rpm package
suse/kernel-livepatch-SLE15-SP4_Update_1&distro=SUSE Linux Enterprise Live Patching 15 SP4
pkg:rpm/suse/kernel-livepatch-SLE15-SP4_Update_1&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2015%20SP4
Vulnerabilities (86)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2022-0617 | — | < 1-150400.9.5.3 | 1-150400.9.5.3 | Feb 16, 2022 | A flaw null pointer dereference in the Linux kernel UDF file system functionality was found in the way user triggers udf_file_write_iter function for the malicious UDF image. A local user could use this flaw to crash the system. Actual from Linux kernel 4.2-rc1 till 5.17-rc2. | ||
| CVE-2021-44879 | — | < 1-150400.9.5.3 | 1-150400.9.5.3 | Feb 13, 2022 | In gc_data_segment in fs/f2fs/gc.c in the Linux kernel before 5.16.3, special files are not considered, leading to a move_data_page NULL pointer dereference. | ||
| CVE-2021-45402 | — | < 1-150400.9.5.3 | 1-150400.9.5.3 | Feb 11, 2022 | The check_alu_op() function in kernel/bpf/verifier.c in the Linux kernel through v5.16-rc5 did not properly update bounds while handling the mov32 instruction, which allows local users to obtain potentially sensitive address information, aka a "pointer leak." | ||
| CVE-2021-33061 | — | < 1-150400.9.5.3 | 1-150400.9.5.3 | Feb 9, 2022 | Insufficient control flow management for the Intel(R) 82599 Ethernet Controllers and Adapters may allow an authenticated user to potentially enable denial of service via local access. | ||
| CVE-2022-0264 | — | < 1-150400.9.5.3 | 1-150400.9.5.3 | Feb 4, 2022 | A vulnerability was found in the Linux kernel's eBPF verifier when handling internal data structures. Internal memory locations could be returned to userspace. A local attacker with the permissions to insert eBPF code to the kernel can use this to leak internal kernel memory deta | ||
| CVE-2022-23222 | — | < 1-150400.9.5.3 | 1-150400.9.5.3 | Jan 14, 2022 | kernel/bpf/verifier.c in the Linux kernel through 5.15.14 allows local users to gain privileges because of the availability of pointer arithmetic via certain *_OR_NULL pointer types. |
- CVE-2022-0617Feb 16, 2022affected < 1-150400.9.5.3fixed 1-150400.9.5.3
A flaw null pointer dereference in the Linux kernel UDF file system functionality was found in the way user triggers udf_file_write_iter function for the malicious UDF image. A local user could use this flaw to crash the system. Actual from Linux kernel 4.2-rc1 till 5.17-rc2.
- CVE-2021-44879Feb 13, 2022affected < 1-150400.9.5.3fixed 1-150400.9.5.3
In gc_data_segment in fs/f2fs/gc.c in the Linux kernel before 5.16.3, special files are not considered, leading to a move_data_page NULL pointer dereference.
- CVE-2021-45402Feb 11, 2022affected < 1-150400.9.5.3fixed 1-150400.9.5.3
The check_alu_op() function in kernel/bpf/verifier.c in the Linux kernel through v5.16-rc5 did not properly update bounds while handling the mov32 instruction, which allows local users to obtain potentially sensitive address information, aka a "pointer leak."
- CVE-2021-33061Feb 9, 2022affected < 1-150400.9.5.3fixed 1-150400.9.5.3
Insufficient control flow management for the Intel(R) 82599 Ethernet Controllers and Adapters may allow an authenticated user to potentially enable denial of service via local access.
- CVE-2022-0264Feb 4, 2022affected < 1-150400.9.5.3fixed 1-150400.9.5.3
A vulnerability was found in the Linux kernel's eBPF verifier when handling internal data structures. Internal memory locations could be returned to userspace. A local attacker with the permissions to insert eBPF code to the kernel can use this to leak internal kernel memory deta
- CVE-2022-23222Jan 14, 2022affected < 1-150400.9.5.3fixed 1-150400.9.5.3
kernel/bpf/verifier.c in the Linux kernel through 5.15.14 allows local users to gain privileges because of the availability of pointer arithmetic via certain *_OR_NULL pointer types.
Page 5 of 5