rpm package
suse/kernel-livepatch-SLE15-SP3_Update_27&distro=SUSE Linux Enterprise Live Patching 15 SP3
pkg:rpm/suse/kernel-livepatch-SLE15-SP3_Update_27&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2015%20SP3
Vulnerabilities (33)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2022-28693 | Med | 4.7 | < 1-150300.7.5.1 | 1-150300.7.5.1 | Feb 14, 2025 | Unprotected alternative channel of return branch target prediction in some Intel(R) Processors may allow an authorized user to potentially enable information disclosure via local access. | |
| CVE-2022-2602 | — | < 1-150300.7.5.1 | 1-150300.7.5.1 | Jan 8, 2024 | io_uring UAF, Unix SCM garbage collection | ||
| CVE-2023-2163 | — | < 11-150300.2.2 | 11-150300.2.2 | Sep 20, 2023 | Incorrect verifier pruning in BPF in Linux Kernel >=5.4 leads to unsafe code paths being incorrectly marked as safe, resulting in arbitrary read/write in kernel memory, lateral privilege escalation, and container escape. | ||
| CVE-2023-4622 | — | < 11-150300.2.2 | 11-150300.2.2 | Sep 6, 2023 | A use-after-free vulnerability in the Linux kernel's af_unix component can be exploited to achieve local privilege escalation. The unix_stream_sendpage() function tries to add data to the last skb in the peer's recv queue without locking the queue. Thus there is a race where uni | ||
| CVE-2023-3777 | — | < 11-150300.2.2 | 11-150300.2.2 | Sep 6, 2023 | A use-after-free vulnerability in the Linux kernel's netfilter: nf_tables component can be exploited to achieve local privilege escalation. When nf_tables_delrule() is flushing table rules, it is not checked whether the chain is bound and the chain's owner rule can also release | ||
| CVE-2023-3567 | — | < 8-150300.2.2 | 8-150300.2.2 | Jul 24, 2023 | A use-after-free flaw was found in vcs_read in drivers/tty/vt/vc_screen.c in vc_screen in the Linux Kernel. This issue may allow an attacker with local user access to cause a system crash or leak internal kernel information. | ||
| CVE-2023-35001 | — | < 8-150300.2.2 | 8-150300.2.2 | Jul 5, 2023 | Linux Kernel nftables Out-Of-Bounds Read/Write Vulnerability; nft_byteorder poorly handled vm register contents when CAP_NET_ADMIN is in any user or network namespace | ||
| CVE-2023-3090 | — | < 8-150300.2.2 | 8-150300.2.2 | Jun 28, 2023 | A heap out-of-bounds write vulnerability in the Linux Kernel ipvlan network driver can be exploited to achieve local privilege escalation. The out-of-bounds write is caused by missing skb->cb initialization in the ipvlan network driver. The vulnerability is reachable if CONFIG_ | ||
| CVE-2023-2156 | — | < 8-150300.2.2 | 8-150300.2.2 | May 9, 2023 | A flaw was found in the networking subsystem of the Linux kernel within the handling of the RPL protocol. This issue results from the lack of proper handling of user-supplied data, which can lead to an assertion failure. This may allow an unauthenticated remote attacker to create | ||
| CVE-2023-32233 | — | < 8-150300.2.2 | 8-150300.2.2 | May 8, 2023 | In the Linux kernel through 6.3.1, a use-after-free in Netfilter nf_tables when processing batch requests can be abused to perform arbitrary read and write operations on kernel memory. Unprivileged local users can obtain root privileges. This occurs because anonymous sets are mis | ||
| CVE-2023-2176 | — | < 8-150300.2.2 | 8-150300.2.2 | Apr 20, 2023 | A vulnerability was found in compare_netdev_and_ip in drivers/infiniband/core/cma.c in RDMA in the Linux Kernel. The improper cleanup results in out-of-boundary read, where a local user can utilize this problem to crash the system or escalation of privilege. | ||
| CVE-2023-1078 | — | < 3-150300.2.3 | 3-150300.2.3 | Mar 27, 2023 | A flaw was found in the Linux Kernel in RDS (Reliable Datagram Sockets) protocol. The rds_rm_zerocopy_callback() uses list_entry() on the head of a list causing a type confusion. Local user can trigger this with rds_message_put(). Type confusion leads to `struct rds_msg_zcopy_inf | ||
