rpm package
suse/kernel-source-azure&distro=SUSE Linux Enterprise Module for Public Cloud 15 SP4
pkg:rpm/suse/kernel-source-azure&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Public%20Cloud%2015%20SP4
Vulnerabilities (315)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2022-3629 | Low | 2.6 | < 5.14.21-150400.14.21.1 | 5.14.21-150400.14.21.1 | Oct 21, 2022 | A vulnerability was found in Linux Kernel. It has been declared as problematic. This vulnerability affects the function vsock_connect of the file net/vmw_vsock/af_vsock.c. The manipulation leads to memory leak. The complexity of an attack is rather high. The exploitation appears | |
| CVE-2022-3625 | Med | 4.6 | < 5.14.21-150400.14.21.1 | 5.14.21-150400.14.21.1 | Oct 21, 2022 | A vulnerability was found in Linux Kernel. It has been classified as critical. This affects the function devlink_param_set/devlink_param_get of the file net/core/devlink.c of the component IPsec. The manipulation leads to use after free. It is recommended to apply a patch to fix | |
| CVE-2022-3621 | Med | 4.3 | < 5.14.21-150400.14.21.1 | 5.14.21-150400.14.21.1 | Oct 20, 2022 | A vulnerability was found in Linux Kernel. It has been classified as problematic. Affected is the function nilfs_bmap_lookup_at_level of the file fs/nilfs2/inode.c of the component nilfs2. The manipulation leads to null pointer dereference. It is possible to launch the attack rem | |
| CVE-2022-3619 | Low | 3.5 | < 5.14.21-150400.14.21.1 | 5.14.21-150400.14.21.1 | Oct 20, 2022 | A vulnerability has been found in Linux Kernel and classified as problematic. This vulnerability affects the function l2cap_recv_acldata of the file net/bluetooth/l2cap_core.c of the component Bluetooth. The manipulation leads to memory leak. It is recommended to apply a patch to | |
| CVE-2022-3577 | Hig | 7.8 | < 5.14.21-150400.14.21.1 | 5.14.21-150400.14.21.1 | Oct 20, 2022 | An out-of-bounds memory write flaw was found in the Linux kernel’s Kid-friendly Wired Controller driver. This flaw allows a local user to crash or potentially escalate their privileges on the system. It is in bigben_probe of drivers/hid/hid-bigbenff.c. The reason is incorrect ass | |
| CVE-2022-3586 | Med | 5.5 | < 5.14.21-150400.14.21.1 | 5.14.21-150400.14.21.1 | Oct 19, 2022 | A flaw was found in the Linux kernel’s networking code. A use-after-free was found in the way the sch_sfb enqueue function used the socket buffer (SKB) cb field after the same SKB had been enqueued (and freed) into a child qdisc. This flaw allows a local, unprivileged user to cra | |
| CVE-2022-3594 | Med | 5.3 | < 5.14.21-150400.14.21.1 | 5.14.21-150400.14.21.1 | Oct 18, 2022 | A vulnerability was found in Linux Kernel. It has been declared as problematic. Affected by this vulnerability is the function intr_callback of the file drivers/net/usb/r8152.c of the component BPF. The manipulation leads to logging of excessive data. The attack can be launched r | |
| CVE-2022-3567 | Med | 4.6 | < 5.14.21-150400.14.28.1 | 5.14.21-150400.14.28.1 | Oct 17, 2022 | A vulnerability has been found in Linux Kernel and classified as problematic. This vulnerability affects the function inet6_stream_ops/inet6_dgram_ops of the component IPv6 Handler. The manipulation leads to race condition. It is recommended to apply a patch to fix this issue. VD | |
| CVE-2022-3566 | Med | 4.6 | < 5.14.21-150400.14.28.1 | 5.14.21-150400.14.28.1 | Oct 17, 2022 | A vulnerability, which was classified as problematic, was found in Linux Kernel. This affects the function tcp_getsockopt/tcp_setsockopt of the component TCP Handler. The manipulation leads to race condition. It is recommended to apply a patch to fix this issue. The identifier VD | |
| CVE-2022-3565 | Med | 4.6 | < 5.14.21-150400.14.21.1 | 5.14.21-150400.14.21.1 | Oct 17, 2022 | A vulnerability, which was classified as critical, has been found in Linux Kernel. Affected by this issue is the function del_timer of the file drivers/isdn/mISDN/l1oip_core.c of the component Bluetooth. The manipulation leads to use after free. It is recommended to apply a patch | |
| CVE-2022-3564 | Med | 5.5 | < 5.14.21-150400.14.31.1 | 5.14.21-150400.14.31.1 | Oct 17, 2022 | A vulnerability classified as critical was found in Linux Kernel. Affected by this vulnerability is the function l2cap_reassemble_sdu of the file net/bluetooth/l2cap_core.c of the component Bluetooth. The manipulation leads to use after free. It is recommended to apply a patch to | |
| CVE-2022-3545 | Med | 5.5 | < 5.14.21-150400.14.21.1 | 5.14.21-150400.14.21.1 | Oct 17, 2022 | A vulnerability has been found in Linux Kernel and classified as critical. Affected by this vulnerability is the function area_cache_get of the file drivers/net/ethernet/netronome/nfp/nfpcore/nfp_cppcore.c of the component IPsec. The manipulation leads to use after free. It is re | |
