VYPR

rpm package

suse/kgraft-patch-SLE12-SP5_Update_44&distro=SUSE Linux Enterprise Live Patching 12 SP5

pkg:rpm/suse/kgraft-patch-SLE12-SP5_Update_44&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2012%20SP5

Vulnerabilities (30)

  • CVE-2023-2176Apr 20, 2023
    affected < 1-8.3.1fixed 1-8.3.1

    A vulnerability was found in compare_netdev_and_ip in drivers/infiniband/core/cma.c in RDMA in the Linux Kernel. The improper cleanup results in out-of-boundary read, where a local user can utilize this problem to crash the system or escalation of privilege.

  • CVE-2023-1380Mar 27, 2023
    affected < 1-8.3.1fixed 1-8.3.1

    A slab-out-of-bound read problem was found in brcmf_get_assoc_ies in drivers/net/wireless/broadcom/brcm80211/brcmfmac/cfg80211.c in the Linux Kernel. This issue could occur when assoc_info->req_len data is bigger than the size of the buffer, defined as WL_EXTRA_BUF_MAX, leading t

  • CVE-2023-1077Mar 27, 2023
    affected < 3-2.1fixed 3-2.1

    In the Linux kernel, pick_next_rt_entity() may return a type confused entry, not detected by the BUG_ON condition, as the confused entry will not be NULL, but list_head.The buggy error condition would lead to a type confused entry with the list head,which would then be used as a

  • CVE-2023-28466Mar 15, 2023
    affected < 1-8.3.1fixed 1-8.3.1

    do_tls_getsockopt in net/tls/tls_main.c in the Linux kernel through 6.2.6 lacks a lock_sock call, leading to a race condition (with a resultant use-after-free or NULL pointer dereference).

  • CVE-2022-45919Nov 27, 2022
    affected < 1-8.3.1fixed 1-8.3.1

    An issue was discovered in the Linux kernel through 6.0.10. In drivers/media/dvb-core/dvb_ca_en50221.c, a use-after-free can occur is there is a disconnect after an open, because of the lack of a wait_event.

  • CVE-2022-45887Nov 25, 2022
    affected < 1-8.3.1fixed 1-8.3.1

    An issue was discovered in the Linux kernel through 6.0.9. drivers/media/usb/ttusb-dec/ttusb_dec.c has a memory leak because of the lack of a dvb_frontend_detach call.

  • CVE-2022-45886Nov 25, 2022
    affected < 1-8.3.1fixed 1-8.3.1

    An issue was discovered in the Linux kernel through 6.0.9. drivers/media/dvb-core/dvb_net.c has a .disconnect versus dvb_device_open race condition that leads to a use-after-free.

  • CVE-2022-45885Nov 25, 2022
    affected < 1-8.3.1fixed 1-8.3.1

    An issue was discovered in the Linux kernel through 6.0.9. drivers/media/dvb-core/dvb_frontend.c has a race condition that can cause a use-after-free when a device is disconnected.

  • CVE-2022-45884Nov 25, 2022
    affected < 1-8.3.1fixed 1-8.3.1

    An issue was discovered in the Linux kernel through 6.0.9. drivers/media/dvb-core/dvbdev.c has a use-after-free, related to dvb_register_device dynamically allocating fops.

  • CVE-2022-3566Oct 17, 2022
    affected < 1-8.3.1fixed 1-8.3.1

    A vulnerability, which was classified as problematic, was found in Linux Kernel. This affects the function tcp_getsockopt/tcp_setsockopt of the component TCP Handler. The manipulation leads to race condition. It is recommended to apply a patch to fix this issue. The identifier VD

Page 2 of 2