rpm package
suse/kernel-livepatch-SLE15-SP5_Update_2&distro=SUSE Linux Enterprise Live Patching 15 SP5
pkg:rpm/suse/kernel-livepatch-SLE15-SP5_Update_2&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2015%20SP5
Vulnerabilities (29)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2022-48651 | Hig | 7.7 | < 11-150500.2.1 | 11-150500.2.1 | Apr 28, 2024 | In the Linux kernel, the following vulnerability has been resolved: ipvlan: Fix out-of-bound bugs caused by unset skb->mac_header If an AF_PACKET socket is used to send packets through ipvlan and the default xmit function of the AF_PACKET socket is changed from dev_queue_xmit() | |
| CVE-2024-26766 | Med | 5.5 | < 11-150500.2.1 | 11-150500.2.1 | Apr 3, 2024 | In the Linux kernel, the following vulnerability has been resolved: IB/hfi1: Fix sdma.h tx->num_descs off-by-one error Unfortunately the commit `fd8958efe877` introduced another error causing the `descs` array to overflow. This reults in further crashes easily reproducible by ` | |
| CVE-2024-26610 | Hig | 7.8 | < 11-150500.2.1 | 11-150500.2.1 | Mar 11, 2024 | In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: fix a memory corruption iwl_fw_ini_trigger_tlv::data is a pointer to a __le32, which means that if we copy to iwl_fw_ini_trigger_tlv::data + offset while offset is in bytes, we'll write past the | |
| CVE-2023-52502 | Med | 6.3 | < 11-150500.2.1 | 11-150500.2.1 | Mar 2, 2024 | In the Linux kernel, the following vulnerability has been resolved: net: nfc: fix races in nfc_llcp_sock_get() and nfc_llcp_sock_get_sn() Sili Luo reported a race in nfc_llcp_sock_get(), leading to UAF. Getting a reference on the socket found in a lookup while holding a lock s | |
| CVE-2023-51779 | Hig | 7.0 | < 8-150500.2.3 | 8-150500.2.3 | Feb 29, 2024 | bt_sock_recvmsg in net/bluetooth/af_bluetooth.c in the Linux kernel through 6.6.8 has a use-after-free because of a bt_sock_ioctl race condition. | |
| CVE-2024-26585 | Med | 4.7 | < 11-150500.2.1 | 11-150500.2.1 | Feb 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: tls: fix race between tx work scheduling and socket close Similarly to previous commit, the submitting thread (recvmsg/sendmsg) may exit as soon as the async crypto handler calls complete(). Reorder scheduling | |
| CVE-2023-6531 | Hig | 7.0 | < 8-150500.2.3 | 8-150500.2.3 | Jan 21, 2024 | A use-after-free flaw was found in the Linux Kernel due to a race problem in the unix garbage collector's deletion of SKB races with unix_stream_read_generic() on the socket that the SKB is queued on. | |
| CVE-2023-6546 | Hig | 7.0 | < 11-150500.2.1 | 11-150500.2.1 | Dec 21, 2023 | A race condition was found in the GSM 0710 tty multiplexor in the Linux kernel. This issue occurs when two threads execute the GSMIOC_SETCONF ioctl on the same tty file descriptor with the gsm line discipline enabled, and can lead to a use-after-free problem on a struct gsm_dlci | |
| CVE-2023-6931 | Hig | 7.8 | < 11-150500.2.1 | 11-150500.2.1 | Dec 19, 2023 | A heap out-of-bounds write vulnerability in the Linux kernel's Performance Events system component can be exploited to achieve local privilege escalation. A perf_event's read_size can overflow, leading to an heap out-of-bounds increment or write in perf_read_group(). We recomme | |
| CVE-2023-46813 | Hig | 7.0 | < 8-150500.2.3 | 8-150500.2.3 | Oct 27, 2023 | An issue was discovered in the Linux kernel before 6.5.9, exploitable by local users with userspace access to MMIO registers. Incorrect access checking in the #VC handler and instruction emulation of the SEV-ES emulation of MMIO accesses could lead to arbitrary write access to ke | |
| CVE-2023-39191 | Hig | 8.2 | < 8-150500.2.3 | 8-150500.2.3 | Oct 4, 2023 | An improper input validation flaw was found in the eBPF subsystem in the Linux kernel. The issue occurs due to a lack of proper validation of dynamic pointers within user-supplied eBPF programs prior to executing them. This may allow an attacker with CAP_BPF privileges to escalat | |
| CVE-2023-5345 | Hig | 7.8 | < 5-150500.2.1 | 5-150500.2.1 | Oct 3, 2023 | A use-after-free vulnerability in the Linux kernel's fs/smb/client component can be exploited to achieve local privilege escalation. In case of an error in smb3_fs_context_parse_param, ctx->password was freed but the field was not set to NULL which could lead to double free. We | |
