rpm package
suse/kernel-livepatch-SLE15-SP4_Update_3&distro=SUSE Linux Enterprise Live Patching 15 SP4
pkg:rpm/suse/kernel-livepatch-SLE15-SP4_Update_3&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2015%20SP4
Vulnerabilities (59)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2023-0461 | — | < 10-150400.2.3 | 10-150400.2.3 | Feb 28, 2023 | There is a use-after-free vulnerability in the Linux Kernel which can be exploited to achieve local privilege escalation. To reach the vulnerability kernel configuration flag CONFIG_TLS or CONFIG_XFRM_ESPINTCP has to be configured, but the operation does not require any privilege | ||
| CVE-2022-4139 | — | < 5-150400.2.1 | 5-150400.2.1 | Jan 27, 2023 | An incorrect TLB flush issue was found in the Linux kernel’s GPU i915 kernel driver, potentially leading to random memory corruption or data leaks. This flaw could allow a local user to crash the system or escalate their privileges on the system. | ||
| CVE-2023-23455 | — | < 11-150400.2.3 | 11-150400.2.3 | Jan 12, 2023 | atm_tc_enqueue in net/sched/sch_atm.c in the Linux kernel through 6.1.4 allows attackers to cause a denial of service because of type confusion (non-negative numbers can sometimes indicate a TC_ACT_SHOT condition rather than valid classification results). | ||
| CVE-2023-23454 | — | < 10-150400.2.3 | 10-150400.2.3 | Jan 12, 2023 | cbq_classify in net/sched/sch_cbq.c in the Linux kernel through 6.1.4 allows attackers to cause a denial of service (slab-out-of-bounds read) because of type confusion (non-negative numbers can sometimes indicate a TC_ACT_SHOT condition rather than valid classification results). | ||
| CVE-2022-4379 | — | < 6-150400.2.1 | 6-150400.2.1 | Jan 10, 2023 | A use-after-free vulnerability was found in __nfs42_ssc_open() in fs/nfs/nfs4file.c in the Linux kernel. This flaw allows an attacker to conduct a remote denial | ||
| CVE-2022-4378 | — | < 5-150400.2.1 | 5-150400.2.1 | Jan 5, 2023 | A stack overflow flaw was found in the Linux kernel's SYSCTL subsystem in how a user changes certain kernel parameters and variables. This flaw allows a local user to crash or potentially escalate their privileges on the system. | ||
| CVE-2022-43945 | Hig | 7.5 | < 5-150400.2.1 | 5-150400.2.1 | Nov 4, 2022 | The Linux kernel NFSD implementation prior to versions 5.19.17 and 6.0.2 are vulnerable to buffer overflow. NFSD tracks the number of pages held by each NFSD thread by combining the receive and send buffers of a remote procedure call (RPC) into a single array of pages. A client c | |
| CVE-2022-3640 | — | < 5-150400.2.1 | 5-150400.2.1 | Oct 21, 2022 | A vulnerability, which was classified as critical, was found in Linux Kernel. Affected is the function l2cap_conn_del of the file net/bluetooth/l2cap_core.c of the component Bluetooth. The manipulation leads to use after free. It is recommended to apply a patch to fix this issue. | ||
| CVE-2022-3586 | — | < 5-150400.2.1 | 5-150400.2.1 | Oct 19, 2022 | A flaw was found in the Linux kernel’s networking code. A use-after-free was found in the way the sch_sfb enqueue function used the socket buffer (SKB) cb field after the same SKB had been enqueued (and freed) into a child qdisc. This flaw allows a local, unprivileged user to cra | ||
| CVE-2022-3545 | — | < 5-150400.2.1 | 5-150400.2.1 | Oct 17, 2022 | A vulnerability has been found in Linux Kernel and classified as critical. Affected by this vulnerability is the function area_cache_get of the file drivers/net/ethernet/netronome/nfp/nfpcore/nfp_cppcore.c of the component IPsec. The manipulation leads to use after free. It is re | ||
| CVE-2022-42722 | — | < 4-150400.2.1 | 4-150400.2.1 | Oct 13, 2022 | In the Linux kernel 5.8 through 5.19.x before 5.19.16, local attackers able to inject WLAN frames into the mac80211 stack could cause a NULL pointer dereference denial-of-service attack against the beacon protection of P2P devices. | ||
| CVE-2022-42721 | — | < 3-150400.2.1 | 3-150400.2.1 | Oct 13, 2022 | A list management bug in BSS handling in the mac80211 stack in the Linux kernel 5.1 through 5.19.x before 5.19.16 could be used by local attackers (able to inject WLAN frames) to corrupt a linked list and, in turn, potentially execute code. | ||
