rpm package
suse/kgraft-patch-SLE12-SP5_Update_39&distro=SUSE Linux Enterprise Live Patching 12 SP5
pkg:rpm/suse/kgraft-patch-SLE12-SP5_Update_39&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2012%20SP5
Vulnerabilities (26)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2023-0394 | — | < 1-8.3.1 | 1-8.3.1 | Jan 24, 2023 | A NULL pointer dereference flaw was found in rawv6_push_pending_frames in net/ipv6/raw.c in the network subcomponent in the Linux kernel. This flaw causes the system to crash. | ||
| CVE-2023-23454 | — | < 1-8.3.1 | 1-8.3.1 | Jan 12, 2023 | cbq_classify in net/sched/sch_cbq.c in the Linux kernel through 6.1.4 allows attackers to cause a denial of service (slab-out-of-bounds read) because of type confusion (non-negative numbers can sometimes indicate a TC_ACT_SHOT condition rather than valid classification results). | ||
| CVE-2022-4662 | — | < 1-8.3.1 | 1-8.3.1 | Dec 22, 2022 | A flaw incorrect access control in the Linux kernel USB core subsystem was found in the way user attaches usb device. A local user could use this flaw to crash the system. | ||
| CVE-2022-3108 | — | < 1-8.3.1 | 1-8.3.1 | Dec 14, 2022 | An issue was discovered in the Linux kernel through 5.16-rc6. kfd_parse_subtype_iolink in drivers/gpu/drm/amd/amdkfd/kfd_crat.c lacks check of the return value of kmemdup(). | ||
| CVE-2022-3107 | — | < 1-8.3.1 | 1-8.3.1 | Dec 14, 2022 | An issue was discovered in the Linux kernel through 5.16-rc6. netvsc_get_ethtool_stats in drivers/net/hyperv/netvsc_drv.c lacks check of the return value of kvmalloc_array() and will cause the null pointer dereference. | ||
| CVE-2022-3564 | — | < 1-8.3.1 | 1-8.3.1 | Oct 17, 2022 | A vulnerability classified as critical was found in Linux Kernel. Affected by this vulnerability is the function l2cap_reassemble_sdu of the file net/bluetooth/l2cap_core.c of the component Bluetooth. The manipulation leads to use after free. It is recommended to apply a patch to |
- CVE-2023-0394Jan 24, 2023affected < 1-8.3.1fixed 1-8.3.1
A NULL pointer dereference flaw was found in rawv6_push_pending_frames in net/ipv6/raw.c in the network subcomponent in the Linux kernel. This flaw causes the system to crash.
- CVE-2023-23454Jan 12, 2023affected < 1-8.3.1fixed 1-8.3.1
cbq_classify in net/sched/sch_cbq.c in the Linux kernel through 6.1.4 allows attackers to cause a denial of service (slab-out-of-bounds read) because of type confusion (non-negative numbers can sometimes indicate a TC_ACT_SHOT condition rather than valid classification results).
- CVE-2022-4662Dec 22, 2022affected < 1-8.3.1fixed 1-8.3.1
A flaw incorrect access control in the Linux kernel USB core subsystem was found in the way user attaches usb device. A local user could use this flaw to crash the system.
- CVE-2022-3108Dec 14, 2022affected < 1-8.3.1fixed 1-8.3.1
An issue was discovered in the Linux kernel through 5.16-rc6. kfd_parse_subtype_iolink in drivers/gpu/drm/amd/amdkfd/kfd_crat.c lacks check of the return value of kmemdup().
- CVE-2022-3107Dec 14, 2022affected < 1-8.3.1fixed 1-8.3.1
An issue was discovered in the Linux kernel through 5.16-rc6. netvsc_get_ethtool_stats in drivers/net/hyperv/netvsc_drv.c lacks check of the return value of kvmalloc_array() and will cause the null pointer dereference.
- CVE-2022-3564Oct 17, 2022affected < 1-8.3.1fixed 1-8.3.1
A vulnerability classified as critical was found in Linux Kernel. Affected by this vulnerability is the function l2cap_reassemble_sdu of the file net/bluetooth/l2cap_core.c of the component Bluetooth. The manipulation leads to use after free. It is recommended to apply a patch to
Page 2 of 2