rpm package
suse/kgraft-patch-SLE12-SP5_Update_48&distro=SUSE Linux Enterprise Live Patching 12 SP5
pkg:rpm/suse/kgraft-patch-SLE12-SP5_Update_48&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2012%20SP5
Vulnerabilities (26)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2023-4134 | — | < 1-8.3.1 | 1-8.3.1 | Nov 14, 2024 | A use-after-free vulnerability was found in the cyttsp4_core driver in the Linux kernel. This issue occurs in the device cleanup routine due to a possible rearming of the watchdog_timer from the workqueue. This could allow a local user to crash the system, causing a denial of ser | ||
| CVE-2024-41059 | — | < 14-2.1 | 14-2.1 | Jul 29, 2024 | In the Linux kernel, the following vulnerability has been resolved: hfsplus: fix uninit-value in copy_name [syzbot reported] BUG: KMSAN: uninit-value in sized_strscpy+0xc4/0x160 sized_strscpy+0xc4/0x160 copy_name+0x2af/0x320 fs/hfsplus/xattr.c:411 hfsplus_listxattr+0x11e9/0x | ||
| CVE-2024-36964 | — | < 14-2.1 | 14-2.1 | Jun 3, 2024 | In the Linux kernel, the following vulnerability has been resolved: fs/9p: only translate RWX permissions for plain 9P2000 Garbage in plain 9P2000's perm bits is allowed through, which causes it to be able to set (among others) the suid bit. This was presumably not the intent s | ||
| CVE-2021-47378 | — | < 13-2.1 | 13-2.1 | May 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: nvme-rdma: destroy cm id before destroy qp to avoid use after free We should always destroy cm_id before destroy qp to avoid to get cma event after qp was destroyed, which may lead to use after free. In RDMA co | ||
| CVE-2024-35950 | Med | 5.5 | < 12-2.1 | 12-2.1 | May 20, 2024 | In the Linux kernel, the following vulnerability has been resolved: drm/client: Fully protect modes[] with dev->mode_config.mutex The modes[] array contains pointers to modes on the connectors' mode lists, which are protected by dev->mode_config.mutex. Thus we need to extend mo | |
| CVE-2024-27398 | — | < 12-2.1 | 12-2.1 | May 13, 2024 | In the Linux kernel, the following vulnerability has been resolved: Bluetooth: Fix use-after-free bugs caused by sco_sock_timeout When the sco connection is established and then, the sco socket is releasing, timeout_work will be scheduled to judge whether the sco disconnection | ||
| CVE-2023-51779 | Hig | 7.0 | < 6-2.2 | 6-2.2 | Feb 29, 2024 | bt_sock_recvmsg in net/bluetooth/af_bluetooth.c in the Linux kernel through 6.6.8 has a use-after-free because of a bt_sock_ioctl race condition. | |
| CVE-2024-1086 | — | KEV | < 8-2.1 | 8-2.1 | Jan 31, 2024 | A use-after-free vulnerability in the Linux kernel's netfilter: nf_tables component can be exploited to achieve local privilege escalation. The nft_verdict_init() function allows positive values as drop error within the hook verdict, and hence the nf_hook_slow() function can cau | |
| CVE-2023-5717 | — | < 8-2.1 | 8-2.1 | Oct 25, 2023 | A heap out-of-bounds write vulnerability in the Linux kernel's Linux Kernel Performance Events (perf) component can be exploited to achieve local privilege escalation. If perf_read_group() is called while an event's sibling_list is smaller than its child's sibling_list, it can i | ||
| CVE-2023-34319 | — | < 1-8.3.1 | 1-8.3.1 | Sep 22, 2023 | The fix for XSA-423 added logic to Linux'es netback driver to deal with a frontend splitting a packet in a way such that not all of the headers would come in one piece. Unfortunately the logic introduced there didn't account for the extreme case of the entire packet being split | ||
| CVE-2023-4623 | — | < 2-2.2 | 2-2.2 | Sep 6, 2023 | A use-after-free vulnerability in the Linux kernel's net/sched: sch_hfsc (HFSC qdisc traffic control) component can be exploited to achieve local privilege escalation. If a class with a link-sharing curve (i.e. with the HFSC_FSC flag set) has a parent without a link-sharing curv | ||
| CVE-2023-4459 | — | < 1-8.3.1 | 1-8.3.1 | Aug 21, 2023 | A NULL pointer dereference flaw was found in vmxnet3_rq_cleanup in drivers/net/vmxnet3/vmxnet3_drv.c in the networking sub-component in vmxnet3 in the Linux Kernel. This issue may allow a local attacker with normal user privilege to cause a denial of service due to a missing sani | ||
