rpm package

suse/kernel-livepatch-SLE15_Update_27&distro=SUSE Linux Enterprise Live Patching 15

pkg:rpm/suse/kernel-livepatch-SLE15_Update_27&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2015

Vulnerabilities (59)

CVE	Sev	CVSS	Affected versions	Fixed in	Published	Description
CVE-2022-2588		—	< 11-150000.2.2	11-150000.2.2	Jan 8, 2024	It was discovered that the cls_route filter implementation in the Linux kernel would not remove an old filter from the hashtable before freeing it if its handle had the value 0.
CVE-2022-4378		—	< 12-150000.2.2	12-150000.2.2	Jan 5, 2023	A stack overflow flaw was found in the Linux kernel's SYSCTL subsystem in how a user changes certain kernel parameters and variables. This flaw allows a local user to crash or potentially escalate their privileges on the system.
CVE-2022-43945	Hig	7.5	< 12-150000.2.2	12-150000.2.2	Nov 4, 2022	The Linux kernel NFSD implementation prior to versions 5.19.17 and 6.0.2 are vulnerable to buffer overflow. NFSD tracks the number of pages held by each NFSD thread by combining the receive and send buffers of a remote procedure call (RPC) into a single array of pages. A client c
CVE-2022-3586		—	< 12-150000.2.2	12-150000.2.2	Oct 19, 2022	A flaw was found in the Linux kernel’s networking code. A use-after-free was found in the way the sch_sfb enqueue function used the socket buffer (SKB) cb field after the same SKB had been enqueued (and freed) into a child qdisc. This flaw allows a local, unprivileged user to cra
CVE-2022-3545		—	< 12-150000.2.2	12-150000.2.2	Oct 17, 2022	A vulnerability has been found in Linux Kernel and classified as critical. Affected by this vulnerability is the function area_cache_get of the file drivers/net/ethernet/netronome/nfp/nfpcore/nfp_cppcore.c of the component IPsec. The manipulation leads to use after free. It is re
CVE-2022-42703		—	< 11-150000.2.2	11-150000.2.2	Oct 9, 2022	mm/rmap.c in the Linux kernel before 5.19.7 has a use-after-free related to leaf anon_vma double reuse.
CVE-2022-41218		—	< 12-150000.2.2	12-150000.2.2	Sep 21, 2022	In drivers/media/dvb-core/dmxdev.c in the Linux kernel through 5.19.10, there is a use-after-free caused by refcount races, affecting dvb_demux_open and dvb_dmxdev_release.
CVE-2022-2964		—	< 12-150000.2.2	12-150000.2.2	Sep 9, 2022	A flaw was found in the Linux kernel’s driver for the ASIX AX88179_178A-based USB 2.0/3.0 Gigabit Ethernet Devices. The vulnerability contains multiple out-of-bounds reads and possible out-of-bounds writes.
CVE-2022-39188		—	< 10-150000.2.2	10-150000.2.2	Sep 2, 2022	An issue was discovered in include/asm-generic/tlb.h in the Linux kernel before 5.19. Because of a race condition (unmap_mapping_range versus munmap), a device driver can free a page while it still has stale TLB entries. This only occurs in situations with VM_PFNMAP VMAs.
