rpm package
suse/kernel-livepatch-SLE15-SP4_Update_2&distro=SUSE Linux Enterprise Live Patching 15 SP4
pkg:rpm/suse/kernel-livepatch-SLE15-SP4_Update_2&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2015%20SP4
Vulnerabilities (40)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2022-21505 | Med | 6.7 | < 1-150400.9.5.2 | 1-150400.9.5.2 | Dec 24, 2024 | In the linux kernel, if IMA appraisal is used with the "ima_appraise=log" boot param, lockdown can be defeated with kexec on any machine when Secure Boot is disabled or unavailable. IMA prevents setting "ima_appraise=log" from the boot param when Secure Boot is enabled, but this | |
| CVE-2022-2602 | Med | 5.3 | < 7-150400.2.1 | 7-150400.2.1 | Jan 8, 2024 | io_uring UAF, Unix SCM garbage collection | |
| CVE-2022-2588 | Med | 5.3 | < 5-150400.2.1 | 5-150400.2.1 | Jan 8, 2024 | It was discovered that the cls_route filter implementation in the Linux kernel would not remove an old filter from the hashtable before freeing it if its handle had the value 0. | |
| CVE-2022-2585 | Med | 5.3 | < 1-150400.9.5.2 | 1-150400.9.5.2 | Jan 8, 2024 | It was discovered that when exec'ing from a non-leader thread, armed POSIX CPU timers would be left on a list but freed, leading to a use-after-free. | |
| CVE-2023-35788 | Hig | 7.8 | < 13-150400.2.2 | 13-150400.2.2 | Jun 16, 2023 | An issue was discovered in fl_set_geneve_opt in net/sched/cls_flower.c in the Linux kernel before 6.3.7. It allows an out-of-bounds write in the flower classifier code via TCA_FLOWER_KEY_ENC_OPTS_GENEVE packets. This may result in denial of service or privilege escalation. | |
| CVE-2023-2002 | Med | 6.8 | < 13-150400.2.2 | 13-150400.2.2 | May 26, 2023 | A vulnerability was found in the HCI sockets implementation due to a missing capability check in net/bluetooth/hci_sock.c in the Linux Kernel. This flaw allows an attacker to unauthorized execution of management commands, compromising the confidentiality, integrity, and availabil | |
| CVE-2023-2235 | Hig | 7.8 | < 13-150400.2.2 | 13-150400.2.2 | May 1, 2023 | A use-after-free vulnerability in the Linux Kernel Performance Events system can be exploited to achieve local privilege escalation. The perf_group_detach function did not check the event's siblings' attach_state before calling add_event_to_groups(), but remove_on_exec made it p | |
| CVE-2023-31436 | Hig | 7.8 | < 12-150400.2.3 | 12-150400.2.3 | Apr 28, 2023 | qfq_change_class in net/sched/sch_qfq.c in the Linux kernel before 6.2.13 allows an out-of-bounds write because lmax can exceed QFQ_MIN_LMAX. | |
| CVE-2022-4744 | Hig | 7.8 | < 12-150400.2.3 | 12-150400.2.3 | Mar 30, 2023 | A double-free flaw was found in the Linux kernel’s TUN/TAP device driver functionality in how a user registers the device when the register_netdevice function fails (NETDEV_REGISTER notifier). This flaw allows a local user to crash or potentially escalate their privileges on the | |
| CVE-2023-1652 | Hig | 7.1 | < 10-150400.2.2 | 10-150400.2.2 | Mar 29, 2023 | A use-after-free flaw was found in nfsd4_ssc_setup_dul in fs/nfsd/nfs4proc.c in the NFS filesystem in the Linux Kernel. This issue could allow a local attacker to crash the system or it may lead to a kernel information leak problem. | |
| CVE-2023-1078 | Hig | 7.8 | < 9-150400.2.3 | 9-150400.2.3 | Mar 27, 2023 | A flaw was found in the Linux Kernel in RDS (Reliable Datagram Sockets) protocol. The rds_rm_zerocopy_callback() uses list_entry() on the head of a list causing a type confusion. Local user can trigger this with rds_message_put(). Type confusion leads to `struct rds_msg_zcopy_inf | |
| CVE-2023-0590 | Med | 4.7 | < 10-150400.2.2 | 10-150400.2.2 | Mar 23, 2023 | A use-after-free flaw was found in qdisc_graft in net/sched/sch_api.c in the Linux Kernel due to a race problem. This flaw leads to a denial of service issue. If patch ebda44da44f6 ("net: sched: fix race condition in qdisc_graft()") not applied yet, then kernel could be affected. | |
