Marcus Updateinfo to OVAL Converter5.52023-09-28T05:20:12CVE-2015-20107openSUSE Leap Micro 5.2
In Python (aka CPython) up to 3.10.8, the mailcap module does not add escape characters into commands discovered in the system mailcap file. This may allow attackers to inject shell commands into applications that call mailcap.findmatch with untrusted input (if they lack validation of user-provided filenames or arguments). The fix is also back-ported to 3.7, 3.8, 3.9
ImportantCVE-2015-20107SUSE bug 1198511SUSE bug 1200507SUSE bug 1201777SUSE bug 1201791SUSE bug 1205068SUSE bug 1208337cpe:/o:opensuse:leap-micro:5.2CVE-2016-3695openSUSE Leap Micro 5.2
The einj_error_inject function in drivers/acpi/apei/einj.c in the Linux kernel allows local users to simulate hardware errors and consequently cause a denial of service by leveraging failure to disable APEI error injection through EINJ when securelevel is set.
LowCVE-2016-3695SUSE bug 1023051cpe:/o:opensuse:leap-micro:5.2CVE-2016-3709openSUSE Leap Micro 5.2
Possible cross-site scripting vulnerability in libxml after commit 960f0e2.
ModerateCVE-2016-3709SUSE bug 1201978cpe:/o:opensuse:leap-micro:5.2CVE-2017-5753openSUSE Leap Micro 5.2
Systems with microprocessors utilizing speculative execution and branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis.
ImportantCVE-2017-5753SUSE bug 1068032SUSE bug 1074562SUSE bug 1074578SUSE bug 1074701SUSE bug 1075006SUSE bug 1075419SUSE bug 1075748SUSE bug 1080039SUSE bug 1087084SUSE bug 1087939SUSE bug 1089055SUSE bug 1136865SUSE bug 1178658SUSE bug 1201877SUSE bug 1209547cpe:/o:opensuse:leap-micro:5.2CVE-2017-6512openSUSE Leap Micro 5.2
Race condition in the rmtree and remove_tree functions in the File-Path module before 2.13 for Perl allows attackers to set the mode on arbitrary files via vectors involving directory-permission loosening logic.
ModerateCVE-2017-6512SUSE bug 1042218SUSE bug 1047178cpe:/o:opensuse:leap-micro:5.2CVE-2017-7607openSUSE Leap Micro 5.2
The handle_gnu_hash function in readelf.c in elfutils 0.168 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted ELF file.
ModerateCVE-2017-7607SUSE bug 1033084cpe:/o:opensuse:leap-micro:5.2CVE-2017-7608openSUSE Leap Micro 5.2
The ebl_object_note_type_name function in eblobjnotetypename.c in elfutils 0.168 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted ELF file.
LowCVE-2017-7608SUSE bug 1033085cpe:/o:opensuse:leap-micro:5.2CVE-2017-7609openSUSE Leap Micro 5.2
elf_compress.c in elfutils 0.168 does not validate the zlib compression factor, which allows remote attackers to cause a denial of service (memory consumption) via a crafted ELF file.
LowCVE-2017-7609SUSE bug 1033086cpe:/o:opensuse:leap-micro:5.2CVE-2017-7610openSUSE Leap Micro 5.2
The check_group function in elflint.c in elfutils 0.168 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted ELF file.
LowCVE-2017-7610SUSE bug 1033087cpe:/o:opensuse:leap-micro:5.2CVE-2017-7611openSUSE Leap Micro 5.2
The check_symtab_shndx function in elflint.c in elfutils 0.168 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted ELF file.
LowCVE-2017-7611SUSE bug 1033088cpe:/o:opensuse:leap-micro:5.2CVE-2017-7612openSUSE Leap Micro 5.2
The check_sysv_hash function in elflint.c in elfutils 0.168 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted ELF file.
LowCVE-2017-7612SUSE bug 1033089cpe:/o:opensuse:leap-micro:5.2CVE-2017-7613openSUSE Leap Micro 5.2
elflint.c in elfutils 0.168 does not validate the number of sections and the number of segments, which allows remote attackers to cause a denial of service (memory consumption) via a crafted ELF file.
LowCVE-2017-7613SUSE bug 1033090cpe:/o:opensuse:leap-micro:5.2CVE-2018-10903openSUSE Leap Micro 5.2
A flaw was found in python-cryptography versions between >=1.9.0 and <2.3. The finalize_with_tag API did not enforce a minimum tag length. If a user did not validate the input length prior to passing it to finalize_with_tag an attacker could craft an invalid payload with a shortened tag (e.g. 1 byte) such that they would have a 1 in 256 chance of passing the MAC check. GCM tag forgeries can cause key leakage.
ImportantCVE-2018-10903SUSE bug 1101820cpe:/o:opensuse:leap-micro:5.2CVE-2018-16062openSUSE Leap Micro 5.2
dwarf_getaranges in dwarf_getaranges.c in libdw in elfutils before 2018-08-18 allows remote attackers to cause a denial of service (heap-based buffer over-read) via a crafted file.
ModerateCVE-2018-16062SUSE bug 1106390cpe:/o:opensuse:leap-micro:5.2CVE-2018-16402openSUSE Leap Micro 5.2
libelf/elf_end.c in elfutils 0.173 allows remote attackers to cause a denial of service (double free and application crash) or possibly have unspecified other impact because it tries to decompress twice.
ModerateCVE-2018-16402SUSE bug 1107066cpe:/o:opensuse:leap-micro:5.2CVE-2018-16403openSUSE Leap Micro 5.2
libdw in elfutils 0.173 checks the end of the attributes list incorrectly in dwarf_getabbrev in dwarf_getabbrev.c and dwarf_hasattr in dwarf_hasattr.c, leading to a heap-based buffer over-read and an application crash.
LowCVE-2018-16403SUSE bug 1107067cpe:/o:opensuse:leap-micro:5.2CVE-2018-18310openSUSE Leap Micro 5.2
An invalid memory address dereference was discovered in dwfl_segment_report_module.c in libdwfl in elfutils through v0.174. The vulnerability allows attackers to cause a denial of service (application crash) with a crafted ELF file, as demonstrated by consider_notes.
LowCVE-2018-18310SUSE bug 1111973cpe:/o:opensuse:leap-micro:5.2CVE-2018-18520openSUSE Leap Micro 5.2
An Invalid Memory Address Dereference exists in the function elf_end in libelf in elfutils through v0.174. Although eu-size is intended to support ar files inside ar files, handle_ar in size.c closes the outer ar file before handling all inner entries. The vulnerability allows attackers to cause a denial of service (application crash) with a crafted ELF file.
LowCVE-2018-18520SUSE bug 1112726cpe:/o:opensuse:leap-micro:5.2CVE-2018-18521openSUSE Leap Micro 5.2
Divide-by-zero vulnerabilities in the function arlib_add_symbols() in arlib.c in elfutils 0.174 allow remote attackers to cause a denial of service (application crash) with a crafted ELF file, as demonstrated by eu-ranlib, because a zero sh_entsize is mishandled.
LowCVE-2018-18521SUSE bug 1112723cpe:/o:opensuse:leap-micro:5.2CVE-2019-11098openSUSE Leap Micro 5.2
Insufficient input validation in MdeModulePkg in EDKII may allow an unauthenticated user to potentially enable escalation of privilege, denial of service and/or information disclosure via physical access.
ModerateCVE-2019-11098SUSE bug 1188371cpe:/o:opensuse:leap-micro:5.2CVE-2019-13224openSUSE Leap Micro 5.2
A use-after-free in onig_new_deluxe() in regext.c in Oniguruma 6.9.2 allows attackers to potentially cause information disclosure, denial of service, or possibly code execution by providing a crafted regular expression. The attacker provides a pair of a regex pattern and a string, with a multi-byte encoding that gets handled by onig_new_deluxe(). Oniguruma issues often affect Ruby, as well as common optional libraries for PHP and Rust.
ModerateCVE-2019-13224SUSE bug 1142847SUSE bug 1203568cpe:/o:opensuse:leap-micro:5.2CVE-2019-14560openSUSE Leap Micro 5.2
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2019. Notes: none.
ModerateCVE-2019-14560SUSE bug 1174246cpe:/o:opensuse:leap-micro:5.2CVE-2019-16163openSUSE Leap Micro 5.2
Oniguruma before 6.9.3 allows Stack Exhaustion in regcomp.c because of recursion in regparse.c.
LowCVE-2019-16163SUSE bug 1150130SUSE bug 1203568cpe:/o:opensuse:leap-micro:5.2CVE-2019-18348openSUSE Leap Micro 5.2
An issue was discovered in urllib2 in Python 2.x through 2.7.17 and urllib in Python 3.x through 3.8.0. CRLF injection is possible if the attacker controls a url parameter, as demonstrated by the first argument to urllib.request.urlopen with \r\n (specifically in the host component of a URL) followed by an HTTP header. This is similar to the CVE-2019-9740 query string issue and the CVE-2019-9947 path string issue. (This is not exploitable when glibc has CVE-2016-10739 fixed.). This is fixed in: v2.7.18, v2.7.18rc1; v3.5.10, v3.5.10rc1; v3.6.11, v3.6.11rc1, v3.6.12; v3.7.8, v3.7.8rc1, v3.7.9; v3.8.3, v3.8.3rc1, v3.8.4, v3.8.4rc1, v3.8.5, v3.8.6, v3.8.6rc1.
ModerateCVE-2019-18348SUSE bug 1155094cpe:/o:opensuse:leap-micro:5.2CVE-2019-19083openSUSE Leap Micro 5.2
Memory leaks in *clock_source_create() functions under drivers/gpu/drm/amd/display/dc in the Linux kernel before 5.3.8 allow attackers to cause a denial of service (memory consumption). This affects the dce112_clock_source_create() function in drivers/gpu/drm/amd/display/dc/dce112/dce112_resource.c, the dce100_clock_source_create() function in drivers/gpu/drm/amd/display/dc/dce100/dce100_resource.c, the dcn10_clock_source_create() function in drivers/gpu/drm/amd/display/dc/dcn10/dcn10_resource.c, the dcn20_clock_source_create() function in drivers/gpu/drm/amd/display/dc/dcn20/dcn20_resource.c, the dce120_clock_source_create() function in drivers/gpu/drm/amd/display/dc/dce120/dce120_resource.c, the dce110_clock_source_create() function in drivers/gpu/drm/amd/display/dc/dce110/dce110_resource.c, and the dce80_clock_source_create() function in drivers/gpu/drm/amd/display/dc/dce80/dce80_resource.c, aka CID-055e547478a1.
ModerateCVE-2019-19083SUSE bug 1157049cpe:/o:opensuse:leap-micro:5.2CVE-2019-19203openSUSE Leap Micro 5.2
An issue was discovered in Oniguruma 6.x before 6.9.4_rc2. In the function gb18030_mbc_enc_len in file gb18030.c, a UChar pointer is dereferenced without checking if it passed the end of the matched string. This leads to a heap-based buffer over-read.
ImportantCVE-2019-19203SUSE bug 1164550SUSE bug 1203568cpe:/o:opensuse:leap-micro:5.2CVE-2019-19204openSUSE Leap Micro 5.2
An issue was discovered in Oniguruma 6.x before 6.9.4_rc2. In the function fetch_interval_quantifier (formerly known as fetch_range_quantifier) in regparse.c, PFETCH is called without checking PEND. This leads to a heap-based buffer over-read.
ImportantCVE-2019-19204SUSE bug 1164569SUSE bug 1203568cpe:/o:opensuse:leap-micro:5.2CVE-2019-19246openSUSE Leap Micro 5.2
Oniguruma through 6.9.3, as used in PHP 7.3.x and other products, has a heap-based buffer over-read in str_lower_case_match in regexec.c.
ImportantCVE-2019-19246SUSE bug 1157805SUSE bug 1203568cpe:/o:opensuse:leap-micro:5.2CVE-2019-19377openSUSE Leap Micro 5.2
In the Linux kernel 5.0.21, mounting a crafted btrfs filesystem image, performing some operations, and unmounting can lead to a use-after-free in btrfs_queue_work in fs/btrfs/async-thread.c.
ImportantCVE-2019-19377SUSE bug 1158266SUSE bug 1162338SUSE bug 1162369SUSE bug 1173871SUSE bug 1211495cpe:/o:opensuse:leap-micro:5.2CVE-2019-20454openSUSE Leap Micro 5.2
An out-of-bounds read was discovered in PCRE before 10.34 when the pattern \X is JIT compiled and used to match specially crafted subjects in non-UTF mode. Applications that use PCRE to parse untrusted input may be vulnerable to this flaw, which would allow an attacker to crash the application. The flaw occurs in do_extuni_no_utf in pcre2_jit_compile.c.
ModerateCVE-2019-20454SUSE bug 1164384SUSE bug 1172973cpe:/o:opensuse:leap-micro:5.2CVE-2019-2708openSUSE Leap Micro 5.2
Vulnerability in the Data Store component of Oracle Berkeley DB. Supported versions that are affected are Prior to 6.138, prior to 6.2.38 and prior to 18.1.32. Easily exploitable vulnerability allows low privileged attacker having Local Logon privilege with logon to the infrastructure where Data Store executes to compromise Data Store. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Data Store. CVSS 3.0 Base Score 3.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L).
LowCVE-2019-2708SUSE bug 1174414cpe:/o:opensuse:leap-micro:5.2CVE-2019-6502openSUSE Leap Micro 5.2
sc_context_create in ctx.c in libopensc in OpenSC 0.19.0 has a memory leak, as demonstrated by a call from eidenv.
LowCVE-2019-6502SUSE bug 1122756SUSE bug 1179291cpe:/o:opensuse:leap-micro:5.2CVE-2019-7146openSUSE Leap Micro 5.2
In elfutils 0.175, there is a buffer over-read in the ebl_object_note function in eblobjnote.c in libebl. Remote attackers could leverage this vulnerability to cause a denial-of-service via a crafted elf file, as demonstrated by eu-readelf.
LowCVE-2019-7146SUSE bug 1123545cpe:/o:opensuse:leap-micro:5.2CVE-2019-7148openSUSE Leap Micro 5.2
An attempted excessive memory allocation was discovered in the function read_long_names in elf_begin.c in libelf in elfutils 0.174. Remote attackers could leverage this vulnerability to cause a denial-of-service via crafted elf input, which leads to an out-of-memory exception. NOTE: The maintainers believe this is not a real issue, but instead a "warning caused by ASAN because the allocation is big. By setting ASAN_OPTIONS=allocator_may_return_null=1 and running the reproducer, nothing happens."
ModerateCVE-2019-7148SUSE bug 1123687cpe:/o:opensuse:leap-micro:5.2CVE-2019-7149openSUSE Leap Micro 5.2
A heap-based buffer over-read was discovered in the function read_srclines in dwarf_getsrclines.c in libdw in elfutils 0.175. A crafted input can cause segmentation faults, leading to denial-of-service, as demonstrated by eu-nm.
ModerateCVE-2019-7149SUSE bug 1123559cpe:/o:opensuse:leap-micro:5.2CVE-2019-7150openSUSE Leap Micro 5.2
An issue was discovered in elfutils 0.175. A segmentation fault can occur in the function elf64_xlatetom in libelf/elf32_xlatetom.c, due to dwfl_segment_report_module not checking whether the dyn data read from a core file is truncated. A crafted input can cause a program crash, leading to denial-of-service, as demonstrated by eu-stack.
LowCVE-2019-7150SUSE bug 1123685cpe:/o:opensuse:leap-micro:5.2CVE-2019-7664openSUSE Leap Micro 5.2
In elfutils 0.175, a negative-sized memcpy is attempted in elf_cvt_note in libelf/note_xlate.h because of an incorrect overflow check. Crafted elf input causes a segmentation fault, leading to denial of service (program crash).
LowCVE-2019-7664SUSE bug 1125008cpe:/o:opensuse:leap-micro:5.2CVE-2019-7665openSUSE Leap Micro 5.2
In elfutils 0.175, a heap-based buffer over-read was discovered in the function elf32_xlatetom in elf32_xlatetom.c in libelf. A crafted ELF input can cause a segmentation fault leading to denial of service (program crash) because ebl_core_note does not reject malformed core file notes.
LowCVE-2019-7665SUSE bug 1125007cpe:/o:opensuse:leap-micro:5.2CVE-2020-10531openSUSE Leap Micro 5.2
An issue was discovered in International Components for Unicode (ICU) for C/C++ through 66.1. An integer overflow, leading to a heap-based buffer overflow, exists in the UnicodeString::doAppend() function in common/unistr.cpp.
ImportantCVE-2020-10531SUSE bug 1166844SUSE bug 1175778cpe:/o:opensuse:leap-micro:5.2CVE-2020-10696openSUSE Leap Micro 5.2
A path traversal flaw was found in Buildah in versions before 1.14.5. This flaw allows an attacker to trick a user into building a malicious container image hosted on an HTTP(s) server and then write files to the user's system anywhere that the user has permissions.
ImportantCVE-2020-10696SUSE bug 1167864cpe:/o:opensuse:leap-micro:5.2CVE-2020-10735openSUSE Leap Micro 5.2
A flaw was found in python. In algorithms with quadratic time complexity using non-binary bases, when using int("text"), a system could take 50ms to parse an int string with 100,000 digits and 5s for 1,000,000 digits (float, decimal, int.from_bytes(), and int() for binary bases 2, 4, 8, 16, and 32 are not affected). The highest threat from this vulnerability is to system availability.
ImportantCVE-2020-10735SUSE bug 1203125SUSE bug 1204077SUSE bug 1204096SUSE bug 1204097SUSE bug 1205075SUSE bug 1208131cpe:/o:opensuse:leap-micro:5.2CVE-2020-14394openSUSE Leap Micro 5.2
An infinite loop flaw was found in the USB xHCI controller emulation of QEMU while computing the length of the Transfer Request Block (TRB) Ring. This flaw allows a privileged guest user to hang the QEMU process on the host, resulting in a denial of service.
LowCVE-2020-14394SUSE bug 1180207cpe:/o:opensuse:leap-micro:5.2CVE-2020-16119openSUSE Leap Micro 5.2
Use-after-free vulnerability in the Linux kernel exploitable by a local attacker due to reuse of a DCCP socket with an attached dccps_hc_tx_ccid object as a listener after being released. Fixed in Ubuntu Linux kernel 5.4.0-51.56, 5.3.0-68.63, 4.15.0-121.123, 4.4.0-193.224, 3.13.0.182.191 and 3.2.0-149.196.
ImportantCVE-2020-16119SUSE bug 1177471SUSE bug 1177742cpe:/o:opensuse:leap-micro:5.2CVE-2020-21913openSUSE Leap Micro 5.2
International Components for Unicode (ICU-20850) v66.1 was discovered to contain a use after free bug in the pkg_createWithAssemblyCode function in the file tools/pkgdata/pkgdata.cpp.
ModerateCVE-2020-21913SUSE bug 1193951cpe:/o:opensuse:leap-micro:5.2CVE-2020-25657openSUSE Leap Micro 5.2
A flaw was found in all released versions of m2crypto, where they are vulnerable to Bleichenbacher timing attacks in the RSA decryption API via the timed processing of valid PKCS#1 v1.5 Ciphertext. The highest threat from this vulnerability is to confidentiality.
ImportantCVE-2020-25657SUSE bug 1178829cpe:/o:opensuse:leap-micro:5.2CVE-2020-25658openSUSE Leap Micro 5.2
It was found that python-rsa is vulnerable to Bleichenbacher timing attacks. An attacker can use this flaw via the RSA decryption API to decrypt parts of the cipher text encrypted with RSA.
ModerateCVE-2020-25658SUSE bug 1178676cpe:/o:opensuse:leap-micro:5.2CVE-2020-25659openSUSE Leap Micro 5.2
python-cryptography 3.2 is vulnerable to Bleichenbacher timing attacks in the RSA decryption API, via timed processing of valid PKCS#1 v1.5 ciphertext.
ModerateCVE-2020-25659SUSE bug 1178168cpe:/o:opensuse:leap-micro:5.2CVE-2020-26159openSUSE Leap Micro 5.2
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Further investigation showed that it was not a security issue. Notes: none.
ModerateCVE-2020-26159SUSE bug 1177179SUSE bug 1203568cpe:/o:opensuse:leap-micro:5.2CVE-2020-26541openSUSE Leap Micro 5.2
The Linux kernel through 5.8.13 does not properly enforce the Secure Boot Forbidden Signature Database (aka dbx) protection mechanism. This affects certs/blacklist.c and certs/system_keyring.c.
ModerateCVE-2020-26541SUSE bug 1177282cpe:/o:opensuse:leap-micro:5.2CVE-2020-27784openSUSE Leap Micro 5.2
A vulnerability was found in the Linux kernel, where accessing a deallocated instance in printer_ioctl() printer_ioctl() tries to access of a printer_dev instance. However, use-after-free arises because it had been freed by gprinter_free().
LowCVE-2020-27784SUSE bug 1202895cpe:/o:opensuse:leap-micro:5.2CVE-2020-29129openSUSE Leap Micro 5.2
ncsi.c in libslirp through 4.3.1 has a buffer over-read because it tries to read a certain amount of header data even if that exceeds the total packet length.
LowCVE-2020-29129SUSE bug 1179466SUSE bug 1179467SUSE bug 1179477SUSE bug 1179484cpe:/o:opensuse:leap-micro:5.2CVE-2020-29130openSUSE Leap Micro 5.2
slirp.c in libslirp through 4.3.1 has a buffer over-read because it tries to read a certain amount of header data even if that exceeds the total packet length.
ModerateCVE-2020-29130SUSE bug 1178658SUSE bug 1179467SUSE bug 1179477cpe:/o:opensuse:leap-micro:5.2CVE-2020-29362openSUSE Leap Micro 5.2
An issue was discovered in p11-kit 0.21.1 through 0.23.21. A heap-based buffer over-read has been discovered in the RPC protocol used by thep11-kit server/remote commands and the client library. When the remote entity supplies a byte array through a serialized PKCS#11 function call, the receiving entity may allow the reading of up to 4 bytes of memory past the heap allocation.
ModerateCVE-2020-29362SUSE bug 1180065SUSE bug 1201534cpe:/o:opensuse:leap-micro:5.2CVE-2020-35538openSUSE Leap Micro 5.2
A crafted input file could cause a null pointer dereference in jcopy_sample_rows() when processed by libjpeg-turbo.
ModerateCVE-2020-35538SUSE bug 1202915cpe:/o:opensuse:leap-micro:5.2CVE-2020-36242openSUSE Leap Micro 5.2
In the cryptography package before 3.3.2 for Python, certain sequences of update calls to symmetrically encrypt multi-GB values could result in an integer overflow and buffer overflow, as demonstrated by the Fernet class.
ImportantCVE-2020-36242SUSE bug 1182066cpe:/o:opensuse:leap-micro:5.2CVE-2020-36516openSUSE Leap Micro 5.2
An issue was discovered in the Linux kernel through 5.16.11. The mixed IPID assignment method with the hash-based IPID assignment policy allows an off-path attacker to inject data into a victim's TCP session or terminate that session.
ImportantCVE-2020-36516SUSE bug 1196616SUSE bug 1196867SUSE bug 1204092SUSE bug 1204183cpe:/o:opensuse:leap-micro:5.2CVE-2020-36557openSUSE Leap Micro 5.2
A race condition in the Linux kernel before 5.6.2 between the VT_DISALLOCATE ioctl and closing/opening of ttys could lead to a use-after-free.
ImportantCVE-2020-36557SUSE bug 1201429SUSE bug 1201742SUSE bug 1202874SUSE bug 1205313cpe:/o:opensuse:leap-micro:5.2CVE-2020-36558openSUSE Leap Micro 5.2
A race condition in the Linux kernel before 5.5.7 involving VT_RESIZEX could lead to a NULL pointer dereference and general protection fault.
ImportantCVE-2020-36558SUSE bug 1200910SUSE bug 1201752SUSE bug 1205313cpe:/o:opensuse:leap-micro:5.2CVE-2020-8492openSUSE Leap Micro 5.2
Python 2.7 through 2.7.17, 3.5 through 3.5.9, 3.6 through 3.6.10, 3.7 through 3.7.6, and 3.8 through 3.8.1 allows an HTTP server to conduct Regular Expression Denial of Service (ReDoS) attacks against a client because of urllib.request.AbstractBasicAuthHandler catastrophic backtracking.
ModerateCVE-2020-8492SUSE bug 1162367cpe:/o:opensuse:leap-micro:5.2CVE-2021-20199openSUSE Leap Micro 5.2
Rootless containers run with Podman, receive all traffic with a source IP address of 127.0.0.1 (including from remote hosts). This impacts containerized applications that trust localhost (127.0.01) connections by default and do not require authentication. This issue affects Podman 1.8.0 onwards.
LowCVE-2021-20199SUSE bug 1181640cpe:/o:opensuse:leap-micro:5.2CVE-2021-20201openSUSE Leap Micro 5.2
A flaw was found in spice in versions before 0.14.92. A DoS tool might make it easier for remote attackers to cause a denial of service (CPU consumption) by performing many renegotiations within a single connection.
ModerateCVE-2021-20201SUSE bug 1181686cpe:/o:opensuse:leap-micro:5.2CVE-2021-20206openSUSE Leap Micro 5.2
An improper limitation of path name flaw was found in containernetworking/cni in versions before 0.8.1. When specifying the plugin to load in the 'type' field in the network configuration, it is possible to use special elements such as "../" separators to reference binaries elsewhere on the system. This flaw allows an attacker to execute other existing binaries other than the cni plugins/types, such as 'reboot'. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.
ImportantCVE-2021-20206SUSE bug 1181961cpe:/o:opensuse:leap-micro:5.2CVE-2021-20251openSUSE Leap Micro 5.2
A flaw was found in samba. A race condition in the password lockout code may lead to the risk of brute force attacks being successful if special conditions are met.
ImportantCVE-2021-20251SUSE bug 1206546SUSE bug 1208433SUSE bug 1209325SUSE bug 1209664cpe:/o:opensuse:leap-micro:5.2CVE-2021-22569openSUSE Leap Micro 5.2
An issue in protobuf-java allowed the interleaving of com.google.protobuf.UnknownFieldSet fields in such a way that would be processed out of order. A small malicious payload can occupy the parser for several minutes by creating large numbers of short-lived objects that cause frequent, repeated pauses. We recommend upgrading libraries beyond the vulnerable versions.
ModerateCVE-2021-22569SUSE bug 1194530cpe:/o:opensuse:leap-micro:5.2CVE-2021-26341openSUSE Leap Micro 5.2
Some AMD CPUs may transiently execute beyond unconditional direct branches, which may potentially result in data leakage.
ModerateCVE-2021-26341SUSE bug 1196901SUSE bug 1201050cpe:/o:opensuse:leap-micro:5.2CVE-2021-28153openSUSE Leap Micro 5.2
An issue was discovered in GNOME GLib before 2.66.8. When g_file_replace() is used with G_FILE_CREATE_REPLACE_DESTINATION to replace a path that is a dangling symlink, it incorrectly also creates the target of the symlink as an empty file, which could conceivably have security relevance if the symlink is attacker-controlled. (If the path is a symlink to a file that already exists, then the contents of that file correctly remain unchanged.)
LowCVE-2021-28153SUSE bug 1183533cpe:/o:opensuse:leap-micro:5.2CVE-2021-28689openSUSE Leap Micro 5.2
x86: Speculative vulnerabilities with bare (non-shim) 32-bit PV guests 32-bit x86 PV guest kernels run in ring 1. At the time when Xen was developed, this area of the i386 architecture was rarely used, which is why Xen was able to use it to implement paravirtualisation, Xen's novel approach to virtualization. In AMD64, Xen had to use a different implementation approach, so Xen does not use ring 1 to support 64-bit guests. With the focus now being on 64-bit systems, and the availability of explicit hardware support for virtualization, fixing speculation issues in ring 1 is not a priority for processor companies. Indirect Branch Restricted Speculation (IBRS) is an architectural x86 extension put together to combat speculative execution sidechannel attacks, including Spectre v2. It was retrofitted in microcode to existing CPUs. For more details on Spectre v2, see: http://xenbits.xen.org/xsa/advisory-254.html However, IBRS does not architecturally protect ring 0 from predictions learnt in ring 1. For more details, see: https://software.intel.com/security-software-guidance/deep-dives/deep-dive-indirect-branch-restricted-speculation Similar situations may exist with other mitigations for other kinds of speculative execution attacks. The situation is quite likely to be similar for speculative execution attacks which have yet to be discovered, disclosed, or mitigated.
ModerateCVE-2021-28689SUSE bug 1185104cpe:/o:opensuse:leap-micro:5.2CVE-2021-28861openSUSE Leap Micro 5.2
** DISPUTED ** Python 3.x through 3.10 has an open redirection vulnerability in lib/http/server.py due to no protection against multiple (/) at the beginning of URI path which may leads to information disclosure. NOTE: this is disputed by a third party because the http.server.html documentation page states "Warning: http.server is not recommended for production. It only implements basic security checks."
ImportantCVE-2021-28861SUSE bug 1202624SUSE bug 1204077SUSE bug 1204801SUSE bug 1204802SUSE bug 1205068SUSE bug 1205075SUSE bug 1205467cpe:/o:opensuse:leap-micro:5.2CVE-2021-30560openSUSE Leap Micro 5.2
Use after free in Blink XSLT in Google Chrome prior to 91.0.4472.164 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
ImportantCVE-2021-30560SUSE bug 1188373SUSE bug 1208574SUSE bug 1211500SUSE bug 1211501SUSE bug 1211544cpe:/o:opensuse:leap-micro:5.2CVE-2021-33061openSUSE Leap Micro 5.2
Insufficient control flow management for the Intel(R) 82599 Ethernet Controllers and Adapters may allow an authenticated user to potentially enable denial of service via local access.
ModerateCVE-2021-33061SUSE bug 1196426cpe:/o:opensuse:leap-micro:5.2CVE-2021-33655openSUSE Leap Micro 5.2
When sending malicous data to kernel by ioctl cmd FBIOPUT_VSCREENINFO,kernel will write memory out of bounds.
ImportantCVE-2021-33655SUSE bug 1201635SUSE bug 1202087SUSE bug 1205313SUSE bug 1212291cpe:/o:opensuse:leap-micro:5.2CVE-2021-33656openSUSE Leap Micro 5.2
When setting font with malicous data by ioctl cmd PIO_FONT,kernel will write memory out of bounds.
ModerateCVE-2021-33656SUSE bug 1201636SUSE bug 1212286cpe:/o:opensuse:leap-micro:5.2CVE-2021-3507openSUSE Leap Micro 5.2
A heap buffer overflow was found in the floppy disk emulator of QEMU up to 6.0.0 (including). It could occur in fdctrl_transfer_handler() in hw/block/fdc.c while processing DMA read data transfers from the floppy drive to the guest system. A privileged guest user could use this flaw to crash the QEMU process on the host resulting in DoS scenario, or potential information leakage from the host memory.
