VYPR

rpm package

suse/kernel-livepatch-SLE15-SP5_Update_15&distro=SUSE Linux Enterprise Live Patching 15 SP5

pkg:rpm/suse/kernel-livepatch-SLE15-SP5_Update_15&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2015%20SP5

Vulnerabilities (588)

  • CVE-2024-26597Feb 23, 2024
    affected < 1-150500.11.3.1fixed 1-150500.11.3.1

    In the Linux kernel, the following vulnerability has been resolved: net: qualcomm: rmnet: fix global oob in rmnet_policy The variable rmnet_link_ops assign a *bigger* maxtype which leads to a global out-of-bounds read when parsing the netlink attributes. See bug trace below: =

  • CVE-2023-6531Jan 21, 2024
    affected < 1-150500.11.3.1fixed 1-150500.11.3.1

    A use-after-free flaw was found in the Linux Kernel due to a race problem in the unix garbage collector's deletion of SKB races with unix_stream_read_generic() on the socket that the SKB is queued on.

  • CVE-2023-47233MedNov 3, 2023
    affected < 1-150500.11.3.1fixed 1-150500.11.3.1

    The brcm80211 component in the Linux kernel through 6.5.10 has a brcmf_cfg80211_detach use-after-free in the device unplugging (disconnect the USB by hotplug) code. For physically proximate attackers with local access, this "could be exploited in a real world scenario." This is r

  • CVE-2023-42755Oct 5, 2023
    affected < 1-150500.11.3.1fixed 1-150500.11.3.1

    A flaw was found in the IPv4 Resource Reservation Protocol (RSVP) classifier in the Linux kernel. The xprt pointer may go beyond the linear part of the skb, leading to an out-of-bounds read in the `rsvp_classify` function. This issue may allow a local user to crash the system and

  • CVE-2023-0160Jul 18, 2023
    affected < 1-150500.11.3.1fixed 1-150500.11.3.1

    A deadlock flaw was found in the Linux kernel’s BPF subsystem. This flaw allows a local user to potentially crash the system.

  • CVE-2023-1829Apr 12, 2023
    affected < 1-150500.11.3.1fixed 1-150500.11.3.1

    A use-after-free vulnerability in the Linux Kernel traffic control index filter (tcindex) can be exploited to achieve local privilege escalation. The tcindex_delete function which does not properly deactivate filters in case of a perfect hashes while deleting the underlying struc

  • CVE-2021-4148Mar 23, 2022
    affected < 1-150500.11.3.1fixed 1-150500.11.3.1

    A vulnerability was found in the Linux kernel's block_invalidatepage in fs/buffer.c in the filesystem. A missing sanity check may allow a local attacker with user privilege to cause a denial of service (DOS) problem.

  • CVE-2021-43527Dec 8, 2021
    affected < 1-150500.11.3.1fixed 1-150500.11.3.1

    NSS (Network Security Services) versions prior to 3.73 or 3.68.1 ESR are vulnerable to a heap overflow when handling DER-encoded DSA or RSA-PSS signatures. Applications using NSS for handling signatures encoded within CMS, S/MIME, PKCS \#7, or PKCS \#12 are likely to be impacted.

Page 30 of 30