| CVE-2022-3526 | Med | 5.3 | < 5.14.21-150400.14.21.1 | 5.14.21-150400.14.21.1 | Oct 16, 2022 | A vulnerability classified as problematic was found in Linux Kernel. This vulnerability affects the function macvlan_handle_frame of the file drivers/net/macvlan.c of the component skb. The manipulation leads to memory leak. The attack can be initiated remotely. It is recommended | |
| CVE-2022-3524 | Med | 4.3 | < 5.14.21-150400.14.21.1 | 5.14.21-150400.14.21.1 | Oct 16, 2022 | A vulnerability was found in Linux Kernel. It has been declared as problematic. Affected by this vulnerability is the function ipv6_renew_options of the component IPv6 Handler. The manipulation leads to memory leak. The attack can be launched remotely. It is recommended to apply | |
| CVE-2022-3523 | Med | 5.3 | < 5.14.21-150400.14.37.1 | 5.14.21-150400.14.37.1 | Oct 16, 2022 | A vulnerability was found in Linux Kernel. It has been classified as problematic. Affected is an unknown function of the file mm/memory.c of the component Driver Handler. The manipulation leads to use after free. It is possible to launch the attack remotely. It is recommended to | |
| CVE-2022-3521 | Low | 2.6 | < 5.14.21-150400.14.21.1 | 5.14.21-150400.14.21.1 | Oct 16, 2022 | A vulnerability has been found in Linux Kernel and classified as problematic. This vulnerability affects the function kcm_tx_work of the file net/kcm/kcmsock.c of the component kcm. The manipulation leads to race condition. It is recommended to apply a patch to fix this issue. VD | |
| CVE-2022-42722 | Med | 5.5 | < 5.14.21-150400.14.21.1 | 5.14.21-150400.14.21.1 | Oct 14, 2022 | In the Linux kernel 5.8 through 5.19.x before 5.19.16, local attackers able to inject WLAN frames into the mac80211 stack could cause a NULL pointer dereference denial-of-service attack against the beacon protection of P2P devices. | |
| CVE-2022-42721 | Med | 5.5 | < 5.14.21-150400.14.21.1 | 5.14.21-150400.14.21.1 | Oct 14, 2022 | A list management bug in BSS handling in the mac80211 stack in the Linux kernel 5.1 through 5.19.x before 5.19.16 could be used by local attackers (able to inject WLAN frames) to corrupt a linked list and, in turn, potentially execute code. | |
| CVE-2022-42720 | Hig | 7.8 | < 5.14.21-150400.14.21.1 | 5.14.21-150400.14.21.1 | Oct 14, 2022 | Various refcounting bugs in the multi-BSS handling in the mac80211 stack in the Linux kernel 5.1 through 5.19.x before 5.19.16 could be used by local attackers (able to inject WLAN frames) to trigger use-after-free conditions to potentially execute code. | |
| CVE-2022-41674 | Hig | 8.1 | < 5.14.21-150400.14.21.1 | 5.14.21-150400.14.21.1 | Oct 14, 2022 | An issue was discovered in the Linux kernel before 5.19.16. Attackers able to inject WLAN frames could cause a buffer overflow in the ieee80211_bss_info_update function in net/mac80211/scan.c. |
- affected < 5.14.21-150400.14.21.1fixed 5.14.21-150400.14.21.1
A vulnerability was found in Linux Kernel. It has been declared as problematic. This vulnerability affects the function vsock_connect of the file net/vmw_vsock/af_vsock.c. The manipulation leads to memory leak. The complexity of an attack is rather high. The exploitation appears
- affected < 5.14.21-150400.14.21.1fixed 5.14.21-150400.14.21.1
A vulnerability was found in Linux Kernel. It has been classified as critical. This affects the function devlink_param_set/devlink_param_get of the file net/core/devlink.c of the component IPsec. The manipulation leads to use after free. It is recommended to apply a patch to fix
- affected < 5.14.21-150400.14.21.1fixed 5.14.21-150400.14.21.1
A vulnerability was found in Linux Kernel. It has been classified as problematic. Affected is the function nilfs_bmap_lookup_at_level of the file fs/nilfs2/inode.c of the component nilfs2. The manipulation leads to null pointer dereference. It is possible to launch the attack rem
- affected < 5.14.21-150400.14.21.1fixed 5.14.21-150400.14.21.1
A vulnerability has been found in Linux Kernel and classified as problematic. This vulnerability affects the function l2cap_recv_acldata of the file net/bluetooth/l2cap_core.c of the component Bluetooth. The manipulation leads to memory leak. It is recommended to apply a patch to
- affected < 5.14.21-150400.14.21.1fixed 5.14.21-150400.14.21.1
An out-of-bounds memory write flaw was found in the Linux kernel’s Kid-friendly Wired Controller driver. This flaw allows a local user to crash or potentially escalate their privileges on the system. It is in bigben_probe of drivers/hid/hid-bigbenff.c. The reason is incorrect ass
- affected < 5.14.21-150400.14.21.1fixed 5.14.21-150400.14.21.1
