rpm package
suse/kernel-livepatch-SLE15-SP4_Update_5&distro=SUSE Linux Enterprise Live Patching 15 SP4
pkg:rpm/suse/kernel-livepatch-SLE15-SP4_Update_5&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2015%20SP4
Vulnerabilities (45)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2022-3640 | — | < 1-150400.9.3.4 | 1-150400.9.3.4 | Oct 21, 2022 | A vulnerability, which was classified as critical, was found in Linux Kernel. Affected is the function l2cap_conn_del of the file net/bluetooth/l2cap_core.c of the component Bluetooth. The manipulation leads to use after free. It is recommended to apply a patch to fix this issue. | ||
| CVE-2022-3633 | — | < 1-150400.9.3.4 | 1-150400.9.3.4 | Oct 21, 2022 | A vulnerability classified as problematic has been found in Linux Kernel. Affected is the function j1939_session_destroy of the file net/can/j1939/transport.c. The manipulation leads to memory leak. It is recommended to apply a patch to fix this issue. The identifier of this vuln | ||
| CVE-2022-3629 | — | < 1-150400.9.3.4 | 1-150400.9.3.4 | Oct 21, 2022 | A vulnerability was found in Linux Kernel. It has been declared as problematic. This vulnerability affects the function vsock_connect of the file net/vmw_vsock/af_vsock.c. The manipulation leads to memory leak. The complexity of an attack is rather high. The exploitation appears | ||
| CVE-2022-3625 | — | < 1-150400.9.3.4 | 1-150400.9.3.4 | Oct 21, 2022 | A vulnerability was found in Linux Kernel. It has been classified as critical. This affects the function devlink_param_set/devlink_param_get of the file net/core/devlink.c of the component IPsec. The manipulation leads to use after free. It is recommended to apply a patch to fix | ||
| CVE-2022-3621 | — | < 1-150400.9.3.4 | 1-150400.9.3.4 | Oct 20, 2022 | A vulnerability was found in Linux Kernel. It has been classified as problematic. Affected is the function nilfs_bmap_lookup_at_level of the file fs/nilfs2/inode.c of the component nilfs2. The manipulation leads to null pointer dereference. It is possible to launch the attack rem | ||
| CVE-2022-3619 | — | < 1-150400.9.3.4 | 1-150400.9.3.4 | Oct 20, 2022 | A vulnerability has been found in Linux Kernel and classified as problematic. This vulnerability affects the function l2cap_recv_acldata of the file net/bluetooth/l2cap_core.c of the component Bluetooth. The manipulation leads to memory leak. It is recommended to apply a patch to | ||
| CVE-2022-3577 | — | < 1-150400.9.3.4 | 1-150400.9.3.4 | Oct 20, 2022 | An out-of-bounds memory write flaw was found in the Linux kernel’s Kid-friendly Wired Controller driver. This flaw allows a local user to crash or potentially escalate their privileges on the system. It is in bigben_probe of drivers/hid/hid-bigbenff.c. The reason is incorrect ass | ||
| CVE-2022-3586 | — | < 1-150400.9.3.4 | 1-150400.9.3.4 | Oct 19, 2022 | A flaw was found in the Linux kernel’s networking code. A use-after-free was found in the way the sch_sfb enqueue function used the socket buffer (SKB) cb field after the same SKB had been enqueued (and freed) into a child qdisc. This flaw allows a local, unprivileged user to cra | ||
| CVE-2022-3594 | — | < 1-150400.9.3.4 | 1-150400.9.3.4 | Oct 18, 2022 | A vulnerability was found in Linux Kernel. It has been declared as problematic. Affected by this vulnerability is the function intr_callback of the file drivers/net/usb/r8152.c of the component BPF. The manipulation leads to logging of excessive data. The attack can be launched r | ||
| CVE-2022-3565 | — | < 1-150400.9.3.4 | 1-150400.9.3.4 | Oct 17, 2022 | A vulnerability, which was classified as critical, has been found in Linux Kernel. Affected by this issue is the function del_timer of the file drivers/isdn/mISDN/l1oip_core.c of the component Bluetooth. The manipulation leads to use after free. It is recommended to apply a patch | ||
| CVE-2022-3545 | — | < 1-150400.9.3.4 | 1-150400.9.3.4 | Oct 17, 2022 | A vulnerability has been found in Linux Kernel and classified as critical. Affected by this vulnerability is the function area_cache_get of the file drivers/net/ethernet/netronome/nfp/nfpcore/nfp_cppcore.c of the component IPsec. The manipulation leads to use after free. It is re | ||
| CVE-2022-3526 | — | < 1-150400.9.3.4 | 1-150400.9.3.4 | Oct 16, 2022 | A vulnerability classified as problematic was found in Linux Kernel. This vulnerability affects the function macvlan_handle_frame of the file drivers/net/macvlan.c of the component skb. The manipulation leads to memory leak. The attack can be initiated remotely. It is recommended | ||
