kernel-livepatch-SLE15-SP3_Update_46 (SUSE:Linux Enterprise Live Patching 15 SP3) — known CVEs & security advisories
Known CVE vulnerabilities and GitHub Security Advisories affecting the SUSE:Linux Enterprise Live Patching 15 SP3 package kernel-livepatch-SLE15-SP3_Update_46, with affected version ranges, CVSS severity, EPSS exploit prediction, and CISA KEV status.
CVEs (107)
CVE-2024-38541 — CVSS 9.8 (critical): In the Linux kernel, the following vulnerability has been resolved: of: module: add buffer overflow check in of_modalias() In…
CVE-2022-0435 — CVSS 8.8 (high): A stack overflow flaw was found in the Linux kernel's TIPC protocol functionality in the way a user sends a packet with malicious content…
CVE-2022-48754 — CVSS 8.4 (high): In the Linux kernel, the following vulnerability has been resolved: phylib: fix potential use-after-free Commit bafbdd527d56 ("phylib: Add…
CVE-2021-47368 — CVSS 8.1 (high): In the Linux kernel, the following vulnerability has been resolved: enetc: Fix illegal access when reading affinity_hint…
CVE-2021-47328 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: scsi: iscsi: Fix conn use after free during resets If we haven't done a…
CVE-2021-47372 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: net: macb: fix use after free on rmmod plat_dev->dev->platform_data is…
CVE-2021-47379 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: blk-cgroup: fix UAF by grabbing blkcg lock before destroying blkg pd…
CVE-2021-47571 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: staging: rtl8192e: Fix use after free in _rtl92e_pci_disconnect() The…
CVE-2021-47576 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: scsi: scsi_debug: Sanity check block descriptor length in…
CVE-2021-47589 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: igbvf: fix double free in `igbvf_probe` In `igbvf_probe`, if…
CVE-2021-4439 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: isdn: cpai: check ctr->cnr to avoid array index out of bound The…
CVE-2021-47247 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Fix use-after-free of encap entry in neigh update handler…
CVE-2021-47311 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: net: qcom/emac: fix UAF in emac_remove adpt is netdev private data and…
CVE-2021-47596 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: net: hns3: fix use-after-free bug in hclgevf_send_mbx_msg Currently…
CVE-2021-47598 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: sch_cake: do not call cake_destroy() from cake_init() qdiscs are not…
CVE-2021-47600 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: dm btree remove: fix use after free in rebalance_children() Move…
CVE-2021-47609 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: firmware: arm_scpi: Fix string overflow in SCPI genpd driver Without…
CVE-2022-22942 — CVSS 7.8 (high): The vmwgfx driver contains a local privilege escalation vulnerability that allows unprivileged users to gain access to files opened by…
CVE-2022-2938 — CVSS 7.8 (high): A flaw was found in the Linux kernel's implementation of Pressure Stall Information. While the feature is disabled by default, it could…
CVE-2022-48717 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: ASoC: max9759: fix underflow in speaker_gain_control_put() Check for…
CVE-2022-48726 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: RDMA/ucma: Protect mc during concurrent multicast leaves Partially…
CVE-2022-48732 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: drm/nouveau: fix off by one in BIOS boundary checking Bounds checking…
CVE-2022-48771 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: drm/vmwgfx: Fix stale file descriptors on failed usercopy A failing…
CVE-2022-48791 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: scsi: pm8001: Fix use-after-free for aborted TMF sas_task Currently a…
CVE-2022-48956 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: ipv6: avoid use-after-free in ip6_fragment() Blamed commit claimed…
CVE-2022-49014 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: net: tun: Fix use-after-free in tun_detach() syzbot reported…
