rpm package
suse/kernel-livepatch-SLE15-SP4_Update_1&distro=SUSE Linux Enterprise Live Patching 15 SP4
pkg:rpm/suse/kernel-livepatch-SLE15-SP4_Update_1&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2015%20SP4
Vulnerabilities (86)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2022-2602 | Med | 5.3 | < 7-150400.2.1 | 7-150400.2.1 | Jan 8, 2024 | io_uring UAF, Unix SCM garbage collection | |
| CVE-2022-2588 | Med | 5.3 | < 5-150400.2.1 | 5-150400.2.1 | Jan 8, 2024 | It was discovered that the cls_route filter implementation in the Linux kernel would not remove an old filter from the hashtable before freeing it if its handle had the value 0. | |
| CVE-2022-2585 | Med | 5.3 | < 2-150400.2.1 | 2-150400.2.1 | Jan 8, 2024 | It was discovered that when exec'ing from a non-leader thread, armed POSIX CPU timers would be left on a list but freed, leading to a use-after-free. | |
| CVE-2023-31436 | Hig | 7.8 | < 12-150400.2.3 | 12-150400.2.3 | Apr 28, 2023 | qfq_change_class in net/sched/sch_qfq.c in the Linux kernel before 6.2.13 allows an out-of-bounds write because lmax can exceed QFQ_MIN_LMAX. | |
| CVE-2023-2162 | Med | 5.5 | < 11-150400.2.3 | 11-150400.2.3 | Apr 19, 2023 | A use-after-free vulnerability was found in iscsi_sw_tcp_session_create in drivers/scsi/iscsi_tcp.c in SCSI sub-component in the Linux Kernel. In this flaw an attacker could leak kernel internal information. | |
| CVE-2023-1989 | Hig | 7.0 | < 11-150400.2.3 | 11-150400.2.3 | Apr 11, 2023 | A use-after-free flaw was found in btsdio_remove in drivers\bluetooth\btsdio.c in the Linux Kernel. In this flaw, a call to btsdio_remove with an unfinished job, may cause a race problem leading to a UAF on hdev devices. | |
| CVE-2023-28464 | Hig | 7.8 | < 11-150400.2.3 | 11-150400.2.3 | Mar 31, 2023 | hci_conn_cleanup in net/bluetooth/hci_conn.c in the Linux kernel through 6.2.9 has a use-after-free (observed in hci_conn_hash_flush) because of calls to hci_dev_put and hci_conn_put. There is a double free that may lead to privilege escalation. | |
| CVE-2022-4744 | Hig | 7.8 | < 12-150400.2.3 | 12-150400.2.3 | Mar 30, 2023 | A double-free flaw was found in the Linux kernel’s TUN/TAP device driver functionality in how a user registers the device when the register_netdevice function fails (NETDEV_REGISTER notifier). This flaw allows a local user to crash or potentially escalate their privileges on the | |
| CVE-2023-1078 | Hig | 7.8 | < 9-150400.2.3 | 9-150400.2.3 | Mar 27, 2023 | A flaw was found in the Linux Kernel in RDS (Reliable Datagram Sockets) protocol. The rds_rm_zerocopy_callback() uses list_entry() on the head of a list causing a type confusion. Local user can trigger this with rds_message_put(). Type confusion leads to `struct rds_msg_zcopy_inf | |
| CVE-2023-0386 | Hig | 7.8 | KEV | < 11-150400.2.3 | 11-150400.2.3 | Mar 22, 2023 | A flaw was found in the Linux kernel, where unauthorized access to the execution of the setuid file with capabilities was found in the Linux kernel’s OverlayFS subsystem in how a user copies a capable file from a nosuid mount into another mount. This uid mapping bug allows a loca |
| CVE-2023-1281 | Hig | 7.8 | < 11-150400.2.3 | 11-150400.2.3 | Mar 22, 2023 | Use After Free vulnerability in Linux kernel traffic control index filter (tcindex) allows Privilege Escalation. The imperfect hash area can be updated while packets are traversing, which will cause a use-after-free when 'tcf_exts_exec()' is called with the destroyed tcf_ext. A l | |
| CVE-2023-28466 | Hig | 7.0 | < 12-150400.2.3 | 12-150400.2.3 | Mar 16, 2023 | do_tls_getsockopt in net/tls/tls_main.c in the Linux kernel through 6.2.6 lacks a lock_sock call, leading to a race condition (with a resultant use-after-free or NULL pointer dereference). | |