| CVE-2022-3524 | — | < 1-150400.9.3.4 | 1-150400.9.3.4 | Oct 16, 2022 | A vulnerability was found in Linux Kernel. It has been declared as problematic. Affected by this vulnerability is the function ipv6_renew_options of the component IPv6 Handler. The manipulation leads to memory leak. The attack can be launched remotely. It is recommended to apply | ||
| CVE-2022-3521 | — | < 1-150400.9.3.4 | 1-150400.9.3.4 | Oct 16, 2022 | A vulnerability has been found in Linux Kernel and classified as problematic. This vulnerability affects the function kcm_tx_work of the file net/kcm/kcmsock.c of the component kcm. The manipulation leads to race condition. It is recommended to apply a patch to fix this issue. VD | ||
| CVE-2022-42703 | — | < 1-150400.9.3.4 | 1-150400.9.3.4 | Oct 9, 2022 | mm/rmap.c in the Linux kernel before 5.19.7 has a use-after-free related to leaf anon_vma double reuse. | ||
| CVE-2022-3435 | — | < 1-150400.9.3.4 | 1-150400.9.3.4 | Oct 8, 2022 | A vulnerability classified as problematic has been found in Linux Kernel. This affects the function fib_nh_match of the file net/ipv4/fib_semantics.c of the component IPv4 Handler. The manipulation leads to out-of-bounds read. It is possible to initiate the attack remotely. It is | ||
| CVE-2022-40768 | — | < 1-150400.9.3.4 | 1-150400.9.3.4 | Sep 18, 2022 | drivers/scsi/stex.c in the Linux kernel through 5.19.9 allows local users to obtain sensitive information from kernel memory because stex_queuecommand_lck lacks a memset for the PASSTHRU_CMD case. | ||
| CVE-2022-40476 | — | < 1-150400.9.3.4 | 1-150400.9.3.4 | Sep 14, 2022 | A null pointer dereference issue was discovered in fs/io_uring.c in the Linux kernel before 5.15.62. A local user could use this flaw to crash the system or potentially cause a denial of service. | ||
| CVE-2022-3169 | — | < 1-150400.9.3.4 | 1-150400.9.3.4 | Sep 9, 2022 | A flaw was found in the Linux kernel. A denial of service flaw may occur if there is a consecutive request of the NVME_IOCTL_RESET and the NVME_IOCTL_SUBSYS_RESET through the device file of the driver, resulting in a PCIe link disconnect. | ||
| CVE-2022-2964 | — | < 1-150400.9.3.4 | 1-150400.9.3.4 | Sep 9, 2022 | A flaw was found in the Linux kernel’s driver for the ASIX AX88179_178A-based USB 2.0/3.0 Gigabit Ethernet Devices. The vulnerability contains multiple out-of-bounds reads and possible out-of-bounds writes. |
- CVE-2022-3640Oct 21, 2022affected < 1-150400.9.3.4fixed 1-150400.9.3.4
A vulnerability, which was classified as critical, was found in Linux Kernel. Affected is the function l2cap_conn_del of the file net/bluetooth/l2cap_core.c of the component Bluetooth. The manipulation leads to use after free. It is recommended to apply a patch to fix this issue.
- CVE-2022-3633Oct 21, 2022affected < 1-150400.9.3.4fixed 1-150400.9.3.4
A vulnerability classified as problematic has been found in Linux Kernel. Affected is the function j1939_session_destroy of the file net/can/j1939/transport.c. The manipulation leads to memory leak. It is recommended to apply a patch to fix this issue. The identifier of this vuln
- CVE-2022-3629Oct 21, 2022affected < 1-150400.9.3.4fixed 1-150400.9.3.4
A vulnerability was found in Linux Kernel. It has been declared as problematic. This vulnerability affects the function vsock_connect of the file net/vmw_vsock/af_vsock.c. The manipulation leads to memory leak. The complexity of an attack is rather high. The exploitation appears
- CVE-2022-3625Oct 21, 2022affected < 1-150400.9.3.4fixed 1-150400.9.3.4
A vulnerability was found in Linux Kernel. It has been classified as critical. This affects the function devlink_param_set/devlink_param_get of the file net/core/devlink.c of the component IPsec. The manipulation leads to use after free. It is recommended to apply a patch to fix
- CVE-2022-3621Oct 20, 2022affected < 1-150400.9.3.4fixed 1-150400.9.3.4
A vulnerability was found in Linux Kernel. It has been classified as problematic. Affected is the function nilfs_bmap_lookup_at_level of the file fs/nilfs2/inode.c of the component nilfs2. The manipulation leads to null pointer dereference. It is possible to launch the attack rem
- CVE-2022-3619Oct 20, 2022affected < 1-150400.9.3.4fixed 1-150400.9.3.4
A vulnerability has been found in Linux Kernel and classified as problematic. This vulnerability affects the function l2cap_recv_acldata of the file net/bluetooth/l2cap_core.c of the component Bluetooth. The manipulation leads to memory leak. It is recommended to apply a patch to