| CVE-2023-2163 | Cri | 10.0 | < 5-150500.2.1 | 5-150500.2.1 | Sep 20, 2023 | Incorrect verifier pruning in BPF in Linux Kernel >=5.4 leads to unsafe code paths being incorrectly marked as safe, resulting in arbitrary read/write in kernel memory, lateral privilege escalation, and container escape. | |
| CVE-2023-4623 | Hig | 7.8 | < 4-150500.2.1 | 4-150500.2.1 | Sep 6, 2023 | A use-after-free vulnerability in the Linux kernel's net/sched: sch_hfsc (HFSC qdisc traffic control) component can be exploited to achieve local privilege escalation. If a class with a link-sharing curve (i.e. with the HFSC_FSC flag set) has a parent without a link-sharing curv | |
| CVE-2023-4622 | Hig | 7.8 | < 5-150500.2.1 | 5-150500.2.1 | Sep 6, 2023 | A use-after-free vulnerability in the Linux kernel's af_unix component can be exploited to achieve local privilege escalation. The unix_stream_sendpage() function tries to add data to the last skb in the peer's recv queue without locking the queue. Thus there is a race where uni | |
| CVE-2023-3777 | Hig | 7.8 | < 5-150500.2.1 | 5-150500.2.1 | Sep 6, 2023 | A use-after-free vulnerability in the Linux kernel's netfilter: nf_tables component can be exploited to achieve local privilege escalation. When nf_tables_delrule() is flushing table rules, it is not checked whether the chain is bound and the chain's owner rule can also release | |
| CVE-2023-4273 | Med | 6.0 | < 3-150500.2.1 | 3-150500.2.1 | Aug 9, 2023 | A flaw was found in the exFAT driver of the Linux kernel. The vulnerability exists in the implementation of the file name reconstruction function, which is responsible for reading file name entries from a directory index and merging file name parts belonging to one file into a si | |
| CVE-2023-4147 | Hig | 7.8 | < 4-150500.2.1 | 4-150500.2.1 | Aug 7, 2023 | A use-after-free flaw was found in the Linux kernel’s Netfilter functionality when adding a rule with NFTA_RULE_CHAIN_ID. This flaw allows a local user to crash or escalate their privileges on the system. | |
| CVE-2023-4004 | Hig | 7.8 | < 4-150500.2.1 | 4-150500.2.1 | Jul 31, 2023 | A use-after-free flaw was found in the Linux kernel's netfilter in the way a user triggers the nft_pipapo_remove function with the element, without a NFT_SET_EXT_KEY_END. This issue could allow a local user to crash the system or potentially escalate their privileges on the syste | |
| CVE-2023-20593 | Med | 5.5 | < 1-150500.11.3.2 | 1-150500.11.3.2 | Jul 24, 2023 | An issue in “Zen 2” CPUs, under specific microarchitectural circumstances, may allow an attacker to potentially access sensitive information. |
- affected < 11-150500.2.1fixed 11-150500.2.1
In the Linux kernel, the following vulnerability has been resolved: ipvlan: Fix out-of-bound bugs caused by unset skb->mac_header If an AF_PACKET socket is used to send packets through ipvlan and the default xmit function of the AF_PACKET socket is changed from dev_queue_xmit()
- affected < 11-150500.2.1fixed 11-150500.2.1
In the Linux kernel, the following vulnerability has been resolved: IB/hfi1: Fix sdma.h tx->num_descs off-by-one error Unfortunately the commit `fd8958efe877` introduced another error causing the `descs` array to overflow. This reults in further crashes easily reproducible by `
- affected < 11-150500.2.1fixed 11-150500.2.1
In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: fix a memory corruption iwl_fw_ini_trigger_tlv::data is a pointer to a __le32, which means that if we copy to iwl_fw_ini_trigger_tlv::data + offset while offset is in bytes, we'll write past the
- affected < 11-150500.2.1fixed 11-150500.2.1
In the Linux kernel, the following vulnerability has been resolved: net: nfc: fix races in nfc_llcp_sock_get() and nfc_llcp_sock_get_sn() Sili Luo reported a race in nfc_llcp_sock_get(), leading to UAF. Getting a reference on the socket found in a lookup while holding a lock s
- affected < 8-150500.2.3fixed 8-150500.2.3
bt_sock_recvmsg in net/bluetooth/af_bluetooth.c in the Linux kernel through 6.6.8 has a use-after-free because of a bt_sock_ioctl race condition.