ModerateCVE-2021-3507SUSE bug 1185000cpe:/o:opensuse:leap-micro:5.2CVE-2021-3522openSUSE Leap Micro 5.2
GStreamer before 1.18.4 may perform an out-of-bounds read when handling certain ID3v2 tags.
ModerateCVE-2021-3522SUSE bug 1185448cpe:/o:opensuse:leap-micro:5.2CVE-2021-3541openSUSE Leap Micro 5.2
A flaw was found in libxml2. Exponential entity expansion attack its possible bypassing all existing protection mechanisms and leading to denial of service.
ModerateCVE-2021-3541SUSE bug 1186015cpe:/o:opensuse:leap-micro:5.2CVE-2021-3593openSUSE Leap Micro 5.2
An invalid pointer initialization issue was found in the SLiRP networking implementation of QEMU. The flaw exists in the udp6_input() function and could occur while processing a udp packet that is smaller than the size of the 'udphdr' structure. This issue may lead to out-of-bounds read access or indirect host memory disclosure to the guest. The highest threat from this vulnerability is to data confidentiality. This flaw affects libslirp versions prior to 4.6.0.
LowCVE-2021-3593SUSE bug 1187365cpe:/o:opensuse:leap-micro:5.2CVE-2021-3623openSUSE Leap Micro 5.2
A flaw was found in libtpms. The flaw can be triggered by specially-crafted TPM 2 command packets containing illegal values and may lead to an out-of-bounds access when the volatile state of the TPM 2 is marshalled/written or unmarshalled/read. The highest threat from this vulnerability is to system availability.
ModerateCVE-2021-3623SUSE bug 1187767cpe:/o:opensuse:leap-micro:5.2CVE-2021-36690openSUSE Leap Micro 5.2
** DISPUTED ** A segmentation fault can occur in the sqlite3.exe command-line component of SQLite 3.36.0 via the idxGetTableInfo function when there is a crafted SQL query. NOTE: the vendor disputes the relevance of this report because a sqlite3.exe user already has full privileges (e.g., is intentionally allowed to execute commands). This report does NOT imply any problem in the SQLite library.
ModerateCVE-2021-36690SUSE bug 1189802SUSE bug 1211963cpe:/o:opensuse:leap-micro:5.2CVE-2021-3782openSUSE Leap Micro 5.2
An internal reference count is held on the buffer pool, incremented every time a new buffer is created from the pool. The reference count is maintained as an int; on LP64 systems this can cause the reference count to overflow if the client creates a large number of wl_shm buffer objects, or if it can coerce the server to create a large number of external references to the buffer storage. With the reference count overflowing, a use-after-free can be constructed on the wl_shm_pool tracking structure, where values may be incremented or decremented; it may also be possible to construct a limited oracle to leak 4 bytes of server-side memory to the attacking client at a time.
ModerateCVE-2021-3782SUSE bug 1190486cpe:/o:opensuse:leap-micro:5.2CVE-2021-38578openSUSE Leap Micro 5.2
Existing CommBuffer checks in SmmEntryPoint will not catch underflow when computing BufferSize.
ImportantCVE-2021-38578SUSE bug 1196741cpe:/o:opensuse:leap-micro:5.2CVE-2021-3923openSUSE Leap Micro 5.2
A flaw was found in the Linux kernel's implementation of RDMA over infiniband. An attacker with a privileged local account can leak kernel stack information when issuing commands to the /dev/infiniband/rdma_cm device node. While this access is unlikely to leak sensitive user information, it can be further used to defeat existing kernel protection mechanisms.
LowCVE-2021-3923SUSE bug 1209778cpe:/o:opensuse:leap-micro:5.2CVE-2021-3928openSUSE Leap Micro 5.2
vim is vulnerable to Use of Uninitialized Variable
ModerateCVE-2021-3928SUSE bug 1192478cpe:/o:opensuse:leap-micro:5.2CVE-2021-3929openSUSE Leap Micro 5.2
A DMA reentrancy issue was found in the NVM Express Controller (NVME) emulation in QEMU. This CVE is similar to CVE-2021-3750 and, just like it, when the reentrancy write triggers the reset function nvme_ctrl_reset(), data structs will be freed leading to a use-after-free issue. A malicious guest could use this flaw to crash the QEMU process on the host, resulting in a denial of service condition or, potentially, executing arbitrary code within the context of the QEMU process on the host.
ImportantCVE-2021-3929SUSE bug 1193880cpe:/o:opensuse:leap-micro:5.2CVE-2021-3979openSUSE Leap Micro 5.2
A key length flaw was found in Red Hat Ceph Storage. An attacker can exploit the fact that the key length is incorrectly passed in an encryption algorithm to create a non random key, which is weaker and can be exploited for loss of confidentiality and integrity on encrypted disks.
ModerateCVE-2021-3979SUSE bug 1194131cpe:/o:opensuse:leap-micro:5.2CVE-2021-4024openSUSE Leap Micro 5.2
A flaw was found in podman. The `podman machine` function (used to create and manage Podman virtual machine containing a Podman process) spawns a `gvproxy` process on the host system. The `gvproxy` API is accessible on port 7777 on all IP addresses on the host. If that port is open on the host's firewall, an attacker can potentially use the `gvproxy` API to forward ports on the host to ports in the VM, making private services on the VM accessible to the network. This issue could be also used to interrupt the host's services by forwarding all ports to the VM.
ModerateCVE-2021-4024SUSE bug 1193166cpe:/o:opensuse:leap-micro:5.2CVE-2021-4037openSUSE Leap Micro 5.2
A vulnerability was found in the fs/inode.c:inode_init_owner() function logic of the LInux kernel that allows local users to create files for the XFS file-system with an unintended group ownership and with group execution and SGID permission bits set, in a scenario where a directory is SGID and belongs to a certain group and is writable by a user who is not a member of this group. This can lead to excessive permissions granted in case when they should not. This vulnerability is similar to the previous CVE-2018-13405 and adds the missed fix for the XFS.
ModerateCVE-2021-4037SUSE bug 1198702cpe:/o:opensuse:leap-micro:5.2CVE-2021-41190openSUSE Leap Micro 5.2
The OCI Distribution Spec project defines an API protocol to facilitate and standardize the distribution of content. In the OCI Distribution Specification version 1.0.0 and prior, the Content-Type header alone was used to determine the type of document during push and pull operations. Documents that contain both “manifests” and “layers” fields could be interpreted as either a manifest or an index in the absence of an accompanying Content-Type header. If a Content-Type header changed between two pulls of the same digest, a client may interpret the resulting content differently. The OCI Distribution Specification has been updated to require that a mediaType value present in a manifest or index match the Content-Type header used during the push and pull operations. Clients pulling from a registry may distrust the Content-Type header and reject an ambiguous document that contains both “manifests” and “layers” fields or “manifests” and “config” fields if they are unable to update to version 1.0.1 of the spec.
ModerateCVE-2021-41190SUSE bug 1193273cpe:/o:opensuse:leap-micro:5.2CVE-2021-4155openSUSE Leap Micro 5.2
A data leak flaw was found in the way XFS_IOC_ALLOCSP IOCTL in the XFS filesystem allowed for size increase of files with unaligned size. A local attacker could use this flaw to leak data on the XFS filesystem otherwise not accessible to them.
ModerateCVE-2021-4155SUSE bug 1194272SUSE bug 1199255SUSE bug 1200084cpe:/o:opensuse:leap-micro:5.2CVE-2021-4157openSUSE Leap Micro 5.2
An out of memory bounds write flaw (1 or 2 bytes of memory) in the Linux kernel NFS subsystem was found in the way users use mirroring (replication of files with NFS). A user, having access to the NFS mount, could potentially use this flaw to crash the system or escalate privileges on the system.
LowCVE-2021-4157SUSE bug 1194013cpe:/o:opensuse:leap-micro:5.2CVE-2021-4203openSUSE Leap Micro 5.2
A use-after-free read flaw was found in sock_getsockopt() in net/core/sock.c due to SO_PEERCRED and SO_PEERGROUPS race with listen() (and connect()) in the Linux kernel. In this flaw, an attacker with a user privileges may crash the system or leak internal kernel information.
ModerateCVE-2021-4203SUSE bug 1194535cpe:/o:opensuse:leap-micro:5.2CVE-2021-42523openSUSE Leap Micro 5.2
There are two Information Disclosure vulnerabilities in colord, and they lie in colord/src/cd-device-db.c and colord/src/cd-profile-db.c separately. They exist because the 'err_msg' of 'sqlite3_exec' is not releasing after use, while libxml2 emphasizes that the caller needs to release it.
LowCVE-2021-42523SUSE bug 1202802cpe:/o:opensuse:leap-micro:5.2CVE-2021-44648openSUSE Leap Micro 5.2
GNOME gdk-pixbuf 2.42.6 is vulnerable to a heap-buffer overflow vulnerability when decoding the lzw compressed stream of image data in GIF files with lzw minimum code size equals to 12.
ImportantCVE-2021-44648SUSE bug 1194633cpe:/o:opensuse:leap-micro:5.2CVE-2021-46828openSUSE Leap Micro 5.2
In libtirpc before 1.3.3rc1, remote attackers could exhaust the file descriptors of a process that uses libtirpc because idle TCP connections are mishandled. This can, in turn, lead to an svc_run infinite loop without accepting new connections.
ImportantCVE-2021-46828SUSE bug 1201680SUSE bug 1206259SUSE bug 1209708cpe:/o:opensuse:leap-micro:5.2CVE-2021-46829openSUSE Leap Micro 5.2
GNOME GdkPixbuf (aka GDK-PixBuf) before 2.42.8 allows a heap-based buffer overflow when compositing or clearing frames in GIF files, as demonstrated by io-gif-animation.c composite_frame. This overflow is controllable and could be abused for code execution, especially on 32-bit systems.
ModerateCVE-2021-46829SUSE bug 1201826cpe:/o:opensuse:leap-micro:5.2CVE-2021-46848openSUSE Leap Micro 5.2
GNU Libtasn1 before 4.19.0 has an ETYPE_OK off-by-one array size check that affects asn1_encode_simple_der.
CriticalCVE-2021-46848SUSE bug 1204690SUSE bug 1205081SUSE bug 1205311SUSE bug 1208025cpe:/o:opensuse:leap-micro:5.2CVE-2022-0168openSUSE Leap Micro 5.2
A denial of service (DOS) issue was found in the Linux kernel’s smb2_ioctl_query_info function in the fs/cifs/smb2ops.c Common Internet File System (CIFS) due to an incorrect return from the memdup_user function. This flaw allows a local, privileged (CAP_SYS_ADMIN) attacker to crash the system.
ModerateCVE-2022-0168SUSE bug 1197472cpe:/o:opensuse:leap-micro:5.2CVE-2022-0216openSUSE Leap Micro 5.2
A use-after-free vulnerability was found in the LSI53C895A SCSI Host Bus Adapter emulation of QEMU. The flaw occurs while processing repeated messages to cancel the current SCSI request via the lsi_do_msgout function. This flaw allows a malicious privileged user within the guest to crash the QEMU process on the host, resulting in a denial of service.
ModerateCVE-2022-0216SUSE bug 1198038cpe:/o:opensuse:leap-micro:5.2CVE-2022-0561openSUSE Leap Micro 5.2
Null source pointer passed as an argument to memcpy() function within TIFFFetchStripThing() in tif_dirread.c in libtiff versions from 3.9.0 to 4.3.0 could lead to Denial of Service via crafted TIFF file. For users that compile libtiff from sources, the fix is available with commit eecb0712.
ModerateCVE-2022-0561SUSE bug 1195964cpe:/o:opensuse:leap-micro:5.2CVE-2022-0670openSUSE Leap Micro 5.2
A flaw was found in Openstack manilla owning a Ceph File system "share", which enables the owner to read/write any manilla share or entire file system. The vulnerability is due to a bug in the "volumes" plugin in Ceph Manager. This allows an attacker to compromise Confidentiality and Integrity of a file system. Fixed in RHCS 5.2 and Ceph 17.2.2.
ImportantCVE-2022-0670SUSE bug 1201837cpe:/o:opensuse:leap-micro:5.2CVE-2022-1012openSUSE Leap Micro 5.2
A memory leak problem was found in the TCP source port generation algorithm in net/ipv4/tcp.c due to the small table perturb size. This flaw may allow an attacker to information leak and may cause a denial of service problem.
ModerateCVE-2022-1012SUSE bug 1199482SUSE bug 1199694SUSE bug 1202335cpe:/o:opensuse:leap-micro:5.2CVE-2022-1050openSUSE Leap Micro 5.2
A flaw was found in the QEMU implementation of VMWare's paravirtual RDMA device. This flaw allows a crafted guest driver to execute HW commands when shared buffers are not yet allocated, potentially leading to a use-after-free condition.
ImportantCVE-2022-1050SUSE bug 1197653cpe:/o:opensuse:leap-micro:5.2CVE-2022-1116openSUSE Leap Micro 5.2
Integer Overflow or Wraparound vulnerability in io_uring of Linux Kernel allows local attacker to cause memory corruption and escalate privileges to root. This issue affects: Linux Kernel versions prior to 5.4.189; version 5.4.24 and later versions.
ImportantCVE-2022-1116SUSE bug 1199647SUSE bug 1199648SUSE bug 1209225cpe:/o:opensuse:leap-micro:5.2CVE-2022-1184openSUSE Leap Micro 5.2
A use-after-free flaw was found in fs/ext4/namei.c:dx_insert_block() in the Linux kernel’s filesystem sub-component. This flaw allows a local attacker with a user privilege to cause a denial of service.
ModerateCVE-2022-1184SUSE bug 1198577SUSE bug 1210859cpe:/o:opensuse:leap-micro:5.2CVE-2022-1227openSUSE Leap Micro 5.2
A privilege escalation flaw was found in Podman. This flaw allows an attacker to publish a malicious image to a public registry. Once this image is downloaded by a potential victim, the vulnerability is triggered after a user runs the 'podman top' command. This action gives the attacker access to the host filesystem, leading to information disclosure or denial of service.
ImportantCVE-2022-1227SUSE bug 1182428cpe:/o:opensuse:leap-micro:5.2CVE-2022-1292openSUSE Leap Micro 5.2
The c_rehash script does not properly sanitise shell metacharacters to prevent command injection. This script is distributed by some operating systems in a manner where it is automatically executed. On such operating systems, an attacker could execute arbitrary commands with the privileges of the script. Use of the c_rehash script is considered obsolete and should be replaced by the OpenSSL rehash command line tool. Fixed in OpenSSL 3.0.3 (Affected 3.0.0,3.0.1,3.0.2). Fixed in OpenSSL 1.1.1o (Affected 1.1.1-1.1.1n). Fixed in OpenSSL 1.0.2ze (Affected 1.0.2-1.0.2zd).
ModerateCVE-2022-1292SUSE bug 1199166SUSE bug 1200550SUSE bug 1200650SUSE bug 1200758SUSE bug 1202688cpe:/o:opensuse:leap-micro:5.2CVE-2022-1462openSUSE Leap Micro 5.2
An out-of-bounds read flaw was found in the Linux kernel’s TeleTYpe subsystem. The issue occurs in how a user triggers a race condition using ioctls TIOCSPTLCK and TIOCGPTPEER and TIOCSTI and TCXONC with leakage of memory in the flush_to_ldisc function. This flaw allows a local user to crash the system or read unauthorized random data from memory.
ModerateCVE-2022-1462SUSE bug 1198829cpe:/o:opensuse:leap-micro:5.2CVE-2022-1586openSUSE Leap Micro 5.2
An out-of-bounds read vulnerability was discovered in the PCRE2 library in the compile_xclass_matchingpath() function of the pcre2_jit_compile.c file. This involves a unicode property matching issue in JIT-compiled regular expressions. The issue occurs because the character was not fully read in case-less matching within JIT.
ImportantCVE-2022-1586SUSE bug 1199232SUSE bug 1203032cpe:/o:opensuse:leap-micro:5.2CVE-2022-1587openSUSE Leap Micro 5.2
An out-of-bounds read vulnerability was discovered in the PCRE2 library in the get_recurse_data_length() function of the pcre2_jit_compile.c file. This issue affects recursions in JIT-compiled regular expressions caused by duplicate data transfers.
ImportantCVE-2022-1587SUSE bug 1199235SUSE bug 1201754SUSE bug 1203032cpe:/o:opensuse:leap-micro:5.2CVE-2022-1615openSUSE Leap Micro 5.2
In Samba, GnuTLS gnutls_rnd() can fail and give predictable random values.
ImportantCVE-2022-1615SUSE bug 1202976cpe:/o:opensuse:leap-micro:5.2CVE-2022-1652openSUSE Leap Micro 5.2
Linux Kernel could allow a local attacker to execute arbitrary code on the system, caused by a concurrency use-after-free flaw in the bad_flp_intr function. By executing a specially-crafted program, an attacker could exploit this vulnerability to execute arbitrary code or cause a denial of service condition on the system.
ModerateCVE-2022-1652SUSE bug 1199063SUSE bug 1200057SUSE bug 1200751SUSE bug 1201832SUSE bug 1204132SUSE bug 1212307cpe:/o:opensuse:leap-micro:5.2CVE-2022-1664openSUSE Leap Micro 5.2
Dpkg::Source::Archive in dpkg, the Debian package management system, before version 1.21.8, 1.20.10, 1.19.8, 1.18.26 is prone to a directory traversal vulnerability. When extracting untrusted source packages in v2 and v3 source package formats that include a debian.tar, the in-place extraction can lead to directory traversal situations on specially crafted orig.tar and debian.tar tarballs.
LowCVE-2022-1664SUSE bug 1199944cpe:/o:opensuse:leap-micro:5.2CVE-2022-1679openSUSE Leap Micro 5.2
A use-after-free flaw was found in the Linux kernel’s Atheros wireless adapter driver in the way a user forces the ath9k_htc_wait_for_target function to fail with some input messages. This flaw allows a local user to crash or potentially escalate their privileges on the system.
ModerateCVE-2022-1679SUSE bug 1199487SUSE bug 1201080SUSE bug 1201832SUSE bug 1204132SUSE bug 1212316cpe:/o:opensuse:leap-micro:5.2CVE-2022-1706openSUSE Leap Micro 5.2
A vulnerability was found in Ignition where ignition configs are accessible from unprivileged containers in VMs running on VMware products. This issue is only relevant in user environments where the Ignition config contains secrets. The highest threat from this vulnerability is to data confidentiality. Possible workaround is to not put secrets in the Ignition config.
ModerateCVE-2022-1706SUSE bug 1199524cpe:/o:opensuse:leap-micro:5.2CVE-2022-1708openSUSE Leap Micro 5.2
A vulnerability was found in CRI-O that causes memory or disk space exhaustion on the node for anyone with access to the Kube API. The ExecSync request runs commands in a container and logs the output of the command. This output is then read by CRI-O after command execution, and it is read in a manner where the entire file corresponding to the output of the command is read in. Thus, if the output of the command is large it is possible to exhaust the memory or the disk space of the node when CRI-O reads the output of the command. The highest threat from this vulnerability is system availability.
ModerateCVE-2022-1708SUSE bug 1200285cpe:/o:opensuse:leap-micro:5.2CVE-2022-1720openSUSE Leap Micro 5.2
Buffer Over-read in function grab_file_name in GitHub repository vim/vim prior to 8.2.4956. This vulnerability is capable of crashing the software, memory modification, and possible remote execution.
LowCVE-2022-1720SUSE bug 1200732cpe:/o:opensuse:leap-micro:5.2CVE-2022-1729openSUSE Leap Micro 5.2
A race condition was found the Linux kernel in perf_event_open() which can be exploited by an unprivileged user to gain root privileges. The bug allows to build several exploit primitives such as kernel address information leak, arbitrary execution, etc.
ImportantCVE-2022-1729SUSE bug 1199507SUSE bug 1199697SUSE bug 1201832cpe:/o:opensuse:leap-micro:5.2CVE-2022-1941openSUSE Leap Micro 5.2
A parsing vulnerability for the MessageSet type in the ProtocolBuffers versions prior to and including 3.16.1, 3.17.3, 3.18.2, 3.19.4, 3.20.1 and 3.21.5 for protobuf-cpp, and versions prior to and including 3.16.1, 3.17.3, 3.18.2, 3.19.4, 3.20.1 and 4.21.5 for protobuf-python can lead to out of memory failures. A specially crafted message with multiple key-value per elements creates parsing issues, and can lead to a Denial of Service against services receiving unsanitized input. We recommend upgrading to versions 3.18.3, 3.19.5, 3.20.2, 3.21.6 for protobuf-cpp and 3.18.3, 3.19.5, 3.20.2, 4.21.6 for protobuf-python. Versions for 3.16 and 3.17 are no longer updated.
ModerateCVE-2022-1941SUSE bug 1203681SUSE bug 1205141cpe:/o:opensuse:leap-micro:5.2CVE-2022-1966openSUSE Leap Micro 5.2
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2022-32250. Reason: This candidate is a duplicate of CVE-2022-32250. Notes: All CVE users should reference CVE-2022-32250 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage.
ImportantCVE-2022-1966SUSE bug 1200015SUSE bug 1200268SUSE bug 1200494SUSE bug 1200529cpe:/o:opensuse:leap-micro:5.2CVE-2022-1968openSUSE Leap Micro 5.2
Use After Free in GitHub repository vim/vim prior to 8.2.
ModerateCVE-2022-1968SUSE bug 1200270cpe:/o:opensuse:leap-micro:5.2CVE-2022-1972openSUSE Leap Micro 5.2
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2022-2078. Reason: This candidate is a reservation duplicate of CVE-2022-2078. Notes: All CVE users should reference CVE-2022-2078 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage.
ModerateCVE-2022-1972SUSE bug 1200019SUSE bug 1200266cpe:/o:opensuse:leap-micro:5.2CVE-2022-1974openSUSE Leap Micro 5.2
A use-after-free flaw was found in the Linux kernel's NFC core functionality due to a race condition between kobject creation and delete. This vulnerability allows a local attacker with CAP_NET_ADMIN privilege to leak kernel information.
ModerateCVE-2022-1974SUSE bug 1200144SUSE bug 1200265cpe:/o:opensuse:leap-micro:5.2CVE-2022-1975openSUSE Leap Micro 5.2
There is a sleep-in-atomic bug in /net/nfc/netlink.c that allows an attacker to crash the Linux kernel by simulating a nfc device from user-space.
ModerateCVE-2022-1975SUSE bug 1200143cpe:/o:opensuse:leap-micro:5.2CVE-2022-20008openSUSE Leap Micro 5.2
In mmc_blk_read_single of block.c, there is a possible way to read kernel heap memory due to uninitialized data. This could lead to local information disclosure if reading from an SD card that triggers errors, with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-216481035References: Upstream kernel
ModerateCVE-2022-20008SUSE bug 1199564cpe:/o:opensuse:leap-micro:5.2CVE-2022-20132openSUSE Leap Micro 5.2
In lg_probe and related functions of hid-lg.c and other USB HID files, there is a possible out of bounds read due to improper input validation. This could lead to local information disclosure if a malicious USB HID device were plugged in, with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-188677105References: Upstream kernel
ModerateCVE-2022-20132SUSE bug 1200619SUSE bug 1212287cpe:/o:opensuse:leap-micro:5.2CVE-2022-20141openSUSE Leap Micro 5.2
In ip_check_mc_rcu of igmp.c, there is a possible use after free due to improper locking. This could lead to local escalation of privilege when opening and closing inet sockets with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-112551163References: Upstream kernel
ModerateCVE-2022-20141SUSE bug 1200604SUSE bug 1200605SUSE bug 1203034cpe:/o:opensuse:leap-micro:5.2CVE-2022-20154openSUSE Leap Micro 5.2
In lock_sock_nested of sock.c, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-174846563References: Upstream kernel
ModerateCVE-2022-20154SUSE bug 1200599SUSE bug 1200608cpe:/o:opensuse:leap-micro:5.2CVE-2022-20166openSUSE Leap Micro 5.2
In various methods of kernel base drivers, there is a possible out of bounds write due to a heap buffer overflow. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-182388481References: Upstream kernel
ModerateCVE-2022-20166SUSE bug 1200598SUSE bug 1212284cpe:/o:opensuse:leap-micro:5.2CVE-2022-2031openSUSE Leap Micro 5.2
A flaw was found in Samba. The security vulnerability occurs when KDC and the kpasswd service share a single account and set of keys, allowing them to decrypt each other's tickets. A user who has been requested to change their password, can exploit this flaw to obtain and use tickets to other services.
ImportantCVE-2022-2031SUSE bug 1201495SUSE bug 1202815SUSE bug 1202999SUSE bug 1205061SUSE bug 1208433SUSE bug 1209664cpe:/o:opensuse:leap-micro:5.2CVE-2022-20368openSUSE Leap Micro 5.2
Product: AndroidVersions: Android kernelAndroid ID: A-224546354References: Upstream kernel
ModerateCVE-2022-20368SUSE bug 1202346SUSE bug 1212311cpe:/o:opensuse:leap-micro:5.2CVE-2022-20369openSUSE Leap Micro 5.2
In v4l2_m2m_querybuf of v4l2-mem2mem.c, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-223375145References: Upstream kernel
ModerateCVE-2022-20369SUSE bug 1202347SUSE bug 1212321cpe:/o:opensuse:leap-micro:5.2CVE-2022-2056openSUSE Leap Micro 5.2
Divide By Zero error in tiffcrop in libtiff 4.4.0 allows attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit f3a5e010.
LowCVE-2022-2056SUSE bug 1201176cpe:/o:opensuse:leap-micro:5.2CVE-2022-2057openSUSE Leap Micro 5.2
Divide By Zero error in tiffcrop in libtiff 4.4.0 allows attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit f3a5e010.
LowCVE-2022-2057SUSE bug 1201175cpe:/o:opensuse:leap-micro:5.2CVE-2022-2058openSUSE Leap Micro 5.2
Divide By Zero error in tiffcrop in libtiff 4.4.0 allows attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit f3a5e010.
LowCVE-2022-2058SUSE bug 1201174SUSE bug 1201175SUSE bug 1201176cpe:/o:opensuse:leap-micro:5.2CVE-2022-2068openSUSE Leap Micro 5.2
In addition to the c_rehash shell command injection identified in CVE-2022-1292, further circumstances where the c_rehash script does not properly sanitise shell metacharacters to prevent command injection were found by code review. When the CVE-2022-1292 was fixed it was not discovered that there are other places in the script where the file names of certificates being hashed were possibly passed to a command executed through the shell. This script is distributed by some operating systems in a manner where it is automatically executed. On such operating systems, an attacker could execute arbitrary commands with the privileges of the script. Use of the c_rehash script is considered obsolete and should be replaced by the OpenSSL rehash command line tool. Fixed in OpenSSL 3.0.4 (Affected 3.0.0,3.0.1,3.0.2,3.0.3). Fixed in OpenSSL 1.1.1p (Affected 1.1.1-1.1.1o). Fixed in OpenSSL 1.0.2zf (Affected 1.0.2-1.0.2ze).
ModerateCVE-2022-2068SUSE bug 1200550SUSE bug 1207568cpe:/o:opensuse:leap-micro:5.2CVE-2022-2097openSUSE Leap Micro 5.2
AES OCB mode for 32-bit x86 platforms using the AES-NI assembly optimised implementation will not encrypt the entirety of the data under some circumstances. This could reveal sixteen bytes of data that was preexisting in the memory that wasn't written. In the special case of "in place" encryption, sixteen bytes of the plaintext would be revealed. Since OpenSSL does not support OCB based cipher suites for TLS and DTLS, they are both unaffected. Fixed in OpenSSL 3.0.5 (Affected 3.0.0-3.0.4). Fixed in OpenSSL 1.1.1q (Affected 1.1.1-1.1.1p).
ImportantCVE-2022-2097SUSE bug 1201099SUSE bug 1201332cpe:/o:opensuse:leap-micro:5.2CVE-2022-21123openSUSE Leap Micro 5.2
Incomplete cleanup of multi-core shared buffers for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.
ModerateCVE-2022-21123SUSE bug 1199650SUSE bug 1200549SUSE bug 1209075cpe:/o:opensuse:leap-micro:5.2CVE-2022-21125openSUSE Leap Micro 5.2
Incomplete cleanup of microarchitectural fill buffers on some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.
ModerateCVE-2022-21125SUSE bug 1199650SUSE bug 1200549SUSE bug 1209074cpe:/o:opensuse:leap-micro:5.2CVE-2022-21127openSUSE Leap Micro 5.2
Incomplete cleanup in specific special register read operations for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.
ModerateCVE-2022-21127SUSE bug 1199650SUSE bug 1200549cpe:/o:opensuse:leap-micro:5.2CVE-2022-21166openSUSE Leap Micro 5.2
Incomplete cleanup in specific special register write operations for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.
ModerateCVE-2022-21166SUSE bug 1199650SUSE bug 1200549SUSE bug 1209073cpe:/o:opensuse:leap-micro:5.2CVE-2022-21180openSUSE Leap Micro 5.2
Improper input validation for some Intel(R) Processors may allow an authenticated user to potentially cause a denial of service via local access.
ModerateCVE-2022-21180SUSE bug 1199650SUSE bug 1200549SUSE bug 1212313cpe:/o:opensuse:leap-micro:5.2CVE-2022-21216openSUSE Leap Micro 5.2
Insufficient granularity of access control in out-of-band management in some Intel(R) Atom and Intel Xeon Scalable Processors may allow a privileged user to potentially enable escalation of privilege via adjacent network access.
ImportantCVE-2022-21216SUSE bug 1208277SUSE bug 1209936SUSE bug 1211490SUSE bug 1211511SUSE bug 1213820cpe:/o:opensuse:leap-micro:5.2CVE-2022-21233openSUSE Leap Micro 5.2
Improper isolation of shared resources in some Intel(R) Processors may allow a privileged user to potentially enable information disclosure via local access.
ModerateCVE-2022-21233SUSE bug 1201727cpe:/o:opensuse:leap-micro:5.2CVE-2022-2124openSUSE Leap Micro 5.2
Buffer Over-read in GitHub repository vim/vim prior to 8.2.
LowCVE-2022-2124SUSE bug 1200697cpe:/o:opensuse:leap-micro:5.2CVE-2022-2125openSUSE Leap Micro 5.2
Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2.
LowCVE-2022-2125SUSE bug 1200698SUSE bug 1205395cpe:/o:opensuse:leap-micro:5.2CVE-2022-2126openSUSE Leap Micro 5.2
Out-of-bounds Read in GitHub repository vim/vim prior to 8.2.
LowCVE-2022-2126SUSE bug 1200700cpe:/o:opensuse:leap-micro:5.2CVE-2022-2129openSUSE Leap Micro 5.2
Out-of-bounds Write in GitHub repository vim/vim prior to 8.2.
