rpm package

suse/kernel-livepatch-SLE15-SP4-RT_Update_6&distro=SUSE Linux Enterprise Live Patching 15 SP4

pkg:rpm/suse/kernel-livepatch-SLE15-SP4-RT_Update_6&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2015%20SP4

Vulnerabilities (23)

CVE	CVSS	Affected versions	Fixed in	Published	Description
CVE-2023-0394	—	< 1-150400.1.3.3	1-150400.1.3.3	Jan 24, 2023	A NULL pointer dereference flaw was found in rawv6_push_pending_frames in net/ipv6/raw.c in the network subcomponent in the Linux kernel. This flaw causes the system to crash.
CVE-2023-23454	—	< 2-150400.2.2	2-150400.2.2	Jan 12, 2023	cbq_classify in net/sched/sch_cbq.c in the Linux kernel through 6.1.4 allows attackers to cause a denial of service (slab-out-of-bounds read) because of type confusion (non-negative numbers can sometimes indicate a TC_ACT_SHOT condition rather than valid classification results).
CVE-2017-5753	—	< 1-150400.1.3.3	1-150400.1.3.3	Jan 4, 2018	Systems with microprocessors utilizing speculative execution and branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis.

CVE-2023-0394Jan 24, 2023
affected < 1-150400.1.3.3fixed 1-150400.1.3.3
A NULL pointer dereference flaw was found in rawv6_push_pending_frames in net/ipv6/raw.c in the network subcomponent in the Linux kernel. This flaw causes the system to crash.
CVE-2023-23454Jan 12, 2023
affected < 2-150400.2.2fixed 2-150400.2.2
cbq_classify in net/sched/sch_cbq.c in the Linux kernel through 6.1.4 allows attackers to cause a denial of service (slab-out-of-bounds read) because of type confusion (non-negative numbers can sometimes indicate a TC_ACT_SHOT condition rather than valid classification results).
CVE-2017-5753Jan 4, 2018
affected < 1-150400.1.3.3fixed 1-150400.1.3.3
Systems with microprocessors utilizing speculative execution and branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis.

Page 2 of 2