kernel-livepatch-SLE15-SP2_Update_37 (SUSE:Linux Enterprise Live Patching 15 SP2) — known CVEs & security advisories
Known CVE vulnerabilities and GitHub Security Advisories affecting the SUSE:Linux Enterprise Live Patching 15 SP2 package kernel-livepatch-SLE15-SP2_Update_37, with affected version ranges, CVSS severity, EPSS exploit prediction, and CISA KEV status.
CVEs (43)
CVE-2023-1829 — CVSS 7.8 (high): A use-after-free vulnerability in the Linux Kernel traffic control index filter (tcindex) can be exploited to achieve local privilege…
CVE-2023-35001 — CVSS 7.8 (high): Linux Kernel nftables Out-Of-Bounds Read/Write Vulnerability; nft_byteorder poorly handled vm register contents when CAP_NET_ADMIN is in…
CVE-2023-32233 — CVSS 7.8 (high): In the Linux kernel through 6.3.1, a use-after-free in Netfilter nf_tables when processing batch requests can be abused to perform…
CVE-2023-31436 — CVSS 7.8 (high): qfq_change_class in net/sched/sch_qfq.c in the Linux kernel before 6.2.13 allows an out-of-bounds write because lmax can exceed…
CVE-2023-3090 — CVSS 7.8 (high): A heap out-of-bounds write vulnerability in the Linux Kernel ipvlan network driver can be exploited to achieve local privilege escalation…
CVE-2023-3812 — CVSS 7.8 (high): An out-of-bounds memory access flaw was found in the Linux kernel’s TUN/TAP device driver functionality in how a user generates a…
CVE-2023-6931 — CVSS 7.8 (high): A heap out-of-bounds write vulnerability in the Linux kernel's Performance Events system component can be exploited to achieve local…
CVE-2023-5717 — CVSS 7.8 (high): A heap out-of-bounds write vulnerability in the Linux kernel's Linux Kernel Performance Events (perf) component can be exploited to achieve…
CVE-2023-3609 — CVSS 7.8 (high): A use-after-free vulnerability in the Linux kernel's net/sched: cls_u32 component can be exploited to achieve local privilege escalation…
CVE-2023-2124 — CVSS 7.8 (high): An out-of-bounds memory access flaw was found in the Linux kernel’s XFS file system in how a user restores an XFS image after failure…
CVE-2023-3776 — CVSS 7.8 (high): A use-after-free vulnerability in the Linux kernel's net/sched: cls_fw component can be exploited to achieve local privilege escalation. If…
CVE-2022-48651 — CVSS 7.7 (high): In the Linux kernel, the following vulnerability has been resolved: ipvlan: Fix out-of-bound bugs caused by unset skb->mac_header If an…
CVE-2021-47383 — CVSS 7.1 (high): In the Linux kernel, the following vulnerability has been resolved: tty: Fix out-of-bound vmalloc access in imageblit This issue happens…
CVE-2023-1380 — CVSS 7.1 (high): A slab-out-of-bound read problem was found in brcmf_get_assoc_ies in drivers/net/wireless/broadcom/brcm80211/brcmfmac/cfg80211.c in the…
CVE-2023-3567 — CVSS 7.1 (high): A use-after-free flaw was found in vcs_read in drivers/tty/vt/vc_screen.c in vc_screen in the Linux Kernel. This issue may allow an…
CVE-2022-45884 — CVSS 7.0 (high): An issue was discovered in the Linux kernel through 6.0.9. drivers/media/dvb-core/dvbdev.c has a use-after-free, related to…
CVE-2022-45885 — CVSS 7.0 (high): An issue was discovered in the Linux kernel through 6.0.9. drivers/media/dvb-core/dvb_frontend.c has a race condition that can cause a…
CVE-2022-45886 — CVSS 7.0 (high): An issue was discovered in the Linux kernel through 6.0.9. drivers/media/dvb-core/dvb_net.c has a .disconnect versus dvb_device_open race…
CVE-2022-45919 — CVSS 7.0 (high): An issue was discovered in the Linux kernel through 6.0.10. In drivers/media/dvb-core/dvb_ca_en50221.c, a use-after-free can occur is there…
CVE-2023-1077 — CVSS 7.0 (high): In the Linux kernel, pick_next_rt_entity() may return a type confused entry, not detected by the BUG_ON condition, as the confused entry…
