rpm package
suse/kgraft-patch-SLE12-SP4_Update_36&distro=SUSE Linux Enterprise Live Patching 12 SP4
pkg:rpm/suse/kgraft-patch-SLE12-SP4_Update_36&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2012%20SP4
Vulnerabilities (13)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2023-2513 | — | < 1-6.3.1 | 1-6.3.1 | May 8, 2023 | A use-after-free vulnerability was found in the Linux kernel's ext4 filesystem in the way it handled the extra inode size for extended attributes. This flaw could allow a privileged local user to cause a system crash or other undefined behaviors. | ||
| CVE-2023-32269 | — | < 1-6.3.1 | 1-6.3.1 | May 5, 2023 | An issue was discovered in the Linux kernel before 6.1.11. In net/netrom/af_netrom.c, there is a use-after-free because accept is also allowed for a successfully connected AF_NETROM socket. However, in order for an attacker to exploit this, the system must have netrom routing con | ||
| CVE-2023-31436 | — | < 1-6.3.1 | 1-6.3.1 | Apr 28, 2023 | qfq_change_class in net/sched/sch_qfq.c in the Linux kernel before 6.2.13 allows an out-of-bounds write because lmax can exceed QFQ_MIN_LMAX. | ||
| CVE-2023-31084 | — | < 1-6.3.1 | 1-6.3.1 | Apr 24, 2023 | An issue was discovered in drivers/media/dvb-core/dvb_frontend.c in the Linux kernel 6.2. There is a blocking operation when a task is in !TASK_RUNNING. In dvb_frontend_get_event, wait_event_interruptible is called; the condition is dvb_frontend_test_event(fepriv,events). In dvb_ | ||
| CVE-2023-2194 | — | < 1-6.3.1 | 1-6.3.1 | Apr 20, 2023 | An out-of-bounds write vulnerability was found in the Linux kernel's SLIMpro I2C device driver. The userspace "data->block[0]" variable was not capped to a number between 0-255 and was used as the size of a memcpy, possibly writing beyond the end of dma_buffer. This flaw could al | ||
| CVE-2023-2176 | — | < 1-6.3.1 | 1-6.3.1 | Apr 20, 2023 | A vulnerability was found in compare_netdev_and_ip in drivers/infiniband/core/cma.c in RDMA in the Linux Kernel. The improper cleanup results in out-of-boundary read, where a local user can utilize this problem to crash the system or escalation of privilege. | ||
| CVE-2023-1380 | — | < 1-6.3.1 | 1-6.3.1 | Mar 27, 2023 | A slab-out-of-bound read problem was found in brcmf_get_assoc_ies in drivers/net/wireless/broadcom/brcm80211/brcmfmac/cfg80211.c in the Linux Kernel. This issue could occur when assoc_info->req_len data is bigger than the size of the buffer, defined as WL_EXTRA_BUF_MAX, leading t | ||
| CVE-2022-45919 | — | < 1-6.3.1 | 1-6.3.1 | Nov 27, 2022 | An issue was discovered in the Linux kernel through 6.0.10. In drivers/media/dvb-core/dvb_ca_en50221.c, a use-after-free can occur is there is a disconnect after an open, because of the lack of a wait_event. | ||
| CVE-2022-45887 | — | < 1-6.3.1 | 1-6.3.1 | Nov 25, 2022 | An issue was discovered in the Linux kernel through 6.0.9. drivers/media/usb/ttusb-dec/ttusb_dec.c has a memory leak because of the lack of a dvb_frontend_detach call. | ||
| CVE-2022-45886 | — | < 1-6.3.1 | 1-6.3.1 | Nov 25, 2022 | An issue was discovered in the Linux kernel through 6.0.9. drivers/media/dvb-core/dvb_net.c has a .disconnect versus dvb_device_open race condition that leads to a use-after-free. | ||
| CVE-2022-45885 | — | < 1-6.3.1 | 1-6.3.1 | Nov 25, 2022 | An issue was discovered in the Linux kernel through 6.0.9. drivers/media/dvb-core/dvb_frontend.c has a race condition that can cause a use-after-free when a device is disconnected. | ||
| CVE-2022-45884 | — | < 1-6.3.1 | 1-6.3.1 | Nov 25, 2022 | An issue was discovered in the Linux kernel through 6.0.9. drivers/media/dvb-core/dvbdev.c has a use-after-free, related to dvb_register_device dynamically allocating fops. | ||
| CVE-2022-3566 | — | < 1-6.3.1 | 1-6.3.1 | Oct 17, 2022 | A vulnerability, which was classified as problematic, was found in Linux Kernel. This affects the function tcp_getsockopt/tcp_setsockopt of the component TCP Handler. The manipulation leads to race condition. It is recommended to apply a patch to fix this issue. The identifier VD |
- CVE-2023-2513May 8, 2023affected < 1-6.3.1fixed 1-6.3.1
A use-after-free vulnerability was found in the Linux kernel's ext4 filesystem in the way it handled the extra inode size for extended attributes. This flaw could allow a privileged local user to cause a system crash or other undefined behaviors.