LowCVE-2022-2129SUSE bug 1200701cpe:/o:opensuse:leap-micro:5.2CVE-2022-21505openSUSE Leap Micro 5.2
** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
ModerateCVE-2022-21505SUSE bug 1201458cpe:/o:opensuse:leap-micro:5.2CVE-2022-2153openSUSE Leap Micro 5.2
A flaw was found in the Linux kernel’s KVM when attempting to set a SynIC IRQ. This issue makes it possible for a misbehaving VMM to write to SYNIC/STIMER MSRs, causing a NULL pointer dereference. This flaw allows an unprivileged local attacker on the host to issue specific ioctl calls, causing a kernel oops condition that results in a denial of service.
ModerateCVE-2022-2153SUSE bug 1200788cpe:/o:opensuse:leap-micro:5.2CVE-2022-21698openSUSE Leap Micro 5.2
client_golang is the instrumentation library for Go applications in Prometheus, and the promhttp package in client_golang provides tooling around HTTP servers and clients. In client_golang prior to version 1.11.1, HTTP server is susceptible to a Denial of Service through unbounded cardinality, and potential memory exhaustion, when handling requests with non-standard HTTP methods. In order to be affected, an instrumented software must use any of `promhttp.InstrumentHandler*` middleware except `RequestsInFlight`; not filter any specific methods (e.g GET) before middleware; pass metric with `method` label name to our middleware; and not have any firewall/LB/proxy that filters away requests with unknown `method`. client_golang version 1.11.1 contains a patch for this issue. Several workarounds are available, including removing the `method` label name from counter/gauge used in the InstrumentHandler; turning off affected promhttp handlers; adding custom middleware before promhttp handler that will sanitize the request method given by Go http.Request; and using a reverse proxy or web application firewall, configured to only allow a limited set of methods.
ImportantCVE-2022-21698SUSE bug 1196338cpe:/o:opensuse:leap-micro:5.2CVE-2022-2175openSUSE Leap Micro 5.2
Buffer Over-read in GitHub repository vim/vim prior to 8.2.
ModerateCVE-2022-2175SUSE bug 1200904cpe:/o:opensuse:leap-micro:5.2CVE-2022-2182openSUSE Leap Micro 5.2
Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2.
ModerateCVE-2022-2182SUSE bug 1200903cpe:/o:opensuse:leap-micro:5.2CVE-2022-2183openSUSE Leap Micro 5.2
Out-of-bounds Read in GitHub repository vim/vim prior to 8.2.
ModerateCVE-2022-2183SUSE bug 1200902cpe:/o:opensuse:leap-micro:5.2CVE-2022-2206openSUSE Leap Micro 5.2
Out-of-bounds Read in GitHub repository vim/vim prior to 8.2.
ModerateCVE-2022-2206SUSE bug 1201155cpe:/o:opensuse:leap-micro:5.2CVE-2022-2207openSUSE Leap Micro 5.2
Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2.
ModerateCVE-2022-2207SUSE bug 1201153cpe:/o:opensuse:leap-micro:5.2CVE-2022-2208openSUSE Leap Micro 5.2
NULL Pointer Dereference in GitHub repository vim/vim prior to 8.2.5163.
LowCVE-2022-2208SUSE bug 1201152cpe:/o:opensuse:leap-micro:5.2CVE-2022-2210openSUSE Leap Micro 5.2
Out-of-bounds Write in GitHub repository vim/vim prior to 8.2.
ModerateCVE-2022-2210SUSE bug 1201151cpe:/o:opensuse:leap-micro:5.2CVE-2022-2231openSUSE Leap Micro 5.2
NULL Pointer Dereference in GitHub repository vim/vim prior to 8.2.
LowCVE-2022-2231SUSE bug 1201150cpe:/o:opensuse:leap-micro:5.2CVE-2022-2257openSUSE Leap Micro 5.2
Out-of-bounds Read in GitHub repository vim/vim prior to 9.0.
LowCVE-2022-2257SUSE bug 1201154cpe:/o:opensuse:leap-micro:5.2CVE-2022-2264openSUSE Leap Micro 5.2
Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.
LowCVE-2022-2264SUSE bug 1201132cpe:/o:opensuse:leap-micro:5.2CVE-2022-2284openSUSE Leap Micro 5.2
Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.
LowCVE-2022-2284SUSE bug 1201133cpe:/o:opensuse:leap-micro:5.2CVE-2022-2285openSUSE Leap Micro 5.2
Integer Overflow or Wraparound in GitHub repository vim/vim prior to 9.0.
ModerateCVE-2022-2285SUSE bug 1201134cpe:/o:opensuse:leap-micro:5.2CVE-2022-2286openSUSE Leap Micro 5.2
Out-of-bounds Read in GitHub repository vim/vim prior to 9.0.
LowCVE-2022-2286SUSE bug 1201135cpe:/o:opensuse:leap-micro:5.2CVE-2022-2287openSUSE Leap Micro 5.2
Out-of-bounds Read in GitHub repository vim/vim prior to 9.0.
LowCVE-2022-2287SUSE bug 1201136cpe:/o:opensuse:leap-micro:5.2CVE-2022-22967openSUSE Leap Micro 5.2
An issue was discovered in SaltStack Salt in versions before 3002.9, 3003.5, 3004.2. PAM auth fails to reject locked accounts, which allows a previously authorized user whose account is locked still run Salt commands when their account is locked. This affects both local shell accounts with an active session and salt-api users that authenticate via PAM eauth.
ImportantCVE-2022-22967SUSE bug 1200566cpe:/o:opensuse:leap-micro:5.2CVE-2022-2304openSUSE Leap Micro 5.2
Stack-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.
ModerateCVE-2022-2304SUSE bug 1201249cpe:/o:opensuse:leap-micro:5.2CVE-2022-2318openSUSE Leap Micro 5.2
There are use-after-free vulnerabilities caused by timer handler in net/rose/rose_timer.c of linux that allow attackers to crash linux kernel without any privileges.
ModerateCVE-2022-2318SUSE bug 1201251SUSE bug 1212303cpe:/o:opensuse:leap-micro:5.2CVE-2022-23303openSUSE Leap Micro 5.2
The implementations of SAE in hostapd before 2.10 and wpa_supplicant before 2.10 are vulnerable to side channel attacks as a result of cache access patterns. NOTE: this issue exists because of an incomplete fix for CVE-2019-9494.
ImportantCVE-2022-23303SUSE bug 1194732SUSE bug 1205064cpe:/o:opensuse:leap-micro:5.2CVE-2022-23304openSUSE Leap Micro 5.2
The implementations of EAP-pwd in hostapd before 2.10 and wpa_supplicant before 2.10 are vulnerable to side-channel attacks as a result of cache access patterns. NOTE: this issue exists because of an incomplete fix for CVE-2019-9495.
ImportantCVE-2022-23304SUSE bug 1194733SUSE bug 1205064cpe:/o:opensuse:leap-micro:5.2CVE-2022-2343openSUSE Leap Micro 5.2
Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0044.
ModerateCVE-2022-2343SUSE bug 1201356cpe:/o:opensuse:leap-micro:5.2CVE-2022-2344openSUSE Leap Micro 5.2
Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0045.
ModerateCVE-2022-2344SUSE bug 1201359cpe:/o:opensuse:leap-micro:5.2CVE-2022-2345openSUSE Leap Micro 5.2
Use After Free in GitHub repository vim/vim prior to 9.0.0046.
ModerateCVE-2022-2345SUSE bug 1201363cpe:/o:opensuse:leap-micro:5.2CVE-2022-23471openSUSE Leap Micro 5.2
containerd is an open source container runtime. A bug was found in containerd's CRI implementation where a user can exhaust memory on the host. In the CRI stream server, a goroutine is launched to handle terminal resize events if a TTY is requested. If the user's process fails to launch due to, for example, a faulty command, the goroutine will be stuck waiting to send without a receiver, resulting in a memory leak. Kubernetes and crictl can both be configured to use containerd's CRI implementation and the stream server is used for handling container IO. This bug has been fixed in containerd 1.6.12 and 1.5.16. Users should update to these versions to resolve the issue. Users unable to upgrade should ensure that only trusted images and commands are used and that only trusted users have permissions to execute commands in running containers.
ModerateCVE-2022-23471SUSE bug 1206235cpe:/o:opensuse:leap-micro:5.2CVE-2022-23491openSUSE Leap Micro 5.2
Certifi is a curated collection of Root Certificates for validating the trustworthiness of SSL certificates while verifying the identity of TLS hosts. Certifi 2022.12.07 removes root certificates from "TrustCor" from the root store. These are in the process of being removed from Mozilla's trust store. TrustCor's root certificates are being removed pursuant to an investigation prompted by media reporting that TrustCor's ownership also operated a business that produced spyware. Conclusions of Mozilla's investigation can be found in the linked google group discussion.
ModerateCVE-2022-23491SUSE bug 1206212SUSE bug 1207038cpe:/o:opensuse:leap-micro:5.2CVE-2022-23816openSUSE Leap Micro 5.2
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate is unused by its CNA. Notes: none.
ModerateCVE-2022-23816SUSE bug 1201456SUSE bug 1201469cpe:/o:opensuse:leap-micro:5.2CVE-2022-23824openSUSE Leap Micro 5.2
IBPB may not prevent return branch predictions from being specified by pre-IBPB branch targets leading to a potential information disclosure.
ModerateCVE-2022-23824SUSE bug 1205209cpe:/o:opensuse:leap-micro:5.2CVE-2022-23825openSUSE Leap Micro 5.2
Aliases in the branch predictor may cause some AMD processors to predict the wrong branch type potentially leading to information disclosure.
ModerateCVE-2022-23825SUSE bug 1201457SUSE bug 1201469SUSE bug 1205209cpe:/o:opensuse:leap-micro:5.2CVE-2022-24795openSUSE Leap Micro 5.2
yajl-ruby is a C binding to the YAJL JSON parsing and generation library. The 1.x branch and the 2.x branch of `yajl` contain an integer overflow which leads to subsequent heap memory corruption when dealing with large (~2GB) inputs. The reallocation logic at `yajl_buf.c#L64` may result in the `need` 32bit integer wrapping to 0 when `need` approaches a value of 0x80000000 (i.e. ~2GB of data), which results in a reallocation of buf->alloc into a small heap chunk. These integers are declared as `size_t` in the 2.x branch of `yajl`, which practically prevents the issue from triggering on 64bit platforms, however this does not preclude this issue triggering on 32bit builds on which `size_t` is a 32bit integer. Subsequent population of this under-allocated heap chunk is based on the original buffer size, leading to heap memory corruption. This vulnerability mostly impacts process availability. Maintainers believe exploitation for arbitrary code execution is unlikely. A patch is available and anticipated to be part of yajl-ruby version 1.4.2. As a workaround, avoid passing large inputs to YAJL.
ModerateCVE-2022-24795SUSE bug 1198405cpe:/o:opensuse:leap-micro:5.2CVE-2022-2503openSUSE Leap Micro 5.2
Dm-verity is used for extending root-of-trust to root filesystems. LoadPin builds on this property to restrict module/firmware loads to just the trusted root filesystem. Device-mapper table reloads currently allow users with root privileges to switch out the target with an equivalent dm-linear target and bypass verification till reboot. This allows root to bypass LoadPin and can be used to load untrusted and unverified kernel modules and firmware, which implies arbitrary kernel execution and persistence for peripherals that do not verify firmware updates. We recommend upgrading past commit 4caae58406f8ceb741603eee460d79bacca9b1b5
ModerateCVE-2022-2503SUSE bug 1202677cpe:/o:opensuse:leap-micro:5.2CVE-2022-2509openSUSE Leap Micro 5.2
A vulnerability found in gnutls. This security flaw happens because of a double free error occurs during verification of pkcs7 signatures in gnutls_pkcs7_verify function.
ImportantCVE-2022-2509SUSE bug 1202020SUSE bug 1202593cpe:/o:opensuse:leap-micro:5.2CVE-2022-2519openSUSE Leap Micro 5.2
There is a double free or corruption in rotateImage() at tiffcrop.c:8839 found in libtiff 4.4.0rc1
ImportantCVE-2022-2519SUSE bug 1202968SUSE bug 1205505cpe:/o:opensuse:leap-micro:5.2CVE-2022-2520openSUSE Leap Micro 5.2
A flaw was found in libtiff 4.4.0rc1. There is a sysmalloc assertion fail in rotateImage() at tiffcrop.c:8621 that can cause program crash when reading a crafted input.
ModerateCVE-2022-2520SUSE bug 1202973cpe:/o:opensuse:leap-micro:5.2CVE-2022-2521openSUSE Leap Micro 5.2
It was found in libtiff 4.4.0rc1 that there is an invalid pointer free operation in TIFFClose() at tif_close.c:131 called by tiffcrop.c:2522 that can cause a program crash and denial of service while processing crafted input.
ImportantCVE-2022-2521SUSE bug 1202971SUSE bug 1205505cpe:/o:opensuse:leap-micro:5.2CVE-2022-2522openSUSE Leap Micro 5.2
Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0061.
LowCVE-2022-2522SUSE bug 1201863cpe:/o:opensuse:leap-micro:5.2CVE-2022-2571openSUSE Leap Micro 5.2
Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0101.
ModerateCVE-2022-2571SUSE bug 1202046cpe:/o:opensuse:leap-micro:5.2CVE-2022-2580openSUSE Leap Micro 5.2
Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0102.
ModerateCVE-2022-2580SUSE bug 1202049cpe:/o:opensuse:leap-micro:5.2CVE-2022-2581openSUSE Leap Micro 5.2
Out-of-bounds Read in GitHub repository vim/vim prior to 9.0.0104.
LowCVE-2022-2581SUSE bug 1202050cpe:/o:opensuse:leap-micro:5.2CVE-2022-2586openSUSE Leap Micro 5.2
** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
ModerateCVE-2022-2586SUSE bug 1202095SUSE bug 1209719cpe:/o:opensuse:leap-micro:5.2CVE-2022-2588openSUSE Leap Micro 5.2
** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
ImportantCVE-2022-2588SUSE bug 1202096SUSE bug 1203613SUSE bug 1204183SUSE bug 1209225cpe:/o:opensuse:leap-micro:5.2CVE-2022-2598openSUSE Leap Micro 5.2
Out-of-bounds Write to API in GitHub repository vim/vim prior to 9.0.0100.
LowCVE-2022-2598SUSE bug 1202051cpe:/o:opensuse:leap-micro:5.2CVE-2022-2601openSUSE Leap Micro 5.2
A buffer overflow was found in grub_font_construct_glyph(). A malicious crafted pf2 font can lead to an overflow when calculating the max_glyph_size value, allocating a smaller than needed buffer for the glyph, this further leads to a buffer overflow and a heap based out-of-bounds write. An attacker may use this vulnerability to circumvent the secure boot mechanism.
ModerateCVE-2022-2601SUSE bug 1205178cpe:/o:opensuse:leap-micro:5.2CVE-2022-2602openSUSE Leap Micro 5.2
** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
ImportantCVE-2022-2602SUSE bug 1204228SUSE bug 1205186cpe:/o:opensuse:leap-micro:5.2CVE-2022-26362openSUSE Leap Micro 5.2
x86 pv: Race condition in typeref acquisition Xen maintains a type reference count for pages, in addition to a regular reference count. This scheme is used to maintain invariants required for Xen's safety, e.g. PV guests may not have direct writeable access to pagetables; updates need auditing by Xen. Unfortunately, the logic for acquiring a type reference has a race condition, whereby a safely TLB flush is issued too early and creates a window where the guest can re-establish the read/write mapping before writeability is prohibited.
ImportantCVE-2022-26362SUSE bug 1199965cpe:/o:opensuse:leap-micro:5.2CVE-2022-26363openSUSE Leap Micro 5.2
x86 pv: Insufficient care with non-coherent mappings T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Xen maintains a type reference count for pages, in addition to a regular reference count. This scheme is used to maintain invariants required for Xen's safety, e.g. PV guests may not have direct writeable access to pagetables; updates need auditing by Xen. Unfortunately, Xen's safety logic doesn't account for CPU-induced cache non-coherency; cases where the CPU can cause the content of the cache to be different to the content in main memory. In such cases, Xen's safety logic can incorrectly conclude that the contents of a page is safe.
ImportantCVE-2022-26363SUSE bug 1199966cpe:/o:opensuse:leap-micro:5.2CVE-2022-26364openSUSE Leap Micro 5.2
x86 pv: Insufficient care with non-coherent mappings T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Xen maintains a type reference count for pages, in addition to a regular reference count. This scheme is used to maintain invariants required for Xen's safety, e.g. PV guests may not have direct writeable access to pagetables; updates need auditing by Xen. Unfortunately, Xen's safety logic doesn't account for CPU-induced cache non-coherency; cases where the CPU can cause the content of the cache to be different to the content in main memory. In such cases, Xen's safety logic can incorrectly conclude that the contents of a page is safe.
ImportantCVE-2022-26364SUSE bug 1199966cpe:/o:opensuse:leap-micro:5.2CVE-2022-26365openSUSE Leap Micro 5.2
Linux disk/nic frontends data leaks T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Linux Block and Network PV device frontends don't zero memory regions before sharing them with the backend (CVE-2022-26365, CVE-2022-33740). Additionally the granularity of the grant table doesn't allow sharing less than a 4K page, leading to unrelated data residing in the same 4K page as data shared with a backend being accessible by such backend (CVE-2022-33741, CVE-2022-33742).
ModerateCVE-2022-26365SUSE bug 1200762cpe:/o:opensuse:leap-micro:5.2CVE-2022-26373openSUSE Leap Micro 5.2
Non-transparent sharing of return predictor targets between contexts in some Intel(R) Processors may allow an authorized user to potentially enable information disclosure via local access.
ModerateCVE-2022-26373SUSE bug 1201726SUSE bug 1209619cpe:/o:opensuse:leap-micro:5.2CVE-2022-2639openSUSE Leap Micro 5.2
An integer coercion error was found in the openvswitch kernel module. Given a sufficiently large number of actions, while copying and reserving memory for a new action of a new flow, the reserve_sfa_size() function does not return -EMSGSIZE as expected, potentially leading to an out-of-bounds write access. This flaw allows a local user to crash or potentially escalate their privileges on the system.
ModerateCVE-2022-2639SUSE bug 1202154cpe:/o:opensuse:leap-micro:5.2CVE-2022-2663openSUSE Leap Micro 5.2
An issue was found in the Linux kernel in nf_conntrack_irc where the message handling can be confused and incorrectly matches the message. A firewall may be able to be bypassed when users are using unencrypted IRC with nf_conntrack_irc configured.
ModerateCVE-2022-2663SUSE bug 1202097SUSE bug 1212299cpe:/o:opensuse:leap-micro:5.2CVE-2022-27191openSUSE Leap Micro 5.2
The golang.org/x/crypto/ssh package before 0.0.0-20220314234659-1baeb1ce4c0b for Go allows an attacker to crash a server in certain circumstances involving AddHostKey.
ImportantCVE-2022-27191SUSE bug 1197284cpe:/o:opensuse:leap-micro:5.2CVE-2022-27404openSUSE Leap Micro 5.2
FreeType commit 1e2eb65048f75c64b68708efed6ce904c31f3b2f was discovered to contain a heap buffer overflow via the function sfnt_init_face.
ModerateCVE-2022-27404SUSE bug 1198830cpe:/o:opensuse:leap-micro:5.2CVE-2022-27405openSUSE Leap Micro 5.2
FreeType commit 53dfdcd8198d2b3201a23c4bad9190519ba918db was discovered to contain a segmentation violation via the function FNT_Size_Request.
ModerateCVE-2022-27405SUSE bug 1198832cpe:/o:opensuse:leap-micro:5.2CVE-2022-27406openSUSE Leap Micro 5.2
FreeType commit 22a0cccb4d9d002f33c1ba7a4b36812c7d4f46b5 was discovered to contain a segmentation violation via the function FT_Request_Size.
ModerateCVE-2022-27406SUSE bug 1198823cpe:/o:opensuse:leap-micro:5.2CVE-2022-27649openSUSE Leap Micro 5.2
A flaw was found in Podman, where containers were started incorrectly with non-empty default permissions. A vulnerability was found in Moby (Docker Engine), where containers were started incorrectly with non-empty inheritable Linux process capabilities. This flaw allows an attacker with access to programs with inheritable file capabilities to elevate those capabilities to the permitted set when execve(2) runs.
ModerateCVE-2022-27649SUSE bug 1197909cpe:/o:opensuse:leap-micro:5.2CVE-2022-2816openSUSE Leap Micro 5.2
Out-of-bounds Read in GitHub repository vim/vim prior to 9.0.0212.
LowCVE-2022-2816SUSE bug 1202421SUSE bug 1203576cpe:/o:opensuse:leap-micro:5.2CVE-2022-2817openSUSE Leap Micro 5.2
Use After Free in GitHub repository vim/vim prior to 9.0.0213.
ModerateCVE-2022-2817SUSE bug 1202420cpe:/o:opensuse:leap-micro:5.2CVE-2022-2819openSUSE Leap Micro 5.2
Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0211.
ModerateCVE-2022-2819SUSE bug 1202414SUSE bug 1203576cpe:/o:opensuse:leap-micro:5.2CVE-2022-2845openSUSE Leap Micro 5.2
Improper Validation of Specified Quantity in Input in GitHub repository vim/vim prior to 9.0.0218.
LowCVE-2022-2845SUSE bug 1202515cpe:/o:opensuse:leap-micro:5.2CVE-2022-2849openSUSE Leap Micro 5.2
Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0220.
LowCVE-2022-2849SUSE bug 1202512cpe:/o:opensuse:leap-micro:5.2CVE-2022-2862openSUSE Leap Micro 5.2
Use After Free in GitHub repository vim/vim prior to 9.0.0221.
ModerateCVE-2022-2862SUSE bug 1202511cpe:/o:opensuse:leap-micro:5.2CVE-2022-2867openSUSE Leap Micro 5.2
libtiff's tiffcrop utility has a uint32_t underflow that can lead to out of bounds read and write. An attacker who supplies a crafted file to tiffcrop (likely via tricking a user to run tiffcrop on it with certain parameters) could cause a crash or in some cases, further exploitation.
LowCVE-2022-2867SUSE bug 1202466cpe:/o:opensuse:leap-micro:5.2CVE-2022-2868openSUSE Leap Micro 5.2
libtiff's tiffcrop utility has a improper input validation flaw that can lead to out of bounds read and ultimately cause a crash if an attacker is able to supply a crafted file to tiffcrop.
LowCVE-2022-2868SUSE bug 1202467cpe:/o:opensuse:leap-micro:5.2CVE-2022-2869openSUSE Leap Micro 5.2
libtiff's tiffcrop tool has a uint32_t underflow which leads to out of bounds read and write in the extractContigSamples8bits routine. An attacker who supplies a crafted file to tiffcrop could trigger this flaw, most likely by tricking a user into opening the crafted file with tiffcrop. Triggering this flaw could cause a crash or potentially further exploitation.
LowCVE-2022-2869SUSE bug 1202468cpe:/o:opensuse:leap-micro:5.2CVE-2022-28693openSUSE Leap Micro 5.2
** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
ModerateCVE-2022-28693SUSE bug 1201455cpe:/o:opensuse:leap-micro:5.2CVE-2022-28737openSUSE Leap Micro 5.2
There's a possible overflow in handle_image() when shim tries to load and execute crafted EFI executables; The handle_image() function takes into account the SizeOfRawData field from each section to be loaded. An attacker can leverage this to perform out-of-bound writes into memory. Arbitrary code execution is not discarded in such scenario.
ImportantCVE-2022-28737SUSE bug 1198458SUSE bug 1205065SUSE bug 1205066SUSE bug 1205831cpe:/o:opensuse:leap-micro:5.2CVE-2022-2874openSUSE Leap Micro 5.2
NULL Pointer Dereference in GitHub repository vim/vim prior to 9.0.0224.
LowCVE-2022-2874SUSE bug 1202552cpe:/o:opensuse:leap-micro:5.2CVE-2022-28748openSUSE Leap Micro 5.2
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2022-2964. Reason: This candidate is a reservation duplicate of CVE-2022-2964. Notes: All CVE users should reference CVE-2022-2964 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage.
LowCVE-2022-28748SUSE bug 1196018cpe:/o:opensuse:leap-micro:5.2CVE-2022-2889openSUSE Leap Micro 5.2
Use After Free in GitHub repository vim/vim prior to 9.0.0225.
ModerateCVE-2022-2889SUSE bug 1202599cpe:/o:opensuse:leap-micro:5.2CVE-2022-2905openSUSE Leap Micro 5.2
An out-of-bounds memory read flaw was found in the Linux kernel's BPF subsystem in how a user calls the bpf_tail_call function with a key larger than the max_entries of the map. This flaw allows a local user to gain unauthorized access to data.
ModerateCVE-2022-2905SUSE bug 1202860cpe:/o:opensuse:leap-micro:5.2CVE-2022-29154openSUSE Leap Micro 5.2
An issue was discovered in rsync before 3.2.5 that allows malicious remote servers to write arbitrary files inside the directories of connecting peers. The server chooses which files/directories are sent to the client. However, the rsync client performs insufficient validation of file names. A malicious rsync server (or Man-in-The-Middle attacker) can overwrite arbitrary files in the rsync client target directory and subdirectories (for example, overwrite the .ssh/authorized_keys file).
ImportantCVE-2022-29154SUSE bug 1201840SUSE bug 1202970SUSE bug 1202998SUSE bug 1203401SUSE bug 1203789SUSE bug 1204119SUSE bug 1205072cpe:/o:opensuse:leap-micro:5.2CVE-2022-2923openSUSE Leap Micro 5.2
NULL Pointer Dereference in GitHub repository vim/vim prior to 9.0.0240.
LowCVE-2022-2923SUSE bug 1202687cpe:/o:opensuse:leap-micro:5.2CVE-2022-29458openSUSE Leap Micro 5.2
ncurses 6.3 before patch 20220416 has an out-of-bounds read and segmentation violation in convert_strings in tinfo/read_entry.c in the terminfo library.
ModerateCVE-2022-29458SUSE bug 1198627cpe:/o:opensuse:leap-micro:5.2CVE-2022-2946openSUSE Leap Micro 5.2
Use After Free in GitHub repository vim/vim prior to 9.0.0246.
ModerateCVE-2022-2946SUSE bug 1202689cpe:/o:opensuse:leap-micro:5.2CVE-2022-29581openSUSE Leap Micro 5.2
Improper Update of Reference Count vulnerability in net/sched of Linux Kernel allows local attacker to cause privilege escalation to root. This issue affects: Linux Kernel versions prior to 5.18; version 4.14 and later versions.
ImportantCVE-2022-29581SUSE bug 1199665SUSE bug 1199695SUSE bug 1205313cpe:/o:opensuse:leap-micro:5.2CVE-2022-2964openSUSE Leap Micro 5.2
A flaw was found in the Linux kernel’s driver for the ASIX AX88179_178A-based USB 2.0/3.0 Gigabit Ethernet Devices. The vulnerability contains multiple out-of-bounds reads and possible out-of-bounds writes.
ImportantCVE-2022-2964SUSE bug 1202686SUSE bug 1203008SUSE bug 1208044cpe:/o:opensuse:leap-micro:5.2CVE-2022-2977openSUSE Leap Micro 5.2
A flaw was found in the Linux kernel implementation of proxied virtualized TPM devices. On a system where virtualized TPM devices are configured (this is not the default) a local attacker can create a use-after-free and create a situation where it may be possible to escalate privileges on the system.
ModerateCVE-2022-2977SUSE bug 1202672cpe:/o:opensuse:leap-micro:5.2CVE-2022-2978openSUSE Leap Micro 5.2
A flaw use after free in the Linux kernel NILFS file system was found in the way user triggers function security_inode_alloc to fail with following call to function nilfs_mdt_destroy. A local user could use this flaw to crash the system or potentially escalate their privileges on the system.
ModerateCVE-2022-2978SUSE bug 1202700SUSE bug 1204745cpe:/o:opensuse:leap-micro:5.2CVE-2022-2980openSUSE Leap Micro 5.2
NULL Pointer Dereference in GitHub repository vim/vim prior to 9.0.0259.
LowCVE-2022-2980SUSE bug 1203155cpe:/o:opensuse:leap-micro:5.2CVE-2022-2982openSUSE Leap Micro 5.2
Use After Free in GitHub repository vim/vim prior to 9.0.0260.
ModerateCVE-2022-2982SUSE bug 1203152cpe:/o:opensuse:leap-micro:5.2CVE-2022-29824openSUSE Leap Micro 5.2
In libxml2 before 2.9.14, several buffer handling functions in buf.c (xmlBuf*) and tree.c (xmlBuffer*) don't check for integer overflows. This can result in out-of-bounds memory writes. Exploitation requires a victim to open a crafted, multi-gigabyte XML file. Other software using libxml2's buffer functions, for example libxslt through 1.1.35, is affected as well.
ImportantCVE-2022-29824SUSE bug 1199132SUSE bug 1202878SUSE bug 1204121SUSE bug 1204131SUSE bug 1205069cpe:/o:opensuse:leap-micro:5.2CVE-2022-29869openSUSE Leap Micro 5.2
cifs-utils through 6.14, with verbose logging, can cause an information leak when a file contains = (equal sign) characters but is not a valid credentials file.
ModerateCVE-2022-29869SUSE bug 1198976cpe:/o:opensuse:leap-micro:5.2CVE-2022-2989openSUSE Leap Micro 5.2
An incorrect handling of the supplementary groups in the Podman container engine might lead to the sensitive information disclosure or possible data modification if an attacker has direct access to the affected container where supplementary groups are used to set access permissions and is able to execute a binary code in that container.
ModerateCVE-2022-2989SUSE bug 1202809cpe:/o:opensuse:leap-micro:5.2CVE-2022-2990openSUSE Leap Micro 5.2
An incorrect handling of the supplementary groups in the Buildah container engine might lead to the sensitive information disclosure or possible data modification if an attacker has direct access to the affected container where supplementary groups are used to set access permissions and is able to execute a binary code in that container.
ModerateCVE-2022-2990SUSE bug 1202812cpe:/o:opensuse:leap-micro:5.2CVE-2022-29900openSUSE Leap Micro 5.2
Mis-trained branch predictions for return instructions may allow arbitrary speculative code execution under certain microarchitecture-dependent conditions.
ModerateCVE-2022-29900SUSE bug 1199657SUSE bug 1201469SUSE bug 1207894cpe:/o:opensuse:leap-micro:5.2CVE-2022-29901openSUSE Leap Micro 5.2
Intel microprocessor generations 6 to 8 are affected by a new Spectre variant that is able to bypass their retpoline mitigation in the kernel to leak arbitrary data. An attacker with unprivileged user access can hijack return instructions to achieve arbitrary speculative code execution under certain microarchitecture-dependent conditions.
ModerateCVE-2022-29901SUSE bug 1201469SUSE bug 1207894cpe:/o:opensuse:leap-micro:5.2CVE-2022-3016openSUSE Leap Micro 5.2
Use After Free in GitHub repository vim/vim prior to 9.0.0286.