| CVE-2023-1077 | — | < 8-150300.2.2 | 8-150300.2.2 | Mar 27, 2023 | In the Linux kernel, pick_next_rt_entity() may return a type confused entry, not detected by the BUG_ON condition, as the confused entry will not be NULL, but list_head.The buggy error condition would lead to a type confused entry with the list head,which would then be used as a | ||
| CVE-2023-0179 | — | < 2-150300.2.1 | 2-150300.2.1 | Mar 27, 2023 | A buffer overflow vulnerability was found in the Netfilter subsystem in the Linux Kernel. This issue could allow the leakage of both stack and heap addresses, and potentially allow Local Privilege Escalation to the root user via arbitrary code execution. | ||
| CVE-2022-4095 | — | < 1-150300.7.5.1 | 1-150300.7.5.1 | Mar 22, 2023 | A use-after-free flaw was found in Linux kernel before 5.19.2. This issue occurs in cmd_hdl_filter in drivers/staging/rtl8712/rtl8712_cmd.c, allowing an attacker to launch a local denial of service attack and gain escalation of privileges. | ||
| CVE-2022-3707 | — | < 1-150300.7.5.1 | 1-150300.7.5.1 | Mar 6, 2023 | A double-free memory flaw was found in the Linux kernel. The Intel GVT-g graphics driver triggers VGA card system resource overload, causing a fail in the intel_gvt_dma_map_guest_page function. This issue could allow a local user to crash the system. | ||
| CVE-2023-26545 | — | < 3-150300.2.3 | 3-150300.2.3 | Feb 25, 2023 | In the Linux kernel before 6.1.13, there is a double free in net/mpls/af_mpls.c upon an allocation failure (for registering the sysctl table under a new location) during the renaming of a device. | ||
| CVE-2023-0266 | — | KEV | < 3-150300.2.3 | 3-150300.2.3 | Jan 30, 2023 | A use after free vulnerability exists in the ALSA PCM package in the Linux Kernel. SNDRV_CTL_IOCTL_ELEM_{READ|WRITE}32 is missing locks that can be used in a use-after-free that can result in a priviledge escalation to gain ring0 access from the system user. We recommend upgradin | |
| CVE-2022-4139 | — | < 1-150300.7.5.1 | 1-150300.7.5.1 | Jan 27, 2023 | An incorrect TLB flush issue was found in the Linux kernel’s GPU i915 kernel driver, potentially leading to random memory corruption or data leaks. This flaw could allow a local user to crash the system or escalate their privileges on the system. | ||
| CVE-2022-41858 | — | < 1-150300.7.5.1 | 1-150300.7.5.1 | Jan 17, 2023 | A flaw was found in the Linux kernel. A NULL pointer dereference may occur while a slip driver is in progress to detach in sl_tx_timeout in drivers/net/slip/slip.c. This issue could allow an attacker to crash the system or leak internal kernel information. |
- affected < 1-150300.7.5.1fixed 1-150300.7.5.1
Unprotected alternative channel of return branch target prediction in some Intel(R) Processors may allow an authorized user to potentially enable information disclosure via local access.
- CVE-2022-2602Jan 8, 2024affected < 1-150300.7.5.1fixed 1-150300.7.5.1
io_uring UAF, Unix SCM garbage collection
- CVE-2023-2163Sep 20, 2023affected < 11-150300.2.2fixed 11-150300.2.2
Incorrect verifier pruning in BPF in Linux Kernel >=5.4 leads to unsafe code paths being incorrectly marked as safe, resulting in arbitrary read/write in kernel memory, lateral privilege escalation, and container escape.
- CVE-2023-4622Sep 6, 2023affected < 11-150300.2.2fixed 11-150300.2.2
A use-after-free vulnerability in the Linux kernel's af_unix component can be exploited to achieve local privilege escalation. The unix_stream_sendpage() function tries to add data to the last skb in the peer's recv queue without locking the queue. Thus there is a race where uni
- CVE-2023-3777Sep 6, 2023affected < 11-150300.2.2fixed 11-150300.2.2
A use-after-free vulnerability in the Linux kernel's netfilter: nf_tables component can be exploited to achieve local privilege escalation. When nf_tables_delrule() is flushing table rules, it is not checked whether the chain is bound and the chain's owner rule can also release
- CVE-2023-3567Jul 24, 2023affected < 8-150300.2.2fixed 8-150300.2.2
A use-after-free flaw was found in vcs_read in drivers/tty/vt/vc_screen.c in vc_screen in the Linux Kernel. This issue may allow an attacker with local user access to cause a system crash or leak internal kernel information.
