VYPR

rpm package

suse/kernel-livepatch-SLE15-SP4_Update_23&distro=SUSE Linux Enterprise Live Patching 15 SP4

pkg:rpm/suse/kernel-livepatch-SLE15-SP4_Update_23&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2015%20SP4

Vulnerabilities (58)

  • CVE-2024-1086KEVJan 31, 2024
    affected < 1-150400.9.5.1fixed 1-150400.9.5.1

    A use-after-free vulnerability in the Linux kernel's netfilter: nf_tables component can be exploited to achieve local privilege escalation. The nft_verdict_init() function allows positive values as drop error within the hook verdict, and hence the nf_hook_slow() function can cau

  • CVE-2024-1085Jan 31, 2024
    affected < 1-150400.9.5.1fixed 1-150400.9.5.1

    A use-after-free vulnerability in the Linux kernel's netfilter: nf_tables component can be exploited to achieve local privilege escalation. The nft_setelem_catchall_deactivate() function checks whether the catch-all set element is active in the current generation instead of the

  • CVE-2023-46838Jan 29, 2024
    affected < 1-150400.9.5.1fixed 1-150400.9.5.1

    Transmit requests in Xen's virtual network protocol can consist of multiple parts. While not really useful, except for the initial part any of them may be of zero length, i.e. carry no data at all. Besides a certain initial portion of the to be transferred data, these parts are

  • CVE-2024-23307MedJan 25, 2024
    affected < 6-150400.9.8.1fixed 6-150400.9.8.1

    Integer Overflow or Wraparound vulnerability in Linux Linux kernel kernel on Linux, x86, ARM (md, raid, raid5 modules) allows Forced Integer Overflow.

  • CVE-2023-51043Jan 23, 2024
    affected < 1-150400.9.5.1fixed 1-150400.9.5.1

    In the Linux kernel before 6.4.5, drivers/gpu/drm/drm_atomic.c has a use-after-free during a race condition between a nonblocking atomic commit and a driver unload.

  • CVE-2023-51042Jan 23, 2024
    affected < 1-150400.9.5.1fixed 1-150400.9.5.1

    In the Linux kernel before 6.4.12, amdgpu_cs_wait_all_fences in drivers/gpu/drm/amd/amdgpu/amdgpu_cs.c has a fence use-after-free.

  • CVE-2024-0775Jan 22, 2024
    affected < 1-150400.9.5.1fixed 1-150400.9.5.1

    A use-after-free flaw was found in the __ext4_remount in fs/ext4/super.c in ext4 in the Linux kernel. This flaw allows a local user to cause an information leak problem while freeing the old quota file names before a potential failure, leading to a use-after-free.

  • CVE-2021-33631Jan 18, 2024
    affected < 1-150400.9.5.1fixed 1-150400.9.5.1

    Integer Overflow or Wraparound vulnerability in openEuler kernel on Linux (filesystem modules) allows Forced Integer Overflow.This issue affects openEuler kernel: from 4.19.90 before 4.19.90-2401.3, from 5.10.0-60.18.0 before 5.10.0-183.0.0.

  • CVE-2024-0641Jan 17, 2024
    affected < 1-150400.9.5.1fixed 1-150400.9.5.1

    A denial of service vulnerability was found in tipc_crypto_key_revoke in net/tipc/crypto.c in the Linux kernel’s TIPC subsystem. This flaw allows guests with local user privileges to trigger a deadlock and potentially crash the system.

  • CVE-2024-0565Jan 15, 2024
    affected < 1-150400.9.5.1fixed 1-150400.9.5.1

    An out-of-bounds memory read flaw was found in receive_encrypted_standard in fs/smb/client/smb2ops.c in the SMB Client sub-component in the Linux Kernel. This issue occurs due to integer underflow on the memcpy length, leading to a denial of service.

  • CVE-2023-6915Jan 15, 2024
    affected < 1-150400.9.5.1fixed 1-150400.9.5.1

    A Null pointer dereference problem was found in ida_free in lib/idr.c in the Linux Kernel. This issue may allow an attacker using this library to cause a denial of service problem due to a missing check at a function return.

  • CVE-2023-6040Jan 12, 2024
    affected < 1-150400.9.5.1fixed 1-150400.9.5.1

    An out-of-bounds access vulnerability involving netfilter was reported and fixed as: f1082dd31fe4 (netfilter: nf_tables: Reject tables of unsupported family); While creating a new netfilter table, lack of a safeguard against invalid nf_tables family (pf) values within `nf_tables_

  • CVE-2024-0340Jan 9, 2024
    affected < 1-150400.9.5.1fixed 1-150400.9.5.1

    A vulnerability was found in vhost_new_msg in drivers/vhost/vhost.c in the Linux kernel, which does not properly initialize memory in messages passed between virtual guests and the host operating system in the vhost/vhost.c:vhost_new_msg() function. This issue can allow local pri

  • CVE-2023-51782Dec 25, 2023
    affected < 1-150400.9.5.1fixed 1-150400.9.5.1

    An issue was discovered in the Linux kernel before 6.6.8. rose_ioctl in net/rose/af_rose.c has a use-after-free because of a rose_accept race condition.

  • CVE-2023-51780Dec 25, 2023
    affected < 1-150400.9.5.1fixed 1-150400.9.5.1

    An issue was discovered in the Linux kernel before 6.6.8. do_vcc_ioctl in net/atm/ioctl.c has a use-after-free because of a vcc_recvmsg race condition.

  • CVE-2023-6546Dec 21, 2023
    affected < 4-150400.9.8.1fixed 4-150400.9.8.1

    A race condition was found in the GSM 0710 tty multiplexor in the Linux kernel. This issue occurs when two threads execute the GSMIOC_SETCONF ioctl on the same tty file descriptor with the gsm line discipline enabled, and can lead to a use-after-free problem on a struct gsm_dlci

  • CVE-2023-47233MedNov 3, 2023
    affected < 1-150400.9.5.1fixed 1-150400.9.5.1

    The brcm80211 component in the Linux kernel through 6.5.10 has a brcmf_cfg80211_detach use-after-free in the device unplugging (disconnect the USB by hotplug) code. For physically proximate attackers with local access, this "could be exploited in a real world scenario." This is r

  • CVE-2023-4921Sep 12, 2023
    affected < 1-150400.9.5.1fixed 1-150400.9.5.1

    A use-after-free vulnerability in the Linux kernel's net/sched: sch_qfq component can be exploited to achieve local privilege escalation. When the plug qdisc is used as a class of the qfq qdisc, sending network packets triggers use-after-free in qfq_dequeue() due to the incorrec

Page 3 of 3