CVE-2022-49025 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Fix use-after-free when reverting termination table When…
CVE-2022-49465 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: blk-throttle: Set BIO_THROTTLED when bio has been throttled 1.In…
CVE-2023-52707 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: sched/psi: Fix use-after-free in ep_remove_wait_queue() If a non-root…
CVE-2023-52752 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: smb: client: fix use-after-free bug in cifs_debug_data_proc_show() Skip…
CVE-2023-52885 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: SUNRPC: Fix UAF in svc_tcp_listen_data_ready() After the listener…
CVE-2024-35789 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: check/clear fast rx for non-4addr sta VLAN changes When…
CVE-2024-35861 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: smb: client: fix potential UAF in cifs_signal_cifsd_for_reconnect()…
CVE-2024-35862 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: smb: client: fix potential UAF in smb2_is_network_name_deleted() Skip…
CVE-2024-35864 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: smb: client: fix potential UAF in smb2_is_valid_lease_break() Skip…
CVE-2024-36904 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: tcp: Use refcount_inc_not_zero() in tcp_twsk_unique(). Anderson…
CVE-2024-36940 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: pinctrl: core: delete incorrect free in pinctrl_enable() The "pctldev"…
CVE-2024-36974 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: net/sched: taprio: always validate TCA_TAPRIO_ATTR_PRIOMAP If one…
CVE-2024-38545 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: RDMA/hns: Fix UAF for cq async event The refcount of CQ is not…
CVE-2024-40956 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: dmaengine: idxd: Fix possible Use-After-Free in irq_process_work_list…
CVE-2024-41069 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: ASoC: topology: Fix references to freed memory Most users after parsing…
CVE-2024-50264 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: vsock/virtio: Initialization of the dangling pointer occurring in…
CVE-2024-53173 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: NFSv4.0: Fix a use-after-free problem in the asynchronous open() Yang…
CVE-2024-53214 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: vfio/pci: Properly hide first-in-list PCIe extended capability There…
CVE-2024-56558 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: nfsd: make sure exp active before svc_export_show The function `e_show`…
CVE-2024-56600 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: net: inet6: do not leave a dangling sk pointer in inet6_create()…
CVE-2025-21702 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: pfifo_tail_enqueue: Drop new packet when sch->limit == 0 Expected…
CVE-2025-21772 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: partitions: mac: fix handling of bogus partition table Fix several…
CVE-2025-37752 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: net_sched: sch_sfq: move the limit validation It is not sufficient to…
CVE-2025-37797 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: net_sched: hfsc: Fix a UAF vulnerability in class handling This patch…
CVE-2022-48747 — CVSS 7.5 (high): In the Linux kernel, the following vulnerability has been resolved: block: Fix wrong offset in bio_truncate() bio_truncate() clears the…
CVE-2022-48748 — CVSS 7.5 (high): In the Linux kernel, the following vulnerability has been resolved: net: bridge: vlan: fix memory leak in __allowed_ingress When using…
CVE-2024-41090 — CVSS 7.1 (high): In the Linux kernel, the following vulnerability has been resolved: tap: add missing verification for short frame The cited commit missed…
CVE-2022-48760 — CVSS 7.1 (high): In the Linux kernel, the following vulnerability has been resolved: USB: core: Fix hang in usb_kill_urb by adding memory barriers The…
CVE-2021-47291 — CVSS 7.1 (high): In the Linux kernel, the following vulnerability has been resolved: ipv6: fix another slab-out-of-bounds in fib6_nh_flush_exceptions While…
