rpm package
suse/kernel-livepatch-SLE15-SP4_Update_1&distro=SUSE Linux Enterprise Live Patching 15 SP4
pkg:rpm/suse/kernel-livepatch-SLE15-SP4_Update_1&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2015%20SP4
Vulnerabilities (86)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2022-2602 | — | < 7-150400.2.1 | 7-150400.2.1 | Jan 8, 2024 | io_uring UAF, Unix SCM garbage collection | ||
| CVE-2022-2588 | — | < 5-150400.2.1 | 5-150400.2.1 | Jan 8, 2024 | It was discovered that the cls_route filter implementation in the Linux kernel would not remove an old filter from the hashtable before freeing it if its handle had the value 0. | ||
| CVE-2022-2585 | — | < 2-150400.2.1 | 2-150400.2.1 | Jan 8, 2024 | It was discovered that when exec'ing from a non-leader thread, armed POSIX CPU timers would be left on a list but freed, leading to a use-after-free. | ||
| CVE-2023-31436 | — | < 12-150400.2.3 | 12-150400.2.3 | Apr 28, 2023 | qfq_change_class in net/sched/sch_qfq.c in the Linux kernel before 6.2.13 allows an out-of-bounds write because lmax can exceed QFQ_MIN_LMAX. | ||
| CVE-2023-2162 | — | < 11-150400.2.3 | 11-150400.2.3 | Apr 19, 2023 | A use-after-free vulnerability was found in iscsi_sw_tcp_session_create in drivers/scsi/iscsi_tcp.c in SCSI sub-component in the Linux Kernel. In this flaw an attacker could leak kernel internal information. | ||
| CVE-2023-1989 | — | < 11-150400.2.3 | 11-150400.2.3 | Apr 11, 2023 | A use-after-free flaw was found in btsdio_remove in drivers\bluetooth\btsdio.c in the Linux Kernel. In this flaw, a call to btsdio_remove with an unfinished job, may cause a race problem leading to a UAF on hdev devices. | ||
| CVE-2023-28464 | — | < 11-150400.2.3 | 11-150400.2.3 | Mar 31, 2023 | hci_conn_cleanup in net/bluetooth/hci_conn.c in the Linux kernel through 6.2.9 has a use-after-free (observed in hci_conn_hash_flush) because of calls to hci_dev_put and hci_conn_put. There is a double free that may lead to privilege escalation. | ||
| CVE-2022-4744 | — | < 12-150400.2.3 | 12-150400.2.3 | Mar 30, 2023 | A double-free flaw was found in the Linux kernel’s TUN/TAP device driver functionality in how a user registers the device when the register_netdevice function fails (NETDEV_REGISTER notifier). This flaw allows a local user to crash or potentially escalate their privileges on the | ||
| CVE-2023-1078 | — | < 9-150400.2.3 | 9-150400.2.3 | Mar 27, 2023 | A flaw was found in the Linux Kernel in RDS (Reliable Datagram Sockets) protocol. The rds_rm_zerocopy_callback() uses list_entry() on the head of a list causing a type confusion. Local user can trigger this with rds_message_put(). Type confusion leads to `struct rds_msg_zcopy_inf | ||
| CVE-2023-1281 | — | < 11-150400.2.3 | 11-150400.2.3 | Mar 22, 2023 | Use After Free vulnerability in Linux kernel traffic control index filter (tcindex) allows Privilege Escalation. The imperfect hash area can be updated while packets are traversing, which will cause a use-after-free when 'tcf_exts_exec()' is called with the destroyed tcf_ext. A l | ||
| CVE-2023-0386 | — | KEV | < 11-150400.2.3 | 11-150400.2.3 | Mar 22, 2023 | A flaw was found in the Linux kernel, where unauthorized access to the execution of the setuid file with capabilities was found in the Linux kernel’s OverlayFS subsystem in how a user copies a capable file from a nosuid mount into another mount. This uid mapping bug allows a loca | |
| CVE-2023-28466 | — | < 12-150400.2.3 | 12-150400.2.3 | Mar 15, 2023 | do_tls_getsockopt in net/tls/tls_main.c in the Linux kernel through 6.2.6 lacks a lock_sock call, leading to a race condition (with a resultant use-after-free or NULL pointer dereference). | ||
| CVE-2022-3424 | — | < 7-150400.2.1 | 7-150400.2.1 | Mar 6, 2023 | A use-after-free flaw was found in the Linux kernel’s SGI GRU driver in the way the first gru_file_unlocked_ioctl function is called by the user, where a fail pass occurs in the gru_check_chiplet_assignment function. This flaw allows a local user to crash or potentially escalate | ||
