VYPR

rpm package

suse/kgraft-patch-SLE12-SP5_Update_56&distro=SUSE Linux Enterprise Live Patching 12 SP5

pkg:rpm/suse/kgraft-patch-SLE12-SP5_Update_56&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2012%20SP5

Vulnerabilities (236)

  • CVE-2023-6356Feb 7, 2024
    affected < 1-8.3.1fixed 1-8.3.1

    A flaw was found in the Linux kernel's NVMe driver. This issue may allow an unauthenticated malicious actor to send a set of crafted TCP packages when using NVMe over TCP, leading the NVMe driver to a NULL pointer dereference in the NVMe driver and causing kernel panic and a deni

  • CVE-2024-24855MedFeb 5, 2024
    affected < 1-8.3.1fixed 1-8.3.1

    A race condition was found in the Linux kernel's scsi device driver in lpfc_unregister_fcf_rescan() function. This can result in a null pointer dereference issue, possibly leading to a kernel panic or denial of service issue.

  • CVE-2024-24861Feb 5, 2024
    affected < 1-8.3.1fixed 1-8.3.1

    A race condition was found in the Linux kernel's media/xc4000 device driver in xc4000 xc4000_get_frequency() function. This can result in return value overflow issue, possibly leading to malfunction or denial of service issue.

  • CVE-2024-23307MedJan 25, 2024
    affected < 1-8.3.1fixed 1-8.3.1

    Integer Overflow or Wraparound vulnerability in Linux Linux kernel kernel on Linux, x86, ARM (md, raid, raid5 modules) allows Forced Integer Overflow.

  • CVE-2024-22099MedJan 25, 2024
    affected < 1-8.3.1fixed 1-8.3.1

    NULL Pointer Dereference vulnerability in Linux Linux kernel kernel on Linux, x86, ARM (net, bluetooth modules) allows Overflow Buffers. This vulnerability is associated with program files /net/bluetooth/rfcomm/core.C. This issue affects Linux kernel: v2.6.12-rc2.

  • CVE-2024-23848MedJan 23, 2024
    affected < 1-8.3.1fixed 1-8.3.1

    In the Linux kernel through 6.7.1, there is a use-after-free in cec_queue_msg_fh, related to drivers/media/cec/core/cec-adap.c and drivers/media/cec/core/cec-api.c.

  • CVE-2022-48619Jan 12, 2024
    affected < 1-8.3.1fixed 1-8.3.1

    An issue was discovered in drivers/input/input.c in the Linux kernel before 5.17.10. An attacker can cause a denial of service (panic) because input_set_capability mishandles the situation in which an event code falls outside of a bitmap.

  • CVE-2023-6270Jan 4, 2024
    affected < 1-8.3.1fixed 1-8.3.1

    A flaw was found in the ATA over Ethernet (AoE) driver in the Linux kernel. The aoecmd_cfg_pkts() function improperly updates the refcnt on `struct net_device`, and a use-after-free can be triggered by racing between the free on the struct and the access through the `skbtxq` glob

  • CVE-2023-7192Jan 2, 2024
    affected < 1-8.3.1fixed 1-8.3.1

    A memory leak problem was found in ctnetlink_create_conntrack in net/netfilter/nf_conntrack_netlink.c in the Linux Kernel. This issue may allow a local attacker with CAP_NET_ADMIN privileges to cause a denial of service (DoS) attack due to a refcount overflow.

  • CVE-2023-7042Dec 21, 2023
    affected < 1-8.3.1fixed 1-8.3.1

    A null pointer dereference vulnerability was found in ath10k_wmi_tlv_op_pull_mgmt_tx_compl_ev() in drivers/net/wireless/ath/ath10k/wmi-tlv.c in the Linux kernel. This issue could be exploited to trigger a denial of service.

  • CVE-2023-0160Jul 18, 2023
    affected < 1-8.3.1fixed 1-8.3.1

    A deadlock flaw was found in the Linux kernel’s BPF subsystem. This flaw allows a local user to potentially crash the system.

  • CVE-2023-35827Jun 18, 2023
    affected < 1-8.3.1fixed 1-8.3.1

    An issue was discovered in the Linux kernel through 6.3.8. A use-after-free was found in ravb_remove in drivers/net/ethernet/renesas/ravb_main.c.

  • CVE-2023-1829Apr 12, 2023
    affected < 2-8.6.1fixed 2-8.6.1

    A use-after-free vulnerability in the Linux Kernel traffic control index filter (tcindex) can be exploited to achieve local privilege escalation. The tcindex_delete function which does not properly deactivate filters in case of a perfect hashes while deleting the underlying struc

  • CVE-2022-0487Feb 4, 2022
    affected < 1-8.3.1fixed 1-8.3.1

    A use-after-free vulnerability was found in rtsx_usb_ms_drv_remove in drivers/memstick/host/rtsx_usb_ms.c in memstick in the Linux kernel. In this flaw, a local attacker with a user privilege may impact system Confidentiality. This flaw affects kernel versions prior to 5.14 rc1.

  • CVE-2021-23134May 12, 2021
    affected < 1-8.3.1fixed 1-8.3.1

    Use After Free vulnerability in nfc sockets in the Linux Kernel before 5.12.4 allows local attackers to elevate their privileges. In typical configurations, the issue can only be triggered by a privileged local user with the CAP_NET_RAW capability.

  • CVE-2020-36312Apr 6, 2021
    affected < 1-8.3.1fixed 1-8.3.1

    An issue was discovered in the Linux kernel before 5.8.10. virt/kvm/kvm_main.c has a kvm_io_bus_unregister_dev memory leak upon a kmalloc failure, aka CID-f65886606c2d.

Page 12 of 12