| CVE-2022-3424 | Hig | 7.8 | < 7-150400.2.1 | 7-150400.2.1 | Mar 6, 2023 | A use-after-free flaw was found in the Linux kernel’s SGI GRU driver in the way the first gru_file_unlocked_ioctl function is called by the user, where a fail pass occurs in the gru_check_chiplet_assignment function. This flaw allows a local user to crash or potentially escalate | |
| CVE-2023-0461 | Hig | 7.8 | < 11-150400.2.3 | 11-150400.2.3 | Feb 28, 2023 | There is a use-after-free vulnerability in the Linux Kernel which can be exploited to achieve local privilege escalation. To reach the vulnerability kernel configuration flag CONFIG_TLS or CONFIG_XFRM_ESPINTCP has to be configured, but the operation does not require any privilege | |
| CVE-2023-26545 | Med | 4.7 | < 9-150400.2.3 | 9-150400.2.3 | Feb 25, 2023 | In the Linux kernel before 6.1.13, there is a double free in net/mpls/af_mpls.c upon an allocation failure (for registering the sysctl table under a new location) during the renaming of a device. | |
| CVE-2023-0266 | Hig | 7.9 | KEV | < 9-150400.2.3 | 9-150400.2.3 | Jan 30, 2023 | A use after free vulnerability exists in the ALSA PCM package in the Linux Kernel. SNDRV_CTL_IOCTL_ELEM_{READ|WRITE}32 is missing locks that can be used in a use-after-free that can result in a priviledge escalation to gain ring0 access from the system user. We recommend upgradin |
| CVE-2022-4139 | Hig | 7.8 | < 6-150400.2.1 | 6-150400.2.1 | Jan 27, 2023 | An incorrect TLB flush issue was found in the Linux kernel’s GPU i915 kernel driver, potentially leading to random memory corruption or data leaks. This flaw could allow a local user to crash the system or escalate their privileges on the system. | |
| CVE-2023-23455 | Med | 5.5 | < 12-150400.2.3 | 12-150400.2.3 | Jan 12, 2023 | atm_tc_enqueue in net/sched/sch_atm.c in the Linux kernel through 6.1.4 allows attackers to cause a denial of service because of type confusion (non-negative numbers can sometimes indicate a TC_ACT_SHOT condition rather than valid classification results). | |
| CVE-2023-23454 | Med | 5.5 | < 11-150400.2.3 | 11-150400.2.3 | Jan 12, 2023 | cbq_classify in net/sched/sch_cbq.c in the Linux kernel through 6.1.4 allows attackers to cause a denial of service (slab-out-of-bounds read) because of type confusion (non-negative numbers can sometimes indicate a TC_ACT_SHOT condition rather than valid classification results). | |
| CVE-2022-4379 | Hig | 7.5 | < 7-150400.2.1 | 7-150400.2.1 | Jan 10, 2023 | A use-after-free vulnerability was found in __nfs42_ssc_open() in fs/nfs/nfs4file.c in the Linux kernel. This flaw allows an attacker to conduct a remote denial |
- affected < 7-150400.2.1fixed 7-150400.2.1
io_uring UAF, Unix SCM garbage collection
- affected < 5-150400.2.1fixed 5-150400.2.1
It was discovered that the cls_route filter implementation in the Linux kernel would not remove an old filter from the hashtable before freeing it if its handle had the value 0.
- affected < 2-150400.2.1fixed 2-150400.2.1
It was discovered that when exec'ing from a non-leader thread, armed POSIX CPU timers would be left on a list but freed, leading to a use-after-free.
- affected < 12-150400.2.3fixed 12-150400.2.3
qfq_change_class in net/sched/sch_qfq.c in the Linux kernel before 6.2.13 allows an out-of-bounds write because lmax can exceed QFQ_MIN_LMAX.
- affected < 11-150400.2.3fixed 11-150400.2.3
A use-after-free vulnerability was found in iscsi_sw_tcp_session_create in drivers/scsi/iscsi_tcp.c in SCSI sub-component in the Linux Kernel. In this flaw an attacker could leak kernel internal information.
- affected < 11-150400.2.3fixed 11-150400.2.3
A use-after-free flaw was found in btsdio_remove in drivers\bluetooth\btsdio.c in the Linux Kernel. In this flaw, a call to btsdio_remove with an unfinished job, may cause a race problem leading to a UAF on hdev devices.