| CVE-2023-28466 | Hig | 7.0 | < 12-150400.2.3 | 12-150400.2.3 | Mar 16, 2023 | do_tls_getsockopt in net/tls/tls_main.c in the Linux kernel through 6.2.6 lacks a lock_sock call, leading to a race condition (with a resultant use-after-free or NULL pointer dereference). | |
| CVE-2022-3424 | Hig | 7.8 | < 7-150400.2.1 | 7-150400.2.1 | Mar 6, 2023 | A use-after-free flaw was found in the Linux kernel’s SGI GRU driver in the way the first gru_file_unlocked_ioctl function is called by the user, where a fail pass occurs in the gru_check_chiplet_assignment function. This flaw allows a local user to crash or potentially escalate | |
| CVE-2023-1118 | Hig | 7.8 | < 10-150400.2.2 | 10-150400.2.2 | Mar 2, 2023 | A flaw use after free in the Linux kernel integrated infrared receiver/transceiver driver was found in the way user detaching rc device. A local user could use this flaw to crash the system or potentially escalate their privileges on the system. | |
| CVE-2023-26545 | Med | 4.7 | < 9-150400.2.3 | 9-150400.2.3 | Feb 25, 2023 | In the Linux kernel before 6.1.13, there is a double free in net/mpls/af_mpls.c upon an allocation failure (for registering the sysctl table under a new location) during the renaming of a device. | |
| CVE-2023-0266 | Hig | 7.9 | KEV | < 9-150400.2.3 | 9-150400.2.3 | Jan 30, 2023 | A use after free vulnerability exists in the ALSA PCM package in the Linux Kernel. SNDRV_CTL_IOCTL_ELEM_{READ|WRITE}32 is missing locks that can be used in a use-after-free that can result in a priviledge escalation to gain ring0 access from the system user. We recommend upgradin |
| CVE-2022-4139 | Hig | 7.8 | < 6-150400.2.1 | 6-150400.2.1 | Jan 27, 2023 | An incorrect TLB flush issue was found in the Linux kernel’s GPU i915 kernel driver, potentially leading to random memory corruption or data leaks. This flaw could allow a local user to crash the system or escalate their privileges on the system. | |
| CVE-2023-23455 | Med | 5.5 | < 12-150400.2.3 | 12-150400.2.3 | Jan 12, 2023 | atm_tc_enqueue in net/sched/sch_atm.c in the Linux kernel through 6.1.4 allows attackers to cause a denial of service because of type confusion (non-negative numbers can sometimes indicate a TC_ACT_SHOT condition rather than valid classification results). | |
| CVE-2022-4379 | Hig | 7.5 | < 7-150400.2.1 | 7-150400.2.1 | Jan 10, 2023 | A use-after-free vulnerability was found in __nfs42_ssc_open() in fs/nfs/nfs4file.c in the Linux kernel. This flaw allows an attacker to conduct a remote denial |
- affected < 1-150400.9.5.2fixed 1-150400.9.5.2
In the linux kernel, if IMA appraisal is used with the "ima_appraise=log" boot param, lockdown can be defeated with kexec on any machine when Secure Boot is disabled or unavailable. IMA prevents setting "ima_appraise=log" from the boot param when Secure Boot is enabled, but this
- affected < 7-150400.2.1fixed 7-150400.2.1
io_uring UAF, Unix SCM garbage collection
- affected < 5-150400.2.1fixed 5-150400.2.1
It was discovered that the cls_route filter implementation in the Linux kernel would not remove an old filter from the hashtable before freeing it if its handle had the value 0.
- affected < 1-150400.9.5.2fixed 1-150400.9.5.2
It was discovered that when exec'ing from a non-leader thread, armed POSIX CPU timers would be left on a list but freed, leading to a use-after-free.
- affected < 13-150400.2.2fixed 13-150400.2.2
An issue was discovered in fl_set_geneve_opt in net/sched/cls_flower.c in the Linux kernel before 6.3.7. It allows an out-of-bounds write in the flower classifier code via TCA_FLOWER_KEY_ENC_OPTS_GENEVE packets. This may result in denial of service or privilege escalation.