LowCVE-2022-3016SUSE bug 1202862cpe:/o:opensuse:leap-micro:5.2CVE-2022-3028openSUSE Leap Micro 5.2
A race condition was found in the Linux kernel's IP framework for transforming packets (XFRM subsystem) when multiple calls to xfrm_probe_algs occurred simultaneously. This flaw could allow a local attacker to potentially trigger an out-of-bounds write or leak kernel heap memory by performing an out-of-bounds read and copying it into a socket.
ModerateCVE-2022-3028SUSE bug 1202898SUSE bug 1212296cpe:/o:opensuse:leap-micro:5.2CVE-2022-3037openSUSE Leap Micro 5.2
Use After Free in GitHub repository vim/vim prior to 9.0.0322.
LowCVE-2022-3037SUSE bug 1202962cpe:/o:opensuse:leap-micro:5.2CVE-2022-30594openSUSE Leap Micro 5.2
The Linux kernel before 5.17.2 mishandles seccomp permissions. The PTRACE_SEIZE code path allows attackers to bypass intended restrictions on setting the PT_SUSPEND_SECCOMP flag.
ImportantCVE-2022-30594SUSE bug 1199505SUSE bug 1199602SUSE bug 1201549SUSE bug 1204132cpe:/o:opensuse:leap-micro:5.2CVE-2022-3099openSUSE Leap Micro 5.2
Use After Free in GitHub repository vim/vim prior to 9.0.0360.
ModerateCVE-2022-3099SUSE bug 1203110cpe:/o:opensuse:leap-micro:5.2CVE-2022-3105openSUSE Leap Micro 5.2
An issue was discovered in the Linux kernel through 5.16-rc6. uapi_finalize in drivers/infiniband/core/uverbs_uapi.c lacks check of kmalloc_array().
ModerateCVE-2022-3105SUSE bug 1206398cpe:/o:opensuse:leap-micro:5.2CVE-2022-3106openSUSE Leap Micro 5.2
An issue was discovered in the Linux kernel through 5.16-rc6. ef100_update_stats in drivers/net/ethernet/sfc/ef100_nic.c lacks check of the return value of kmalloc().
ModerateCVE-2022-3106SUSE bug 1206397cpe:/o:opensuse:leap-micro:5.2CVE-2022-3107openSUSE Leap Micro 5.2
An issue was discovered in the Linux kernel through 5.16-rc6. netvsc_get_ethtool_stats in drivers/net/hyperv/netvsc_drv.c lacks check of the return value of kvmalloc_array() and will cause the null pointer dereference.
ModerateCVE-2022-3107SUSE bug 1206395cpe:/o:opensuse:leap-micro:5.2CVE-2022-3108openSUSE Leap Micro 5.2
An issue was discovered in the Linux kernel through 5.16-rc6. kfd_parse_subtype_iolink in drivers/gpu/drm/amd/amdkfd/kfd_crat.c lacks check of the return value of kmemdup().
ModerateCVE-2022-3108SUSE bug 1206389cpe:/o:opensuse:leap-micro:5.2CVE-2022-3111openSUSE Leap Micro 5.2
An issue was discovered in the Linux kernel through 5.16-rc6. free_charger_irq() in drivers/power/supply/wm8350_power.c lacks free of WM8350_IRQ_CHG_FAST_RDY, which is registered in wm8350_init_charger().
ModerateCVE-2022-3111SUSE bug 1206394cpe:/o:opensuse:leap-micro:5.2CVE-2022-3112openSUSE Leap Micro 5.2
An issue was discovered in the Linux kernel through 5.16-rc6. amvdec_set_canvases in drivers/staging/media/meson/vdec/vdec_helpers.c lacks check of the return value of kzalloc() and will cause the null pointer dereference.
ModerateCVE-2022-3112SUSE bug 1206399cpe:/o:opensuse:leap-micro:5.2CVE-2022-3115openSUSE Leap Micro 5.2
An issue was discovered in the Linux kernel through 5.16-rc6. malidp_crtc_reset in drivers/gpu/drm/arm/malidp_crtc.c lacks check of the return value of kzalloc() and will cause the null pointer dereference.
ModerateCVE-2022-3115SUSE bug 1206393cpe:/o:opensuse:leap-micro:5.2CVE-2022-31252openSUSE Leap Micro 5.2
A Incorrect Authorization vulnerability in chkstat of SUSE Linux Enterprise Server 12-SP5; openSUSE Leap 15.3, openSUSE Leap 15.4, openSUSE Leap Micro 5.2 did not consider group writable path components, allowing local attackers with access to a group what can write to a location included in the path to a privileged binary to influence path resolution. This issue affects: SUSE Linux Enterprise Server 12-SP5 permissions versions prior to 20170707. openSUSE Leap 15.3 permissions versions prior to 20200127. openSUSE Leap 15.4 permissions versions prior to 20201225. openSUSE Leap Micro 5.2 permissions versions prior to 20181225.
ModerateCVE-2022-31252SUSE bug 1203018cpe:/o:opensuse:leap-micro:5.2CVE-2022-3134openSUSE Leap Micro 5.2
Use After Free in GitHub repository vim/vim prior to 9.0.0389.
LowCVE-2022-3134SUSE bug 1203194cpe:/o:opensuse:leap-micro:5.2CVE-2022-3153openSUSE Leap Micro 5.2
NULL Pointer Dereference in GitHub repository vim/vim prior to 9.0.0404.
ModerateCVE-2022-3153SUSE bug 1203272cpe:/o:opensuse:leap-micro:5.2CVE-2022-31676openSUSE Leap Micro 5.2
VMware Tools (12.0.0, 11.x.y and 10.x.y) contains a local privilege escalation vulnerability. A malicious actor with local non-administrative access to the Guest OS can escalate privileges as a root user in the virtual machine.
ImportantCVE-2022-31676SUSE bug 1202657SUSE bug 1202733SUSE bug 1202834SUSE bug 1202995SUSE bug 1204044SUSE bug 1205471cpe:/o:opensuse:leap-micro:5.2CVE-2022-3169openSUSE Leap Micro 5.2
A flaw was found in the Linux kernel. A denial of service flaw may occur if there is a consecutive request of the NVME_IOCTL_RESET and the NVME_IOCTL_SUBSYS_RESET through the device file of the driver, resulting in a PCIe link disconnect.
ModerateCVE-2022-3169SUSE bug 1203290cpe:/o:opensuse:leap-micro:5.2CVE-2022-3171openSUSE Leap Micro 5.2
A parsing issue with binary data in protobuf-java core and lite versions prior to 3.21.7, 3.20.3, 3.19.6 and 3.16.3 can lead to a denial of service attack. Inputs containing multiple instances of non-repeated embedded messages with repeated or unknown fields causes objects to be converted back-n-forth between mutable and immutable forms, resulting in potentially long garbage collection pauses. We recommend updating to the versions mentioned above.
ImportantCVE-2022-3171SUSE bug 1204256SUSE bug 1206544SUSE bug 1206545cpe:/o:opensuse:leap-micro:5.2CVE-2022-31741openSUSE Leap Micro 5.2
A crafted CMS message could have been processed incorrectly, leading to an invalid memory read, and potentially further memory corruption. This vulnerability affects Thunderbird < 91.10, Firefox < 101, and Firefox ESR < 91.10.
ImportantCVE-2022-31741cpe:/o:opensuse:leap-micro:5.2CVE-2022-3176openSUSE Leap Micro 5.2
There exists a use-after-free in io_uring in the Linux kernel. Signalfd_poll() and binder_poll() use a waitqueue whose lifetime is the current task. It will send a POLLFREE notification to all waiters before the queue is freed. Unfortunately, the io_uring poll doesn't handle POLLFREE. This allows a use-after-free to occur if a signalfd or binder fd is polled with io_uring poll, and the waitqueue gets freed. We recommend upgrading past commit fc78b2fc21f10c4c9c4d5d659a685710ffa63659
ImportantCVE-2022-3176SUSE bug 1203391SUSE bug 1203511cpe:/o:opensuse:leap-micro:5.2CVE-2022-32206openSUSE Leap Micro 5.2
curl < 7.84.0 supports "chained" HTTP compression algorithms, meaning that a serverresponse can be compressed multiple times and potentially with different algorithms. The number of acceptable "links" in this "decompression chain" was unbounded, allowing a malicious server to insert a virtually unlimited number of compression steps.The use of such a decompression chain could result in a "malloc bomb", makingcurl end up spending enormous amounts of allocated heap memory, or trying toand returning out of memory errors.
ModerateCVE-2022-32206SUSE bug 1200735SUSE bug 1207992cpe:/o:opensuse:leap-micro:5.2CVE-2022-32208openSUSE Leap Micro 5.2
When curl < 7.84.0 does FTP transfers secured by krb5, it handles message verification failures wrongly. This flaw makes it possible for a Man-In-The-Middle attack to go unnoticed and even allows it to inject data to the client.
ModerateCVE-2022-32208SUSE bug 1200737cpe:/o:opensuse:leap-micro:5.2CVE-2022-32221openSUSE Leap Micro 5.2
When doing HTTP(S) transfers, libcurl might erroneously use the read callback (`CURLOPT_READFUNCTION`) to ask for data to send, even when the `CURLOPT_POSTFIELDS` option has been set, if the same handle previously was used to issue a `PUT` request which used that callback. This flaw may surprise the application and cause it to misbehave and either send off the wrong data or use memory after free or similar in the subsequent `POST` request. The problem exists in the logic for a reused handle when it is changed from a PUT to a POST.
ImportantCVE-2022-32221SUSE bug 1204383SUSE bug 1205287SUSE bug 1205834SUSE bug 1206236SUSE bug 1208340SUSE bug 1211233cpe:/o:opensuse:leap-micro:5.2CVE-2022-32250openSUSE Leap Micro 5.2
net/netfilter/nf_tables_api.c in the Linux kernel through 5.18.1 allows a local user (able to create user/net namespaces) to escalate privileges to root because an incorrect NFT_STATEFUL_EXPR check leads to a use-after-free.
ImportantCVE-2022-32250SUSE bug 1200015SUSE bug 1200268SUSE bug 1200494SUSE bug 1202992SUSE bug 1202993SUSE bug 1203002cpe:/o:opensuse:leap-micro:5.2CVE-2022-32296openSUSE Leap Micro 5.2
The Linux kernel before 5.17.9 allows TCP servers to identify clients by observing what source ports are used. This occurs because of use of Algorithm 4 ("Double-Hash Port Selection Algorithm") of RFC 6056.
ModerateCVE-2022-32296SUSE bug 1200288cpe:/o:opensuse:leap-micro:5.2CVE-2022-3234openSUSE Leap Micro 5.2
Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0483.
ImportantCVE-2022-3234SUSE bug 1203508SUSE bug 1206240SUSE bug 1208002SUSE bug 1208308SUSE bug 1208651SUSE bug 1209329cpe:/o:opensuse:leap-micro:5.2CVE-2022-3235openSUSE Leap Micro 5.2
Use After Free in GitHub repository vim/vim prior to 9.0.0490.
LowCVE-2022-3235SUSE bug 1203509cpe:/o:opensuse:leap-micro:5.2CVE-2022-3239openSUSE Leap Micro 5.2
A flaw use after free in the Linux kernel video4linux driver was found in the way user triggers em28xx_usb_probe() for the Empia 28xx based TV cards. A local user could use this flaw to crash the system or potentially escalate their privileges on the system.
ModerateCVE-2022-3239SUSE bug 1203552cpe:/o:opensuse:leap-micro:5.2CVE-2022-32742openSUSE Leap Micro 5.2
A flaw was found in Samba. Some SMB1 write requests were not correctly range-checked to ensure the client had sent enough data to fulfill the write, allowing server memory contents to be written into the file (or printer) instead of client-supplied data. The client cannot control the area of the server memory written to the file (or printer).
ModerateCVE-2022-32742SUSE bug 1201496SUSE bug 1202815cpe:/o:opensuse:leap-micro:5.2CVE-2022-32743openSUSE Leap Micro 5.2
Samba does not validate the Validated-DNS-Host-Name right for the dNSHostName attribute which could permit unprivileged users to write it.
ModerateCVE-2022-32743SUSE bug 1202803SUSE bug 1209483cpe:/o:opensuse:leap-micro:5.2CVE-2022-32744openSUSE Leap Micro 5.2
A flaw was found in Samba. The KDC accepts kpasswd requests encrypted with any key known to it. By encrypting forged kpasswd requests with its own key, a user can change other users' passwords, enabling full domain takeover.
ImportantCVE-2022-32744SUSE bug 1201493SUSE bug 1202815SUSE bug 1209664cpe:/o:opensuse:leap-micro:5.2CVE-2022-32745openSUSE Leap Micro 5.2
A flaw was found in Samba. Samba AD users can cause the server to access uninitialized data with an LDAP add or modify the request, usually resulting in a segmentation fault.
ModerateCVE-2022-32745SUSE bug 1201492cpe:/o:opensuse:leap-micro:5.2CVE-2022-32746openSUSE Leap Micro 5.2
A flaw was found in the Samba AD LDAP server. The AD DC database audit logging module can access LDAP message values freed by a preceding database module, resulting in a use-after-free issue. This issue is only possible when modifying certain privileged attributes, such as userAccountControl.
ModerateCVE-2022-32746SUSE bug 1201490cpe:/o:opensuse:leap-micro:5.2CVE-2022-3278openSUSE Leap Micro 5.2
NULL Pointer Dereference in GitHub repository vim/vim prior to 9.0.0552.
LowCVE-2022-3278SUSE bug 1203799cpe:/o:opensuse:leap-micro:5.2CVE-2022-3296openSUSE Leap Micro 5.2
Stack-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0577.
ModerateCVE-2022-3296SUSE bug 1203796SUSE bug 1205395cpe:/o:opensuse:leap-micro:5.2CVE-2022-3297openSUSE Leap Micro 5.2
Use After Free in GitHub repository vim/vim prior to 9.0.0579.
ModerateCVE-2022-3297SUSE bug 1203797cpe:/o:opensuse:leap-micro:5.2CVE-2022-3303openSUSE Leap Micro 5.2
A race condition flaw was found in the Linux kernel sound subsystem due to improper locking. It could lead to a NULL pointer dereference while handling the SNDCTL_DSP_SYNC ioctl. A privileged local user (root or member of the audio group) could use this flaw to crash the system, resulting in a denial of service condition
ModerateCVE-2022-3303SUSE bug 1203769SUSE bug 1212304cpe:/o:opensuse:leap-micro:5.2CVE-2022-33068openSUSE Leap Micro 5.2
An integer overflow in the component hb-ot-shape-fallback.cc of Harfbuzz v4.3.0 allows attackers to cause a Denial of Service (DoS) via unspecified vectors.
ImportantCVE-2022-33068SUSE bug 1200900cpe:/o:opensuse:leap-micro:5.2CVE-2022-33196openSUSE Leap Micro 5.2
Incorrect default permissions in some memory controller configurations for some Intel(R) Xeon(R) Processors when using Intel(R) Software Guard Extensions which may allow a privileged user to potentially enable escalation of privilege via local access.
ImportantCVE-2022-33196SUSE bug 1208276SUSE bug 1209936SUSE bug 1211490SUSE bug 1211511SUSE bug 1213820cpe:/o:opensuse:leap-micro:5.2CVE-2022-3324openSUSE Leap Micro 5.2
Stack-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0598.
ModerateCVE-2022-3324SUSE bug 1203820SUSE bug 1205395SUSE bug 1206240cpe:/o:opensuse:leap-micro:5.2CVE-2022-3352openSUSE Leap Micro 5.2
Use After Free in GitHub repository vim/vim prior to 9.0.0614.
ModerateCVE-2022-3352SUSE bug 1203924cpe:/o:opensuse:leap-micro:5.2CVE-2022-33740openSUSE Leap Micro 5.2
Linux disk/nic frontends data leaks T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Linux Block and Network PV device frontends don't zero memory regions before sharing them with the backend (CVE-2022-26365, CVE-2022-33740). Additionally the granularity of the grant table doesn't allow sharing less than a 4K page, leading to unrelated data residing in the same 4K page as data shared with a backend being accessible by such backend (CVE-2022-33741, CVE-2022-33742).
ModerateCVE-2022-33740SUSE bug 1200762cpe:/o:opensuse:leap-micro:5.2CVE-2022-33741openSUSE Leap Micro 5.2
Linux disk/nic frontends data leaks T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Linux Block and Network PV device frontends don't zero memory regions before sharing them with the backend (CVE-2022-26365, CVE-2022-33740). Additionally the granularity of the grant table doesn't allow sharing less than a 4K page, leading to unrelated data residing in the same 4K page as data shared with a backend being accessible by such backend (CVE-2022-33741, CVE-2022-33742).
ModerateCVE-2022-33741SUSE bug 1200762cpe:/o:opensuse:leap-micro:5.2CVE-2022-33742openSUSE Leap Micro 5.2
Linux disk/nic frontends data leaks T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Linux Block and Network PV device frontends don't zero memory regions before sharing them with the backend (CVE-2022-26365, CVE-2022-33740). Additionally the granularity of the grant table doesn't allow sharing less than a 4K page, leading to unrelated data residing in the same 4K page as data shared with a backend being accessible by such backend (CVE-2022-33741, CVE-2022-33742).
ModerateCVE-2022-33742SUSE bug 1200762cpe:/o:opensuse:leap-micro:5.2CVE-2022-33745openSUSE Leap Micro 5.2
insufficient TLB flush for x86 PV guests in shadow mode For migration as well as to work around kernels unaware of L1TF (see XSA-273), PV guests may be run in shadow paging mode. To address XSA-401, code was moved inside a function in Xen. This code movement missed a variable changing meaning / value between old and new code positions. The now wrong use of the variable did lead to a wrong TLB flush condition, omitting flushes where such are necessary.
ImportantCVE-2022-33745SUSE bug 1201394cpe:/o:opensuse:leap-micro:5.2CVE-2022-33746openSUSE Leap Micro 5.2
P2M pool freeing may take excessively long The P2M pool backing second level address translation for guests may be of significant size. Therefore its freeing may take more time than is reasonable without intermediate preemption checks. Such checking for the need to preempt was so far missing.
ModerateCVE-2022-33746SUSE bug 1203806cpe:/o:opensuse:leap-micro:5.2CVE-2022-33747openSUSE Leap Micro 5.2
Arm: unbounded memory consumption for 2nd-level page tables Certain actions require e.g. removing pages from a guest's P2M (Physical-to-Machine) mapping. When large pages are in use to map guest pages in the 2nd-stage page tables, such a removal operation may incur a memory allocation (to replace a large mapping with individual smaller ones). These memory allocations are taken from the global memory pool. A malicious guest might be able to cause the global memory pool to be exhausted by manipulating its own P2M mappings.
LowCVE-2022-33747SUSE bug 1203804cpe:/o:opensuse:leap-micro:5.2CVE-2022-33748openSUSE Leap Micro 5.2
lock order inversion in transitive grant copy handling As part of XSA-226 a missing cleanup call was inserted on an error handling path. While doing so, locking requirements were not paid attention to. As a result two cooperating guests granting each other transitive grants can cause locks to be acquired nested within one another, but in respectively opposite order. With suitable timing between the involved grant copy operations this may result in the locking up of a CPU.
ModerateCVE-2022-33748SUSE bug 1203807cpe:/o:opensuse:leap-micro:5.2CVE-2022-33981openSUSE Leap Micro 5.2
drivers/block/floppy.c in the Linux kernel before 5.17.6 is vulnerable to a denial of service, because of a concurrency use-after-free flaw after deallocating raw_cmd in the raw_cmd_ioctl function.
ModerateCVE-2022-33981SUSE bug 1200692cpe:/o:opensuse:leap-micro:5.2CVE-2022-3424openSUSE Leap Micro 5.2
A use-after-free flaw was found in the Linux kernel’s SGI GRU driver in the way the first gru_file_unlocked_ioctl function is called by the user, where a fail pass occurs in the gru_check_chiplet_assignment function. This flaw allows a local user to crash or potentially escalate their privileges on the system.
ModerateCVE-2022-3424SUSE bug 1204166SUSE bug 1204167SUSE bug 1208044SUSE bug 1212309cpe:/o:opensuse:leap-micro:5.2CVE-2022-34266openSUSE Leap Micro 5.2
The libtiff-4.0.3-35.amzn2.0.1 package for LibTIFF on Amazon Linux 2 allows attackers to cause a denial of service (application crash), a different vulnerability than CVE-2022-0562. When processing a malicious TIFF file, an invalid range may be passed as an argument to the memset() function within TIFFFetchStripThing() in tif_dirread.c. This will cause TIFFFetchStripThing() to segfault after use of an uninitialized resource.
ImportantCVE-2022-34266SUSE bug 1201723SUSE bug 1208311cpe:/o:opensuse:leap-micro:5.2CVE-2022-3435openSUSE Leap Micro 5.2
A vulnerability classified as problematic has been found in Linux Kernel. This affects the function fib_nh_match of the file net/ipv4/fib_semantics.c of the component IPv4 Handler. The manipulation leads to out-of-bounds read. It is possible to initiate the attack remotely. It is recommended to apply a patch to fix this issue. The identifier VDB-210357 was assigned to this vulnerability.
ModerateCVE-2022-3435SUSE bug 1204171cpe:/o:opensuse:leap-micro:5.2CVE-2022-3437openSUSE Leap Micro 5.2
A heap-based buffer overflow vulnerability was found in Samba within the GSSAPI unwrap_des() and unwrap_des3() routines of Heimdal. The DES and Triple-DES decryption routines in the Heimdal GSSAPI library allow a length-limited write buffer overflow on malloc() allocated memory when presented with a maliciously small packet. This flaw allows a remote user to send specially crafted malicious data to the application, possibly resulting in a denial of service (DoS) attack.
ModerateCVE-2022-3437SUSE bug 1204254SUSE bug 1205667SUSE bug 1208992cpe:/o:opensuse:leap-micro:5.2CVE-2022-34526openSUSE Leap Micro 5.2
A stack overflow was discovered in the _TIFFVGetField function of Tiffsplit v4.4.0. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted TIFF file parsed by the "tiffsplit" or "tiffcrop" utilities.
ImportantCVE-2022-34526SUSE bug 1202026SUSE bug 1205073SUSE bug 1205505SUSE bug 1208338cpe:/o:opensuse:leap-micro:5.2CVE-2022-3479openSUSE Leap Micro 5.2
A vulnerability found in nss. By this security vulnerability, nss client auth crash without a user certificate in the database and this can lead us to a segmentation fault or crash.
ModerateCVE-2022-3479SUSE bug 1204272cpe:/o:opensuse:leap-micro:5.2CVE-2022-34903openSUSE Leap Micro 5.2
GnuPG through 2.3.6, in unusual situations where an attacker possesses any secret-key information from a victim's keyring and other constraints (e.g., use of GPGME) are met, allows signature forgery via injection into the status line.
ModerateCVE-2022-34903SUSE bug 1201225cpe:/o:opensuse:leap-micro:5.2CVE-2022-3491openSUSE Leap Micro 5.2
Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0742.
LowCVE-2022-3491SUSE bug 1206028cpe:/o:opensuse:leap-micro:5.2CVE-2022-34918openSUSE Leap Micro 5.2
An issue was discovered in the Linux kernel through 5.18.9. A type confusion bug in nft_set_elem_init (leading to a buffer overflow) could be used by a local attacker to escalate privileges, a different vulnerability than CVE-2022-32250. (The attacker can obtain root access, but must start with an unprivileged user namespace to obtain CAP_NET_ADMIN access.) This can be fixed in nft_setelem_parse_data in net/netfilter/nf_tables_api.c.
ImportantCVE-2022-34918SUSE bug 1201171SUSE bug 1201177SUSE bug 1201222cpe:/o:opensuse:leap-micro:5.2CVE-2022-3515openSUSE Leap Micro 5.2
A vulnerability was found in the Libksba library due to an integer overflow within the CRL parser. The vulnerability can be exploited remotely for code execution on the target system by passing specially crafted data to the application, for example, a malicious S/MIME attachment.
CriticalCVE-2022-3515SUSE bug 1204357SUSE bug 1204806SUSE bug 1205080SUSE bug 1205592SUSE bug 1205627SUSE bug 1206244cpe:/o:opensuse:leap-micro:5.2CVE-2022-3520openSUSE Leap Micro 5.2
Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0765.
ImportantCVE-2022-3520SUSE bug 1206071SUSE bug 1208100SUSE bug 1208649SUSE bug 1208651cpe:/o:opensuse:leap-micro:5.2CVE-2022-3521openSUSE Leap Micro 5.2
A vulnerability has been found in Linux Kernel and classified as problematic. This vulnerability affects the function kcm_tx_work of the file net/kcm/kcmsock.c of the component kcm. The manipulation leads to race condition. It is recommended to apply a patch to fix this issue. VDB-211018 is the identifier assigned to this vulnerability.
ModerateCVE-2022-3521SUSE bug 1204355cpe:/o:opensuse:leap-micro:5.2CVE-2022-3524openSUSE Leap Micro 5.2
A vulnerability was found in Linux Kernel. It has been declared as problematic. Affected by this vulnerability is the function ipv6_renew_options of the component IPv6 Handler. The manipulation leads to memory leak. The attack can be launched remotely. It is recommended to apply a patch to fix this issue. The identifier VDB-211021 was assigned to this vulnerability.
ModerateCVE-2022-3524SUSE bug 1204354SUSE bug 1212320cpe:/o:opensuse:leap-micro:5.2CVE-2022-35252openSUSE Leap Micro 5.2
When curl is used to retrieve and parse cookies from a HTTP(S) server, itaccepts cookies using control codes that when later are sent back to a HTTPserver might make the server return 400 responses. Effectively allowing a"sister site" to deny service to all siblings.
LowCVE-2022-35252SUSE bug 1202593cpe:/o:opensuse:leap-micro:5.2CVE-2022-3535openSUSE Leap Micro 5.2
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none.
LowCVE-2022-3535SUSE bug 1204417cpe:/o:opensuse:leap-micro:5.2CVE-2022-35414openSUSE Leap Micro 5.2
** DISPUTED ** softmmu/physmem.c in QEMU through 7.0.0 can perform an uninitialized read on the translate_fail path, leading to an io_readx or io_writex crash. NOTE: a third party states that the Non-virtualization Use Case in the qemu.org reference applies here, i.e., "Bugs affecting the non-virtualization use case are not considered security bugs at this time."
ModerateCVE-2022-35414SUSE bug 1201367cpe:/o:opensuse:leap-micro:5.2CVE-2022-3542openSUSE Leap Micro 5.2
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none.
ModerateCVE-2022-3542SUSE bug 1204402cpe:/o:opensuse:leap-micro:5.2CVE-2022-3545openSUSE Leap Micro 5.2
A vulnerability has been found in Linux Kernel and classified as critical. Affected by this vulnerability is the function area_cache_get of the file drivers/net/ethernet/netronome/nfp/nfpcore/nfp_cppcore.c of the component IPsec. The manipulation leads to use after free. It is recommended to apply a patch to fix this issue. The identifier VDB-211045 was assigned to this vulnerability.
ImportantCVE-2022-3545SUSE bug 1204415SUSE bug 1204424SUSE bug 1209225cpe:/o:opensuse:leap-micro:5.2CVE-2022-3554openSUSE Leap Micro 5.2
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none.
ModerateCVE-2022-3554SUSE bug 1204422cpe:/o:opensuse:leap-micro:5.2CVE-2022-3555openSUSE Leap Micro 5.2
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none.
ModerateCVE-2022-3555SUSE bug 1204425cpe:/o:opensuse:leap-micro:5.2CVE-2022-3564openSUSE Leap Micro 5.2
A vulnerability classified as critical was found in Linux Kernel. Affected by this vulnerability is the function l2cap_reassemble_sdu of the file net/bluetooth/l2cap_core.c of the component Bluetooth. The manipulation leads to use after free. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-211087.
ImportantCVE-2022-3564SUSE bug 1206073SUSE bug 1206314SUSE bug 1208030SUSE bug 1208044SUSE bug 1208085cpe:/o:opensuse:leap-micro:5.2CVE-2022-3565openSUSE Leap Micro 5.2
A vulnerability, which was classified as critical, has been found in Linux Kernel. Affected by this issue is the function del_timer of the file drivers/isdn/mISDN/l1oip_core.c of the component Bluetooth. The manipulation leads to use after free. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability is VDB-211088.
ImportantCVE-2022-3565SUSE bug 1204431SUSE bug 1204432SUSE bug 1208044SUSE bug 1212323cpe:/o:opensuse:leap-micro:5.2CVE-2022-3567openSUSE Leap Micro 5.2
A vulnerability has been found in Linux Kernel and classified as problematic. This vulnerability affects the function inet6_stream_ops/inet6_dgram_ops of the component IPv6 Handler. The manipulation leads to race condition. It is recommended to apply a patch to fix this issue. VDB-211090 is the identifier assigned to this vulnerability.
ModerateCVE-2022-3567SUSE bug 1204414cpe:/o:opensuse:leap-micro:5.2CVE-2022-3570openSUSE Leap Micro 5.2
Multiple heap buffer overflows in tiffcrop.c utility in libtiff library Version 4.4.0 allows attacker to trigger unsafe or out of bounds memory access via crafted TIFF image file which could result into application crash, potential information disclosure or any other context-dependent impact
ModerateCVE-2022-3570SUSE bug 1205422cpe:/o:opensuse:leap-micro:5.2CVE-2022-35737openSUSE Leap Micro 5.2
SQLite 1.0.12 through 3.39.x before 3.39.2 sometimes allows an array-bounds overflow if billions of bytes are used in a string argument to a C API.
ModerateCVE-2022-35737SUSE bug 1201783SUSE bug 1203345SUSE bug 1211963cpe:/o:opensuse:leap-micro:5.2CVE-2022-3577openSUSE Leap Micro 5.2
An out-of-bounds memory write flaw was found in the Linux kernel’s Kid-friendly Wired Controller driver. This flaw allows a local user to crash or potentially escalate their privileges on the system. It is in bigben_probe of drivers/hid/hid-bigbenff.c. The reason is incorrect assumption - bigben devices all have inputs. However, malicious devices can break this assumption, leaking to out-of-bound write.
ModerateCVE-2022-3577SUSE bug 1204470SUSE bug 1204486cpe:/o:opensuse:leap-micro:5.2CVE-2022-3586openSUSE Leap Micro 5.2
A flaw was found in the Linux kernel’s networking code. A use-after-free was found in the way the sch_sfb enqueue function used the socket buffer (SKB) cb field after the same SKB had been enqueued (and freed) into a child qdisc. This flaw allows a local, unprivileged user to crash the system, causing a denial of service.
ModerateCVE-2022-3586SUSE bug 1204439SUSE bug 1204576SUSE bug 1208044SUSE bug 1209225SUSE bug 1212294cpe:/o:opensuse:leap-micro:5.2CVE-2022-3591openSUSE Leap Micro 5.2
Use After Free in GitHub repository vim/vim prior to 9.0.0789.
