kernel-livepatch-SLE15-SP5-RT_Update_1 (SUSE:Linux Enterprise Live Patching 15 SP5) — known CVEs & security advisories
Known CVE vulnerabilities and GitHub Security Advisories affecting the SUSE:Linux Enterprise Live Patching 15 SP5 package kernel-livepatch-SLE15-SP5-RT_Update_1, with affected version ranges, CVSS severity, EPSS exploit prediction, and CISA KEV status.
CVEs (115)
CVE-2023-28410 — CVSS 8.8 (high): Improper restriction of operations within the bounds of a memory buffer in some Intel(R) i915 Graphics drivers for linux before kernel…
CVE-2023-5178 — CVSS 8.8 (high): A use-after-free vulnerability was found in drivers/nvme/target/tcp.c` in `nvmet_tcp_free_crypto` due to a logical bug in the NVMe/TCP…
CVE-2023-39191 — CVSS 8.2 (high): An improper input validation flaw was found in the eBPF subsystem in the Linux kernel. The issue occurs due to a lack of proper validation…
CVE-2024-26610 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: fix a memory corruption iwl_fw_ini_trigger_tlv::data is…
CVE-2023-6932 — CVSS 7.8 (high): A use-after-free vulnerability in the Linux kernel's ipv4: igmp component can be exploited to achieve local privilege escalation. A race…
CVE-2023-6931 — CVSS 7.8 (high): A heap out-of-bounds write vulnerability in the Linux kernel's Performance Events system component can be exploited to achieve local…
CVE-2023-5717 — CVSS 7.8 (high): A heap out-of-bounds write vulnerability in the Linux kernel's Linux Kernel Performance Events (perf) component can be exploited to achieve…
CVE-2023-4623 — CVSS 7.8 (high): A use-after-free vulnerability in the Linux kernel's net/sched: sch_hfsc (HFSC qdisc traffic control) component can be exploited to achieve…
CVE-2023-4147 — CVSS 7.8 (high): A use-after-free flaw was found in the Linux kernel’s Netfilter functionality when adding a rule with NFTA_RULE_CHAIN_ID. This flaw…
CVE-2022-4744 — CVSS 7.8 (high): A double-free flaw was found in the Linux kernel’s TUN/TAP device driver functionality in how a user registers the device when the…
CVE-2023-4004 — CVSS 7.8 (high): A use-after-free flaw was found in the Linux kernel's netfilter in the way a user triggers the nft_pipapo_remove function with the element…
CVE-2023-0179 — CVSS 7.8 (high): A buffer overflow vulnerability was found in the Netfilter subsystem in the Linux Kernel. This issue could allow the leakage of both stack…
CVE-2023-3776 — CVSS 7.8 (high): A use-after-free vulnerability in the Linux kernel's net/sched: cls_fw component can be exploited to achieve local privilege escalation. If…
CVE-2023-0461 — CVSS 7.8 (high): There is a use-after-free vulnerability in the Linux Kernel which can be exploited to achieve local privilege escalation. To reach the…
CVE-2023-3609 — CVSS 7.8 (high): A use-after-free vulnerability in the Linux kernel's net/sched: cls_u32 component can be exploited to achieve local privilege escalation…
CVE-2023-35788 — CVSS 7.8 (high): An issue was discovered in fl_set_geneve_opt in net/sched/cls_flower.c in the Linux kernel before 6.3.7. It allows an out-of-bounds write…
CVE-2023-35001 — CVSS 7.8 (high): Linux Kernel nftables Out-Of-Bounds Read/Write Vulnerability; nft_byteorder poorly handled vm register contents when CAP_NET_ADMIN is in…
CVE-2023-3390 — CVSS 7.8 (high): A use-after-free vulnerability was found in the Linux kernel's netfilter subsystem in net/netfilter/nf_tables_api.c. Mishandled error…
CVE-2023-32233 — CVSS 7.8 (high): In the Linux kernel through 6.3.1, a use-after-free in Netfilter nf_tables when processing batch requests can be abused to perform…
CVE-2023-31436 — CVSS 7.8 (high): qfq_change_class in net/sched/sch_qfq.c in the Linux kernel before 6.2.13 allows an out-of-bounds write because lmax can exceed…
CVE-2023-1078 — CVSS 7.8 (high): A flaw was found in the Linux Kernel in RDS (Reliable Datagram Sockets) protocol. The rds_rm_zerocopy_callback() uses list_entry() on the…
