VYPR

rpm package

suse/kernel-livepatch-SLE15-SP5-RT_Update_7&distro=SUSE Linux Enterprise Live Patching 15 SP5

pkg:rpm/suse/kernel-livepatch-SLE15-SP5-RT_Update_7&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2015%20SP5

Vulnerabilities (28)

  • CVE-2023-45862Oct 14, 2023
    affected < 1-150500.11.3.1fixed 1-150500.11.3.1

    An issue was discovered in drivers/usb/storage/ene_ub6250.c for the ENE UB6250 reader driver in the Linux kernel before 6.2.5. An object could potentially extend beyond the end of an allocation.

  • CVE-2023-39193Oct 9, 2023
    affected < 1-150500.11.3.1fixed 1-150500.11.3.1

    A flaw was found in the Netfilter subsystem in the Linux kernel. The sctp_mt_check did not validate the flag_count field. This flaw allows a local privileged (CAP_NET_ADMIN) attacker to trigger an out-of-bounds read, leading to a crash or information disclosure.

  • CVE-2023-39189Oct 9, 2023
    affected < 1-150500.11.3.1fixed 1-150500.11.3.1

    A flaw was found in the Netfilter subsystem in the Linux kernel. The nfnl_osf_add_callback function did not validate the user mode controlled opt_num field. This flaw allows a local privileged (CAP_NET_ADMIN) attacker to trigger an out-of-bounds read, leading to a crash or inform

  • CVE-2023-39191Oct 4, 2023
    affected < 1-150500.11.3.1fixed 1-150500.11.3.1

    An improper input validation flaw was found in the eBPF subsystem in the Linux kernel. The issue occurs due to a lack of proper validation of dynamic pointers within user-supplied eBPF programs prior to executing them. This may allow an attacker with CAP_BPF privileges to escalat

  • CVE-2023-2163Sep 20, 2023
    affected < 1-150500.11.3.1fixed 1-150500.11.3.1

    Incorrect verifier pruning in BPF in Linux Kernel >=5.4 leads to unsafe code paths being incorrectly marked as safe, resulting in arbitrary read/write in kernel memory, lateral privilege escalation, and container escape.

  • CVE-2023-3777Sep 6, 2023
    affected < 2-150500.2.1fixed 2-150500.2.1

    A use-after-free vulnerability in the Linux kernel's netfilter: nf_tables component can be exploited to achieve local privilege escalation. When nf_tables_delrule() is flushing table rules, it is not checked whether the chain is bound and the chain's owner rule can also release

  • CVE-2023-2860Jul 24, 2023
    affected < 1-150500.11.3.1fixed 1-150500.11.3.1

    An out-of-bounds read vulnerability was found in the SR-IPv6 implementation in the Linux kernel. The flaw exists within the processing of seg6 attributes. The issue results from the improper validation of user-supplied data, which can result in a read past the end of an allocated

  • CVE-2023-31085Apr 24, 2023
    affected < 1-150500.11.3.1fixed 1-150500.11.3.1

    An issue was discovered in drivers/mtd/ubi/cdev.c in the Linux kernel 6.2. There is a divide-by-zero error in do_div(sz,mtd->erasesize), used indirectly by ctrl_cdev_ioctl, when mtd->erasesize is 0.

Page 2 of 2