rpm package
suse/kernel-preempt&distro=SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS
pkg:rpm/suse/kernel-preempt&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP2-ESPOS
Vulnerabilities (183)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2022-3649 | Low | 3.1 | < 5.3.18-150200.24.139.1 | 5.3.18-150200.24.139.1 | Oct 21, 2022 | A vulnerability was found in Linux Kernel. It has been classified as problematic. Affected is the function nilfs_new_inode of the file fs/nilfs2/inode.c of the component BPF. The manipulation leads to use after free. It is possible to launch the attack remotely. It is recommended | |
| CVE-2022-3646 | Low | 3.1 | < 5.3.18-150200.24.139.1 | 5.3.18-150200.24.139.1 | Oct 21, 2022 | A vulnerability, which was classified as problematic, has been found in Linux Kernel. This issue affects the function nilfs_attach_log_writer of the file fs/nilfs2/segment.c of the component BPF. The manipulation leads to memory leak. The attack may be initiated remotely. It is r | |
| CVE-2022-3635 | Med | 5.5 | < 5.3.18-150200.24.139.1 | 5.3.18-150200.24.139.1 | Oct 21, 2022 | A vulnerability, which was classified as critical, has been found in Linux Kernel. Affected by this issue is the function tst_timer of the file drivers/atm/idt77252.c of the component IPsec. The manipulation leads to use after free. It is recommended to apply a patch to fix this | |
| CVE-2022-3629 | Low | 2.6 | < 5.3.18-150200.24.139.1 | 5.3.18-150200.24.139.1 | Oct 21, 2022 | A vulnerability was found in Linux Kernel. It has been declared as problematic. This vulnerability affects the function vsock_connect of the file net/vmw_vsock/af_vsock.c. The manipulation leads to memory leak. The complexity of an attack is rather high. The exploitation appears | |
| CVE-2022-3625 | Med | 4.6 | < 5.3.18-150200.24.139.1 | 5.3.18-150200.24.139.1 | Oct 21, 2022 | A vulnerability was found in Linux Kernel. It has been classified as critical. This affects the function devlink_param_set/devlink_param_get of the file net/core/devlink.c of the component IPsec. The manipulation leads to use after free. It is recommended to apply a patch to fix | |
| CVE-2022-3621 | Med | 4.3 | < 5.3.18-150200.24.139.1 | 5.3.18-150200.24.139.1 | Oct 20, 2022 | A vulnerability was found in Linux Kernel. It has been classified as problematic. Affected is the function nilfs_bmap_lookup_at_level of the file fs/nilfs2/inode.c of the component nilfs2. The manipulation leads to null pointer dereference. It is possible to launch the attack rem | |
| CVE-2022-3577 | Hig | 7.8 | < 5.3.18-150200.24.139.1 | 5.3.18-150200.24.139.1 | Oct 20, 2022 | An out-of-bounds memory write flaw was found in the Linux kernel’s Kid-friendly Wired Controller driver. This flaw allows a local user to crash or potentially escalate their privileges on the system. It is in bigben_probe of drivers/hid/hid-bigbenff.c. The reason is incorrect ass | |
| CVE-2022-3586 | Med | 5.5 | < 5.3.18-150200.24.139.1 | 5.3.18-150200.24.139.1 | Oct 19, 2022 | A flaw was found in the Linux kernel’s networking code. A use-after-free was found in the way the sch_sfb enqueue function used the socket buffer (SKB) cb field after the same SKB had been enqueued (and freed) into a child qdisc. This flaw allows a local, unprivileged user to cra | |
| CVE-2022-3594 | Med | 5.3 | < 5.3.18-150200.24.139.1 | 5.3.18-150200.24.139.1 | Oct 18, 2022 | A vulnerability was found in Linux Kernel. It has been declared as problematic. Affected by this vulnerability is the function intr_callback of the file drivers/net/usb/r8152.c of the component BPF. The manipulation leads to logging of excessive data. The attack can be launched r | |
| CVE-2022-3567 | Med | 4.6 | < 5.3.18-150200.24.139.1 | 5.3.18-150200.24.139.1 | Oct 17, 2022 | A vulnerability has been found in Linux Kernel and classified as problematic. This vulnerability affects the function inet6_stream_ops/inet6_dgram_ops of the component IPv6 Handler. The manipulation leads to race condition. It is recommended to apply a patch to fix this issue. VD | |
| CVE-2022-3565 | Med | 4.6 | < 5.3.18-150200.24.139.1 | 5.3.18-150200.24.139.1 | Oct 17, 2022 | A vulnerability, which was classified as critical, has been found in Linux Kernel. Affected by this issue is the function del_timer of the file drivers/isdn/mISDN/l1oip_core.c of the component Bluetooth. The manipulation leads to use after free. It is recommended to apply a patch | |
| CVE-2022-3545 | Med | 5.5 | < 5.3.18-150200.24.139.1 | 5.3.18-150200.24.139.1 | Oct 17, 2022 | A vulnerability has been found in Linux Kernel and classified as critical. Affected by this vulnerability is the function area_cache_get of the file drivers/net/ethernet/netronome/nfp/nfpcore/nfp_cppcore.c of the component IPsec. The manipulation leads to use after free. It is re | |
