rpm package

suse/kernel-livepatch-SLE15-SP4_Update_1&distro=SUSE Linux Enterprise Live Patching 15 SP4

pkg:rpm/suse/kernel-livepatch-SLE15-SP4_Update_1&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2015%20SP4

Vulnerabilities (86)

CVE	CVSS	Affected versions	Fixed in	Published	Description
CVE-2021-4204	—	< 1-150400.9.5.3	1-150400.9.5.3	Aug 24, 2022	An out-of-bounds (OOB) memory access flaw was found in the Linux kernel's eBPF due to an Improper Input Validation. This flaw allows a local attacker with a special privilege to crash the system or leak internal information.
CVE-2022-1012	—	< 1-150400.9.5.3	1-150400.9.5.3	Aug 5, 2022	A memory leak problem was found in the TCP source port generation algorithm in net/ipv4/tcp.c due to the small table perturb size. This flaw may allow an attacker to information leak and may cause a denial of service problem.
CVE-2022-36946	—	< 2-150400.2.1	2-150400.2.1	Jul 27, 2022	nfqnl_mangle in net/netfilter/nfnetlink_queue.c in the Linux kernel through 5.18.14 allows remote attackers to cause a denial of service (panic) because, in the case of an nf_queue verdict with a one-byte nfta_payload attribute, an skb_pull can encounter a negative skb->len.
CVE-2022-1651	—	< 1-150400.9.5.3	1-150400.9.5.3	Jul 26, 2022	A memory leak flaw was found in the Linux kernel in acrn_dev_ioctl in the drivers/virt/acrn/hsm.c function in how the ACRN Device Model emulates virtual NICs in VM. This flaw allows a local privileged attacker to leak unauthorized kernel information, causing a denial of service.
CVE-2022-1671	—	< 1-150400.9.5.3	1-150400.9.5.3	Jul 26, 2022	A NULL pointer dereference flaw was found in rxrpc_preparse_s in net/rxrpc/server_key.c in the Linux kernel. This flaw allows a local attacker to crash the system or leak internal kernel information.
CVE-2021-33655	—	< 5-150400.2.1	5-150400.2.1	Jul 18, 2022	When sending malicous data to kernel by ioctl cmd FBIOPUT_VSCREENINFO,kernel will write memory out of bounds.
CVE-2022-29900	—	< 1-150400.9.5.3	1-150400.9.5.3	Jul 12, 2022	Mis-trained branch predictions for return instructions may allow arbitrary speculative code execution under certain microarchitecture-dependent conditions.
CVE-2022-29901	—	< 1-150400.9.5.3	1-150400.9.5.3	Jul 12, 2022	Intel microprocessor generations 6 to 8 are affected by a new Spectre variant that is able to bypass their retpoline mitigation in the kernel to leak arbitrary data. An attacker with unprivileged user access can hijack return instructions to achieve arbitrary speculative code exe
CVE-2022-2318	—	< 1-150400.9.5.3	1-150400.9.5.3	Jul 6, 2022	There are use-after-free vulnerabilities caused by timer handler in net/rose/rose_timer.c of linux that allow attackers to crash linux kernel without any privileges.