CVE-2023-6546 — CVSS 7.0 (high): A race condition was found in the GSM 0710 tty multiplexor in the Linux kernel. This issue occurs when two threads execute the…
CVE-2023-1079 — CVSS 6.8 (medium): A flaw was found in the Linux kernel. A use-after-free may be triggered in asus_kbd_backlight_set when plugging/disconnecting in a…
CVE-2023-2513 — CVSS 6.7 (medium): A use-after-free vulnerability was found in the Linux kernel's ext4 filesystem in the way it handled the extra inode size for extended…
CVE-2024-26828 — CVSS 6.7 (medium): In the Linux kernel, the following vulnerability has been resolved: cifs: fix underflow in parse_server_interfaces() In this loop, we step…
CVE-2023-32269 — CVSS 6.7 (medium): An issue was discovered in the Linux kernel before 6.1.11. In net/netrom/af_netrom.c, there is a use-after-free because accept is also…
CVE-2020-36694 — CVSS 6.7 (medium): An issue was discovered in netfilter in the Linux kernel before 5.10. There can be a use-after-free in the packet processing context…
CVE-2023-2194 — CVSS 6.7 (medium): An out-of-bounds write vulnerability was found in the Linux kernel's SLIMpro I2C device driver. The userspace "data->block[0]" variable was…
CVE-2024-0775 — CVSS 6.7 (medium): A use-after-free flaw was found in the __ext4_remount in fs/ext4/super.c in ext4 in the Linux kernel. This flaw allows a local user to…
CVE-2023-52502 — CVSS 6.3 (medium): In the Linux kernel, the following vulnerability has been resolved: net: nfc: fix races in nfc_llcp_sock_get() and nfc_llcp_sock_get_sn()…
CVE-2023-4273 — CVSS 6.0 (medium): A flaw was found in the exFAT driver of the Linux kernel. The vulnerability exists in the implementation of the file name reconstruction…
CVE-2023-23586 — CVSS 5.5 (medium): Due to a vulnerability in the io_uring subsystem, it is possible to leak kernel memory information to the user process. timens_install…
CVE-2023-1637 — CVSS 5.5 (medium): A flaw that boot CPU could be vulnerable for the speculative execution behavior kind of attacks in the Linux kernel X86 CPU Power…
CVE-2021-29650 — CVSS 5.5 (medium): An issue was discovered in the Linux kernel before 5.11.11. The netfilter subsystem allows attackers to cause a denial of service (panic)…
CVE-2022-4269 — CVSS 5.5 (medium): A flaw was found in the Linux kernel Traffic Control (TC) subsystem. Using a specific networking configuration (redirecting egress packets…
CVE-2023-31084 — CVSS 5.5 (medium): An issue was discovered in drivers/media/dvb-core/dvb_frontend.c in the Linux kernel 6.2. There is a blocking operation when a task is in…
CVE-2022-45887 — CVSS 4.7 (medium): An issue was discovered in the Linux kernel through 6.0.9. drivers/media/usb/ttusb-dec/ttusb_dec.c has a memory leak because of the lack of…
CVE-2024-26923 — CVSS 4.7 (medium): In the Linux kernel, the following vulnerability has been resolved: af_unix: Fix garbage collector racing against connect() Garbage…
CVE-2023-33288 — CVSS 4.7 (medium): An issue was discovered in the Linux kernel before 6.2.9. A use-after-free was found in bq24190_remove in drivers/power/supply/bq24190_charg…
CVE-2024-26585 — CVSS 4.7 (medium): In the Linux kernel, the following vulnerability has been resolved: tls: fix race between tx work scheduling and socket close Similarly to…
CVE-2022-3566 — CVSS 4.6 (medium): A vulnerability, which was classified as problematic, was found in Linux Kernel. This affects the function tcp_getsockopt/tcp_setsockopt of…
CVE-2024-23307 — CVSS 4.4 (medium): Integer Overflow or Wraparound vulnerability in Linux Linux kernel kernel on Linux, x86, ARM (md, raid, raid5 modules) allows Forced…
CVE-2023-2483: Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2023-33203. Reason: This candidate is a reservation duplicate of…