VYPR

rpm package

suse/kernel-rt&distro=SUSE Real Time Module 15 SP5

pkg:rpm/suse/kernel-rt&distro=SUSE%20Real%20Time%20Module%2015%20SP5

Vulnerabilities (2,442)

  • CVE-2023-3220MedJun 20, 2023
    affected < 5.14.21-150500.13.5.1fixed 5.14.21-150500.13.5.1

    An issue was discovered in the Linux kernel through 6.1-rc8. dpu_crtc_atomic_check in drivers/gpu/drm/msm/disp/dpu1/dpu_crtc.c lacks check of the return value of kzalloc() and will cause the NULL Pointer Dereference.

  • CVE-2023-35829HigJun 18, 2023
    affected < 5.14.21-150500.13.5.1fixed 5.14.21-150500.13.5.1

    An issue was discovered in the Linux kernel before 6.3.2. A use-after-free was found in rkvdec_remove in drivers/staging/media/rkvdec/rkvdec.c.

  • CVE-2023-35828HigJun 18, 2023
    affected < 5.14.21-150500.13.5.1fixed 5.14.21-150500.13.5.1

    An issue was discovered in the Linux kernel before 6.3.2. A use-after-free was found in renesas_usb3_remove in drivers/usb/gadget/udc/renesas_usb3.c.

  • CVE-2023-35827HigJun 18, 2023
    affected < 5.14.21-150500.13.47.1fixed 5.14.21-150500.13.47.1

    An issue was discovered in the Linux kernel through 6.3.8. A use-after-free was found in ravb_remove in drivers/net/ethernet/renesas/ravb_main.c.

  • CVE-2023-35823HigJun 18, 2023
    affected < 5.14.21-150500.13.5.1fixed 5.14.21-150500.13.5.1

    An issue was discovered in the Linux kernel before 6.3.2. A use-after-free was found in saa7134_finidev in drivers/media/pci/saa7134/saa7134-core.c.

  • CVE-2023-35788HigJun 16, 2023
    affected < 5.14.21-150500.13.5.1fixed 5.14.21-150500.13.5.1

    An issue was discovered in fl_set_geneve_opt in net/sched/cls_flower.c in the Linux kernel before 6.3.7. It allows an out-of-bounds write in the flower classifier code via TCA_FLOWER_KEY_ENC_OPTS_GENEVE packets. This may result in denial of service or privilege escalation.

  • CVE-2023-3268HigJun 16, 2023
    affected < 5.14.21-150500.13.11.1fixed 5.14.21-150500.13.11.1

    An out of bounds (OOB) memory access flaw was found in the Linux kernel in relay_file_read_start_pos in kernel/relay.c in the relayfs. This flaw could allow a local attacker to crash the system or leak kernel internal information.

  • CVE-2023-3161MedJun 12, 2023
    affected < 5.14.21-150500.13.5.1fixed 5.14.21-150500.13.5.1

    A flaw was found in the Framebuffer Console (fbcon) in the Linux Kernel. When providing font->width and font->height greater than 32 to fbcon_set_font, since there are no checks in place, a shift-out-of-bounds occurs leading to undefined behavior and possible denial of service.

  • CVE-2023-3141HigJun 9, 2023
    affected < 5.14.21-150500.13.5.1fixed 5.14.21-150500.13.5.1

    A use-after-free flaw was found in r592_remove in drivers/memstick/host/r592.c in media access in the Linux Kernel. This flaw allows a local attacker to crash the system at device disconnect, possibly leading to a kernel information leak.

  • CVE-2023-3111HigJun 5, 2023
    affected < 5.14.21-150500.13.11.1fixed 5.14.21-150500.13.11.1

    A use after free vulnerability was found in prepare_to_relocate in fs/btrfs/relocation.c in btrfs in the Linux Kernel. This possible flaw can be triggered by calling btrfs_ioctl_balance() before calling btrfs_ioctl_defrag().

  • CVE-2023-2985MedJun 1, 2023
    affected < 5.14.21-150500.13.11.1fixed 5.14.21-150500.13.11.1

    A use after free flaw was found in hfsplus_put_super in fs/hfsplus/super.c in the Linux Kernel. This flaw could allow a local user to cause a denial of service problem.

  • CVE-2023-3006MedMay 31, 2023
    affected < 5.14.21-150500.13.5.1fixed 5.14.21-150500.13.5.1

    A known cache speculation vulnerability, known as Branch History Injection (BHI) or Spectre-BHB, becomes actual again for the new hw AmpereOne. Spectre-BHB is similar to Spectre v2, except that malicious code uses the shared branch history (stored in the CPU Branch History Buffer

  • CVE-2023-2002MedMay 26, 2023
    affected < 5.14.21-150500.13.5.1fixed 5.14.21-150500.13.5.1

    A vulnerability was found in the HCI sockets implementation due to a missing capability check in net/bluetooth/hci_sock.c in the Linux Kernel. This flaw allows an attacker to unauthorized execution of management commands, compromising the confidentiality, integrity, and availabil

  • CVE-2023-0459MedMay 25, 2023
    affected < 5.14.21-150500.13.11.1fixed 5.14.21-150500.13.11.1

    Copy_from_user on 64-bit versions of the Linux kernel does not implement the __uaccess_begin_nospec allowing a user to bypass the "access_ok" check and pass a kernel pointer to copy_from_user(). This would allow an attacker to leak information. We recommend upgrading beyond commi

  • CVE-2023-33288MedMay 22, 2023
    affected < 5.14.21-150500.13.5.1fixed 5.14.21-150500.13.5.1

    An issue was discovered in the Linux kernel before 6.2.9. A use-after-free was found in bq24190_remove in drivers/power/supply/bq24190_charger.c. It could allow a local attacker to crash the system due to a race condition.

  • CVE-2023-1859MedMay 17, 2023
    affected < 5.14.21-150500.13.18.1fixed 5.14.21-150500.13.18.1

    A use-after-free flaw was found in xen_9pfs_front_removet in net/9p/trans_xen.c in Xen transport for 9pfs in the Linux Kernel. This flaw could allow a local attacker to crash the system due to a race problem, possibly leading to a kernel information leak.

  • CVE-2023-2124HigMay 15, 2023
    affected < 5.14.21-150500.13.5.1fixed 5.14.21-150500.13.5.1

    An out-of-bounds memory access flaw was found in the Linux kernel’s XFS file system in how a user restores an XFS image after failure (with a dirty log journal). This flaw allows a local user to crash or potentially escalate their privileges on the system.

  • CVE-2023-21106HigMay 15, 2023
    affected < 5.14.21-150500.13.5.1fixed 5.14.21-150500.13.5.1

    In adreno_set_param of adreno_gpu.c, there is a possible memory corruption due to a double free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kern

  • CVE-2023-21102HigMay 15, 2023
    affected < 5.14.21-150500.13.5.1fixed 5.14.21-150500.13.5.1

    In __efi_rt_asm_wrapper of efi-rt-wrapper.S, there is a possible bypass of shadow stack protection due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Pr

  • CVE-2023-28410HigMay 10, 2023
    affected < 5.14.21-150500.13.5.1fixed 5.14.21-150500.13.5.1

    Improper restriction of operations within the bounds of a memory buffer in some Intel(R) i915 Graphics drivers for linux before kernel version 6.2.10 may allow an authenticated user to potentially enable escalation of privilege via local access.

Page 118 of 123