CVE-2022-33742	—	< 1-150400.9.5.3	1-150400.9.5.3	Jul 5, 2022	Linux disk/nic frontends data leaks T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Linux Block and Network PV device frontends don't zero memory regions before sharing them with the backend (CVE-202
CVE-2022-33741	—	< 1-150400.9.5.3	1-150400.9.5.3	Jul 5, 2022	Linux disk/nic frontends data leaks T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Linux Block and Network PV device frontends don't zero memory regions before sharing them with the backend (CVE-202
CVE-2022-33740	—	< 1-150400.9.5.3	1-150400.9.5.3	Jul 5, 2022	Linux disk/nic frontends data leaks T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Linux Block and Network PV device frontends don't zero memory regions before sharing them with the backend (CVE-202
CVE-2022-26365	—	< 1-150400.9.5.3	1-150400.9.5.3	Jul 5, 2022	Linux disk/nic frontends data leaks T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Linux Block and Network PV device frontends don't zero memory regions before sharing them with the backend (CVE-202
CVE-2022-33743	—	< 1-150400.9.5.3	1-150400.9.5.3	Jul 5, 2022	network backend may cause Linux netfront to use freed SKBs While adding logic to support XDP (eXpress Data Path), a code label was moved in a way allowing for SKBs having references (pointers) retained for further processing to nevertheless be freed.
CVE-2022-34918	—	< 1-150400.9.5.3	1-150400.9.5.3	Jul 4, 2022	An issue was discovered in the Linux kernel through 5.18.9. A type confusion bug in nft_set_elem_init (leading to a buffer overflow) could be used by a local attacker to escalate privileges, a different vulnerability than CVE-2022-32250. (The attacker can obtain root access, but
CVE-2022-1852	—	< 1-150400.9.5.3	1-150400.9.5.3	Jun 30, 2022	A NULL pointer dereference flaw was found in the Linux kernel’s KVM module, which can lead to a denial of service in the x86_emulate_insn in arch/x86/kvm/emulate.c. This flaw occurs while executing an illegal instruction in guest in the Intel CPU.
CVE-2022-33981	—	< 1-150400.9.5.3	1-150400.9.5.3	Jun 18, 2022	drivers/block/floppy.c in the Linux kernel before 5.17.6 is vulnerable to a denial of service, because of a concurrency use-after-free flaw after deallocating raw_cmd in the raw_cmd_ioctl function.
CVE-2022-21180	—	< 1-150400.9.5.3	1-150400.9.5.3	Jun 15, 2022	Improper input validation for some Intel(R) Processors may allow an authenticated user to potentially cause a denial of service via local access.
CVE-2022-21166	—	< 1-150400.9.5.3	1-150400.9.5.3	Jun 15, 2022	Incomplete cleanup in specific special register write operations for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.
CVE-2022-21127	—	< 1-150400.9.5.3	1-150400.9.5.3	Jun 15, 2022	Incomplete cleanup in specific special register read operations for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.

