rpm package
suse/kernel-source&distro=SUSE Linux Enterprise Server for SAP Applications 15 SP3
pkg:rpm/suse/kernel-source&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP3
Vulnerabilities (1,468)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2022-2602 | — | < 5.3.18-150300.59.106.1 | 5.3.18-150300.59.106.1 | Jan 8, 2024 | io_uring UAF, Unix SCM garbage collection | ||
| CVE-2022-2586 | — | KEV | < 5.3.18-150300.59.211.1 | 5.3.18-150300.59.211.1 | Jan 8, 2024 | It was discovered that a nft object or expression could reference a nft set on a different nft table, leading to a use-after-free once that table was deleted. | |
| CVE-2023-34324 | — | < 5.3.18-150300.59.141.1 | 5.3.18-150300.59.141.1 | Jan 5, 2024 | Closing of an event channel in the Linux kernel can result in a deadlock. This happens when the close is being performed in parallel to an unrelated Xen console action and the handling of a Xen console interrupt in an unprivileged guest. The closing of an event channel is e.g. t | ||
| CVE-2023-6270 | — | < 5.3.18-150300.59.158.1 | 5.3.18-150300.59.158.1 | Jan 4, 2024 | A flaw was found in the ATA over Ethernet (AoE) driver in the Linux kernel. The aoecmd_cfg_pkts() function improperly updates the refcnt on `struct net_device`, and a use-after-free can be triggered by racing between the free on the struct and the access through the `skbtxq` glob | ||
| CVE-2023-7192 | — | < 5.3.18-150300.59.158.1 | 5.3.18-150300.59.158.1 | Jan 2, 2024 | A memory leak problem was found in ctnetlink_create_conntrack in net/netfilter/nf_conntrack_netlink.c in the Linux Kernel. This issue may allow a local attacker with CAP_NET_ADMIN privileges to cause a denial of service (DoS) attack due to a refcount overflow. | ||
| CVE-2023-51782 | — | < 5.3.18-150300.59.150.1 | 5.3.18-150300.59.150.1 | Dec 25, 2023 | An issue was discovered in the Linux kernel before 6.6.8. rose_ioctl in net/rose/af_rose.c has a use-after-free because of a rose_accept race condition. | ||
| CVE-2023-51780 | — | < 5.3.18-150300.59.150.1 | 5.3.18-150300.59.150.1 | Dec 25, 2023 | An issue was discovered in the Linux kernel before 6.6.8. do_vcc_ioctl in net/atm/ioctl.c has a use-after-free because of a vcc_recvmsg race condition. | ||
| CVE-2023-7042 | — | < 5.3.18-150300.59.158.1 | 5.3.18-150300.59.158.1 | Dec 21, 2023 | A null pointer dereference vulnerability was found in ath10k_wmi_tlv_op_pull_mgmt_tx_compl_ev() in drivers/net/wireless/ath/ath10k/wmi-tlv.c in the Linux kernel. This issue could be exploited to trigger a denial of service. | ||
| CVE-2023-6932 | Hig | 7.8 | < 5.3.18-150300.59.147.1 | 5.3.18-150300.59.147.1 | Dec 19, 2023 | A use-after-free vulnerability in the Linux kernel's ipv4: igmp component can be exploited to achieve local privilege escalation. A race condition can be exploited to cause a timer be mistakenly registered on a RCU read locked object which is freed by another thread. We recomme | |
| CVE-2023-6931 | Hig | 7.8 | < 5.3.18-150300.59.147.1 | 5.3.18-150300.59.147.1 | Dec 19, 2023 | A heap out-of-bounds write vulnerability in the Linux kernel's Performance Events system component can be exploited to achieve local privilege escalation. A perf_event's read_size can overflow, leading to an heap out-of-bounds increment or write in perf_read_group(). We recomme | |
| CVE-2023-6817 | Hig | 7.8 | < 5.3.18-150300.59.153.2 | 5.3.18-150300.59.153.2 | Dec 18, 2023 | A use-after-free vulnerability in the Linux kernel's netfilter: nf_tables component can be exploited to achieve local privilege escalation. The function nft_pipapo_walk did not skip inactive elements during set walk which could lead double deactivations of PIPAPO (Pile Packet Po | |
| CVE-2022-22942 | — | < 5.3.18-150300.59.167.1 | 5.3.18-150300.59.167.1 | Dec 13, 2023 | The vmwgfx driver contains a local privilege escalation vulnerability that allows unprivileged users to gain access to files opened by other processes on the system through a dangling 'file' pointer. | ||
| CVE-2023-6610 | — | < 5.3.18-150300.59.147.1 | 5.3.18-150300.59.147.1 | Dec 8, 2023 | An out-of-bounds read vulnerability was found in smb2_dump_detail in fs/smb/client/smb2ops.c in the Linux Kernel. This issue could allow a local attacker to crash the system or leak internal kernel information. | ||
