VYPR

rpm package

suse/kernel-livepatch-SLE15-SP3_Update_34&distro=SUSE Linux Enterprise Live Patching 15 SP3

pkg:rpm/suse/kernel-livepatch-SLE15-SP3_Update_34&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2015%20SP3

Vulnerabilities (29)

  • CVE-2024-35950MedMay 20, 2024
    affected < 14-150300.2.1fixed 14-150300.2.1

    In the Linux kernel, the following vulnerability has been resolved: drm/client: Fully protect modes[] with dev->mode_config.mutex The modes[] array contains pointers to modes on the connectors' mode lists, which are protected by dev->mode_config.mutex. Thus we need to extend mo

  • CVE-2024-27398May 13, 2024
    affected < 14-150300.2.1fixed 14-150300.2.1

    In the Linux kernel, the following vulnerability has been resolved: Bluetooth: Fix use-after-free bugs caused by sco_sock_timeout When the sco connection is established and then, the sco socket is releasing, timeout_work will be scheduled to judge whether the sco disconnection

  • CVE-2024-26622Mar 4, 2024
    affected < 10-150300.2.1fixed 10-150300.2.1

    In the Linux kernel, the following vulnerability has been resolved: tomoyo: fix UAF write bug in tomoyo_write_control() Since tomoyo_write_control() updates head->write_buf when write() of long lines is requested, we need to fetch head->write_buf after head->io_sem is held. Ot

  • CVE-2024-1086KEVJan 31, 2024
    affected < 10-150300.2.1fixed 10-150300.2.1

    A use-after-free vulnerability in the Linux kernel's netfilter: nf_tables component can be exploited to achieve local privilege escalation. The nft_verdict_init() function allows positive values as drop error within the hook verdict, and hence the nf_hook_slow() function can cau

  • CVE-2024-0775Jan 22, 2024
    affected < 10-150300.2.1fixed 10-150300.2.1

    A use-after-free flaw was found in the __ext4_remount in fs/ext4/super.c in ext4 in the Linux kernel. This flaw allows a local user to cause an information leak problem while freeing the old quota file names before a potential failure, leading to a use-after-free.

  • CVE-2023-5717Oct 25, 2023
    affected < 10-150300.2.1fixed 10-150300.2.1

    A heap out-of-bounds write vulnerability in the Linux kernel's Linux Kernel Performance Events (perf) component can be exploited to achieve local privilege escalation. If perf_read_group() is called while an event's sibling_list is smaller than its child's sibling_list, it can i

  • CVE-2023-2163Sep 20, 2023
    affected < 5-150300.2.1fixed 5-150300.2.1

    Incorrect verifier pruning in BPF in Linux Kernel >=5.4 leads to unsafe code paths being incorrectly marked as safe, resulting in arbitrary read/write in kernel memory, lateral privilege escalation, and container escape.

  • CVE-2023-4623Sep 6, 2023
    affected < 4-150300.2.2fixed 4-150300.2.2

    A use-after-free vulnerability in the Linux kernel's net/sched: sch_hfsc (HFSC qdisc traffic control) component can be exploited to achieve local privilege escalation. If a class with a link-sharing curve (i.e. with the HFSC_FSC flag set) has a parent without a link-sharing curv

  • CVE-2023-4622Sep 6, 2023
    affected < 5-150300.2.1fixed 5-150300.2.1

    A use-after-free vulnerability in the Linux kernel's af_unix component can be exploited to achieve local privilege escalation. The unix_stream_sendpage() function tries to add data to the last skb in the peer's recv queue without locking the queue. Thus there is a race where uni

  • CVE-2023-3777Sep 6, 2023
    affected < 5-150300.2.1fixed 5-150300.2.1

    A use-after-free vulnerability in the Linux kernel's netfilter: nf_tables component can be exploited to achieve local privilege escalation. When nf_tables_delrule() is flushing table rules, it is not checked whether the chain is bound and the chain's owner rule can also release

  • CVE-2023-4147Aug 7, 2023
    affected < 4-150300.2.2fixed 4-150300.2.2

    A use-after-free flaw was found in the Linux kernel’s Netfilter functionality when adding a rule with NFTA_RULE_CHAIN_ID. This flaw allows a local user to crash or escalate their privileges on the system.

  • CVE-2023-4004Jul 31, 2023
    affected < 4-150300.2.2fixed 4-150300.2.2

    A use-after-free flaw was found in the Linux kernel's netfilter in the way a user triggers the nft_pipapo_remove function with the element, without a NFT_SET_EXT_KEY_END. This issue could allow a local user to crash the system or potentially escalate their privileges on the syste

  • CVE-2023-3567Jul 24, 2023
    affected < 2-150300.2.1fixed 2-150300.2.1

    A use-after-free flaw was found in vcs_read in drivers/tty/vt/vc_screen.c in vc_screen in the Linux Kernel. This issue may allow an attacker with local user access to cause a system crash or leak internal kernel information.

  • CVE-2023-35001Jul 5, 2023
    affected < 2-150300.2.1fixed 2-150300.2.1

    Linux Kernel nftables Out-Of-Bounds Read/Write Vulnerability; nft_byteorder poorly handled vm register contents when CAP_NET_ADMIN is in any user or network namespace

  • CVE-2023-3390Jun 28, 2023
    affected < 4-150300.2.2fixed 4-150300.2.2

    A use-after-free vulnerability was found in the Linux kernel's netfilter subsystem in net/netfilter/nf_tables_api.c. Mishandled error handling with NFT_MSG_NEWRULE makes it possible to use a dangling pointer in the same transaction causing a use-after-free vulnerability. This fl

  • CVE-2023-3090Jun 28, 2023
    affected < 1-150300.7.3.1fixed 1-150300.7.3.1

    A heap out-of-bounds write vulnerability in the Linux Kernel ipvlan network driver can be exploited to achieve local privilege escalation. The out-of-bounds write is caused by missing skb->cb initialization in the ipvlan network driver. The vulnerability is reachable if CONFIG_

  • CVE-2023-3358Jun 28, 2023
    affected < 1-150300.7.3.1fixed 1-150300.7.3.1

    A null pointer dereference was found in the Linux kernel's Integrated Sensor Hub (ISH) driver. This issue could allow a local user to crash the system.

  • CVE-2023-35828Jun 18, 2023
    affected < 1-150300.7.3.1fixed 1-150300.7.3.1

    An issue was discovered in the Linux kernel before 6.3.2. A use-after-free was found in renesas_usb3_remove in drivers/usb/gadget/udc/renesas_usb3.c.

  • CVE-2023-35824Jun 18, 2023
    affected < 1-150300.7.3.1fixed 1-150300.7.3.1

    An issue was discovered in the Linux kernel before 6.3.2. A use-after-free was found in dm1105_remove in drivers/media/pci/dm1105/dm1105.c.

  • CVE-2023-35823Jun 18, 2023
    affected < 1-150300.7.3.1fixed 1-150300.7.3.1

    An issue was discovered in the Linux kernel before 6.3.2. A use-after-free was found in saa7134_finidev in drivers/media/pci/saa7134/saa7134-core.c.

Page 1 of 2