- CVE-2022-3577Oct 20, 2022affected < 1-150400.9.3.4fixed 1-150400.9.3.4
An out-of-bounds memory write flaw was found in the Linux kernel’s Kid-friendly Wired Controller driver. This flaw allows a local user to crash or potentially escalate their privileges on the system. It is in bigben_probe of drivers/hid/hid-bigbenff.c. The reason is incorrect ass
- CVE-2022-3586Oct 19, 2022affected < 1-150400.9.3.4fixed 1-150400.9.3.4
A flaw was found in the Linux kernel’s networking code. A use-after-free was found in the way the sch_sfb enqueue function used the socket buffer (SKB) cb field after the same SKB had been enqueued (and freed) into a child qdisc. This flaw allows a local, unprivileged user to cra
- CVE-2022-3594Oct 18, 2022affected < 1-150400.9.3.4fixed 1-150400.9.3.4
A vulnerability was found in Linux Kernel. It has been declared as problematic. Affected by this vulnerability is the function intr_callback of the file drivers/net/usb/r8152.c of the component BPF. The manipulation leads to logging of excessive data. The attack can be launched r
- CVE-2022-3565Oct 17, 2022affected < 1-150400.9.3.4fixed 1-150400.9.3.4
A vulnerability, which was classified as critical, has been found in Linux Kernel. Affected by this issue is the function del_timer of the file drivers/isdn/mISDN/l1oip_core.c of the component Bluetooth. The manipulation leads to use after free. It is recommended to apply a patch
- CVE-2022-3545Oct 17, 2022affected < 1-150400.9.3.4fixed 1-150400.9.3.4
A vulnerability has been found in Linux Kernel and classified as critical. Affected by this vulnerability is the function area_cache_get of the file drivers/net/ethernet/netronome/nfp/nfpcore/nfp_cppcore.c of the component IPsec. The manipulation leads to use after free. It is re
- CVE-2022-3526Oct 16, 2022affected < 1-150400.9.3.4fixed 1-150400.9.3.4
A vulnerability classified as problematic was found in Linux Kernel. This vulnerability affects the function macvlan_handle_frame of the file drivers/net/macvlan.c of the component skb. The manipulation leads to memory leak. The attack can be initiated remotely. It is recommended
- CVE-2022-3524Oct 16, 2022affected < 1-150400.9.3.4fixed 1-150400.9.3.4
A vulnerability was found in Linux Kernel. It has been declared as problematic. Affected by this vulnerability is the function ipv6_renew_options of the component IPv6 Handler. The manipulation leads to memory leak. The attack can be launched remotely. It is recommended to apply
- CVE-2022-3521Oct 16, 2022affected < 1-150400.9.3.4fixed 1-150400.9.3.4
A vulnerability has been found in Linux Kernel and classified as problematic. This vulnerability affects the function kcm_tx_work of the file net/kcm/kcmsock.c of the component kcm. The manipulation leads to race condition. It is recommended to apply a patch to fix this issue. VD
- CVE-2022-42703Oct 9, 2022affected < 1-150400.9.3.4fixed 1-150400.9.3.4
mm/rmap.c in the Linux kernel before 5.19.7 has a use-after-free related to leaf anon_vma double reuse.
- CVE-2022-3435Oct 8, 2022affected < 1-150400.9.3.4fixed 1-150400.9.3.4
A vulnerability classified as problematic has been found in Linux Kernel. This affects the function fib_nh_match of the file net/ipv4/fib_semantics.c of the component IPv4 Handler. The manipulation leads to out-of-bounds read. It is possible to initiate the attack remotely. It is
- CVE-2022-40768Sep 18, 2022affected < 1-150400.9.3.4fixed 1-150400.9.3.4
drivers/scsi/stex.c in the Linux kernel through 5.19.9 allows local users to obtain sensitive information from kernel memory because stex_queuecommand_lck lacks a memset for the PASSTHRU_CMD case.
- CVE-2022-40476Sep 14, 2022affected < 1-150400.9.3.4fixed 1-150400.9.3.4
A null pointer dereference issue was discovered in fs/io_uring.c in the Linux kernel before 5.15.62. A local user could use this flaw to crash the system or potentially cause a denial of service.
- CVE-2022-3169Sep 9, 2022affected < 1-150400.9.3.4fixed 1-150400.9.3.4
A flaw was found in the Linux kernel. A denial of service flaw may occur if there is a consecutive request of the NVME_IOCTL_RESET and the NVME_IOCTL_SUBSYS_RESET through the device file of the driver, resulting in a PCIe link disconnect.
- CVE-2022-2964Sep 9, 2022affected < 1-150400.9.3.4fixed 1-150400.9.3.4
A flaw was found in the Linux kernel’s driver for the ASIX AX88179_178A-based USB 2.0/3.0 Gigabit Ethernet Devices. The vulnerability contains multiple out-of-bounds reads and possible out-of-bounds writes.
Page 2 of 3