kernel-livepatch-SLE15-SP2_Update_33 (SUSE:Linux Enterprise Live Patching 15 SP2) — known CVEs & security advisories
Known CVE vulnerabilities and GitHub Security Advisories affecting the SUSE:Linux Enterprise Live Patching 15 SP2 package kernel-livepatch-SLE15-SP2_Update_33, with affected version ranges, CVSS severity, EPSS exploit prediction, and CISA KEV status.
CVE-2023-6932 — CVSS 7.8 (high): A use-after-free vulnerability in the Linux kernel's ipv4: igmp component can be exploited to achieve local privilege escalation. A race…
CVE-2022-4744 — CVSS 7.8 (high): A double-free flaw was found in the Linux kernel’s TUN/TAP device driver functionality in how a user registers the device when the…
CVE-2023-1078 — CVSS 7.8 (high): A flaw was found in the Linux Kernel in RDS (Reliable Datagram Sockets) protocol. The rds_rm_zerocopy_callback() uses list_entry() on the…
CVE-2023-1829 — CVSS 7.8 (high): A use-after-free vulnerability in the Linux Kernel traffic control index filter (tcindex) can be exploited to achieve local privilege…
CVE-2023-31436 — CVSS 7.8 (high): qfq_change_class in net/sched/sch_qfq.c in the Linux kernel before 6.2.13 allows an out-of-bounds write because lmax can exceed…
CVE-2023-3609 — CVSS 7.8 (high): A use-after-free vulnerability in the Linux kernel's net/sched: cls_u32 component can be exploited to achieve local privilege escalation…
CVE-2023-3776 — CVSS 7.8 (high): A use-after-free vulnerability in the Linux kernel's net/sched: cls_fw component can be exploited to achieve local privilege escalation. If…
CVE-2023-3812 — CVSS 7.8 (high): An out-of-bounds memory access flaw was found in the Linux kernel’s TUN/TAP device driver functionality in how a user generates a…
CVE-2023-1390 — CVSS 7.5 (high): A remote denial of service vulnerability was found in the Linux kernel’s TIPC kernel module. The while loop in tipc_link_xmit() hits an…
CVE-2022-47520 — CVSS 7.1 (high): An issue was discovered in the Linux kernel before 6.0.11. Missing offset validation in drivers/net/wireless/microchip/wilc1000/hif.c in…
CVE-2023-28466 — CVSS 7.0 (high): do_tls_getsockopt in net/tls/tls_main.c in the Linux kernel through 6.2.6 lacks a lock_sock call, leading to a race condition (with a…
CVE-2022-3643 — CVSS 6.5 (medium): Guests can trigger NIC interface reset/abort/crash via netback It is possible for a guest to trigger a NIC interface reset/abort/crash in a…
CVE-2023-4273 — CVSS 6.0 (medium): A flaw was found in the exFAT driver of the Linux kernel. The vulnerability exists in the implementation of the file name reconstruction…
CVE-2023-23454 — CVSS 5.5 (medium): cbq_classify in net/sched/sch_cbq.c in the Linux kernel through 6.1.4 allows attackers to cause a denial of service (slab-out-of-bounds…
CVE-2023-23455 — CVSS 5.5 (medium): atm_tc_enqueue in net/sched/sch_atm.c in the Linux kernel through 6.1.4 allows attackers to cause a denial of service because of type…
CVE-2022-42328 — CVSS 5.5 (medium): Guests can trigger deadlock in Linux netback driver T[his CNA information record relates to multiple CVEs; the text explains which…
CVE-2022-4662 — CVSS 5.5 (medium): A flaw incorrect access control in the Linux kernel USB core subsystem was found in the way user attaches usb device. A local user could…
CVE-2022-3105 — CVSS 5.5 (medium): An issue was discovered in the Linux kernel through 5.16-rc6. uapi_finalize in drivers/infiniband/core/uverbs_uapi.c lacks check of…
CVE-2022-47929 — CVSS 5.5 (medium): In the Linux kernel before 6.1.6, a NULL pointer dereference bug in the traffic control subsystem allows an unprivileged user to trigger a…
CVE-2022-3107 — CVSS 5.5 (medium): An issue was discovered in the Linux kernel through 5.16-rc6. netvsc_get_ethtool_stats in drivers/net/hyperv/netvsc_drv.c lacks check of…
CVE-2022-3115 — CVSS 5.5 (medium): An issue was discovered in the Linux kernel through 5.16-rc6. malidp_crtc_reset in drivers/gpu/drm/arm/malidp_crtc.c lacks check of the…
CVE-2022-3564 — CVSS 5.5 (medium): A vulnerability classified as critical was found in Linux Kernel. Affected by this vulnerability is the function l2cap_reassemble_sdu of…
CVE-2022-42329 — CVSS 5.5 (medium): Guests can trigger deadlock in Linux netback driver T[his CNA information record relates to multiple CVEs; the text explains which…
CVE-2022-3108 — CVSS 5.5 (medium): An issue was discovered in the Linux kernel through 5.16-rc6. kfd_parse_subtype_iolink in drivers/gpu/drm/amd/amdkfd/kfd_crat.c lacks check…
CVE-2022-3112 — CVSS 5.5 (medium): An issue was discovered in the Linux kernel through 5.16-rc6. amvdec_set_canvases in drivers/staging/media/meson/vdec/vdec_helpers.c lacks…
CVE-2023-26545 — CVSS 4.7 (medium): In the Linux kernel before 6.1.13, there is a double free in net/mpls/af_mpls.c upon an allocation failure (for registering the sysctl…
CVE-2023-6176 — CVSS 4.7 (medium): A null pointer dereference flaw was found in the Linux kernel API for the cryptographic algorithm scatterwalk functionality. This issue…
CVE-2022-3435 — CVSS 4.3 (medium): A vulnerability classified as problematic has been found in Linux Kernel. This affects the function fib_nh_match of the file…