VYPR

rpm package

suse/kernel-livepatch-SLE15-SP4_Update_7&distro=SUSE Linux Enterprise Live Patching 15 SP4

pkg:rpm/suse/kernel-livepatch-SLE15-SP4_Update_7&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2015%20SP4

Vulnerabilities (18)

  • CVE-2023-1078Mar 27, 2023
    affected < 3-150400.2.3fixed 3-150400.2.3

    A flaw was found in the Linux Kernel in RDS (Reliable Datagram Sockets) protocol. The rds_rm_zerocopy_callback() uses list_entry() on the head of a list causing a type confusion. Local user can trigger this with rds_message_put(). Type confusion leads to `struct rds_msg_zcopy_inf

  • CVE-2023-26545Feb 25, 2023
    affected < 3-150400.2.3fixed 3-150400.2.3

    In the Linux kernel before 6.1.13, there is a double free in net/mpls/af_mpls.c upon an allocation failure (for registering the sysctl table under a new location) during the renaming of a device.

  • CVE-2023-0266KEVJan 30, 2023
    affected < 3-150400.2.3fixed 3-150400.2.3

    A use after free vulnerability exists in the ALSA PCM package in the Linux Kernel. SNDRV_CTL_IOCTL_ELEM_{READ|WRITE}32 is missing locks that can be used in a use-after-free that can result in a priviledge escalation to gain ring0 access from the system user. We recommend upgradin

  • CVE-2022-4379Jan 10, 2023
    affected < 1-150400.9.3.1fixed 1-150400.9.3.1

    A use-after-free vulnerability was found in __nfs42_ssc_open() in fs/nfs/nfs4file.c in the Linux kernel. This flaw allows an attacker to conduct a remote denial

  • CVE-2022-4662Dec 22, 2022
    affected < 1-150400.9.3.1fixed 1-150400.9.3.1

    A flaw incorrect access control in the Linux kernel USB core subsystem was found in the way user attaches usb device. A local user could use this flaw to crash the system.

  • CVE-2022-47520Dec 18, 2022
    affected < 1-150400.9.3.1fixed 1-150400.9.3.1

    An issue was discovered in the Linux kernel before 6.0.11. Missing offset validation in drivers/net/wireless/microchip/wilc1000/hif.c in the WILC1000 wireless driver can trigger an out-of-bounds read when parsing a Robust Security Network (RSN) information element from a Netlink

  • CVE-2022-3115Dec 14, 2022
    affected < 1-150400.9.3.1fixed 1-150400.9.3.1

    An issue was discovered in the Linux kernel through 5.16-rc6. malidp_crtc_reset in drivers/gpu/drm/arm/malidp_crtc.c lacks check of the return value of kzalloc() and will cause the null pointer dereference.

  • CVE-2022-3114Dec 14, 2022
    affected < 1-150400.9.3.1fixed 1-150400.9.3.1

    An issue was discovered in the Linux kernel through 5.16-rc6. imx_register_uart_clocks in drivers/clk/imx/clk.c lacks check of the return value of kcalloc() and will cause the null pointer dereference.

  • CVE-2022-3113Dec 14, 2022
    affected < 1-150400.9.3.1fixed 1-150400.9.3.1

    An issue was discovered in the Linux kernel through 5.16-rc6. mtk_vcodec_fw_vpu_init in drivers/media/platform/mtk-vcodec/mtk_vcodec_fw_vpu.c lacks check of the return value of devm_kzalloc() and will cause the null pointer dereference.

  • CVE-2022-3112Dec 14, 2022
    affected < 1-150400.9.3.1fixed 1-150400.9.3.1

    An issue was discovered in the Linux kernel through 5.16-rc6. amvdec_set_canvases in drivers/staging/media/meson/vdec/vdec_helpers.c lacks check of the return value of kzalloc() and will cause the null pointer dereference.

  • CVE-2022-3111Dec 14, 2022
    affected < 1-150400.9.3.1fixed 1-150400.9.3.1

    An issue was discovered in the Linux kernel through 5.16-rc6. free_charger_irq() in drivers/power/supply/wm8350_power.c lacks free of WM8350_IRQ_CHG_FAST_RDY, which is registered in wm8350_init_charger().

  • CVE-2022-3108Dec 14, 2022
    affected < 1-150400.9.3.1fixed 1-150400.9.3.1

    An issue was discovered in the Linux kernel through 5.16-rc6. kfd_parse_subtype_iolink in drivers/gpu/drm/amd/amdkfd/kfd_crat.c lacks check of the return value of kmemdup().

  • CVE-2022-3107Dec 14, 2022
    affected < 1-150400.9.3.1fixed 1-150400.9.3.1

    An issue was discovered in the Linux kernel through 5.16-rc6. netvsc_get_ethtool_stats in drivers/net/hyperv/netvsc_drv.c lacks check of the return value of kvmalloc_array() and will cause the null pointer dereference.

  • CVE-2022-3106Dec 14, 2022
    affected < 1-150400.9.3.1fixed 1-150400.9.3.1

    An issue was discovered in the Linux kernel through 5.16-rc6. ef100_update_stats in drivers/net/ethernet/sfc/ef100_nic.c lacks check of the return value of kmalloc().

  • CVE-2022-3105Dec 14, 2022
    affected < 1-150400.9.3.1fixed 1-150400.9.3.1

    An issue was discovered in the Linux kernel through 5.16-rc6. uapi_finalize in drivers/infiniband/core/uverbs_uapi.c lacks check of kmalloc_array().

  • CVE-2022-3104Dec 14, 2022
    affected < 1-150400.9.3.1fixed 1-150400.9.3.1

    An issue was discovered in the Linux kernel through 5.16-rc6. lkdtm_ARRAY_BOUNDS in drivers/misc/lkdtm/bugs.c lacks check of the return value of kmalloc() and will cause the null pointer dereference.

  • CVE-2022-3344Oct 24, 2022
    affected < 1-150400.9.3.1fixed 1-150400.9.3.1

    A flaw was found in the KVM's AMD nested virtualization (SVM). A malicious L1 guest could purposely fail to intercept the shutdown of a cooperative nested guest (L2), possibly leading to a page fault and kernel panic in the host (L0).

  • CVE-2022-3564Oct 17, 2022
    affected < 1-150400.9.3.1fixed 1-150400.9.3.1

    A vulnerability classified as critical was found in Linux Kernel. Affected by this vulnerability is the function l2cap_reassemble_sdu of the file net/bluetooth/l2cap_core.c of the component Bluetooth. The manipulation leads to use after free. It is recommended to apply a patch to