kernel-livepatch-SLE15-SP4_Update_5 (SUSE:Linux Enterprise Live Patching 15 SP4) — known CVEs & security advisories
Known CVE vulnerabilities and GitHub Security Advisories affecting the SUSE:Linux Enterprise Live Patching 15 SP4 package kernel-livepatch-SLE15-SP4_Update_5, with affected version ranges, CVSS severity, EPSS exploit prediction, and CISA KEV status.
CVEs (48)
CVE-2021-39698 — CVSS 7.8 (high): In aio_poll_complete_work of aio.c, there is a possible memory corruption due to a use after free. This could lead to local escalation of…
CVE-2022-1882 — CVSS 7.8 (high): A use-after-free flaw was found in the Linux kernel’s pipes functionality in how a user performs manipulations with the pipe…
CVE-2022-2964 — CVSS 7.8 (high): A flaw was found in the Linux kernel’s driver for the ASIX AX88179_178A-based USB 2.0/3.0 Gigabit Ethernet Devices. The vulnerability…
CVE-2022-2978 — CVSS 7.8 (high): A flaw use after free in the Linux kernel NILFS file system was found in the way user triggers function security_inode_alloc to fail with…
CVE-2022-3424 — CVSS 7.8 (high): A use-after-free flaw was found in the Linux kernel’s SGI GRU driver in the way the first gru_file_unlocked_ioctl function is called by…
CVE-2022-3577 — CVSS 7.8 (high): An out-of-bounds memory write flaw was found in the Linux kernel’s Kid-friendly Wired Controller driver. This flaw allows a local user to…
CVE-2022-4139 — CVSS 7.8 (high): An incorrect TLB flush issue was found in the Linux kernel’s GPU i915 kernel driver, potentially leading to random memory corruption or…
CVE-2022-4378 — CVSS 7.8 (high): A stack overflow flaw was found in the Linux kernel's SYSCTL subsystem in how a user changes certain kernel parameters and variables. This…
CVE-2023-0461 — CVSS 7.8 (high): There is a use-after-free vulnerability in the Linux Kernel which can be exploited to achieve local privilege escalation. To reach the…
CVE-2023-1281 — CVSS 7.8 (high): Use After Free vulnerability in Linux kernel traffic control index filter (tcindex) allows Privilege Escalation. The imperfect hash area…
CVE-2023-28464 — CVSS 7.8 (high): hci_conn_cleanup in net/bluetooth/hci_conn.c in the Linux kernel through 6.2.9 has a use-after-free (observed in hci_conn_hash_flush)…
CVE-2023-31436 — CVSS 7.8 (high): qfq_change_class in net/sched/sch_qfq.c in the Linux kernel before 6.2.13 allows an out-of-bounds write because lmax can exceed…
CVE-2022-43945 — CVSS 7.5 (high): The Linux kernel NFSD implementation prior to versions 5.19.17 and 6.0.2 are vulnerable to buffer overflow. NFSD tracks the number of pages…
CVE-2022-4379 — CVSS 7.5 (high): A use-after-free vulnerability was found in __nfs42_ssc_open() in fs/nfs/nfs4file.c in the Linux kernel. This flaw allows an attacker to…
CVE-2023-1989 — CVSS 7.0 (high): A use-after-free flaw was found in btsdio_remove in drivers\bluetooth\btsdio.c in the Linux Kernel. In this flaw, a call to btsdio_remove…
CVE-2023-28466 — CVSS 7.0 (high): do_tls_getsockopt in net/tls/tls_main.c in the Linux kernel through 6.2.6 lacks a lock_sock call, leading to a race condition (with a…
CVE-2022-43750 — CVSS 6.7 (medium): drivers/usb/mon/mon_bin.c in usbmon in the Linux kernel before 5.19.15 and 6.x before 6.0.1 allows a user-space client to corrupt the…
CVE-2022-3628 — CVSS 6.6 (medium): A buffer overflow flaw was found in the Linux kernel Broadcom Full MAC Wi-Fi driver. This issue occurs when a user connects to a malicious…
CVE-2022-3586 — CVSS 5.5 (medium): A flaw was found in the Linux kernel’s networking code. A use-after-free was found in the way the sch_sfb enqueue function used the…
CVE-2023-23455 — CVSS 5.5 (medium): atm_tc_enqueue in net/sched/sch_atm.c in the Linux kernel through 6.1.4 allows attackers to cause a denial of service because of type…
CVE-2022-3169 — CVSS 5.5 (medium): A flaw was found in the Linux kernel. A denial of service flaw may occur if there is a consecutive request of the NVME_IOCTL_RESET and the…
CVE-2022-2153 — CVSS 5.5 (medium): A flaw was found in the Linux kernel’s KVM when attempting to set a SynIC IRQ. This issue makes it possible for a misbehaving VMM to…
CVE-2022-40768 — CVSS 5.5 (medium): drivers/scsi/stex.c in the Linux kernel through 5.19.9 allows local users to obtain sensitive information from kernel memory because…
CVE-2023-2162 — CVSS 5.5 (medium): A use-after-free vulnerability was found in iscsi_sw_tcp_session_create in drivers/scsi/iscsi_tcp.c in SCSI sub-component in the Linux…
CVE-2022-3640 — CVSS 5.5 (medium): A vulnerability, which was classified as critical, was found in Linux Kernel. Affected is the function l2cap_conn_del of the file…
CVE-2022-42703 — CVSS 5.5 (medium): mm/rmap.c in the Linux kernel before 5.19.7 has a use-after-free related to leaf anon_vma double reuse.
