VYPR

rpm package

suse/kernel-livepatch-SLE15-SP4-RT_Update_7&distro=SUSE Linux Enterprise Live Patching 15 SP4

pkg:rpm/suse/kernel-livepatch-SLE15-SP4-RT_Update_7&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2015%20SP4

Vulnerabilities (24)

  • CVE-2023-0386KEVMar 22, 2023
    affected < 1-150400.1.5.2fixed 1-150400.1.5.2

    A flaw was found in the Linux kernel, where unauthorized access to the execution of the setuid file with capabilities was found in the Linux kernel’s OverlayFS subsystem in how a user copies a capable file from a nosuid mount into another mount. This uid mapping bug allows a loca

  • CVE-2023-23006Mar 1, 2023
    affected < 1-150400.1.5.2fixed 1-150400.1.5.2

    In the Linux kernel before 5.15.13, drivers/net/ethernet/mellanox/mlx5/core/steering/dr_domain.c misinterprets the mlx5_get_uars_page return value (expects it to be NULL in the error case, whereas it is actually an error pointer).

  • CVE-2023-23454Jan 12, 2023
    affected < 2-150400.2.2fixed 2-150400.2.2

    cbq_classify in net/sched/sch_cbq.c in the Linux kernel through 6.1.4 allows attackers to cause a denial of service (slab-out-of-bounds read) because of type confusion (non-negative numbers can sometimes indicate a TC_ACT_SHOT condition rather than valid classification results).

  • CVE-2022-2196Jan 9, 2023
    affected < 1-150400.1.5.2fixed 1-150400.1.5.2

    A regression exists in the Linux Kernel within KVM: nVMX that allowed for speculative execution attacks. L2 can carry out Spectre v2 attacks on L1 due to L1 thinking it doesn't need retpolines or IBPB after running L2 due to KVM (L0) advertising eIBRS support to L1. An attacker a

Page 2 of 2