rpm package
suse/kernel-livepatch-SLE15-SP4-RT_Update_14&distro=SUSE Linux Enterprise Live Patching 15 SP4
pkg:rpm/suse/kernel-livepatch-SLE15-SP4-RT_Update_14&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2015%20SP4
Vulnerabilities (17)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2023-1192 | Med | 6.5 | < 1-150400.1.3.1 | 1-150400.1.3.1 | Nov 1, 2023 | A use-after-free flaw was found in smb2_is_status_io_timeout() in CIFS in the Linux Kernel. After CIFS transfers response data to a system call, there are still local variable points to the memory region, and if the system call frees it faster than CIFS uses it, CIFS will access | |
| CVE-2023-39194 | Low | 3.2 | < 1-150400.1.3.1 | 1-150400.1.3.1 | Oct 9, 2023 | A flaw was found in the XFRM subsystem in the Linux kernel. The specific flaw exists within the processing of state filters, which can result in a read past the end of an allocated buffer. This flaw allows a local privileged (CAP_NET_ADMIN) attacker to trigger an out-of-bounds re | |
| CVE-2023-39193 | Med | 6.1 | < 1-150400.1.3.1 | 1-150400.1.3.1 | Oct 9, 2023 | A flaw was found in the Netfilter subsystem in the Linux kernel. The sctp_mt_check did not validate the flag_count field. This flaw allows a local privileged (CAP_NET_ADMIN) attacker to trigger an out-of-bounds read, leading to a crash or information disclosure. | |
| CVE-2023-39192 | Med | 6.7 | < 1-150400.1.3.1 | 1-150400.1.3.1 | Oct 9, 2023 | A flaw was found in the Netfilter subsystem in the Linux kernel. The xt_u32 module did not validate the fields in the xt_u32 structure. This flaw allows a local privileged attacker to trigger an out-of-bounds read by setting the size fields with a value beyond the array boundarie | |
| CVE-2023-42754 | Med | 5.5 | < 1-150400.1.3.1 | 1-150400.1.3.1 | Oct 5, 2023 | A NULL pointer dereference flaw was found in the Linux kernel ipv4 stack. The socket buffer (skb) was assumed to be associated with a device before calling __ip_options_compile, which is not always the case if the skb is re-routed by ipvs. This issue may allow a local user with C | |
| CVE-2023-5345 | Hig | 7.8 | < 1-150400.1.3.1 | 1-150400.1.3.1 | Oct 3, 2023 | A use-after-free vulnerability in the Linux kernel's fs/smb/client component can be exploited to achieve local privilege escalation. In case of an error in smb3_fs_context_parse_param, ctx->password was freed but the field was not set to NULL which could lead to double free. We | |
| CVE-2023-42753 | Hig | 7.0 | < 1-150400.1.3.1 | 1-150400.1.3.1 | Sep 25, 2023 | An array indexing vulnerability was found in the netfilter subsystem of the Linux kernel. A missing macro could lead to a miscalculation of the `h->nets` array offset, providing attackers with the primitive to arbitrarily increment/decrement a memory buffer out-of-bound. This iss | |
| CVE-2023-2163 | Cri | 10.0 | < 2-150400.2.1 | 2-150400.2.1 | Sep 20, 2023 | Incorrect verifier pruning in BPF in Linux Kernel >=5.4 leads to unsafe code paths being incorrectly marked as safe, resulting in arbitrary read/write in kernel memory, lateral privilege escalation, and container escape. | |
| CVE-2023-4155 | Med | 5.3 | < 1-150400.1.3.1 | 1-150400.1.3.1 | Sep 13, 2023 | A flaw was found in KVM AMD Secure Encrypted Virtualization (SEV) in the Linux kernel. A KVM guest using SEV-ES or SEV-SNP with multiple vCPUs can trigger a double fetch race condition vulnerability and invoke the `VMGEXIT` handler recursively. If an attacker manages to call the | |