| CVE-2023-6606 | — | < 5.3.18-150300.59.147.1 | 5.3.18-150300.59.147.1 | Dec 8, 2023 | An out-of-bounds read vulnerability was found in smbCalcSize in fs/smb/client/netmisc.c in the Linux Kernel. This issue could allow a local attacker to crash the system or leak internal kernel information. | ||
| CVE-2023-24023 | — | < 5.3.18-150300.59.167.1 | 5.3.18-150300.59.167.1 | Nov 28, 2023 | Bluetooth BR/EDR devices with Secure Simple Pairing and Secure Connections pairing in Bluetooth Core Specification 4.2 through 5.4 allow certain man-in-the-middle attacks that force a short key length, and might lead to discovery of the encryption key and live injection, aka BLUF | ||
| CVE-2023-6176 | — | < 5.3.18-150300.59.144.1 | 5.3.18-150300.59.144.1 | Nov 16, 2023 | A null pointer dereference flaw was found in the Linux kernel API for the cryptographic algorithm scatterwalk functionality. This issue occurs when a user constructs a malicious packet with specific socket configuration, which could allow a local user to crash the system or escal | ||
| CVE-2023-6121 | Med | 4.3 | < 5.3.18-150300.59.147.1 | 5.3.18-150300.59.147.1 | Nov 16, 2023 | An out-of-bounds read vulnerability was found in the NVMe-oF/TCP subsystem in the Linux kernel. This issue may allow a remote attacker to send a crafted TCP packet, triggering a heap-based buffer overflow that results in kmalloc data being printed and potentially leaked to the ke | |
| CVE-2023-39198 | — | < 5.3.18-150300.59.144.1 | 5.3.18-150300.59.144.1 | Nov 9, 2023 | A race condition was found in the QXL driver in the Linux kernel. The qxl_mode_dumb_create() function dereferences the qobj returned by the qxl_gem_object_create_with_handle(), but the handle is the only one holding a reference to it. This flaw allows an attacker to guess the ret | ||
| CVE-2023-47233 | Med | 4.3 | < 5.3.18-150300.59.150.1 | 5.3.18-150300.59.150.1 | Nov 3, 2023 | The brcm80211 component in the Linux kernel through 6.5.10 has a brcmf_cfg80211_detach use-after-free in the device unplugging (disconnect the USB by hotplug) code. For physically proximate attackers with local access, this "could be exploited in a real world scenario." This is r | |
| CVE-2023-1192 | — | < 5.3.18-150300.59.138.1 | 5.3.18-150300.59.138.1 | Nov 1, 2023 | A use-after-free flaw was found in smb2_is_status_io_timeout() in CIFS in the Linux Kernel. After CIFS transfers response data to a system call, there are still local variable points to the memory region, and if the system call frees it faster than CIFS uses it, CIFS will access |
- CVE-2022-2602Jan 8, 2024affected < 5.3.18-150300.59.106.1fixed 5.3.18-150300.59.106.1
io_uring UAF, Unix SCM garbage collection
- affected < 5.3.18-150300.59.211.1fixed 5.3.18-150300.59.211.1
It was discovered that a nft object or expression could reference a nft set on a different nft table, leading to a use-after-free once that table was deleted.
- CVE-2023-34324Jan 5, 2024affected < 5.3.18-150300.59.141.1fixed 5.3.18-150300.59.141.1
Closing of an event channel in the Linux kernel can result in a deadlock. This happens when the close is being performed in parallel to an unrelated Xen console action and the handling of a Xen console interrupt in an unprivileged guest. The closing of an event channel is e.g. t
- CVE-2023-6270Jan 4, 2024affected < 5.3.18-150300.59.158.1fixed 5.3.18-150300.59.158.1
A flaw was found in the ATA over Ethernet (AoE) driver in the Linux kernel. The aoecmd_cfg_pkts() function improperly updates the refcnt on `struct net_device`, and a use-after-free can be triggered by racing between the free on the struct and the access through the `skbtxq` glob
- CVE-2023-7192Jan 2, 2024affected < 5.3.18-150300.59.158.1fixed 5.3.18-150300.59.158.1
A memory leak problem was found in ctnetlink_create_conntrack in net/netfilter/nf_conntrack_netlink.c in the Linux Kernel. This issue may allow a local attacker with CAP_NET_ADMIN privileges to cause a denial of service (DoS) attack due to a refcount overflow.
- CVE-2023-51782Dec 25, 2023affected < 5.3.18-150300.59.150.1fixed 5.3.18-150300.59.150.1
An issue was discovered in the Linux kernel before 6.6.8. rose_ioctl in net/rose/af_rose.c has a use-after-free because of a rose_accept race condition.