| CVE-2022-3524 | Med | 4.3 | < 5.3.18-150200.24.139.1 | 5.3.18-150200.24.139.1 | Oct 16, 2022 | A vulnerability was found in Linux Kernel. It has been declared as problematic. Affected by this vulnerability is the function ipv6_renew_options of the component IPv6 Handler. The manipulation leads to memory leak. The attack can be launched remotely. It is recommended to apply | |
| CVE-2022-3521 | Low | 2.6 | < 5.3.18-150200.24.139.1 | 5.3.18-150200.24.139.1 | Oct 16, 2022 | A vulnerability has been found in Linux Kernel and classified as problematic. This vulnerability affects the function kcm_tx_work of the file net/kcm/kcmsock.c of the component kcm. The manipulation leads to race condition. It is recommended to apply a patch to fix this issue. VD | |
| CVE-2022-42721 | Med | 5.5 | < 5.3.18-150200.24.134.1 | 5.3.18-150200.24.134.1 | Oct 14, 2022 | A list management bug in BSS handling in the mac80211 stack in the Linux kernel 5.1 through 5.19.x before 5.19.16 could be used by local attackers (able to inject WLAN frames) to corrupt a linked list and, in turn, potentially execute code. | |
| CVE-2022-42720 | Hig | 7.8 | < 5.3.18-150200.24.134.1 | 5.3.18-150200.24.134.1 | Oct 14, 2022 | Various refcounting bugs in the multi-BSS handling in the mac80211 stack in the Linux kernel 5.1 through 5.19.x before 5.19.16 could be used by local attackers (able to inject WLAN frames) to trigger use-after-free conditions to potentially execute code. | |
| CVE-2022-41674 | Hig | 8.1 | < 5.3.18-150200.24.134.1 | 5.3.18-150200.24.134.1 | Oct 14, 2022 | An issue was discovered in the Linux kernel before 5.19.16. Attackers able to inject WLAN frames could cause a buffer overflow in the ieee80211_bss_info_update function in net/mac80211/scan.c. | |
| CVE-2022-42719 | Hig | 8.8 | < 5.3.18-150200.24.134.1 | 5.3.18-150200.24.134.1 | Oct 13, 2022 | A use-after-free in the mac80211 stack when parsing a multi-BSSID element in the Linux kernel 5.2 through 5.19.x before 5.19.16 could be used by attackers (able to inject WLAN frames) to crash the kernel and potentially execute code. | |
| CVE-2022-42703 | Med | 5.5 | < 5.3.18-150200.24.139.1 | 5.3.18-150200.24.139.1 | Oct 9, 2022 | mm/rmap.c in the Linux kernel before 5.19.7 has a use-after-free related to leaf anon_vma double reuse. | |
| CVE-2022-41850 | Med | 4.7 | < 5.3.18-150200.24.139.1 | 5.3.18-150200.24.139.1 | Sep 30, 2022 | roccat_report_event in drivers/hid/hid-roccat.c in the Linux kernel through 5.19.12 has a race condition and resultant use-after-free in certain situations where a report is received while copying a report->value is in progress. |
- affected < 5.3.18-150200.24.139.1fixed 5.3.18-150200.24.139.1
A vulnerability was found in Linux Kernel. It has been classified as problematic. Affected is the function nilfs_new_inode of the file fs/nilfs2/inode.c of the component BPF. The manipulation leads to use after free. It is possible to launch the attack remotely. It is recommended
- affected < 5.3.18-150200.24.139.1fixed 5.3.18-150200.24.139.1
A vulnerability, which was classified as problematic, has been found in Linux Kernel. This issue affects the function nilfs_attach_log_writer of the file fs/nilfs2/segment.c of the component BPF. The manipulation leads to memory leak. The attack may be initiated remotely. It is r
- affected < 5.3.18-150200.24.139.1fixed 5.3.18-150200.24.139.1
A vulnerability, which was classified as critical, has been found in Linux Kernel. Affected by this issue is the function tst_timer of the file drivers/atm/idt77252.c of the component IPsec. The manipulation leads to use after free. It is recommended to apply a patch to fix this
- affected < 5.3.18-150200.24.139.1fixed 5.3.18-150200.24.139.1
A vulnerability was found in Linux Kernel. It has been declared as problematic. This vulnerability affects the function vsock_connect of the file net/vmw_vsock/af_vsock.c. The manipulation leads to memory leak. The complexity of an attack is rather high. The exploitation appears
- affected < 5.3.18-150200.24.139.1fixed 5.3.18-150200.24.139.1
A vulnerability was found in Linux Kernel. It has been classified as critical. This affects the function devlink_param_set/devlink_param_get of the file net/core/devlink.c of the component IPsec. The manipulation leads to use after free. It is recommended to apply a patch to fix
- affected < 5.3.18-150200.24.139.1fixed 5.3.18-150200.24.139.1
