VYPR

rpm package

suse/kernel-livepatch-SLE15_Update_35&distro=SUSE Linux Enterprise Live Patching 15

pkg:rpm/suse/kernel-livepatch-SLE15_Update_35&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2015

Vulnerabilities (36)

  • CVE-2022-3586MedOct 19, 2022
    affected < 1-150000.1.5.1fixed 1-150000.1.5.1

    A flaw was found in the Linux kernel’s networking code. A use-after-free was found in the way the sch_sfb enqueue function used the socket buffer (SKB) cb field after the same SKB had been enqueued (and freed) into a child qdisc. This flaw allows a local, unprivileged user to cra

  • CVE-2022-3594MedOct 18, 2022
    affected < 1-150000.1.5.1fixed 1-150000.1.5.1

    A vulnerability was found in Linux Kernel. It has been declared as problematic. Affected by this vulnerability is the function intr_callback of the file drivers/net/usb/r8152.c of the component BPF. The manipulation leads to logging of excessive data. The attack can be launched r

  • CVE-2022-3567MedOct 17, 2022
    affected < 1-150000.1.5.1fixed 1-150000.1.5.1

    A vulnerability has been found in Linux Kernel and classified as problematic. This vulnerability affects the function inet6_stream_ops/inet6_dgram_ops of the component IPv6 Handler. The manipulation leads to race condition. It is recommended to apply a patch to fix this issue. VD

  • CVE-2022-3565MedOct 17, 2022
    affected < 1-150000.1.5.1fixed 1-150000.1.5.1

    A vulnerability, which was classified as critical, has been found in Linux Kernel. Affected by this issue is the function del_timer of the file drivers/isdn/mISDN/l1oip_core.c of the component Bluetooth. The manipulation leads to use after free. It is recommended to apply a patch

  • CVE-2022-3545MedOct 17, 2022
    affected < 1-150000.1.5.1fixed 1-150000.1.5.1

    A vulnerability has been found in Linux Kernel and classified as critical. Affected by this vulnerability is the function area_cache_get of the file drivers/net/ethernet/netronome/nfp/nfpcore/nfp_cppcore.c of the component IPsec. The manipulation leads to use after free. It is re

  • CVE-2022-3524MedOct 16, 2022
    affected < 1-150000.1.5.1fixed 1-150000.1.5.1

    A vulnerability was found in Linux Kernel. It has been declared as problematic. Affected by this vulnerability is the function ipv6_renew_options of the component IPv6 Handler. The manipulation leads to memory leak. The attack can be launched remotely. It is recommended to apply

  • CVE-2022-3521LowOct 16, 2022
    affected < 1-150000.1.5.1fixed 1-150000.1.5.1

    A vulnerability has been found in Linux Kernel and classified as problematic. This vulnerability affects the function kcm_tx_work of the file net/kcm/kcmsock.c of the component kcm. The manipulation leads to race condition. It is recommended to apply a patch to fix this issue. VD

  • CVE-2022-42703MedOct 9, 2022
    affected < 1-150000.1.5.1fixed 1-150000.1.5.1

    mm/rmap.c in the Linux kernel before 5.19.7 has a use-after-free related to leaf anon_vma double reuse.

  • CVE-2022-41850MedSep 30, 2022
    affected < 1-150000.1.5.1fixed 1-150000.1.5.1

    roccat_report_event in drivers/hid/hid-roccat.c in the Linux kernel through 5.19.12 has a race condition and resultant use-after-free in certain situations where a report is received while copying a report->value is in progress.

  • CVE-2022-40768MedSep 18, 2022
    affected < 1-150000.1.5.1fixed 1-150000.1.5.1

    drivers/scsi/stex.c in the Linux kernel through 5.19.9 allows local users to obtain sensitive information from kernel memory because stex_queuecommand_lck lacks a memset for the PASSTHRU_CMD case.

  • CVE-2022-3169MedSep 9, 2022
    affected < 1-150000.1.5.1fixed 1-150000.1.5.1

    A flaw was found in the Linux kernel. A denial of service flaw may occur if there is a consecutive request of the NVME_IOCTL_RESET and the NVME_IOCTL_SUBSYS_RESET through the device file of the driver, resulting in a PCIe link disconnect.

  • CVE-2022-2964HigSep 9, 2022
    affected < 1-150000.1.5.1fixed 1-150000.1.5.1

    A flaw was found in the Linux kernel’s driver for the ASIX AX88179_178A-based USB 2.0/3.0 Gigabit Ethernet Devices. The vulnerability contains multiple out-of-bounds reads and possible out-of-bounds writes.

  • CVE-2022-40307MedSep 9, 2022
    affected < 1-150000.1.5.1fixed 1-150000.1.5.1

    An issue was discovered in the Linux kernel through 5.19.8. drivers/firmware/efi/capsule-loader.c has a race condition with a resultant use-after-free.

  • CVE-2022-2153MedAug 31, 2022
    affected < 1-150000.1.5.1fixed 1-150000.1.5.1

    A flaw was found in the Linux kernel’s KVM when attempting to set a SynIC IRQ. This issue makes it possible for a misbehaving VMM to write to SYNIC/STIMER MSRs, causing a NULL pointer dereference. This flaw allows an unprivileged local attacker on the host to issue specific ioctl

  • CVE-2021-4037HigAug 24, 2022
    affected < 1-150000.1.5.1fixed 1-150000.1.5.1

    A vulnerability was found in the fs/inode.c:inode_init_owner() function logic of the LInux kernel that allows local users to create files for the XFS file-system with an unintended group ownership and with group execution and SGID permission bits set, in a scenario where a direct

  • CVE-2022-33981LowJun 18, 2022
    affected < 1-150000.1.5.1fixed 1-150000.1.5.1

    drivers/block/floppy.c in the Linux kernel before 5.17.6 is vulnerable to a denial of service, because of a concurrency use-after-free flaw after deallocating raw_cmd in the raw_cmd_ioctl function.

Page 2 of 2