CVE-2022-1729		—	< 7-150000.2.3	7-150000.2.3	Sep 1, 2022	A race condition was found the Linux kernel in perf_event_open() which can be exploited by an unprivileged user to gain root privileges. The bug allows to build several exploit primitives such as kernel address information leak, arbitrary execution, etc.
CVE-2022-1016		—	< 4-150000.2.1	4-150000.2.1	Aug 29, 2022	A flaw was found in the Linux kernel in net/netfilter/nf_tables_core.c:nft_do_chain, which can cause a use-after-free. This issue needs to handle 'return' with proper preconditions, as it can lead to a kernel information leak problem caused by a local, unprivileged attacker.
CVE-2022-36946		—	< 9-150000.2.2	9-150000.2.2	Jul 27, 2022	nfqnl_mangle in net/netfilter/nfnetlink_queue.c in the Linux kernel through 5.18.14 allows remote attackers to cause a denial of service (panic) because, in the case of an nf_queue verdict with a one-byte nfta_payload attribute, an skb_pull can encounter a negative skb->len.
CVE-2020-36557		—	< 11-150000.2.2	11-150000.2.2	Jul 21, 2022	A race condition in the Linux kernel before 5.6.2 between the VT_DISALLOCATE ioctl and closing/opening of ttys could lead to a use-after-free.
CVE-2020-36558		—	< 11-150000.2.2	11-150000.2.2	Jul 21, 2022	A race condition in the Linux kernel before 5.5.7 involving VT_RESIZEX could lead to a NULL pointer dereference and general protection fault.
CVE-2021-33655		—	< 11-150000.2.2	11-150000.2.2	Jul 18, 2022	When sending malicous data to kernel by ioctl cmd FBIOPUT_VSCREENINFO,kernel will write memory out of bounds.
CVE-2022-20154		—	< 7-150000.2.3	7-150000.2.3	Jun 15, 2022	In lock_sock_nested of sock.c, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID:
CVE-2022-20141		—	< 8-150000.2.2	8-150000.2.2	Jun 15, 2022	In ip_check_mc_rcu of igmp.c, there is a possible use after free due to improper locking. This could lead to local escalation of privilege when opening and closing inet sockets with no additional execution privileges needed. User interaction is not needed for exploitation.Product
CVE-2022-21499		—	< 7-150000.2.3	7-150000.2.3	Jun 9, 2022	KGDB and KDB allow read and write access to kernel memory, and thus should be restricted during lockdown. An attacker with access to a serial port could trigger the debugger so it is important that the debugger respect the lockdown mode when/if it is triggered. CVSS 3.1 Base Scor
CVE-2022-1652		—	< 10-150000.2.2	10-150000.2.2	May 31, 2022	Linux Kernel could allow a local attacker to execute arbitrary code on the system, caused by a concurrency use-after-free flaw in the bad_flp_intr function. By executing a specially-crafted program, an attacker could exploit this vulnerability to execute arbitrary code or cause a
CVE-2022-1419		—	< 8-150000.2.2	8-150000.2.2	May 31, 2022	The root cause of this vulnerability is that the ioctl$DRM_IOCTL_MODE_DESTROY_DUMB can decrease refcount of drm_vgem_gem_object (created in vgem_gem_dumb_create) concurrently, and vgem_gem_dumb_create will access the freed drm_vgem_gem_object.