CVE-2022-48738 — CVSS 7.1 (high): In the Linux kernel, the following vulnerability has been resolved: ASoC: ops: Reject out of bounds values in snd_soc_put_volsw() We don't…
CVE-2024-41059 — CVSS 7.1 (high): In the Linux kernel, the following vulnerability has been resolved: hfsplus: fix uninit-value in copy_name [syzbot reported] BUG: KMSAN…
CVE-2024-56650 — CVSS 7.1 (high): In the Linux kernel, the following vulnerability has been resolved: netfilter: x_tables: fix LED ID check in led_tg_check() Syzbot has…
CVE-2024-38560 — CVSS 7.1 (high): In the Linux kernel, the following vulnerability has been resolved: scsi: bfa: Ensure the copied buf is NUL terminated Currently, we…
CVE-2024-56664 — CVSS 7.0 (high): In the Linux kernel, the following vulnerability has been resolved: bpf, sockmap: Fix race between element replace and close() Element…
CVE-2022-48759 — CVSS 7.0 (high): In the Linux kernel, the following vulnerability has been resolved: rpmsg: char: Fix race between the release of rpmsg_ctrldev and cdev…
CVE-2023-24023 — CVSS 6.8 (medium): Bluetooth BR/EDR devices with Secure Simple Pairing and Secure Connections pairing in Bluetooth Core Specification 4.2 through 5.4 allow…
CVE-2024-57893 — CVSS 6.3 (medium): In the Linux kernel, the following vulnerability has been resolved: ALSA: seq: oss: Fix races at processing SysEx messages OSS sequencer…
CVE-2024-36894 — CVSS 5.6 (medium): In the Linux kernel, the following vulnerability has been resolved: usb: gadget: f_fs: Fix race between aio_cancel() and AIO request…
CVE-2021-47612 — CVSS 5.5 (medium): In the Linux kernel, the following vulnerability has been resolved: nfc: fix segfault in nfc_genl_dump_devices_done When kmalloc in…
CVE-2021-47617 — CVSS 5.5 (medium): In the Linux kernel, the following vulnerability has been resolved: PCI: pciehp: Fix infinite loop in IRQ handler upon power fault The…
CVE-2021-47618 — CVSS 5.5 (medium): In the Linux kernel, the following vulnerability has been resolved: ARM: 9170/1: fix panic when kasan and kprobe are enabled arm32 uses…
CVE-2021-47619 — CVSS 5.5 (medium): In the Linux kernel, the following vulnerability has been resolved: i40e: Fix queues reservation for XDP When XDP was configured on a…
CVE-2021-47620 — CVSS 5.5 (medium): In the Linux kernel, the following vulnerability has been resolved: Bluetooth: refactor malicious adv data check Check for out-of-bound…
CVE-2021-47583 — CVSS 5.5 (medium): In the Linux kernel, the following vulnerability has been resolved: media: mxl111sf: change mutex_init() location Syzbot reported, that…
CVE-2024-35950 — CVSS 5.5 (medium): In the Linux kernel, the following vulnerability has been resolved: drm/client: Fully protect modes[] with dev->mode_config.mutex The…
CVE-2022-48711 — CVSS 5.5 (medium): In the Linux kernel, the following vulnerability has been resolved: tipc: improve size validations for received domain records The function…
CVE-2022-48715 — CVSS 5.5 (medium): In the Linux kernel, the following vulnerability has been resolved: scsi: bnx2fc: Make bnx2fc_recv_frame() mp safe Running tests with a…
CVE-2022-48722 — CVSS 5.5 (medium): In the Linux kernel, the following vulnerability has been resolved: net: ieee802154: ca8210: Stop leaking skb's Upon error the…
CVE-2022-48724 — CVSS 5.5 (medium): In the Linux kernel, the following vulnerability has been resolved: iommu/vt-d: Fix potential memory leak in intel_setup_irq_remapping()…
CVE-2024-43861 — CVSS 5.5 (medium): In the Linux kernel, the following vulnerability has been resolved: net: usb: qmi_wwan: fix memory leak for not ip packets Free the unused…
CVE-2022-48728 — CVSS 5.5 (medium): In the Linux kernel, the following vulnerability has been resolved: IB/hfi1: Fix AIP early init panic An early failure in…
CVE-2022-48730 — CVSS 5.5 (medium): In the Linux kernel, the following vulnerability has been resolved: dma-buf: heaps: Fix potential spectre v1 gadget It appears like nr…
CVE-2024-50205 — CVSS 5.5 (medium): In the Linux kernel, the following vulnerability has been resolved: ALSA: firewire-lib: Avoid division by zero in apply_constraint_to_size()…