CVE-2023-31248 — CVSS 7.8 (high): Linux Kernel nftables Use-After-Free Local Privilege Escalation Vulnerability; `nft_chain_lookup_byid()` failed to check whether a chain…
CVE-2023-3090 — CVSS 7.8 (high): A heap out-of-bounds write vulnerability in the Linux Kernel ipvlan network driver can be exploited to achieve local privilege escalation…
CVE-2023-1118 — CVSS 7.8 (high): A flaw use after free in the Linux kernel integrated infrared receiver/transceiver driver was found in the way user detaching rc device. A…
CVE-2023-28464 — CVSS 7.8 (high): hci_conn_cleanup in net/bluetooth/hci_conn.c in the Linux kernel through 6.2.9 has a use-after-free (observed in hci_conn_hash_flush)…
CVE-2023-1829 — CVSS 7.8 (high): A use-after-free vulnerability in the Linux Kernel traffic control index filter (tcindex) can be exploited to achieve local privilege…
CVE-2024-26852 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: net/ipv6: avoid possible UAF in ip6_route_mpath_notify() syzbot found…
CVE-2024-26622 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: tomoyo: fix UAF write bug in tomoyo_write_control() Since…
CVE-2023-1670 — CVSS 7.8 (high): A flaw use after free in the Linux kernel Xircom 16-bit PCMCIA (PC-card) Ethernet driver was found.A local user could use this flaw to…
CVE-2023-2235 — CVSS 7.8 (high): A use-after-free vulnerability in the Linux Kernel Performance Events system can be exploited to achieve local privilege escalation. The…
CVE-2023-2176 — CVSS 7.8 (high): A vulnerability was found in compare_netdev_and_ip in drivers/infiniband/core/cma.c in RDMA in the Linux Kernel. The improper cleanup…
CVE-2023-2124 — CVSS 7.8 (high): An out-of-bounds memory access flaw was found in the Linux kernel’s XFS file system in how a user restores an XFS image after failure…
CVE-2023-21106 — CVSS 7.8 (high): In adreno_set_param of adreno_gpu.c, there is a possible memory corruption due to a double free. This could lead to local escalation of…
CVE-2023-21102 — CVSS 7.8 (high): In __efi_rt_asm_wrapper of efi-rt-wrapper.S, there is a possible bypass of shadow stack protection due to a logic error in the code. This…
CVE-2022-48651 — CVSS 7.7 (high): In the Linux kernel, the following vulnerability has been resolved: ipvlan: Fix out-of-bound bugs caused by unset skb->mac_header If an…
CVE-2023-0122 — CVSS 7.5 (high): A NULL pointer dereference vulnerability in the Linux kernel NVMe functionality, in nvmet_setup_auth(), allows an attacker to perform a…
CVE-2023-2156 — CVSS 7.5 (high): A flaw was found in the networking subsystem of the Linux kernel within the handling of the RPL protocol. This issue results from the lack…
CVE-2023-52628 — CVSS 7.1 (high): In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: exthdr: fix 4-byte stack OOB write If priv->len is…
CVE-2023-3141 — CVSS 7.1 (high): A use-after-free flaw was found in r592_remove in drivers/memstick/host/r592.c in media access in the Linux Kernel. This flaw allows a…
CVE-2023-1652 — CVSS 7.1 (high): A use-after-free flaw was found in nfsd4_ssc_setup_dul in fs/nfsd/nfs4proc.c in the NFS filesystem in the Linux Kernel. This issue could…
CVE-2023-1838 — CVSS 7.1 (high): A use-after-free flaw was found in vhost_net_set_backend in drivers/vhost/net.c in virtio network subcomponent in the Linux kernel due to a…
CVE-2023-28466 — CVSS 7.0 (high): do_tls_getsockopt in net/tls/tls_main.c in the Linux kernel through 6.2.6 lacks a lock_sock call, leading to a race condition (with a…
CVE-2023-6531 — CVSS 7.0 (high): A use-after-free flaw was found in the Linux Kernel due to a race problem in the unix garbage collector's deletion of SKB races with…
CVE-2023-6546 — CVSS 7.0 (high): A race condition was found in the GSM 0710 tty multiplexor in the Linux kernel. This issue occurs when two threads execute the…
CVE-2022-45919 — CVSS 7.0 (high): An issue was discovered in the Linux kernel through 6.0.10. In drivers/media/dvb-core/dvb_ca_en50221.c, a use-after-free can occur is there…
