kernel-livepatch-SLE15-SP5_Update_7 (SUSE:Linux Enterprise Live Patching 15 SP5) — known CVEs & security advisories
Known CVE vulnerabilities and GitHub Security Advisories affecting the SUSE:Linux Enterprise Live Patching 15 SP5 package kernel-livepatch-SLE15-SP5_Update_7, with affected version ranges, CVSS severity, EPSS exploit prediction, and CISA KEV status.
CVEs (34)
CVE-2023-2163 — CVSS 10.0 (critical): Incorrect verifier pruning in BPF in Linux Kernel >=5.4 leads to unsafe code paths being incorrectly marked as safe, resulting in arbitrary…
CVE-2023-5178 — CVSS 8.8 (high): A use-after-free vulnerability was found in drivers/nvme/target/tcp.c` in `nvmet_tcp_free_crypto` due to a logical bug in the NVMe/TCP…
CVE-2023-39191 — CVSS 8.2 (high): An improper input validation flaw was found in the eBPF subsystem in the Linux kernel. The issue occurs due to a lack of proper validation…
CVE-2021-47517 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: ethtool: do not perform operations on net devices being unregistered…
CVE-2023-3777 — CVSS 7.8 (high): A use-after-free vulnerability in the Linux kernel's netfilter: nf_tables component can be exploited to achieve local privilege escalation…
CVE-2024-35867 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: smb: client: fix potential UAF in cifs_stats_proc_show() Skip sessions…
CVE-2024-35949 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: btrfs: make sure that WRITTEN is set on all metadata blocks We…
CVE-2021-47598 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: sch_cake: do not call cake_destroy() from cake_init() qdiscs are not…
CVE-2023-6932 — CVSS 7.8 (high): A use-after-free vulnerability in the Linux kernel's ipv4: igmp component can be exploited to achieve local privilege escalation. A race…
CVE-2024-36904 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: tcp: Use refcount_inc_not_zero() in tcp_twsk_unique(). Anderson…
CVE-2024-26930 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Fix double free of the ha->vp_map pointer Coverity scan…
CVE-2024-35861 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: smb: client: fix potential UAF in cifs_signal_cifsd_for_reconnect()…
CVE-2024-35862 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: smb: client: fix potential UAF in smb2_is_network_name_deleted() Skip…
CVE-2024-35863 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: smb: client: fix potential UAF in is_valid_oplock_break() Skip sessions…
CVE-2024-35864 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: smb: client: fix potential UAF in smb2_is_valid_lease_break() Skip…
CVE-2024-35905 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: bpf: Protect against int overflow for stack access size This patch…
CVE-2023-52752 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: smb: client: fix use-after-free bug in cifs_debug_data_proc_show() Skip…
CVE-2024-40954 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: net: do not leave a dangling sk pointer, when socket creation fails It…
CVE-2024-41059 — CVSS 7.1 (high): In the Linux kernel, the following vulnerability has been resolved: hfsplus: fix uninit-value in copy_name [syzbot reported] BUG: KMSAN…
CVE-2023-46813 — CVSS 7.0 (high): An issue was discovered in the Linux kernel before 6.5.9, exploitable by local users with userspace access to MMIO registers. Incorrect…
CVE-2023-51779 — CVSS 7.0 (high): bt_sock_recvmsg in net/bluetooth/af_bluetooth.c in the Linux kernel through 6.6.8 has a use-after-free because of a bt_sock_ioctl race…
CVE-2023-51780 — CVSS 7.0 (high): An issue was discovered in the Linux kernel before 6.6.8. do_vcc_ioctl in net/atm/ioctl.c has a use-after-free because of a vcc_recvmsg…
CVE-2023-6531 — CVSS 7.0 (high): A use-after-free flaw was found in the Linux Kernel due to a race problem in the unix garbage collector's deletion of SKB races with…
CVE-2024-36899 — CVSS 7.0 (high): In the Linux kernel, the following vulnerability has been resolved: gpiolib: cdev: Fix use after free in lineinfo_changed_notify The…
CVE-2024-26828 — CVSS 6.7 (medium): In the Linux kernel, the following vulnerability has been resolved: cifs: fix underflow in parse_server_interfaces() In this loop, we step…
CVE-2023-39193 — CVSS 6.1 (medium): A flaw was found in the Netfilter subsystem in the Linux kernel. The sctp_mt_check did not validate the flag_count field. This flaw allows…
CVE-2024-43861 — CVSS 5.5 (medium): In the Linux kernel, the following vulnerability has been resolved: net: usb: qmi_wwan: fix memory leak for not ip packets Free the unused…
CVE-2023-31085 — CVSS 5.5 (medium): An issue was discovered in drivers/mtd/ubi/cdev.c in the Linux kernel 6.2. There is a divide-by-zero error in do_div(sz,mtd->erasesize)…
CVE-2024-36964 — CVSS 5.5 (medium): In the Linux kernel, the following vulnerability has been resolved: fs/9p: only translate RWX permissions for plain 9P2000 Garbage in plain…
CVE-2023-39189 — CVSS 5.1 (medium): A flaw was found in the Netfilter subsystem in the Linux kernel. The nfnl_osf_add_callback function did not validate the user mode…
CVE-2023-34324 — CVSS 4.9 (medium): Closing of an event channel in the Linux kernel can result in a deadlock. This happens when the close is being performed in parallel to an…
CVE-2023-6176 — CVSS 4.7 (medium): A null pointer dereference flaw was found in the Linux kernel API for the cryptographic algorithm scatterwalk functionality. This issue…
CVE-2024-26923 — CVSS 4.7 (medium): In the Linux kernel, the following vulnerability has been resolved: af_unix: Fix garbage collector racing against connect() Garbage…
CVE-2024-23307 — CVSS 4.4 (medium): Integer Overflow or Wraparound vulnerability in Linux Linux kernel kernel on Linux, x86, ARM (md, raid, raid5 modules) allows Forced…