kernel-livepatch-SLE15-SP4-RT_Update_18 (SUSE:Linux Enterprise Live Patching 15 SP4) — known CVEs & security advisories
Known CVE vulnerabilities and GitHub Security Advisories affecting the SUSE:Linux Enterprise Live Patching 15 SP4 package kernel-livepatch-SLE15-SP4-RT_Update_18, with affected version ranges, CVSS severity, EPSS exploit prediction, and CISA KEV status.
CVEs (19)
CVE-2023-6040 — CVSS 7.8 (high): An out-of-bounds access vulnerability involving netfilter was reported and fixed as: f1082dd31fe4 (netfilter: nf_tables: Reject tables of…
CVE-2024-1085 — CVSS 7.8 (high): A use-after-free vulnerability in the Linux kernel's netfilter: nf_tables component can be exploited to achieve local privilege escalation…
CVE-2023-51042 — CVSS 7.8 (high): In the Linux kernel before 6.4.12, amdgpu_cs_wait_all_fences in drivers/gpu/drm/amd/amdgpu/amdgpu_cs.c has a fence use-after-free.
CVE-2023-46838 — CVSS 7.5 (high): Transmit requests in Xen's virtual network protocol can consist of multiple parts. While not really useful, except for the initial part any…
CVE-2023-51780 — CVSS 7.0 (high): An issue was discovered in the Linux kernel before 6.6.8. do_vcc_ioctl in net/atm/ioctl.c has a use-after-free because of a vcc_recvmsg…
CVE-2023-51782 — CVSS 7.0 (high): An issue was discovered in the Linux kernel before 6.6.8. rose_ioctl in net/rose/af_rose.c has a use-after-free because of a rose_accept…
CVE-2023-51043 — CVSS 7.0 (high): In the Linux kernel before 6.4.5, drivers/gpu/drm/drm_atomic.c has a use-after-free during a race condition between a nonblocking atomic…
CVE-2024-0565 — CVSS 6.8 (medium): An out-of-bounds memory read flaw was found in receive_encrypted_standard in fs/smb/client/smb2ops.c in the SMB Client sub-component in the…
CVE-2024-0775 — CVSS 6.7 (medium): A use-after-free flaw was found in the __ext4_remount in fs/ext4/super.c in ext4 in the Linux kernel. This flaw allows a local user to…
CVE-2023-6535 — CVSS 6.5 (medium): A flaw was found in the Linux kernel's NVMe driver. This issue may allow an unauthenticated malicious actor to send a set of crafted TCP…
CVE-2023-6536 — CVSS 6.5 (medium): A flaw was found in the Linux kernel's NVMe driver. This issue may allow an unauthenticated malicious actor to send a set of crafted TCP…
CVE-2023-6356 — CVSS 6.5 (medium): A flaw was found in the Linux kernel's NVMe driver. This issue may allow an unauthenticated malicious actor to send a set of crafted TCP…
CVE-2023-6915 — CVSS 6.2 (medium): A Null pointer dereference problem was found in ida_free in lib/idr.c in the Linux Kernel. This issue may allow an attacker using this…
CVE-2021-33631 — CVSS 5.5 (medium): Integer Overflow or Wraparound vulnerability in openEuler kernel on Linux (filesystem modules) allows Forced Integer Overflow.This issue…
CVE-2024-0641 — CVSS 5.5 (medium): A denial of service vulnerability was found in tipc_crypto_key_revoke in net/tipc/crypto.c in the Linux kernel’s TIPC subsystem. This…
CVE-2024-24860 — CVSS 4.6 (medium): A race condition was found in the Linux kernel's bluetooth device driver in {min,max}_key_size_set() function. This can result in a null…
CVE-2024-0340 — CVSS 4.4 (medium): A vulnerability was found in vhost_new_msg in drivers/vhost/vhost.c in the Linux kernel, which does not properly initialize memory in…
CVE-2023-47233 — CVSS 4.3 (medium): The brcm80211 component in the Linux kernel through 6.5.10 has a brcmf_cfg80211_detach use-after-free in the device unplugging (disconnect…