CVE-2023-46813 — CVSS 7.0 (high): An issue was discovered in the Linux kernel before 6.5.9, exploitable by local users with userspace access to MMIO registers. Incorrect…
CVE-2022-45886 — CVSS 7.0 (high): An issue was discovered in the Linux kernel through 6.0.9. drivers/media/dvb-core/dvb_net.c has a .disconnect versus dvb_device_open race…
CVE-2023-35823 — CVSS 7.0 (high): An issue was discovered in the Linux kernel before 6.3.2. A use-after-free was found in saa7134_finidev in drivers/media/pci/saa7134/saa7134…
CVE-2023-35828 — CVSS 7.0 (high): An issue was discovered in the Linux kernel before 6.3.2. A use-after-free was found in renesas_usb3_remove in drivers/usb/gadget/udc/renesa…
CVE-2023-35829 — CVSS 7.0 (high): An issue was discovered in the Linux kernel before 6.3.2. A use-after-free was found in rkvdec_remove in drivers/staging/media/rkvdec/rkvdec…
CVE-2023-51779 — CVSS 7.0 (high): bt_sock_recvmsg in net/bluetooth/af_bluetooth.c in the Linux kernel through 6.6.8 has a use-after-free because of a bt_sock_ioctl race…
CVE-2022-45884 — CVSS 7.0 (high): An issue was discovered in the Linux kernel through 6.0.9. drivers/media/dvb-core/dvbdev.c has a use-after-free, related to…
CVE-2023-1077 — CVSS 7.0 (high): In the Linux kernel, pick_next_rt_entity() may return a type confused entry, not detected by the BUG_ON condition, as the confused entry…
CVE-2023-1989 — CVSS 7.0 (high): A use-after-free flaw was found in btsdio_remove in drivers\bluetooth\btsdio.c in the Linux Kernel. In this flaw, a call to btsdio_remove…
CVE-2022-45885 — CVSS 7.0 (high): An issue was discovered in the Linux kernel through 6.0.9. drivers/media/dvb-core/dvb_frontend.c has a race condition that can cause a…
CVE-2023-1079 — CVSS 6.8 (medium): A flaw was found in the Linux kernel. A use-after-free may be triggered in asus_kbd_backlight_set when plugging/disconnecting in a…
CVE-2023-2002 — CVSS 6.8 (medium): A vulnerability was found in the HCI sockets implementation due to a missing capability check in net/bluetooth/hci_sock.c in the Linux…
CVE-2024-0775 — CVSS 6.7 (medium): A use-after-free flaw was found in the __ext4_remount in fs/ext4/super.c in ext4 in the Linux kernel. This flaw allows a local user to…
CVE-2023-33952 — CVSS 6.7 (medium): A double-free vulnerability was found in handling vmw_buffer_object objects in the vmwgfx driver in the Linux kernel. This issue occurs due…
CVE-2023-33951 — CVSS 6.7 (medium): A race condition vulnerability was found in the vmwgfx driver in the Linux kernel. The flaw exists within the handling of GEM objects. The…
CVE-2023-2513 — CVSS 6.7 (medium): A use-after-free vulnerability was found in the Linux kernel's ext4 filesystem in the way it handled the extra inode size for extended…
CVE-2023-30456 — CVSS 6.5 (medium): An issue was discovered in arch/x86/kvm/vmx/nested.c in the Linux kernel before 6.2.8. nVMX on x86_64 lacks consistency checks for CR0 and…
CVE-2023-30772 — CVSS 6.4 (medium): The Linux kernel before 6.2.9 has a race condition and resultant use-after-free in drivers/power/supply/da9150-charger.c if a physically…
CVE-2022-38096 — CVSS 6.3 (medium): A NULL pointer dereference vulnerability was found in vmwgfx driver in drivers/gpu/vmxgfx/vmxgfx_execbuf.c in GPU component of Linux kernel…
CVE-2023-1611 — CVSS 6.3 (medium): A use-after-free flaw was found in btrfs_search_slot in fs/btrfs/ctree.c in btrfs in the Linux Kernel.This flaw allows an attacker to crash…
CVE-2023-1855 — CVSS 6.3 (medium): A use-after-free flaw was found in xgene_hwmon_remove in drivers/hwmon/xgene-hwmon.c in the Hardware Monitoring Linux Kernel Driver…
CVE-2023-52502 — CVSS 6.3 (medium): In the Linux kernel, the following vulnerability has been resolved: net: nfc: fix races in nfc_llcp_sock_get() and nfc_llcp_sock_get_sn()…