| CVE-2023-0461 | — | < 11-150400.2.3 | 11-150400.2.3 | Feb 28, 2023 | There is a use-after-free vulnerability in the Linux Kernel which can be exploited to achieve local privilege escalation. To reach the vulnerability kernel configuration flag CONFIG_TLS or CONFIG_XFRM_ESPINTCP has to be configured, but the operation does not require any privilege | ||
| CVE-2023-26545 | — | < 9-150400.2.3 | 9-150400.2.3 | Feb 25, 2023 | In the Linux kernel before 6.1.13, there is a double free in net/mpls/af_mpls.c upon an allocation failure (for registering the sysctl table under a new location) during the renaming of a device. | ||
| CVE-2023-0266 | — | KEV | < 9-150400.2.3 | 9-150400.2.3 | Jan 30, 2023 | A use after free vulnerability exists in the ALSA PCM package in the Linux Kernel. SNDRV_CTL_IOCTL_ELEM_{READ|WRITE}32 is missing locks that can be used in a use-after-free that can result in a priviledge escalation to gain ring0 access from the system user. We recommend upgradin | |
| CVE-2022-4139 | — | < 6-150400.2.1 | 6-150400.2.1 | Jan 27, 2023 | An incorrect TLB flush issue was found in the Linux kernel’s GPU i915 kernel driver, potentially leading to random memory corruption or data leaks. This flaw could allow a local user to crash the system or escalate their privileges on the system. | ||
| CVE-2023-23455 | — | < 12-150400.2.3 | 12-150400.2.3 | Jan 12, 2023 | atm_tc_enqueue in net/sched/sch_atm.c in the Linux kernel through 6.1.4 allows attackers to cause a denial of service because of type confusion (non-negative numbers can sometimes indicate a TC_ACT_SHOT condition rather than valid classification results). | ||
| CVE-2023-23454 | — | < 11-150400.2.3 | 11-150400.2.3 | Jan 12, 2023 | cbq_classify in net/sched/sch_cbq.c in the Linux kernel through 6.1.4 allows attackers to cause a denial of service (slab-out-of-bounds read) because of type confusion (non-negative numbers can sometimes indicate a TC_ACT_SHOT condition rather than valid classification results). | ||
| CVE-2022-4379 | — | < 7-150400.2.1 | 7-150400.2.1 | Jan 10, 2023 | A use-after-free vulnerability was found in __nfs42_ssc_open() in fs/nfs/nfs4file.c in the Linux kernel. This flaw allows an attacker to conduct a remote denial |
- CVE-2022-2602Jan 8, 2024affected < 7-150400.2.1fixed 7-150400.2.1
io_uring UAF, Unix SCM garbage collection
- CVE-2022-2588Jan 8, 2024affected < 5-150400.2.1fixed 5-150400.2.1
It was discovered that the cls_route filter implementation in the Linux kernel would not remove an old filter from the hashtable before freeing it if its handle had the value 0.
- CVE-2022-2585Jan 8, 2024affected < 2-150400.2.1fixed 2-150400.2.1
It was discovered that when exec'ing from a non-leader thread, armed POSIX CPU timers would be left on a list but freed, leading to a use-after-free.
- CVE-2023-31436Apr 28, 2023affected < 12-150400.2.3fixed 12-150400.2.3
qfq_change_class in net/sched/sch_qfq.c in the Linux kernel before 6.2.13 allows an out-of-bounds write because lmax can exceed QFQ_MIN_LMAX.
- CVE-2023-2162Apr 19, 2023affected < 11-150400.2.3fixed 11-150400.2.3
A use-after-free vulnerability was found in iscsi_sw_tcp_session_create in drivers/scsi/iscsi_tcp.c in SCSI sub-component in the Linux Kernel. In this flaw an attacker could leak kernel internal information.
- CVE-2023-1989Apr 11, 2023affected < 11-150400.2.3fixed 11-150400.2.3
A use-after-free flaw was found in btsdio_remove in drivers\bluetooth\btsdio.c in the Linux Kernel. In this flaw, a call to btsdio_remove with an unfinished job, may cause a race problem leading to a UAF on hdev devices.
- CVE-2023-28464Mar 31, 2023affected < 11-150400.2.3fixed 11-150400.2.3
hci_conn_cleanup in net/bluetooth/hci_conn.c in the Linux kernel through 6.2.9 has a use-after-free (observed in hci_conn_hash_flush) because of calls to hci_dev_put and hci_conn_put. There is a double free that may lead to privilege escalation.