- CVE-2023-32269May 5, 2023affected < 1-6.3.1fixed 1-6.3.1
An issue was discovered in the Linux kernel before 6.1.11. In net/netrom/af_netrom.c, there is a use-after-free because accept is also allowed for a successfully connected AF_NETROM socket. However, in order for an attacker to exploit this, the system must have netrom routing con
- CVE-2023-31436Apr 28, 2023affected < 1-6.3.1fixed 1-6.3.1
qfq_change_class in net/sched/sch_qfq.c in the Linux kernel before 6.2.13 allows an out-of-bounds write because lmax can exceed QFQ_MIN_LMAX.
- CVE-2023-31084Apr 24, 2023affected < 1-6.3.1fixed 1-6.3.1
An issue was discovered in drivers/media/dvb-core/dvb_frontend.c in the Linux kernel 6.2. There is a blocking operation when a task is in !TASK_RUNNING. In dvb_frontend_get_event, wait_event_interruptible is called; the condition is dvb_frontend_test_event(fepriv,events). In dvb_
- CVE-2023-2194Apr 20, 2023affected < 1-6.3.1fixed 1-6.3.1
An out-of-bounds write vulnerability was found in the Linux kernel's SLIMpro I2C device driver. The userspace "data->block[0]" variable was not capped to a number between 0-255 and was used as the size of a memcpy, possibly writing beyond the end of dma_buffer. This flaw could al
- CVE-2023-2176Apr 20, 2023affected < 1-6.3.1fixed 1-6.3.1
A vulnerability was found in compare_netdev_and_ip in drivers/infiniband/core/cma.c in RDMA in the Linux Kernel. The improper cleanup results in out-of-boundary read, where a local user can utilize this problem to crash the system or escalation of privilege.
- CVE-2023-1380Mar 27, 2023affected < 1-6.3.1fixed 1-6.3.1
A slab-out-of-bound read problem was found in brcmf_get_assoc_ies in drivers/net/wireless/broadcom/brcm80211/brcmfmac/cfg80211.c in the Linux Kernel. This issue could occur when assoc_info->req_len data is bigger than the size of the buffer, defined as WL_EXTRA_BUF_MAX, leading t
- CVE-2022-45919Nov 27, 2022affected < 1-6.3.1fixed 1-6.3.1
An issue was discovered in the Linux kernel through 6.0.10. In drivers/media/dvb-core/dvb_ca_en50221.c, a use-after-free can occur is there is a disconnect after an open, because of the lack of a wait_event.
- CVE-2022-45887Nov 25, 2022affected < 1-6.3.1fixed 1-6.3.1
An issue was discovered in the Linux kernel through 6.0.9. drivers/media/usb/ttusb-dec/ttusb_dec.c has a memory leak because of the lack of a dvb_frontend_detach call.
- CVE-2022-45886Nov 25, 2022affected < 1-6.3.1fixed 1-6.3.1
An issue was discovered in the Linux kernel through 6.0.9. drivers/media/dvb-core/dvb_net.c has a .disconnect versus dvb_device_open race condition that leads to a use-after-free.
- CVE-2022-45885Nov 25, 2022affected < 1-6.3.1fixed 1-6.3.1
An issue was discovered in the Linux kernel through 6.0.9. drivers/media/dvb-core/dvb_frontend.c has a race condition that can cause a use-after-free when a device is disconnected.
- CVE-2022-45884Nov 25, 2022affected < 1-6.3.1fixed 1-6.3.1
An issue was discovered in the Linux kernel through 6.0.9. drivers/media/dvb-core/dvbdev.c has a use-after-free, related to dvb_register_device dynamically allocating fops.
- CVE-2022-3566Oct 17, 2022affected < 1-6.3.1fixed 1-6.3.1
A vulnerability, which was classified as problematic, was found in Linux Kernel. This affects the function tcp_getsockopt/tcp_setsockopt of the component TCP Handler. The manipulation leads to race condition. It is recommended to apply a patch to fix this issue. The identifier VD