| CVE-2023-4921 | Hig | 7.8 | < 1-150400.1.3.1 | 1-150400.1.3.1 | Sep 12, 2023 | A use-after-free vulnerability in the Linux kernel's net/sched: sch_qfq component can be exploited to achieve local privilege escalation. When the plug qdisc is used as a class of the qfq qdisc, sending network packets triggers use-after-free in qfq_dequeue() due to the incorrec | |
| CVE-2023-4623 | Hig | 7.8 | < 1-150400.1.3.1 | 1-150400.1.3.1 | Sep 6, 2023 | A use-after-free vulnerability in the Linux kernel's net/sched: sch_hfsc (HFSC qdisc traffic control) component can be exploited to achieve local privilege escalation. If a class with a link-sharing curve (i.e. with the HFSC_FSC flag set) has a parent without a link-sharing curv | |
| CVE-2023-4622 | Hig | 7.8 | < 1-150400.1.3.1 | 1-150400.1.3.1 | Sep 6, 2023 | A use-after-free vulnerability in the Linux kernel's af_unix component can be exploited to achieve local privilege escalation. The unix_stream_sendpage() function tries to add data to the last skb in the peer's recv queue without locking the queue. Thus there is a race where uni | |
| CVE-2023-3777 | Hig | 7.8 | < 2-150400.2.1 | 2-150400.2.1 | Sep 6, 2023 | A use-after-free vulnerability in the Linux kernel's netfilter: nf_tables component can be exploited to achieve local privilege escalation. When nf_tables_delrule() is flushing table rules, it is not checked whether the chain is bound and the chain's owner rule can also release | |
| CVE-2023-4389 | Hig | 7.0 | < 1-150400.1.3.1 | 1-150400.1.3.1 | Aug 16, 2023 | A flaw was found in btrfs_get_root_ref in fs/btrfs/disk-io.c in the btrfs filesystem in the Linux Kernel due to a double decrement of the reference count. This issue may allow a local attacker with user privilege to crash the system or may lead to leaked internal kernel informati | |
| CVE-2023-1206 | Med | 5.7 | < 1-150400.1.3.1 | 1-150400.1.3.1 | Jun 30, 2023 | A hash collision flaw was found in the IPv6 connection lookup table in the Linux kernel’s IPv6 functionality when a user makes a new kind of SYN flood attack. A user located in the local network or with a high bandwidth connection can increase the CPU usage of the server that acc | |
| CVE-2023-1859 | Med | 4.7 | < 1-150400.1.3.1 | 1-150400.1.3.1 | May 17, 2023 | A use-after-free flaw was found in xen_9pfs_front_removet in net/9p/trans_xen.c in Xen transport for 9pfs in the Linux Kernel. This flaw could allow a local attacker to crash the system due to a race problem, possibly leading to a kernel information leak. | |
| CVE-2023-2177 | Med | 5.5 | < 1-150400.1.3.1 | 1-150400.1.3.1 | Apr 20, 2023 | A null pointer dereference issue was found in the sctp network protocol in net/sctp/stream_sched.c in Linux Kernel. If stream_in allocation is failed, stream_out is freed which would further be accessed. A local user could use this flaw to crash the system or potentially cause a |
- affected < 1-150400.1.3.1fixed 1-150400.1.3.1
A use-after-free flaw was found in smb2_is_status_io_timeout() in CIFS in the Linux Kernel. After CIFS transfers response data to a system call, there are still local variable points to the memory region, and if the system call frees it faster than CIFS uses it, CIFS will access
- affected < 1-150400.1.3.1fixed 1-150400.1.3.1
A flaw was found in the XFRM subsystem in the Linux kernel. The specific flaw exists within the processing of state filters, which can result in a read past the end of an allocated buffer. This flaw allows a local privileged (CAP_NET_ADMIN) attacker to trigger an out-of-bounds re
- affected < 1-150400.1.3.1fixed 1-150400.1.3.1
A flaw was found in the Netfilter subsystem in the Linux kernel. The sctp_mt_check did not validate the flag_count field. This flaw allows a local privileged (CAP_NET_ADMIN) attacker to trigger an out-of-bounds read, leading to a crash or information disclosure.