ImportantCVE-2022-3591SUSE bug 1206072SUSE bug 1208100SUSE bug 1208649cpe:/o:opensuse:leap-micro:5.2CVE-2022-3594openSUSE Leap Micro 5.2
A vulnerability was found in Linux Kernel. It has been declared as problematic. Affected by this vulnerability is the function intr_callback of the file drivers/net/usb/r8152.c of the component BPF. The manipulation leads to logging of excessive data. The attack can be launched remotely. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-211363.
ModerateCVE-2022-3594SUSE bug 1204479cpe:/o:opensuse:leap-micro:5.2CVE-2022-3597openSUSE Leap Micro 5.2
LibTIFF 4.4.0 has an out-of-bounds write in _TIFFmemcpy in libtiff/tif_unix.c:346 when called from extractImageSection, tools/tiffcrop.c:6826, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit 236b7191.
ModerateCVE-2022-3597SUSE bug 1204641SUSE bug 1206220cpe:/o:opensuse:leap-micro:5.2CVE-2022-3598openSUSE Leap Micro 5.2
LibTIFF 4.4.0 has an out-of-bounds write in extractContigSamplesShifted24bits in tools/tiffcrop.c:3604, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit cfbb883b.
ModerateCVE-2022-3598SUSE bug 1204642SUSE bug 1206220cpe:/o:opensuse:leap-micro:5.2CVE-2022-3599openSUSE Leap Micro 5.2
LibTIFF 4.4.0 has an out-of-bounds read in writeSingleSection in tools/tiffcrop.c:7345, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit e8131125.
ModerateCVE-2022-3599SUSE bug 1204643SUSE bug 1206220cpe:/o:opensuse:leap-micro:5.2CVE-2022-3606openSUSE Leap Micro 5.2
A vulnerability was found in Linux Kernel. It has been classified as problematic. This affects the function find_prog_by_sec_insn of the file tools/lib/bpf/libbpf.c of the component BPF. The manipulation leads to null pointer dereference. It is recommended to apply a patch to fix this issue. The identifier VDB-211749 was assigned to this vulnerability.
ModerateCVE-2022-3606SUSE bug 1204502cpe:/o:opensuse:leap-micro:5.2CVE-2022-36109openSUSE Leap Micro 5.2
Moby is an open-source project created by Docker to enable software containerization. A bug was found in Moby (Docker Engine) where supplementary groups are not set up properly. If an attacker has direct access to a container and manipulates their supplementary group access, they may be able to use supplementary group access to bypass primary group restrictions in some cases, potentially gaining access to sensitive information or gaining the ability to execute code in that container. This bug is fixed in Moby (Docker Engine) 20.10.18. Running containers should be stopped and restarted for the permissions to be fixed. For users unable to upgrade, this problem can be worked around by not using the `"USER $USERNAME"` Dockerfile instruction. Instead by calling `ENTRYPOINT ["su", "-", "user"]` the supplementary groups will be set up properly.
ModerateCVE-2022-36109SUSE bug 1205375cpe:/o:opensuse:leap-micro:5.2CVE-2022-3621openSUSE Leap Micro 5.2
A vulnerability was found in Linux Kernel. It has been classified as problematic. Affected is the function nilfs_bmap_lookup_at_level of the file fs/nilfs2/inode.c of the component nilfs2. The manipulation leads to null pointer dereference. It is possible to launch the attack remotely. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability is VDB-211920.
ModerateCVE-2022-3621SUSE bug 1204574SUSE bug 1212295cpe:/o:opensuse:leap-micro:5.2CVE-2022-3625openSUSE Leap Micro 5.2
A vulnerability was found in Linux Kernel. It has been classified as critical. This affects the function devlink_param_set/devlink_param_get of the file net/core/devlink.c of the component IPsec. The manipulation leads to use after free. It is recommended to apply a patch to fix this issue. The identifier VDB-211929 was assigned to this vulnerability.
ModerateCVE-2022-3625SUSE bug 1204637cpe:/o:opensuse:leap-micro:5.2CVE-2022-3626openSUSE Leap Micro 5.2
LibTIFF 4.4.0 has an out-of-bounds write in _TIFFmemset in libtiff/tif_unix.c:340 when called from processCropSelections, tools/tiffcrop.c:7619, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit 236b7191.
ModerateCVE-2022-3626SUSE bug 1204644SUSE bug 1206220cpe:/o:opensuse:leap-micro:5.2CVE-2022-3627openSUSE Leap Micro 5.2
LibTIFF 4.4.0 has an out-of-bounds write in _TIFFmemcpy in libtiff/tif_unix.c:346 when called from extractImageSection, tools/tiffcrop.c:6860, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit 236b7191.
ModerateCVE-2022-3627SUSE bug 1204645SUSE bug 1206220cpe:/o:opensuse:leap-micro:5.2CVE-2022-3628openSUSE Leap Micro 5.2
A buffer overflow flaw was found in the Linux kernel Broadcom Full MAC Wi-Fi driver. This issue occurs when a user connects to a malicious USB device. This can allow a local user to crash the system or escalate their privileges.
ModerateCVE-2022-3628SUSE bug 1204868cpe:/o:opensuse:leap-micro:5.2CVE-2022-36280openSUSE Leap Micro 5.2
An out-of-bounds(OOB) memory access vulnerability was found in vmwgfx driver in drivers/gpu/vmxgfx/vmxgfx_kms.c in GPU component in the Linux kernel with device file '/dev/dri/renderD128 (or Dxxx)'. This flaw allows a local attacker with a user account on the system to gain privilege, causing a denial of service(DoS).
ModerateCVE-2022-36280SUSE bug 1203332cpe:/o:opensuse:leap-micro:5.2CVE-2022-3629openSUSE Leap Micro 5.2
A vulnerability was found in Linux Kernel. It has been declared as problematic. This vulnerability affects the function vsock_connect of the file net/vmw_vsock/af_vsock.c. The manipulation leads to memory leak. It is recommended to apply a patch to fix this issue. VDB-211930 is the identifier assigned to this vulnerability.
LowCVE-2022-3629SUSE bug 1204635cpe:/o:opensuse:leap-micro:5.2CVE-2022-3635openSUSE Leap Micro 5.2
A vulnerability, which was classified as critical, has been found in Linux Kernel. Affected by this issue is the function tst_timer of the file drivers/atm/idt77252.c of the component IPsec. The manipulation leads to use after free. It is recommended to apply a patch to fix this issue. VDB-211934 is the identifier assigned to this vulnerability.
ImportantCVE-2022-3635SUSE bug 1204631SUSE bug 1204636SUSE bug 1208044SUSE bug 1212289cpe:/o:opensuse:leap-micro:5.2CVE-2022-3640openSUSE Leap Micro 5.2
A vulnerability, which was classified as critical, was found in Linux Kernel. Affected is the function l2cap_conn_del of the file net/bluetooth/l2cap_core.c of the component Bluetooth. The manipulation leads to use after free. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability is VDB-211944.
ImportantCVE-2022-3640SUSE bug 1204619SUSE bug 1204624SUSE bug 1209225cpe:/o:opensuse:leap-micro:5.2CVE-2022-3643openSUSE Leap Micro 5.2
Guests can trigger NIC interface reset/abort/crash via netback It is possible for a guest to trigger a NIC interface reset/abort/crash in a Linux based network backend by sending certain kinds of packets. It appears to be an (unwritten?) assumption in the rest of the Linux network stack that packet protocol headers are all contained within the linear section of the SKB and some NICs behave badly if this is not the case. This has been reported to occur with Cisco (enic) and Broadcom NetXtrem II BCM5780 (bnx2x) though it may be an issue with other NICs/drivers as well. In case the frontend is sending requests with split headers, netback will forward those violating above mentioned assumption to the networking core, resulting in said misbehavior.
ModerateCVE-2022-3643SUSE bug 1206113cpe:/o:opensuse:leap-micro:5.2CVE-2022-3646openSUSE Leap Micro 5.2
A vulnerability, which was classified as problematic, has been found in Linux Kernel. This issue affects the function nilfs_attach_log_writer of the file fs/nilfs2/segment.c of the component BPF. The manipulation leads to memory leak. The attack may be initiated remotely. It is recommended to apply a patch to fix this issue. The identifier VDB-211961 was assigned to this vulnerability.
LowCVE-2022-3646SUSE bug 1204646cpe:/o:opensuse:leap-micro:5.2CVE-2022-3649openSUSE Leap Micro 5.2
A vulnerability was found in Linux Kernel. It has been classified as problematic. Affected is the function nilfs_new_inode of the file fs/nilfs2/inode.c of the component BPF. The manipulation leads to use after free. It is possible to launch the attack remotely. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability is VDB-211992.
LowCVE-2022-3649SUSE bug 1204647SUSE bug 1212318cpe:/o:opensuse:leap-micro:5.2CVE-2022-3650openSUSE Leap Micro 5.2
A privilege escalation flaw was found in Ceph. Ceph-crash.service allows a local attacker to escalate privileges to root in the form of a crash dump, and dump privileged information.
ImportantCVE-2022-3650SUSE bug 1204430cpe:/o:opensuse:leap-micro:5.2CVE-2022-36879openSUSE Leap Micro 5.2
An issue was discovered in the Linux kernel through 5.18.14. xfrm_expand_policies in net/xfrm/xfrm_policy.c can cause a refcount to be dropped twice.
ModerateCVE-2022-36879SUSE bug 1201948SUSE bug 1212327cpe:/o:opensuse:leap-micro:5.2CVE-2022-36946openSUSE Leap Micro 5.2
nfqnl_mangle in net/netfilter/nfnetlink_queue.c in the Linux kernel through 5.18.14 allows remote attackers to cause a denial of service (panic) because, in the case of an nf_queue verdict with a one-byte nfta_payload attribute, an skb_pull can encounter a negative skb->len.
ImportantCVE-2022-36946SUSE bug 1201940SUSE bug 1201941SUSE bug 1202312SUSE bug 1202874SUSE bug 1203208SUSE bug 1204132SUSE bug 1205313SUSE bug 1212310cpe:/o:opensuse:leap-micro:5.2CVE-2022-3705openSUSE Leap Micro 5.2
A vulnerability was found in vim and classified as problematic. Affected by this issue is the function qf_update_buffer of the file quickfix.c of the component autocmd Handler. The manipulation leads to use after free. The attack may be launched remotely. Upgrading to version 9.0.0805 is able to address this issue. The name of the patch is d0fab10ed2a86698937e3c3fed2f10bd9bb5e731. It is recommended to upgrade the affected component. The identifier of this vulnerability is VDB-212324.
ModerateCVE-2022-3705SUSE bug 1204779cpe:/o:opensuse:leap-micro:5.2CVE-2022-3707openSUSE Leap Micro 5.2
A double-free memory flaw was found in the Linux kernel. The Intel GVT-g graphics driver triggers VGA card system resource overload, causing a fail in the intel_gvt_dma_map_guest_page function. This issue could allow a local user to crash the system.
ModerateCVE-2022-3707SUSE bug 1204780cpe:/o:opensuse:leap-micro:5.2CVE-2022-37434openSUSE Leap Micro 5.2
zlib through 1.2.12 has a heap-based buffer over-read or buffer overflow in inflate in inflate.c via a large gzip header extra field. NOTE: only applications that call inflateGetHeader are affected. Some common applications bundle the affected zlib source code but may be unable to call inflateGetHeader (e.g., see the nodejs/node reference).
ImportantCVE-2022-37434SUSE bug 1202175SUSE bug 1203030SUSE bug 1205074SUSE bug 1205289cpe:/o:opensuse:leap-micro:5.2CVE-2022-37454openSUSE Leap Micro 5.2
The Keccak XKCP SHA-3 reference implementation before fdc6fef has an integer overflow and resultant buffer overflow that allows attackers to execute arbitrary code or eliminate expected cryptographic properties. This occurs in the sponge function interface.
ImportantCVE-2022-37454SUSE bug 1204577SUSE bug 1204966SUSE bug 1205836cpe:/o:opensuse:leap-micro:5.2CVE-2022-3775openSUSE Leap Micro 5.2
When rendering certain unicode sequences, grub2's font code doesn't proper validate if the informed glyph's width and height is constrained within bitmap size. As consequence an attacker can craft an input which will lead to a out-of-bounds write into grub2's heap, leading to memory corruption and availability issues. Although complex, arbitrary code execution could not be discarded.
ModerateCVE-2022-3775SUSE bug 1205182cpe:/o:opensuse:leap-micro:5.2CVE-2022-37966openSUSE Leap Micro 5.2
Windows Kerberos RC4-HMAC Elevation of Privilege Vulnerability
ImportantCVE-2022-37966SUSE bug 1205385SUSE bug 1208347SUSE bug 1208433SUSE bug 1209664cpe:/o:opensuse:leap-micro:5.2CVE-2022-37967openSUSE Leap Micro 5.2
Windows Kerberos Elevation of Privilege Vulnerability
ImportantCVE-2022-37967SUSE bug 1205386SUSE bug 1208347cpe:/o:opensuse:leap-micro:5.2CVE-2022-38023openSUSE Leap Micro 5.2
Netlogon RPC Elevation of Privilege Vulnerability
ImportantCVE-2022-38023SUSE bug 1206504SUSE bug 1209664SUSE bug 1213694cpe:/o:opensuse:leap-micro:5.2CVE-2022-38090openSUSE Leap Micro 5.2
Improper isolation of shared resources in some Intel(R) Processors when using Intel(R) Software Guard Extensions may allow a privileged user to potentially enable information disclosure via local access.
ModerateCVE-2022-38090SUSE bug 1208275cpe:/o:opensuse:leap-micro:5.2CVE-2022-38096openSUSE Leap Micro 5.2
A NULL pointer dereference vulnerability was found in vmwgfx driver in drivers/gpu/vmxgfx/vmxgfx_execbuf.c in GPU component of Linux kernel with device file '/dev/dri/renderD128 (or Dxxx)'. This flaw allows a local attacker with a user account on the system to gain privilege, causing a denial of service(DoS).
ModerateCVE-2022-38096SUSE bug 1203331cpe:/o:opensuse:leap-micro:5.2CVE-2022-3821openSUSE Leap Micro 5.2
An off-by-one Error issue was discovered in Systemd in format_timespan() function of time-util.c. An attacker could supply specific values for time and accuracy that leads to buffer overrun in format_timespan(), leading to a Denial of Service.
ModerateCVE-2022-3821SUSE bug 1204968cpe:/o:opensuse:leap-micro:5.2CVE-2022-3854openSUSE Leap Micro 5.2
A flaw was found in Ceph, relating to the URL processing on RGW backends. An attacker can exploit the URL processing by providing a null URL to crash the RGW, causing a denial of service.
ModerateCVE-2022-3854SUSE bug 1205025cpe:/o:opensuse:leap-micro:5.2CVE-2022-3903openSUSE Leap Micro 5.2
An incorrect read request flaw was found in the Infrared Transceiver USB driver in the Linux kernel. This issue occurs when a user attaches a malicious USB device. A local user could use this flaw to starve the resources, causing denial of service or potentially crashing the system.
ModerateCVE-2022-3903SUSE bug 1205220SUSE bug 1212297cpe:/o:opensuse:leap-micro:5.2CVE-2022-39188openSUSE Leap Micro 5.2
An issue was discovered in include/asm-generic/tlb.h in the Linux kernel before 5.19. Because of a race condition (unmap_mapping_range versus munmap), a device driver can free a page while it still has stale TLB entries. This only occurs in situations with VM_PFNMAP VMAs.
ModerateCVE-2022-39188SUSE bug 1203107SUSE bug 1203116SUSE bug 1205313SUSE bug 1209225SUSE bug 1212326cpe:/o:opensuse:leap-micro:5.2CVE-2022-39189openSUSE Leap Micro 5.2
An issue was discovered the x86 KVM subsystem in the Linux kernel before 5.18.17. Unprivileged guest users can compromise the guest kernel because TLB flush operations are mishandled in certain KVM_VCPU_PREEMPTED situations.
ModerateCVE-2022-39189SUSE bug 1203066SUSE bug 1203067SUSE bug 1209225cpe:/o:opensuse:leap-micro:5.2CVE-2022-39190openSUSE Leap Micro 5.2
An issue was discovered in net/netfilter/nf_tables_api.c in the Linux kernel before 5.19.6. A denial of service can occur upon binding to an already bound chain.
ModerateCVE-2022-39190SUSE bug 1203117cpe:/o:opensuse:leap-micro:5.2CVE-2022-3970openSUSE Leap Micro 5.2
A vulnerability was found in LibTIFF. It has been classified as critical. This affects the function TIFFReadRGBATileExt of the file libtiff/tif_getimage.c. The manipulation leads to integer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The name of the patch is 227500897dfb07fb7d27f7aa570050e62617e3be. It is recommended to apply a patch to fix this issue. The identifier VDB-213549 was assigned to this vulnerability.
ImportantCVE-2022-3970SUSE bug 1205392SUSE bug 1208311SUSE bug 1208312SUSE bug 1208338SUSE bug 1208655SUSE bug 1209328cpe:/o:opensuse:leap-micro:5.2CVE-2022-40303openSUSE Leap Micro 5.2
An issue was discovered in libxml2 before 2.10.3. When parsing a multi-gigabyte XML document with the XML_PARSE_HUGE parser option enabled, several integer counters can overflow. This results in an attempt to access an array at a negative 2GB offset, typically leading to a segmentation fault.
ImportantCVE-2022-40303SUSE bug 1204366SUSE bug 1204807SUSE bug 1205549SUSE bug 1206241SUSE bug 1206248cpe:/o:opensuse:leap-micro:5.2CVE-2022-40304openSUSE Leap Micro 5.2
An issue was discovered in libxml2 before 2.10.3. Certain invalid XML entity definitions can corrupt a hash table key, potentially leading to subsequent logic errors. In one case, a double-free can be provoked.
ImportantCVE-2022-40304SUSE bug 1204367SUSE bug 1205069SUSE bug 1205549SUSE bug 1206241SUSE bug 1206248SUSE bug 1208343cpe:/o:opensuse:leap-micro:5.2CVE-2022-40674openSUSE Leap Micro 5.2
libexpat before 2.4.9 has a use-after-free in the doContent function in xmlparse.c.
ImportantCVE-2022-40674SUSE bug 1203438SUSE bug 1204099SUSE bug 1204177SUSE bug 1204509SUSE bug 1205077SUSE bug 1205285SUSE bug 1205527SUSE bug 1205598SUSE bug 1208339SUSE bug 1208753cpe:/o:opensuse:leap-micro:5.2CVE-2022-40768openSUSE Leap Micro 5.2
drivers/scsi/stex.c in the Linux kernel through 5.19.9 allows local users to obtain sensitive information from kernel memory because stex_queuecommand_lck lacks a memset for the PASSTHRU_CMD case.
ModerateCVE-2022-40768SUSE bug 1203514cpe:/o:opensuse:leap-micro:5.2CVE-2022-40897openSUSE Leap Micro 5.2
Python Packaging Authority (PyPA) setuptools before 65.5.1 allows remote attackers to cause a denial of service via HTML in a crafted package or custom PackageIndex page. There is a Regular Expression Denial of Service (ReDoS) in package_index.py.
ModerateCVE-2022-40897SUSE bug 1206667cpe:/o:opensuse:leap-micro:5.2CVE-2022-40899openSUSE Leap Micro 5.2
An issue discovered in Python Charmers Future 0.18.2 and earlier allows remote attackers to cause a denial of service via crafted Set-Cookie header from malicious web server.
ModerateCVE-2022-40899SUSE bug 1206673cpe:/o:opensuse:leap-micro:5.2CVE-2022-4095openSUSE Leap Micro 5.2
A use-after-free flaw was found in Linux kernel before 5.19.2. This issue occurs in cmd_hdl_filter in drivers/staging/rtl8712/rtl8712_cmd.c, allowing an attacker to launch a local denial of service attack and gain escalation of privileges.
ImportantCVE-2022-4095SUSE bug 1205514SUSE bug 1205594SUSE bug 1208030SUSE bug 1208085SUSE bug 1212319cpe:/o:opensuse:leap-micro:5.2CVE-2022-41218openSUSE Leap Micro 5.2
In drivers/media/dvb-core/dmxdev.c in the Linux kernel through 5.19.10, there is a use-after-free caused by refcount races, affecting dvb_demux_open and dvb_dmxdev_release.
ImportantCVE-2022-41218SUSE bug 1202960SUSE bug 1203606SUSE bug 1205313SUSE bug 1209225cpe:/o:opensuse:leap-micro:5.2CVE-2022-41222openSUSE Leap Micro 5.2
mm/mremap.c in the Linux kernel before 5.13.3 has a use-after-free via a stale TLB because an rmap lock is not held during a PUD move.
ModerateCVE-2022-41222SUSE bug 1203622SUSE bug 1203624SUSE bug 1209225SUSE bug 1209476cpe:/o:opensuse:leap-micro:5.2CVE-2022-4129openSUSE Leap Micro 5.2
A flaw was found in the Linux kernel's Layer 2 Tunneling Protocol (L2TP). A missing lock when clearing sk_user_data can lead to a race condition and NULL pointer dereference. A local user could use this flaw to potentially crash the system causing a denial of service.
ModerateCVE-2022-4129SUSE bug 1205711cpe:/o:opensuse:leap-micro:5.2CVE-2022-4139openSUSE Leap Micro 5.2
An incorrect TLB flush issue was found in the Linux kernel’s GPU i915 kernel driver, potentially leading to random memory corruption or data leaks. This flaw could allow a local user to crash the system or escalate their privileges on the system.
ModerateCVE-2022-4139SUSE bug 1205700SUSE bug 1205815SUSE bug 1209225cpe:/o:opensuse:leap-micro:5.2CVE-2022-4141openSUSE Leap Micro 5.2
Heap based buffer overflow in vim/vim 9.0.0946 and below by allowing an attacker to CTRL-W gf in the expression used in the RHS of the substitute command.
ImportantCVE-2022-4141SUSE bug 1205797SUSE bug 1208649SUSE bug 1208651cpe:/o:opensuse:leap-micro:5.2CVE-2022-4144openSUSE Leap Micro 5.2
An out-of-bounds read flaw was found in the QXL display device emulation in QEMU. The qxl_phys2virt() function does not check the size of the structure pointed to by the guest physical address, potentially reading past the end of the bar space into adjacent pages. A malicious guest user could use this flaw to crash the QEMU process on the host causing a denial of service condition.
ModerateCVE-2022-4144SUSE bug 1205808cpe:/o:opensuse:leap-micro:5.2CVE-2022-41674openSUSE Leap Micro 5.2
An issue was discovered in the Linux kernel before 5.19.16. Attackers able to inject WLAN frames could cause a buffer overflow in the ieee80211_bss_info_update function in net/mac80211/scan.c.
ImportantCVE-2022-41674SUSE bug 1203770SUSE bug 1203994SUSE bug 1209225cpe:/o:opensuse:leap-micro:5.2CVE-2022-41848openSUSE Leap Micro 5.2
drivers/char/pcmcia/synclink_cs.c in the Linux kernel through 5.19.12 has a race condition and resultant use-after-free if a physically proximate attacker removes a PCMCIA device while calling ioctl, aka a race condition between mgslpc_ioctl and mgslpc_detach.
ModerateCVE-2022-41848SUSE bug 1203987SUSE bug 1211484SUSE bug 1212317cpe:/o:opensuse:leap-micro:5.2CVE-2022-41849openSUSE Leap Micro 5.2
drivers/video/fbdev/smscufx.c in the Linux kernel through 5.19.12 has a race condition and resultant use-after-free if a physically proximate attacker removes a USB device while calling open(), aka a race condition between ufx_ops_open and ufx_usb_disconnect.
ModerateCVE-2022-41849SUSE bug 1203992cpe:/o:opensuse:leap-micro:5.2CVE-2022-41850openSUSE Leap Micro 5.2
roccat_report_event in drivers/hid/hid-roccat.c in the Linux kernel through 5.19.12 has a race condition and resultant use-after-free in certain situations where a report is received while copying a report->value is in progress.
LowCVE-2022-41850SUSE bug 1203960SUSE bug 1212314cpe:/o:opensuse:leap-micro:5.2CVE-2022-41858openSUSE Leap Micro 5.2
A flaw was found in the Linux kernel. A NULL pointer dereference may occur while a slip driver is in progress to detach in sl_tx_timeout in drivers/net/slip/slip.c. This issue could allow an attacker to crash the system or leak internal kernel information.
ModerateCVE-2022-41858SUSE bug 1205671SUSE bug 1211484SUSE bug 1212300cpe:/o:opensuse:leap-micro:5.2CVE-2022-41973openSUSE Leap Micro 5.2
multipath-tools 0.7.7 through 0.9.x before 0.9.2 allows local users to obtain root access, as exploited in conjunction with CVE-2022-41974. Local users able to access /dev/shm can change symlinks in multipathd due to incorrect symlink handling, which could lead to controlled file writes outside of the /dev/shm directory. This could be used indirectly for local privilege escalation to root.
ImportantCVE-2022-41973SUSE bug 1202739SUSE bug 1209929cpe:/o:opensuse:leap-micro:5.2CVE-2022-41974openSUSE Leap Micro 5.2
multipath-tools 0.7.0 through 0.9.x before 0.9.2 allows local users to obtain root access, as exploited alone or in conjunction with CVE-2022-41973. Local users able to write to UNIX domain sockets can bypass access controls and manipulate the multipath setup. This can lead to local privilege escalation to root. This occurs because an attacker can repeat a keyword, which is mishandled because arithmetic ADD is used instead of bitwise OR.
ImportantCVE-2022-41974SUSE bug 1205472cpe:/o:opensuse:leap-micro:5.2CVE-2022-42010openSUSE Leap Micro 5.2
An issue was discovered in D-Bus before 1.12.24, 1.13.x and 1.14.x before 1.14.4, and 1.15.x before 1.15.2. An authenticated attacker can cause dbus-daemon and other programs that use libdbus to crash when receiving a message with certain invalid type signatures.
LowCVE-2022-42010SUSE bug 1204111cpe:/o:opensuse:leap-micro:5.2CVE-2022-42011openSUSE Leap Micro 5.2
An issue was discovered in D-Bus before 1.12.24, 1.13.x and 1.14.x before 1.14.4, and 1.15.x before 1.15.2. An authenticated attacker can cause dbus-daemon and other programs that use libdbus to crash when receiving a message where an array length is inconsistent with the size of the element type.
ModerateCVE-2022-42011SUSE bug 1204112cpe:/o:opensuse:leap-micro:5.2CVE-2022-42012openSUSE Leap Micro 5.2
An issue was discovered in D-Bus before 1.12.24, 1.13.x and 1.14.x before 1.14.4, and 1.15.x before 1.15.2. An authenticated attacker can cause dbus-daemon and other programs that use libdbus to crash by sending a message with attached file descriptors in an unexpected format.
ModerateCVE-2022-42012SUSE bug 1204113cpe:/o:opensuse:leap-micro:5.2CVE-2022-42309openSUSE Leap Micro 5.2
Xenstore: Guests can crash xenstored Due to a bug in the fix of XSA-115 a malicious guest can cause xenstored to use a wrong pointer during node creation in an error path, resulting in a crash of xenstored or a memory corruption in xenstored causing further damage. Entering the error path can be controlled by the guest e.g. by exceeding the quota value of maximum nodes per domain.
ImportantCVE-2022-42309SUSE bug 1204485cpe:/o:opensuse:leap-micro:5.2CVE-2022-42310openSUSE Leap Micro 5.2
Xenstore: Guests can create orphaned Xenstore nodes By creating multiple nodes inside a transaction resulting in an error, a malicious guest can create orphaned nodes in the Xenstore data base, as the cleanup after the error will not remove all nodes already created. When the transaction is committed after this situation, nodes without a valid parent can be made permanent in the data base.
ModerateCVE-2022-42310SUSE bug 1204487cpe:/o:opensuse:leap-micro:5.2CVE-2022-42311openSUSE Leap Micro 5.2
Xenstore: guests can let run xenstored out of memory T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Malicious guests can cause xenstored to allocate vast amounts of memory, eventually resulting in a Denial of Service (DoS) of xenstored. There are multiple ways how guests can cause large memory allocations in xenstored: - - by issuing new requests to xenstored without reading the responses, causing the responses to be buffered in memory - - by causing large number of watch events to be generated via setting up multiple xenstore watches and then e.g. deleting many xenstore nodes below the watched path - - by creating as many nodes as allowed with the maximum allowed size and path length in as many transactions as possible - - by accessing many nodes inside a transaction
ModerateCVE-2022-42311SUSE bug 1204482cpe:/o:opensuse:leap-micro:5.2CVE-2022-42312openSUSE Leap Micro 5.2
Xenstore: guests can let run xenstored out of memory T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Malicious guests can cause xenstored to allocate vast amounts of memory, eventually resulting in a Denial of Service (DoS) of xenstored. There are multiple ways how guests can cause large memory allocations in xenstored: - - by issuing new requests to xenstored without reading the responses, causing the responses to be buffered in memory - - by causing large number of watch events to be generated via setting up multiple xenstore watches and then e.g. deleting many xenstore nodes below the watched path - - by creating as many nodes as allowed with the maximum allowed size and path length in as many transactions as possible - - by accessing many nodes inside a transaction
ModerateCVE-2022-42312SUSE bug 1204482cpe:/o:opensuse:leap-micro:5.2CVE-2022-42313openSUSE Leap Micro 5.2
Xenstore: guests can let run xenstored out of memory T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Malicious guests can cause xenstored to allocate vast amounts of memory, eventually resulting in a Denial of Service (DoS) of xenstored. There are multiple ways how guests can cause large memory allocations in xenstored: - - by issuing new requests to xenstored without reading the responses, causing the responses to be buffered in memory - - by causing large number of watch events to be generated via setting up multiple xenstore watches and then e.g. deleting many xenstore nodes below the watched path - - by creating as many nodes as allowed with the maximum allowed size and path length in as many transactions as possible - - by accessing many nodes inside a transaction
ModerateCVE-2022-42313SUSE bug 1204482cpe:/o:opensuse:leap-micro:5.2CVE-2022-42314openSUSE Leap Micro 5.2
Xenstore: guests can let run xenstored out of memory T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Malicious guests can cause xenstored to allocate vast amounts of memory, eventually resulting in a Denial of Service (DoS) of xenstored. There are multiple ways how guests can cause large memory allocations in xenstored: - - by issuing new requests to xenstored without reading the responses, causing the responses to be buffered in memory - - by causing large number of watch events to be generated via setting up multiple xenstore watches and then e.g. deleting many xenstore nodes below the watched path - - by creating as many nodes as allowed with the maximum allowed size and path length in as many transactions as possible - - by accessing many nodes inside a transaction
ModerateCVE-2022-42314SUSE bug 1204482cpe:/o:opensuse:leap-micro:5.2CVE-2022-42315openSUSE Leap Micro 5.2
Xenstore: guests can let run xenstored out of memory T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Malicious guests can cause xenstored to allocate vast amounts of memory, eventually resulting in a Denial of Service (DoS) of xenstored. There are multiple ways how guests can cause large memory allocations in xenstored: - - by issuing new requests to xenstored without reading the responses, causing the responses to be buffered in memory - - by causing large number of watch events to be generated via setting up multiple xenstore watches and then e.g. deleting many xenstore nodes below the watched path - - by creating as many nodes as allowed with the maximum allowed size and path length in as many transactions as possible - - by accessing many nodes inside a transaction
ModerateCVE-2022-42315SUSE bug 1204482cpe:/o:opensuse:leap-micro:5.2CVE-2022-42316openSUSE Leap Micro 5.2
Xenstore: guests can let run xenstored out of memory T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Malicious guests can cause xenstored to allocate vast amounts of memory, eventually resulting in a Denial of Service (DoS) of xenstored. There are multiple ways how guests can cause large memory allocations in xenstored: - - by issuing new requests to xenstored without reading the responses, causing the responses to be buffered in memory - - by causing large number of watch events to be generated via setting up multiple xenstore watches and then e.g. deleting many xenstore nodes below the watched path - - by creating as many nodes as allowed with the maximum allowed size and path length in as many transactions as possible - - by accessing many nodes inside a transaction
ModerateCVE-2022-42316SUSE bug 1204482cpe:/o:opensuse:leap-micro:5.2CVE-2022-42317openSUSE Leap Micro 5.2
Xenstore: guests can let run xenstored out of memory T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Malicious guests can cause xenstored to allocate vast amounts of memory, eventually resulting in a Denial of Service (DoS) of xenstored. There are multiple ways how guests can cause large memory allocations in xenstored: - - by issuing new requests to xenstored without reading the responses, causing the responses to be buffered in memory - - by causing large number of watch events to be generated via setting up multiple xenstore watches and then e.g. deleting many xenstore nodes below the watched path - - by creating as many nodes as allowed with the maximum allowed size and path length in as many transactions as possible - - by accessing many nodes inside a transaction
ModerateCVE-2022-42317SUSE bug 1204482cpe:/o:opensuse:leap-micro:5.2CVE-2022-42318openSUSE Leap Micro 5.2
Xenstore: guests can let run xenstored out of memory T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Malicious guests can cause xenstored to allocate vast amounts of memory, eventually resulting in a Denial of Service (DoS) of xenstored. There are multiple ways how guests can cause large memory allocations in xenstored: - - by issuing new requests to xenstored without reading the responses, causing the responses to be buffered in memory - - by causing large number of watch events to be generated via setting up multiple xenstore watches and then e.g. deleting many xenstore nodes below the watched path - - by creating as many nodes as allowed with the maximum allowed size and path length in as many transactions as possible - - by accessing many nodes inside a transaction
ModerateCVE-2022-42318SUSE bug 1204482cpe:/o:opensuse:leap-micro:5.2CVE-2022-42319openSUSE Leap Micro 5.2
Xenstore: Guests can cause Xenstore to not free temporary memory When working on a request of a guest, xenstored might need to allocate quite large amounts of memory temporarily. This memory is freed only after the request has been finished completely. A request is regarded to be finished only after the guest has read the response message of the request from the ring page. Thus a guest not reading the response can cause xenstored to not free the temporary memory. This can result in memory shortages causing Denial of Service (DoS) of xenstored.