- CVE-2022-4744Mar 30, 2023affected < 12-150400.2.3fixed 12-150400.2.3
A double-free flaw was found in the Linux kernel’s TUN/TAP device driver functionality in how a user registers the device when the register_netdevice function fails (NETDEV_REGISTER notifier). This flaw allows a local user to crash or potentially escalate their privileges on the
- CVE-2023-1078Mar 27, 2023affected < 9-150400.2.3fixed 9-150400.2.3
A flaw was found in the Linux Kernel in RDS (Reliable Datagram Sockets) protocol. The rds_rm_zerocopy_callback() uses list_entry() on the head of a list causing a type confusion. Local user can trigger this with rds_message_put(). Type confusion leads to `struct rds_msg_zcopy_inf
- CVE-2023-1281Mar 22, 2023affected < 11-150400.2.3fixed 11-150400.2.3
Use After Free vulnerability in Linux kernel traffic control index filter (tcindex) allows Privilege Escalation. The imperfect hash area can be updated while packets are traversing, which will cause a use-after-free when 'tcf_exts_exec()' is called with the destroyed tcf_ext. A l
- affected < 11-150400.2.3fixed 11-150400.2.3
A flaw was found in the Linux kernel, where unauthorized access to the execution of the setuid file with capabilities was found in the Linux kernel’s OverlayFS subsystem in how a user copies a capable file from a nosuid mount into another mount. This uid mapping bug allows a loca
- CVE-2023-28466Mar 15, 2023affected < 12-150400.2.3fixed 12-150400.2.3
do_tls_getsockopt in net/tls/tls_main.c in the Linux kernel through 6.2.6 lacks a lock_sock call, leading to a race condition (with a resultant use-after-free or NULL pointer dereference).
- CVE-2022-3424Mar 6, 2023affected < 7-150400.2.1fixed 7-150400.2.1
A use-after-free flaw was found in the Linux kernel’s SGI GRU driver in the way the first gru_file_unlocked_ioctl function is called by the user, where a fail pass occurs in the gru_check_chiplet_assignment function. This flaw allows a local user to crash or potentially escalate
- CVE-2023-0461Feb 28, 2023affected < 11-150400.2.3fixed 11-150400.2.3
There is a use-after-free vulnerability in the Linux Kernel which can be exploited to achieve local privilege escalation. To reach the vulnerability kernel configuration flag CONFIG_TLS or CONFIG_XFRM_ESPINTCP has to be configured, but the operation does not require any privilege
- CVE-2023-26545Feb 25, 2023affected < 9-150400.2.3fixed 9-150400.2.3
In the Linux kernel before 6.1.13, there is a double free in net/mpls/af_mpls.c upon an allocation failure (for registering the sysctl table under a new location) during the renaming of a device.
- affected < 9-150400.2.3fixed 9-150400.2.3
A use after free vulnerability exists in the ALSA PCM package in the Linux Kernel. SNDRV_CTL_IOCTL_ELEM_{READ|WRITE}32 is missing locks that can be used in a use-after-free that can result in a priviledge escalation to gain ring0 access from the system user. We recommend upgradin
- CVE-2022-4139Jan 27, 2023affected < 6-150400.2.1fixed 6-150400.2.1
An incorrect TLB flush issue was found in the Linux kernel’s GPU i915 kernel driver, potentially leading to random memory corruption or data leaks. This flaw could allow a local user to crash the system or escalate their privileges on the system.
- CVE-2023-23455Jan 12, 2023affected < 12-150400.2.3fixed 12-150400.2.3
atm_tc_enqueue in net/sched/sch_atm.c in the Linux kernel through 6.1.4 allows attackers to cause a denial of service because of type confusion (non-negative numbers can sometimes indicate a TC_ACT_SHOT condition rather than valid classification results).
- CVE-2023-23454Jan 12, 2023affected < 11-150400.2.3fixed 11-150400.2.3
cbq_classify in net/sched/sch_cbq.c in the Linux kernel through 6.1.4 allows attackers to cause a denial of service (slab-out-of-bounds read) because of type confusion (non-negative numbers can sometimes indicate a TC_ACT_SHOT condition rather than valid classification results).
- CVE-2022-4379Jan 10, 2023affected < 7-150400.2.1fixed 7-150400.2.1
A use-after-free vulnerability was found in __nfs42_ssc_open() in fs/nfs/nfs4file.c in the Linux kernel. This flaw allows an attacker to conduct a remote denial
Page 1 of 5