VYPR

rpm package

suse/kernel-livepatch-SLE15-SP5-RT_Update_1&distro=SUSE Linux Enterprise Live Patching 15 SP5

pkg:rpm/suse/kernel-livepatch-SLE15-SP5-RT_Update_1&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2015%20SP5

Vulnerabilities (114)

  • CVE-2023-0122Jan 17, 2023
    affected < 1-150500.11.5.1fixed 1-150500.11.5.1

    A NULL pointer dereference vulnerability in the Linux kernel NVMe functionality, in nvmet_setup_auth(), allows an attacker to perform a Pre-Auth Denial of Service (DoS) attack on a remote machine. Affected versions v6.0-rc1 to v6.0-rc3, fixed in v6.0-rc4.

  • CVE-2023-23455Jan 12, 2023
    affected < 1-150500.11.5.1fixed 1-150500.11.5.1

    atm_tc_enqueue in net/sched/sch_atm.c in the Linux kernel through 6.1.4 allows attackers to cause a denial of service because of type confusion (non-negative numbers can sometimes indicate a TC_ACT_SHOT condition rather than valid classification results).

  • CVE-2023-23454Jan 12, 2023
    affected < 1-150500.11.5.1fixed 1-150500.11.5.1

    cbq_classify in net/sched/sch_cbq.c in the Linux kernel through 6.1.4 allows attackers to cause a denial of service (slab-out-of-bounds read) because of type confusion (non-negative numbers can sometimes indicate a TC_ACT_SHOT condition rather than valid classification results).

  • CVE-2022-2196Jan 9, 2023
    affected < 1-150500.11.5.1fixed 1-150500.11.5.1

    A regression exists in the Linux Kernel within KVM: nVMX that allowed for speculative execution attacks. L2 can carry out Spectre v2 attacks on L1 due to L1 thinking it doesn't need retpolines or IBPB after running L2 due to KVM (L0) advertising eIBRS support to L1. An attacker a

  • CVE-2022-4269Dec 5, 2022
    affected < 1-150500.11.5.1fixed 1-150500.11.5.1

    A flaw was found in the Linux kernel Traffic Control (TC) subsystem. Using a specific networking configuration (redirecting egress packets to ingress using TC action "mirred") a local unprivileged user could trigger a CPU soft lockup (ABBA deadlock) when the transport protocol in

  • CVE-2022-45919Nov 27, 2022
    affected < 1-150500.11.5.1fixed 1-150500.11.5.1

    An issue was discovered in the Linux kernel through 6.0.10. In drivers/media/dvb-core/dvb_ca_en50221.c, a use-after-free can occur is there is a disconnect after an open, because of the lack of a wait_event.

  • CVE-2022-45887Nov 25, 2022
    affected < 1-150500.11.5.1fixed 1-150500.11.5.1

    An issue was discovered in the Linux kernel through 6.0.9. drivers/media/usb/ttusb-dec/ttusb_dec.c has a memory leak because of the lack of a dvb_frontend_detach call.

  • CVE-2022-45886Nov 25, 2022
    affected < 1-150500.11.5.1fixed 1-150500.11.5.1

    An issue was discovered in the Linux kernel through 6.0.9. drivers/media/dvb-core/dvb_net.c has a .disconnect versus dvb_device_open race condition that leads to a use-after-free.

  • CVE-2022-45885Nov 25, 2022
    affected < 1-150500.11.5.1fixed 1-150500.11.5.1

    An issue was discovered in the Linux kernel through 6.0.9. drivers/media/dvb-core/dvb_frontend.c has a race condition that can cause a use-after-free when a device is disconnected.

  • CVE-2022-45884Nov 25, 2022
    affected < 1-150500.11.5.1fixed 1-150500.11.5.1

    An issue was discovered in the Linux kernel through 6.0.9. drivers/media/dvb-core/dvbdev.c has a use-after-free, related to dvb_register_device dynamically allocating fops.

  • CVE-2022-3523Oct 16, 2022
    affected < 1-150500.11.5.1fixed 1-150500.11.5.1

    A vulnerability was found in Linux Kernel. It has been classified as problematic. Affected is an unknown function of the file mm/memory.c of the component Driver Handler. The manipulation leads to use after free. It is possible to launch the attack remotely. It is recommended to

  • CVE-2022-38096MedSep 9, 2022
    affected < 1-150500.11.5.1fixed 1-150500.11.5.1

    A NULL pointer dereference vulnerability was found in vmwgfx driver in drivers/gpu/vmxgfx/vmxgfx_execbuf.c in GPU component of Linux kernel with device file '/dev/dri/renderD128 (or Dxxx)'. This flaw allows a local attacker with a user account on the system to gain privilege, cau

  • CVE-2022-36280Sep 9, 2022
    affected < 1-150500.11.5.1fixed 1-150500.11.5.1

    An out-of-bounds(OOB) memory access vulnerability was found in vmwgfx driver in drivers/gpu/vmxgfx/vmxgfx_kms.c in GPU component in the Linux kernel with device file '/dev/dri/renderD128 (or Dxxx)'. This flaw allows a local attacker with a user account on the system to gain privi

  • CVE-2020-24588LowMay 11, 2021
    affected < 1-150500.11.5.1fixed 1-150500.11.5.1

    The 802.11 standard that underpins Wi-Fi Protected Access (WPA, WPA2, and WPA3) and Wired Equivalent Privacy (WEP) doesn't require that the A-MSDU flag in the plaintext QoS header field is authenticated. Against devices that support receiving non-SSP A-MSDU frames (which is manda

Page 6 of 6