rpm package
suse/kernel-livepatch-SLE15-SP3_Update_32&distro=SUSE Linux Enterprise Live Patching 15 SP3
pkg:rpm/suse/kernel-livepatch-SLE15-SP3_Update_32&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2015%20SP3
Vulnerabilities (32)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2024-26622 | — | < 13-150300.2.1 | 13-150300.2.1 | Mar 4, 2024 | In the Linux kernel, the following vulnerability has been resolved: tomoyo: fix UAF write bug in tomoyo_write_control() Since tomoyo_write_control() updates head->write_buf when write() of long lines is requested, we need to fetch head->write_buf after head->io_sem is held. Ot | ||
| CVE-2024-1086 | — | KEV | < 13-150300.2.1 | 13-150300.2.1 | Jan 31, 2024 | A use-after-free vulnerability in the Linux kernel's netfilter: nf_tables component can be exploited to achieve local privilege escalation. The nft_verdict_init() function allows positive values as drop error within the hook verdict, and hence the nf_hook_slow() function can cau | |
| CVE-2024-0775 | — | < 13-150300.2.1 | 13-150300.2.1 | Jan 22, 2024 | A use-after-free flaw was found in the __ext4_remount in fs/ext4/super.c in ext4 in the Linux kernel. This flaw allows a local user to cause an information leak problem while freeing the old quota file names before a potential failure, leading to a use-after-free. | ||
| CVE-2023-5717 | — | < 13-150300.2.1 | 13-150300.2.1 | Oct 25, 2023 | A heap out-of-bounds write vulnerability in the Linux kernel's Linux Kernel Performance Events (perf) component can be exploited to achieve local privilege escalation. If perf_read_group() is called while an event's sibling_list is smaller than its child's sibling_list, it can i | ||
| CVE-2023-4623 | — | < 7-150300.2.2 | 7-150300.2.2 | Sep 6, 2023 | A use-after-free vulnerability in the Linux kernel's net/sched: sch_hfsc (HFSC qdisc traffic control) component can be exploited to achieve local privilege escalation. If a class with a link-sharing curve (i.e. with the HFSC_FSC flag set) has a parent without a link-sharing curv | ||
| CVE-2023-4147 | — | < 7-150300.2.2 | 7-150300.2.2 | Aug 7, 2023 | A use-after-free flaw was found in the Linux kernel’s Netfilter functionality when adding a rule with NFTA_RULE_CHAIN_ID. This flaw allows a local user to crash or escalate their privileges on the system. | ||
| CVE-2023-4004 | — | < 7-150300.2.2 | 7-150300.2.2 | Jul 31, 2023 | A use-after-free flaw was found in the Linux kernel's netfilter in the way a user triggers the nft_pipapo_remove function with the element, without a NFT_SET_EXT_KEY_END. This issue could allow a local user to crash the system or potentially escalate their privileges on the syste | ||
| CVE-2023-3567 | — | < 5-150300.2.1 | 5-150300.2.1 | Jul 24, 2023 | A use-after-free flaw was found in vcs_read in drivers/tty/vt/vc_screen.c in vc_screen in the Linux Kernel. This issue may allow an attacker with local user access to cause a system crash or leak internal kernel information. | ||
| CVE-2023-35001 | — | < 5-150300.2.1 | 5-150300.2.1 | Jul 5, 2023 | Linux Kernel nftables Out-Of-Bounds Read/Write Vulnerability; nft_byteorder poorly handled vm register contents when CAP_NET_ADMIN is in any user or network namespace | ||
| CVE-2023-3390 | — | < 7-150300.2.2 | 7-150300.2.2 | Jun 28, 2023 | A use-after-free vulnerability was found in the Linux kernel's netfilter subsystem in net/netfilter/nf_tables_api.c. Mishandled error handling with NFT_MSG_NEWRULE makes it possible to use a dangling pointer in the same transaction causing a use-after-free vulnerability. This fl | ||
| CVE-2023-3090 | — | < 5-150300.2.1 | 5-150300.2.1 | Jun 28, 2023 | A heap out-of-bounds write vulnerability in the Linux Kernel ipvlan network driver can be exploited to achieve local privilege escalation. The out-of-bounds write is caused by missing skb->cb initialization in the ipvlan network driver. The vulnerability is reachable if CONFIG_ | ||
| CVE-2023-2124 | — | < 1-150300.7.3.2 | 1-150300.7.3.2 | May 15, 2023 | An out-of-bounds memory access flaw was found in the Linux kernel’s XFS file system in how a user restores an XFS image after failure (with a dirty log journal). This flaw allows a local user to crash or potentially escalate their privileges on the system. | ||
