rpm package

suse/kernel-livepatch-SLE15-SP4_Update_3&distro=SUSE Linux Enterprise Live Patching 15 SP4

pkg:rpm/suse/kernel-livepatch-SLE15-SP4_Update_3&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2015%20SP4

Vulnerabilities (59)

CVE	Sev	CVSS	KEV	Affected versions	Fixed in	Published	Description
CVE-2022-28693	Med	4.7		< 1-150400.9.3.2	1-150400.9.3.2	Feb 14, 2025	Unprotected alternative channel of return branch target prediction in some Intel(R) Processors may allow an authorized user to potentially enable information disclosure via local access.
CVE-2022-2602		—		< 6-150400.2.1	6-150400.2.1	Jan 8, 2024	io_uring UAF, Unix SCM garbage collection
CVE-2022-2588		—		< 1-150400.9.3.2	1-150400.9.3.2	Jan 8, 2024	It was discovered that the cls_route filter implementation in the Linux kernel would not remove an old filter from the hashtable before freeing it if its handle had the value 0.
CVE-2023-4273		—		< 14-150400.2.2	14-150400.2.2	Aug 9, 2023	A flaw was found in the exFAT driver of the Linux kernel. The vulnerability exists in the implementation of the file name reconstruction function, which is responsible for reading file name entries from a directory index and merging file name parts belonging to one file into a si
CVE-2023-3812		—		< 14-150400.2.2	14-150400.2.2	Jul 24, 2023	An out-of-bounds memory access flaw was found in the Linux kernel’s TUN/TAP device driver functionality in how a user generates a malicious (too big) networking packet when napi frags is enabled. This flaw allows a local user to crash or potentially escalate their privileges on t
CVE-2023-3776		—		< 14-150400.2.2	14-150400.2.2	Jul 21, 2023	A use-after-free vulnerability in the Linux kernel's net/sched: cls_fw component can be exploited to achieve local privilege escalation. If tcf_change_indev() fails, fw_set_parms() will immediately return an error after incrementing or decrementing the reference counter in tcf_b
CVE-2023-3609		—		< 14-150400.2.2	14-150400.2.2	Jul 21, 2023	A use-after-free vulnerability in the Linux kernel's net/sched: cls_u32 component can be exploited to achieve local privilege escalation. If tcf_change_indev() fails, u32_set_parms() will immediately return an error after incrementing or decrementing the reference counter in tcf
CVE-2023-31248		—		< 14-150400.2.2	14-150400.2.2	Jul 5, 2023	Linux Kernel nftables Use-After-Free Local Privilege Escalation Vulnerability; `nft_chain_lookup_byid()` failed to check whether a chain was active and CAP_NET_ADMIN is in any user or network namespace
CVE-2023-35788		—		< 12-150400.2.2	12-150400.2.2	Jun 16, 2023	An issue was discovered in fl_set_geneve_opt in net/sched/cls_flower.c in the Linux kernel before 6.3.7. It allows an out-of-bounds write in the flower classifier code via TCA_FLOWER_KEY_ENC_OPTS_GENEVE packets. This may result in denial of service or privilege escalation.
CVE-2023-2002		—		< 12-150400.2.2	12-150400.2.2	May 26, 2023	A vulnerability was found in the HCI sockets implementation due to a missing capability check in net/bluetooth/hci_sock.c in the Linux Kernel. This flaw allows an attacker to unauthorized execution of management commands, compromising the confidentiality, integrity, and availabil
