kernel-livepatch-SLE15_Update_31 (SUSE:Linux Enterprise Live Patching 15) — known CVEs & security advisories
Known CVE vulnerabilities and GitHub Security Advisories affecting the SUSE:Linux Enterprise Live Patching 15 package kernel-livepatch-SLE15_Update_31, with affected version ranges, CVSS severity, EPSS exploit prediction, and CISA KEV status.
CVEs (28)
CVE-2021-4157 — CVSS 8.0 (high): An out of memory bounds write flaw (1 or 2 bytes of memory) in the Linux kernel NFS subsystem was found in the way users use mirroring…
CVE-2022-1679 — CVSS 7.8 (high): A use-after-free flaw was found in the Linux kernel’s Atheros wireless adapter driver in the way a user forces the ath9k_htc_wait_for_targ…
CVE-2022-4378 — CVSS 7.8 (high): A stack overflow flaw was found in the Linux kernel's SYSCTL subsystem in how a user changes certain kernel parameters and variables. This…
CVE-2022-36946 — CVSS 7.5 (high): nfqnl_mangle in net/netfilter/nfnetlink_queue.c in the Linux kernel through 5.18.14 allows remote attackers to cause a denial of service…
CVE-2022-43945 — CVSS 7.5 (high): The Linux kernel NFSD implementation prior to versions 5.19.17 and 6.0.2 are vulnerable to buffer overflow. NFSD tracks the number of pages…
CVE-2022-33740 — CVSS 7.1 (high): Linux disk/nic frontends data leaks T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities…
CVE-2022-26365 — CVSS 7.1 (high): Linux disk/nic frontends data leaks T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities…
CVE-2022-33742 — CVSS 7.1 (high): Linux disk/nic frontends data leaks T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities…
CVE-2022-33741 — CVSS 7.1 (high): Linux disk/nic frontends data leaks T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities…
CVE-2022-20141 — CVSS 7.0 (high): In ip_check_mc_rcu of igmp.c, there is a possible use after free due to improper locking. This could lead to local escalation of privilege…
CVE-2021-33655 — CVSS 6.7 (medium): When sending malicous data to kernel by ioctl cmd FBIOPUT_VSCREENINFO,kernel will write memory out of bounds.
CVE-2022-29900 — CVSS 6.5 (medium): Mis-trained branch predictions for return instructions may allow arbitrary speculative code execution under certain microarchitecture-depend…
CVE-2021-26341 — CVSS 6.5 (medium): Some AMD CPUs may transiently execute beyond unconditional direct branches, which may potentially result in data leakage.
CVE-2020-26541 — CVSS 6.5 (medium): The Linux kernel through 5.8.13 does not properly enforce the Secure Boot Forbidden Signature Database (aka dbx) protection mechanism. This…
CVE-2022-20154 — CVSS 6.4 (medium): In lock_sock_nested of sock.c, there is a possible use after free due to a race condition. This could lead to local escalation of privilege…
CVE-2020-36516 — CVSS 5.9 (medium): An issue was discovered in the Linux kernel through 5.16.11. The mixed IPID assignment method with the hash-based IPID assignment policy…
CVE-2022-29901 — CVSS 5.6 (medium): Intel microprocessor generations 6 to 8 are affected by a new Spectre variant that is able to bypass their retpoline mitigation in the…
CVE-2022-3586 — CVSS 5.5 (medium): A flaw was found in the Linux kernel’s networking code. A use-after-free was found in the way the sch_sfb enqueue function used the…
CVE-2022-2318 — CVSS 5.5 (medium): There are use-after-free vulnerabilities caused by timer handler in net/rose/rose_timer.c of linux that allow attackers to crash linux…
CVE-2022-3545 — CVSS 5.5 (medium): A vulnerability has been found in Linux Kernel and classified as critical. Affected by this vulnerability is the function area_cache_get of…
CVE-2022-41218 — CVSS 5.5 (medium): In drivers/media/dvb-core/dmxdev.c in the Linux kernel through 5.19.10, there is a use-after-free caused by refcount races, affecting…
CVE-2022-42703 — CVSS 5.5 (medium): mm/rmap.c in the Linux kernel before 5.19.7 has a use-after-free related to leaf anon_vma double reuse.
CVE-2022-2588 — CVSS 5.3 (medium): It was discovered that the cls_route filter implementation in the Linux kernel would not remove an old filter from the hashtable before…
CVE-2020-36558 — CVSS 5.1 (medium): A race condition in the Linux kernel before 5.5.7 involving VT_RESIZEX could lead to a NULL pointer dereference and general protection…
CVE-2020-36557 — CVSS 5.1 (medium): A race condition in the Linux kernel before 5.6.2 between the VT_DISALLOCATE ioctl and closing/opening of ttys could lead to a…
CVE-2022-39188 — CVSS 4.7 (medium): An issue was discovered in include/asm-generic/tlb.h in the Linux kernel before 5.19. Because of a race condition (unmap_mapping_range…
CVE-2022-20132 — CVSS 4.6 (medium): In lg_probe and related functions of hid-lg.c and other USB HID files, there is a possible out of bounds read due to improper input…
CVE-2022-33981 — CVSS 3.3 (low): drivers/block/floppy.c in the Linux kernel before 5.17.6 is vulnerable to a denial of service, because of a concurrency use-after-free flaw…