rpm package
suse/kernel-livepatch-SLE15-SP3_Update_23&distro=SUSE Linux Enterprise Live Patching 15 SP3
pkg:rpm/suse/kernel-livepatch-SLE15-SP3_Update_23&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2015%20SP3
Vulnerabilities (65)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2022-1462 | — | < 1-150300.7.3.1 | 1-150300.7.3.1 | May 31, 2022 | An out-of-bounds read flaw was found in the Linux kernel’s TeleTYpe subsystem. The issue occurs in how a user triggers a race condition using ioctls TIOCSPTLCK and TIOCGPTPEER and TIOCSTI and TCXONC with leakage of memory in the flush_to_ldisc function. This flaw allows a local u | ||
| CVE-2022-29581 | — | < 1-150300.7.3.1 | 1-150300.7.3.1 | May 17, 2022 | Improper Update of Reference Count vulnerability in net/sched of Linux Kernel allows local attacker to cause privilege escalation to root. This issue affects: Linux Kernel versions prior to 5.18; version 4.14 and later versions. | ||
| CVE-2022-1116 | — | < 1-150300.7.3.1 | 1-150300.7.3.1 | May 17, 2022 | Integer Overflow or Wraparound vulnerability in io_uring of Linux Kernel allows local attacker to cause memory corruption and escalate privileges to root. This issue affects: Linux Kernel versions prior to 5.4.189; version 5.4.24 and later versions. | ||
| CVE-2021-39698 | — | < 3-150300.2.2 | 3-150300.2.2 | Mar 16, 2022 | In aio_poll_complete_work of aio.c, there is a possible memory corruption due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android ke | ||
| CVE-2020-36516 | — | < 1-150300.7.3.1 | 1-150300.7.3.1 | Feb 26, 2022 | An issue was discovered in the Linux kernel through 5.16.11. The mixed IPID assignment method with the hash-based IPID assignment policy allows an off-path attacker to inject data into a victim's TCP session or terminate that session. |
- CVE-2022-1462May 31, 2022affected < 1-150300.7.3.1fixed 1-150300.7.3.1
An out-of-bounds read flaw was found in the Linux kernel’s TeleTYpe subsystem. The issue occurs in how a user triggers a race condition using ioctls TIOCSPTLCK and TIOCGPTPEER and TIOCSTI and TCXONC with leakage of memory in the flush_to_ldisc function. This flaw allows a local u
- CVE-2022-29581May 17, 2022affected < 1-150300.7.3.1fixed 1-150300.7.3.1
Improper Update of Reference Count vulnerability in net/sched of Linux Kernel allows local attacker to cause privilege escalation to root. This issue affects: Linux Kernel versions prior to 5.18; version 4.14 and later versions.
- CVE-2022-1116May 17, 2022affected < 1-150300.7.3.1fixed 1-150300.7.3.1
Integer Overflow or Wraparound vulnerability in io_uring of Linux Kernel allows local attacker to cause memory corruption and escalate privileges to root. This issue affects: Linux Kernel versions prior to 5.4.189; version 5.4.24 and later versions.
- CVE-2021-39698Mar 16, 2022affected < 3-150300.2.2fixed 3-150300.2.2
In aio_poll_complete_work of aio.c, there is a possible memory corruption due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android ke
- CVE-2020-36516Feb 26, 2022affected < 1-150300.7.3.1fixed 1-150300.7.3.1
An issue was discovered in the Linux kernel through 5.16.11. The mixed IPID assignment method with the hash-based IPID assignment policy allows an off-path attacker to inject data into a victim's TCP session or terminate that session.
Page 4 of 4