| CVE-2023-4387 | — | < 1-8.3.1 | 1-8.3.1 | Aug 16, 2023 | A use-after-free flaw was found in vmxnet3_rq_alloc_rx_buf in drivers/net/vmxnet3/vmxnet3_drv.c in VMware's vmxnet3 ethernet NIC driver in the Linux Kernel. This issue could allow a local attacker to crash the system due to a double-free while cleaning up vmxnet3_rq_cleanup_all, | ||
| CVE-2023-4385 | — | < 1-8.3.1 | 1-8.3.1 | Aug 16, 2023 | A NULL pointer dereference flaw was found in dbFree in fs/jfs/jfs_dmap.c in the journaling file system (JFS) in the Linux Kernel. This issue may allow a local attacker to crash the system due to a missing sanity check. | ||
| CVE-2023-40283 | — | < 1-8.3.1 | 1-8.3.1 | Aug 14, 2023 | An issue was discovered in l2cap_sock_release in net/bluetooth/l2cap_sock.c in the Linux kernel before 6.4.10. There is a use-after-free because the children of an sk are mishandled. | ||
| CVE-2023-20588 | — | < 1-8.3.1 | 1-8.3.1 | Aug 8, 2023 | A division-by-zero error on some AMD processors can potentially return speculative data resulting in loss of confidentiality. | ||
| CVE-2023-4194 | — | < 1-8.3.1 | 1-8.3.1 | Aug 7, 2023 | A flaw was found in the Linux kernel's TUN/TAP functionality. This issue could allow a local user to bypass network filters and gain unauthorized access to some resources. The original patches fixing CVE-2023-1076 are incorrect or incomplete. The problem is that the following ups | ||
| CVE-2023-4132 | — | < 1-8.3.1 | 1-8.3.1 | Aug 3, 2023 | A use-after-free vulnerability was found in the siano smsusb module in the Linux kernel. The bug occurs during device initialization when the siano device is plugged in. This flaw allows a local user to crash the system, causing a denial of service condition. | ||
| CVE-2023-4133 | — | < 1-8.3.1 | 1-8.3.1 | Aug 3, 2023 | A use-after-free vulnerability was found in the cxgb4 driver in the Linux kernel. The bug occurs when the cxgb4 device is detaching due to a possible rearming of the flower_stats_timer from the work queue. This flaw allows a local user to crash the system, causing a denial of ser | ||
| CVE-2023-3772 | — | < 1-8.3.1 | 1-8.3.1 | Jul 25, 2023 | A flaw was found in the Linux kernel’s IP framework for transforming packets (XFRM subsystem). This issue may allow a malicious user with CAP_NET_ADMIN privileges to directly dereference a NULL pointer in xfrm_update_ae_params(), leading to a possible kernel crash and denial of s |
- CVE-2023-4134Nov 14, 2024affected < 1-8.3.1fixed 1-8.3.1
A use-after-free vulnerability was found in the cyttsp4_core driver in the Linux kernel. This issue occurs in the device cleanup routine due to a possible rearming of the watchdog_timer from the workqueue. This could allow a local user to crash the system, causing a denial of ser
- CVE-2024-41059Jul 29, 2024affected < 14-2.1fixed 14-2.1
In the Linux kernel, the following vulnerability has been resolved: hfsplus: fix uninit-value in copy_name [syzbot reported] BUG: KMSAN: uninit-value in sized_strscpy+0xc4/0x160 sized_strscpy+0xc4/0x160 copy_name+0x2af/0x320 fs/hfsplus/xattr.c:411 hfsplus_listxattr+0x11e9/0x
- CVE-2024-36964Jun 3, 2024affected < 14-2.1fixed 14-2.1
In the Linux kernel, the following vulnerability has been resolved: fs/9p: only translate RWX permissions for plain 9P2000 Garbage in plain 9P2000's perm bits is allowed through, which causes it to be able to set (among others) the suid bit. This was presumably not the intent s
- CVE-2021-47378May 21, 2024affected < 13-2.1fixed 13-2.1
In the Linux kernel, the following vulnerability has been resolved: nvme-rdma: destroy cm id before destroy qp to avoid use after free We should always destroy cm_id before destroy qp to avoid to get cma event after qp was destroyed, which may lead to use after free. In RDMA co
- affected < 12-2.1fixed 12-2.1
In the Linux kernel, the following vulnerability has been resolved: drm/client: Fully protect modes[] with dev->mode_config.mutex The modes[] array contains pointers to modes on the connectors' mode lists, which are protected by dev->mode_config.mutex. Thus we need to extend mo
- CVE-2024-27398May 13, 2024affected < 12-2.1fixed 12-2.1
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: Fix use-after-free bugs caused by sco_sock_timeout When the sco connection is established and then, the sco socket is releasing, timeout_work will be scheduled to judge whether the sco disconnection
- affected < 6-2.2fixed 6-2.2
bt_sock_recvmsg in net/bluetooth/af_bluetooth.c in the Linux kernel through 6.6.8 has a use-after-free because of a bt_sock_ioctl race condition.
