SUSE-SU-2022:4516-1 Security update for the Linux Kernel (Live Patch 24 for SLE 15 SP3)

This update for the Linux Kernel 5.3.18-1503005993 fixes several issues. The following security issues were fixed: - CVE-2022-43945: Fixed a buffer overflow in the NFSD implementation bsc1205128. - CVE-2022-4378: Fixed stack overflow in doprocdointvec bsc1206207. - CVE-2022-4139: Fixed an issue...

GSD-2022-1007801 net: gso: fix panic on frag_list with mixed head alloc types

net: gso: fix panic on fraglist with mixed head alloc types This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v6.0.9 by commit...

PT-2022-36355 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v5.10.154 Description: A potential security issue has been identified in the Linux Kernel. The actual impact and attack plausibility have not yet been proven. Recommendations: For Linux Kernel versions prior to...

PT-2022-36322 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v5.10.155 Description: A slab-out-of-bounds write bug was found in the udf find entry function. The actual impact and attack plausibility have not yet been proven. Recommendations: For Linux Kernel versions prio...

PT-2022-36002 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v6.0.10 Description: The issue concerns error handling in the ata tport add function. It was introduced in version v2.6.37 and fixed in version v6.0.10. The actual impact and attack plausibility have not yet bee...

PT-2022-36135 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions 5.15.13 through 5.15.79 Description: The issue concerns a potential security vulnerability related to the leaking of a platform device on module removal in the i8042 component. The actual impact and attack plausibility...

SUSE: Security Advisory (SUSE-SU-2022:4272-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE-SU-2022:4112-1 Security update for the Linux Kernel (Live Patch 27 for SLE 15 SP2)

This update for the Linux Kernel 5.3.18-15020024115 fixes several issues. The following security issues were fixed: - CVE-2021-33655: Fixed out of bounds write with ioctl FBIOPUTVSCREENINFO bnc1201635. - CVE-2022-2588: Fixed use-after-free in clsroute bsc1202096. - CVE-2022-42703: Fixed...

GSD-2022-1007204 KVM: arm64: vgic: Fix exit condition in scan_its_table()

KVM: arm64: vgic: Fix exit condition in scanitstable This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.10.152 by commit...

GSD-2022-1006944 drm/amdkfd: Fix memory leak in kfd_mem_dmamap_userptr()

drm/amdkfd: Fix memory leak in kfdmemdmamapuserptr This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.15.77 by commit...

SUSE-SU-2022:3810-1 Security update for the Linux Kernel

The SUSE Linux Enterprise 12 SP5 kernel rt was updated. The following security bugs were fixed: - CVE-2022-40768: Fixed information leak in the scsi driver which allowed local users to obtain sensitive information from kernel memory. bnc1203514 - CVE-2022-3169: Fixed a denial of service flaw whic...

CVE-2022-3637 Linux Kernel BlueZ jlink.c jlink_init denial of service

A vulnerability has been found in Linux Kernel and classified as problematic. This vulnerability affects the function jlinkinit of the file monitor/jlink.c of the component BlueZ. The manipulation leads to denial of service. It is recommended to apply a patch to fix this issue. The identifier of...

SUSE: Security Advisory (SUSE-SU-2022:3450-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE-SU-2022:3424-1 Security update for the Linux Kernel (Live Patch 29 for SLE 15)

This update for the Linux Kernel 4.12.14-15000015089 fixes several issues. The following security issues were fixed: - CVE-2022-39188: Fixed a race condition between unmapmappingrange and munmap on VMPFNMAP mappings leads to stale TLB entry bsc1203116. - CVE-2022-1652: Fixed a use-after-free in...

SUSE-SU-2022:3411-1 Security update for the Linux Kernel (Live Patch 3 for SLE 15 SP4)

This update for the Linux Kernel 5.14.21-1504002421 fixes one issue. The following security issue was fixed: - CVE-2021-39698: Fixed a memory corruption due to a use after free that could lead to local escalation of privilege with no additional execution privileges needed bsc1196959...

SUSE-SU-2022:3370-1 Security update for the Linux Kernel (Live Patch 0 for SLE 15 SP4)

This update for the Linux Kernel 5.14.21-15040022 fixes several issues. The following security issues were fixed: - CVE-2022-29581: Fixed an improper Update of Reference Count vulnerability in net/sched that causes privilege escalation to root bsc1199695. - CVE-2022-39188: Fixed a race condition...

GSD-2022-1004998 drm/amd/pm: Fix a potential gpu_metrics_table memory leak

drm/amd/pm: Fix a potential gpumetricstable memory leak This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.19.7 by commit...

PT-2022-33288 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v5.19.6 Description: A potential security issue has been identified in the Linux Kernel. The actual impact and attack plausibility have not yet been proven. Recommendations: For Linux Kernel versions prior to...

Exploit for Incorrect Conversion between Numeric Types in Linux Linux_Kernel

CVE-2022-2639 using pipe primitive CVE-2022-2639https://...

CVE-2022-1016

A flaw was found in the Linux kernel in net/netfilter/nftablescore.c:nftdochain, which can cause a use-after-free. This issue needs to handle 'return' with proper preconditions, as it can lead to a kernel information leak problem caused by a local, unprivileged attacker...