.2 | Sep 30, 2022 | drivers/char/pcmcia/synclink_cs.c in the Linux kernel through 5.19.12 has a race condition and resultant use-after-free if a physically proximate attacker removes a PCMCIA device while calling ioctl, aka a race condition between mgslpc_ioctl and mgslpc_detach. | |
| CVE-2022-3303 | Med | 4.7 | < 1-150200.5.3.2 | 1-150200.5.3.2 | Sep 27, 2022 | A race condition flaw was found in the Linux kernel sound subsystem due to improper locking. It could lead to a NULL pointer dereference while handling the SNDCTL_DSP_SYNC ioctl. A privileged local user (root or member of the audio group) could use this flaw to crash the system, | |
| CVE-2022-41222 | Hig | 7.0 | < 1-150200.5.3.2 | 1-150200.5.3.2 | Sep 21, 2022 | mm/mremap.c in the Linux kernel before 5.13.3 has a use-after-free via a stale TLB because an rmap lock is not held during a PUD move. | |
| CVE-2022-41218 | Med | 5.5 | < 1-150200.5.3.2 | 1-150200.5.3.2 | Sep 21, 2022 | In drivers/media/dvb-core/dmxdev.c in the Linux kernel through 5.19.10, there is a use-after-free caused by refcount races, affecting dvb_demux_open and dvb_dmxdev_release. | |
| CVE-2022-3239 | Hig | 7.8 | < 1-150200.5.3.2 | 1-150200.5.3.2 | Sep 19, 2022 | A flaw use after free in the Linux kernel video4linux driver was found in the way user triggers em28xx_usb_probe() for the Empia 28xx based TV cards. A local user could use this flaw to crash the system or potentially escalate their privileges on the system. | |
| CVE-2022-39189 | Hig | 7.8 | < 2-150200.2.1 | 2-150200.2.1 | Sep 2, 2022 | An issue was discovered the x86 KVM subsystem in the Linux kernel before 5.18.17. Unprivileged guest users can compromise the guest kernel because TLB flush operations are mishandled in certain KVM_VCPU_PREEMPTED situations. | |
| CVE-2022-2503 | Med | 6.9 | < 1-150200.5.3.2 | 1-150200.5.3.2 | Aug 12, 2022 | Dm-verity is used for extending root-of-trust to root filesystems. LoadPin builds on this property to restrict module/firmware loads to just the trusted root filesystem. Device-mapper table reloads currently allow users with root privileges to switch out the target with an equiva | |
| CVE-2022-32296 | Low | 3.3 | < 1-150200.5.3.2 | 1-150200.5.3.2 | Jun 5, 2022 | The Linux kernel before 5.17.9 allows TCP servers to identify clients by observing what source ports are used. This occurs because of use of Algorithm 4 ("Double-Hash Port Selection Algorithm") of RFC 6056. | |
| CVE-2022-20008 | Med | 4.6 | < 1-150200.5.3.2 | 1-150200.5.3.2 | May 10, 2022 | In mmc_blk_read_single of block.c, there is a possible way to read kernel heap memory due to uninitialized data. This could lead to local information disclosure if reading from an SD card that triggers errors, with no additional execution privileges needed. User interaction is no | |
| CVE-2021-39698 | Hig | 7.8 | < 2-150200.2.1 | 2-150200.2.1 | Mar 16, 2022 | In aio_poll_complete_work of aio.c, there is a possible memory corruption due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android ke | |
| CVE-2020-16119 | Med | 6.3 | < 1-150200.5.3.2 | 1-150200.5.3.2 | Jan 14, 2021 | Use-after-free vulnerability in the Linux kernel exploitable by a local attacker due to reuse of a DCCP socket with an attached dccps_hc_tx_ccid object as a listener after being released. Fixed in Ubuntu Linux kernel 5.4.0-51.56, 5.3.0-68.63, 4.15.0-121.123, 4.4.0-193.224, 3.13.0 |
- affected < 1-150200.5.3.2fixed 1-150200.5.3.2
A list management bug in BSS handling in the mac80211 stack in the Linux kernel 5.1 through 5.19.x before 5.19.16 could be used by local attackers (able to inject WLAN frames) to corrupt a linked list and, in turn, potentially execute code.
