rpm package
suse/kernel-livepatch-SLE15-SP3_Update_36&distro=SUSE Linux Enterprise Live Patching 15 SP3
pkg:rpm/suse/kernel-livepatch-SLE15-SP3_Update_36&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2015%20SP3
Vulnerabilities (29)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2023-4134 | Med | 5.5 | < 1-150300.7.3.1 | 1-150300.7.3.1 | Nov 14, 2024 | A use-after-free vulnerability was found in the cyttsp4_core driver in the Linux kernel. This issue occurs in the device cleanup routine due to a possible rearming of the watchdog_timer from the workqueue. This could allow a local user to crash the system, causing a denial of ser | |
| CVE-2024-41059 | Hig | 7.1 | < 14-150300.2.1 | 14-150300.2.1 | Jul 29, 2024 | In the Linux kernel, the following vulnerability has been resolved: hfsplus: fix uninit-value in copy_name [syzbot reported] BUG: KMSAN: uninit-value in sized_strscpy+0xc4/0x160 sized_strscpy+0xc4/0x160 copy_name+0x2af/0x320 fs/hfsplus/xattr.c:411 hfsplus_listxattr+0x11e9/0x | |
| CVE-2024-36964 | Med | 5.5 | < 14-150300.2.1 | 14-150300.2.1 | Jun 3, 2024 | In the Linux kernel, the following vulnerability has been resolved: fs/9p: only translate RWX permissions for plain 9P2000 Garbage in plain 9P2000's perm bits is allowed through, which causes it to be able to set (among others) the suid bit. This was presumably not the intent s | |
| CVE-2021-47383 | Hig | 7.1 | < 11-150300.2.1 | 11-150300.2.1 | May 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: tty: Fix out-of-bound vmalloc access in imageblit This issue happens when a userspace program does an ioctl FBIOPUT_VSCREENINFO passing the fb_var_screeninfo struct containing only the fields xres, yres, and bi | |
| CVE-2021-47291 | Hig | 7.1 | < 14-150300.2.1 | 14-150300.2.1 | May 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: ipv6: fix another slab-out-of-bounds in fib6_nh_flush_exceptions While running the self-tests on a KASAN enabled kernel, I observed a slab-out-of-bounds splat very similar to the one reported in commit 821bbf79 | |
| CVE-2024-35861 | Hig | 7.8 | < 14-150300.2.1 | 14-150300.2.1 | May 19, 2024 | In the Linux kernel, the following vulnerability has been resolved: smb: client: fix potential UAF in cifs_signal_cifsd_for_reconnect() Skip sessions that are being teared down (status == SES_EXITING) to avoid UAF. | |
| CVE-2024-26923 | Med | 4.7 | < 11-150300.2.1 | 11-150300.2.1 | Apr 25, 2024 | In the Linux kernel, the following vulnerability has been resolved: af_unix: Fix garbage collector racing against connect() Garbage collector does not take into account the risk of embryo getting enqueued during the garbage collection. If such embryo has a peer that carries SCM | |
| CVE-2024-26828 | Med | 6.7 | < 11-150300.2.1 | 11-150300.2.1 | Apr 17, 2024 | In the Linux kernel, the following vulnerability has been resolved: cifs: fix underflow in parse_server_interfaces() In this loop, we step through the buffer and after each item we check if the size_left is greater than the minimum size we need. However, the problem is that "b | |
| CVE-2024-23307 | Med | 4.4 | < 11-150300.2.1 | 11-150300.2.1 | Jan 25, 2024 | Integer Overflow or Wraparound vulnerability in Linux Linux kernel kernel on Linux, x86, ARM (md, raid, raid5 modules) allows Forced Integer Overflow. | |
| CVE-2023-6932 | Hig | 7.8 | < 4-150300.2.1 | 4-150300.2.1 | Dec 19, 2023 | A use-after-free vulnerability in the Linux kernel's ipv4: igmp component can be exploited to achieve local privilege escalation. A race condition can be exploited to cause a timer be mistakenly registered on a RCU read locked object which is freed by another thread. We recomme | |
| CVE-2023-6176 | Med | 4.7 | < 4-150300.2.1 | 4-150300.2.1 | Nov 16, 2023 | A null pointer dereference flaw was found in the Linux kernel API for the cryptographic algorithm scatterwalk functionality. This issue occurs when a user constructs a malicious packet with specific socket configuration, which could allow a local user to crash the system or escal | |
| CVE-2023-34319 | Hig | 7.8 | < 1-150300.7.3.1 | 1-150300.7.3.1 | Sep 22, 2023 | The fix for XSA-423 added logic to Linux'es netback driver to deal with a frontend splitting a packet in a way such that not all of the headers would come in one piece. Unfortunately the logic introduced there didn't account for the extreme case of the entire packet being split | |