| CVE-2022-42720 | — | < 3-150400.2.1 | 3-150400.2.1 | Oct 13, 2022 | Various refcounting bugs in the multi-BSS handling in the mac80211 stack in the Linux kernel 5.1 through 5.19.x before 5.19.16 could be used by local attackers (able to inject WLAN frames) to trigger use-after-free conditions to potentially execute code. | ||
| CVE-2022-42719 | — | < 3-150400.2.1 | 3-150400.2.1 | Oct 13, 2022 | A use-after-free in the mac80211 stack when parsing a multi-BSSID element in the Linux kernel 5.2 through 5.19.x before 5.19.16 could be used by attackers (able to inject WLAN frames) to crash the kernel and potentially execute code. | ||
| CVE-2022-41674 | — | < 3-150400.2.1 | 3-150400.2.1 | Oct 13, 2022 | An issue was discovered in the Linux kernel before 5.19.16. Attackers able to inject WLAN frames could cause a buffer overflow in the ieee80211_bss_info_update function in net/mac80211/scan.c. | ||
| CVE-2022-41218 | — | < 5-150400.2.1 | 5-150400.2.1 | Sep 21, 2022 | In drivers/media/dvb-core/dmxdev.c in the Linux kernel through 5.19.10, there is a use-after-free caused by refcount races, affecting dvb_demux_open and dvb_dmxdev_release. | ||
| CVE-2022-2977 | — | < 1-150400.9.3.2 | 1-150400.9.3.2 | Sep 14, 2022 | A flaw was found in the Linux kernel implementation of proxied virtualized TPM devices. On a system where virtualized TPM devices are configured (this is not the default) a local attacker can create a use-after-free and create a situation where it may be possible to escalate priv | ||
| CVE-2022-2905 | — | < 1-150400.9.3.2 | 1-150400.9.3.2 | Sep 9, 2022 | An out-of-bounds memory read flaw was found in the Linux kernel's BPF subsystem in how a user calls the bpf_tail_call function with a key larger than the max_entries of the map. This flaw allows a local user to gain unauthorized access to data. | ||
| CVE-2022-39190 | — | < 1-150400.9.3.2 | 1-150400.9.3.2 | Sep 2, 2022 | An issue was discovered in net/netfilter/nf_tables_api.c in the Linux kernel before 5.19.6. A denial of service can occur upon binding to an already bound chain. | ||
| CVE-2022-39189 | — | < 3-150400.2.1 | 3-150400.2.1 | Sep 2, 2022 | An issue was discovered the x86 KVM subsystem in the Linux kernel before 5.18.17. Unprivileged guest users can compromise the guest kernel because TLB flush operations are mishandled in certain KVM_VCPU_PREEMPTED situations. |
- CVE-2023-0461Feb 28, 2023affected < 10-150400.2.3fixed 10-150400.2.3
There is a use-after-free vulnerability in the Linux Kernel which can be exploited to achieve local privilege escalation. To reach the vulnerability kernel configuration flag CONFIG_TLS or CONFIG_XFRM_ESPINTCP has to be configured, but the operation does not require any privilege
- CVE-2022-4139Jan 27, 2023affected < 5-150400.2.1fixed 5-150400.2.1
An incorrect TLB flush issue was found in the Linux kernel’s GPU i915 kernel driver, potentially leading to random memory corruption or data leaks. This flaw could allow a local user to crash the system or escalate their privileges on the system.
- CVE-2023-23455Jan 12, 2023affected < 11-150400.2.3fixed 11-150400.2.3
atm_tc_enqueue in net/sched/sch_atm.c in the Linux kernel through 6.1.4 allows attackers to cause a denial of service because of type confusion (non-negative numbers can sometimes indicate a TC_ACT_SHOT condition rather than valid classification results).
- CVE-2023-23454Jan 12, 2023affected < 10-150400.2.3fixed 10-150400.2.3
cbq_classify in net/sched/sch_cbq.c in the Linux kernel through 6.1.4 allows attackers to cause a denial of service (slab-out-of-bounds read) because of type confusion (non-negative numbers can sometimes indicate a TC_ACT_SHOT condition rather than valid classification results).
- CVE-2022-4379Jan 10, 2023affected < 6-150400.2.1fixed 6-150400.2.1
A use-after-free vulnerability was found in __nfs42_ssc_open() in fs/nfs/nfs4file.c in the Linux kernel. This flaw allows an attacker to conduct a remote denial
- CVE-2022-4378Jan 5, 2023affected < 5-150400.2.1fixed 5-150400.2.1
A stack overflow flaw was found in the Linux kernel's SYSCTL subsystem in how a user changes certain kernel parameters and variables. This flaw allows a local user to crash or potentially escalate their privileges on the system.