- affected < 13-150400.2.2fixed 13-150400.2.2
A vulnerability was found in the HCI sockets implementation due to a missing capability check in net/bluetooth/hci_sock.c in the Linux Kernel. This flaw allows an attacker to unauthorized execution of management commands, compromising the confidentiality, integrity, and availabil
- affected < 13-150400.2.2fixed 13-150400.2.2
A use-after-free vulnerability in the Linux Kernel Performance Events system can be exploited to achieve local privilege escalation. The perf_group_detach function did not check the event's siblings' attach_state before calling add_event_to_groups(), but remove_on_exec made it p
- affected < 12-150400.2.3fixed 12-150400.2.3
qfq_change_class in net/sched/sch_qfq.c in the Linux kernel before 6.2.13 allows an out-of-bounds write because lmax can exceed QFQ_MIN_LMAX.
- affected < 12-150400.2.3fixed 12-150400.2.3
A double-free flaw was found in the Linux kernel’s TUN/TAP device driver functionality in how a user registers the device when the register_netdevice function fails (NETDEV_REGISTER notifier). This flaw allows a local user to crash or potentially escalate their privileges on the
- affected < 10-150400.2.2fixed 10-150400.2.2
A use-after-free flaw was found in nfsd4_ssc_setup_dul in fs/nfsd/nfs4proc.c in the NFS filesystem in the Linux Kernel. This issue could allow a local attacker to crash the system or it may lead to a kernel information leak problem.
- affected < 9-150400.2.3fixed 9-150400.2.3
A flaw was found in the Linux Kernel in RDS (Reliable Datagram Sockets) protocol. The rds_rm_zerocopy_callback() uses list_entry() on the head of a list causing a type confusion. Local user can trigger this with rds_message_put(). Type confusion leads to `struct rds_msg_zcopy_inf
- affected < 10-150400.2.2fixed 10-150400.2.2
A use-after-free flaw was found in qdisc_graft in net/sched/sch_api.c in the Linux Kernel due to a race problem. This flaw leads to a denial of service issue. If patch ebda44da44f6 ("net: sched: fix race condition in qdisc_graft()") not applied yet, then kernel could be affected.
- affected < 12-150400.2.3fixed 12-150400.2.3
do_tls_getsockopt in net/tls/tls_main.c in the Linux kernel through 6.2.6 lacks a lock_sock call, leading to a race condition (with a resultant use-after-free or NULL pointer dereference).
- affected < 7-150400.2.1fixed 7-150400.2.1
A use-after-free flaw was found in the Linux kernel’s SGI GRU driver in the way the first gru_file_unlocked_ioctl function is called by the user, where a fail pass occurs in the gru_check_chiplet_assignment function. This flaw allows a local user to crash or potentially escalate
- affected < 10-150400.2.2fixed 10-150400.2.2
A flaw use after free in the Linux kernel integrated infrared receiver/transceiver driver was found in the way user detaching rc device. A local user could use this flaw to crash the system or potentially escalate their privileges on the system.
- affected < 9-150400.2.3fixed 9-150400.2.3
In the Linux kernel before 6.1.13, there is a double free in net/mpls/af_mpls.c upon an allocation failure (for registering the sysctl table under a new location) during the renaming of a device.
- affected < 9-150400.2.3fixed 9-150400.2.3
A use after free vulnerability exists in the ALSA PCM package in the Linux Kernel. SNDRV_CTL_IOCTL_ELEM_{READ|WRITE}32 is missing locks that can be used in a use-after-free that can result in a priviledge escalation to gain ring0 access from the system user. We recommend upgradin
- affected < 6-150400.2.1fixed 6-150400.2.1
An incorrect TLB flush issue was found in the Linux kernel’s GPU i915 kernel driver, potentially leading to random memory corruption or data leaks. This flaw could allow a local user to crash the system or escalate their privileges on the system.
- affected < 12-150400.2.3fixed 12-150400.2.3
atm_tc_enqueue in net/sched/sch_atm.c in the Linux kernel through 6.1.4 allows attackers to cause a denial of service because of type confusion (non-negative numbers can sometimes indicate a TC_ACT_SHOT condition rather than valid classification results).
- affected < 7-150400.2.1fixed 7-150400.2.1
A use-after-free vulnerability was found in __nfs42_ssc_open() in fs/nfs/nfs4file.c in the Linux kernel. This flaw allows an attacker to conduct a remote denial
Page 1 of 2