rpm package

suse/kernel-livepatch-SLE15-SP3_Update_28&distro=SUSE Linux Enterprise Live Patching 15 SP3

pkg:rpm/suse/kernel-livepatch-SLE15-SP3_Update_28&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2015%20SP3

Vulnerabilities (42)

CVE	CVSS	KEV	Affected versions	Fixed in	Published	Description
CVE-2023-28466	—		< 6-150300.2.2	6-150300.2.2	Mar 15, 2023	do_tls_getsockopt in net/tls/tls_main.c in the Linux kernel through 6.2.6 lacks a lock_sock call, leading to a race condition (with a resultant use-after-free or NULL pointer dereference).
CVE-2023-0461	—		< 5-150300.2.3	5-150300.2.3	Feb 28, 2023	There is a use-after-free vulnerability in the Linux Kernel which can be exploited to achieve local privilege escalation. To reach the vulnerability kernel configuration flag CONFIG_TLS or CONFIG_XFRM_ESPINTCP has to be configured, but the operation does not require any privilege
CVE-2023-26545	—		< 3-150300.2.3	3-150300.2.3	Feb 25, 2023	In the Linux kernel before 6.1.13, there is a double free in net/mpls/af_mpls.c upon an allocation failure (for registering the sysctl table under a new location) during the renaming of a device.
CVE-2023-0266	—	KEV	< 1-150300.7.3.1	1-150300.7.3.1	Jan 30, 2023	A use after free vulnerability exists in the ALSA PCM package in the Linux Kernel. SNDRV_CTL_IOCTL_ELEM_{READ\|WRITE}32 is missing locks that can be used in a use-after-free that can result in a priviledge escalation to gain ring0 access from the system user. We recommend upgradin
CVE-2022-47929	—		< 1-150300.7.3.1	1-150300.7.3.1	Jan 17, 2023	In the Linux kernel before 6.1.6, a NULL pointer dereference bug in the traffic control subsystem allows an unprivileged user to trigger a denial of service (system crash) via a crafted traffic control configuration that is set up with "tc qdisc" and "tc class" commands. This aff
CVE-2023-23455	—		< 1-150300.7.3.1	1-150300.7.3.1	Jan 12, 2023	atm_tc_enqueue in net/sched/sch_atm.c in the Linux kernel through 6.1.4 allows attackers to cause a denial of service because of type confusion (non-negative numbers can sometimes indicate a TC_ACT_SHOT condition rather than valid classification results).
CVE-2023-23454	—		< 1-150300.7.3.1	1-150300.7.3.1	Jan 12, 2023	cbq_classify in net/sched/sch_cbq.c in the Linux kernel through 6.1.4 allows attackers to cause a denial of service (slab-out-of-bounds read) because of type confusion (non-negative numbers can sometimes indicate a TC_ACT_SHOT condition rather than valid classification results).
CVE-2022-4662	—		< 1-150300.7.3.1	1-150300.7.3.1	Dec 22, 2022	A flaw incorrect access control in the Linux kernel USB core subsystem was found in the way user attaches usb device. A local user could use this flaw to crash the system.
CVE-2022-47520	—		< 1-150300.7.3.1	1-150300.7.3.1	Dec 18, 2022	An issue was discovered in the Linux kernel before 6.0.11. Missing offset validation in drivers/net/wireless/microchip/wilc1000/hif.c in the WILC1000 wireless driver can trigger an out-of-bounds read when parsing a Robust Security Network (RSN) information element from a Netlink