CVE-2022-2588Jan 8, 2024
affected < 11-150000.2.2fixed 11-150000.2.2
It was discovered that the cls_route filter implementation in the Linux kernel would not remove an old filter from the hashtable before freeing it if its handle had the value 0.
CVE-2022-4378Jan 5, 2023
affected < 12-150000.2.2fixed 12-150000.2.2
A stack overflow flaw was found in the Linux kernel's SYSCTL subsystem in how a user changes certain kernel parameters and variables. This flaw allows a local user to crash or potentially escalate their privileges on the system.
CVE-2022-43945HigNov 4, 2022
affected < 12-150000.2.2fixed 12-150000.2.2
The Linux kernel NFSD implementation prior to versions 5.19.17 and 6.0.2 are vulnerable to buffer overflow. NFSD tracks the number of pages held by each NFSD thread by combining the receive and send buffers of a remote procedure call (RPC) into a single array of pages. A client c
CVE-2022-3586Oct 19, 2022
affected < 12-150000.2.2fixed 12-150000.2.2
A flaw was found in the Linux kernel’s networking code. A use-after-free was found in the way the sch_sfb enqueue function used the socket buffer (SKB) cb field after the same SKB had been enqueued (and freed) into a child qdisc. This flaw allows a local, unprivileged user to cra
CVE-2022-3545Oct 17, 2022
affected < 12-150000.2.2fixed 12-150000.2.2
A vulnerability has been found in Linux Kernel and classified as critical. Affected by this vulnerability is the function area_cache_get of the file drivers/net/ethernet/netronome/nfp/nfpcore/nfp_cppcore.c of the component IPsec. The manipulation leads to use after free. It is re
CVE-2022-42703Oct 9, 2022
affected < 11-150000.2.2fixed 11-150000.2.2
mm/rmap.c in the Linux kernel before 5.19.7 has a use-after-free related to leaf anon_vma double reuse.
CVE-2022-41218Sep 21, 2022
affected < 12-150000.2.2fixed 12-150000.2.2
In drivers/media/dvb-core/dmxdev.c in the Linux kernel through 5.19.10, there is a use-after-free caused by refcount races, affecting dvb_demux_open and dvb_dmxdev_release.
CVE-2022-2964Sep 9, 2022
affected < 12-150000.2.2fixed 12-150000.2.2
A flaw was found in the Linux kernel’s driver for the ASIX AX88179_178A-based USB 2.0/3.0 Gigabit Ethernet Devices. The vulnerability contains multiple out-of-bounds reads and possible out-of-bounds writes.
CVE-2022-39188Sep 2, 2022
affected < 10-150000.2.2fixed 10-150000.2.2
An issue was discovered in include/asm-generic/tlb.h in the Linux kernel before 5.19. Because of a race condition (unmap_mapping_range versus munmap), a device driver can free a page while it still has stale TLB entries. This only occurs in situations with VM_PFNMAP VMAs.
CVE-2022-1729Sep 1, 2022
affected < 7-150000.2.3fixed 7-150000.2.3
A race condition was found the Linux kernel in perf_event_open() which can be exploited by an unprivileged user to gain root privileges. The bug allows to build several exploit primitives such as kernel address information leak, arbitrary execution, etc.
CVE-2022-1016Aug 29, 2022
affected < 4-150000.2.1fixed 4-150000.2.1
A flaw was found in the Linux kernel in net/netfilter/nf_tables_core.c:nft_do_chain, which can cause a use-after-free. This issue needs to handle 'return' with proper preconditions, as it can lead to a kernel information leak problem caused by a local, unprivileged attacker.
CVE-2022-36946Jul 27, 2022
affected < 9-150000.2.2fixed 9-150000.2.2
nfqnl_mangle in net/netfilter/nfnetlink_queue.c in the Linux kernel through 5.18.14 allows remote attackers to cause a denial of service (panic) because, in the case of an nf_queue verdict with a one-byte nfta_payload attribute, an skb_pull can encounter a negative skb->len.
CVE-2020-36557Jul 21, 2022
affected < 11-150000.2.2fixed 11-150000.2.2
A race condition in the Linux kernel before 5.6.2 between the VT_DISALLOCATE ioctl and closing/opening of ttys could lead to a use-after-free.
CVE-2020-36558Jul 21, 2022
affected < 11-150000.2.2fixed 11-150000.2.2
A race condition in the Linux kernel before 5.5.7 involving VT_RESIZEX could lead to a NULL pointer dereference and general protection fault.
CVE-2021-33655Jul 18, 2022
affected < 11-150000.2.2fixed 11-150000.2.2
When sending malicous data to kernel by ioctl cmd FBIOPUT_VSCREENINFO,kernel will write memory out of bounds.
CVE-2022-20154Jun 15, 2022
affected < 7-150000.2.3fixed 7-150000.2.3
In lock_sock_nested of sock.c, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID:
CVE-2022-20141Jun 15, 2022
affected < 8-150000.2.2fixed 8-150000.2.2
In ip_check_mc_rcu of igmp.c, there is a possible use after free due to improper locking. This could lead to local escalation of privilege when opening and closing inet sockets with no additional execution privileges needed. User interaction is not needed for exploitation.Product
CVE-2022-21499Jun 9, 2022
affected < 7-150000.2.3fixed 7-150000.2.3
KGDB and KDB allow read and write access to kernel memory, and thus should be restricted during lockdown. An attacker with access to a serial port could trigger the debugger so it is important that the debugger respect the lockdown mode when/if it is triggered. CVSS 3.1 Base Scor
CVE-2022-1652May 31, 2022
affected < 10-150000.2.2fixed 10-150000.2.2
Linux Kernel could allow a local attacker to execute arbitrary code on the system, caused by a concurrency use-after-free flaw in the bad_flp_intr function. By executing a specially-crafted program, an attacker could exploit this vulnerability to execute arbitrary code or cause a
CVE-2022-1419May 31, 2022
affected < 8-150000.2.2fixed 8-150000.2.2
The root cause of this vulnerability is that the ioctl$DRM_IOCTL_MODE_DESTROY_DUMB can decrease refcount of *drm_vgem_gem_object *(created in *vgem_gem_dumb_create*) concurrently, and *vgem_gem_dumb_create *will access the freed drm_vgem_gem_object.

Page 1 of 3