VYPR

rpm package

suse/kernel-livepatch-SLE15-SP4-RT_Update_18&distro=SUSE Linux Enterprise Live Patching 15 SP4

pkg:rpm/suse/kernel-livepatch-SLE15-SP4-RT_Update_18&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2015%20SP4

Vulnerabilities (19)

  • CVE-2023-6536Feb 7, 2024
    affected < 1-150400.1.3.1fixed 1-150400.1.3.1

    A flaw was found in the Linux kernel's NVMe driver. This issue may allow an unauthenticated malicious actor to send a set of crafted TCP packages when using NVMe over TCP, leading the NVMe driver to a NULL pointer dereference in the NVMe driver, causing kernel panic and a denial

  • CVE-2023-6535Feb 7, 2024
    affected < 1-150400.1.3.1fixed 1-150400.1.3.1

    A flaw was found in the Linux kernel's NVMe driver. This issue may allow an unauthenticated malicious actor to send a set of crafted TCP packages when using NVMe over TCP, leading the NVMe driver to a NULL pointer dereference in the NVMe driver, causing kernel panic and a denial

  • CVE-2023-6356Feb 7, 2024
    affected < 1-150400.1.3.1fixed 1-150400.1.3.1

    A flaw was found in the Linux kernel's NVMe driver. This issue may allow an unauthenticated malicious actor to send a set of crafted TCP packages when using NVMe over TCP, leading the NVMe driver to a NULL pointer dereference in the NVMe driver and causing kernel panic and a deni

  • CVE-2024-24860Feb 5, 2024
    affected < 1-150400.1.3.1fixed 1-150400.1.3.1

    A race condition was found in the Linux kernel's bluetooth device driver in {min,max}_key_size_set() function. This can result in a null pointer dereference issue, possibly leading to a kernel panic or denial of service issue.

  • CVE-2024-1086KEVJan 31, 2024
    affected < 1-150400.1.3.1fixed 1-150400.1.3.1

    A use-after-free vulnerability in the Linux kernel's netfilter: nf_tables component can be exploited to achieve local privilege escalation. The nft_verdict_init() function allows positive values as drop error within the hook verdict, and hence the nf_hook_slow() function can cau

  • CVE-2024-1085Jan 31, 2024
    affected < 1-150400.1.3.1fixed 1-150400.1.3.1

    A use-after-free vulnerability in the Linux kernel's netfilter: nf_tables component can be exploited to achieve local privilege escalation. The nft_setelem_catchall_deactivate() function checks whether the catch-all set element is active in the current generation instead of the

  • CVE-2023-46838Jan 29, 2024
    affected < 1-150400.1.3.1fixed 1-150400.1.3.1

    Transmit requests in Xen's virtual network protocol can consist of multiple parts. While not really useful, except for the initial part any of them may be of zero length, i.e. carry no data at all. Besides a certain initial portion of the to be transferred data, these parts are

  • CVE-2023-51043Jan 23, 2024
    affected < 1-150400.1.3.1fixed 1-150400.1.3.1

    In the Linux kernel before 6.4.5, drivers/gpu/drm/drm_atomic.c has a use-after-free during a race condition between a nonblocking atomic commit and a driver unload.

  • CVE-2023-51042Jan 23, 2024
    affected < 1-150400.1.3.1fixed 1-150400.1.3.1

    In the Linux kernel before 6.4.12, amdgpu_cs_wait_all_fences in drivers/gpu/drm/amd/amdgpu/amdgpu_cs.c has a fence use-after-free.

  • CVE-2024-0775Jan 22, 2024
    affected < 1-150400.1.3.1fixed 1-150400.1.3.1

    A use-after-free flaw was found in the __ext4_remount in fs/ext4/super.c in ext4 in the Linux kernel. This flaw allows a local user to cause an information leak problem while freeing the old quota file names before a potential failure, leading to a use-after-free.

  • CVE-2021-33631Jan 18, 2024
    affected < 1-150400.1.3.1fixed 1-150400.1.3.1

    Integer Overflow or Wraparound vulnerability in openEuler kernel on Linux (filesystem modules) allows Forced Integer Overflow.This issue affects openEuler kernel: from 4.19.90 before 4.19.90-2401.3, from 5.10.0-60.18.0 before 5.10.0-183.0.0.

  • CVE-2024-0641Jan 17, 2024
    affected < 1-150400.1.3.1fixed 1-150400.1.3.1

    A denial of service vulnerability was found in tipc_crypto_key_revoke in net/tipc/crypto.c in the Linux kernel’s TIPC subsystem. This flaw allows guests with local user privileges to trigger a deadlock and potentially crash the system.

  • CVE-2024-0565Jan 15, 2024
    affected < 1-150400.1.3.1fixed 1-150400.1.3.1

    An out-of-bounds memory read flaw was found in receive_encrypted_standard in fs/smb/client/smb2ops.c in the SMB Client sub-component in the Linux Kernel. This issue occurs due to integer underflow on the memcpy length, leading to a denial of service.

  • CVE-2023-6915Jan 15, 2024
    affected < 1-150400.1.3.1fixed 1-150400.1.3.1

    A Null pointer dereference problem was found in ida_free in lib/idr.c in the Linux Kernel. This issue may allow an attacker using this library to cause a denial of service problem due to a missing check at a function return.

  • CVE-2023-6040Jan 12, 2024
    affected < 1-150400.1.3.1fixed 1-150400.1.3.1

    An out-of-bounds access vulnerability involving netfilter was reported and fixed as: f1082dd31fe4 (netfilter: nf_tables: Reject tables of unsupported family); While creating a new netfilter table, lack of a safeguard against invalid nf_tables family (pf) values within `nf_tables_

  • CVE-2024-0340Jan 9, 2024
    affected < 1-150400.1.3.1fixed 1-150400.1.3.1

    A vulnerability was found in vhost_new_msg in drivers/vhost/vhost.c in the Linux kernel, which does not properly initialize memory in messages passed between virtual guests and the host operating system in the vhost/vhost.c:vhost_new_msg() function. This issue can allow local pri

  • CVE-2023-51782Dec 25, 2023
    affected < 1-150400.1.3.1fixed 1-150400.1.3.1

    An issue was discovered in the Linux kernel before 6.6.8. rose_ioctl in net/rose/af_rose.c has a use-after-free because of a rose_accept race condition.

  • CVE-2023-51780Dec 25, 2023
    affected < 1-150400.1.3.1fixed 1-150400.1.3.1

    An issue was discovered in the Linux kernel before 6.6.8. do_vcc_ioctl in net/atm/ioctl.c has a use-after-free because of a vcc_recvmsg race condition.

  • CVE-2023-47233MedNov 3, 2023
    affected < 1-150400.1.3.1fixed 1-150400.1.3.1

    The brcm80211 component in the Linux kernel through 6.5.10 has a brcmf_cfg80211_detach use-after-free in the device unplugging (disconnect the USB by hotplug) code. For physically proximate attackers with local access, this "could be exploited in a real world scenario." This is r