VYPR

rpm package

suse/kernel-livepatch-SLE15-SP3_Update_59&distro=SUSE Linux Enterprise Live Patching 15 SP3

pkg:rpm/suse/kernel-livepatch-SLE15-SP3_Update_59&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2015%20SP3

Vulnerabilities (136)

  • CVE-2025-21702HigFeb 18, 2025
    affected < 1-150300.7.3.1fixed 1-150300.7.3.1

    In the Linux kernel, the following vulnerability has been resolved: pfifo_tail_enqueue: Drop new packet when sch->limit == 0 Expected behaviour: In case we reach scheduler's limit, pfifo_tail_enqueue() will drop a packet in scheduler's queue and decrease scheduler's qlen by one

  • CVE-2025-21703Feb 18, 2025
    affected < 1-150300.7.3.1fixed 1-150300.7.3.1

    In the Linux kernel, the following vulnerability has been resolved: netem: Update sch->q.qlen before qdisc_tree_reduce_backlog() qdisc_tree_reduce_backlog() notifies parent qdisc only if child qdisc becomes empty, therefore we need to reduce the backlog of the child qdisc befor

  • CVE-2025-21700Feb 13, 2025
    affected < 1-150300.7.3.1fixed 1-150300.7.3.1

    In the Linux kernel, the following vulnerability has been resolved: net: sched: Disallow replacing of child qdisc from one parent to another Lion Ackermann was able to create a UAF which can be abused for privilege escalation with the following script Step 1. create root qdisc

  • CVE-2024-56770Jan 8, 2025
    affected < 1-150300.7.3.1fixed 1-150300.7.3.1

    In the Linux kernel, the following vulnerability has been resolved: net/sched: netem: account for backlog updates from child qdisc In general, 'qlen' of any classful qdisc should keep track of the number of packets that the qdisc itself and all of its children holds. In case of

  • CVE-2024-53141Dec 6, 2024
    affected < 1-150300.7.3.1fixed 1-150300.7.3.1

    In the Linux kernel, the following vulnerability has been resolved: netfilter: ipset: add missing range check in bitmap_ip_uadt When tb[IPSET_ATTR_IP_TO] is not present but tb[IPSET_ATTR_CIDR] exists, the values of ip and ip_to are slightly swapped. Therefore, the range check f

  • CVE-2024-46800Sep 18, 2024
    affected < 1-150300.7.3.1fixed 1-150300.7.3.1

    In the Linux kernel, the following vulnerability has been resolved: sch/netem: fix use after free in netem_dequeue If netem_dequeue() enqueues packet to inner qdisc and that qdisc returns __NET_XMIT_STOLEN. The packet is dropped but qdisc_tree_reduce_backlog() is not called to

  • CVE-2024-36978HigJun 19, 2024
    affected < 1-150300.7.3.1fixed 1-150300.7.3.1

    In the Linux kernel, the following vulnerability has been resolved: net: sched: sch_multiq: fix possible OOB write in multiq_tune() q->bands will be assigned to qopt->bands to execute subsequent code logic after kmalloc. So the old q->bands should not be used in kmalloc. Otherw

  • CVE-2024-27397HigMay 14, 2024
    affected < 1-150300.7.3.1fixed 1-150300.7.3.1

    In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: use timestamp to check for set element timeout Add a timestamp field at the beginning of the transaction, store it in the nftables per-netns area. Update set backend .insert, .deactivate

  • CVE-2024-26924Apr 24, 2024
    affected < 1-150300.7.3.1fixed 1-150300.7.3.1

    In the Linux kernel, the following vulnerability has been resolved: netfilter: nft_set_pipapo: do not free live element Pablo reports a crash with large batches of elements with a back-to-back add/remove pattern. Quoting Pablo: add_elem("00000000") timeout 100 ms ... ad

  • CVE-2022-2586KEVJan 8, 2024
    affected < 1-150300.7.3.1fixed 1-150300.7.3.1

    It was discovered that a nft object or expression could reference a nft set on a different nft table, leading to a use-after-free once that table was deleted.

  • CVE-2023-3111Jun 5, 2023
    affected < 1-150300.7.3.1fixed 1-150300.7.3.1

    A use after free vulnerability was found in prepare_to_relocate in fs/btrfs/relocation.c in btrfs in the Linux Kernel. This possible flaw can be triggered by calling btrfs_ioctl_balance() before calling btrfs_ioctl_defrag().

  • CVE-2022-4095Mar 22, 2023
    affected < 1-150300.7.3.1fixed 1-150300.7.3.1

    A use-after-free flaw was found in Linux kernel before 5.19.2. This issue occurs in cmd_hdl_filter in drivers/staging/rtl8712/rtl8712_cmd.c, allowing an attacker to launch a local denial of service attack and gain escalation of privileges.

  • CVE-2022-4662Dec 22, 2022
    affected < 1-150300.7.3.1fixed 1-150300.7.3.1

    A flaw incorrect access control in the Linux kernel USB core subsystem was found in the way user attaches usb device. A local user could use this flaw to crash the system.

  • CVE-2022-3903Nov 14, 2022
    affected < 1-150300.7.3.1fixed 1-150300.7.3.1

    An incorrect read request flaw was found in the Infrared Transceiver USB driver in the Linux kernel. This issue occurs when a user attaches a malicious USB device. A local user could use this flaw to starve the resources, causing denial of service or potentially crashing the syst

  • CVE-2022-2905Sep 9, 2022
    affected < 1-150300.7.3.1fixed 1-150300.7.3.1

    An out-of-bounds memory read flaw was found in the Linux kernel's BPF subsystem in how a user calls the bpf_tail_call function with a key larger than the max_entries of the map. This flaw allows a local user to gain unauthorized access to data.

  • CVE-2022-1679May 16, 2022
    affected < 1-150300.7.3.1fixed 1-150300.7.3.1

    A use-after-free flaw was found in the Linux kernel’s Atheros wireless adapter driver in the way a user forces the ath9k_htc_wait_for_target function to fail with some input messages. This flaw allows a local user to crash or potentially escalate their privileges on the system.

Page 7 of 7