ModerateCVE-2022-42319SUSE bug 1204488cpe:/o:opensuse:leap-micro:5.2CVE-2022-42320openSUSE Leap Micro 5.2
Xenstore: Guests can get access to Xenstore nodes of deleted domains Access rights of Xenstore nodes are per domid. When a domain is gone, there might be Xenstore nodes left with access rights containing the domid of the removed domain. This is normally no problem, as those access right entries will be corrected when such a node is written later. There is a small time window when a new domain is created, where the access rights of a past domain with the same domid as the new one will be regarded to be still valid, leading to the new domain being able to get access to a node which was meant to be accessible by the removed domain. For this to happen another domain needs to write the node before the newly created domain is being introduced to Xenstore by dom0.
ImportantCVE-2022-42320SUSE bug 1204489cpe:/o:opensuse:leap-micro:5.2CVE-2022-42321openSUSE Leap Micro 5.2
Xenstore: Guests can crash xenstored via exhausting the stack Xenstored is using recursion for some Xenstore operations (e.g. for deleting a sub-tree of Xenstore nodes). With sufficiently deep nesting levels this can result in stack exhaustion on xenstored, leading to a crash of xenstored.
ModerateCVE-2022-42321SUSE bug 1204490cpe:/o:opensuse:leap-micro:5.2CVE-2022-42322openSUSE Leap Micro 5.2
Xenstore: Cooperating guests can create arbitrary numbers of nodes T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Since the fix of XSA-322 any Xenstore node owned by a removed domain will be modified to be owned by Dom0. This will allow two malicious guests working together to create an arbitrary number of Xenstore nodes. This is possible by domain A letting domain B write into domain A's local Xenstore tree. Domain B can then create many nodes and reboot. The nodes created by domain B will now be owned by Dom0. By repeating this process over and over again an arbitrary number of nodes can be created, as Dom0's number of nodes isn't limited by Xenstore quota.
ModerateCVE-2022-42322SUSE bug 1204494cpe:/o:opensuse:leap-micro:5.2CVE-2022-42323openSUSE Leap Micro 5.2
Xenstore: Cooperating guests can create arbitrary numbers of nodes T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Since the fix of XSA-322 any Xenstore node owned by a removed domain will be modified to be owned by Dom0. This will allow two malicious guests working together to create an arbitrary number of Xenstore nodes. This is possible by domain A letting domain B write into domain A's local Xenstore tree. Domain B can then create many nodes and reboot. The nodes created by domain B will now be owned by Dom0. By repeating this process over and over again an arbitrary number of nodes can be created, as Dom0's number of nodes isn't limited by Xenstore quota.
ModerateCVE-2022-42323SUSE bug 1204494cpe:/o:opensuse:leap-micro:5.2CVE-2022-42325openSUSE Leap Micro 5.2
Xenstore: Guests can create arbitrary number of nodes via transactions T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] In case a node has been created in a transaction and it is later deleted in the same transaction, the transaction will be terminated with an error. As this error is encountered only when handling the deleted node at transaction finalization, the transaction will have been performed partially and without updating the accounting information. This will enable a malicious guest to create arbitrary number of nodes.
ModerateCVE-2022-42325SUSE bug 1204496cpe:/o:opensuse:leap-micro:5.2CVE-2022-42326openSUSE Leap Micro 5.2
Xenstore: Guests can create arbitrary number of nodes via transactions T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] In case a node has been created in a transaction and it is later deleted in the same transaction, the transaction will be terminated with an error. As this error is encountered only when handling the deleted node at transaction finalization, the transaction will have been performed partially and without updating the accounting information. This will enable a malicious guest to create arbitrary number of nodes.
ModerateCVE-2022-42326SUSE bug 1204496cpe:/o:opensuse:leap-micro:5.2CVE-2022-42328openSUSE Leap Micro 5.2
Guests can trigger deadlock in Linux netback driver T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] The patch for XSA-392 introduced another issue which might result in a deadlock when trying to free the SKB of a packet dropped due to the XSA-392 handling (CVE-2022-42328). Additionally when dropping packages for other reasons the same deadlock could occur in case of netpoll being active for the interface the xen-netback driver is connected to (CVE-2022-42329).
ModerateCVE-2022-42328SUSE bug 1206114cpe:/o:opensuse:leap-micro:5.2CVE-2022-42329openSUSE Leap Micro 5.2
Guests can trigger deadlock in Linux netback driver T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] The patch for XSA-392 introduced another issue which might result in a deadlock when trying to free the SKB of a packet dropped due to the XSA-392 handling (CVE-2022-42328). Additionally when dropping packages for other reasons the same deadlock could occur in case of netpoll being active for the interface the xen-netback driver is connected to (CVE-2022-42329).
ModerateCVE-2022-42329SUSE bug 1206114cpe:/o:opensuse:leap-micro:5.2CVE-2022-42331openSUSE Leap Micro 5.2
x86: speculative vulnerability in 32bit SYSCALL path Due to an oversight in the very original Spectre/Meltdown security work (XSA-254), one entrypath performs its speculation-safety actions too late. In some configurations, there is an unprotected RET instruction which can be attacked with a variety of speculative attacks.
ModerateCVE-2022-42331SUSE bug 1209019cpe:/o:opensuse:leap-micro:5.2CVE-2022-42332openSUSE Leap Micro 5.2
x86 shadow plus log-dirty mode use-after-free In environments where host assisted address translation is necessary but Hardware Assisted Paging (HAP) is unavailable, Xen will run guests in so called shadow mode. Shadow mode maintains a pool of memory used for both shadow page tables as well as auxiliary data structures. To migrate or snapshot guests, Xen additionally runs them in so called log-dirty mode. The data structures needed by the log-dirty tracking are part of aformentioned auxiliary data. In order to keep error handling efforts within reasonable bounds, for operations which may require memory allocations shadow mode logic ensures up front that enough memory is available for the worst case requirements. Unfortunately, while page table memory is properly accounted for on the code path requiring the potential establishing of new shadows, demands by the log-dirty infrastructure were not taken into consideration. As a result, just established shadow page tables could be freed again immediately, while other code is still accessing them on the assumption that they would remain allocated.
ImportantCVE-2022-42332SUSE bug 1209017cpe:/o:opensuse:leap-micro:5.2CVE-2022-42333openSUSE Leap Micro 5.2
x86/HVM pinned cache attributes mis-handling T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] To allow cachability control for HVM guests with passed through devices, an interface exists to explicitly override defaults which would otherwise be put in place. While not exposed to the affected guests themselves, the interface specifically exists for domains controlling such guests. This interface may therefore be used by not fully privileged entities, e.g. qemu running deprivileged in Dom0 or qemu running in a so called stub-domain. With this exposure it is an issue that - the number of the such controlled regions was unbounded (CVE-2022-42333), - installation and removal of such regions was not properly serialized (CVE-2022-42334).
ModerateCVE-2022-42333SUSE bug 1209018cpe:/o:opensuse:leap-micro:5.2CVE-2022-42334openSUSE Leap Micro 5.2
x86/HVM pinned cache attributes mis-handling T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] To allow cachability control for HVM guests with passed through devices, an interface exists to explicitly override defaults which would otherwise be put in place. While not exposed to the affected guests themselves, the interface specifically exists for domains controlling such guests. This interface may therefore be used by not fully privileged entities, e.g. qemu running deprivileged in Dom0 or qemu running in a so called stub-domain. With this exposure it is an issue that - the number of the such controlled regions was unbounded (CVE-2022-42333), - installation and removal of such regions was not properly serialized (CVE-2022-42334).
ModerateCVE-2022-42334SUSE bug 1209018cpe:/o:opensuse:leap-micro:5.2CVE-2022-4254openSUSE Leap Micro 5.2
sssd: libsss_certmap fails to sanitise certificate data used in LDAP filters
ImportantCVE-2022-4254SUSE bug 1207474cpe:/o:opensuse:leap-micro:5.2CVE-2022-42703openSUSE Leap Micro 5.2
mm/rmap.c in the Linux kernel before 5.19.7 has a use-after-free related to leaf anon_vma double reuse.
ImportantCVE-2022-42703SUSE bug 1204168SUSE bug 1204170SUSE bug 1206463SUSE bug 1208044SUSE bug 1209225cpe:/o:opensuse:leap-micro:5.2CVE-2022-42719openSUSE Leap Micro 5.2
A use-after-free in the mac80211 stack when parsing a multi-BSSID element in the Linux kernel 5.2 through 5.19.x before 5.19.16 could be used by attackers (able to inject WLAN frames) to crash the kernel and potentially execute code.
ImportantCVE-2022-42719SUSE bug 1204051SUSE bug 1204292SUSE bug 1209225cpe:/o:opensuse:leap-micro:5.2CVE-2022-42720openSUSE Leap Micro 5.2
Various refcounting bugs in the multi-BSS handling in the mac80211 stack in the Linux kernel 5.1 through 5.19.x before 5.19.16 could be used by local attackers (able to inject WLAN frames) to trigger use-after-free conditions to potentially execute code.
ImportantCVE-2022-42720SUSE bug 1204059SUSE bug 1204291SUSE bug 1209225cpe:/o:opensuse:leap-micro:5.2CVE-2022-42721openSUSE Leap Micro 5.2
A list management bug in BSS handling in the mac80211 stack in the Linux kernel 5.1 through 5.19.x before 5.19.16 could be used by local attackers (able to inject WLAN frames) to corrupt a linked list and, in turn, potentially execute code.
ImportantCVE-2022-42721SUSE bug 1204060SUSE bug 1204290SUSE bug 1209225cpe:/o:opensuse:leap-micro:5.2CVE-2022-42722openSUSE Leap Micro 5.2
In the Linux kernel 5.8 through 5.19.x before 5.19.16, local attackers able to inject WLAN frames into the mac80211 stack could cause a NULL pointer dereference denial-of-service attack against the beacon protection of P2P devices.
ImportantCVE-2022-42722SUSE bug 1204125SUSE bug 1204289SUSE bug 1209225cpe:/o:opensuse:leap-micro:5.2CVE-2022-42895openSUSE Leap Micro 5.2
There is an infoleak vulnerability in the Linux kernel's net/bluetooth/l2cap_core.c's l2cap_parse_conf_req function which can be used to leak kernel pointers remotely. We recommend upgrading past commit https://github.com/torvalds/linux/commit/b1a2cd50c0357f243b7435a732b4e62ba3157a2e https://www.google.com/url
ModerateCVE-2022-42895SUSE bug 1205705cpe:/o:opensuse:leap-micro:5.2CVE-2022-42896openSUSE Leap Micro 5.2
There are use-after-free vulnerabilities in the Linux kernel's net/bluetooth/l2cap_core.c's l2cap_connect and l2cap_le_connect_req functions which may allow code execution and leaking kernel memory (respectively) remotely via Bluetooth. A remote attacker could execute code leaking kernel memory via Bluetooth if within proximity of the victim. We recommend upgrading past commit https://www.google.com/url https://github.com/torvalds/linux/commit/711f8c3fb3db61897080468586b970c87c61d9e4 https://www.google.com/url
ModerateCVE-2022-42896SUSE bug 1205709cpe:/o:opensuse:leap-micro:5.2CVE-2022-42898openSUSE Leap Micro 5.2
PAC parsing in MIT Kerberos 5 (aka krb5) before 1.19.4 and 1.20.x before 1.20.1 has integer overflows that may lead to remote code execution (in KDC, kadmind, or a GSS or Kerberos application server) on 32-bit platforms (which have a resultant heap-based buffer overflow), and cause a denial of service on other platforms. This occurs in krb5_pac_parse in lib/krb5/krb/pac.c. Heimdal before 7.7.1 has "a similar bug."
ModerateCVE-2022-42898SUSE bug 1205126SUSE bug 1205667SUSE bug 1207423SUSE bug 1207690SUSE bug 1211487cpe:/o:opensuse:leap-micro:5.2CVE-2022-4292openSUSE Leap Micro 5.2
Use After Free in GitHub repository vim/vim prior to 9.0.0882.
ImportantCVE-2022-4292SUSE bug 1206075SUSE bug 1208100SUSE bug 1208649SUSE bug 1208651cpe:/o:opensuse:leap-micro:5.2CVE-2022-4293openSUSE Leap Micro 5.2
Floating Point Comparison with Incorrect Operator in GitHub repository vim/vim prior to 9.0.0804.
ModerateCVE-2022-4293SUSE bug 1206077SUSE bug 1211489cpe:/o:opensuse:leap-micro:5.2CVE-2022-42969openSUSE Leap Micro 5.2
The py library through 1.11.0 for Python allows remote attackers to conduct a ReDoS (Regular expression Denial of Service) attack via a Subversion repository with crafted info data, because the InfoSvnCommand argument is mishandled.
ModerateCVE-2022-42969SUSE bug 1204364cpe:/o:opensuse:leap-micro:5.2CVE-2022-4304openSUSE Leap Micro 5.2
A timing based side channel exists in the OpenSSL RSA Decryption implementation which could be sufficient to recover a plaintext across a network in a Bleichenbacher style attack. To achieve a successful decryption an attacker would have to be able to send a very large number of trial messages for decryption. The vulnerability affects all RSA padding modes: PKCS#1 v1.5, RSA-OEAP and RSASVE. For example, in a TLS connection, RSA is commonly used by a client to send an encrypted pre-master secret to the server. An attacker that had observed a genuine connection between a client and a server could use this flaw to send trial messages to the server and record the time taken to process them. After a sufficiently large number of messages the attacker could recover the pre-master secret used for the original connection and thus be able to decrypt the application data sent over that connection.
ModerateCVE-2022-4304SUSE bug 1207534SUSE bug 1210067SUSE bug 1213146SUSE bug 1213289SUSE bug 1215014cpe:/o:opensuse:leap-micro:5.2CVE-2022-43552openSUSE Leap Micro 5.2
A use after free vulnerability exists in curl <7.87.0. Curl can be asked to *tunnel* virtually all protocols it supports through an HTTP proxy. HTTP proxies can (and often do) deny such tunnel operations. When getting denied to tunnel the specific protocols SMB or TELNET, curl would use a heap-allocated struct after it had been freed, in its transfer shutdown code path.
ModerateCVE-2022-43552SUSE bug 1206309cpe:/o:opensuse:leap-micro:5.2CVE-2022-43680openSUSE Leap Micro 5.2
In libexpat through 2.4.9, there is a use-after free caused by overeager destruction of a shared DTD in XML_ExternalEntityParserCreate in out-of-memory situations.
ImportantCVE-2022-43680SUSE bug 1204708SUSE bug 1205590SUSE bug 1205598SUSE bug 1208339cpe:/o:opensuse:leap-micro:5.2CVE-2022-43750openSUSE Leap Micro 5.2
drivers/usb/mon/mon_bin.c in usbmon in the Linux kernel before 5.19.15 and 6.x before 6.0.1 allows a user-space client to corrupt the monitor's internal memory.
ModerateCVE-2022-43750SUSE bug 1204653SUSE bug 1211484cpe:/o:opensuse:leap-micro:5.2CVE-2022-4378openSUSE Leap Micro 5.2
A stack overflow flaw was found in the Linux kernel's SYSCTL subsystem in how a user changes certain kernel parameters and variables. This flaw allows a local user to crash or potentially escalate their privileges on the system.
ImportantCVE-2022-4378SUSE bug 1206207SUSE bug 1206228SUSE bug 1208030SUSE bug 1208085SUSE bug 1209225SUSE bug 1211118SUSE bug 1214268cpe:/o:opensuse:leap-micro:5.2CVE-2022-43945openSUSE Leap Micro 5.2
The Linux kernel NFSD implementation prior to versions 5.19.17 and 6.0.2 are vulnerable to buffer overflow. NFSD tracks the number of pages held by each NFSD thread by combining the receive and send buffers of a remote procedure call (RPC) into a single array of pages. A client can force the send buffer to shrink by sending an RPC message over TCP with garbage data added at the end of the message. The RPC message with garbage data is still correctly formed according to the specification and is passed forward to handlers. Vulnerable code in NFSD is not expecting the oversized request and writes beyond the allocated buffer space. CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
ImportantCVE-2022-43945SUSE bug 1205128SUSE bug 1205130SUSE bug 1208030SUSE bug 1208085SUSE bug 1209225SUSE bug 1210124cpe:/o:opensuse:leap-micro:5.2CVE-2022-43995openSUSE Leap Micro 5.2
Sudo 1.8.0 through 1.9.12, with the crypt() password backend, contains a plugins/sudoers/auth/passwd.c array-out-of-bounds error that can result in a heap-based buffer over-read. This can be triggered by arbitrary local users with access to Sudo by entering a password of seven characters or fewer. The impact could vary depending on the system libraries, compiler, and processor architecture.
ImportantCVE-2022-43995SUSE bug 1204986SUSE bug 1205838SUSE bug 1205969SUSE bug 1206905cpe:/o:opensuse:leap-micro:5.2CVE-2022-4415openSUSE Leap Micro 5.2
A vulnerability was found in systemd. This security flaw can cause a local information leak due to systemd-coredump not respecting the fs.suid_dumpable kernel setting.
ModerateCVE-2022-4415SUSE bug 1205000cpe:/o:opensuse:leap-micro:5.2CVE-2022-4450openSUSE Leap Micro 5.2
The function PEM_read_bio_ex() reads a PEM file from a BIO and parses and decodes the "name" (e.g. "CERTIFICATE"), any header data and the payload data. If the function succeeds then the "name_out", "header" and "data" arguments are populated with pointers to buffers containing the relevant decoded data. The caller is responsible for freeing those buffers. It is possible to construct a PEM file that results in 0 bytes of payload data. In this case PEM_read_bio_ex() will return a failure code but will populate the header argument with a pointer to a buffer that has already been freed. If the caller also frees this buffer then a double free will occur. This will most likely lead to a crash. This could be exploited by an attacker who has the ability to supply malicious PEM files for parsing to achieve a denial of service attack. The functions PEM_read_bio() and PEM_read() are simple wrappers around PEM_read_bio_ex() and therefore these functions are also directly affected. These functions are also called indirectly by a number of other OpenSSL functions including PEM_X509_INFO_read_bio_ex() and SSL_CTX_use_serverinfo_file() which are also vulnerable. Some OpenSSL internal uses of these functions are not vulnerable because the caller does not free the header argument if PEM_read_bio_ex() returns a failure code. These locations include the PEM_read_bio_TYPE() functions as well as the decoders introduced in OpenSSL 3.0. The OpenSSL asn1parse command line application is also impacted by this issue.
ModerateCVE-2022-4450SUSE bug 1207538cpe:/o:opensuse:leap-micro:5.2CVE-2022-44638openSUSE Leap Micro 5.2
In libpixman in Pixman before 0.42.2, there is an out-of-bounds write (aka heap-based buffer overflow) in rasterize_edges_8 due to an integer overflow in pixman_sample_floor_y.
ImportantCVE-2022-44638SUSE bug 1205033SUSE bug 1208313SUSE bug 1208345SUSE bug 1211497cpe:/o:opensuse:leap-micro:5.2CVE-2022-45061openSUSE Leap Micro 5.2
An issue was discovered in Python before 3.11.1. An unnecessary quadratic algorithm exists in one path when processing some inputs to the IDNA (RFC 3490) decoder, such that a crafted, unreasonably long name being presented to the decoder could lead to a CPU denial of service. Hostnames are often supplied by remote servers that could be controlled by a malicious actor; in such a scenario, they could trigger excessive CPU consumption on the client attempting to make use of an attacker-supplied supposed hostname. For example, the attack payload could be placed in the Location header of an HTTP response with status code 302. A fix is planned in 3.11.1, 3.10.9, 3.9.16, 3.8.16, and 3.7.16.
ModerateCVE-2022-45061SUSE bug 1205244SUSE bug 1211488cpe:/o:opensuse:leap-micro:5.2CVE-2022-45934openSUSE Leap Micro 5.2
An issue was discovered in the Linux kernel through 6.0.10. l2cap_config_req in net/bluetooth/l2cap_core.c has an integer wraparound via L2CAP_CONF_REQ packets.
ModerateCVE-2022-45934SUSE bug 1205796SUSE bug 1212292cpe:/o:opensuse:leap-micro:5.2CVE-2022-4662openSUSE Leap Micro 5.2
A flaw incorrect access control in the Linux kernel USB core subsystem was found in the way user attaches usb device. A local user could use this flaw to crash the system.
ModerateCVE-2022-4662SUSE bug 1206664cpe:/o:opensuse:leap-micro:5.2CVE-2022-46908openSUSE Leap Micro 5.2
SQLite through 3.40.0, when relying on --safe for execution of an untrusted CLI script, does not properly implement the azProhibitedFunctions protection mechanism, and instead allows UDF functions such as WRITEFILE.
ImportantCVE-2022-46908SUSE bug 1206337cpe:/o:opensuse:leap-micro:5.2CVE-2022-4744openSUSE Leap Micro 5.2
A double-free flaw was found in the Linux kernel’s TUN/TAP device driver functionality in how a user registers the device when the register_netdevice function fails (NETDEV_REGISTER notifier). This flaw allows a local user to crash or potentially escalate their privileges on the system.
ImportantCVE-2022-4744SUSE bug 1209635SUSE bug 1209672SUSE bug 1211833cpe:/o:opensuse:leap-micro:5.2CVE-2022-47520openSUSE Leap Micro 5.2
An issue was discovered in the Linux kernel before 6.0.11. Missing offset validation in drivers/net/wireless/microchip/wilc1000/hif.c in the WILC1000 wireless driver can trigger an out-of-bounds read when parsing a Robust Security Network (RSN) information element from a Netlink packet.
ImportantCVE-2022-47520SUSE bug 1206515SUSE bug 1207823cpe:/o:opensuse:leap-micro:5.2CVE-2022-47629openSUSE Leap Micro 5.2
Libksba before 1.6.3 is prone to an integer overflow vulnerability in the CRL signature parser.
ImportantCVE-2022-47629SUSE bug 1206579cpe:/o:opensuse:leap-micro:5.2CVE-2022-47929openSUSE Leap Micro 5.2
In the Linux kernel before 6.1.6, a NULL pointer dereference bug in the traffic control subsystem allows an unprivileged user to trigger a denial of service (system crash) via a crafted traffic control configuration that is set up with "tc qdisc" and "tc class" commands. This affects qdisc_graft in net/sched/sch_api.c.
ModerateCVE-2022-47929SUSE bug 1207237cpe:/o:opensuse:leap-micro:5.2CVE-2022-48281openSUSE Leap Micro 5.2
processCropSelections in tools/tiffcrop.c in LibTIFF through 4.5.0 has a heap-based buffer overflow (e.g., "WRITE of size 307203") via a crafted TIFF image.
ImportantCVE-2022-48281SUSE bug 1207413SUSE bug 1208655SUSE bug 1209328SUSE bug 1209937cpe:/o:opensuse:leap-micro:5.2CVE-2022-48303openSUSE Leap Micro 5.2
GNU Tar through 1.34 has a one-byte out-of-bounds read that results in use of uninitialized memory for a conditional jump. Exploitation to change the flow of control has not been demonstrated. The issue occurs in from_header in list.c via a V7 archive in which mtime has approximately 11 whitespace characters.
ModerateCVE-2022-48303SUSE bug 1207753cpe:/o:opensuse:leap-micro:5.2CVE-2022-4899openSUSE Leap Micro 5.2
A vulnerability was found in zstd v1.4.10, where an attacker can supply empty string as an argument to the command line tool to cause buffer overrun.
ModerateCVE-2022-4899SUSE bug 1209533cpe:/o:opensuse:leap-micro:5.2CVE-2022-4904openSUSE Leap Micro 5.2
A flaw was found in the c-ares package. The ares_set_sortlist is missing checks about the validity of the input string, which allows a possible arbitrary length stack overflow. This issue may cause a denial of service or a limited impact on confidentiality and integrity.
ModerateCVE-2022-4904SUSE bug 1208067cpe:/o:opensuse:leap-micro:5.2CVE-2023-0045openSUSE Leap Micro 5.2
The current implementation of the prctl syscall does not issue an IBPB immediately during the syscall. The ib_prctl_set ?function updates the Thread Information Flags (TIFs) for the task and updates the SPEC_CTRL MSR on the function __speculation_ctrl_update, but the IBPB is only issued on the next schedule, when the TIF bits are checked. This leaves the victim vulnerable to values already injected on the BTB, prior to the prctl syscall. ?The patch that added the support for the conditional mitigation via prctl (ib_prctl_set) dates back to the kernel 4.9.176.
We recommend upgrading past commit?a664ec9158eeddd75121d39c9a0758016097fa96
ModerateCVE-2023-0045SUSE bug 1207773cpe:/o:opensuse:leap-micro:5.2CVE-2023-0049openSUSE Leap Micro 5.2
Out-of-bounds Read in GitHub repository vim/vim prior to 9.0.1143.
ModerateCVE-2023-0049SUSE bug 1206866cpe:/o:opensuse:leap-micro:5.2CVE-2023-0051openSUSE Leap Micro 5.2
Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.1144.
ModerateCVE-2023-0051SUSE bug 1206867cpe:/o:opensuse:leap-micro:5.2CVE-2023-0054openSUSE Leap Micro 5.2
Out-of-bounds Write in GitHub repository vim/vim prior to 9.0.1145.
ModerateCVE-2023-0054SUSE bug 1206868cpe:/o:opensuse:leap-micro:5.2CVE-2023-0179openSUSE Leap Micro 5.2
A buffer overflow vulnerability was found in the Netfilter subsystem in the Linux Kernel. This issue could allow the leakage of both stack and heap addresses, and potentially allow Local Privilege Escalation to the root user via arbitrary code execution.
ImportantCVE-2023-0179SUSE bug 1207034SUSE bug 1207139SUSE bug 1215208cpe:/o:opensuse:leap-micro:5.2CVE-2023-0215openSUSE Leap Micro 5.2
The public API function BIO_new_NDEF is a helper function used for streaming
ASN.1 data via a BIO. It is primarily used internally to OpenSSL to support the
SMIME, CMS and PKCS7 streaming capabilities, but may also be called directly by
end user applications.
The function receives a BIO from the caller, prepends a new BIO_f_asn1 filter
BIO onto the front of it to form a BIO chain, and then returns the new head of
the BIO chain to the caller. Under certain conditions, for example if a CMS
recipient public key is invalid, the new filter BIO is freed and the function
returns a NULL result indicating a failure. However, in this case, the BIO chain
is not properly cleaned up and the BIO passed by the caller still retains
internal pointers to the previously freed filter BIO. If the caller then goes on
to call BIO_pop() on the BIO then a use-after-free will occur. This will most
likely result in a crash.
This scenario occurs directly in the internal function B64_write_ASN1() which
may cause BIO_new_NDEF() to be called and will subsequently call BIO_pop() on
the BIO. This internal function is in turn called by the public API functions
PEM_write_bio_ASN1_stream, PEM_write_bio_CMS_stream, PEM_write_bio_PKCS7_stream,
SMIME_write_ASN1, SMIME_write_CMS and SMIME_write_PKCS7.
Other public API functions that may be impacted by this include
i2d_ASN1_bio_stream, BIO_new_CMS, BIO_new_PKCS7, i2d_CMS_bio_stream and
i2d_PKCS7_bio_stream.
The OpenSSL cms and smime command line applications are similarly affected.
ModerateCVE-2023-0215SUSE bug 1207536SUSE bug 1213146cpe:/o:opensuse:leap-micro:5.2CVE-2023-0225openSUSE Leap Micro 5.2
A flaw was found in Samba. An incomplete access check on dnsHostName allows authenticated but otherwise unprivileged users to delete this attribute from any object in the directory.