- affected < 1-150400.1.3.1fixed 1-150400.1.3.1
A flaw was found in the Netfilter subsystem in the Linux kernel. The xt_u32 module did not validate the fields in the xt_u32 structure. This flaw allows a local privileged attacker to trigger an out-of-bounds read by setting the size fields with a value beyond the array boundarie
- affected < 1-150400.1.3.1fixed 1-150400.1.3.1
A NULL pointer dereference flaw was found in the Linux kernel ipv4 stack. The socket buffer (skb) was assumed to be associated with a device before calling __ip_options_compile, which is not always the case if the skb is re-routed by ipvs. This issue may allow a local user with C
- affected < 1-150400.1.3.1fixed 1-150400.1.3.1
A use-after-free vulnerability in the Linux kernel's fs/smb/client component can be exploited to achieve local privilege escalation. In case of an error in smb3_fs_context_parse_param, ctx->password was freed but the field was not set to NULL which could lead to double free. We
- affected < 1-150400.1.3.1fixed 1-150400.1.3.1
An array indexing vulnerability was found in the netfilter subsystem of the Linux kernel. A missing macro could lead to a miscalculation of the `h->nets` array offset, providing attackers with the primitive to arbitrarily increment/decrement a memory buffer out-of-bound. This iss
- affected < 2-150400.2.1fixed 2-150400.2.1
Incorrect verifier pruning in BPF in Linux Kernel >=5.4 leads to unsafe code paths being incorrectly marked as safe, resulting in arbitrary read/write in kernel memory, lateral privilege escalation, and container escape.
- affected < 1-150400.1.3.1fixed 1-150400.1.3.1
A flaw was found in KVM AMD Secure Encrypted Virtualization (SEV) in the Linux kernel. A KVM guest using SEV-ES or SEV-SNP with multiple vCPUs can trigger a double fetch race condition vulnerability and invoke the `VMGEXIT` handler recursively. If an attacker manages to call the
- affected < 1-150400.1.3.1fixed 1-150400.1.3.1
A use-after-free vulnerability in the Linux kernel's net/sched: sch_qfq component can be exploited to achieve local privilege escalation. When the plug qdisc is used as a class of the qfq qdisc, sending network packets triggers use-after-free in qfq_dequeue() due to the incorrec
- affected < 1-150400.1.3.1fixed 1-150400.1.3.1
A use-after-free vulnerability in the Linux kernel's net/sched: sch_hfsc (HFSC qdisc traffic control) component can be exploited to achieve local privilege escalation. If a class with a link-sharing curve (i.e. with the HFSC_FSC flag set) has a parent without a link-sharing curv
- affected < 1-150400.1.3.1fixed 1-150400.1.3.1
A use-after-free vulnerability in the Linux kernel's af_unix component can be exploited to achieve local privilege escalation. The unix_stream_sendpage() function tries to add data to the last skb in the peer's recv queue without locking the queue. Thus there is a race where uni
- affected < 2-150400.2.1fixed 2-150400.2.1
A use-after-free vulnerability in the Linux kernel's netfilter: nf_tables component can be exploited to achieve local privilege escalation. When nf_tables_delrule() is flushing table rules, it is not checked whether the chain is bound and the chain's owner rule can also release
- affected < 1-150400.1.3.1fixed 1-150400.1.3.1
A flaw was found in btrfs_get_root_ref in fs/btrfs/disk-io.c in the btrfs filesystem in the Linux Kernel due to a double decrement of the reference count. This issue may allow a local attacker with user privilege to crash the system or may lead to leaked internal kernel informati
- affected < 1-150400.1.3.1fixed 1-150400.1.3.1
A hash collision flaw was found in the IPv6 connection lookup table in the Linux kernel’s IPv6 functionality when a user makes a new kind of SYN flood attack. A user located in the local network or with a high bandwidth connection can increase the CPU usage of the server that acc
- affected < 1-150400.1.3.1fixed 1-150400.1.3.1
A use-after-free flaw was found in xen_9pfs_front_removet in net/9p/trans_xen.c in Xen transport for 9pfs in the Linux Kernel. This flaw could allow a local attacker to crash the system due to a race problem, possibly leading to a kernel information leak.
- affected < 1-150400.1.3.1fixed 1-150400.1.3.1
A null pointer dereference issue was found in the sctp network protocol in net/sctp/stream_sched.c in Linux Kernel. If stream_in allocation is failed, stream_out is freed which would further be accessed. A local user could use this flaw to crash the system or potentially cause a