kgraft-patch-SLE12-SP5_Update_53 (SUSE:Linux Enterprise Live Patching 12 SP5) — known CVEs & security advisories
Known CVE vulnerabilities and GitHub Security Advisories affecting the SUSE:Linux Enterprise Live Patching 12 SP5 package kgraft-patch-SLE12-SP5_Update_53, with affected version ranges, CVSS severity, EPSS exploit prediction, and CISA KEV status.
CVEs (30)
CVE-2021-47378 — CVSS 9.8 (critical): In the Linux kernel, the following vulnerability has been resolved: nvme-rdma: destroy cm id before destroy qp to avoid use after free We…
CVE-2022-48686 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: nvme-tcp: fix UAF when detecting digest errors We should also bail from…
CVE-2022-48956 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: ipv6: avoid use-after-free in ip6_fragment() Blamed commit claimed…
CVE-2023-1829 — CVSS 7.8 (high): A use-after-free vulnerability in the Linux Kernel traffic control index filter (tcindex) can be exploited to achieve local privilege…
CVE-2023-51042 — CVSS 7.8 (high): In the Linux kernel before 6.4.12, amdgpu_cs_wait_all_fences in drivers/gpu/drm/amd/amdgpu/amdgpu_cs.c has a fence use-after-free.
CVE-2023-6040 — CVSS 7.8 (high): An out-of-bounds access vulnerability involving netfilter was reported and fixed as: f1082dd31fe4 (netfilter: nf_tables: Reject tables of…
CVE-2024-35789 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: check/clear fast rx for non-4addr sta VLAN changes When…
CVE-2024-35949 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: btrfs: make sure that WRITTEN is set on all metadata blocks We…
CVE-2024-50264 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: vsock/virtio: Initialization of the dangling pointer occurring in…
CVE-2022-48651 — CVSS 7.7 (high): In the Linux kernel, the following vulnerability has been resolved: ipvlan: Fix out-of-bound bugs caused by unset skb->mac_header If an…
CVE-2023-52340 — CVSS 7.5 (high): The IPv6 implementation in the Linux kernel before 6.3 has a net/ipv6/route.c max_size threshold that can be consumed easily, e.g., leading…
CVE-2023-46838 — CVSS 7.5 (high): Transmit requests in Xen's virtual network protocol can consist of multiple parts. While not really useful, except for the initial part any…
CVE-2023-6610 — CVSS 7.1 (high): An out-of-bounds read vulnerability was found in smb2_dump_detail in fs/smb/client/smb2ops.c in the Linux Kernel. This issue could allow a…
CVE-2023-51043 — CVSS 7.0 (high): In the Linux kernel before 6.4.5, drivers/gpu/drm/drm_atomic.c has a use-after-free during a race condition between a nonblocking atomic…
CVE-2023-51782 — CVSS 7.0 (high): An issue was discovered in the Linux kernel before 6.6.8. rose_ioctl in net/rose/af_rose.c has a use-after-free because of a rose_accept…
CVE-2023-6546 — CVSS 7.0 (high): A race condition was found in the GSM 0710 tty multiplexor in the Linux kernel. This issue occurs when two threads execute the…
CVE-2023-51780 — CVSS 7.0 (high): An issue was discovered in the Linux kernel before 6.6.8. do_vcc_ioctl in net/atm/ioctl.c has a use-after-free because of a vcc_recvmsg…
CVE-2024-0775 — CVSS 6.7 (medium): A use-after-free flaw was found in the __ext4_remount in fs/ext4/super.c in ext4 in the Linux kernel. This flaw allows a local user to…
CVE-2023-6356 — CVSS 6.5 (medium): A flaw was found in the Linux kernel's NVMe driver. This issue may allow an unauthenticated malicious actor to send a set of crafted TCP…
CVE-2023-6536 — CVSS 6.5 (medium): A flaw was found in the Linux kernel's NVMe driver. This issue may allow an unauthenticated malicious actor to send a set of crafted TCP…
CVE-2023-6535 — CVSS 6.5 (medium): A flaw was found in the Linux kernel's NVMe driver. This issue may allow an unauthenticated malicious actor to send a set of crafted TCP…
CVE-2023-52502 — CVSS 6.3 (medium): In the Linux kernel, the following vulnerability has been resolved: net: nfc: fix races in nfc_llcp_sock_get() and nfc_llcp_sock_get_sn()…
CVE-2021-47511 — CVSS 5.5 (medium): In the Linux kernel, the following vulnerability has been resolved: ALSA: pcm: oss: Fix negative period/buffer sizes The period size…
CVE-2021-33631 — CVSS 5.5 (medium): Integer Overflow or Wraparound vulnerability in openEuler kernel on Linux (filesystem modules) allows Forced Integer Overflow.This issue…
CVE-2024-43861 — CVSS 5.5 (medium): In the Linux kernel, the following vulnerability has been resolved: net: usb: qmi_wwan: fix memory leak for not ip packets Free the unused…
CVE-2024-26585 — CVSS 4.7 (medium): In the Linux kernel, the following vulnerability has been resolved: tls: fix race between tx work scheduling and socket close Similarly to…
CVE-2024-0340 — CVSS 4.4 (medium): A vulnerability was found in vhost_new_msg in drivers/vhost/vhost.c in the Linux kernel, which does not properly initialize memory in…
CVE-2023-47233 — CVSS 4.3 (medium): The brcm80211 component in the Linux kernel through 6.5.10 has a brcmf_cfg80211_detach use-after-free in the device unplugging (disconnect…