CVE-2022-36280 — CVSS 6.3 (medium): An out-of-bounds(OOB) memory access vulnerability was found in vmwgfx driver in drivers/gpu/vmxgfx/vmxgfx_kms.c in GPU component in the…
CVE-2023-4273 — CVSS 6.0 (medium): A flaw was found in the exFAT driver of the Linux kernel. The vulnerability exists in the implementation of the file name reconstruction…
CVE-2022-2196 — CVSS 5.8 (medium): A regression exists in the Linux Kernel within KVM: nVMX that allowed for speculative execution attacks. L2 can carry out Spectre v2…
CVE-2023-1998 — CVSS 5.6 (medium): The Linux kernel allows userspace processes to enable mitigations by calling prctl with PR_SET_SPECULATION_CTRL which disables the…
CVE-2023-3006 — CVSS 5.5 (medium): A known cache speculation vulnerability, known as Branch History Injection (BHI) or Spectre-BHB, becomes actual again for the new hw…
CVE-2023-1637 — CVSS 5.5 (medium): A flaw that boot CPU could be vulnerable for the speculative execution behavior kind of attacks in the Linux kernel X86 CPU Power…
CVE-2023-1583 — CVSS 5.5 (medium): A NULL pointer dereference was found in io_file_bitmap_get in io_uring/filetable.c in the io_uring sub-component in the Linux Kernel. When…
CVE-2023-2162 — CVSS 5.5 (medium): A use-after-free vulnerability was found in iscsi_sw_tcp_session_create in drivers/scsi/iscsi_tcp.c in SCSI sub-component in the Linux…
CVE-2023-22998 — CVSS 5.5 (medium): In the Linux kernel before 6.0.3, drivers/gpu/drm/virtio/virtgpu_object.c misinterprets the drm_gem_shmem_get_sg_table return value…
CVE-2023-23000 — CVSS 5.5 (medium): In the Linux kernel before 5.17, drivers/phy/tegra/xusb.c mishandles the tegra_xusb_find_port_node return value. Callers expect NULL in the…
CVE-2023-23001 — CVSS 5.5 (medium): In the Linux kernel before 5.16.3, drivers/scsi/ufs/ufs-mediatek.c misinterprets the regulator_get return value (expects it to be NULL in…
CVE-2023-23004 — CVSS 5.5 (medium): In the Linux kernel before 5.19, drivers/gpu/drm/arm/malidp_planes.c misinterprets the get_sg_table return value (expects it to be NULL in…
CVE-2023-23006 — CVSS 5.5 (medium): In the Linux kernel before 5.15.13, drivers/net/ethernet/mellanox/mlx5/core/steering/dr_domain.c misinterprets the mlx5_get_uars_page…
CVE-2023-23454 — CVSS 5.5 (medium): cbq_classify in net/sched/sch_cbq.c in the Linux kernel through 6.1.4 allows attackers to cause a denial of service (slab-out-of-bounds…
CVE-2023-23455 — CVSS 5.5 (medium): atm_tc_enqueue in net/sched/sch_atm.c in the Linux kernel through 6.1.4 allows attackers to cause a denial of service because of type…
CVE-2023-28327 — CVSS 5.5 (medium): A NULL pointer dereference flaw was found in the UNIX protocol in net/unix/diag.c In unix_diag_get_exact in the Linux Kernel. The newly…
CVE-2023-1249 — CVSS 5.5 (medium): A use-after-free flaw was found in the Linux kernel’s core dump subsystem. This flaw allows a local user to crash the system. Only if…
CVE-2023-1095 — CVSS 5.5 (medium): In nf_tables_updtable, if nf_tables_table_enable returns an error, nft_trans_destroy is called to free the transaction object…
CVE-2023-31084 — CVSS 5.5 (medium): An issue was discovered in drivers/media/dvb-core/dvb_frontend.c in the Linux kernel 6.2. There is a blocking operation when a task is in…
CVE-2023-3161 — CVSS 5.5 (medium): A flaw was found in the Framebuffer Console (fbcon) in the Linux Kernel. When providing font->width and font->height greater than 32 to…
CVE-2023-3220 — CVSS 5.5 (medium): An issue was discovered in the Linux kernel through 6.1-rc8. dpu_crtc_atomic_check in drivers/gpu/drm/msm/disp/dpu1/dpu_crtc.c lacks check…
CVE-2023-1076 — CVSS 5.5 (medium): A flaw was found in the Linux Kernel. The tun/tap sockets have their socket UID hardcoded to 0 due to a type confusion in their…
CVE-2023-3357 — CVSS 5.5 (medium): A NULL pointer dereference flaw was found in the Linux kernel AMD Sensor Fusion Hub driver. This flaw allows a local user to crash the…