| CVE-2023-4623 | Hig | 7.8 | < 2-150300.2.2 | 2-150300.2.2 | Sep 6, 2023 | A use-after-free vulnerability in the Linux kernel's net/sched: sch_hfsc (HFSC qdisc traffic control) component can be exploited to achieve local privilege escalation. If a class with a link-sharing curve (i.e. with the HFSC_FSC flag set) has a parent without a link-sharing curv | |
| CVE-2023-4459 | Med | 5.5 | < 1-150300.7.3.1 | 1-150300.7.3.1 | Aug 21, 2023 | A NULL pointer dereference flaw was found in vmxnet3_rq_cleanup in drivers/net/vmxnet3/vmxnet3_drv.c in the networking sub-component in vmxnet3 in the Linux Kernel. This issue may allow a local attacker with normal user privilege to cause a denial of service due to a missing sani | |
| CVE-2023-4387 | Hig | 7.1 | < 1-150300.7.3.1 | 1-150300.7.3.1 | Aug 16, 2023 | A use-after-free flaw was found in vmxnet3_rq_alloc_rx_buf in drivers/net/vmxnet3/vmxnet3_drv.c in VMware's vmxnet3 ethernet NIC driver in the Linux Kernel. This issue could allow a local attacker to crash the system due to a double-free while cleaning up vmxnet3_rq_cleanup_all, | |
| CVE-2023-4385 | Med | 5.5 | < 1-150300.7.3.1 | 1-150300.7.3.1 | Aug 16, 2023 | A NULL pointer dereference flaw was found in dbFree in fs/jfs/jfs_dmap.c in the journaling file system (JFS) in the Linux Kernel. This issue may allow a local attacker to crash the system due to a missing sanity check. | |
| CVE-2023-4273 | Med | 6.0 | < 1-150300.7.3.1 | 1-150300.7.3.1 | Aug 9, 2023 | A flaw was found in the exFAT driver of the Linux kernel. The vulnerability exists in the implementation of the file name reconstruction function, which is responsible for reading file name entries from a directory index and merging file name parts belonging to one file into a si | |
| CVE-2023-20588 | Med | 5.5 | < 1-150300.7.3.1 | 1-150300.7.3.1 | Aug 8, 2023 | A division-by-zero error on some AMD processors can potentially return speculative data resulting in loss of confidentiality. | |
| CVE-2023-4194 | Med | 5.5 | < 1-150300.7.3.1 | 1-150300.7.3.1 | Aug 7, 2023 | A flaw was found in the Linux kernel's TUN/TAP functionality. This issue could allow a local user to bypass network filters and gain unauthorized access to some resources. The original patches fixing CVE-2023-1076 are incorrect or incomplete. The problem is that the following ups | |
| CVE-2023-4147 | Hig | 7.8 | < 1-150300.7.3.1 | 1-150300.7.3.1 | Aug 7, 2023 | A use-after-free flaw was found in the Linux kernel’s Netfilter functionality when adding a rule with NFTA_RULE_CHAIN_ID. This flaw allows a local user to crash or escalate their privileges on the system. |
- affected < 1-150300.7.3.1fixed 1-150300.7.3.1
A use-after-free vulnerability was found in the cyttsp4_core driver in the Linux kernel. This issue occurs in the device cleanup routine due to a possible rearming of the watchdog_timer from the workqueue. This could allow a local user to crash the system, causing a denial of ser
- affected < 14-150300.2.1fixed 14-150300.2.1
In the Linux kernel, the following vulnerability has been resolved: hfsplus: fix uninit-value in copy_name [syzbot reported] BUG: KMSAN: uninit-value in sized_strscpy+0xc4/0x160 sized_strscpy+0xc4/0x160 copy_name+0x2af/0x320 fs/hfsplus/xattr.c:411 hfsplus_listxattr+0x11e9/0x
- affected < 14-150300.2.1fixed 14-150300.2.1
In the Linux kernel, the following vulnerability has been resolved: fs/9p: only translate RWX permissions for plain 9P2000 Garbage in plain 9P2000's perm bits is allowed through, which causes it to be able to set (among others) the suid bit. This was presumably not the intent s
- affected < 11-150300.2.1fixed 11-150300.2.1
In the Linux kernel, the following vulnerability has been resolved: tty: Fix out-of-bound vmalloc access in imageblit This issue happens when a userspace program does an ioctl FBIOPUT_VSCREENINFO passing the fb_var_screeninfo struct containing only the fields xres, yres, and bi
- affected < 14-150300.2.1fixed 14-150300.2.1
In the Linux kernel, the following vulnerability has been resolved: ipv6: fix another slab-out-of-bounds in fib6_nh_flush_exceptions While running the self-tests on a KASAN enabled kernel, I observed a slab-out-of-bounds splat very similar to the one reported in commit 821bbf79
- affected < 14-150300.2.1fixed 14-150300.2.1
In the Linux kernel, the following vulnerability has been resolved: smb: client: fix potential UAF in cifs_signal_cifsd_for_reconnect() Skip sessions that are being teared down (status == SES_EXITING) to avoid UAF.