- affected < 11-150500.2.1fixed 11-150500.2.1
In the Linux kernel, the following vulnerability has been resolved: tls: fix race between tx work scheduling and socket close Similarly to previous commit, the submitting thread (recvmsg/sendmsg) may exit as soon as the async crypto handler calls complete(). Reorder scheduling
- affected < 8-150500.2.3fixed 8-150500.2.3
A use-after-free flaw was found in the Linux Kernel due to a race problem in the unix garbage collector's deletion of SKB races with unix_stream_read_generic() on the socket that the SKB is queued on.
- affected < 11-150500.2.1fixed 11-150500.2.1
A race condition was found in the GSM 0710 tty multiplexor in the Linux kernel. This issue occurs when two threads execute the GSMIOC_SETCONF ioctl on the same tty file descriptor with the gsm line discipline enabled, and can lead to a use-after-free problem on a struct gsm_dlci
- affected < 11-150500.2.1fixed 11-150500.2.1
A heap out-of-bounds write vulnerability in the Linux kernel's Performance Events system component can be exploited to achieve local privilege escalation. A perf_event's read_size can overflow, leading to an heap out-of-bounds increment or write in perf_read_group(). We recomme
- affected < 8-150500.2.3fixed 8-150500.2.3
An issue was discovered in the Linux kernel before 6.5.9, exploitable by local users with userspace access to MMIO registers. Incorrect access checking in the #VC handler and instruction emulation of the SEV-ES emulation of MMIO accesses could lead to arbitrary write access to ke
- affected < 8-150500.2.3fixed 8-150500.2.3
An improper input validation flaw was found in the eBPF subsystem in the Linux kernel. The issue occurs due to a lack of proper validation of dynamic pointers within user-supplied eBPF programs prior to executing them. This may allow an attacker with CAP_BPF privileges to escalat
- affected < 5-150500.2.1fixed 5-150500.2.1
A use-after-free vulnerability in the Linux kernel's fs/smb/client component can be exploited to achieve local privilege escalation. In case of an error in smb3_fs_context_parse_param, ctx->password was freed but the field was not set to NULL which could lead to double free. We
- affected < 5-150500.2.1fixed 5-150500.2.1
Incorrect verifier pruning in BPF in Linux Kernel >=5.4 leads to unsafe code paths being incorrectly marked as safe, resulting in arbitrary read/write in kernel memory, lateral privilege escalation, and container escape.
- affected < 4-150500.2.1fixed 4-150500.2.1
A use-after-free vulnerability in the Linux kernel's net/sched: sch_hfsc (HFSC qdisc traffic control) component can be exploited to achieve local privilege escalation. If a class with a link-sharing curve (i.e. with the HFSC_FSC flag set) has a parent without a link-sharing curv
- affected < 5-150500.2.1fixed 5-150500.2.1
A use-after-free vulnerability in the Linux kernel's af_unix component can be exploited to achieve local privilege escalation. The unix_stream_sendpage() function tries to add data to the last skb in the peer's recv queue without locking the queue. Thus there is a race where uni
- affected < 5-150500.2.1fixed 5-150500.2.1
A use-after-free vulnerability in the Linux kernel's netfilter: nf_tables component can be exploited to achieve local privilege escalation. When nf_tables_delrule() is flushing table rules, it is not checked whether the chain is bound and the chain's owner rule can also release
- affected < 3-150500.2.1fixed 3-150500.2.1
A flaw was found in the exFAT driver of the Linux kernel. The vulnerability exists in the implementation of the file name reconstruction function, which is responsible for reading file name entries from a directory index and merging file name parts belonging to one file into a si
- affected < 4-150500.2.1fixed 4-150500.2.1
A use-after-free flaw was found in the Linux kernel’s Netfilter functionality when adding a rule with NFTA_RULE_CHAIN_ID. This flaw allows a local user to crash or escalate their privileges on the system.
- affected < 4-150500.2.1fixed 4-150500.2.1
A use-after-free flaw was found in the Linux kernel's netfilter in the way a user triggers the nft_pipapo_remove function with the element, without a NFT_SET_EXT_KEY_END. This issue could allow a local user to crash the system or potentially escalate their privileges on the syste
- affected < 1-150500.11.3.2fixed 1-150500.11.3.2
An issue in “Zen 2” CPUs, under specific microarchitectural circumstances, may allow an attacker to potentially access sensitive information.
Page 1 of 2