CVE-2021-4204Aug 24, 2022
affected < 1-150400.9.5.3fixed 1-150400.9.5.3
An out-of-bounds (OOB) memory access flaw was found in the Linux kernel's eBPF due to an Improper Input Validation. This flaw allows a local attacker with a special privilege to crash the system or leak internal information.
CVE-2022-1012Aug 5, 2022
affected < 1-150400.9.5.3fixed 1-150400.9.5.3
A memory leak problem was found in the TCP source port generation algorithm in net/ipv4/tcp.c due to the small table perturb size. This flaw may allow an attacker to information leak and may cause a denial of service problem.
CVE-2022-36946Jul 27, 2022
affected < 2-150400.2.1fixed 2-150400.2.1
nfqnl_mangle in net/netfilter/nfnetlink_queue.c in the Linux kernel through 5.18.14 allows remote attackers to cause a denial of service (panic) because, in the case of an nf_queue verdict with a one-byte nfta_payload attribute, an skb_pull can encounter a negative skb->len.
CVE-2022-1651Jul 26, 2022
affected < 1-150400.9.5.3fixed 1-150400.9.5.3
A memory leak flaw was found in the Linux kernel in acrn_dev_ioctl in the drivers/virt/acrn/hsm.c function in how the ACRN Device Model emulates virtual NICs in VM. This flaw allows a local privileged attacker to leak unauthorized kernel information, causing a denial of service.
CVE-2022-1671Jul 26, 2022
affected < 1-150400.9.5.3fixed 1-150400.9.5.3
A NULL pointer dereference flaw was found in rxrpc_preparse_s in net/rxrpc/server_key.c in the Linux kernel. This flaw allows a local attacker to crash the system or leak internal kernel information.
CVE-2021-33655Jul 18, 2022
affected < 5-150400.2.1fixed 5-150400.2.1
When sending malicous data to kernel by ioctl cmd FBIOPUT_VSCREENINFO,kernel will write memory out of bounds.
CVE-2022-29900Jul 12, 2022
affected < 1-150400.9.5.3fixed 1-150400.9.5.3
Mis-trained branch predictions for return instructions may allow arbitrary speculative code execution under certain microarchitecture-dependent conditions.
CVE-2022-29901Jul 12, 2022
affected < 1-150400.9.5.3fixed 1-150400.9.5.3
Intel microprocessor generations 6 to 8 are affected by a new Spectre variant that is able to bypass their retpoline mitigation in the kernel to leak arbitrary data. An attacker with unprivileged user access can hijack return instructions to achieve arbitrary speculative code exe
CVE-2022-2318Jul 6, 2022
affected < 1-150400.9.5.3fixed 1-150400.9.5.3
There are use-after-free vulnerabilities caused by timer handler in net/rose/rose_timer.c of linux that allow attackers to crash linux kernel without any privileges.
CVE-2022-33742Jul 5, 2022
affected < 1-150400.9.5.3fixed 1-150400.9.5.3
Linux disk/nic frontends data leaks T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Linux Block and Network PV device frontends don't zero memory regions before sharing them with the backend (CVE-202
CVE-2022-33741Jul 5, 2022
affected < 1-150400.9.5.3fixed 1-150400.9.5.3
Linux disk/nic frontends data leaks T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Linux Block and Network PV device frontends don't zero memory regions before sharing them with the backend (CVE-202
CVE-2022-33740Jul 5, 2022
affected < 1-150400.9.5.3fixed 1-150400.9.5.3
Linux disk/nic frontends data leaks T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Linux Block and Network PV device frontends don't zero memory regions before sharing them with the backend (CVE-202
CVE-2022-26365Jul 5, 2022
affected < 1-150400.9.5.3fixed 1-150400.9.5.3
Linux disk/nic frontends data leaks T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Linux Block and Network PV device frontends don't zero memory regions before sharing them with the backend (CVE-202
CVE-2022-33743Jul 5, 2022
affected < 1-150400.9.5.3fixed 1-150400.9.5.3
network backend may cause Linux netfront to use freed SKBs While adding logic to support XDP (eXpress Data Path), a code label was moved in a way allowing for SKBs having references (pointers) retained for further processing to nevertheless be freed.
CVE-2022-34918Jul 4, 2022
affected < 1-150400.9.5.3fixed 1-150400.9.5.3
An issue was discovered in the Linux kernel through 5.18.9. A type confusion bug in nft_set_elem_init (leading to a buffer overflow) could be used by a local attacker to escalate privileges, a different vulnerability than CVE-2022-32250. (The attacker can obtain root access, but
CVE-2022-1852Jun 30, 2022
affected < 1-150400.9.5.3fixed 1-150400.9.5.3
A NULL pointer dereference flaw was found in the Linux kernel’s KVM module, which can lead to a denial of service in the x86_emulate_insn in arch/x86/kvm/emulate.c. This flaw occurs while executing an illegal instruction in guest in the Intel CPU.
CVE-2022-33981Jun 18, 2022
affected < 1-150400.9.5.3fixed 1-150400.9.5.3
drivers/block/floppy.c in the Linux kernel before 5.17.6 is vulnerable to a denial of service, because of a concurrency use-after-free flaw after deallocating raw_cmd in the raw_cmd_ioctl function.
CVE-2022-21180Jun 15, 2022
affected < 1-150400.9.5.3fixed 1-150400.9.5.3
Improper input validation for some Intel(R) Processors may allow an authenticated user to potentially cause a denial of service via local access.
CVE-2022-21166Jun 15, 2022
affected < 1-150400.9.5.3fixed 1-150400.9.5.3
Incomplete cleanup in specific special register write operations for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.
CVE-2022-21127Jun 15, 2022
affected < 1-150400.9.5.3fixed 1-150400.9.5.3
Incomplete cleanup in specific special register read operations for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.

Page 3 of 5