| CVE-2023-2156 | — | < 5-150300.2.1 | 5-150300.2.1 | May 9, 2023 | A flaw was found in the networking subsystem of the Linux kernel within the handling of the RPL protocol. This issue results from the lack of proper handling of user-supplied data, which can lead to an assertion failure. This may allow an unauthenticated remote attacker to create | ||
| CVE-2023-32233 | — | < 5-150300.2.1 | 5-150300.2.1 | May 8, 2023 | In the Linux kernel through 6.3.1, a use-after-free in Netfilter nf_tables when processing batch requests can be abused to perform arbitrary read and write operations on kernel memory. Unprivileged local users can obtain root privileges. This occurs because anonymous sets are mis | ||
| CVE-2023-31436 | — | < 3-150300.2.1 | 3-150300.2.1 | Apr 28, 2023 | qfq_change_class in net/sched/sch_qfq.c in the Linux kernel before 6.2.13 allows an out-of-bounds write because lmax can exceed QFQ_MIN_LMAX. | ||
| CVE-2023-1998 | — | < 1-150300.7.3.2 | 1-150300.7.3.2 | Apr 21, 2023 | The Linux kernel allows userspace processes to enable mitigations by calling prctl with PR_SET_SPECULATION_CTRL which disables the speculation feature as well as by using seccomp. We had noticed that on VMs of at least one major cloud provider, the kernel still left the victim pr | ||
| CVE-2023-2176 | — | < 1-150300.7.3.2 | 1-150300.7.3.2 | Apr 20, 2023 | A vulnerability was found in compare_netdev_and_ip in drivers/infiniband/core/cma.c in RDMA in the Linux Kernel. The improper cleanup results in out-of-boundary read, where a local user can utilize this problem to crash the system or escalation of privilege. | ||
| CVE-2023-2162 | — | < 1-150300.7.3.2 | 1-150300.7.3.2 | Apr 19, 2023 | A use-after-free vulnerability was found in iscsi_sw_tcp_session_create in drivers/scsi/iscsi_tcp.c in SCSI sub-component in the Linux Kernel. In this flaw an attacker could leak kernel internal information. | ||
| CVE-2023-30772 | — | < 1-150300.7.3.2 | 1-150300.7.3.2 | Apr 16, 2023 | The Linux kernel before 6.2.9 has a race condition and resultant use-after-free in drivers/power/supply/da9150-charger.c if a physically proximate attacker unplugs a device. | ||
| CVE-2023-2008 | — | < 1-150300.7.3.2 | 1-150300.7.3.2 | Apr 14, 2023 | A flaw was found in the Linux kernel's udmabuf device driver. The specific flaw exists within a fault handler. The issue results from the lack of proper validation of user-supplied data, which can result in a memory access past the end of an array. An attacker can leverage this v |
- CVE-2024-26622Mar 4, 2024affected < 13-150300.2.1fixed 13-150300.2.1
In the Linux kernel, the following vulnerability has been resolved: tomoyo: fix UAF write bug in tomoyo_write_control() Since tomoyo_write_control() updates head->write_buf when write() of long lines is requested, we need to fetch head->write_buf after head->io_sem is held. Ot
- affected < 13-150300.2.1fixed 13-150300.2.1
A use-after-free vulnerability in the Linux kernel's netfilter: nf_tables component can be exploited to achieve local privilege escalation. The nft_verdict_init() function allows positive values as drop error within the hook verdict, and hence the nf_hook_slow() function can cau
- CVE-2024-0775Jan 22, 2024affected < 13-150300.2.1fixed 13-150300.2.1
A use-after-free flaw was found in the __ext4_remount in fs/ext4/super.c in ext4 in the Linux kernel. This flaw allows a local user to cause an information leak problem while freeing the old quota file names before a potential failure, leading to a use-after-free.
- CVE-2023-5717Oct 25, 2023affected < 13-150300.2.1fixed 13-150300.2.1
A heap out-of-bounds write vulnerability in the Linux kernel's Linux Kernel Performance Events (perf) component can be exploited to achieve local privilege escalation. If perf_read_group() is called while an event's sibling_list is smaller than its child's sibling_list, it can i
- CVE-2023-4623Sep 6, 2023affected < 7-150300.2.2fixed 7-150300.2.2
A use-after-free vulnerability in the Linux kernel's net/sched: sch_hfsc (HFSC qdisc traffic control) component can be exploited to achieve local privilege escalation. If a class with a link-sharing curve (i.e. with the HFSC_FSC flag set) has a parent without a link-sharing curv
- CVE-2023-4147Aug 7, 2023affected < 7-150300.2.2fixed 7-150300.2.2
A use-after-free flaw was found in the Linux kernel’s Netfilter functionality when adding a rule with NFTA_RULE_CHAIN_ID. This flaw allows a local user to crash or escalate their privileges on the system.
