kgraft-patch-SLE12-SP5_Update_44 (SUSE:Linux Enterprise Live Patching 12 SP5) — known CVEs & security advisories
Known CVE vulnerabilities and GitHub Security Advisories affecting the SUSE:Linux Enterprise Live Patching 12 SP5 package kgraft-patch-SLE12-SP5_Update_44, with affected version ranges, CVSS severity, EPSS exploit prediction, and CISA KEV status.
CVEs (30)
CVE-2023-35001 — CVSS 7.8 (high): Linux Kernel nftables Out-Of-Bounds Read/Write Vulnerability; nft_byteorder poorly handled vm register contents when CAP_NET_ADMIN is in…
CVE-2023-3090 — CVSS 7.8 (high): A heap out-of-bounds write vulnerability in the Linux Kernel ipvlan network driver can be exploited to achieve local privilege escalation…
CVE-2023-6932 — CVSS 7.8 (high): A use-after-free vulnerability in the Linux kernel's ipv4: igmp component can be exploited to achieve local privilege escalation. A race…
CVE-2023-5717 — CVSS 7.8 (high): A heap out-of-bounds write vulnerability in the Linux kernel's Linux Kernel Performance Events (perf) component can be exploited to achieve…
CVE-2023-4921 — CVSS 7.8 (high): A use-after-free vulnerability in the Linux kernel's net/sched: sch_qfq component can be exploited to achieve local privilege escalation…
CVE-2023-4623 — CVSS 7.8 (high): A use-after-free vulnerability in the Linux kernel's net/sched: sch_hfsc (HFSC qdisc traffic control) component can be exploited to achieve…
CVE-2023-31436 — CVSS 7.8 (high): qfq_change_class in net/sched/sch_qfq.c in the Linux kernel before 6.2.13 allows an out-of-bounds write because lmax can exceed…
CVE-2024-26852 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: net/ipv6: avoid possible UAF in ip6_route_mpath_notify() syzbot found…
CVE-2023-2176 — CVSS 7.8 (high): A vulnerability was found in compare_netdev_and_ip in drivers/infiniband/core/cma.c in RDMA in the Linux Kernel. The improper cleanup…
CVE-2023-39198 — CVSS 7.5 (high): A race condition was found in the QXL driver in the Linux kernel. The qxl_mode_dumb_create() function dereferences the qobj returned by the…
CVE-2021-46955 — CVSS 7.1 (high): In the Linux kernel, the following vulnerability has been resolved: openvswitch: fix stack OOB read while fragmenting IPv4 packets running…
CVE-2023-1380 — CVSS 7.1 (high): A slab-out-of-bound read problem was found in brcmf_get_assoc_ies in drivers/net/wireless/broadcom/brcm80211/brcmfmac/cfg80211.c in the…
CVE-2023-3567 — CVSS 7.1 (high): A use-after-free flaw was found in vcs_read in drivers/tty/vt/vc_screen.c in vc_screen in the Linux Kernel. This issue may allow an…
CVE-2023-52628 — CVSS 7.1 (high): In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: exthdr: fix 4-byte stack OOB write If priv->len is…
CVE-2022-45886 — CVSS 7.0 (high): An issue was discovered in the Linux kernel through 6.0.9. drivers/media/dvb-core/dvb_net.c has a .disconnect versus dvb_device_open race…
CVE-2022-45919 — CVSS 7.0 (high): An issue was discovered in the Linux kernel through 6.0.10. In drivers/media/dvb-core/dvb_ca_en50221.c, a use-after-free can occur is there…
CVE-2023-28466 — CVSS 7.0 (high): do_tls_getsockopt in net/tls/tls_main.c in the Linux kernel through 6.2.6 lacks a lock_sock call, leading to a race condition (with a…
CVE-2023-51780 — CVSS 7.0 (high): An issue was discovered in the Linux kernel before 6.6.8. do_vcc_ioctl in net/atm/ioctl.c has a use-after-free because of a vcc_recvmsg…
CVE-2022-45885 — CVSS 7.0 (high): An issue was discovered in the Linux kernel through 6.0.9. drivers/media/dvb-core/dvb_frontend.c has a race condition that can cause a…
CVE-2022-45884 — CVSS 7.0 (high): An issue was discovered in the Linux kernel through 6.0.9. drivers/media/dvb-core/dvbdev.c has a use-after-free, related to…
CVE-2023-1077 — CVSS 7.0 (high): In the Linux kernel, pick_next_rt_entity() may return a type confused entry, not detected by the BUG_ON condition, as the confused entry…
CVE-2023-2513 — CVSS 6.7 (medium): A use-after-free vulnerability was found in the Linux kernel's ext4 filesystem in the way it handled the extra inode size for extended…
CVE-2023-32269 — CVSS 6.7 (medium): An issue was discovered in the Linux kernel before 6.1.11. In net/netrom/af_netrom.c, there is a use-after-free because accept is also…
CVE-2023-2194 — CVSS 6.7 (medium): An out-of-bounds write vulnerability was found in the Linux kernel's SLIMpro I2C device driver. The userspace "data->block[0]" variable was…
CVE-2024-0775 — CVSS 6.7 (medium): A use-after-free flaw was found in the __ext4_remount in fs/ext4/super.c in ext4 in the Linux kernel. This flaw allows a local user to…
CVE-2023-31084 — CVSS 5.5 (medium): An issue was discovered in drivers/media/dvb-core/dvb_frontend.c in the Linux kernel 6.2. There is a blocking operation when a task is in…
CVE-2022-45887 — CVSS 4.7 (medium): An issue was discovered in the Linux kernel through 6.0.9. drivers/media/usb/ttusb-dec/ttusb_dec.c has a memory leak because of the lack of…
CVE-2022-3566 — CVSS 4.6 (medium): A vulnerability, which was classified as problematic, was found in Linux Kernel. This affects the function tcp_getsockopt/tcp_setsockopt of…
CVE-2023-2269 — CVSS 4.4 (medium): A denial of service problem was found, due to a possible recursive locking scenario, resulting in a deadlock in table_clear in…