rpm package
suse/kernel-livepatch-SLE15-SP4_Update_11&distro=SUSE Linux Enterprise Live Patching 15 SP4
pkg:rpm/suse/kernel-livepatch-SLE15-SP4_Update_11&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2015%20SP4
Vulnerabilities (32)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2022-4744 | — | < 1-150400.9.3.2 | 1-150400.9.3.2 | Mar 30, 2023 | A double-free flaw was found in the Linux kernel’s TUN/TAP device driver functionality in how a user registers the device when the register_netdevice function fails (NETDEV_REGISTER notifier). This flaw allows a local user to crash or potentially escalate their privileges on the | ||
| CVE-2023-1652 | Hig | 7.1 | < 1-150400.9.3.2 | 1-150400.9.3.2 | Mar 29, 2023 | A use-after-free flaw was found in nfsd4_ssc_setup_dul in fs/nfsd/nfs4proc.c in the NFS filesystem in the Linux Kernel. This issue could allow a local attacker to crash the system or it may lead to a kernel information leak problem. | |
| CVE-2023-1637 | — | < 1-150400.9.3.2 | 1-150400.9.3.2 | Mar 27, 2023 | A flaw that boot CPU could be vulnerable for the speculative execution behavior kind of attacks in the Linux kernel X86 CPU Power management options functionality was found in the way user resuming CPU from suspend-to-RAM. A local user could use this flaw to potentially get unaut | ||
| CVE-2023-1077 | — | < 5-150400.2.1 | 5-150400.2.1 | Mar 27, 2023 | In the Linux kernel, pick_next_rt_entity() may return a type confused entry, not detected by the BUG_ON condition, as the confused entry will not be NULL, but list_head.The buggy error condition would lead to a type confused entry with the list head,which would then be used as a | ||
| CVE-2023-1513 | — | < 1-150400.9.3.2 | 1-150400.9.3.2 | Mar 23, 2023 | A flaw was found in KVM. When calling the KVM_GET_DEBUGREGS ioctl, on 32-bit systems, there might be some uninitialized portions of the kvm_debugregs structure that could be copied to userspace, causing an information leak. | ||
| CVE-2023-1281 | — | < 1-150400.9.3.2 | 1-150400.9.3.2 | Mar 22, 2023 | Use After Free vulnerability in Linux kernel traffic control index filter (tcindex) allows Privilege Escalation. The imperfect hash area can be updated while packets are traversing, which will cause a use-after-free when 'tcf_exts_exec()' is called with the destroyed tcf_ext. A l | ||
| CVE-2023-0386 | — | KEV | < 2-150400.2.3 | 2-150400.2.3 | Mar 22, 2023 | A flaw was found in the Linux kernel, where unauthorized access to the execution of the setuid file with capabilities was found in the Linux kernel’s OverlayFS subsystem in how a user copies a capable file from a nosuid mount into another mount. This uid mapping bug allows a loca | |
| CVE-2023-28466 | — | < 1-150400.9.3.2 | 1-150400.9.3.2 | Mar 15, 2023 | do_tls_getsockopt in net/tls/tls_main.c in the Linux kernel through 6.2.6 lacks a lock_sock call, leading to a race condition (with a resultant use-after-free or NULL pointer dereference). | ||
| CVE-2023-23001 | — | < 1-150400.9.3.2 | 1-150400.9.3.2 | Mar 1, 2023 | In the Linux kernel before 5.16.3, drivers/scsi/ufs/ufs-mediatek.c misinterprets the regulator_get return value (expects it to be NULL in the error case, whereas it is actually an error pointer). | ||
| CVE-2023-0394 | — | < 1-150400.9.3.2 | 1-150400.9.3.2 | Jan 24, 2023 | A NULL pointer dereference flaw was found in rawv6_push_pending_frames in net/ipv6/raw.c in the network subcomponent in the Linux kernel. This flaw causes the system to crash. | ||
| CVE-2023-23454 | — | < 2-150400.2.3 | 2-150400.2.3 | Jan 12, 2023 | cbq_classify in net/sched/sch_cbq.c in the Linux kernel through 6.1.4 allows attackers to cause a denial of service (slab-out-of-bounds read) because of type confusion (non-negative numbers can sometimes indicate a TC_ACT_SHOT condition rather than valid classification results). | ||
| CVE-2017-5753 | — | < 1-150400.9.3.2 | 1-150400.9.3.2 | Jan 4, 2018 | Systems with microprocessors utilizing speculative execution and branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis. |
- CVE-2022-4744Mar 30, 2023affected < 1-150400.9.3.2fixed 1-150400.9.3.2
A double-free flaw was found in the Linux kernel’s TUN/TAP device driver functionality in how a user registers the device when the register_netdevice function fails (NETDEV_REGISTER notifier). This flaw allows a local user to crash or potentially escalate their privileges on the
- affected < 1-150400.9.3.2fixed 1-150400.9.3.2
A use-after-free flaw was found in nfsd4_ssc_setup_dul in fs/nfsd/nfs4proc.c in the NFS filesystem in the Linux Kernel. This issue could allow a local attacker to crash the system or it may lead to a kernel information leak problem.
