VYPR

rpm package

suse/kernel-livepatch-SLE15-SP3_Update_44&distro=SUSE Linux Enterprise Live Patching 15 SP3

pkg:rpm/suse/kernel-livepatch-SLE15-SP3_Update_44&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2015%20SP3

Vulnerabilities (107)

  • CVE-2024-0841Jan 28, 2024
    affected < 1-150300.7.3.1fixed 1-150300.7.3.1

    A null pointer dereference flaw was found in the hugetlbfs_fill_super function in the Linux kernel hugetlbfs (HugeTLB pages) functionality. This issue may allow a local user to crash the system or potentially escalate their privileges on the system.

  • CVE-2024-23307MedJan 25, 2024
    affected < 1-150300.7.3.1fixed 1-150300.7.3.1

    Integer Overflow or Wraparound vulnerability in Linux Linux kernel kernel on Linux, x86, ARM (md, raid, raid5 modules) allows Forced Integer Overflow.

  • CVE-2024-22099MedJan 25, 2024
    affected < 1-150300.7.3.1fixed 1-150300.7.3.1

    NULL Pointer Dereference vulnerability in Linux Linux kernel kernel on Linux, x86, ARM (net, bluetooth modules) allows Overflow Buffers. This vulnerability is associated with program files /net/bluetooth/rfcomm/core.C. This issue affects Linux kernel: v2.6.12-rc2.

  • CVE-2024-0639Jan 17, 2024
    affected < 1-150300.7.3.1fixed 1-150300.7.3.1

    A denial of service vulnerability due to a deadlock was found in sctp_auto_asconf_init in net/sctp/socket.c in the Linux kernel’s SCTP subsystem. This flaw allows guests with local user privileges to trigger a deadlock and potentially crash the system.

  • CVE-2023-6270Jan 4, 2024
    affected < 1-150300.7.3.1fixed 1-150300.7.3.1

    A flaw was found in the ATA over Ethernet (AoE) driver in the Linux kernel. The aoecmd_cfg_pkts() function improperly updates the refcnt on `struct net_device`, and a use-after-free can be triggered by racing between the free on the struct and the access through the `skbtxq` glob

  • CVE-2023-2860Jul 24, 2023
    affected < 1-150300.7.3.1fixed 1-150300.7.3.1

    An out-of-bounds read vulnerability was found in the SR-IPv6 implementation in the Linux kernel. The flaw exists within the processing of seg6 attributes. The issue results from the improper validation of user-supplied data, which can result in a read past the end of an allocated

  • CVE-2023-1829Apr 12, 2023
    affected < 2-150300.7.6.2fixed 2-150300.7.6.2

    A use-after-free vulnerability in the Linux Kernel traffic control index filter (tcindex) can be exploited to achieve local privilege escalation. The tcindex_delete function which does not properly deactivate filters in case of a perfect hashes while deleting the underlying struc

Page 6 of 6