- affected < 8-2.1fixed 8-2.1
A use-after-free vulnerability in the Linux kernel's netfilter: nf_tables component can be exploited to achieve local privilege escalation. The nft_verdict_init() function allows positive values as drop error within the hook verdict, and hence the nf_hook_slow() function can cau
- CVE-2023-5717Oct 25, 2023affected < 8-2.1fixed 8-2.1
A heap out-of-bounds write vulnerability in the Linux kernel's Linux Kernel Performance Events (perf) component can be exploited to achieve local privilege escalation. If perf_read_group() is called while an event's sibling_list is smaller than its child's sibling_list, it can i
- CVE-2023-34319Sep 22, 2023affected < 1-8.3.1fixed 1-8.3.1
The fix for XSA-423 added logic to Linux'es netback driver to deal with a frontend splitting a packet in a way such that not all of the headers would come in one piece. Unfortunately the logic introduced there didn't account for the extreme case of the entire packet being split
- CVE-2023-4623Sep 6, 2023affected < 2-2.2fixed 2-2.2
A use-after-free vulnerability in the Linux kernel's net/sched: sch_hfsc (HFSC qdisc traffic control) component can be exploited to achieve local privilege escalation. If a class with a link-sharing curve (i.e. with the HFSC_FSC flag set) has a parent without a link-sharing curv
- CVE-2023-4459Aug 21, 2023affected < 1-8.3.1fixed 1-8.3.1
A NULL pointer dereference flaw was found in vmxnet3_rq_cleanup in drivers/net/vmxnet3/vmxnet3_drv.c in the networking sub-component in vmxnet3 in the Linux Kernel. This issue may allow a local attacker with normal user privilege to cause a denial of service due to a missing sani
- CVE-2023-4387Aug 16, 2023affected < 1-8.3.1fixed 1-8.3.1
A use-after-free flaw was found in vmxnet3_rq_alloc_rx_buf in drivers/net/vmxnet3/vmxnet3_drv.c in VMware's vmxnet3 ethernet NIC driver in the Linux Kernel. This issue could allow a local attacker to crash the system due to a double-free while cleaning up vmxnet3_rq_cleanup_all,
- CVE-2023-4385Aug 16, 2023affected < 1-8.3.1fixed 1-8.3.1
A NULL pointer dereference flaw was found in dbFree in fs/jfs/jfs_dmap.c in the journaling file system (JFS) in the Linux Kernel. This issue may allow a local attacker to crash the system due to a missing sanity check.
- CVE-2023-40283Aug 14, 2023affected < 1-8.3.1fixed 1-8.3.1
An issue was discovered in l2cap_sock_release in net/bluetooth/l2cap_sock.c in the Linux kernel before 6.4.10. There is a use-after-free because the children of an sk are mishandled.
- CVE-2023-20588Aug 8, 2023affected < 1-8.3.1fixed 1-8.3.1
A division-by-zero error on some AMD processors can potentially return speculative data resulting in loss of confidentiality.
- CVE-2023-4194Aug 7, 2023affected < 1-8.3.1fixed 1-8.3.1
A flaw was found in the Linux kernel's TUN/TAP functionality. This issue could allow a local user to bypass network filters and gain unauthorized access to some resources. The original patches fixing CVE-2023-1076 are incorrect or incomplete. The problem is that the following ups
- CVE-2023-4132Aug 3, 2023affected < 1-8.3.1fixed 1-8.3.1
A use-after-free vulnerability was found in the siano smsusb module in the Linux kernel. The bug occurs during device initialization when the siano device is plugged in. This flaw allows a local user to crash the system, causing a denial of service condition.
- CVE-2023-4133Aug 3, 2023affected < 1-8.3.1fixed 1-8.3.1
A use-after-free vulnerability was found in the cxgb4 driver in the Linux kernel. The bug occurs when the cxgb4 device is detaching due to a possible rearming of the flower_stats_timer from the work queue. This flaw allows a local user to crash the system, causing a denial of ser
- CVE-2023-3772Jul 25, 2023affected < 1-8.3.1fixed 1-8.3.1
A flaw was found in the Linux kernel’s IP framework for transforming packets (XFRM subsystem). This issue may allow a malicious user with CAP_NET_ADMIN privileges to directly dereference a NULL pointer in xfrm_update_ae_params(), leading to a possible kernel crash and denial of s
Page 1 of 2