A flaw was found in the Linux kernel’s networking code. A use-after-free was found in the way the sch_sfb enqueue function used the socket buffer (SKB) cb field after the same SKB had been enqueued (and freed) into a child qdisc. This flaw allows a local, unprivileged user to cra
- affected < 5.14.21-150400.14.21.1fixed 5.14.21-150400.14.21.1
A vulnerability was found in Linux Kernel. It has been declared as problematic. Affected by this vulnerability is the function intr_callback of the file drivers/net/usb/r8152.c of the component BPF. The manipulation leads to logging of excessive data. The attack can be launched r
- affected < 5.14.21-150400.14.28.1fixed 5.14.21-150400.14.28.1
A vulnerability has been found in Linux Kernel and classified as problematic. This vulnerability affects the function inet6_stream_ops/inet6_dgram_ops of the component IPv6 Handler. The manipulation leads to race condition. It is recommended to apply a patch to fix this issue. VD
- affected < 5.14.21-150400.14.28.1fixed 5.14.21-150400.14.28.1
A vulnerability, which was classified as problematic, was found in Linux Kernel. This affects the function tcp_getsockopt/tcp_setsockopt of the component TCP Handler. The manipulation leads to race condition. It is recommended to apply a patch to fix this issue. The identifier VD
- affected < 5.14.21-150400.14.21.1fixed 5.14.21-150400.14.21.1
A vulnerability, which was classified as critical, has been found in Linux Kernel. Affected by this issue is the function del_timer of the file drivers/isdn/mISDN/l1oip_core.c of the component Bluetooth. The manipulation leads to use after free. It is recommended to apply a patch
- affected < 5.14.21-150400.14.31.1fixed 5.14.21-150400.14.31.1
A vulnerability classified as critical was found in Linux Kernel. Affected by this vulnerability is the function l2cap_reassemble_sdu of the file net/bluetooth/l2cap_core.c of the component Bluetooth. The manipulation leads to use after free. It is recommended to apply a patch to
- affected < 5.14.21-150400.14.21.1fixed 5.14.21-150400.14.21.1
A vulnerability has been found in Linux Kernel and classified as critical. Affected by this vulnerability is the function area_cache_get of the file drivers/net/ethernet/netronome/nfp/nfpcore/nfp_cppcore.c of the component IPsec. The manipulation leads to use after free. It is re
- affected < 5.14.21-150400.14.21.1fixed 5.14.21-150400.14.21.1
A vulnerability classified as problematic was found in Linux Kernel. This vulnerability affects the function macvlan_handle_frame of the file drivers/net/macvlan.c of the component skb. The manipulation leads to memory leak. The attack can be initiated remotely. It is recommended
- affected < 5.14.21-150400.14.21.1fixed 5.14.21-150400.14.21.1
A vulnerability was found in Linux Kernel. It has been declared as problematic. Affected by this vulnerability is the function ipv6_renew_options of the component IPv6 Handler. The manipulation leads to memory leak. The attack can be launched remotely. It is recommended to apply
- affected < 5.14.21-150400.14.37.1fixed 5.14.21-150400.14.37.1
A vulnerability was found in Linux Kernel. It has been classified as problematic. Affected is an unknown function of the file mm/memory.c of the component Driver Handler. The manipulation leads to use after free. It is possible to launch the attack remotely. It is recommended to
- affected < 5.14.21-150400.14.21.1fixed 5.14.21-150400.14.21.1
A vulnerability has been found in Linux Kernel and classified as problematic. This vulnerability affects the function kcm_tx_work of the file net/kcm/kcmsock.c of the component kcm. The manipulation leads to race condition. It is recommended to apply a patch to fix this issue. VD
- affected < 5.14.21-150400.14.21.1fixed 5.14.21-150400.14.21.1
In the Linux kernel 5.8 through 5.19.x before 5.19.16, local attackers able to inject WLAN frames into the mac80211 stack could cause a NULL pointer dereference denial-of-service attack against the beacon protection of P2P devices.
- affected < 5.14.21-150400.14.21.1fixed 5.14.21-150400.14.21.1
A list management bug in BSS handling in the mac80211 stack in the Linux kernel 5.1 through 5.19.x before 5.19.16 could be used by local attackers (able to inject WLAN frames) to corrupt a linked list and, in turn, potentially execute code.
- affected < 5.14.21-150400.14.21.1fixed 5.14.21-150400.14.21.1
Various refcounting bugs in the multi-BSS handling in the mac80211 stack in the Linux kernel 5.1 through 5.19.x before 5.19.16 could be used by local attackers (able to inject WLAN frames) to trigger use-after-free conditions to potentially execute code.
- affected < 5.14.21-150400.14.21.1fixed 5.14.21-150400.14.21.1
An issue was discovered in the Linux kernel before 5.19.16. Attackers able to inject WLAN frames could cause a buffer overflow in the ieee80211_bss_info_update function in net/mac80211/scan.c.
Page 11 of 16