kgraft-patch-SLE12-SP5_Update_31 (SUSE:Linux Enterprise Live Patching 12 SP5) — known CVEs & security advisories
Known CVE vulnerabilities and GitHub Security Advisories affecting the SUSE:Linux Enterprise Live Patching 12 SP5 package kgraft-patch-SLE12-SP5_Update_31, with affected version ranges, CVSS severity, EPSS exploit prediction, and CISA KEV status.
CVE-2022-1419 — CVSS 7.8 (high): The root cause of this vulnerability is that the ioctl$DRM_IOCTL_MODE_DESTROY_DUMB can decrease refcount of *drm_vgem_gem_object *(created…
CVE-2022-3424 — CVSS 7.8 (high): A use-after-free flaw was found in the Linux kernel’s SGI GRU driver in the way the first gru_file_unlocked_ioctl function is called by…
CVE-2022-1679 — CVSS 7.8 (high): A use-after-free flaw was found in the Linux kernel’s Atheros wireless adapter driver in the way a user forces the ath9k_htc_wait_for_targ…
CVE-2022-4378 — CVSS 7.8 (high): A stack overflow flaw was found in the Linux kernel's SYSCTL subsystem in how a user changes certain kernel parameters and variables. This…
CVE-2022-1652 — CVSS 7.8 (high): Linux Kernel could allow a local attacker to execute arbitrary code on the system, caused by a concurrency use-after-free flaw in the…
CVE-2022-29581 — CVSS 7.8 (high): Improper Update of Reference Count vulnerability in net/sched of Linux Kernel allows local attacker to cause privilege escalation to root…
CVE-2023-1118 — CVSS 7.8 (high): A flaw use after free in the Linux kernel integrated infrared receiver/transceiver driver was found in the way user detaching rc device. A…
CVE-2022-1011 — CVSS 7.8 (high): A use-after-free flaw was found in the Linux kernel’s FUSE filesystem in the way a user triggers write(). This flaw allows a local user…
CVE-2022-43945 — CVSS 7.5 (high): The Linux kernel NFSD implementation prior to versions 5.19.17 and 6.0.2 are vulnerable to buffer overflow. NFSD tracks the number of pages…
CVE-2022-36946 — CVSS 7.5 (high): nfqnl_mangle in net/netfilter/nfnetlink_queue.c in the Linux kernel through 5.18.14 allows remote attackers to cause a denial of service…
CVE-2022-1353 — CVSS 7.1 (high): A vulnerability was found in the pfkey_register function in net/key/af_key.c in the Linux kernel. This flaw allows a local, unprivileged…
CVE-2022-1734 — CVSS 7.0 (high): A flaw in Linux Kernel found in nfcmrvl_nci_unregister_dev() in drivers/nfc/nfcmrvl/main.c can lead to use after free both read or write…
CVE-2022-1729 — CVSS 7.0 (high): A race condition was found the Linux kernel in perf_event_open() which can be exploited by an unprivileged user to gain root privileges…
CVE-2022-20141 — CVSS 7.0 (high): In ip_check_mc_rcu of igmp.c, there is a possible use after free due to improper locking. This could lead to local escalation of privilege…
CVE-2022-21499 — CVSS 6.7 (medium): KGDB and KDB allow read and write access to kernel memory, and thus should be restricted during lockdown. An attacker with access to a…
CVE-2021-20292 — CVSS 6.7 (medium): There is a flaw reported in the Linux kernel in versions before 5.9 in drivers/gpu/drm/nouveau/nouveau_sgdma.c in nouveau_sgdma_create_ttm…
CVE-2021-33655 — CVSS 6.7 (medium): When sending malicous data to kernel by ioctl cmd FBIOPUT_VSCREENINFO,kernel will write memory out of bounds.
CVE-2022-2991 — CVSS 6.7 (medium): A heap-based buffer overflow was found in the Linux kernel's LightNVM subsystem. The issue results from the lack of proper validation of…
CVE-2022-20154 — CVSS 6.4 (medium): In lock_sock_nested of sock.c, there is a possible use after free due to a race condition. This could lead to local escalation of privilege…
CVE-2022-1280 — CVSS 6.3 (medium): A use-after-free vulnerability was found in drm_lease_held in drivers/gpu/drm/drm_lease.c in the Linux kernel due to a race problem. This…
CVE-2020-36516 — CVSS 5.9 (medium): An issue was discovered in the Linux kernel through 5.16.11. The mixed IPID assignment method with the hash-based IPID assignment policy…
CVE-2018-7755 — CVSS 5.5 (medium): An issue was discovered in the fd_locked_ioctl function in drivers/block/floppy.c in the Linux kernel through 4.15.7. The floppy driver…
CVE-2019-20811 — CVSS 5.5 (medium): An issue was discovered in the Linux kernel before 5.0.6. In rx_queue_add_kobject() and netdev_queue_add_kobject() in net/core/net-sysfs.c…
CVE-2021-38208 — CVSS 5.5 (medium): net/nfc/llcp_sock.c in the Linux kernel before 5.12.10 allows local unprivileged users to cause a denial of service (NULL pointer…
CVE-2021-43389 — CVSS 5.5 (medium): An issue was discovered in the Linux kernel before 5.14.15. There is an array-index-out-of-bounds flaw in the detach_capi_ctr function in…
CVE-2022-1516 — CVSS 5.5 (medium): A NULL pointer dereference flaw was found in the Linux kernel’s X.25 set of standardized network protocols functionality in the way a…
CVE-2022-3545 — CVSS 5.5 (medium): A vulnerability has been found in Linux Kernel and classified as critical. Affected by this vulnerability is the function area_cache_get of…
CVE-2022-3586 — CVSS 5.5 (medium): A flaw was found in the Linux kernel’s networking code. A use-after-free was found in the way the sch_sfb enqueue function used the…
CVE-2022-41218 — CVSS 5.5 (medium): In drivers/media/dvb-core/dmxdev.c in the Linux kernel through 5.19.10, there is a use-after-free caused by refcount races, affecting…
CVE-2022-42703 — CVSS 5.5 (medium): mm/rmap.c in the Linux kernel before 5.19.7 has a use-after-free related to leaf anon_vma double reuse.
CVE-2022-2588 — CVSS 5.3 (medium): It was discovered that the cls_route filter implementation in the Linux kernel would not remove an old filter from the hashtable before…
CVE-2023-26545 — CVSS 4.7 (medium): In the Linux kernel before 6.1.13, there is a double free in net/mpls/af_mpls.c upon an allocation failure (for registering the sysctl…
CVE-2023-0590 — CVSS 4.7 (medium): A use-after-free flaw was found in qdisc_graft in net/sched/sch_api.c in the Linux Kernel due to a race problem. This flaw leads to a…
CVE-2022-39188 — CVSS 4.7 (medium): An issue was discovered in include/asm-generic/tlb.h in the Linux kernel before 5.19. Because of a race condition (unmap_mapping_range…
CVE-2021-20321 — CVSS 4.7 (medium): A race condition accessing file object in the Linux kernel OverlayFS subsystem was found in the way users do rename in specific way with…
CVE-2022-3565 — CVSS 4.6 (medium): A vulnerability, which was classified as critical, has been found in Linux Kernel. Affected by this issue is the function del_timer of the…
CVE-2022-28748: Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2022-2964. Reason: This candidate is a reservation duplicate of…