ModerateCVE-2023-0225SUSE bug 1209483cpe:/o:opensuse:leap-micro:5.2CVE-2023-0266openSUSE Leap Micro 5.2
A use after free vulnerability exists in the ALSA PCM package in the Linux Kernel.?SNDRV_CTL_IOCTL_ELEM_{READ|WRITE}32 is missing locks that can be used in a use-after-free that can result in a priviledge escalation to gain ring0 access from the system user. We recommend upgrading past commit?56b88b50565cd8b946a2d00b0c83927b7ebb055e
ImportantCVE-2023-0266SUSE bug 1207134SUSE bug 1207190SUSE bug 1214128cpe:/o:opensuse:leap-micro:5.2CVE-2023-0286openSUSE Leap Micro 5.2
There is a type confusion vulnerability relating to X.400 address processing inside an X.509 GeneralName. X.400 addresses were parsed as an ASN1_STRING but the public structure definition for GENERAL_NAME incorrectly specified the type of the x400Address field as ASN1_TYPE. This field is subsequently interpreted by the OpenSSL function GENERAL_NAME_cmp as an ASN1_TYPE rather than an ASN1_STRING. When CRL checking is enabled (i.e. the application sets the X509_V_FLAG_CRL_CHECK flag), this vulnerability may allow an attacker to pass arbitrary pointers to a memcmp call, enabling them to read memory contents or enact a denial of service. In most cases, the attack requires the attacker to provide both the certificate chain and CRL, neither of which need to have a valid signature. If the attacker only controls one of these inputs, the other input must already contain an X.400 address as a CRL distribution point, which is uncommon. As such, this vulnerability is most likely to only affect applications which have implemented their own functionality for retrieving CRLs over a network.
ImportantCVE-2023-0286SUSE bug 1207533SUSE bug 1207569SUSE bug 1211136SUSE bug 1211503SUSE bug 1213146SUSE bug 1214269cpe:/o:opensuse:leap-micro:5.2CVE-2023-0288openSUSE Leap Micro 5.2
Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.1189.
ModerateCVE-2023-0288SUSE bug 1207162cpe:/o:opensuse:leap-micro:5.2CVE-2023-0361openSUSE Leap Micro 5.2
A timing side-channel in the handling of RSA ClientKeyExchange messages was discovered in GnuTLS. This side-channel can be sufficient to recover the key encrypted in the RSA ciphertext across a network in a Bleichenbacher style attack. To achieve a successful decryption the attacker would need to send a large amount of specially crafted messages to the vulnerable server. By recovering the secret from the ClientKeyExchange message, the attacker would be able to decrypt the application data exchanged over that connection.
ModerateCVE-2023-0361SUSE bug 1208143cpe:/o:opensuse:leap-micro:5.2CVE-2023-0394openSUSE Leap Micro 5.2
A NULL pointer dereference flaw was found in rawv6_push_pending_frames in net/ipv6/raw.c in the network subcomponent in the Linux kernel. This flaw causes the system to crash.
ModerateCVE-2023-0394SUSE bug 1207168cpe:/o:opensuse:leap-micro:5.2CVE-2023-0433openSUSE Leap Micro 5.2
Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.1225.
LowCVE-2023-0433SUSE bug 1207396cpe:/o:opensuse:leap-micro:5.2CVE-2023-0461openSUSE Leap Micro 5.2
There is a use-after-free vulnerability in the Linux Kernel which can be exploited to achieve local privilege escalation. To reach the vulnerability kernel configuration flag CONFIG_TLS?or CONFIG_XFRM_ESPINTCP?has to be configured, but the operation does not require any privilege.
There is a use-after-free bug of icsk_ulp_data?of a struct inet_connection_sock.
When CONFIG_TLS?is enabled, user can install a tls context (struct tls_context) on a connected tcp socket. The context is not cleared if this socket is disconnected and reused as a listener. If a new socket is created from the listener, the context is inherited and vulnerable.
The setsockopt?TCP_ULP?operation does not require any privilege.
We recommend upgrading past commit?2c02d41d71f90a5168391b6a5f2954112ba2307c
ImportantCVE-2023-0461SUSE bug 1208787SUSE bug 1208911SUSE bug 1211833cpe:/o:opensuse:leap-micro:5.2CVE-2023-0464openSUSE Leap Micro 5.2
A security vulnerability has been identified in all supported versions
of OpenSSL related to the verification of X.509 certificate chains
that include policy constraints. Attackers may be able to exploit this
vulnerability by creating a malicious certificate chain that triggers
exponential use of computational resources, leading to a denial-of-service
(DoS) attack on affected systems.
Policy processing is disabled by default but can be enabled by passing
the `-policy' argument to the command line utilities or by calling the
`X509_VERIFY_PARAM_set1_policies()' function.
ModerateCVE-2023-0464SUSE bug 1209624cpe:/o:opensuse:leap-micro:5.2CVE-2023-0465openSUSE Leap Micro 5.2
Applications that use a non-default option when verifying certificates may be
vulnerable to an attack from a malicious CA to circumvent certain checks.
Invalid certificate policies in leaf certificates are silently ignored by
OpenSSL and other certificate policy checks are skipped for that certificate.
A malicious CA could use this to deliberately assert invalid certificate policies
in order to circumvent policy checking on the certificate altogether.
Policy processing is disabled by default but can be enabled by passing
the `-policy' argument to the command line utilities or by calling the
`X509_VERIFY_PARAM_set1_policies()' function.
ModerateCVE-2023-0465SUSE bug 1209878SUSE bug 1212331SUSE bug 1215014cpe:/o:opensuse:leap-micro:5.2CVE-2023-0466openSUSE Leap Micro 5.2
The function X509_VERIFY_PARAM_add0_policy() is documented to
implicitly enable the certificate policy check when doing certificate
verification. However the implementation of the function does not
enable the check which allows certificates with invalid or incorrect
policies to pass the certificate verification.
As suddenly enabling the policy check could break existing deployments it was
decided to keep the existing behavior of the X509_VERIFY_PARAM_add0_policy()
function.
Instead the applications that require OpenSSL to perform certificate
policy check need to use X509_VERIFY_PARAM_set1_policies() or explicitly
enable the policy check by calling X509_VERIFY_PARAM_set_flags() with
the X509_V_FLAG_POLICY_CHECK flag argument.
Certificate policy checks are disabled by default in OpenSSL and are not
commonly used by applications.
LowCVE-2023-0466SUSE bug 1209873cpe:/o:opensuse:leap-micro:5.2CVE-2023-0512openSUSE Leap Micro 5.2
Divide By Zero in GitHub repository vim/vim prior to 9.0.1247.
ImportantCVE-2023-0512SUSE bug 1207780SUSE bug 1210385cpe:/o:opensuse:leap-micro:5.2CVE-2023-0590openSUSE Leap Micro 5.2
A use-after-free flaw was found in qdisc_graft in net/sched/sch_api.c in the Linux Kernel due to a race problem. This flaw leads to a denial of service issue. If patch ebda44da44f6 ("net: sched: fix race condition in qdisc_graft()") not applied yet, then kernel could be affected.
ImportantCVE-2023-0590SUSE bug 1207795SUSE bug 1207822SUSE bug 1211495SUSE bug 1211833cpe:/o:opensuse:leap-micro:5.2CVE-2023-0597openSUSE Leap Micro 5.2
A flaw possibility of memory leak in the Linux kernel cpu_entry_area mapping of X86 CPU data to memory was found in the way user can guess location of exception stack(s) or other important data. A local user could use this flaw to get access to some important data with expected location in memory.
ModerateCVE-2023-0597SUSE bug 1207845SUSE bug 1212395SUSE bug 1213271cpe:/o:opensuse:leap-micro:5.2CVE-2023-0614openSUSE Leap Micro 5.2
The fix in 4.6.16, 4.7.9, 4.8.4 and 4.9.7 for CVE-2018-10919 Confidential attribute disclosure vi LDAP filters was insufficient and an attacker may be able to obtain confidential BitLocker recovery keys from a Samba AD DC.
ModerateCVE-2023-0614SUSE bug 1209485cpe:/o:opensuse:leap-micro:5.2CVE-2023-0687openSUSE Leap Micro 5.2
** DISPUTED ** A vulnerability was found in GNU C Library 2.38. It has been declared as critical. This vulnerability affects the function __monstartup of the file gmon.c of the component Call Graph Monitor. The manipulation leads to buffer overflow. It is recommended to apply a patch to fix this issue. VDB-220246 is the identifier assigned to this vulnerability. NOTE: The real existence of this vulnerability is still doubted at the moment. The inputs that induce this vulnerability are basically addresses of the running application that is built with gmon enabled. It's basically trusted input or input that needs an actual security flaw to be compromised or controlled.
LowCVE-2023-0687SUSE bug 1207975cpe:/o:opensuse:leap-micro:5.2CVE-2023-0767openSUSE Leap Micro 5.2
An attacker could construct a PKCS 12 cert bundle in such a way that could allow for arbitrary memory writes via PKCS 12 Safe Bag attributes being mishandled. This vulnerability affects Firefox < 110, Thunderbird < 102.8, and Firefox ESR < 102.8.
ImportantCVE-2023-0767SUSE bug 1208138SUSE bug 1213200SUSE bug 1213818SUSE bug 1214271cpe:/o:opensuse:leap-micro:5.2CVE-2023-0778openSUSE Leap Micro 5.2
A Time-of-check Time-of-use (TOCTOU) flaw was found in podman. This issue may allow a malicious user to replace a normal file in a volume with a symlink while exporting the volume, allowing for access to arbitrary files on the host file system.
ModerateCVE-2023-0778SUSE bug 1208364cpe:/o:opensuse:leap-micro:5.2CVE-2023-0922openSUSE Leap Micro 5.2
The Samba AD DC administration tool, when operating against a remote LDAP server, will by default send new or reset passwords over a signed-only connection.
ModerateCVE-2023-0922SUSE bug 1209481cpe:/o:opensuse:leap-micro:5.2CVE-2023-1017openSUSE Leap Micro 5.2
An out-of-bounds write vulnerability exists in TPM2.0's Module Library allowing writing of a 2-byte data past the end of TPM2.0 command in the CryptParameterDecryption routine. An attacker who can successfully exploit this vulnerability can lead to denial of service (crashing the TPM chip/process or rendering it unusable) and/or arbitrary code execution in the TPM context.
ImportantCVE-2023-1017SUSE bug 1206022cpe:/o:opensuse:leap-micro:5.2CVE-2023-1018openSUSE Leap Micro 5.2
An out-of-bounds read vulnerability exists in TPM2.0's Module Library allowing a 2-byte read past the end of a TPM2.0 command in the CryptParameterDecryption routine. An attacker who can successfully exploit this vulnerability can read or access sensitive data stored in the TPM.
LowCVE-2023-1018SUSE bug 1206023cpe:/o:opensuse:leap-micro:5.2CVE-2023-1075openSUSE Leap Micro 5.2
A flaw was found in the Linux Kernel. The tls_is_tx_ready() incorrectly checks for list emptiness, potentially accessing a type confused entry to the list_head, leaking the last byte of the confused field that overlaps with rec->tx_ready.
LowCVE-2023-1075SUSE bug 1208598cpe:/o:opensuse:leap-micro:5.2CVE-2023-1076openSUSE Leap Micro 5.2
A flaw was found in the Linux Kernel. The tun/tap sockets have their socket UID hardcoded to 0 due to a type confusion in their initialization function. While it will be often correct, as tuntap devices require CAP_NET_ADMIN, it may not always be the case, e.g., a non-root user only having that capability. This would make tun/tap sockets being incorrectly treated in filtering/routing decisions, possibly bypassing network filters.
ModerateCVE-2023-1076SUSE bug 1208599SUSE bug 1214019cpe:/o:opensuse:leap-micro:5.2CVE-2023-1078openSUSE Leap Micro 5.2
A flaw was found in the Linux Kernel in RDS (Reliable Datagram Sockets) protocol. The rds_rm_zerocopy_callback() uses list_entry() on the head of a list causing a type confusion. Local user can trigger this with rds_message_put(). Type confusion leads to `struct rds_msg_zcopy_info *info` actually points to something else that is potentially controlled by local user. It is known how to trigger this, which causes an out of bounds access, and a lock corruption.
ImportantCVE-2023-1078SUSE bug 1208601SUSE bug 1208603cpe:/o:opensuse:leap-micro:5.2CVE-2023-1095openSUSE Leap Micro 5.2
In nf_tables_updtable, if nf_tables_table_enable returns an error, nft_trans_destroy is called to free the transaction object. nft_trans_destroy() calls list_del(), but the transaction was never placed on a list -- the list head is all zeroes, this results in a NULL pointer dereference.
ModerateCVE-2023-1095SUSE bug 1208777cpe:/o:opensuse:leap-micro:5.2CVE-2023-1118openSUSE Leap Micro 5.2
A flaw use after free in the Linux kernel integrated infrared receiver/transceiver driver was found in the way user detaching rc device. A local user could use this flaw to crash the system or potentially escalate their privileges on the system.
ModerateCVE-2023-1118SUSE bug 1208837SUSE bug 1208910SUSE bug 1210423SUSE bug 1211495SUSE bug 1213841SUSE bug 1213842cpe:/o:opensuse:leap-micro:5.2CVE-2023-1127openSUSE Leap Micro 5.2
Divide By Zero in GitHub repository vim/vim prior to 9.0.1367.
ModerateCVE-2023-1127SUSE bug 1208828cpe:/o:opensuse:leap-micro:5.2CVE-2023-1170openSUSE Leap Micro 5.2
Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.1376.
ModerateCVE-2023-1170SUSE bug 1208959cpe:/o:opensuse:leap-micro:5.2CVE-2023-1175openSUSE Leap Micro 5.2
Incorrect Calculation of Buffer Size in GitHub repository vim/vim prior to 9.0.1378.
ModerateCVE-2023-1175SUSE bug 1208957cpe:/o:opensuse:leap-micro:5.2CVE-2023-1195openSUSE Leap Micro 5.2
A use-after-free flaw was found in reconn_set_ipaddr_from_hostname in fs/cifs/connect.c in the Linux kernel. The issue occurs when it forgets to set the free pointer server->hostname to NULL, leading to an invalid pointer request.
LowCVE-2023-1195SUSE bug 1208971cpe:/o:opensuse:leap-micro:5.2CVE-2023-1264openSUSE Leap Micro 5.2
NULL Pointer Dereference in GitHub repository vim/vim prior to 9.0.1392.
ModerateCVE-2023-1264SUSE bug 1209042cpe:/o:opensuse:leap-micro:5.2CVE-2023-1281openSUSE Leap Micro 5.2
Use After Free vulnerability in Linux kernel traffic control index filter (tcindex) allows Privilege Escalation.?The imperfect hash area can be updated while packets are traversing, which will cause a use-after-free when 'tcf_exts_exec()' is called with the destroyed tcf_ext.?A local attacker user can use this vulnerability to elevate its privileges to root.
This issue affects Linux Kernel: from 4.14 before git commit ee059170b1f7e94e55fa6cadee544e176a6e59c2.
ImportantCVE-2023-1281SUSE bug 1209634SUSE bug 1209683SUSE bug 1210335SUSE bug 1210423SUSE bug 1211833cpe:/o:opensuse:leap-micro:5.2CVE-2023-1355openSUSE Leap Micro 5.2
NULL Pointer Dereference in GitHub repository vim/vim prior to 9.0.1402.
ModerateCVE-2023-1355SUSE bug 1209187cpe:/o:opensuse:leap-micro:5.2CVE-2023-1382openSUSE Leap Micro 5.2
A data race flaw was found in the Linux kernel, between where con is allocated and con->sock is set. This issue leads to a NULL pointer dereference when accessing con->sock->sk in net/tipc/topsrv.c in the tipc protocol in the Linux kernel.
ModerateCVE-2023-1382SUSE bug 1209288cpe:/o:opensuse:leap-micro:5.2CVE-2023-1390openSUSE Leap Micro 5.2
A remote denial of service vulnerability was found in the Linux kernel’s TIPC kernel module. The while loop in tipc_link_xmit() hits an unknown state while attempting to parse SKBs, which are not in the queue. Sending two small UDP packets to a system with a UDP bearer results in the CPU utilization for the system to instantly spike to 100%, causing a denial of service condition.
ImportantCVE-2023-1390SUSE bug 1209289SUSE bug 1210779SUSE bug 1211495cpe:/o:opensuse:leap-micro:5.2CVE-2023-1513openSUSE Leap Micro 5.2
A flaw was found in KVM. When calling the KVM_GET_DEBUGREGS ioctl, on 32-bit systems, there might be some uninitialized portions of the kvm_debugregs structure that could be copied to userspace, causing an information leak.
LowCVE-2023-1513SUSE bug 1209532cpe:/o:opensuse:leap-micro:5.2CVE-2023-1582openSUSE Leap Micro 5.2
A race problem was found in fs/proc/task_mmu.c in the memory management sub-component in the Linux kernel. This issue may allow a local attacker with user privilege to cause a denial of service.
ModerateCVE-2023-1582SUSE bug 1209636cpe:/o:opensuse:leap-micro:5.2CVE-2023-1981openSUSE Leap Micro 5.2
A vulnerability was found in the avahi library. This flaw allows an unprivileged user to make a dbus call, causing the avahi daemon to crash.
ModerateCVE-2023-1981SUSE bug 1210328cpe:/o:opensuse:leap-micro:5.2CVE-2023-22809openSUSE Leap Micro 5.2
In Sudo before 1.9.12p2, the sudoedit (aka -e) feature mishandles extra arguments passed in the user-provided environment variables (SUDO_EDITOR, VISUAL, and EDITOR), allowing a local attacker to append arbitrary entries to the list of files to process. This can lead to privilege escalation. Affected versions are 1.8.0 through 1.9.12.p1. The problem exists because a user-specified editor may contain a "--" argument that defeats a protection mechanism, e.g., an EDITOR='vim -- /path/to/extra/file' value.
ImportantCVE-2023-22809SUSE bug 1207082SUSE bug 1208053SUSE bug 1209326cpe:/o:opensuse:leap-micro:5.2CVE-2023-22995openSUSE Leap Micro 5.2
In the Linux kernel before 5.17, an error path in dwc3_qcom_acpi_register_core in drivers/usb/dwc3/dwc3-qcom.c lacks certain platform_device_put and kfree calls.
LowCVE-2023-22995SUSE bug 1208741cpe:/o:opensuse:leap-micro:5.2CVE-2023-22998openSUSE Leap Micro 5.2
In the Linux kernel before 6.0.3, drivers/gpu/drm/virtio/virtgpu_object.c misinterprets the drm_gem_shmem_get_sg_table return value (expects it to be NULL in the error case, whereas it is actually an error pointer).
ModerateCVE-2023-22998SUSE bug 1208776cpe:/o:opensuse:leap-micro:5.2CVE-2023-23000openSUSE Leap Micro 5.2
In the Linux kernel before 5.17, drivers/phy/tegra/xusb.c mishandles the tegra_xusb_find_port_node return value. Callers expect NULL in the error case, but an error pointer is used.
LowCVE-2023-23000SUSE bug 1208816cpe:/o:opensuse:leap-micro:5.2CVE-2023-23004openSUSE Leap Micro 5.2
In the Linux kernel before 5.19, drivers/gpu/drm/arm/malidp_planes.c misinterprets the get_sg_table return value (expects it to be NULL in the error case, whereas it is actually an error pointer).
LowCVE-2023-23004SUSE bug 1208843cpe:/o:opensuse:leap-micro:5.2CVE-2023-23006openSUSE Leap Micro 5.2
In the Linux kernel before 5.15.13, drivers/net/ethernet/mellanox/mlx5/core/steering/dr_domain.c misinterprets the mlx5_get_uars_page return value (expects it to be NULL in the error case, whereas it is actually an error pointer).
ModerateCVE-2023-23006SUSE bug 1208845cpe:/o:opensuse:leap-micro:5.2CVE-2023-23454openSUSE Leap Micro 5.2
cbq_classify in net/sched/sch_cbq.c in the Linux kernel through 6.1.4 allows attackers to cause a denial of service (slab-out-of-bounds read) because of type confusion (non-negative numbers can sometimes indicate a TC_ACT_SHOT condition rather than valid classification results).
ImportantCVE-2023-23454SUSE bug 1207036SUSE bug 1207188SUSE bug 1208030SUSE bug 1208044SUSE bug 1208085SUSE bug 1211833cpe:/o:opensuse:leap-micro:5.2CVE-2023-23455openSUSE Leap Micro 5.2
atm_tc_enqueue in net/sched/sch_atm.c in the Linux kernel through 6.1.4 allows attackers to cause a denial of service because of type confusion (non-negative numbers can sometimes indicate a TC_ACT_SHOT condition rather than valid classification results).
ImportantCVE-2023-23455SUSE bug 1207125SUSE bug 1207189SUSE bug 1211833cpe:/o:opensuse:leap-micro:5.2CVE-2023-23559openSUSE Leap Micro 5.2
In rndis_query_oid in drivers/net/wireless/rndis_wlan.c in the Linux kernel through 6.1.5, there is an integer overflow in an addition.
ModerateCVE-2023-23559SUSE bug 1207051cpe:/o:opensuse:leap-micro:5.2CVE-2023-23916openSUSE Leap Micro 5.2
An allocation of resources without limits or throttling vulnerability exists in curl <v7.88.0 based on the "chained" HTTP compression algorithms, meaning that a server response can be compressed multiple times and potentially with differentalgorithms. The number of acceptable "links" in this "decompression chain" wascapped, but the cap was implemented on a per-header basis allowing a maliciousserver to insert a virtually unlimited number of compression steps simply byusing many headers. The use of such a decompression chain could result in a "malloc bomb", making curl end up spending enormous amounts of allocated heap memory, or trying to and returning out of memory errors.
ModerateCVE-2023-23916SUSE bug 1207992cpe:/o:opensuse:leap-micro:5.2CVE-2023-23931openSUSE Leap Micro 5.2
cryptography is a package designed to expose cryptographic primitives and recipes to Python developers. In affected versions `Cipher.update_into` would accept Python objects which implement the buffer protocol, but provide only immutable buffers. This would allow immutable objects (such as `bytes`) to be mutated, thus violating fundamental rules of Python and resulting in corrupted output. This now correctly raises an exception. This issue has been present since `update_into` was originally introduced in cryptography 1.8.
LowCVE-2023-23931SUSE bug 1208036cpe:/o:opensuse:leap-micro:5.2CVE-2023-24329openSUSE Leap Micro 5.2
An issue in the urllib.parse component of Python before 3.11.4 allows attackers to bypass blocklisting methods by supplying a URL that starts with blank characters.
ImportantCVE-2023-24329SUSE bug 1208471SUSE bug 1213553SUSE bug 1213554SUSE bug 1213839cpe:/o:opensuse:leap-micro:5.2CVE-2023-24593openSUSE Leap Micro 5.2
** REJECT ** Rejected by upstream.
ModerateCVE-2023-24593SUSE bug 1209714cpe:/o:opensuse:leap-micro:5.2CVE-2023-25012openSUSE Leap Micro 5.2
The Linux kernel through 6.1.9 has a Use-After-Free in bigben_remove in drivers/hid/hid-bigbenff.c via a crafted USB device because the LED controllers remain registered for too long.
ModerateCVE-2023-25012SUSE bug 1207560SUSE bug 1207846cpe:/o:opensuse:leap-micro:5.2CVE-2023-25153openSUSE Leap Micro 5.2
containerd is an open source container runtime. Before versions 1.6.18 and 1.5.18, when importing an OCI image, there was no limit on the number of bytes read for certain files. A maliciously crafted image with a large file where a limit was not applied could cause a denial of service. This bug has been fixed in containerd 1.6.18 and 1.5.18. Users should update to these versions to resolve the issue. As a workaround, ensure that only trusted images are used and that only trusted users have permissions to import images.
ModerateCVE-2023-25153SUSE bug 1208423cpe:/o:opensuse:leap-micro:5.2CVE-2023-25173openSUSE Leap Micro 5.2
containerd is an open source container runtime. A bug was found in containerd prior to versions 1.6.18 and 1.5.18 where supplementary groups are not set up properly inside a container. If an attacker has direct access to a container and manipulates their supplementary group access, they may be able to use supplementary group access to bypass primary group restrictions in some cases, potentially gaining access to sensitive information or gaining the ability to execute code in that container. Downstream applications that use the containerd client library may be affected as well.
This bug has been fixed in containerd v1.6.18 and v.1.5.18. Users should update to these versions and recreate containers to resolve this issue. Users who rely on a downstream application that uses containerd's client library should check that application for a separate advisory and instructions. As a workaround, ensure that the `"USER $USERNAME"` Dockerfile instruction is not used. Instead, set the container entrypoint to a value similar to `ENTRYPOINT ["su", "-", "user"]` to allow `su` to properly set up supplementary groups.
ModerateCVE-2023-25173SUSE bug 1208426SUSE bug 1215588cpe:/o:opensuse:leap-micro:5.2CVE-2023-25180openSUSE Leap Micro 5.2
** REJECT ** Rejected by upstream.
ModerateCVE-2023-25180SUSE bug 1209713cpe:/o:opensuse:leap-micro:5.2CVE-2023-25193openSUSE Leap Micro 5.2
hb-ot-layout-gsubgpos.hh in HarfBuzz through 6.0.0 allows attackers to trigger O(n^2) growth via consecutive marks during the process of looking back for base glyphs when attaching marks.
ImportantCVE-2023-25193SUSE bug 1207922SUSE bug 1213939cpe:/o:opensuse:leap-micro:5.2CVE-2023-25809openSUSE Leap Micro 5.2
runc is a CLI tool for spawning and running containers according to the OCI specification. In affected versions it was found that rootless runc makes `/sys/fs/cgroup` writable in following conditons: 1. when runc is executed inside the user namespace, and the `config.json` does not specify the cgroup namespace to be unshared (e.g.., `(docker|podman|nerdctl) run --cgroupns=host`, with Rootless Docker/Podman/nerdctl) or 2. when runc is executed outside the user namespace, and `/sys` is mounted with `rbind, ro` (e.g., `runc spec --rootless`; this condition is very rare). A container may gain the write access to user-owned cgroup hierarchy `/sys/fs/cgroup/user.slice/...` on the host . Other users's cgroup hierarchies are not affected. Users are advised to upgrade to version 1.1.5. Users unable to upgrade may unshare the cgroup namespace (`(docker|podman|nerdctl) run --cgroupns=private)`. This is the default behavior of Docker/Podman/nerdctl on cgroup v2 hosts. or add `/sys/fs/cgroup` to `maskedPaths`.
LowCVE-2023-25809SUSE bug 1209884cpe:/o:opensuse:leap-micro:5.2CVE-2023-26545openSUSE Leap Micro 5.2
In the Linux kernel before 6.1.13, there is a double free in net/mpls/af_mpls.c upon an allocation failure (for registering the sysctl table under a new location) during the renaming of a device.
ModerateCVE-2023-26545SUSE bug 1208700SUSE bug 1208909SUSE bug 1210423cpe:/o:opensuse:leap-micro:5.2CVE-2023-27371openSUSE Leap Micro 5.2
GNU libmicrohttpd before 0.9.76 allows remote DoS (Denial of Service) due to improper parsing of a multipart/form-data boundary in the postprocessor.c MHD_create_post_processor() method. This allows an attacker to remotely send a malicious HTTP POST packet that includes one or more '\0' bytes in a multipart/form-data boundary field, which - assuming a specific heap layout - will result in an out-of-bounds read and a crash in the find_boundary() function.
ModerateCVE-2023-27371SUSE bug 1208745cpe:/o:opensuse:leap-micro:5.2CVE-2023-27533openSUSE Leap Micro 5.2
A vulnerability in input validation exists in curl <8.0 during communication using the TELNET protocol may allow an attacker to pass on maliciously crafted user name and "telnet options" during server negotiation. The lack of proper input scrubbing allows an attacker to send content or perform option negotiation without the application's intent. This vulnerability could be exploited if an application allows user input, thereby enabling attackers to execute arbitrary code on the system.
ModerateCVE-2023-27533SUSE bug 1209209cpe:/o:opensuse:leap-micro:5.2CVE-2023-27534openSUSE Leap Micro 5.2
A path traversal vulnerability exists in curl <8.0.0 SFTP implementation causes the tilde (~) character to be wrongly replaced when used as a prefix in the first path element, in addition to its intended use as the first element to indicate a path relative to the user's home directory. Attackers can exploit this flaw to bypass filtering or execute arbitrary code by crafting a path like /~2/foo while accessing a server with a specific user.
ModerateCVE-2023-27534SUSE bug 1209210cpe:/o:opensuse:leap-micro:5.2CVE-2023-27535openSUSE Leap Micro 5.2
An authentication bypass vulnerability exists in libcurl <8.0.0 in the FTP connection reuse feature that can result in wrong credentials being used during subsequent transfers. Previously created connections are kept in a connection pool for reuse if they match the current setup. However, certain FTP settings such as CURLOPT_FTP_ACCOUNT, CURLOPT_FTP_ALTERNATIVE_TO_USER, CURLOPT_FTP_SSL_CCC, and CURLOPT_USE_SSL were not included in the configuration match checks, causing them to match too easily. This could lead to libcurl using the wrong credentials when performing a transfer, potentially allowing unauthorized access to sensitive information.
ModerateCVE-2023-27535SUSE bug 1209211cpe:/o:opensuse:leap-micro:5.2CVE-2023-27536openSUSE Leap Micro 5.2
An authentication bypass vulnerability exists libcurl <8.0.0 in the connection reuse feature which can reuse previously established connections with incorrect user permissions due to a failure to check for changes in the CURLOPT_GSSAPI_DELEGATION option. This vulnerability affects krb5/kerberos/negotiate/GSSAPI transfers and could potentially result in unauthorized access to sensitive information. The safest option is to not reuse connections if the CURLOPT_GSSAPI_DELEGATION option has been changed.
ModerateCVE-2023-27536SUSE bug 1209212cpe:/o:opensuse:leap-micro:5.2CVE-2023-27538openSUSE Leap Micro 5.2
An authentication bypass vulnerability exists in libcurl prior to v8.0.0 where it reuses a previously established SSH connection despite the fact that an SSH option was modified, which should have prevented reuse. libcurl maintains a pool of previously used connections to reuse them for subsequent transfers if the configurations match. However, two SSH settings were omitted from the configuration check, allowing them to match easily, potentially leading to the reuse of an inappropriate connection.
ModerateCVE-2023-27538SUSE bug 1209214cpe:/o:opensuse:leap-micro:5.2CVE-2023-27561openSUSE Leap Micro 5.2
runc through 1.1.4 has Incorrect Access Control leading to Escalation of Privileges, related to libcontainer/rootfs_linux.go. To exploit this, an attacker must be able to spawn two containers with custom volume-mount configurations, and be able to run custom images. NOTE: this issue exists because of a CVE-2019-19921 regression.
ModerateCVE-2023-27561SUSE bug 1208962cpe:/o:opensuse:leap-micro:5.2CVE-2023-28327openSUSE Leap Micro 5.2
A NULL pointer dereference flaw was found in the UNIX protocol in net/unix/diag.c In unix_diag_get_exact in the Linux Kernel. The newly allocated skb does not have sk, leading to a NULL pointer. This flaw allows a local user to crash or potentially cause a denial of service.