CVE-2022-48767 — CVSS 5.5 (medium): In the Linux kernel, the following vulnerability has been resolved: ceph: properly put ceph_string reference after async create attempt The…
CVE-2024-36964 — CVSS 5.5 (medium): In the Linux kernel, the following vulnerability has been resolved: fs/9p: only translate RWX permissions for plain 9P2000 Garbage in plain…
CVE-2024-50208 — CVSS 5.5 (medium): In the Linux kernel, the following vulnerability has been resolved: RDMA/bnxt_re: Fix a bug while setting up Level-2 PBL pages Avoid memory…
CVE-2021-43389 — CVSS 5.5 (medium): An issue was discovered in the Linux kernel before 5.14.15. There is an array-index-out-of-bounds flaw in the detach_capi_ctr function in…
CVE-2022-49563 — CVSS 5.5 (medium): In the Linux kernel, the following vulnerability has been resolved: crypto: qat - add param check for RSA Reject requests with a source…
CVE-2022-49564 — CVSS 5.5 (medium): In the Linux kernel, the following vulnerability has been resolved: crypto: qat - add param check for DH Reject requests with a source…
CVE-2024-53146 — CVSS 5.5 (medium): In the Linux kernel, the following vulnerability has been resolved: NFSD: Prevent a potential integer overflow If the tag length is >=…
CVE-2023-52881 — CVSS 5.5 (medium): In the Linux kernel, the following vulnerability has been resolved: tcp: do not accept ACK of bytes we never sent This patch is based on a…
CVE-2024-26822 — CVSS 5.5 (medium): In the Linux kernel, the following vulnerability has been resolved: smb: client: set correct id, uid and cruid for multiuser automounts…
CVE-2021-47595 — CVSS 5.5 (medium): In the Linux kernel, the following vulnerability has been resolved: net/sched: sch_ets: don't remove idle classes from the round-robin list…
CVE-2024-41062 — CVSS 5.5 (medium): In the Linux kernel, the following vulnerability has been resolved: bluetooth/l2cap: sync sock recv cb and release The problem occurs…
CVE-2021-47602 — CVSS 5.5 (medium): In the Linux kernel, the following vulnerability has been resolved: mac80211: track only QoS data frames for admission control For…
CVE-2024-42232 — CVSS 5.5 (medium): In the Linux kernel, the following vulnerability has been resolved: libceph: fix race between delayed_work() and ceph_monc_stop() The way…
CVE-2021-47611 — CVSS 5.5 (medium): In the Linux kernel, the following vulnerability has been resolved: mac80211: validate extended element ID is present Before attempting to…
CVE-2022-48746 — CVSS 5.5 (medium): In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Fix handling of wrong devices during bond netevent Current…
CVE-2022-48749 — CVSS 5.5 (medium): In the Linux kernel, the following vulnerability has been resolved: drm/msm/dpu: invalid parameter check in dpu_setup_dspp_pcc The function…
CVE-2022-48752 — CVSS 5.5 (medium): In the Linux kernel, the following vulnerability has been resolved: powerpc/perf: Fix power_pmu_disable to call clear_pmi_irq_pending only…
CVE-2022-48756 — CVSS 5.5 (medium): In the Linux kernel, the following vulnerability has been resolved: drm/msm/dsi: invalid parameter check in msm_dsi_phy_enable The function…
CVE-2022-48758 — CVSS 5.5 (medium): In the Linux kernel, the following vulnerability has been resolved: scsi: bnx2fc: Flush destroy_work queue before calling…
CVE-2022-48768 — CVSS 5.5 (medium): In the Linux kernel, the following vulnerability has been resolved: tracing/histogram: Fix a potential memory leak for kstrdup() kfree() is…
CVE-2024-35878 — CVSS 5.3 (medium): In the Linux kernel, the following vulnerability has been resolved: of: module: prevent NULL pointer dereference in vsnprintf() In…
CVE-2024-26923 — CVSS 4.7 (medium): In the Linux kernel, the following vulnerability has been resolved: af_unix: Fix garbage collector racing against connect() Garbage…
CVE-2024-38559 — CVSS 4.4 (medium): In the Linux kernel, the following vulnerability has been resolved: scsi: qedf: Ensure the copied buf is NUL terminated Currently, we…
CVE-2022-48737: Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.
CVE-2021-3896: Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2021-43389. Reason: This candidate is a reservation duplicate of…
CVE-2022-48736: Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.