A vulnerability was found in Linux Kernel. It has been classified as problematic. Affected is the function nilfs_bmap_lookup_at_level of the file fs/nilfs2/inode.c of the component nilfs2. The manipulation leads to null pointer dereference. It is possible to launch the attack rem
- affected < 5.3.18-150200.24.139.1fixed 5.3.18-150200.24.139.1
An out-of-bounds memory write flaw was found in the Linux kernel’s Kid-friendly Wired Controller driver. This flaw allows a local user to crash or potentially escalate their privileges on the system. It is in bigben_probe of drivers/hid/hid-bigbenff.c. The reason is incorrect ass
- affected < 5.3.18-150200.24.139.1fixed 5.3.18-150200.24.139.1
A flaw was found in the Linux kernel’s networking code. A use-after-free was found in the way the sch_sfb enqueue function used the socket buffer (SKB) cb field after the same SKB had been enqueued (and freed) into a child qdisc. This flaw allows a local, unprivileged user to cra
- affected < 5.3.18-150200.24.139.1fixed 5.3.18-150200.24.139.1
A vulnerability was found in Linux Kernel. It has been declared as problematic. Affected by this vulnerability is the function intr_callback of the file drivers/net/usb/r8152.c of the component BPF. The manipulation leads to logging of excessive data. The attack can be launched r
- affected < 5.3.18-150200.24.139.1fixed 5.3.18-150200.24.139.1
A vulnerability has been found in Linux Kernel and classified as problematic. This vulnerability affects the function inet6_stream_ops/inet6_dgram_ops of the component IPv6 Handler. The manipulation leads to race condition. It is recommended to apply a patch to fix this issue. VD
- affected < 5.3.18-150200.24.139.1fixed 5.3.18-150200.24.139.1
A vulnerability, which was classified as critical, has been found in Linux Kernel. Affected by this issue is the function del_timer of the file drivers/isdn/mISDN/l1oip_core.c of the component Bluetooth. The manipulation leads to use after free. It is recommended to apply a patch
- affected < 5.3.18-150200.24.139.1fixed 5.3.18-150200.24.139.1
A vulnerability has been found in Linux Kernel and classified as critical. Affected by this vulnerability is the function area_cache_get of the file drivers/net/ethernet/netronome/nfp/nfpcore/nfp_cppcore.c of the component IPsec. The manipulation leads to use after free. It is re
- affected < 5.3.18-150200.24.139.1fixed 5.3.18-150200.24.139.1
A vulnerability was found in Linux Kernel. It has been declared as problematic. Affected by this vulnerability is the function ipv6_renew_options of the component IPv6 Handler. The manipulation leads to memory leak. The attack can be launched remotely. It is recommended to apply
- affected < 5.3.18-150200.24.139.1fixed 5.3.18-150200.24.139.1
A vulnerability has been found in Linux Kernel and classified as problematic. This vulnerability affects the function kcm_tx_work of the file net/kcm/kcmsock.c of the component kcm. The manipulation leads to race condition. It is recommended to apply a patch to fix this issue. VD
- affected < 5.3.18-150200.24.134.1fixed 5.3.18-150200.24.134.1
A list management bug in BSS handling in the mac80211 stack in the Linux kernel 5.1 through 5.19.x before 5.19.16 could be used by local attackers (able to inject WLAN frames) to corrupt a linked list and, in turn, potentially execute code.
- affected < 5.3.18-150200.24.134.1fixed 5.3.18-150200.24.134.1
Various refcounting bugs in the multi-BSS handling in the mac80211 stack in the Linux kernel 5.1 through 5.19.x before 5.19.16 could be used by local attackers (able to inject WLAN frames) to trigger use-after-free conditions to potentially execute code.
- affected < 5.3.18-150200.24.134.1fixed 5.3.18-150200.24.134.1
An issue was discovered in the Linux kernel before 5.19.16. Attackers able to inject WLAN frames could cause a buffer overflow in the ieee80211_bss_info_update function in net/mac80211/scan.c.
- affected < 5.3.18-150200.24.134.1fixed 5.3.18-150200.24.134.1
A use-after-free in the mac80211 stack when parsing a multi-BSSID element in the Linux kernel 5.2 through 5.19.x before 5.19.16 could be used by attackers (able to inject WLAN frames) to crash the kernel and potentially execute code.
- affected < 5.3.18-150200.24.139.1fixed 5.3.18-150200.24.139.1
mm/rmap.c in the Linux kernel before 5.19.7 has a use-after-free related to leaf anon_vma double reuse.
- affected < 5.3.18-150200.24.139.1fixed 5.3.18-150200.24.139.1
roccat_report_event in drivers/hid/hid-roccat.c in the Linux kernel through 5.19.12 has a race condition and resultant use-after-free in certain situations where a report is received while copying a report->value is in progress.
Page 2 of 10