rpm package
suse/kernel-livepatch-SLE15-SP4-RT_Update_19&distro=SUSE Linux Enterprise Live Patching 15 SP4
pkg:rpm/suse/kernel-livepatch-SLE15-SP4-RT_Update_19&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2015%20SP4
Vulnerabilities (49)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2023-52429 | — | < 1-150400.1.3.1 | 1-150400.1.3.1 | Feb 12, 2024 | dm_table_create in drivers/md/dm-table.c in the Linux kernel through 6.7.4 can attempt to (in alloc_targets) allocate more than INT_MAX bytes, and crash, because of a missing check for struct dm_ioctl.target_count. | ||
| CVE-2024-1151 | — | < 1-150400.1.3.1 | 1-150400.1.3.1 | Feb 11, 2024 | A vulnerability was reported in the Open vSwitch sub-component in the Linux Kernel. The flaw occurs when a recursive operation of code push recursively calls into the code block. The OVS module does not validate the stack depth, pushing too many frames and causing a stack overflo | ||
| CVE-2024-23851 | — | < 1-150400.1.3.1 | 1-150400.1.3.1 | Jan 23, 2024 | copy_params in drivers/md/dm-ioctl.c in the Linux kernel through 6.7.1 can attempt to allocate more than INT_MAX bytes, and crash, because of a missing param_kernel->data_size check. This is related to ctl_ioctl. | ||
| CVE-2024-23850 | — | < 1-150400.1.3.1 | 1-150400.1.3.1 | Jan 23, 2024 | In btrfs_get_root_ref in fs/btrfs/disk-io.c in the Linux kernel through 6.7.1, there can be an assertion failure and crash because a subvolume can be read out too soon after its root item is inserted upon subvolume creation. | ||
| CVE-2024-23849 | — | < 1-150400.1.3.1 | 1-150400.1.3.1 | Jan 23, 2024 | In rds_recv_track_latency in net/rds/af_rds.c in the Linux kernel through 6.7.1, there is an off-by-one error for an RDS_MSG_RX_DGRAM_TRACE_MAX comparison, resulting in out-of-bounds access. | ||
| CVE-2024-0607 | — | < 1-150400.1.3.1 | 1-150400.1.3.1 | Jan 18, 2024 | A flaw was found in the Netfilter subsystem in the Linux kernel. The issue is in the nft_byteorder_eval() function, where the code iterates through a loop and writes to the `dst` array. On each iteration, 8 bytes are written, but `dst` is an array of u32, so each element only has | ||
| CVE-2023-6270 | — | < 1-150400.1.3.1 | 1-150400.1.3.1 | Jan 4, 2024 | A flaw was found in the ATA over Ethernet (AoE) driver in the Linux kernel. The aoecmd_cfg_pkts() function improperly updates the refcnt on `struct net_device`, and a use-after-free can be triggered by racing between the free on the struct and the access through the `skbtxq` glob | ||
| CVE-2023-6817 | Hig | 7.8 | < 1-150400.1.3.1 | 1-150400.1.3.1 | Dec 18, 2023 | A use-after-free vulnerability in the Linux kernel's netfilter: nf_tables component can be exploited to achieve local privilege escalation. The function nft_pipapo_walk did not skip inactive elements during set walk which could lead double deactivations of PIPAPO (Pile Packet Po | |
| CVE-2023-5197 | — | < 1-150400.1.3.1 | 1-150400.1.3.1 | Sep 26, 2023 | A use-after-free vulnerability in the Linux kernel's netfilter: nf_tables component can be exploited to achieve local privilege escalation. Addition and removal of rules from chain bindings within the same transaction causes leads to use-after-free. We recommend upgrading past |
- CVE-2023-52429Feb 12, 2024affected < 1-150400.1.3.1fixed 1-150400.1.3.1
dm_table_create in drivers/md/dm-table.c in the Linux kernel through 6.7.4 can attempt to (in alloc_targets) allocate more than INT_MAX bytes, and crash, because of a missing check for struct dm_ioctl.target_count.
- CVE-2024-1151Feb 11, 2024affected < 1-150400.1.3.1fixed 1-150400.1.3.1
A vulnerability was reported in the Open vSwitch sub-component in the Linux Kernel. The flaw occurs when a recursive operation of code push recursively calls into the code block. The OVS module does not validate the stack depth, pushing too many frames and causing a stack overflo
- CVE-2024-23851Jan 23, 2024affected < 1-150400.1.3.1fixed 1-150400.1.3.1
copy_params in drivers/md/dm-ioctl.c in the Linux kernel through 6.7.1 can attempt to allocate more than INT_MAX bytes, and crash, because of a missing param_kernel->data_size check. This is related to ctl_ioctl.
- CVE-2024-23850Jan 23, 2024affected < 1-150400.1.3.1fixed 1-150400.1.3.1
In btrfs_get_root_ref in fs/btrfs/disk-io.c in the Linux kernel through 6.7.1, there can be an assertion failure and crash because a subvolume can be read out too soon after its root item is inserted upon subvolume creation.
- CVE-2024-23849Jan 23, 2024affected < 1-150400.1.3.1fixed 1-150400.1.3.1
In rds_recv_track_latency in net/rds/af_rds.c in the Linux kernel through 6.7.1, there is an off-by-one error for an RDS_MSG_RX_DGRAM_TRACE_MAX comparison, resulting in out-of-bounds access.
- CVE-2024-0607Jan 18, 2024affected < 1-150400.1.3.1fixed 1-150400.1.3.1
A flaw was found in the Netfilter subsystem in the Linux kernel. The issue is in the nft_byteorder_eval() function, where the code iterates through a loop and writes to the `dst` array. On each iteration, 8 bytes are written, but `dst` is an array of u32, so each element only has
- CVE-2023-6270Jan 4, 2024affected < 1-150400.1.3.1fixed 1-150400.1.3.1
A flaw was found in the ATA over Ethernet (AoE) driver in the Linux kernel. The aoecmd_cfg_pkts() function improperly updates the refcnt on `struct net_device`, and a use-after-free can be triggered by racing between the free on the struct and the access through the `skbtxq` glob
- affected < 1-150400.1.3.1fixed 1-150400.1.3.1
A use-after-free vulnerability in the Linux kernel's netfilter: nf_tables component can be exploited to achieve local privilege escalation. The function nft_pipapo_walk did not skip inactive elements during set walk which could lead double deactivations of PIPAPO (Pile Packet Po
- CVE-2023-5197Sep 26, 2023affected < 1-150400.1.3.1fixed 1-150400.1.3.1
A use-after-free vulnerability in the Linux kernel's netfilter: nf_tables component can be exploited to achieve local privilege escalation. Addition and removal of rules from chain bindings within the same transaction causes leads to use-after-free. We recommend upgrading past
Page 3 of 3