suse/kgraft-patch-SLE12-SP4_Update_28&distro=SUSE Linux Enterprise Live Patching 12 SP4

Vulnerabilities (40)

• CVE-2022-2588Jan 8, 2024
  affected < 4-2.1fixed 4-2.1

  It was discovered that the cls_route filter implementation in the Linux kernel would not remove an old filter from the hashtable before freeing it if its handle had the value 0.

• CVE-2023-31436Apr 28, 2023
  affected < 11-2.3fixed 11-2.3

  qfq_change_class in net/sched/sch_qfq.c in the Linux kernel before 6.2.13 allows an out-of-bounds write because lmax can exceed QFQ_MIN_LMAX.

• CVE-2023-0590Mar 23, 2023
  affected < 9-2.2fixed 9-2.2

  A use-after-free flaw was found in qdisc_graft in net/sched/sch_api.c in the Linux Kernel due to a race problem. This flaw leads to a denial of service issue. If patch ebda44da44f6 ("net: sched: fix race condition in qdisc_graft()") not applied yet, then kernel could be affected.

• CVE-2023-1390Mar 16, 2023
  affected < 11-2.3fixed 11-2.3

  A remote denial of service vulnerability was found in the Linux kernel’s TIPC kernel module. The while loop in tipc_link_xmit() hits an unknown state while attempting to parse SKBs, which are not in the queue. Sending two small UDP packets to a system with a UDP bearer results in

• CVE-2022-3424Mar 6, 2023
  affected < 6-2.1fixed 6-2.1

  A use-after-free flaw was found in the Linux kernel’s SGI GRU driver in the way the first gru_file_unlocked_ioctl function is called by the user, where a fail pass occurs in the gru_check_chiplet_assignment function. This flaw allows a local user to crash or potentially escalate

• CVE-2023-1118Mar 2, 2023
  affected < 9-2.2fixed 9-2.2

  A flaw use after free in the Linux kernel integrated infrared receiver/transceiver driver was found in the way user detaching rc device. A local user could use this flaw to crash the system or potentially escalate their privileges on the system.

• CVE-2023-23455Jan 12, 2023
  affected < 11-2.3fixed 11-2.3

  atm_tc_enqueue in net/sched/sch_atm.c in the Linux kernel through 6.1.4 allows attackers to cause a denial of service because of type confusion (non-negative numbers can sometimes indicate a TC_ACT_SHOT condition rather than valid classification results).

• CVE-2022-4378Jan 5, 2023
  affected < 5-2.1fixed 5-2.1

  A stack overflow flaw was found in the Linux kernel's SYSCTL subsystem in how a user changes certain kernel parameters and variables. This flaw allows a local user to crash or potentially escalate their privileges on the system.

• CVE-2022-43945HigNov 4, 2022
  affected < 5-2.1fixed 5-2.1

  The Linux kernel NFSD implementation prior to versions 5.19.17 and 6.0.2 are vulnerable to buffer overflow. NFSD tracks the number of pages held by each NFSD thread by combining the receive and send buffers of a remote procedure call (RPC) into a single array of pages. A client c

• CVE-2022-3586Oct 19, 2022
  affected < 5-2.1fixed 5-2.1

  A flaw was found in the Linux kernel’s networking code. A use-after-free was found in the way the sch_sfb enqueue function used the socket buffer (SKB) cb field after the same SKB had been enqueued (and freed) into a child qdisc. This flaw allows a local, unprivileged user to cra

• CVE-2022-3565Oct 17, 2022
  affected < 6-2.1fixed 6-2.1

  A vulnerability, which was classified as critical, has been found in Linux Kernel. Affected by this issue is the function del_timer of the file drivers/isdn/mISDN/l1oip_core.c of the component Bluetooth. The manipulation leads to use after free. It is recommended to apply a patch

• CVE-2022-3545Oct 17, 2022
  affected < 5-2.1fixed 5-2.1

  A vulnerability has been found in Linux Kernel and classified as critical. Affected by this vulnerability is the function area_cache_get of the file drivers/net/ethernet/netronome/nfp/nfpcore/nfp_cppcore.c of the component IPsec. The manipulation leads to use after free. It is re

• CVE-2022-42703Oct 9, 2022
  affected < 4-2.1fixed 4-2.1

  mm/rmap.c in the Linux kernel before 5.19.7 has a use-after-free related to leaf anon_vma double reuse.

• CVE-2022-41218Sep 21, 2022
  affected < 5-2.1fixed 5-2.1

  In drivers/media/dvb-core/dmxdev.c in the Linux kernel through 5.19.10, there is a use-after-free caused by refcount races, affecting dvb_demux_open and dvb_dmxdev_release.

• CVE-2022-39188Sep 2, 2022
  affected < 3-2.2fixed 3-2.2

  An issue was discovered in include/asm-generic/tlb.h in the Linux kernel before 5.19. Because of a race condition (unmap_mapping_range versus munmap), a device driver can free a page while it still has stale TLB entries. This only occurs in situations with VM_PFNMAP VMAs.

• CVE-2022-1729Sep 1, 2022
  affected < 1-6.3.1fixed 1-6.3.1

  A race condition was found the Linux kernel in perf_event_open() which can be exploited by an unprivileged user to gain root privileges. The bug allows to build several exploit primitives such as kernel address information leak, arbitrary execution, etc.

• CVE-2022-1975Aug 31, 2022
  affected < 1-6.3.1fixed 1-6.3.1

  There is a sleep-in-atomic bug in /net/nfc/netlink.c that allows an attacker to crash the Linux kernel by simulating a nfc device from user-space.

• CVE-2022-1974Aug 31, 2022
  affected < 1-6.3.1fixed 1-6.3.1

  A use-after-free flaw was found in the Linux kernel's NFC core functionality due to a race condition between kobject creation and delete. This vulnerability allows a local attacker with CAP_NET_ADMIN privilege to leak kernel information.

• CVE-2022-1184Aug 29, 2022
  affected < 1-6.3.1fixed 1-6.3.1

  A use-after-free flaw was found in fs/ext4/namei.c:dx_insert_block() in the Linux kernel’s filesystem sub-component. This flaw allows a local attacker with a user privilege to cause a denial of service.

• CVE-2022-2991Aug 25, 2022
  affected < 9-2.2fixed 9-2.2

  A heap-based buffer overflow was found in the Linux kernel's LightNVM subsystem. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length heap-based buffer. This vulnerability allows a local attacker to escalat