CVE-2023-3358 — CVSS 5.5 (medium): A null pointer dereference was found in the Linux kernel's Integrated Sensor Hub (ISH) driver. This issue could allow a local user to crash…
CVE-2023-0597 — CVSS 5.5 (medium): A flaw possibility of memory leak in the Linux kernel cpu_entry_area mapping of X86 CPU data to memory was found in the way user can guess…
CVE-2023-0469 — CVSS 5.5 (medium): A use-after-free flaw was found in io_uring/filetable.c in io_install_fixed_file in the io_uring subcomponent in the Linux Kernel during…
CVE-2023-0394 — CVSS 5.5 (medium): A NULL pointer dereference flaw was found in rawv6_push_pending_frames in net/ipv6/raw.c in the network subcomponent in the Linux kernel…
CVE-2022-4269 — CVSS 5.5 (medium): A flaw was found in the Linux kernel Traffic Control (TC) subsystem. Using a specific networking configuration (redirecting egress packets…
CVE-2024-26766 — CVSS 5.5 (medium): In the Linux kernel, the following vulnerability has been resolved: IB/hfi1: Fix sdma.h tx->num_descs off-by-one error Unfortunately the…
CVE-2023-28866 — CVSS 5.3 (medium): In the Linux kernel through 6.2.8, net/bluetooth/hci_sync.c allows out-of-bounds access because amp_init1[] and amp_init2[] are supposed to…
CVE-2022-3523 — CVSS 5.3 (medium): A vulnerability was found in Linux Kernel. It has been classified as problematic. Affected is an unknown function of the file mm/memory.c…
CVE-2023-0045 — CVSS 4.7 (medium): The current implementation of the prctl syscall does not issue an IBPB immediately during the syscall. The ib_prctl_set function updates…
CVE-2023-33288 — CVSS 4.7 (medium): An issue was discovered in the Linux kernel before 6.2.9. A use-after-free was found in bq24190_remove in drivers/power/supply/bq24190_charg…
CVE-2024-26585 — CVSS 4.7 (medium): In the Linux kernel, the following vulnerability has been resolved: tls: fix race between tx work scheduling and socket close Similarly to…
CVE-2023-1382 — CVSS 4.7 (medium): A data race flaw was found in the Linux kernel, between where con is allocated and con->sock is set. This issue leads to a NULL pointer…
CVE-2023-26545 — CVSS 4.7 (medium): In the Linux kernel before 6.1.13, there is a double free in net/mpls/af_mpls.c upon an allocation failure (for registering the sysctl…
CVE-2022-45887 — CVSS 4.7 (medium): An issue was discovered in the Linux kernel through 6.0.9. drivers/media/usb/ttusb-dec/ttusb_dec.c has a memory leak because of the lack of…
CVE-2023-1582 — CVSS 4.7 (medium): A race problem was found in fs/proc/task_mmu.c in the memory management sub-component in the Linux kernel. This issue may allow a local…
CVE-2023-6176 — CVSS 4.7 (medium): A null pointer dereference flaw was found in the Linux kernel API for the cryptographic algorithm scatterwalk functionality. This issue…
CVE-2023-0590 — CVSS 4.7 (medium): A use-after-free flaw was found in qdisc_graft in net/sched/sch_api.c in the Linux Kernel due to a race problem. This flaw leads to a…
CVE-2023-25012 — CVSS 4.6 (medium): The Linux kernel through 6.1.9 has a Use-After-Free in bigben_remove in drivers/hid/hid-bigbenff.c via a crafted USB device because the LED…
CVE-2023-2269 — CVSS 4.4 (medium): A denial of service problem was found, due to a possible recursive locking scenario, resulting in a deadlock in table_clear in…
CVE-2020-24588 — CVSS 3.5 (low): The 802.11 standard that underpins Wi-Fi Protected Access (WPA, WPA2, and WPA3) and Wired Equivalent Privacy (WEP) doesn't require that the…
CVE-2023-1513 — CVSS 3.3 (low): A flaw was found in KVM. When calling the KVM_GET_DEBUGREGS ioctl, on 32-bit systems, there might be some uninitialized portions of the…
CVE-2023-1075 — CVSS 3.3 (low): A flaw was found in the Linux Kernel. The tls_is_tx_ready() incorrectly checks for list emptiness, potentially accessing a type confused…
CVE-2023-2483: Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2023-33203. Reason: This candidate is a reservation duplicate of…