kernel-livepatch-SLE15-SP1_Update_36 (SUSE:Linux Enterprise Live Patching 15 SP1) — known CVEs & security advisories
Known CVE vulnerabilities and GitHub Security Advisories affecting the SUSE:Linux Enterprise Live Patching 15 SP1 package kernel-livepatch-SLE15-SP1_Update_36, with affected version ranges, CVSS severity, EPSS exploit prediction, and CISA KEV status.
CVEs (48)
CVE-2022-42896 — CVSS 8.0 (high): There are use-after-free vulnerabilities in the Linux kernel's net/bluetooth/l2cap_core.c's l2cap_connect and l2cap_le_connect_req…
CVE-2022-4378 — CVSS 7.8 (high): A stack overflow flaw was found in the Linux kernel's SYSCTL subsystem in how a user changes certain kernel parameters and variables. This…
CVE-2022-4095 — CVSS 7.8 (high): A use-after-free flaw was found in Linux kernel before 5.19.2. This issue occurs in cmd_hdl_filter in drivers/staging/rtl8712/rtl8712_cmd.c…
CVE-2022-45934 — CVSS 7.8 (high): An issue was discovered in the Linux kernel through 6.0.10. l2cap_config_req in net/bluetooth/l2cap_core.c has an integer wraparound via…
CVE-2023-35001 — CVSS 7.8 (high): Linux Kernel nftables Out-Of-Bounds Read/Write Vulnerability; nft_byteorder poorly handled vm register contents when CAP_NET_ADMIN is in…
CVE-2022-2964 — CVSS 7.8 (high): A flaw was found in the Linux kernel’s driver for the ASIX AX88179_178A-based USB 2.0/3.0 Gigabit Ethernet Devices. The vulnerability…
CVE-2021-4037 — CVSS 7.8 (high): A vulnerability was found in the fs/inode.c:inode_init_owner() function logic of the LInux kernel that allows local users to create files…
CVE-2023-4623 — CVSS 7.8 (high): A use-after-free vulnerability in the Linux kernel's net/sched: sch_hfsc (HFSC qdisc traffic control) component can be exploited to achieve…
CVE-2023-31436 — CVSS 7.8 (high): qfq_change_class in net/sched/sch_qfq.c in the Linux kernel before 6.2.13 allows an out-of-bounds write because lmax can exceed…
CVE-2023-3090 — CVSS 7.8 (high): A heap out-of-bounds write vulnerability in the Linux Kernel ipvlan network driver can be exploited to achieve local privilege escalation…
CVE-2022-3424 — CVSS 7.8 (high): A use-after-free flaw was found in the Linux kernel’s SGI GRU driver in the way the first gru_file_unlocked_ioctl function is called by…
CVE-2023-2176 — CVSS 7.8 (high): A vulnerability was found in compare_netdev_and_ip in drivers/infiniband/core/cma.c in RDMA in the Linux Kernel. The improper cleanup…
CVE-2023-4622 — CVSS 7.8 (high): A use-after-free vulnerability in the Linux kernel's af_unix component can be exploited to achieve local privilege escalation. The…
CVE-2023-1390 — CVSS 7.5 (high): A remote denial of service vulnerability was found in the Linux kernel’s TIPC kernel module. The while loop in tipc_link_xmit() hits an…
CVE-2022-43945 — CVSS 7.5 (high): The Linux kernel NFSD implementation prior to versions 5.19.17 and 6.0.2 are vulnerable to buffer overflow. NFSD tracks the number of pages…
CVE-2023-3567 — CVSS 7.1 (high): A use-after-free flaw was found in vcs_read in drivers/tty/vt/vc_screen.c in vc_screen in the Linux Kernel. This issue may allow an…
CVE-2022-41858 — CVSS 7.1 (high): A flaw was found in the Linux kernel. A NULL pointer dereference may occur while a slip driver is in progress to detach in sl_tx_timeout in…
CVE-2023-1077 — CVSS 7.0 (high): In the Linux kernel, pick_next_rt_entity() may return a type confused entry, not detected by the BUG_ON condition, as the confused entry…
CVE-2023-28466 — CVSS 7.0 (high): do_tls_getsockopt in net/tls/tls_main.c in the Linux kernel through 6.2.6 lacks a lock_sock call, leading to a race condition (with a…
CVE-2022-43750 — CVSS 6.7 (medium): drivers/usb/mon/mon_bin.c in usbmon in the Linux kernel before 5.19.15 and 6.x before 6.0.1 allows a user-space client to corrupt the…
CVE-2022-3628 — CVSS 6.6 (medium): A buffer overflow flaw was found in the Linux kernel Broadcom Full MAC Wi-Fi driver. This issue occurs when a user connects to a malicious…
CVE-2022-3643 — CVSS 6.5 (medium): Guests can trigger NIC interface reset/abort/crash via netback It is possible for a guest to trigger a NIC interface reset/abort/crash in a…
CVE-2022-42703 — CVSS 5.5 (medium): mm/rmap.c in the Linux kernel before 5.19.7 has a use-after-free related to leaf anon_vma double reuse.