- CVE-2023-51780Dec 25, 2023affected < 5.3.18-150300.59.150.1fixed 5.3.18-150300.59.150.1
An issue was discovered in the Linux kernel before 6.6.8. do_vcc_ioctl in net/atm/ioctl.c has a use-after-free because of a vcc_recvmsg race condition.
- CVE-2023-7042Dec 21, 2023affected < 5.3.18-150300.59.158.1fixed 5.3.18-150300.59.158.1
A null pointer dereference vulnerability was found in ath10k_wmi_tlv_op_pull_mgmt_tx_compl_ev() in drivers/net/wireless/ath/ath10k/wmi-tlv.c in the Linux kernel. This issue could be exploited to trigger a denial of service.
- affected < 5.3.18-150300.59.147.1fixed 5.3.18-150300.59.147.1
A use-after-free vulnerability in the Linux kernel's ipv4: igmp component can be exploited to achieve local privilege escalation. A race condition can be exploited to cause a timer be mistakenly registered on a RCU read locked object which is freed by another thread. We recomme
- affected < 5.3.18-150300.59.147.1fixed 5.3.18-150300.59.147.1
A heap out-of-bounds write vulnerability in the Linux kernel's Performance Events system component can be exploited to achieve local privilege escalation. A perf_event's read_size can overflow, leading to an heap out-of-bounds increment or write in perf_read_group(). We recomme
- affected < 5.3.18-150300.59.153.2fixed 5.3.18-150300.59.153.2
A use-after-free vulnerability in the Linux kernel's netfilter: nf_tables component can be exploited to achieve local privilege escalation. The function nft_pipapo_walk did not skip inactive elements during set walk which could lead double deactivations of PIPAPO (Pile Packet Po
- CVE-2022-22942Dec 13, 2023affected < 5.3.18-150300.59.167.1fixed 5.3.18-150300.59.167.1
The vmwgfx driver contains a local privilege escalation vulnerability that allows unprivileged users to gain access to files opened by other processes on the system through a dangling 'file' pointer.
- CVE-2023-6610Dec 8, 2023affected < 5.3.18-150300.59.147.1fixed 5.3.18-150300.59.147.1
An out-of-bounds read vulnerability was found in smb2_dump_detail in fs/smb/client/smb2ops.c in the Linux Kernel. This issue could allow a local attacker to crash the system or leak internal kernel information.
- CVE-2023-6606Dec 8, 2023affected < 5.3.18-150300.59.147.1fixed 5.3.18-150300.59.147.1
An out-of-bounds read vulnerability was found in smbCalcSize in fs/smb/client/netmisc.c in the Linux Kernel. This issue could allow a local attacker to crash the system or leak internal kernel information.
- CVE-2023-24023Nov 28, 2023affected < 5.3.18-150300.59.167.1fixed 5.3.18-150300.59.167.1
Bluetooth BR/EDR devices with Secure Simple Pairing and Secure Connections pairing in Bluetooth Core Specification 4.2 through 5.4 allow certain man-in-the-middle attacks that force a short key length, and might lead to discovery of the encryption key and live injection, aka BLUF
- CVE-2023-6176Nov 16, 2023affected < 5.3.18-150300.59.144.1fixed 5.3.18-150300.59.144.1
A null pointer dereference flaw was found in the Linux kernel API for the cryptographic algorithm scatterwalk functionality. This issue occurs when a user constructs a malicious packet with specific socket configuration, which could allow a local user to crash the system or escal
- affected < 5.3.18-150300.59.147.1fixed 5.3.18-150300.59.147.1
An out-of-bounds read vulnerability was found in the NVMe-oF/TCP subsystem in the Linux kernel. This issue may allow a remote attacker to send a crafted TCP packet, triggering a heap-based buffer overflow that results in kmalloc data being printed and potentially leaked to the ke
- CVE-2023-39198Nov 9, 2023affected < 5.3.18-150300.59.144.1fixed 5.3.18-150300.59.144.1
A race condition was found in the QXL driver in the Linux kernel. The qxl_mode_dumb_create() function dereferences the qobj returned by the qxl_gem_object_create_with_handle(), but the handle is the only one holding a reference to it. This flaw allows an attacker to guess the ret
- affected < 5.3.18-150300.59.150.1fixed 5.3.18-150300.59.150.1
The brcm80211 component in the Linux kernel through 6.5.10 has a brcmf_cfg80211_detach use-after-free in the device unplugging (disconnect the USB by hotplug) code. For physically proximate attackers with local access, this "could be exploited in a real world scenario." This is r
- CVE-2023-1192Nov 1, 2023affected < 5.3.18-150300.59.138.1fixed 5.3.18-150300.59.138.1
A use-after-free flaw was found in smb2_is_status_io_timeout() in CIFS in the Linux Kernel. After CIFS transfers response data to a system call, there are still local variable points to the memory region, and if the system call frees it faster than CIFS uses it, CIFS will access
Page 63 of 74