rpm package
suse/kernel-livepatch-SLE15-SP4_Update_26&distro=SUSE Linux Enterprise Live Patching 15 SP4
pkg:rpm/suse/kernel-livepatch-SLE15-SP4_Update_26&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2015%20SP4
Vulnerabilities (127)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2024-22099 | Med | 6.3 | < 1-150400.9.3.1 | 1-150400.9.3.1 | Jan 25, 2024 | NULL Pointer Dereference vulnerability in Linux Linux kernel kernel on Linux, x86, ARM (net, bluetooth modules) allows Overflow Buffers. This vulnerability is associated with program files /net/bluetooth/rfcomm/core.C. This issue affects Linux kernel: v2.6.12-rc2. | |
| CVE-2024-23848 | Med | 5.5 | < 1-150400.9.3.1 | 1-150400.9.3.1 | Jan 23, 2024 | In the Linux kernel through 6.7.1, there is a use-after-free in cec_queue_msg_fh, related to drivers/media/cec/core/cec-adap.c and drivers/media/cec/core/cec-api.c. | |
| CVE-2024-23850 | — | < 1-150400.9.3.1 | 1-150400.9.3.1 | Jan 23, 2024 | In btrfs_get_root_ref in fs/btrfs/disk-io.c in the Linux kernel through 6.7.1, there can be an assertion failure and crash because a subvolume can be read out too soon after its root item is inserted upon subvolume creation. | ||
| CVE-2023-6270 | — | < 1-150400.9.3.1 | 1-150400.9.3.1 | Jan 4, 2024 | A flaw was found in the ATA over Ethernet (AoE) driver in the Linux kernel. The aoecmd_cfg_pkts() function improperly updates the refcnt on `struct net_device`, and a use-after-free can be triggered by racing between the free on the struct and the access through the `skbtxq` glob | ||
| CVE-2023-7192 | — | < 1-150400.9.3.1 | 1-150400.9.3.1 | Jan 2, 2024 | A memory leak problem was found in ctnetlink_create_conntrack in net/netfilter/nf_conntrack_netlink.c in the Linux Kernel. This issue may allow a local attacker with CAP_NET_ADMIN privileges to cause a denial of service (DoS) attack due to a refcount overflow. | ||
| CVE-2023-7042 | — | < 1-150400.9.3.1 | 1-150400.9.3.1 | Dec 21, 2023 | A null pointer dereference vulnerability was found in ath10k_wmi_tlv_op_pull_mgmt_tx_compl_ev() in drivers/net/wireless/ath/ath10k/wmi-tlv.c in the Linux kernel. This issue could be exploited to trigger a denial of service. | ||
| CVE-2023-0160 | — | < 1-150400.9.3.1 | 1-150400.9.3.1 | Jul 18, 2023 | A deadlock flaw was found in the Linux kernel’s BPF subsystem. This flaw allows a local user to potentially crash the system. |
- affected < 1-150400.9.3.1fixed 1-150400.9.3.1
NULL Pointer Dereference vulnerability in Linux Linux kernel kernel on Linux, x86, ARM (net, bluetooth modules) allows Overflow Buffers. This vulnerability is associated with program files /net/bluetooth/rfcomm/core.C. This issue affects Linux kernel: v2.6.12-rc2.
- affected < 1-150400.9.3.1fixed 1-150400.9.3.1
In the Linux kernel through 6.7.1, there is a use-after-free in cec_queue_msg_fh, related to drivers/media/cec/core/cec-adap.c and drivers/media/cec/core/cec-api.c.
- CVE-2024-23850Jan 23, 2024affected < 1-150400.9.3.1fixed 1-150400.9.3.1
In btrfs_get_root_ref in fs/btrfs/disk-io.c in the Linux kernel through 6.7.1, there can be an assertion failure and crash because a subvolume can be read out too soon after its root item is inserted upon subvolume creation.
- CVE-2023-6270Jan 4, 2024affected < 1-150400.9.3.1fixed 1-150400.9.3.1
A flaw was found in the ATA over Ethernet (AoE) driver in the Linux kernel. The aoecmd_cfg_pkts() function improperly updates the refcnt on `struct net_device`, and a use-after-free can be triggered by racing between the free on the struct and the access through the `skbtxq` glob
- CVE-2023-7192Jan 2, 2024affected < 1-150400.9.3.1fixed 1-150400.9.3.1
A memory leak problem was found in ctnetlink_create_conntrack in net/netfilter/nf_conntrack_netlink.c in the Linux Kernel. This issue may allow a local attacker with CAP_NET_ADMIN privileges to cause a denial of service (DoS) attack due to a refcount overflow.
- CVE-2023-7042Dec 21, 2023affected < 1-150400.9.3.1fixed 1-150400.9.3.1
A null pointer dereference vulnerability was found in ath10k_wmi_tlv_op_pull_mgmt_tx_compl_ev() in drivers/net/wireless/ath/ath10k/wmi-tlv.c in the Linux kernel. This issue could be exploited to trigger a denial of service.
- CVE-2023-0160Jul 18, 2023affected < 1-150400.9.3.1fixed 1-150400.9.3.1
A deadlock flaw was found in the Linux kernel’s BPF subsystem. This flaw allows a local user to potentially crash the system.
Page 7 of 7