- affected < 11-150300.2.1fixed 11-150300.2.1
In the Linux kernel, the following vulnerability has been resolved: af_unix: Fix garbage collector racing against connect() Garbage collector does not take into account the risk of embryo getting enqueued during the garbage collection. If such embryo has a peer that carries SCM
- affected < 11-150300.2.1fixed 11-150300.2.1
In the Linux kernel, the following vulnerability has been resolved: cifs: fix underflow in parse_server_interfaces() In this loop, we step through the buffer and after each item we check if the size_left is greater than the minimum size we need. However, the problem is that "b
- affected < 11-150300.2.1fixed 11-150300.2.1
Integer Overflow or Wraparound vulnerability in Linux Linux kernel kernel on Linux, x86, ARM (md, raid, raid5 modules) allows Forced Integer Overflow.
- affected < 4-150300.2.1fixed 4-150300.2.1
A use-after-free vulnerability in the Linux kernel's ipv4: igmp component can be exploited to achieve local privilege escalation. A race condition can be exploited to cause a timer be mistakenly registered on a RCU read locked object which is freed by another thread. We recomme
- affected < 4-150300.2.1fixed 4-150300.2.1
A null pointer dereference flaw was found in the Linux kernel API for the cryptographic algorithm scatterwalk functionality. This issue occurs when a user constructs a malicious packet with specific socket configuration, which could allow a local user to crash the system or escal
- affected < 1-150300.7.3.1fixed 1-150300.7.3.1
The fix for XSA-423 added logic to Linux'es netback driver to deal with a frontend splitting a packet in a way such that not all of the headers would come in one piece. Unfortunately the logic introduced there didn't account for the extreme case of the entire packet being split
- affected < 2-150300.2.2fixed 2-150300.2.2
A use-after-free vulnerability in the Linux kernel's net/sched: sch_hfsc (HFSC qdisc traffic control) component can be exploited to achieve local privilege escalation. If a class with a link-sharing curve (i.e. with the HFSC_FSC flag set) has a parent without a link-sharing curv
- affected < 1-150300.7.3.1fixed 1-150300.7.3.1
A NULL pointer dereference flaw was found in vmxnet3_rq_cleanup in drivers/net/vmxnet3/vmxnet3_drv.c in the networking sub-component in vmxnet3 in the Linux Kernel. This issue may allow a local attacker with normal user privilege to cause a denial of service due to a missing sani
- affected < 1-150300.7.3.1fixed 1-150300.7.3.1
A use-after-free flaw was found in vmxnet3_rq_alloc_rx_buf in drivers/net/vmxnet3/vmxnet3_drv.c in VMware's vmxnet3 ethernet NIC driver in the Linux Kernel. This issue could allow a local attacker to crash the system due to a double-free while cleaning up vmxnet3_rq_cleanup_all,
- affected < 1-150300.7.3.1fixed 1-150300.7.3.1
A NULL pointer dereference flaw was found in dbFree in fs/jfs/jfs_dmap.c in the journaling file system (JFS) in the Linux Kernel. This issue may allow a local attacker to crash the system due to a missing sanity check.
- affected < 1-150300.7.3.1fixed 1-150300.7.3.1
A flaw was found in the exFAT driver of the Linux kernel. The vulnerability exists in the implementation of the file name reconstruction function, which is responsible for reading file name entries from a directory index and merging file name parts belonging to one file into a si
- affected < 1-150300.7.3.1fixed 1-150300.7.3.1
A division-by-zero error on some AMD processors can potentially return speculative data resulting in loss of confidentiality.
- affected < 1-150300.7.3.1fixed 1-150300.7.3.1
A flaw was found in the Linux kernel's TUN/TAP functionality. This issue could allow a local user to bypass network filters and gain unauthorized access to some resources. The original patches fixing CVE-2023-1076 are incorrect or incomplete. The problem is that the following ups
- affected < 1-150300.7.3.1fixed 1-150300.7.3.1
A use-after-free flaw was found in the Linux kernel’s Netfilter functionality when adding a rule with NFTA_RULE_CHAIN_ID. This flaw allows a local user to crash or escalate their privileges on the system.
Page 1 of 2