VYPR

rpm package

suse/kernel-source&distro=SUSE Linux Enterprise Server for SAP Applications 15 SP5

pkg:rpm/suse/kernel-source&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP5

Vulnerabilities (2,318)

  • CVE-2023-33951Jul 24, 2023
    affected < 5.14.21-150500.55.91.1fixed 5.14.21-150500.55.91.1

    A race condition vulnerability was found in the vmwgfx driver in the Linux kernel. The flaw exists within the handling of GEM objects. The issue results from improper locking when performing operations on an object. This flaw allows a local privileged user to disclose information

  • CVE-2023-3567Jul 24, 2023
    affected < 5.14.21-150500.55.100.1fixed 5.14.21-150500.55.100.1

    A use-after-free flaw was found in vcs_read in drivers/tty/vt/vc_screen.c in vc_screen in the Linux Kernel. This issue may allow an attacker with local user access to cause a system crash or leak internal kernel information.

  • CVE-2023-33952Jul 24, 2023
    affected < 5.14.21-150500.55.91.1fixed 5.14.21-150500.55.91.1

    A double-free vulnerability was found in handling vmw_buffer_object objects in the vmwgfx driver in the Linux kernel. This issue occurs due to the lack of validating the existence of an object prior to performing further free operations on the object, which may allow a local priv

  • CVE-2023-31248Jul 5, 2023
    affected < 5.14.21-150500.55.124.1fixed 5.14.21-150500.55.124.1

    Linux Kernel nftables Use-After-Free Local Privilege Escalation Vulnerability; `nft_chain_lookup_byid()` failed to check whether a chain was active and CAP_NET_ADMIN is in any user or network namespace

  • CVE-2023-3111Jun 5, 2023
    affected < 5.14.21-150500.55.113.1fixed 5.14.21-150500.55.113.1

    A use after free vulnerability was found in prepare_to_relocate in fs/btrfs/relocation.c in btrfs in the Linux Kernel. This possible flaw can be triggered by calling btrfs_ioctl_balance() before calling btrfs_ioctl_defrag().

  • CVE-2023-28410May 10, 2023
    affected < 5.14.21-150500.55.100.1fixed 5.14.21-150500.55.100.1

    Improper restriction of operations within the bounds of a memory buffer in some Intel(R) i915 Graphics drivers for linux before kernel version 6.2.10 may allow an authenticated user to potentially enable escalation of privilege via local access.

  • CVE-2023-28328Apr 19, 2023
    affected < 5.14.21-150500.55.124.1fixed 5.14.21-150500.55.124.1

    A NULL pointer dereference flaw was found in the az6027 driver in drivers/media/usb/dev-usb/az6027.c in the Linux Kernel. The message from user space is not checked properly before transferring into the device. This flaw allows a local user to crash the system or potentially caus

  • CVE-2023-2162Apr 19, 2023
    affected < 5.14.21-150500.55.100.1fixed 5.14.21-150500.55.100.1

    A use-after-free vulnerability was found in iscsi_sw_tcp_session_create in drivers/scsi/iscsi_tcp.c in SCSI sub-component in the Linux Kernel. In this flaw an attacker could leak kernel internal information.

  • CVE-2023-1382Apr 19, 2023
    affected < 5.14.21-150500.55.91.1fixed 5.14.21-150500.55.91.1

    A data race flaw was found in the Linux kernel, between where con is allocated and con->sock is set. This issue leads to a NULL pointer dereference when accessing con->sock->sk in net/tipc/topsrv.c in the tipc protocol in the Linux kernel.

  • CVE-2023-1990Apr 12, 2023
    affected < 5.14.21-150500.55.110.1fixed 5.14.21-150500.55.110.1

    A use-after-free flaw was found in ndlc_remove in drivers/nfc/st-nci/ndlc.c in the Linux Kernel. This flaw could allow an attacker to crash the system due to a race problem.

  • CVE-2023-1652HigMar 29, 2023
    affected < 5.14.21-150500.55.100.1fixed 5.14.21-150500.55.100.1

    A use-after-free flaw was found in nfsd4_ssc_setup_dul in fs/nfsd/nfs4proc.c in the NFS filesystem in the Linux Kernel. This issue could allow a local attacker to crash the system or it may lead to a kernel information leak problem.

  • CVE-2023-28866Mar 27, 2023
    affected < 5.14.21-150500.55.110.1fixed 5.14.21-150500.55.110.1

    In the Linux kernel through 6.2.8, net/bluetooth/hci_sync.c allows out-of-bounds access because amp_init1[] and amp_init2[] are supposed to have an intentionally invalid element, but do not.

  • CVE-2023-1380Mar 27, 2023
    affected < 5.14.21-150500.55.124.1fixed 5.14.21-150500.55.124.1

    A slab-out-of-bound read problem was found in brcmf_get_assoc_ies in drivers/net/wireless/broadcom/brcm80211/brcmfmac/cfg80211.c in the Linux Kernel. This issue could occur when assoc_info->req_len data is bigger than the size of the buffer, defined as WL_EXTRA_BUF_MAX, leading t

  • CVE-2023-0179Mar 27, 2023
    affected < 5.14.21-150500.55.100.1fixed 5.14.21-150500.55.100.1

    A buffer overflow vulnerability was found in the Netfilter subsystem in the Linux Kernel. This issue could allow the leakage of both stack and heap addresses, and potentially allow Local Privilege Escalation to the root user via arbitrary code execution.

  • CVE-2022-4095Mar 22, 2023
    affected < 5.14.21-150500.55.113.1fixed 5.14.21-150500.55.113.1

    A use-after-free flaw was found in Linux kernel before 5.19.2. This issue occurs in cmd_hdl_filter in drivers/staging/rtl8712/rtl8712_cmd.c, allowing an attacker to launch a local denial of service attack and gain escalation of privileges.

  • CVE-2023-23559Jan 13, 2023
    affected < 5.14.21-150500.55.133.1fixed 5.14.21-150500.55.133.1

    In rndis_query_oid in drivers/net/wireless/rndis_wlan.c in the Linux kernel through 6.1.5, there is an integer overflow in an addition.

  • CVE-2022-4662Dec 22, 2022
    affected < 5.14.21-150500.55.113.1fixed 5.14.21-150500.55.113.1

    A flaw incorrect access control in the Linux kernel USB core subsystem was found in the way user attaches usb device. A local user could use this flaw to crash the system.

  • CVE-2022-3903Nov 14, 2022
    affected < 5.14.21-150500.55.113.1fixed 5.14.21-150500.55.113.1

    An incorrect read request flaw was found in the Infrared Transceiver USB driver in the Linux kernel. This issue occurs when a user attaches a malicious USB device. A local user could use this flaw to starve the resources, causing denial of service or potentially crashing the syst

  • CVE-2022-43945HigNov 4, 2022
    affected < 5.14.21-150500.55.124.1fixed 5.14.21-150500.55.124.1

    The Linux kernel NFSD implementation prior to versions 5.19.17 and 6.0.2 are vulnerable to buffer overflow. NFSD tracks the number of pages held by each NFSD thread by combining the receive and send buffers of a remote procedure call (RPC) into a single array of pages. A client c

  • CVE-2022-3640Oct 21, 2022
    affected < 5.14.21-150500.55.110.1fixed 5.14.21-150500.55.110.1

    A vulnerability, which was classified as critical, was found in Linux Kernel. Affected is the function l2cap_conn_del of the file net/bluetooth/l2cap_core.c of the component Bluetooth. The manipulation leads to use after free. It is recommended to apply a patch to fix this issue.

Page 115 of 116