CVE-2022-3115	—		< 1-150300.7.3.1	1-150300.7.3.1	Dec 14, 2022	An issue was discovered in the Linux kernel through 5.16-rc6. malidp_crtc_reset in drivers/gpu/drm/arm/malidp_crtc.c lacks check of the return value of kzalloc() and will cause the null pointer dereference.
CVE-2022-3112	—		< 1-150300.7.3.1	1-150300.7.3.1	Dec 14, 2022	An issue was discovered in the Linux kernel through 5.16-rc6. amvdec_set_canvases in drivers/staging/media/meson/vdec/vdec_helpers.c lacks check of the return value of kzalloc() and will cause the null pointer dereference.
CVE-2022-3111	—		< 1-150300.7.3.1	1-150300.7.3.1	Dec 14, 2022	An issue was discovered in the Linux kernel through 5.16-rc6. free_charger_irq() in drivers/power/supply/wm8350_power.c lacks free of WM8350_IRQ_CHG_FAST_RDY, which is registered in wm8350_init_charger().
CVE-2022-3108	—		< 1-150300.7.3.1	1-150300.7.3.1	Dec 14, 2022	An issue was discovered in the Linux kernel through 5.16-rc6. kfd_parse_subtype_iolink in drivers/gpu/drm/amd/amdkfd/kfd_crat.c lacks check of the return value of kmemdup().
CVE-2022-3107	—		< 1-150300.7.3.1	1-150300.7.3.1	Dec 14, 2022	An issue was discovered in the Linux kernel through 5.16-rc6. netvsc_get_ethtool_stats in drivers/net/hyperv/netvsc_drv.c lacks check of the return value of kvmalloc_array() and will cause the null pointer dereference.
CVE-2022-3106	—		< 1-150300.7.3.1	1-150300.7.3.1	Dec 14, 2022	An issue was discovered in the Linux kernel through 5.16-rc6. ef100_update_stats in drivers/net/ethernet/sfc/ef100_nic.c lacks check of the return value of kmalloc().
CVE-2022-3105	—		< 1-150300.7.3.1	1-150300.7.3.1	Dec 14, 2022	An issue was discovered in the Linux kernel through 5.16-rc6. uapi_finalize in drivers/infiniband/core/uverbs_uapi.c lacks check of kmalloc_array().
CVE-2022-42329	—		< 1-150300.7.3.1	1-150300.7.3.1	Dec 7, 2022	Guests can trigger deadlock in Linux netback driver T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] The patch for XSA-392 introduced another issue which might result in a deadlock when trying to free
CVE-2022-42328	—		< 1-150300.7.3.1	1-150300.7.3.1	Dec 7, 2022	Guests can trigger deadlock in Linux netback driver T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] The patch for XSA-392 introduced another issue which might result in a deadlock when trying to free
CVE-2022-3643	—		< 1-150300.7.3.1	1-150300.7.3.1	Dec 7, 2022	Guests can trigger NIC interface reset/abort/crash via netback It is possible for a guest to trigger a NIC interface reset/abort/crash in a Linux based network backend by sending certain kinds of packets. It appears to be an (unwritten?) assumption in the rest of the Linux networ
CVE-2022-3564	—		< 1-150300.7.3.1	1-150300.7.3.1	Oct 17, 2022	A vulnerability classified as critical was found in Linux Kernel. Affected by this vulnerability is the function l2cap_reassemble_sdu of the file net/bluetooth/l2cap_core.c of the component Bluetooth. The manipulation leads to use after free. It is recommended to apply a patch to