- CVE-2023-1637Mar 27, 2023affected < 1-150400.9.3.2fixed 1-150400.9.3.2
A flaw that boot CPU could be vulnerable for the speculative execution behavior kind of attacks in the Linux kernel X86 CPU Power management options functionality was found in the way user resuming CPU from suspend-to-RAM. A local user could use this flaw to potentially get unaut
- CVE-2023-1077Mar 27, 2023affected < 5-150400.2.1fixed 5-150400.2.1
In the Linux kernel, pick_next_rt_entity() may return a type confused entry, not detected by the BUG_ON condition, as the confused entry will not be NULL, but list_head.The buggy error condition would lead to a type confused entry with the list head,which would then be used as a
- CVE-2023-1513Mar 23, 2023affected < 1-150400.9.3.2fixed 1-150400.9.3.2
A flaw was found in KVM. When calling the KVM_GET_DEBUGREGS ioctl, on 32-bit systems, there might be some uninitialized portions of the kvm_debugregs structure that could be copied to userspace, causing an information leak.
- CVE-2023-1281Mar 22, 2023affected < 1-150400.9.3.2fixed 1-150400.9.3.2
Use After Free vulnerability in Linux kernel traffic control index filter (tcindex) allows Privilege Escalation. The imperfect hash area can be updated while packets are traversing, which will cause a use-after-free when 'tcf_exts_exec()' is called with the destroyed tcf_ext. A l
- affected < 2-150400.2.3fixed 2-150400.2.3
A flaw was found in the Linux kernel, where unauthorized access to the execution of the setuid file with capabilities was found in the Linux kernel’s OverlayFS subsystem in how a user copies a capable file from a nosuid mount into another mount. This uid mapping bug allows a loca
- CVE-2023-28466Mar 15, 2023affected < 1-150400.9.3.2fixed 1-150400.9.3.2
do_tls_getsockopt in net/tls/tls_main.c in the Linux kernel through 6.2.6 lacks a lock_sock call, leading to a race condition (with a resultant use-after-free or NULL pointer dereference).
- CVE-2023-23001Mar 1, 2023affected < 1-150400.9.3.2fixed 1-150400.9.3.2
In the Linux kernel before 5.16.3, drivers/scsi/ufs/ufs-mediatek.c misinterprets the regulator_get return value (expects it to be NULL in the error case, whereas it is actually an error pointer).
- CVE-2023-0394Jan 24, 2023affected < 1-150400.9.3.2fixed 1-150400.9.3.2
A NULL pointer dereference flaw was found in rawv6_push_pending_frames in net/ipv6/raw.c in the network subcomponent in the Linux kernel. This flaw causes the system to crash.
- CVE-2023-23454Jan 12, 2023affected < 2-150400.2.3fixed 2-150400.2.3
cbq_classify in net/sched/sch_cbq.c in the Linux kernel through 6.1.4 allows attackers to cause a denial of service (slab-out-of-bounds read) because of type confusion (non-negative numbers can sometimes indicate a TC_ACT_SHOT condition rather than valid classification results).
- CVE-2017-5753Jan 4, 2018affected < 1-150400.9.3.2fixed 1-150400.9.3.2
Systems with microprocessors utilizing speculative execution and branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis.
Page 2 of 2