VYPR

rpm package

suse/kernel-livepatch-SLE15_Update_30&distro=SUSE Linux Enterprise Live Patching 15

pkg:rpm/suse/kernel-livepatch-SLE15_Update_30&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2015

Vulnerabilities (42)

  • CVE-2022-2588Jan 8, 2024
    affected < 6-150000.2.1fixed 6-150000.2.1

    It was discovered that the cls_route filter implementation in the Linux kernel would not remove an old filter from the hashtable before freeing it if its handle had the value 0.

  • CVE-2022-4378Jan 5, 2023
    affected < 7-150000.2.1fixed 7-150000.2.1

    A stack overflow flaw was found in the Linux kernel's SYSCTL subsystem in how a user changes certain kernel parameters and variables. This flaw allows a local user to crash or potentially escalate their privileges on the system.

  • CVE-2022-43945HigNov 4, 2022
    affected < 7-150000.2.1fixed 7-150000.2.1

    The Linux kernel NFSD implementation prior to versions 5.19.17 and 6.0.2 are vulnerable to buffer overflow. NFSD tracks the number of pages held by each NFSD thread by combining the receive and send buffers of a remote procedure call (RPC) into a single array of pages. A client c

  • CVE-2022-3586Oct 19, 2022
    affected < 7-150000.2.1fixed 7-150000.2.1

    A flaw was found in the Linux kernel’s networking code. A use-after-free was found in the way the sch_sfb enqueue function used the socket buffer (SKB) cb field after the same SKB had been enqueued (and freed) into a child qdisc. This flaw allows a local, unprivileged user to cra

  • CVE-2022-3545Oct 17, 2022
    affected < 7-150000.2.1fixed 7-150000.2.1

    A vulnerability has been found in Linux Kernel and classified as critical. Affected by this vulnerability is the function area_cache_get of the file drivers/net/ethernet/netronome/nfp/nfpcore/nfp_cppcore.c of the component IPsec. The manipulation leads to use after free. It is re

  • CVE-2022-42703Oct 9, 2022
    affected < 6-150000.2.1fixed 6-150000.2.1

    mm/rmap.c in the Linux kernel before 5.19.7 has a use-after-free related to leaf anon_vma double reuse.

  • CVE-2022-41218Sep 21, 2022
    affected < 7-150000.2.1fixed 7-150000.2.1

    In drivers/media/dvb-core/dmxdev.c in the Linux kernel through 5.19.10, there is a use-after-free caused by refcount races, affecting dvb_demux_open and dvb_dmxdev_release.

  • CVE-2022-39188Sep 2, 2022
    affected < 5-150000.2.2fixed 5-150000.2.2

    An issue was discovered in include/asm-generic/tlb.h in the Linux kernel before 5.19. Because of a race condition (unmap_mapping_range versus munmap), a device driver can free a page while it still has stale TLB entries. This only occurs in situations with VM_PFNMAP VMAs.

  • CVE-2022-1729Sep 1, 2022
    affected < 1-150000.1.3.2fixed 1-150000.1.3.2

    A race condition was found the Linux kernel in perf_event_open() which can be exploited by an unprivileged user to gain root privileges. The bug allows to build several exploit primitives such as kernel address information leak, arbitrary execution, etc.

  • CVE-2022-1975Aug 31, 2022
    affected < 1-150000.1.3.2fixed 1-150000.1.3.2

    There is a sleep-in-atomic bug in /net/nfc/netlink.c that allows an attacker to crash the Linux kernel by simulating a nfc device from user-space.

  • CVE-2022-1974Aug 31, 2022
    affected < 1-150000.1.3.2fixed 1-150000.1.3.2

    A use-after-free flaw was found in the Linux kernel's NFC core functionality due to a race condition between kobject creation and delete. This vulnerability allows a local attacker with CAP_NET_ADMIN privilege to leak kernel information.

  • CVE-2022-1184Aug 29, 2022
    affected < 1-150000.1.3.2fixed 1-150000.1.3.2

    A use-after-free flaw was found in fs/ext4/namei.c:dx_insert_block() in the Linux kernel’s filesystem sub-component. This flaw allows a local attacker with a user privilege to cause a denial of service.

  • CVE-2022-36946Jul 27, 2022
    affected < 4-150000.2.1fixed 4-150000.2.1

    nfqnl_mangle in net/netfilter/nfnetlink_queue.c in the Linux kernel through 5.18.14 allows remote attackers to cause a denial of service (panic) because, in the case of an nf_queue verdict with a one-byte nfta_payload attribute, an skb_pull can encounter a negative skb->len.

  • CVE-2020-36557Jul 21, 2022
    affected < 6-150000.2.1fixed 6-150000.2.1

    A race condition in the Linux kernel before 5.6.2 between the VT_DISALLOCATE ioctl and closing/opening of ttys could lead to a use-after-free.

  • CVE-2020-36558Jul 21, 2022
    affected < 6-150000.2.1fixed 6-150000.2.1

    A race condition in the Linux kernel before 5.5.7 involving VT_RESIZEX could lead to a NULL pointer dereference and general protection fault.

  • CVE-2021-33655Jul 18, 2022
    affected < 6-150000.2.1fixed 6-150000.2.1

    When sending malicous data to kernel by ioctl cmd FBIOPUT_VSCREENINFO,kernel will write memory out of bounds.

  • CVE-2022-21180Jun 15, 2022
    affected < 1-150000.1.3.2fixed 1-150000.1.3.2

    Improper input validation for some Intel(R) Processors may allow an authenticated user to potentially cause a denial of service via local access.

  • CVE-2022-21166Jun 15, 2022
    affected < 1-150000.1.3.2fixed 1-150000.1.3.2

    Incomplete cleanup in specific special register write operations for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.

  • CVE-2022-21127Jun 15, 2022
    affected < 1-150000.1.3.2fixed 1-150000.1.3.2

    Incomplete cleanup in specific special register read operations for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.

  • CVE-2022-21125Jun 15, 2022
    affected < 1-150000.1.3.2fixed 1-150000.1.3.2

    Incomplete cleanup of microarchitectural fill buffers on some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.

Page 1 of 3