CVE-2023-28466Mar 15, 2023
affected < 6-150300.2.2fixed 6-150300.2.2
do_tls_getsockopt in net/tls/tls_main.c in the Linux kernel through 6.2.6 lacks a lock_sock call, leading to a race condition (with a resultant use-after-free or NULL pointer dereference).
CVE-2023-0461Feb 28, 2023
affected < 5-150300.2.3fixed 5-150300.2.3
There is a use-after-free vulnerability in the Linux Kernel which can be exploited to achieve local privilege escalation. To reach the vulnerability kernel configuration flag CONFIG_TLS or CONFIG_XFRM_ESPINTCP has to be configured, but the operation does not require any privilege
CVE-2023-26545Feb 25, 2023
affected < 3-150300.2.3fixed 3-150300.2.3
In the Linux kernel before 6.1.13, there is a double free in net/mpls/af_mpls.c upon an allocation failure (for registering the sysctl table under a new location) during the renaming of a device.
CVE-2023-0266KEVJan 30, 2023
affected < 1-150300.7.3.1fixed 1-150300.7.3.1
A use after free vulnerability exists in the ALSA PCM package in the Linux Kernel. SNDRV_CTL_IOCTL_ELEM_{READ|WRITE}32 is missing locks that can be used in a use-after-free that can result in a priviledge escalation to gain ring0 access from the system user. We recommend upgradin
CVE-2022-47929Jan 17, 2023
affected < 1-150300.7.3.1fixed 1-150300.7.3.1
In the Linux kernel before 6.1.6, a NULL pointer dereference bug in the traffic control subsystem allows an unprivileged user to trigger a denial of service (system crash) via a crafted traffic control configuration that is set up with "tc qdisc" and "tc class" commands. This aff
CVE-2023-23455Jan 12, 2023
affected < 1-150300.7.3.1fixed 1-150300.7.3.1
atm_tc_enqueue in net/sched/sch_atm.c in the Linux kernel through 6.1.4 allows attackers to cause a denial of service because of type confusion (non-negative numbers can sometimes indicate a TC_ACT_SHOT condition rather than valid classification results).
CVE-2023-23454Jan 12, 2023
affected < 1-150300.7.3.1fixed 1-150300.7.3.1
cbq_classify in net/sched/sch_cbq.c in the Linux kernel through 6.1.4 allows attackers to cause a denial of service (slab-out-of-bounds read) because of type confusion (non-negative numbers can sometimes indicate a TC_ACT_SHOT condition rather than valid classification results).
CVE-2022-4662Dec 22, 2022
affected < 1-150300.7.3.1fixed 1-150300.7.3.1
A flaw incorrect access control in the Linux kernel USB core subsystem was found in the way user attaches usb device. A local user could use this flaw to crash the system.
CVE-2022-47520Dec 18, 2022
affected < 1-150300.7.3.1fixed 1-150300.7.3.1
An issue was discovered in the Linux kernel before 6.0.11. Missing offset validation in drivers/net/wireless/microchip/wilc1000/hif.c in the WILC1000 wireless driver can trigger an out-of-bounds read when parsing a Robust Security Network (RSN) information element from a Netlink
CVE-2022-3115Dec 14, 2022
affected < 1-150300.7.3.1fixed 1-150300.7.3.1
An issue was discovered in the Linux kernel through 5.16-rc6. malidp_crtc_reset in drivers/gpu/drm/arm/malidp_crtc.c lacks check of the return value of kzalloc() and will cause the null pointer dereference.
CVE-2022-3112Dec 14, 2022
affected < 1-150300.7.3.1fixed 1-150300.7.3.1
An issue was discovered in the Linux kernel through 5.16-rc6. amvdec_set_canvases in drivers/staging/media/meson/vdec/vdec_helpers.c lacks check of the return value of kzalloc() and will cause the null pointer dereference.
CVE-2022-3111Dec 14, 2022
affected < 1-150300.7.3.1fixed 1-150300.7.3.1
An issue was discovered in the Linux kernel through 5.16-rc6. free_charger_irq() in drivers/power/supply/wm8350_power.c lacks free of WM8350_IRQ_CHG_FAST_RDY, which is registered in wm8350_init_charger().
CVE-2022-3108Dec 14, 2022
affected < 1-150300.7.3.1fixed 1-150300.7.3.1
An issue was discovered in the Linux kernel through 5.16-rc6. kfd_parse_subtype_iolink in drivers/gpu/drm/amd/amdkfd/kfd_crat.c lacks check of the return value of kmemdup().
CVE-2022-3107Dec 14, 2022
affected < 1-150300.7.3.1fixed 1-150300.7.3.1
An issue was discovered in the Linux kernel through 5.16-rc6. netvsc_get_ethtool_stats in drivers/net/hyperv/netvsc_drv.c lacks check of the return value of kvmalloc_array() and will cause the null pointer dereference.
CVE-2022-3106Dec 14, 2022
affected < 1-150300.7.3.1fixed 1-150300.7.3.1
An issue was discovered in the Linux kernel through 5.16-rc6. ef100_update_stats in drivers/net/ethernet/sfc/ef100_nic.c lacks check of the return value of kmalloc().
CVE-2022-3105Dec 14, 2022
affected < 1-150300.7.3.1fixed 1-150300.7.3.1
An issue was discovered in the Linux kernel through 5.16-rc6. uapi_finalize in drivers/infiniband/core/uverbs_uapi.c lacks check of kmalloc_array().
CVE-2022-42329Dec 7, 2022
affected < 1-150300.7.3.1fixed 1-150300.7.3.1
Guests can trigger deadlock in Linux netback driver T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] The patch for XSA-392 introduced another issue which might result in a deadlock when trying to free
CVE-2022-42328Dec 7, 2022
affected < 1-150300.7.3.1fixed 1-150300.7.3.1
Guests can trigger deadlock in Linux netback driver T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] The patch for XSA-392 introduced another issue which might result in a deadlock when trying to free
CVE-2022-3643Dec 7, 2022
affected < 1-150300.7.3.1fixed 1-150300.7.3.1
Guests can trigger NIC interface reset/abort/crash via netback It is possible for a guest to trigger a NIC interface reset/abort/crash in a Linux based network backend by sending certain kinds of packets. It appears to be an (unwritten?) assumption in the rest of the Linux networ
CVE-2022-3564Oct 17, 2022
affected < 1-150300.7.3.1fixed 1-150300.7.3.1
A vulnerability classified as critical was found in Linux Kernel. Affected by this vulnerability is the function l2cap_reassemble_sdu of the file net/bluetooth/l2cap_core.c of the component Bluetooth. The manipulation leads to use after free. It is recommended to apply a patch to

Page 2 of 3