CVE-2023-23454 — CVSS 5.5 (medium): cbq_classify in net/sched/sch_cbq.c in the Linux kernel through 6.1.4 allows attackers to cause a denial of service (slab-out-of-bounds…
CVE-2022-3545 — CVSS 5.5 (medium): A vulnerability has been found in Linux Kernel and classified as critical. Affected by this vulnerability is the function area_cache_get of…
CVE-2022-40476 — CVSS 5.5 (medium): A null pointer dereference issue was discovered in fs/io_uring.c in the Linux kernel before 5.15.62. A local user could use this flaw to…
CVE-2022-3526 — CVSS 5.3 (medium): A vulnerability classified as problematic was found in Linux Kernel. This vulnerability affects the function macvlan_handle_frame of the…
CVE-2022-3594 — CVSS 5.3 (medium): A vulnerability was found in Linux Kernel. It has been declared as problematic. Affected by this vulnerability is the function…
CVE-2022-3565 — CVSS 4.6 (medium): A vulnerability, which was classified as critical, has been found in Linux Kernel. Affected by this issue is the function del_timer of the…
CVE-2022-3625 — CVSS 4.6 (medium): A vulnerability was found in Linux Kernel. It has been classified as critical. This affects the function devlink_param_set/devlink_param_get…
CVE-2022-3621 — CVSS 4.3 (medium): A vulnerability was found in Linux Kernel. It has been classified as problematic. Affected is the function nilfs_bmap_lookup_at_level of…
CVE-2022-3435 — CVSS 4.3 (medium): A vulnerability classified as problematic has been found in Linux Kernel. This affects the function fib_nh_match of the file…
CVE-2022-3524 — CVSS 4.3 (medium): A vulnerability was found in Linux Kernel. It has been declared as problematic. Affected by this vulnerability is the function…
CVE-2022-3619 — CVSS 3.5 (low): A vulnerability has been found in Linux Kernel and classified as problematic. This vulnerability affects the function l2cap_recv_acldata of…
CVE-2022-3633 — CVSS 3.5 (low): A vulnerability classified as problematic has been found in Linux Kernel. Affected is the function j1939_session_destroy of the file…
CVE-2022-33981 — CVSS 3.3 (low): drivers/block/floppy.c in the Linux kernel before 5.17.6 is vulnerable to a denial of service, because of a concurrency use-after-free flaw…
CVE-2022-3649 — CVSS 3.1 (low): A vulnerability was found in Linux Kernel. It has been classified as problematic. Affected is the function nilfs_new_inode of the file…
CVE-2022-3646 — CVSS 3.1 (low): A vulnerability, which was classified as problematic, has been found in Linux Kernel. This issue affects the function…
CVE-2022-3629 — CVSS 2.6 (low): A vulnerability was found in Linux Kernel. It has been declared as problematic. This vulnerability affects the function vsock_connect of…
CVE-2022-3521 — CVSS 2.6 (low): A vulnerability has been found in Linux Kernel and classified as problematic. This vulnerability affects the function kcm_tx_work of the…
CVE-2022-28748: Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2022-2964. Reason: This candidate is a reservation duplicate of…
CVE-2022-3535: Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation…
CVE-2022-3542: Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation…