rpm package
suse/kernel-livepatch-SLE15-SP3_Update_26&distro=SUSE Linux Enterprise Live Patching 15 SP3
pkg:rpm/suse/kernel-livepatch-SLE15-SP3_Update_26&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2015%20SP3
Vulnerabilities (30)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2022-3545 | — | < 1-150300.7.3.1 | 1-150300.7.3.1 | Oct 17, 2022 | A vulnerability has been found in Linux Kernel and classified as critical. Affected by this vulnerability is the function area_cache_get of the file drivers/net/ethernet/netronome/nfp/nfpcore/nfp_cppcore.c of the component IPsec. The manipulation leads to use after free. It is re | ||
| CVE-2022-3524 | — | < 1-150300.7.3.1 | 1-150300.7.3.1 | Oct 16, 2022 | A vulnerability was found in Linux Kernel. It has been declared as problematic. Affected by this vulnerability is the function ipv6_renew_options of the component IPv6 Handler. The manipulation leads to memory leak. The attack can be launched remotely. It is recommended to apply | ||
| CVE-2022-3521 | — | < 1-150300.7.3.1 | 1-150300.7.3.1 | Oct 16, 2022 | A vulnerability has been found in Linux Kernel and classified as problematic. This vulnerability affects the function kcm_tx_work of the file net/kcm/kcmsock.c of the component kcm. The manipulation leads to race condition. It is recommended to apply a patch to fix this issue. VD | ||
| CVE-2022-42703 | — | < 1-150300.7.3.1 | 1-150300.7.3.1 | Oct 9, 2022 | mm/rmap.c in the Linux kernel before 5.19.7 has a use-after-free related to leaf anon_vma double reuse. | ||
| CVE-2022-3176 | — | < 1-150300.7.3.1 | 1-150300.7.3.1 | Sep 16, 2022 | There exists a use-after-free in io_uring in the Linux kernel. Signalfd_poll() and binder_poll() use a waitqueue whose lifetime is the current task. It will send a POLLFREE notification to all waiters before the queue is freed. Unfortunately, the io_uring poll doesn't handle POLL | ||
| CVE-2022-2964 | — | < 1-150300.7.3.1 | 1-150300.7.3.1 | Sep 9, 2022 | A flaw was found in the Linux kernel’s driver for the ASIX AX88179_178A-based USB 2.0/3.0 Gigabit Ethernet Devices. The vulnerability contains multiple out-of-bounds reads and possible out-of-bounds writes. | ||
| CVE-2022-39189 | — | < 1-150300.7.3.1 | 1-150300.7.3.1 | Sep 2, 2022 | An issue was discovered the x86 KVM subsystem in the Linux kernel before 5.18.17. Unprivileged guest users can compromise the guest kernel because TLB flush operations are mishandled in certain KVM_VCPU_PREEMPTED situations. | ||
| CVE-2022-2153 | — | < 1-150300.7.3.1 | 1-150300.7.3.1 | Aug 31, 2022 | A flaw was found in the Linux kernel’s KVM when attempting to set a SynIC IRQ. This issue makes it possible for a misbehaving VMM to write to SYNIC/STIMER MSRs, causing a NULL pointer dereference. This flaw allows an unprivileged local attacker on the host to issue specific ioctl | ||
| CVE-2022-2978 | — | < 1-150300.7.3.1 | 1-150300.7.3.1 | Aug 24, 2022 | A flaw use after free in the Linux kernel NILFS file system was found in the way user triggers function security_inode_alloc to fail with following call to function nilfs_mdt_destroy. A local user could use this flaw to crash the system or potentially escalate their privileges on | ||
| CVE-2021-4037 | — | < 1-150300.7.3.1 | 1-150300.7.3.1 | Aug 24, 2022 | A vulnerability was found in the fs/inode.c:inode_init_owner() function logic of the LInux kernel that allows local users to create files for the XFS file-system with an unintended group ownership and with group execution and SGID permission bits set, in a scenario where a direct |
- CVE-2022-3545Oct 17, 2022affected < 1-150300.7.3.1fixed 1-150300.7.3.1
A vulnerability has been found in Linux Kernel and classified as critical. Affected by this vulnerability is the function area_cache_get of the file drivers/net/ethernet/netronome/nfp/nfpcore/nfp_cppcore.c of the component IPsec. The manipulation leads to use after free. It is re
- CVE-2022-3524Oct 16, 2022affected < 1-150300.7.3.1fixed 1-150300.7.3.1
A vulnerability was found in Linux Kernel. It has been declared as problematic. Affected by this vulnerability is the function ipv6_renew_options of the component IPv6 Handler. The manipulation leads to memory leak. The attack can be launched remotely. It is recommended to apply
- CVE-2022-3521Oct 16, 2022affected < 1-150300.7.3.1fixed 1-150300.7.3.1
A vulnerability has been found in Linux Kernel and classified as problematic. This vulnerability affects the function kcm_tx_work of the file net/kcm/kcmsock.c of the component kcm. The manipulation leads to race condition. It is recommended to apply a patch to fix this issue. VD
- CVE-2022-42703Oct 9, 2022affected < 1-150300.7.3.1fixed 1-150300.7.3.1
mm/rmap.c in the Linux kernel before 5.19.7 has a use-after-free related to leaf anon_vma double reuse.
- CVE-2022-3176Sep 16, 2022affected < 1-150300.7.3.1fixed 1-150300.7.3.1
There exists a use-after-free in io_uring in the Linux kernel. Signalfd_poll() and binder_poll() use a waitqueue whose lifetime is the current task. It will send a POLLFREE notification to all waiters before the queue is freed. Unfortunately, the io_uring poll doesn't handle POLL
- CVE-2022-2964Sep 9, 2022affected < 1-150300.7.3.1fixed 1-150300.7.3.1
A flaw was found in the Linux kernel’s driver for the ASIX AX88179_178A-based USB 2.0/3.0 Gigabit Ethernet Devices. The vulnerability contains multiple out-of-bounds reads and possible out-of-bounds writes.
- CVE-2022-39189Sep 2, 2022affected < 1-150300.7.3.1fixed 1-150300.7.3.1
An issue was discovered the x86 KVM subsystem in the Linux kernel before 5.18.17. Unprivileged guest users can compromise the guest kernel because TLB flush operations are mishandled in certain KVM_VCPU_PREEMPTED situations.
- CVE-2022-2153Aug 31, 2022affected < 1-150300.7.3.1fixed 1-150300.7.3.1
A flaw was found in the Linux kernel’s KVM when attempting to set a SynIC IRQ. This issue makes it possible for a misbehaving VMM to write to SYNIC/STIMER MSRs, causing a NULL pointer dereference. This flaw allows an unprivileged local attacker on the host to issue specific ioctl
- CVE-2022-2978Aug 24, 2022affected < 1-150300.7.3.1fixed 1-150300.7.3.1
A flaw use after free in the Linux kernel NILFS file system was found in the way user triggers function security_inode_alloc to fail with following call to function nilfs_mdt_destroy. A local user could use this flaw to crash the system or potentially escalate their privileges on
- CVE-2021-4037Aug 24, 2022affected < 1-150300.7.3.1fixed 1-150300.7.3.1
A vulnerability was found in the fs/inode.c:inode_init_owner() function logic of the LInux kernel that allows local users to create files for the XFS file-system with an unintended group ownership and with group execution and SGID permission bits set, in a scenario where a direct
Page 2 of 2