kernel-livepatch-SLE15-SP5_Update_8 (SUSE:Linux Enterprise Live Patching 15 SP5) — known CVEs & security advisories
Known CVE vulnerabilities and GitHub Security Advisories affecting the SUSE:Linux Enterprise Live Patching 15 SP5 package kernel-livepatch-SLE15-SP5_Update_8, with affected version ranges, CVSS severity, EPSS exploit prediction, and CISA KEV status.
CVEs (39)
CVE-2021-47517 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: ethtool: do not perform operations on net devices being unregistered…
CVE-2022-48956 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: ipv6: avoid use-after-free in ip6_fragment() Blamed commit claimed…
CVE-2023-4244 — CVSS 7.8 (high): A use-after-free vulnerability in the Linux kernel's netfilter: nf_tables component can be exploited to achieve local privilege escalation…
CVE-2023-5633 — CVSS 7.8 (high): The reference count changes made as part of the CVE-2023-33951 and CVE-2023-33952 fixes exposed a use-after-free flaw in the way memory…
CVE-2023-5717 — CVSS 7.8 (high): A heap out-of-bounds write vulnerability in the Linux kernel's Linux Kernel Performance Events (perf) component can be exploited to achieve…
CVE-2023-6931 — CVSS 7.8 (high): A heap out-of-bounds write vulnerability in the Linux kernel's Performance Events system component can be exploited to achieve local…
CVE-2023-6932 — CVSS 7.8 (high): A use-after-free vulnerability in the Linux kernel's ipv4: igmp component can be exploited to achieve local privilege escalation. A race…
CVE-2024-1085 — CVSS 7.8 (high): A use-after-free vulnerability in the Linux kernel's netfilter: nf_tables component can be exploited to achieve local privilege escalation…
CVE-2024-26610 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: fix a memory corruption iwl_fw_ini_trigger_tlv::data is…
CVE-2024-26622 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: tomoyo: fix UAF write bug in tomoyo_write_control() Since…
CVE-2024-26852 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: net/ipv6: avoid possible UAF in ip6_route_mpath_notify() syzbot found…
CVE-2024-35861 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: smb: client: fix potential UAF in cifs_signal_cifsd_for_reconnect()…
CVE-2024-35949 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: btrfs: make sure that WRITTEN is set on all metadata blocks We…
CVE-2024-36904 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: tcp: Use refcount_inc_not_zero() in tcp_twsk_unique(). Anderson…
CVE-2024-40954 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: net: do not leave a dangling sk pointer, when socket creation fails It…
CVE-2024-50264 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: vsock/virtio: Initialization of the dangling pointer occurring in…
CVE-2022-48651 — CVSS 7.7 (high): In the Linux kernel, the following vulnerability has been resolved: ipvlan: Fix out-of-bound bugs caused by unset skb->mac_header If an…
CVE-2023-39198 — CVSS 7.5 (high): A race condition was found in the QXL driver in the Linux kernel. The qxl_mode_dumb_create() function dereferences the qobj returned by the…
CVE-2023-52340 — CVSS 7.5 (high): The IPv6 implementation in the Linux kernel before 6.3 has a net/ipv6/route.c max_size threshold that can be consumed easily, e.g., leading…
CVE-2023-45871 — CVSS 7.5 (high): An issue was discovered in drivers/net/ethernet/intel/igb/igb_main.c in the IGB driver in the Linux kernel before 6.5.3. A buffer size may…
CVE-2024-41059 — CVSS 7.1 (high): In the Linux kernel, the following vulnerability has been resolved: hfsplus: fix uninit-value in copy_name [syzbot reported] BUG: KMSAN…
CVE-2023-51780 — CVSS 7.0 (high): An issue was discovered in the Linux kernel before 6.6.8. do_vcc_ioctl in net/atm/ioctl.c has a use-after-free because of a vcc_recvmsg…
CVE-2024-36899 — CVSS 7.0 (high): In the Linux kernel, the following vulnerability has been resolved: gpiolib: cdev: Fix use after free in lineinfo_changed_notify The…
CVE-2023-2006 — CVSS 7.0 (high): A race condition was found in the Linux kernel's RxRPC network protocol, within the processing of RxRPC bundles. This issue results from…
CVE-2023-6546 — CVSS 7.0 (high): A race condition was found in the GSM 0710 tty multiplexor in the Linux kernel. This issue occurs when two threads execute the…
CVE-2024-0565 — CVSS 6.8 (medium): An out-of-bounds memory read flaw was found in receive_encrypted_standard in fs/smb/client/smb2ops.c in the SMB Client sub-component in the…
CVE-2023-5158 — CVSS 6.5 (medium): A flaw was found in vringh_kiov_advance in drivers/vhost/vringh.c in the host side of a virtio ring in the Linux Kernel. This issue may…
CVE-2023-45863 — CVSS 6.4 (medium): An issue was discovered in lib/kobject.c in the Linux kernel before 6.2.3. With root access, an attacker can trigger a race condition that…
CVE-2023-52502 — CVSS 6.3 (medium): In the Linux kernel, the following vulnerability has been resolved: net: nfc: fix races in nfc_llcp_sock_get() and nfc_llcp_sock_get_sn()…
CVE-2023-25775 — CVSS 5.6 (medium): Improper access control in the Intel(R) Ethernet Controller RDMA driver for linux before version 1.9.30 may allow an unauthenticated user…
CVE-2024-43861 — CVSS 5.5 (medium): In the Linux kernel, the following vulnerability has been resolved: net: usb: qmi_wwan: fix memory leak for not ip packets Free the unused…
CVE-2024-26766 — CVSS 5.5 (medium): In the Linux kernel, the following vulnerability has been resolved: IB/hfi1: Fix sdma.h tx->num_descs off-by-one error Unfortunately the…
CVE-2024-36964 — CVSS 5.5 (medium): In the Linux kernel, the following vulnerability has been resolved: fs/9p: only translate RWX permissions for plain 9P2000 Garbage in plain…
CVE-2023-6039 — CVSS 5.5 (medium): A use-after-free flaw was found in lan78xx_disconnect in drivers/net/usb/lan78xx.c in the network sub-component, net/usb/lan78xx in the…
CVE-2023-6176 — CVSS 4.7 (medium): A null pointer dereference flaw was found in the Linux kernel API for the cryptographic algorithm scatterwalk functionality. This issue…
CVE-2024-26585 — CVSS 4.7 (medium): In the Linux kernel, the following vulnerability has been resolved: tls: fix race between tx work scheduling and socket close Similarly to…
CVE-2023-46862 — CVSS 4.7 (medium): An issue was discovered in the Linux kernel through 6.5.9. During a race with SQ thread exit, an io_uring/fdinfo.c io_uring_show_fdinfo…
CVE-2023-39197 — CVSS 4.0 (medium): An out-of-bounds read vulnerability was found in Netfilter Connection Tracking (conntrack) in the Linux kernel. This flaw allows a remote…