rpm package

suse/kernel-livepatch-SLE15-SP4-RT_Update_1&distro=SUSE Linux Enterprise Live Patching 15 SP4

pkg:rpm/suse/kernel-livepatch-SLE15-SP4-RT_Update_1&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2015%20SP4

Vulnerabilities (130)

CVE	Sev	CVSS	Affected versions	Fixed in	Published	Description
CVE-2022-36946		—	< 1-150400.1.3.1	1-150400.1.3.1	Jul 27, 2022	nfqnl_mangle in net/netfilter/nfnetlink_queue.c in the Linux kernel through 5.18.14 allows remote attackers to cause a denial of service (panic) because, in the case of an nf_queue verdict with a one-byte nfta_payload attribute, an skb_pull can encounter a negative skb->len.
CVE-2022-33981		—	< 1-150400.1.3.1	1-150400.1.3.1	Jun 18, 2022	drivers/block/floppy.c in the Linux kernel before 5.17.6 is vulnerable to a denial of service, because of a concurrency use-after-free flaw after deallocating raw_cmd in the raw_cmd_ioctl function.
CVE-2022-32296		—	< 1-150400.1.3.1	1-150400.1.3.1	Jun 5, 2022	The Linux kernel before 5.17.9 allows TCP servers to identify clients by observing what source ports are used. This occurs because of use of Algorithm 4 ("Double-Hash Port Selection Algorithm") of RFC 6056.
CVE-2022-32250		—	< 1-150400.1.3.1	1-150400.1.3.1	Jun 2, 2022	net/netfilter/nf_tables_api.c in the Linux kernel through 5.18.1 allows a local user (able to create user/net namespaces) to escalate privileges to root because an incorrect NFT_STATEFUL_EXPR check leads to a use-after-free.
CVE-2022-1882		—	< 1-150400.1.3.1	1-150400.1.3.1	May 26, 2022	A use-after-free flaw was found in the Linux kernel’s pipes functionality in how a user performs manipulations with the pipe post_one_notification() after free_pipe_info() that is already called. This flaw allows a local user to crash or potentially escalate their privileges on t
CVE-2021-33135		—	< 1-150400.1.3.1	1-150400.1.3.1	May 12, 2022	Uncontrolled resource consumption in the Linux kernel drivers for Intel(R) SGX may allow an authenticated user to potentially enable denial of service via local access.
CVE-2022-28356		—	< 1-150400.1.3.1	1-150400.1.3.1	Apr 2, 2022	In the Linux kernel before 5.17.1, a refcount leak bug was found in net/llc/af_llc.c.
CVE-2020-36516		—	< 1-150400.1.3.1	1-150400.1.3.1	Feb 26, 2022	An issue was discovered in the Linux kernel through 5.16.11. The mixed IPID assignment method with the hash-based IPID assignment policy allows an off-path attacker to inject data into a victim's TCP session or terminate that session.
CVE-2020-16119		—	< 1-150400.1.3.1	1-150400.1.3.1	Jan 14, 2021	Use-after-free vulnerability in the Linux kernel exploitable by a local attacker due to reuse of a DCCP socket with an attached dccps_hc_tx_ccid object as a listener after being released. Fixed in Ubuntu Linux kernel 5.4.0-51.56, 5.3.0-68.63, 4.15.0-121.123, 4.4.0-193.224, 3.13.0
CVE-2016-3695	Med	5.5	< 1-150400.1.3.1	1-150400.1.3.1	Dec 29, 2017	The einj_error_inject function in drivers/acpi/apei/einj.c in the Linux kernel allows local users to simulate hardware errors and consequently cause a denial of service by leveraging failure to disable APEI error injection through EINJ when securelevel is set.

CVE-2022-36946Jul 27, 2022
affected < 1-150400.1.3.1fixed 1-150400.1.3.1
nfqnl_mangle in net/netfilter/nfnetlink_queue.c in the Linux kernel through 5.18.14 allows remote attackers to cause a denial of service (panic) because, in the case of an nf_queue verdict with a one-byte nfta_payload attribute, an skb_pull can encounter a negative skb->len.
CVE-2022-33981Jun 18, 2022
affected < 1-150400.1.3.1fixed 1-150400.1.3.1
drivers/block/floppy.c in the Linux kernel before 5.17.6 is vulnerable to a denial of service, because of a concurrency use-after-free flaw after deallocating raw_cmd in the raw_cmd_ioctl function.
CVE-2022-32296Jun 5, 2022
affected < 1-150400.1.3.1fixed 1-150400.1.3.1
The Linux kernel before 5.17.9 allows TCP servers to identify clients by observing what source ports are used. This occurs because of use of Algorithm 4 ("Double-Hash Port Selection Algorithm") of RFC 6056.
CVE-2022-32250Jun 2, 2022
affected < 1-150400.1.3.1fixed 1-150400.1.3.1
net/netfilter/nf_tables_api.c in the Linux kernel through 5.18.1 allows a local user (able to create user/net namespaces) to escalate privileges to root because an incorrect NFT_STATEFUL_EXPR check leads to a use-after-free.
CVE-2022-1882May 26, 2022
affected < 1-150400.1.3.1fixed 1-150400.1.3.1
A use-after-free flaw was found in the Linux kernel’s pipes functionality in how a user performs manipulations with the pipe post_one_notification() after free_pipe_info() that is already called. This flaw allows a local user to crash or potentially escalate their privileges on t
CVE-2021-33135May 12, 2022
affected < 1-150400.1.3.1fixed 1-150400.1.3.1
Uncontrolled resource consumption in the Linux kernel drivers for Intel(R) SGX may allow an authenticated user to potentially enable denial of service via local access.
CVE-2022-28356Apr 2, 2022
affected < 1-150400.1.3.1fixed 1-150400.1.3.1
In the Linux kernel before 5.17.1, a refcount leak bug was found in net/llc/af_llc.c.
CVE-2020-36516Feb 26, 2022
affected < 1-150400.1.3.1fixed 1-150400.1.3.1
An issue was discovered in the Linux kernel through 5.16.11. The mixed IPID assignment method with the hash-based IPID assignment policy allows an off-path attacker to inject data into a victim's TCP session or terminate that session.
CVE-2020-16119Jan 14, 2021
affected < 1-150400.1.3.1fixed 1-150400.1.3.1
Use-after-free vulnerability in the Linux kernel exploitable by a local attacker due to reuse of a DCCP socket with an attached dccps_hc_tx_ccid object as a listener after being released. Fixed in Ubuntu Linux kernel 5.4.0-51.56, 5.3.0-68.63, 4.15.0-121.123, 4.4.0-193.224, 3.13.0
CVE-2016-3695MedDec 29, 2017
affected < 1-150400.1.3.1fixed 1-150400.1.3.1
The einj_error_inject function in drivers/acpi/apei/einj.c in the Linux kernel allows local users to simulate hardware errors and consequently cause a denial of service by leveraging failure to disable APEI error injection through EINJ when securelevel is set.

Page 7 of 7