- affected < 1-150200.5.3.2fixed 1-150200.5.3.2
Various refcounting bugs in the multi-BSS handling in the mac80211 stack in the Linux kernel 5.1 through 5.19.x before 5.19.16 could be used by local attackers (able to inject WLAN frames) to trigger use-after-free conditions to potentially execute code.
- affected < 1-150200.5.3.2fixed 1-150200.5.3.2
An issue was discovered in the Linux kernel before 5.19.16. Attackers able to inject WLAN frames could cause a buffer overflow in the ieee80211_bss_info_update function in net/mac80211/scan.c.
- affected < 1-150200.5.3.2fixed 1-150200.5.3.2
A use-after-free in the mac80211 stack when parsing a multi-BSSID element in the Linux kernel 5.2 through 5.19.x before 5.19.16 could be used by attackers (able to inject WLAN frames) to crash the kernel and potentially execute code.
- affected < 1-150200.5.3.2fixed 1-150200.5.3.2
drivers/video/fbdev/smscufx.c in the Linux kernel through 5.19.12 has a race condition and resultant use-after-free if a physically proximate attacker removes a USB device while calling open(), aka a race condition between ufx_ops_open and ufx_usb_disconnect.
- affected < 1-150200.5.3.2fixed 1-150200.5.3.2
drivers/char/pcmcia/synclink_cs.c in the Linux kernel through 5.19.12 has a race condition and resultant use-after-free if a physically proximate attacker removes a PCMCIA device while calling ioctl, aka a race condition between mgslpc_ioctl and mgslpc_detach.
- affected < 1-150200.5.3.2fixed 1-150200.5.3.2
A race condition flaw was found in the Linux kernel sound subsystem due to improper locking. It could lead to a NULL pointer dereference while handling the SNDCTL_DSP_SYNC ioctl. A privileged local user (root or member of the audio group) could use this flaw to crash the system,
- affected < 1-150200.5.3.2fixed 1-150200.5.3.2
mm/mremap.c in the Linux kernel before 5.13.3 has a use-after-free via a stale TLB because an rmap lock is not held during a PUD move.
- affected < 1-150200.5.3.2fixed 1-150200.5.3.2
In drivers/media/dvb-core/dmxdev.c in the Linux kernel through 5.19.10, there is a use-after-free caused by refcount races, affecting dvb_demux_open and dvb_dmxdev_release.
- affected < 1-150200.5.3.2fixed 1-150200.5.3.2
A flaw use after free in the Linux kernel video4linux driver was found in the way user triggers em28xx_usb_probe() for the Empia 28xx based TV cards. A local user could use this flaw to crash the system or potentially escalate their privileges on the system.
- affected < 2-150200.2.1fixed 2-150200.2.1
An issue was discovered the x86 KVM subsystem in the Linux kernel before 5.18.17. Unprivileged guest users can compromise the guest kernel because TLB flush operations are mishandled in certain KVM_VCPU_PREEMPTED situations.
- affected < 1-150200.5.3.2fixed 1-150200.5.3.2
Dm-verity is used for extending root-of-trust to root filesystems. LoadPin builds on this property to restrict module/firmware loads to just the trusted root filesystem. Device-mapper table reloads currently allow users with root privileges to switch out the target with an equiva
- affected < 1-150200.5.3.2fixed 1-150200.5.3.2
The Linux kernel before 5.17.9 allows TCP servers to identify clients by observing what source ports are used. This occurs because of use of Algorithm 4 ("Double-Hash Port Selection Algorithm") of RFC 6056.
- affected < 1-150200.5.3.2fixed 1-150200.5.3.2
In mmc_blk_read_single of block.c, there is a possible way to read kernel heap memory due to uninitialized data. This could lead to local information disclosure if reading from an SD card that triggers errors, with no additional execution privileges needed. User interaction is no
- affected < 2-150200.2.1fixed 2-150200.2.1
In aio_poll_complete_work of aio.c, there is a possible memory corruption due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android ke
- affected < 1-150200.5.3.2fixed 1-150200.5.3.2
Use-after-free vulnerability in the Linux kernel exploitable by a local attacker due to reuse of a DCCP socket with an attached dccps_hc_tx_ccid object as a listener after being released. Fixed in Ubuntu Linux kernel 5.4.0-51.56, 5.3.0-68.63, 4.15.0-121.123, 4.4.0-193.224, 3.13.0
Page 2 of 2