- CVE-2023-35001Jul 5, 2023affected < 8-150300.2.2fixed 8-150300.2.2
Linux Kernel nftables Out-Of-Bounds Read/Write Vulnerability; nft_byteorder poorly handled vm register contents when CAP_NET_ADMIN is in any user or network namespace
- CVE-2023-3090Jun 28, 2023affected < 8-150300.2.2fixed 8-150300.2.2
A heap out-of-bounds write vulnerability in the Linux Kernel ipvlan network driver can be exploited to achieve local privilege escalation. The out-of-bounds write is caused by missing skb->cb initialization in the ipvlan network driver. The vulnerability is reachable if CONFIG_
- CVE-2023-2156May 9, 2023affected < 8-150300.2.2fixed 8-150300.2.2
A flaw was found in the networking subsystem of the Linux kernel within the handling of the RPL protocol. This issue results from the lack of proper handling of user-supplied data, which can lead to an assertion failure. This may allow an unauthenticated remote attacker to create
- CVE-2023-32233May 8, 2023affected < 8-150300.2.2fixed 8-150300.2.2
In the Linux kernel through 6.3.1, a use-after-free in Netfilter nf_tables when processing batch requests can be abused to perform arbitrary read and write operations on kernel memory. Unprivileged local users can obtain root privileges. This occurs because anonymous sets are mis
- CVE-2023-2176Apr 20, 2023affected < 8-150300.2.2fixed 8-150300.2.2
A vulnerability was found in compare_netdev_and_ip in drivers/infiniband/core/cma.c in RDMA in the Linux Kernel. The improper cleanup results in out-of-boundary read, where a local user can utilize this problem to crash the system or escalation of privilege.
- CVE-2023-1078Mar 27, 2023affected < 3-150300.2.3fixed 3-150300.2.3
A flaw was found in the Linux Kernel in RDS (Reliable Datagram Sockets) protocol. The rds_rm_zerocopy_callback() uses list_entry() on the head of a list causing a type confusion. Local user can trigger this with rds_message_put(). Type confusion leads to `struct rds_msg_zcopy_inf
- CVE-2023-1077Mar 27, 2023affected < 8-150300.2.2fixed 8-150300.2.2
In the Linux kernel, pick_next_rt_entity() may return a type confused entry, not detected by the BUG_ON condition, as the confused entry will not be NULL, but list_head.The buggy error condition would lead to a type confused entry with the list head,which would then be used as a
- CVE-2023-0179Mar 27, 2023affected < 2-150300.2.1fixed 2-150300.2.1
A buffer overflow vulnerability was found in the Netfilter subsystem in the Linux Kernel. This issue could allow the leakage of both stack and heap addresses, and potentially allow Local Privilege Escalation to the root user via arbitrary code execution.
- CVE-2022-4095Mar 22, 2023affected < 1-150300.7.5.1fixed 1-150300.7.5.1
A use-after-free flaw was found in Linux kernel before 5.19.2. This issue occurs in cmd_hdl_filter in drivers/staging/rtl8712/rtl8712_cmd.c, allowing an attacker to launch a local denial of service attack and gain escalation of privileges.
- CVE-2022-3707Mar 6, 2023affected < 1-150300.7.5.1fixed 1-150300.7.5.1
A double-free memory flaw was found in the Linux kernel. The Intel GVT-g graphics driver triggers VGA card system resource overload, causing a fail in the intel_gvt_dma_map_guest_page function. This issue could allow a local user to crash the system.
- CVE-2023-26545Feb 25, 2023affected < 3-150300.2.3fixed 3-150300.2.3
In the Linux kernel before 6.1.13, there is a double free in net/mpls/af_mpls.c upon an allocation failure (for registering the sysctl table under a new location) during the renaming of a device.
- affected < 3-150300.2.3fixed 3-150300.2.3
A use after free vulnerability exists in the ALSA PCM package in the Linux Kernel. SNDRV_CTL_IOCTL_ELEM_{READ|WRITE}32 is missing locks that can be used in a use-after-free that can result in a priviledge escalation to gain ring0 access from the system user. We recommend upgradin
- CVE-2022-4139Jan 27, 2023affected < 1-150300.7.5.1fixed 1-150300.7.5.1
An incorrect TLB flush issue was found in the Linux kernel’s GPU i915 kernel driver, potentially leading to random memory corruption or data leaks. This flaw could allow a local user to crash the system or escalate their privileges on the system.
- CVE-2022-41858Jan 17, 2023affected < 1-150300.7.5.1fixed 1-150300.7.5.1
A flaw was found in the Linux kernel. A NULL pointer dereference may occur while a slip driver is in progress to detach in sl_tx_timeout in drivers/net/slip/slip.c. This issue could allow an attacker to crash the system or leak internal kernel information.
Page 1 of 2