CVE-2023-2235		—		< 12-150400.2.2	12-150400.2.2	May 1, 2023	A use-after-free vulnerability in the Linux Kernel Performance Events system can be exploited to achieve local privilege escalation. The perf_group_detach function did not check the event's siblings' attach_state before calling add_event_to_groups(), but remove_on_exec made it p
CVE-2023-31436		—		< 11-150400.2.3	11-150400.2.3	Apr 28, 2023	qfq_change_class in net/sched/sch_qfq.c in the Linux kernel before 6.2.13 allows an out-of-bounds write because lmax can exceed QFQ_MIN_LMAX.
CVE-2023-2162		—		< 10-150400.2.3	10-150400.2.3	Apr 19, 2023	A use-after-free vulnerability was found in iscsi_sw_tcp_session_create in drivers/scsi/iscsi_tcp.c in SCSI sub-component in the Linux Kernel. In this flaw an attacker could leak kernel internal information.
CVE-2023-1829		—		< 14-150400.2.2	14-150400.2.2	Apr 12, 2023	A use-after-free vulnerability in the Linux Kernel traffic control index filter (tcindex) can be exploited to achieve local privilege escalation. The tcindex_delete function which does not properly deactivate filters in case of a perfect hashes while deleting the underlying struc
CVE-2023-1989		—		< 10-150400.2.3	10-150400.2.3	Apr 11, 2023	A use-after-free flaw was found in btsdio_remove in drivers\bluetooth\btsdio.c in the Linux Kernel. In this flaw, a call to btsdio_remove with an unfinished job, may cause a race problem leading to a UAF on hdev devices.
CVE-2023-28464		—		< 10-150400.2.3	10-150400.2.3	Mar 31, 2023	hci_conn_cleanup in net/bluetooth/hci_conn.c in the Linux kernel through 6.2.9 has a use-after-free (observed in hci_conn_hash_flush) because of calls to hci_dev_put and hci_conn_put. There is a double free that may lead to privilege escalation.
CVE-2023-1281		—		< 10-150400.2.3	10-150400.2.3	Mar 22, 2023	Use After Free vulnerability in Linux kernel traffic control index filter (tcindex) allows Privilege Escalation. The imperfect hash area can be updated while packets are traversing, which will cause a use-after-free when 'tcf_exts_exec()' is called with the destroyed tcf_ext. A l
CVE-2023-0386		—	KEV	< 10-150400.2.3	10-150400.2.3	Mar 22, 2023	A flaw was found in the Linux kernel, where unauthorized access to the execution of the setuid file with capabilities was found in the Linux kernel’s OverlayFS subsystem in how a user copies a capable file from a nosuid mount into another mount. This uid mapping bug allows a loca
CVE-2023-28466		—		< 11-150400.2.3	11-150400.2.3	Mar 15, 2023	do_tls_getsockopt in net/tls/tls_main.c in the Linux kernel through 6.2.6 lacks a lock_sock call, leading to a race condition (with a resultant use-after-free or NULL pointer dereference).
CVE-2022-3424		—		< 6-150400.2.1	6-150400.2.1	Mar 6, 2023	A use-after-free flaw was found in the Linux kernel’s SGI GRU driver in the way the first gru_file_unlocked_ioctl function is called by the user, where a fail pass occurs in the gru_check_chiplet_assignment function. This flaw allows a local user to crash or potentially escalate