- affected < 5-150400.2.1fixed 5-150400.2.1
The Linux kernel NFSD implementation prior to versions 5.19.17 and 6.0.2 are vulnerable to buffer overflow. NFSD tracks the number of pages held by each NFSD thread by combining the receive and send buffers of a remote procedure call (RPC) into a single array of pages. A client c
- CVE-2022-3640Oct 21, 2022affected < 5-150400.2.1fixed 5-150400.2.1
A vulnerability, which was classified as critical, was found in Linux Kernel. Affected is the function l2cap_conn_del of the file net/bluetooth/l2cap_core.c of the component Bluetooth. The manipulation leads to use after free. It is recommended to apply a patch to fix this issue.
- CVE-2022-3586Oct 19, 2022affected < 5-150400.2.1fixed 5-150400.2.1
A flaw was found in the Linux kernel’s networking code. A use-after-free was found in the way the sch_sfb enqueue function used the socket buffer (SKB) cb field after the same SKB had been enqueued (and freed) into a child qdisc. This flaw allows a local, unprivileged user to cra
- CVE-2022-3545Oct 17, 2022affected < 5-150400.2.1fixed 5-150400.2.1
A vulnerability has been found in Linux Kernel and classified as critical. Affected by this vulnerability is the function area_cache_get of the file drivers/net/ethernet/netronome/nfp/nfpcore/nfp_cppcore.c of the component IPsec. The manipulation leads to use after free. It is re
- CVE-2022-42722Oct 13, 2022affected < 4-150400.2.1fixed 4-150400.2.1
In the Linux kernel 5.8 through 5.19.x before 5.19.16, local attackers able to inject WLAN frames into the mac80211 stack could cause a NULL pointer dereference denial-of-service attack against the beacon protection of P2P devices.
- CVE-2022-42721Oct 13, 2022affected < 3-150400.2.1fixed 3-150400.2.1
A list management bug in BSS handling in the mac80211 stack in the Linux kernel 5.1 through 5.19.x before 5.19.16 could be used by local attackers (able to inject WLAN frames) to corrupt a linked list and, in turn, potentially execute code.
- CVE-2022-42720Oct 13, 2022affected < 3-150400.2.1fixed 3-150400.2.1
Various refcounting bugs in the multi-BSS handling in the mac80211 stack in the Linux kernel 5.1 through 5.19.x before 5.19.16 could be used by local attackers (able to inject WLAN frames) to trigger use-after-free conditions to potentially execute code.
- CVE-2022-42719Oct 13, 2022affected < 3-150400.2.1fixed 3-150400.2.1
A use-after-free in the mac80211 stack when parsing a multi-BSSID element in the Linux kernel 5.2 through 5.19.x before 5.19.16 could be used by attackers (able to inject WLAN frames) to crash the kernel and potentially execute code.
- CVE-2022-41674Oct 13, 2022affected < 3-150400.2.1fixed 3-150400.2.1
An issue was discovered in the Linux kernel before 5.19.16. Attackers able to inject WLAN frames could cause a buffer overflow in the ieee80211_bss_info_update function in net/mac80211/scan.c.
- CVE-2022-41218Sep 21, 2022affected < 5-150400.2.1fixed 5-150400.2.1
In drivers/media/dvb-core/dmxdev.c in the Linux kernel through 5.19.10, there is a use-after-free caused by refcount races, affecting dvb_demux_open and dvb_dmxdev_release.
- CVE-2022-2977Sep 14, 2022affected < 1-150400.9.3.2fixed 1-150400.9.3.2
A flaw was found in the Linux kernel implementation of proxied virtualized TPM devices. On a system where virtualized TPM devices are configured (this is not the default) a local attacker can create a use-after-free and create a situation where it may be possible to escalate priv
- CVE-2022-2905Sep 9, 2022affected < 1-150400.9.3.2fixed 1-150400.9.3.2
An out-of-bounds memory read flaw was found in the Linux kernel's BPF subsystem in how a user calls the bpf_tail_call function with a key larger than the max_entries of the map. This flaw allows a local user to gain unauthorized access to data.
- CVE-2022-39190Sep 2, 2022affected < 1-150400.9.3.2fixed 1-150400.9.3.2
An issue was discovered in net/netfilter/nf_tables_api.c in the Linux kernel before 5.19.6. A denial of service can occur upon binding to an already bound chain.
- CVE-2022-39189Sep 2, 2022affected < 3-150400.2.1fixed 3-150400.2.1
An issue was discovered the x86 KVM subsystem in the Linux kernel before 5.18.17. Unprivileged guest users can compromise the guest kernel because TLB flush operations are mishandled in certain KVM_VCPU_PREEMPTED situations.
Page 2 of 3