- affected < 11-150400.2.3fixed 11-150400.2.3
hci_conn_cleanup in net/bluetooth/hci_conn.c in the Linux kernel through 6.2.9 has a use-after-free (observed in hci_conn_hash_flush) because of calls to hci_dev_put and hci_conn_put. There is a double free that may lead to privilege escalation.
- affected < 12-150400.2.3fixed 12-150400.2.3
A double-free flaw was found in the Linux kernel’s TUN/TAP device driver functionality in how a user registers the device when the register_netdevice function fails (NETDEV_REGISTER notifier). This flaw allows a local user to crash or potentially escalate their privileges on the
- affected < 9-150400.2.3fixed 9-150400.2.3
A flaw was found in the Linux Kernel in RDS (Reliable Datagram Sockets) protocol. The rds_rm_zerocopy_callback() uses list_entry() on the head of a list causing a type confusion. Local user can trigger this with rds_message_put(). Type confusion leads to `struct rds_msg_zcopy_inf
- affected < 11-150400.2.3fixed 11-150400.2.3
A flaw was found in the Linux kernel, where unauthorized access to the execution of the setuid file with capabilities was found in the Linux kernel’s OverlayFS subsystem in how a user copies a capable file from a nosuid mount into another mount. This uid mapping bug allows a loca
- affected < 11-150400.2.3fixed 11-150400.2.3
Use After Free vulnerability in Linux kernel traffic control index filter (tcindex) allows Privilege Escalation. The imperfect hash area can be updated while packets are traversing, which will cause a use-after-free when 'tcf_exts_exec()' is called with the destroyed tcf_ext. A l
- affected < 12-150400.2.3fixed 12-150400.2.3
do_tls_getsockopt in net/tls/tls_main.c in the Linux kernel through 6.2.6 lacks a lock_sock call, leading to a race condition (with a resultant use-after-free or NULL pointer dereference).
- affected < 7-150400.2.1fixed 7-150400.2.1
A use-after-free flaw was found in the Linux kernel’s SGI GRU driver in the way the first gru_file_unlocked_ioctl function is called by the user, where a fail pass occurs in the gru_check_chiplet_assignment function. This flaw allows a local user to crash or potentially escalate
- affected < 11-150400.2.3fixed 11-150400.2.3
There is a use-after-free vulnerability in the Linux Kernel which can be exploited to achieve local privilege escalation. To reach the vulnerability kernel configuration flag CONFIG_TLS or CONFIG_XFRM_ESPINTCP has to be configured, but the operation does not require any privilege
- affected < 9-150400.2.3fixed 9-150400.2.3
In the Linux kernel before 6.1.13, there is a double free in net/mpls/af_mpls.c upon an allocation failure (for registering the sysctl table under a new location) during the renaming of a device.
- affected < 9-150400.2.3fixed 9-150400.2.3
A use after free vulnerability exists in the ALSA PCM package in the Linux Kernel. SNDRV_CTL_IOCTL_ELEM_{READ|WRITE}32 is missing locks that can be used in a use-after-free that can result in a priviledge escalation to gain ring0 access from the system user. We recommend upgradin
- affected < 6-150400.2.1fixed 6-150400.2.1
An incorrect TLB flush issue was found in the Linux kernel’s GPU i915 kernel driver, potentially leading to random memory corruption or data leaks. This flaw could allow a local user to crash the system or escalate their privileges on the system.
- affected < 12-150400.2.3fixed 12-150400.2.3
atm_tc_enqueue in net/sched/sch_atm.c in the Linux kernel through 6.1.4 allows attackers to cause a denial of service because of type confusion (non-negative numbers can sometimes indicate a TC_ACT_SHOT condition rather than valid classification results).
- affected < 11-150400.2.3fixed 11-150400.2.3
cbq_classify in net/sched/sch_cbq.c in the Linux kernel through 6.1.4 allows attackers to cause a denial of service (slab-out-of-bounds read) because of type confusion (non-negative numbers can sometimes indicate a TC_ACT_SHOT condition rather than valid classification results).
- affected < 7-150400.2.1fixed 7-150400.2.1
A use-after-free vulnerability was found in __nfs42_ssc_open() in fs/nfs/nfs4file.c in the Linux kernel. This flaw allows an attacker to conduct a remote denial
Page 1 of 5