CVE-2022-2153 — CVSS 5.5 (medium): A flaw was found in the Linux kernel’s KVM when attempting to set a SynIC IRQ. This issue makes it possible for a misbehaving VMM to…
CVE-2022-3169 — CVSS 5.5 (medium): A flaw was found in the Linux kernel. A denial of service flaw may occur if there is a consecutive request of the NVME_IOCTL_RESET and the…
CVE-2022-3545 — CVSS 5.5 (medium): A vulnerability has been found in Linux Kernel and classified as critical. Affected by this vulnerability is the function area_cache_get of…
CVE-2022-3564 — CVSS 5.5 (medium): A vulnerability classified as critical was found in Linux Kernel. Affected by this vulnerability is the function l2cap_reassemble_sdu of…
CVE-2022-3586 — CVSS 5.5 (medium): A flaw was found in the Linux kernel’s networking code. A use-after-free was found in the way the sch_sfb enqueue function used the…
CVE-2022-3635 — CVSS 5.5 (medium): A vulnerability, which was classified as critical, has been found in Linux Kernel. Affected by this issue is the function tst_timer of the…
CVE-2022-40768 — CVSS 5.5 (medium): drivers/scsi/stex.c in the Linux kernel through 5.19.9 allows local users to obtain sensitive information from kernel memory because…
CVE-2022-42328 — CVSS 5.5 (medium): Guests can trigger deadlock in Linux netback driver T[his CNA information record relates to multiple CVEs; the text explains which…
CVE-2022-42329 — CVSS 5.5 (medium): Guests can trigger deadlock in Linux netback driver T[his CNA information record relates to multiple CVEs; the text explains which…
CVE-2023-23455 — CVSS 5.5 (medium): atm_tc_enqueue in net/sched/sch_atm.c in the Linux kernel through 6.1.4 allows attackers to cause a denial of service because of type…
CVE-2022-3594 — CVSS 5.3 (medium): A vulnerability was found in Linux Kernel. It has been declared as problematic. Affected by this vulnerability is the function…
CVE-2022-42895 — CVSS 5.1 (medium): There is an infoleak vulnerability in the Linux kernel's net/bluetooth/l2cap_core.c's l2cap_parse_conf_req function which can be used to…
CVE-2022-28693 — CVSS 4.7 (medium): Unprotected alternative channel of return branch target prediction in some Intel(R) Processors may allow an authorized user to potentially…
CVE-2022-40307 — CVSS 4.7 (medium): An issue was discovered in the Linux kernel through 5.19.8. drivers/firmware/efi/capsule-loader.c has a race condition with a resultant…
CVE-2022-41850 — CVSS 4.7 (medium): roccat_report_event in drivers/hid/hid-roccat.c in the Linux kernel through 5.19.12 has a race condition and resultant use-after-free in…
CVE-2022-3565 — CVSS 4.6 (medium): A vulnerability, which was classified as critical, has been found in Linux Kernel. Affected by this issue is the function del_timer of the…
CVE-2022-3903 — CVSS 4.6 (medium): An incorrect read request flaw was found in the Infrared Transceiver USB driver in the Linux kernel. This issue occurs when a user attaches…
CVE-2022-3567 — CVSS 4.6 (medium): A vulnerability has been found in Linux Kernel and classified as problematic. This vulnerability affects the function…
CVE-2022-3524 — CVSS 4.3 (medium): A vulnerability was found in Linux Kernel. It has been declared as problematic. Affected by this vulnerability is the function…
CVE-2022-3621 — CVSS 4.3 (medium): A vulnerability was found in Linux Kernel. It has been classified as problematic. Affected is the function nilfs_bmap_lookup_at_level of…
CVE-2022-3646 — CVSS 3.1 (low): A vulnerability, which was classified as problematic, has been found in Linux Kernel. This issue affects the function…
CVE-2022-3649 — CVSS 3.1 (low): A vulnerability was found in Linux Kernel. It has been classified as problematic. Affected is the function nilfs_new_inode of the file…
CVE-2022-3521 — CVSS 2.6 (low): A vulnerability has been found in Linux Kernel and classified as problematic. This vulnerability affects the function kcm_tx_work of the…
CVE-2022-3629 — CVSS 2.6 (low): A vulnerability was found in Linux Kernel. It has been declared as problematic. This vulnerability affects the function vsock_connect of…
CVE-2022-3542: Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation…