VYPR

rpm package

suse/kernel-livepatch-SLE15-SP3_Update_36&distro=SUSE Linux Enterprise Live Patching 15 SP3

pkg:rpm/suse/kernel-livepatch-SLE15-SP3_Update_36&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2015%20SP3

Vulnerabilities (29)

  • CVE-2023-4132Aug 3, 2023
    affected < 1-150300.7.3.1fixed 1-150300.7.3.1

    A use-after-free vulnerability was found in the siano smsusb module in the Linux kernel. The bug occurs during device initialization when the siano device is plugged in. This flaw allows a local user to crash the system, causing a denial of service condition.

  • CVE-2023-4133Aug 3, 2023
    affected < 1-150300.7.3.1fixed 1-150300.7.3.1

    A use-after-free vulnerability was found in the cxgb4 driver in the Linux kernel. The bug occurs when the cxgb4 device is detaching due to a possible rearming of the flower_stats_timer from the work queue. This flaw allows a local user to crash the system, causing a denial of ser

  • CVE-2023-4004Jul 31, 2023
    affected < 2-150300.2.2fixed 2-150300.2.2

    A use-after-free flaw was found in the Linux kernel's netfilter in the way a user triggers the nft_pipapo_remove function with the element, without a NFT_SET_EXT_KEY_END. This issue could allow a local user to crash the system or potentially escalate their privileges on the syste

  • CVE-2023-3772Jul 25, 2023
    affected < 1-150300.7.3.1fixed 1-150300.7.3.1

    A flaw was found in the Linux kernel’s IP framework for transforming packets (XFRM subsystem). This issue may allow a malicious user with CAP_NET_ADMIN privileges to directly dereference a NULL pointer in xfrm_update_ae_params(), leading to a possible kernel crash and denial of s

  • CVE-2023-3863Jul 24, 2023
    affected < 1-150300.7.3.1fixed 1-150300.7.3.1

    A use-after-free flaw was found in nfc_llcp_find_local in net/nfc/llcp_core.c in NFC in the Linux kernel. This flaw allows a local user with special privileges to impact a kernel information leak issue.

  • CVE-2023-21400Jul 12, 2023
    affected < 1-150300.7.3.1fixed 1-150300.7.3.1

    In multiple functions of io_uring.c, there is a possible kernel memory corruption due to improper locking. This could lead to local escalation of privilege in the kernel with System execution privileges needed. User interaction is not needed for exploitation.

  • CVE-2023-2007Apr 24, 2023
    affected < 1-150300.7.3.1fixed 1-150300.7.3.1

    The specific flaw exists within the DPT I2O Controller driver. The issue results from the lack of proper locking when performing operations on an object. An attacker can leverage this in conjunction with other vulnerabilities to escalate privileges and execute arbitrary code in t

  • CVE-2023-1829Apr 12, 2023
    affected < 2-150300.2.2fixed 2-150300.2.2

    A use-after-free vulnerability in the Linux Kernel traffic control index filter (tcindex) can be exploited to achieve local privilege escalation. The tcindex_delete function which does not properly deactivate filters in case of a perfect hashes while deleting the underlying struc

  • CVE-2022-36402Sep 16, 2022
    affected < 1-150300.7.3.1fixed 1-150300.7.3.1

    An integer overflow vulnerability was found in vmwgfx driver in drivers/gpu/vmxgfx/vmxgfx_execbuf.c in GPU component of Linux kernel with device file '/dev/dri/renderD128 (or Dxxx)'. This flaw allows a local attacker with a user account on the system to gain privilege, causing a

Page 2 of 2