suse/kernel-livepatch-SLE15_Update_28&distro=SUSE Linux Enterprise Live Patching 15

Vulnerabilities (40)

• CVE-2022-1734May 18, 2022
  affected < 5-150000.2.2fixed 5-150000.2.2

  A flaw in Linux Kernel found in nfcmrvl_nci_unregister_dev() in drivers/nfc/nfcmrvl/main.c can lead to use after free both read or write when non synchronized between cleanup routine and firmware download routine.

• CVE-2022-1679May 16, 2022
  affected < 7-150000.2.2fixed 7-150000.2.2

  A use-after-free flaw was found in the Linux kernel’s Atheros wireless adapter driver in the way a user forces the ath9k_htc_wait_for_target function to fail with some input messages. This flaw allows a local user to crash or potentially escalate their privileges on the system.

• CVE-2022-30594May 12, 2022
  affected < 4-150000.2.2fixed 4-150000.2.2

  The Linux kernel before 5.17.2 mishandles seccomp permissions. The PTRACE_SEIZE code path allows attackers to bypass intended restrictions on setting the PT_SUSPEND_SECCOMP flag.

• CVE-2022-1048Apr 29, 2022
  affected < 4-150000.2.2fixed 4-150000.2.2

  A use-after-free flaw was found in the Linux kernel’s sound subsystem in the way a user triggers concurrent calls of PCM hw_params. The hw_free ioctls or similar race condition happens inside ALSA PCM for other ioctls. This flaw allows a local user to crash or potentially escalat

• CVE-2022-28389Apr 3, 2022
  affected < 7-150000.2.2fixed 7-150000.2.2

  mcba_usb_start_xmit in drivers/net/can/usb/mcba_usb.c in the Linux kernel through 5.17.1 has a double free.

• CVE-2022-28390Apr 3, 2022
  affected < 7-150000.2.2fixed 7-150000.2.2

  ems_usb_start_xmit in drivers/net/can/usb/ems_usb.c in the Linux kernel through 5.17.1 has a double free.

• CVE-2022-27666Mar 23, 2022
  affected < 2-150000.2.1fixed 2-150000.2.1

  A heap buffer overflow flaw was found in IPsec ESP transformation code in net/ipv4/esp4.c and net/ipv6/esp6.c. This flaw allows a local attacker with a normal user privilege to overwrite kernel heap objects and may cause a local privilege escalation threat.

• CVE-2022-1011Mar 18, 2022
  affected < 3-150000.2.1fixed 3-150000.2.1

  A use-after-free flaw was found in the Linux kernel’s FUSE filesystem in the way a user triggers write(). This flaw allows a local user to gain unauthorized access to data from the FUSE filesystem, resulting in privilege escalation.

• CVE-2021-39713Mar 16, 2022
  affected < 3-150000.2.1fixed 3-150000.2.1

  Product: AndroidVersions: Android kernelAndroid ID: A-173788806References: Upstream kernel

• CVE-2022-0002Mar 11, 2022
  affected < 1-1.3.1fixed 1-1.3.1

  Non-transparent sharing of branch predictor within a context in some Intel(R) Processors may allow an authorized user to potentially enable information disclosure via local access.

• CVE-2022-0001Mar 11, 2022
  affected < 1-1.3.1fixed 1-1.3.1

  Non-transparent sharing of branch predictor selectors between contexts in some Intel(R) Processors may allow an authorized user to potentially enable information disclosure via local access.

• CVE-2022-0847KEVMar 7, 2022
  affected < 1-1.3.1fixed 1-1.3.1

  A flaw was found in the way the "flags" member of the new pipe buffer structure was lacking proper initialization in copy_page_to_iter_pipe and push_pipe functions in the Linux kernel and could thus contain stale values. An unprivileged local user could use this flaw to write to

• CVE-2022-26490Mar 6, 2022
  affected < 7-150000.2.2fixed 7-150000.2.2

  st21nfca_connectivity_event_received in drivers/nfc/st21nfca/se.c in the Linux kernel through 5.16.12 has EVT_TRANSACTION buffer overflows because of untrusted length parameters.

• CVE-2022-0492Mar 3, 2022
  affected < 1-1.3.1fixed 1-1.3.1

  A vulnerability was found in the Linux kernel’s cgroup_release_agent_write in the kernel/cgroup/cgroup-v1.c function. This flaw, under certain circumstances, allows the use of the cgroups v1 release_agent feature to escalate privileges and bypass the namespace isolation unexpecte

• CVE-2020-36516Feb 26, 2022
  affected < 8-150000.2.2fixed 8-150000.2.2

  An issue was discovered in the Linux kernel through 5.16.11. The mixed IPID assignment method with the hash-based IPID assignment policy allows an off-path attacker to inject data into a victim's TCP session or terminate that session.

• CVE-2022-0617Feb 16, 2022
  affected < 1-1.3.1fixed 1-1.3.1

  A flaw null pointer dereference in the Linux kernel UDF file system functionality was found in the way user triggers udf_file_write_iter function for the malicious UDF image. A local user could use this flaw to crash the system. Actual from Linux kernel 4.2-rc1 till 5.17-rc2.

• CVE-2021-44879Feb 13, 2022
  affected < 1-1.3.1fixed 1-1.3.1

  In gc_data_segment in fs/f2fs/gc.c in the Linux kernel before 5.16.3, special files are not considered, leading to a move_data_page NULL pointer dereference.

• CVE-2022-24959Feb 11, 2022
  affected < 1-1.3.1fixed 1-1.3.1

  An issue was discovered in the Linux kernel before 5.16.5. There is a memory leak in yam_siocdevprivate in drivers/net/hamradio/yam.c.

• CVE-2022-0487Feb 4, 2022
  affected < 1-1.3.1fixed 1-1.3.1

  A use-after-free vulnerability was found in rtsx_usb_ms_drv_remove in drivers/memstick/host/rtsx_usb_ms.c in memstick in the Linux kernel. In this flaw, a local attacker with a user privilege may impact system Confidentiality. This flaw affects kernel versions prior to 5.14 rc1.

• CVE-2022-24448Feb 4, 2022
  affected < 1-1.3.1fixed 1-1.3.1

  An issue was discovered in fs/nfs/dir.c in the Linux kernel before 5.16.5. If an application sets the O_DIRECTORY flag, and tries to open a regular file, nfs_atomic_open() performs a regular lookup. If a regular file is found, ENOTDIR should occur, but the server instead returns