VYPR

rpm package

suse/kernel-livepatch-SLE15-SP4_Update_10&distro=SUSE Linux Enterprise Live Patching 15 SP4

pkg:rpm/suse/kernel-livepatch-SLE15-SP4_Update_10&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2015%20SP4

Vulnerabilities (38)

  • CVE-2023-52340Jul 5, 2024
    affected < 13-150400.2.1fixed 13-150400.2.1

    The IPv6 implementation in the Linux kernel before 6.3 has a net/ipv6/route.c max_size threshold that can be consumed easily, e.g., leading to a denial of service (network is unreachable errors) when IPv6 packets are sent in a loop via a raw socket.

  • CVE-2024-1085Jan 31, 2024
    affected < 13-150400.2.1fixed 13-150400.2.1

    A use-after-free vulnerability in the Linux kernel's netfilter: nf_tables component can be exploited to achieve local privilege escalation. The nft_setelem_catchall_deactivate() function checks whether the catch-all set element is active in the current generation instead of the

  • CVE-2024-0565Jan 15, 2024
    affected < 13-150400.2.1fixed 13-150400.2.1

    An out-of-bounds memory read flaw was found in receive_encrypted_standard in fs/smb/client/smb2ops.c in the SMB Client sub-component in the Linux Kernel. This issue occurs due to integer underflow on the memcpy length, leading to a denial of service.

  • CVE-2023-51780Dec 25, 2023
    affected < 11-150400.2.1fixed 11-150400.2.1

    An issue was discovered in the Linux kernel before 6.6.8. do_vcc_ioctl in net/atm/ioctl.c has a use-after-free because of a vcc_recvmsg race condition.

  • CVE-2023-39198Nov 9, 2023
    affected < 11-150400.2.1fixed 11-150400.2.1

    A race condition was found in the QXL driver in the Linux kernel. The qxl_mode_dumb_create() function dereferences the qobj returned by the qxl_gem_object_create_with_handle(), but the handle is the only one holding a reference to it. This flaw allows an attacker to guess the ret

  • CVE-2023-42753Sep 25, 2023
    affected < 13-150400.2.1fixed 13-150400.2.1

    An array indexing vulnerability was found in the netfilter subsystem of the Linux kernel. A missing macro could lead to a miscalculation of the `h->nets` array offset, providing attackers with the primitive to arbitrarily increment/decrement a memory buffer out-of-bound. This iss

  • CVE-2023-4921Sep 12, 2023
    affected < 11-150400.2.1fixed 11-150400.2.1

    A use-after-free vulnerability in the Linux kernel's net/sched: sch_qfq component can be exploited to achieve local privilege escalation. When the plug qdisc is used as a class of the qfq qdisc, sending network packets triggers use-after-free in qfq_dequeue() due to the incorrec

  • CVE-2023-35788Jun 16, 2023
    affected < 5-150400.2.1fixed 5-150400.2.1

    An issue was discovered in fl_set_geneve_opt in net/sched/cls_flower.c in the Linux kernel before 6.3.7. It allows an out-of-bounds write in the flower classifier code via TCA_FLOWER_KEY_ENC_OPTS_GENEVE packets. This may result in denial of service or privilege escalation.

  • CVE-2023-2002May 26, 2023
    affected < 5-150400.2.1fixed 5-150400.2.1

    A vulnerability was found in the HCI sockets implementation due to a missing capability check in net/bluetooth/hci_sock.c in the Linux Kernel. This flaw allows an attacker to unauthorized execution of management commands, compromising the confidentiality, integrity, and availabil

  • CVE-2023-2235May 1, 2023
    affected < 5-150400.2.1fixed 5-150400.2.1

    A use-after-free vulnerability in the Linux Kernel Performance Events system can be exploited to achieve local privilege escalation. The perf_group_detach function did not check the event's siblings' attach_state before calling add_event_to_groups(), but remove_on_exec made it p

  • CVE-2023-31436Apr 28, 2023
    affected < 4-150400.2.2fixed 4-150400.2.2

    qfq_change_class in net/sched/sch_qfq.c in the Linux kernel before 6.2.13 allows an out-of-bounds write because lmax can exceed QFQ_MIN_LMAX.

  • CVE-2023-0045Apr 25, 2023
    affected < 1-150400.9.3.7fixed 1-150400.9.3.7

    The current implementation of the prctl syscall does not issue an IBPB immediately during the syscall. The ib_prctl_set  function updates the Thread Information Flags (TIFs) for the task and updates the SPEC_CTRL MSR on the function __speculation_ctrl_update, but the IBPB is only

  • CVE-2023-28328Apr 19, 2023
    affected < 1-150400.9.3.7fixed 1-150400.9.3.7

    A NULL pointer dereference flaw was found in the az6027 driver in drivers/media/usb/dev-usb/az6027.c in the Linux Kernel. The message from user space is not checked properly before transferring into the device. This flaw allows a local user to crash the system or potentially caus

  • CVE-2023-2162Apr 19, 2023
    affected < 3-150400.2.3fixed 3-150400.2.3

    A use-after-free vulnerability was found in iscsi_sw_tcp_session_create in drivers/scsi/iscsi_tcp.c in SCSI sub-component in the Linux Kernel. In this flaw an attacker could leak kernel internal information.

  • CVE-2023-1989Apr 11, 2023
    affected < 3-150400.2.3fixed 3-150400.2.3

    A use-after-free flaw was found in btsdio_remove in drivers\bluetooth\btsdio.c in the Linux Kernel. In this flaw, a call to btsdio_remove with an unfinished job, may cause a race problem leading to a UAF on hdev devices.

  • CVE-2023-28464Mar 31, 2023
    affected < 3-150400.2.3fixed 3-150400.2.3

    hci_conn_cleanup in net/bluetooth/hci_conn.c in the Linux kernel through 6.2.9 has a use-after-free (observed in hci_conn_hash_flush) because of calls to hci_dev_put and hci_conn_put. There is a double free that may lead to privilege escalation.

  • CVE-2023-1652HigMar 29, 2023
    affected < 2-150400.2.2fixed 2-150400.2.2

    A use-after-free flaw was found in nfsd4_ssc_setup_dul in fs/nfsd/nfs4proc.c in the NFS filesystem in the Linux Kernel. This issue could allow a local attacker to crash the system or it may lead to a kernel information leak problem.

  • CVE-2023-1078Mar 27, 2023
    affected < 1-150400.9.3.7fixed 1-150400.9.3.7

    A flaw was found in the Linux Kernel in RDS (Reliable Datagram Sockets) protocol. The rds_rm_zerocopy_callback() uses list_entry() on the head of a list causing a type confusion. Local user can trigger this with rds_message_put(). Type confusion leads to `struct rds_msg_zcopy_inf

  • CVE-2023-1076Mar 27, 2023
    affected < 1-150400.9.3.7fixed 1-150400.9.3.7

    A flaw was found in the Linux Kernel. The tun/tap sockets have their socket UID hardcoded to 0 due to a type confusion in their initialization function. While it will be often correct, as tuntap devices require CAP_NET_ADMIN, it may not always be the case, e.g., a non-root user o

  • CVE-2023-1075Mar 27, 2023
    affected < 1-150400.9.3.7fixed 1-150400.9.3.7

    A flaw was found in the Linux Kernel. The tls_is_tx_ready() incorrectly checks for list emptiness, potentially accessing a type confused entry to the list_head, leaking the last byte of the confused field that overlaps with rec->tx_ready.

Page 1 of 2