VYPR

rpm package

suse/kernel-livepatch-SLE15-SP5_Update_2&distro=SUSE Linux Enterprise Live Patching 15 SP5

pkg:rpm/suse/kernel-livepatch-SLE15-SP5_Update_2&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2015%20SP5

Vulnerabilities (29)

  • CVE-2023-3812Jul 24, 2023
    affected < 1-150500.11.3.2fixed 1-150500.11.3.2

    An out-of-bounds memory access flaw was found in the Linux kernel’s TUN/TAP device driver functionality in how a user generates a malicious (too big) networking packet when napi frags is enabled. This flaw allows a local user to crash or potentially escalate their privileges on t

  • CVE-2023-3776Jul 21, 2023
    affected < 3-150500.2.1fixed 3-150500.2.1

    A use-after-free vulnerability in the Linux kernel's net/sched: cls_fw component can be exploited to achieve local privilege escalation. If tcf_change_indev() fails, fw_set_parms() will immediately return an error after incrementing or decrementing the reference counter in tcf_b

  • CVE-2023-3610Jul 21, 2023
    affected < 5-150500.2.1fixed 5-150500.2.1

    A use-after-free vulnerability in the Linux kernel's netfilter: nf_tables component can be exploited to achieve local privilege escalation. Flaw in the error handling of bound chains causes a use-after-free in the abort path of NFT_MSG_NEWRULE. The vulnerability requires CAP_NET

  • CVE-2023-3609Jul 21, 2023
    affected < 3-150500.2.1fixed 3-150500.2.1

    A use-after-free vulnerability in the Linux kernel's net/sched: cls_u32 component can be exploited to achieve local privilege escalation. If tcf_change_indev() fails, u32_set_parms() will immediately return an error after incrementing or decrementing the reference counter in tcf

  • CVE-2023-35001Jul 5, 2023
    affected < 1-150500.11.3.2fixed 1-150500.11.3.2

    Linux Kernel nftables Out-Of-Bounds Read/Write Vulnerability; nft_byteorder poorly handled vm register contents when CAP_NET_ADMIN is in any user or network namespace

  • CVE-2023-31248Jul 5, 2023
    affected < 1-150500.11.3.2fixed 1-150500.11.3.2

    Linux Kernel nftables Use-After-Free Local Privilege Escalation Vulnerability; `nft_chain_lookup_byid()` failed to check whether a chain was active and CAP_NET_ADMIN is in any user or network namespace

  • CVE-2023-3390Jun 28, 2023
    affected < 1-150500.11.3.2fixed 1-150500.11.3.2

    A use-after-free vulnerability was found in the Linux kernel's netfilter subsystem in net/netfilter/nf_tables_api.c. Mishandled error handling with NFT_MSG_NEWRULE makes it possible to use a dangling pointer in the same transaction causing a use-after-free vulnerability. This fl

  • CVE-2023-2985Jun 1, 2023
    affected < 1-150500.11.3.2fixed 1-150500.11.3.2

    A use after free flaw was found in hfsplus_put_super in fs/hfsplus/super.c in the Linux Kernel. This flaw could allow a local user to cause a denial of service problem.

  • CVE-2023-2156May 9, 2023
    affected < 2-150500.2.1fixed 2-150500.2.1

    A flaw was found in the networking subsystem of the Linux kernel within the handling of the RPL protocol. This issue results from the lack of proper handling of user-supplied data, which can lead to an assertion failure. This may allow an unauthenticated remote attacker to create

Page 2 of 2