- CVE-2023-4004Jul 31, 2023affected < 7-150300.2.2fixed 7-150300.2.2
A use-after-free flaw was found in the Linux kernel's netfilter in the way a user triggers the nft_pipapo_remove function with the element, without a NFT_SET_EXT_KEY_END. This issue could allow a local user to crash the system or potentially escalate their privileges on the syste
- CVE-2023-3567Jul 24, 2023affected < 5-150300.2.1fixed 5-150300.2.1
A use-after-free flaw was found in vcs_read in drivers/tty/vt/vc_screen.c in vc_screen in the Linux Kernel. This issue may allow an attacker with local user access to cause a system crash or leak internal kernel information.
- CVE-2023-35001Jul 5, 2023affected < 5-150300.2.1fixed 5-150300.2.1
Linux Kernel nftables Out-Of-Bounds Read/Write Vulnerability; nft_byteorder poorly handled vm register contents when CAP_NET_ADMIN is in any user or network namespace
- CVE-2023-3390Jun 28, 2023affected < 7-150300.2.2fixed 7-150300.2.2
A use-after-free vulnerability was found in the Linux kernel's netfilter subsystem in net/netfilter/nf_tables_api.c. Mishandled error handling with NFT_MSG_NEWRULE makes it possible to use a dangling pointer in the same transaction causing a use-after-free vulnerability. This fl
- CVE-2023-3090Jun 28, 2023affected < 5-150300.2.1fixed 5-150300.2.1
A heap out-of-bounds write vulnerability in the Linux Kernel ipvlan network driver can be exploited to achieve local privilege escalation. The out-of-bounds write is caused by missing skb->cb initialization in the ipvlan network driver. The vulnerability is reachable if CONFIG_
- CVE-2023-2124May 15, 2023affected < 1-150300.7.3.2fixed 1-150300.7.3.2
An out-of-bounds memory access flaw was found in the Linux kernel’s XFS file system in how a user restores an XFS image after failure (with a dirty log journal). This flaw allows a local user to crash or potentially escalate their privileges on the system.
- CVE-2023-2156May 9, 2023affected < 5-150300.2.1fixed 5-150300.2.1
A flaw was found in the networking subsystem of the Linux kernel within the handling of the RPL protocol. This issue results from the lack of proper handling of user-supplied data, which can lead to an assertion failure. This may allow an unauthenticated remote attacker to create
- CVE-2023-32233May 8, 2023affected < 5-150300.2.1fixed 5-150300.2.1
In the Linux kernel through 6.3.1, a use-after-free in Netfilter nf_tables when processing batch requests can be abused to perform arbitrary read and write operations on kernel memory. Unprivileged local users can obtain root privileges. This occurs because anonymous sets are mis
- CVE-2023-31436Apr 28, 2023affected < 3-150300.2.1fixed 3-150300.2.1
qfq_change_class in net/sched/sch_qfq.c in the Linux kernel before 6.2.13 allows an out-of-bounds write because lmax can exceed QFQ_MIN_LMAX.
- CVE-2023-1998Apr 21, 2023affected < 1-150300.7.3.2fixed 1-150300.7.3.2
The Linux kernel allows userspace processes to enable mitigations by calling prctl with PR_SET_SPECULATION_CTRL which disables the speculation feature as well as by using seccomp. We had noticed that on VMs of at least one major cloud provider, the kernel still left the victim pr
- CVE-2023-2176Apr 20, 2023affected < 1-150300.7.3.2fixed 1-150300.7.3.2
A vulnerability was found in compare_netdev_and_ip in drivers/infiniband/core/cma.c in RDMA in the Linux Kernel. The improper cleanup results in out-of-boundary read, where a local user can utilize this problem to crash the system or escalation of privilege.
- CVE-2023-2162Apr 19, 2023affected < 1-150300.7.3.2fixed 1-150300.7.3.2
A use-after-free vulnerability was found in iscsi_sw_tcp_session_create in drivers/scsi/iscsi_tcp.c in SCSI sub-component in the Linux Kernel. In this flaw an attacker could leak kernel internal information.
- CVE-2023-30772Apr 16, 2023affected < 1-150300.7.3.2fixed 1-150300.7.3.2
The Linux kernel before 6.2.9 has a race condition and resultant use-after-free in drivers/power/supply/da9150-charger.c if a physically proximate attacker unplugs a device.
- CVE-2023-2008Apr 14, 2023affected < 1-150300.7.3.2fixed 1-150300.7.3.2
A flaw was found in the Linux kernel's udmabuf device driver. The specific flaw exists within a fault handler. The issue results from the lack of proper validation of user-supplied data, which can result in a memory access past the end of an array. An attacker can leverage this v
Page 1 of 2