CVE-2022-28693MedFeb 14, 2025
affected < 1-150400.9.3.2fixed 1-150400.9.3.2
Unprotected alternative channel of return branch target prediction in some Intel(R) Processors may allow an authorized user to potentially enable information disclosure via local access.
CVE-2022-2602Jan 8, 2024
affected < 6-150400.2.1fixed 6-150400.2.1
io_uring UAF, Unix SCM garbage collection
CVE-2022-2588Jan 8, 2024
affected < 1-150400.9.3.2fixed 1-150400.9.3.2
It was discovered that the cls_route filter implementation in the Linux kernel would not remove an old filter from the hashtable before freeing it if its handle had the value 0.
CVE-2023-4273Aug 9, 2023
affected < 14-150400.2.2fixed 14-150400.2.2
A flaw was found in the exFAT driver of the Linux kernel. The vulnerability exists in the implementation of the file name reconstruction function, which is responsible for reading file name entries from a directory index and merging file name parts belonging to one file into a si
CVE-2023-3812Jul 24, 2023
affected < 14-150400.2.2fixed 14-150400.2.2
An out-of-bounds memory access flaw was found in the Linux kernel’s TUN/TAP device driver functionality in how a user generates a malicious (too big) networking packet when napi frags is enabled. This flaw allows a local user to crash or potentially escalate their privileges on t
CVE-2023-3776Jul 21, 2023
affected < 14-150400.2.2fixed 14-150400.2.2
A use-after-free vulnerability in the Linux kernel's net/sched: cls_fw component can be exploited to achieve local privilege escalation. If tcf_change_indev() fails, fw_set_parms() will immediately return an error after incrementing or decrementing the reference counter in tcf_b
CVE-2023-3609Jul 21, 2023
affected < 14-150400.2.2fixed 14-150400.2.2
A use-after-free vulnerability in the Linux kernel's net/sched: cls_u32 component can be exploited to achieve local privilege escalation. If tcf_change_indev() fails, u32_set_parms() will immediately return an error after incrementing or decrementing the reference counter in tcf
CVE-2023-31248Jul 5, 2023
affected < 14-150400.2.2fixed 14-150400.2.2
Linux Kernel nftables Use-After-Free Local Privilege Escalation Vulnerability; `nft_chain_lookup_byid()` failed to check whether a chain was active and CAP_NET_ADMIN is in any user or network namespace
CVE-2023-35788Jun 16, 2023
affected < 12-150400.2.2fixed 12-150400.2.2
An issue was discovered in fl_set_geneve_opt in net/sched/cls_flower.c in the Linux kernel before 6.3.7. It allows an out-of-bounds write in the flower classifier code via TCA_FLOWER_KEY_ENC_OPTS_GENEVE packets. This may result in denial of service or privilege escalation.
CVE-2023-2002May 26, 2023
affected < 12-150400.2.2fixed 12-150400.2.2
A vulnerability was found in the HCI sockets implementation due to a missing capability check in net/bluetooth/hci_sock.c in the Linux Kernel. This flaw allows an attacker to unauthorized execution of management commands, compromising the confidentiality, integrity, and availabil
CVE-2023-2235May 1, 2023
affected < 12-150400.2.2fixed 12-150400.2.2
A use-after-free vulnerability in the Linux Kernel Performance Events system can be exploited to achieve local privilege escalation. The perf_group_detach function did not check the event's siblings' attach_state before calling add_event_to_groups(), but remove_on_exec made it p
CVE-2023-31436Apr 28, 2023
affected < 11-150400.2.3fixed 11-150400.2.3
qfq_change_class in net/sched/sch_qfq.c in the Linux kernel before 6.2.13 allows an out-of-bounds write because lmax can exceed QFQ_MIN_LMAX.
CVE-2023-2162Apr 19, 2023
affected < 10-150400.2.3fixed 10-150400.2.3
A use-after-free vulnerability was found in iscsi_sw_tcp_session_create in drivers/scsi/iscsi_tcp.c in SCSI sub-component in the Linux Kernel. In this flaw an attacker could leak kernel internal information.
CVE-2023-1829Apr 12, 2023
affected < 14-150400.2.2fixed 14-150400.2.2
A use-after-free vulnerability in the Linux Kernel traffic control index filter (tcindex) can be exploited to achieve local privilege escalation. The tcindex_delete function which does not properly deactivate filters in case of a perfect hashes while deleting the underlying struc
CVE-2023-1989Apr 11, 2023
affected < 10-150400.2.3fixed 10-150400.2.3
A use-after-free flaw was found in btsdio_remove in drivers\bluetooth\btsdio.c in the Linux Kernel. In this flaw, a call to btsdio_remove with an unfinished job, may cause a race problem leading to a UAF on hdev devices.
CVE-2023-28464Mar 31, 2023
affected < 10-150400.2.3fixed 10-150400.2.3
hci_conn_cleanup in net/bluetooth/hci_conn.c in the Linux kernel through 6.2.9 has a use-after-free (observed in hci_conn_hash_flush) because of calls to hci_dev_put and hci_conn_put. There is a double free that may lead to privilege escalation.
CVE-2023-1281Mar 22, 2023
affected < 10-150400.2.3fixed 10-150400.2.3
Use After Free vulnerability in Linux kernel traffic control index filter (tcindex) allows Privilege Escalation. The imperfect hash area can be updated while packets are traversing, which will cause a use-after-free when 'tcf_exts_exec()' is called with the destroyed tcf_ext. A l
CVE-2023-0386KEVMar 22, 2023
affected < 10-150400.2.3fixed 10-150400.2.3
A flaw was found in the Linux kernel, where unauthorized access to the execution of the setuid file with capabilities was found in the Linux kernel’s OverlayFS subsystem in how a user copies a capable file from a nosuid mount into another mount. This uid mapping bug allows a loca
CVE-2023-28466Mar 15, 2023
affected < 11-150400.2.3fixed 11-150400.2.3
do_tls_getsockopt in net/tls/tls_main.c in the Linux kernel through 6.2.6 lacks a lock_sock call, leading to a race condition (with a resultant use-after-free or NULL pointer dereference).
CVE-2022-3424Mar 6, 2023
affected < 6-150400.2.1fixed 6-150400.2.1
A use-after-free flaw was found in the Linux kernel’s SGI GRU driver in the way the first gru_file_unlocked_ioctl function is called by the user, where a fail pass occurs in the gru_check_chiplet_assignment function. This flaw allows a local user to crash or potentially escalate

Page 1 of 3