ModerateCVE-2023-28327SUSE bug 1209290cpe:/o:opensuse:leap-micro:5.2CVE-2023-28328openSUSE Leap Micro 5.2
A NULL pointer dereference flaw was found in the az6027 driver in drivers/media/usb/dev-usb/az6027.c in the Linux Kernel. The message from user space is not checked properly before transferring into the device. This flaw allows a local user to crash the system or potentially cause a denial of service.
ModerateCVE-2023-28328SUSE bug 1209291cpe:/o:opensuse:leap-micro:5.2CVE-2023-28450openSUSE Leap Micro 5.2
An issue was discovered in Dnsmasq before 2.90. The default maximum EDNS.0 UDP packet size was set to 4096 but should be 1232 because of DNS Flag Day 2020.
ModerateCVE-2023-28450SUSE bug 1209358cpe:/o:opensuse:leap-micro:5.2CVE-2023-28464openSUSE Leap Micro 5.2
hci_conn_cleanup in net/bluetooth/hci_conn.c in the Linux kernel through 6.2.9 has a use-after-free (observed in hci_conn_hash_flush) because of calls to hci_dev_put and hci_conn_put. There is a double free that may lead to privilege escalation.
ImportantCVE-2023-28464SUSE bug 1209052SUSE bug 1211111cpe:/o:opensuse:leap-micro:5.2CVE-2023-28466openSUSE Leap Micro 5.2
do_tls_getsockopt in net/tls/tls_main.c in the Linux kernel through 6.2.6 lacks a lock_sock call, leading to a race condition (with a resultant use-after-free or NULL pointer dereference).
ImportantCVE-2023-28466SUSE bug 1209366SUSE bug 1210452SUSE bug 1211833SUSE bug 1213841cpe:/o:opensuse:leap-micro:5.2CVE-2023-28484openSUSE Leap Micro 5.2
In libxml2 before 2.10.4, parsing of certain invalid XSD schemas can lead to a NULL pointer dereference and subsequently a segfault. This occurs in xmlSchemaFixupComplexType in xmlschemas.c.
ModerateCVE-2023-28484SUSE bug 1210411cpe:/o:opensuse:leap-micro:5.2CVE-2023-28486openSUSE Leap Micro 5.2
Sudo before 1.9.13 does not escape control characters in log messages.
ModerateCVE-2023-28486SUSE bug 1209362cpe:/o:opensuse:leap-micro:5.2CVE-2023-28487openSUSE Leap Micro 5.2
Sudo before 1.9.13 does not escape control characters in sudoreplay output.
ModerateCVE-2023-28487SUSE bug 1209361cpe:/o:opensuse:leap-micro:5.2CVE-2023-28642openSUSE Leap Micro 5.2
runc is a CLI tool for spawning and running containers according to the OCI specification. It was found that AppArmor can be bypassed when `/proc` inside the container is symlinked with a specific mount configuration. This issue has been fixed in runc version 1.1.5, by prohibiting symlinked `/proc`. See PR #3785 for details. users are advised to upgrade. Users unable to upgrade should avoid using an untrusted container image.
ModerateCVE-2023-28642SUSE bug 1209888cpe:/o:opensuse:leap-micro:5.2CVE-2023-28772openSUSE Leap Micro 5.2
An issue was discovered in the Linux kernel before 5.13.3. lib/seq_buf.c has a seq_buf_putmem_hex buffer overflow.
ImportantCVE-2023-28772SUSE bug 1209549SUSE bug 1211110SUSE bug 1214378cpe:/o:opensuse:leap-micro:5.2CVE-2023-29383openSUSE Leap Micro 5.2
In Shadow 4.13, it is possible to inject control characters into fields provided to the SUID program chfn (change finger). Although it is not possible to exploit this directly (e.g., adding a new user fails because \n is in the block list), it is possible to misrepresent the /etc/passwd file when viewed. Use of \r manipulations and Unicode characters to work around blocking of the : character make it possible to give the impression that a new user has been added. In other words, an adversary may be able to convince a system administrator to take the system offline (an indirect, social-engineered denial of service) by demonstrating that "cat /etc/passwd" shows a rogue user account.
ModerateCVE-2023-29383SUSE bug 1210507cpe:/o:opensuse:leap-micro:5.2CVE-2023-29469openSUSE Leap Micro 5.2
An issue was discovered in libxml2 before 2.10.4. When hashing empty dict strings in a crafted XML document, xmlDictComputeFastKey in dict.c can produce non-deterministic values, leading to various logic and memory errors, such as a double free. This behavior occurs because there is an attempt to use the first byte of an empty string, and any value is possible (not solely the '\0' value).
ModerateCVE-2023-29469SUSE bug 1210412cpe:/o:opensuse:leap-micro:5.2CVE-2023-30630openSUSE Leap Micro 5.2
Dmidecode before 3.5 allows -dump-bin to overwrite a local file. This has security relevance because, for example, execution of Dmidecode via Sudo is plausible.
ModerateCVE-2023-30630SUSE bug 1210418cpe:/o:opensuse:leap-micro:5.2kernel-defaultkgraft-patch-3_12_38-44-defaultkgraft-patch-3_12_39-47-defaultkgraft-patch-3_12_43-52_6-defaultkgraft-patch-3_12_44-52_10-defaultkgraft-patch-3_12_44-52_18-defaultkgraft-patch-3_12_48-52_27-defaultkgraft-patch-3_12_49-11-defaultkgraft-patch-3_12_51-52_31-defaultkgraft-patch-3_12_51-52_34-defaultkgraft-patch-3_12_51-52_39-defaultkgraft-patch-3_12_51-60_20-defaultkgraft-patch-3_12_51-60_25-defaultkgraft-patch-3_12_53-60_30-defaultkgraft-patch-3_12_57-60_35-defaultkgraft-patch-3_12_59-60_41-defaultkgraft-patch-3_12_59-60_45-defaultkgraft-patch-3_12_32-33-defaultkgraft-patch-3_12_36-38-defaultlibpython3_6m1_0python3python3-baseopenSUSE-releasekgraft-patch-4_4_21-69-defaultkgraft-patch-4_4_21-81-defaultkgraft-patch-4_4_21-84-defaultkgraft-patch-4_4_21-90-defaultkgraft-patch-4_4_38-93-defaultkernel-default-basekernel-rtlibxml2-2libxml2-toolspython3-libxml2-pythonkgraft-patch-3_12_62-60_62-defaultkgraft-patch-3_12_62-60_64_8-defaultkgraft-patch-3_12_67-60_64_18-defaultkgraft-patch-3_12_67-60_64_21-defaultkgraft-patch-4_4_103-6_33-defaultkgraft-patch-4_4_103-6_38-defaultkgraft-patch-4_4_82-6_3-defaultkgraft-patch-4_4_82-6_6-defaultkgraft-patch-4_4_82-6_9-defaultkgraft-patch-4_4_92-6_18-defaultkgraft-patch-4_4_92-6_30-defaultkgraft-patch-4_4_49-92_11-defaultkgraft-patch-4_4_49-92_14-defaultkgraft-patch-4_4_59-92_17-defaultkgraft-patch-4_4_59-92_20-defaultkgraft-patch-4_4_59-92_24-defaultkgraft-patch-4_4_74-92_29-defaultkgraft-patch-4_4_74-92_32-defaultkgraft-patch-4_4_74-92_35-defaultkgraft-patch-4_4_74-92_38-defaultkgraft-patch-4_4_90-92_45-defaultkgraft-patch-4_12_14-95_40-defaultkgraft-patch-4_12_14-120-defaultkgraft-patch-4_12_14-122_7-defaultkernel-livepatch-4_12_14-150_41-defaultkernel-livepatch-4_12_14-197_26-defaultkgraft-patch-4_4_114-94_11-defaultkgraft-patch-4_4_114-94_14-defaultkgraft-patch-4_4_103-92_53-defaultkgraft-patch-4_4_103-92_56-defaultkgraft-patch-4_4_90-92_50-defaultkernel-livepatch-4_12_14-23-defaultkernel-livepatch-4_12_14-25_3-defaultkgraft-patch-3_12_67-60_64_24-defaultkgraft-patch-3_12_69-60_64_29-defaultperlperl-basekgraft-patch-3_12_69-60_64_32-defaultkgraft-patch-3_12_69-60_64_35-defaultkgraft-patch-4_4_73-5-defaultdwarveselfutilslibasm1libdw1libdwarves-devellibdwarves1libebl-pluginslibelf1kgraft-patch-4_4_120-94_17-defaultkgraft-patch-4_4_126-94_22-defaultkgraft-patch-4_12_14-95_19-defaultkgraft-patch-4_12_14-95_24-defaultkgraft-patch-4_12_14-95_29-defaultkgraft-patch-4_12_14-95_32-defaultkgraft-patch-4_12_14-95_37-defaultkgraft-patch-4_12_14-95_45-defaultkgraft-patch-4_12_14-95_48-defaultkgraft-patch-4_12_14-95_51-defaultkgraft-patch-4_12_14-122_12-defaultkgraft-patch-4_12_14-122_17-defaultkgraft-patch-4_12_14-122_20-defaultkernel-livepatch-4_12_14-150_22-defaultkernel-livepatch-4_12_14-150_27-defaultkernel-livepatch-4_12_14-150_32-defaultkernel-livepatch-4_12_14-150_35-defaultkernel-livepatch-4_12_14-150_38-defaultkernel-livepatch-4_12_14-150_47-defaultkernel-livepatch-4_12_14-195-defaultkernel-livepatch-4_12_14-197_10-defaultkernel-livepatch-4_12_14-197_15-defaultkernel-livepatch-4_12_14-197_18-defaultkernel-livepatch-4_12_14-197_21-defaultkernel-livepatch-4_12_14-197_29-defaultkernel-livepatch-4_12_14-197_34-defaultkernel-livepatch-4_12_14-197_37-defaultkernel-livepatch-4_12_14-197_4-defaultkernel-livepatch-4_12_14-197_40-defaultkernel-livepatch-4_12_14-197_7-defaultkgraft-patch-4_4_131-94_29-defaultkgraft-patch-4_4_132-94_33-defaultkernel-livepatch-4_12_14-25_13-defaultkernel-livepatch-4_12_14-25_6-defaultkgraft-patch-4_4_138-94_39-defaultkgraft-patch-4_4_140-94_42-defaultkgraft-patch-4_4_143-94_47-defaultpython3-cryptographykernel-livepatch-4_12_14-25_16-defaultkgraft-patch-4_4_155-94_50-defaultkgraft-patch-4_4_156-94_57-defaultkgraft-patch-4_4_156-94_61-defaultkgraft-patch-4_4_156-94_64-defaultkernel-livepatch-4_12_14-25_19-defaultkgraft-patch-4_12_14-94_41-defaultkgraft-patch-4_12_14-95_3-defaultkgraft-patch-4_12_14-95_6-defaultkernel-livepatch-4_12_14-25_28-defaultkgraft-patch-4_4_162-94_69-defaultkgraft-patch-4_4_162-94_72-defaultkernel-livepatch-4_12_14-25_22-defaultkernel-livepatch-4_12_14-25_25-defaultkgraft-patch-4_12_14-95_68-defaultkgraft-patch-4_12_14-95_71-defaultkgraft-patch-4_12_14-95_74-defaultkgraft-patch-4_12_14-95_77-defaultkgraft-patch-4_12_14-95_80-defaultkgraft-patch-4_12_14-95_83-defaultkernel-livepatch-4_12_14-150_66-defaultkernel-livepatch-4_12_14-150_69-defaultkernel-livepatch-4_12_14-150_72-defaultkernel-livepatch-4_12_14-150_75-defaultkernel-livepatch-4_12_14-150_78-defaultkgraft-patch-4_12_14-95_13-defaultkgraft-patch-4_12_14-95_16-defaultkernel-livepatch-4_12_14-150_14-defaultkernel-livepatch-4_12_14-150_17-defaultqemu-ovmf-x86_64qemu-uefi-aarch64kgraft-patch-4_4_175-94_79-defaultkgraft-patch-4_4_176-94_88-defaultkgraft-patch-4_4_178-94_91-defaultkgraft-patch-4_4_180-94_97-defaultlibonig4kgraft-patch-4_12_14-95_54-defaultkernel-livepatch-4_12_14-150_52-defaultlibpcre2-8-0db48-utilslibdb-4_8opensckgraft-patch-4_12_14-95_57-defaultkgraft-patch-4_12_14-95_60-defaultkernel-livepatch-4_12_14-150_55-defaultkernel-livepatch-4_12_14-150_58-defaultkernel-livepatch-4_12_14-150_63-defaultkgraft-patch-4_12_14-95_65-defaultkgraft-patch-4_12_14-122_23-defaultkgraft-patch-4_12_14-122_26-defaultkgraft-patch-4_12_14-122_29-defaultkgraft-patch-4_12_14-122_32-defaultkgraft-patch-4_12_14-122_37-defaultkgraft-patch-4_12_14-122_41-defaultkgraft-patch-4_12_14-122_46-defaultkgraft-patch-4_12_14-122_51-defaultkgraft-patch-4_12_14-122_54-defaultkernel-livepatch-4_12_14-197_45-defaultkernel-livepatch-4_12_14-197_48-defaultkernel-livepatch-4_12_14-197_51-defaultkernel-livepatch-4_12_14-197_56-defaultkernel-livepatch-4_12_14-197_61-defaultkernel-livepatch-4_12_14-197_64-defaultkernel-livepatch-4_12_14-197_67-defaultkernel-livepatch-4_12_14-197_72-defaultkernel-livepatch-4_12_14-197_75-defaultkernel-livepatch-5_3_18-22-defaultkernel-livepatch-5_3_18-24_12-defaultkernel-livepatch-5_3_18-24_15-defaultkernel-livepatch-5_3_18-24_9-defaultkernel-livepatch-5_3_18-24_24-defaultkernel-livepatch-5_3_18-24_29-defaultkernel-livepatch-5_3_18-24_34-defaultkernel-livepatch-5_3_18-24_37-defaultkernel-livepatch-5_3_18-24_43-defaultlibicu73_2libicu73_2-bedatalibicu73_2-ledataqemuqemu-armqemu-audio-spiceqemu-chardev-spiceqemu-guest-agentqemu-hw-display-qxlqemu-hw-display-virtio-gpuqemu-hw-display-virtio-vgaqemu-hw-usb-redirectqemu-ipxeqemu-seabiosqemu-sgabiosqemu-toolsqemu-ui-openglqemu-ui-spice-coreqemu-vgabiosqemu-x86libicu-suse65_1libicu65_1-ledatapython3-M2Cryptopython3-rsakgraft-patch-4_12_14-122_60-defaultkgraft-patch-4_12_14-122_63-defaultkernel-livepatch-4_12_14-197_83-defaultkernel-livepatch-4_12_14-197_86-defaultkernel-livepatch-5_3_18-24_49-defaultkernel-livepatch-5_3_18-24_52-defaultkernel-livepatch-5_3_18-57-defaultkgraft-patch-4_12_14-122_57-defaultkernel-livepatch-4_12_14-197_78-defaultslirp4netnslibp11-kit0p11-kitp11-kit-toolskernel-livepatch-5_3_18-24_46-defaultlibjpeg8kgraft-patch-4_12_14-122_66-defaultkernel-livepatch-5_3_18-24_53_4-defaultkgraft-patch-4_12_14-122_71-defaultkgraft-patch-4_12_14-122_74-defaultkgraft-patch-4_12_14-122_77-defaultkernel-livepatch-4_12_14-197_89-defaultkernel-livepatch-4_12_14-197_92-defaultkernel-livepatch-5_3_18-24_61-defaultkernel-livepatch-5_3_18-24_64-defaultkernel-livepatch-5_3_18-24_67-defaultkgraft-patch-4_12_14-95_102-defaultkgraft-patch-4_12_14-95_105-defaultkgraft-patch-4_12_14-95_88-defaultkgraft-patch-4_12_14-95_93-defaultkgraft-patch-4_12_14-95_96-defaultkgraft-patch-4_12_14-95_99-defaultkgraft-patch-4_12_14-122_103-defaultkgraft-patch-4_12_14-122_106-defaultkgraft-patch-4_12_14-122_110-defaultkgraft-patch-4_12_14-122_113-defaultkgraft-patch-4_12_14-122_116-defaultkgraft-patch-4_12_14-122_121-defaultkgraft-patch-4_12_14-122_124-defaultkgraft-patch-4_12_14-122_127-defaultkgraft-patch-4_12_14-122_130-defaultkgraft-patch-4_12_14-122_88-defaultkgraft-patch-4_12_14-122_91-defaultkgraft-patch-4_12_14-122_98-defaultkernel-livepatch-4_12_14-150000_150_89-defaultkernel-livepatch-4_12_14-150000_150_92-defaultkernel-livepatch-4_12_14-150000_150_95-defaultkernel-livepatch-4_12_14-150000_150_98-defaultkernel-livepatch-4_12_14-150_83-defaultkernel-livepatch-4_12_14-150_86-defaultkernel-livepatch-4_12_14-150100_197_111-defaultkernel-livepatch-4_12_14-150100_197_114-defaultkernel-livepatch-4_12_14-150100_197_117-defaultkernel-livepatch-4_12_14-150100_197_120-defaultkernel-livepatch-4_12_14-197_102-defaultkernel-livepatch-4_12_14-197_105-defaultkernel-livepatch-4_12_14-197_108-defaultkernel-livepatch-5_3_18-150200_24_112-defaultkernel-livepatch-5_3_18-150200_24_115-defaultkernel-livepatch-5_3_18-150200_24_126-defaultkernel-livepatch-5_3_18-24_102-defaultkernel-livepatch-5_3_18-24_107-defaultkernel-livepatch-5_3_18-24_83-defaultkernel-livepatch-5_3_18-24_86-defaultkernel-livepatch-5_3_18-24_93-defaultkernel-livepatch-5_3_18-24_96-defaultkernel-livepatch-5_3_18-24_99-defaultkernel-livepatch-5_3_18-150300_59_43-defaultkernel-livepatch-5_3_18-150300_59_46-defaultkernel-livepatch-5_3_18-150300_59_49-defaultkernel-livepatch-5_3_18-150300_59_54-defaultkernel-livepatch-5_3_18-150300_59_60-defaultkernel-livepatch-5_3_18-150300_59_63-defaultkernel-livepatch-5_3_18-150300_59_68-defaultkernel-livepatch-5_3_18-150300_59_71-defaultkernel-livepatch-5_3_18-150300_59_76-defaultkernel-livepatch-5_3_18-150300_59_87-defaultkernel-livepatch-5_3_18-59_24-defaultkernel-livepatch-5_3_18-59_27-defaultkernel-livepatch-5_3_18-59_34-defaultkernel-livepatch-5_3_18-59_37-defaultkernel-livepatch-5_3_18-59_40-defaultkernel-livepatch-5_14_21-150400_22-defaultkernel-livepatch-5_14_21-150400_24_11-defaultkernel-livepatch-5_14_21-150400_24_18-defaultkgraft-patch-4_12_14-122_80-defaultkgraft-patch-4_12_14-122_83-defaultkernel-livepatch-4_12_14-197_99-defaultkernel-livepatch-5_3_18-24_70-defaultkernel-livepatch-5_3_18-24_75-defaultkernel-livepatch-5_3_18-24_78-defaultkernel-livepatch-5_3_18-59_10-defaultkernel-livepatch-5_3_18-59_13-defaultkernel-livepatch-5_3_18-59_16-defaultkernel-livepatch-5_3_18-59_19-defaultkernel-livepatch-5_3_18-59_5-defaultpodmanpodman-cni-configlibspice-server1samba-client-libslibprotobuf-lite20glib2-toolslibgio-2_0-0libglib-2_0-0libgmodule-2_0-0libgobject-2_0-0xen-libslibxslt1gstreamer-plugins-baselibgstallocators-1_0-0libgstapp-1_0-0libgstaudio-1_0-0libgstgl-1_0-0libgstpbutils-1_0-0libgstriff-1_0-0libgsttag-1_0-0libgstvideo-1_0-0libslirp0libtpms0libsqlite3-0libwayland-client0libwayland-cursor0libwayland-egl1libwayland-server0vim-data-commonvim-smallkernel-livepatch-5_3_18-150200_24_129-defaultkernel-livepatch-5_3_18-150200_24_134-defaultkernel-livepatch-5_3_18-150300_59_90-defaultkernel-livepatch-5_3_18-150300_59_93-defaultkernel-livepatch-5_3_18-150300_59_98-defaultkernel-livepatch-5_14_21-150400_24_21-defaultkernel-livepatch-5_14_21-150400_24_28-defaultkernel-livepatch-5_14_21-150400_24_33-defaultlibfmt8librados2librbd1libcolord2gdk-pixbuf-query-loaderslibgdk_pixbuf-2_0-0typelib-1_0-GdkPixbuf-2_0libtirpc-netconfiglibtirpc3libtasn1libtasn1-6libtiff5libopenssl-1_1-devellibopenssl1_1libopenssl1_1-hmacopenssl-1_1libpcre1ignitionignition-dracut-grub2systemd-presets-common-SUSEconmonlibldb2ucode-intelpython3-saltsaltsalt-minionsalt-transactional-updatewpa_supplicantcontainerdlibfreebl3libfreebl3-hmaclibsoftokn3libsoftokn3-hmacmozilla-nssmozilla-nss-certsmozilla-nss-toolspython3-certifilibyajl2gnutlslibgnutls30libgnutls30-hmacgrub2grub2-arm64-efigrub2-i386-pcgrub2-snapper-plugingrub2-x86_64-efigrub2-x86_64-xenkernel-livepatch-5_3_18-150300_59_101-defaultlibfreetype6shimrsynclibncurses6ncurses-utilsterminfoterminfo-basecifs-utilslibgpg-error0permissionslibvmtools0open-vm-toolsmozilla-nsprcurllibcurl4libharfbuzz0kgraft-patch-4_12_14-95_108-defaultkgraft-patch-4_12_14-95_111-defaultkgraft-patch-4_12_14-122_133-defaultkgraft-patch-4_12_14-122_136-defaultkernel-livepatch-4_12_14-150100_197_123-defaultkernel-livepatch-4_12_14-150100_197_126-defaultgpg2libksba8kernel-livepatch-4_12_14-150000_150_101-defaultkernel-livepatch-4_12_14-150000_150_104-defaultlibX11-6libX11-datalibX11-xcb1kgraft-patch-4_12_14-95_114-defaultkgraft-patch-4_12_14-122_139-defaultkgraft-patch-4_12_14-122_144-defaultkernel-livepatch-4_12_14-150100_197_131-defaultkernel-livepatch-5_3_18-150200_24_139-defaultdockerlibz1libsystemd0libudev1systemdsystemd-containersystemd-journal-remotesystemd-sysvinitudevlibexpat1python3-setuptoolspython3-futurekpartxlibmpath0multipath-toolsdbus-1dbus-1-x11libdbus-1-3libsss_certmap0libsss_idmap0libsss_nss_idmap0sssdsssd-commonsssd-krb5-commonsssd-ldapkrb5python3-pykernel-livepatch-5_14_21-150400_15_5-rtkernel-livepatch-5_14_21-150400_24_38-defaultsudolibpixman-1-0kernel-livepatch-5_3_18-150200_24_142-defaultkernel-livepatch-5_3_18-150200_24_145-defaultkernel-livepatch-5_3_18-150300_59_106-defaultkernel-livepatch-5_3_18-150300_59_109-defaultkernel-livepatch-5_3_18-150300_59_112-defaultkernel-livepatch-5_3_18-150300_59_115-defaulttarlibzstd1zstdlibcares2kernel-livepatch-5_14_21-150400_15_8-rtkernel-livepatch-5_14_21-150400_24_41-defaultkgraft-patch-4_12_14-122_147-defaultkernel-livepatch-5_14_21-150400_15_11-rtkernel-livepatch-5_14_21-150400_15_18-rtkernel-livepatch-5_14_21-150400_15_23-rtkernel-livepatch-5_14_21-150400_24_46-defaultkernel-livepatch-5_14_21-150400_24_55-defaultkernel-livepatch-5_14_21-150400_24_60-defaultkgraft-patch-4_12_14-95_117-defaultkernel-livepatch-4_12_14-150100_197_134-defaultglibcglibc-localeglibc-locale-basekgraft-patch-4_12_14-122_150-defaultkgraft-patch-4_12_14-122_153-defaultkgraft-patch-4_12_14-122_156-defaultkgraft-patch-4_12_14-122_159-defaultkgraft-patch-4_12_14-122_162-defaultkernel-livepatch-4_12_14-150100_197_137-defaultkernel-livepatch-4_12_14-150100_197_142-defaultkernel-livepatch-4_12_14-150100_197_145-defaultkernel-livepatch-5_3_18-150200_24_148-defaultkernel-livepatch-5_3_18-150200_24_151-defaultkernel-livepatch-5_3_18-150200_24_154-defaultkernel-livepatch-5_3_18-150300_59_118-defaultkernel-livepatch-5_3_18-150300_59_121-defaultkernel-livepatch-5_3_18-150300_59_124-defaultkernel-livepatch-5_14_21-150400_15_28-rtkernel-livepatch-5_14_21-150400_24_63-defaultkernel-livepatch-5_14_21-150400_24_66-defaultkernel-livepatch-5_14_21-150500_11-rtkernel-livepatch-5_14_21-150500_53-defaultkgraft-patch-4_12_14-95_120-defaultxxdkgraft-patch-4_12_14-122_165-defaultkgraft-patch-4_12_14-122_173-defaultkernel-livepatch-4_12_14-150100_197_148-defaultkernel-livepatch-4_12_14-150100_197_151-defaultkernel-livepatch-4_12_14-150100_197_154-defaultkernel-livepatch-5_14_21-150400_15_37-rtkernel-livepatch-5_14_21-150500_13_5-rtavahilibavahi-client3libavahi-common3libavahi-core7kernel-livepatch-5_3_18-150300_59_127-defaultkernel-livepatch-5_14_21-150400_15_40-rtkernel-livepatch-5_14_21-150400_24_69-defaultkernel-livepatch-5_14_21-150400_24_74-defaultkernel-livepatch-5_14_21-150500_55_12-defaultkernel-livepatch-5_14_21-150500_55_7-defaultrunclibmicrohttpd12dnsmasqlogin_defsshadowdmidecodekgraft-patch-4_12_14-95_125-defaultkernel-livepatch-5_3_18-150200_24_157-defaultkernel-livepatch-5_14_21-150400_15_46-rtkernel-livepatch-5_14_21-150500_13_11-rt0:3.12.38-44.10:5-2.1-00:3.12.39-47.10:3.12.43-52.6.10:3.12.44-52.10.10:4-2.1-00:3.12.44-52.18.10:3.12.48-52.27.10:3-2.1-00:3.12.49-11.10:5-14.2-00:3.12.51-52.31.10:3.12.51-52.34.10:3.12.51-52.39.10:2-2.1-00:3.12.51-60.20.20:3.12.51-60.25.10:3.12.53-60.30.10:3.12.57-60.35.10:2-2.2-00:3.12.59-60.41.20:3.12.59-60.45.20:3.12.59-60.45.20:3.12.32-33.10:3.12.32-33.10:3.12.36-38.10:3.12.36-38.10:2-7.1-00:2-10.1-00:3.12.39-47.10:2-3.1-00:2-6.1-00:3.12.43-52.6.1(aarch64|x86_64)0:3.6.15-150300.10.27.1b88b2fd43dbdc2845.20:2-5.1-00:3.12.49-11.10:4-2.3-00:2-4.1-00:3.12.44-52.18.10:3.12.51-60.25.10:3.12.51-60.20.20:3-8.2-00:6-2.1-00:4-11.2-00:3.12.53-60.30.10:4.4.21-69.10:4.4.21-81.30:4.4.21-84.10:4.4.21-90.10:4.4.38-93.10:4.4.38-93.10:3.12.57-60.35.1(aarch64|x86_64)0:5.3.18-150300.59.93.1(aarch64|x86_64)0:5.3.18-150300.59.93.1.150300.18.54.1(x86_64)0:5.3.18-150300.106.1(aarch64|x86_64)0:2.9.7-150000.3.51.10:6-17.2-00:3.12.59-60.41.20:7-20.2-00:7-2.1-00:3.12.62-60.62.10:3-5.1-00:3.12.62-60.62.10:2-9.1-00:3.12.62-60.64.8.20:3.12.62-60.64.8.20:8-23.2-00:8-2.1-00:3.12.67-60.64.18.10:4.4.21-81.30:3.12.67-60.64.21.10:4.4.21-84.10:4.4.103-6.33.10:5-2.2-00:4.4.103-6.38.10:4.4.82-6.3.10:8-2.2-00:4.4.82-6.6.10:7-2.2-00:4.4.82-6.9.10:4.4.92-6.18.10:6-2.2-00:4.4.92-6.30.10:4.4.92-6.30.10:9-18.10.1-00:9-2.1-00:4.4.49-92.11.10:4.4.49-92.14.10:4.4.59-92.17.30:4.4.59-92.20.20:4.4.59-92.24.20:4.4.74-92.29.10:4.4.74-92.32.10:4.4.74-92.35.10:4.4.74-92.38.10:4.4.74-92.38.10:10-18.13.1-00:10-4.1-00:9-4.1-00:7-4.1-00:6-4.1-00:5-4.1-00:4-4.1-00:3-4.1-00:4.4.74-92.35.10:4.4.82-6.3.10:7-21.1-00:7-3.1-00:6-3.1-00:4-3.1-00:3-3.1-00:4.4.59-92.20.20:4.4.90-92.45.10:4.4.90-92.45.10:4.4.92-6.18.10:4.12.14-95.40.10:4.12.14-95.40.10:4.12.14-120.10:8-21.2-00:4.12.14-122.7.10:4.12.14-122.7.10:4.12.14-150.41.10:4.12.14-150.41.10:4.12.14-197.26.10:4.12.14-197.26.10:11-2.1-00:4.4.59-92.24.20:10-2.1-00:4.4.82-6.9.10:4.4.114-94.11.30:4.4.114-94.14.10:4.4.21-69.10:4.4.103-92.53.10:4.4.103-92.56.10:4.4.90-92.50.10:4.4.90-92.50.10:4.12.14-23.10:4.12.14-25.3.10:4.12.14-25.3.10:8-18.7.1-00:4.4.49-92.11.1(aarch64|x86_64)0:5.3.18-150300.59.118.1(aarch64|x86_64)0:5.3.18-150300.59.118.1.150300.18.68.1(x86_64)0:5.3.18-150300.124.10:3.12.67-60.64.24.10:3.12.69-60.64.29.10:4-11.1-0(aarch64|x86_64)0:5.26.1-150300.17.11.10:3.12.69-60.64.32.10:3.12.69-60.64.35.10:4.4.49-92.14.10:4.4.74-92.29.10:4.4.73-5.10:2-2.3.2-00:4.4.73-5.1(aarch64|x86_64)0:1.22-150300.7.3.1(aarch64|x86_64)0:0.177-150300.11.3.10:3-2.2-00:4.4.120-94.17.10:4.4.126-94.22.10:4.12.14-95.19.10:4.12.14-95.24.10:4.12.14-95.29.10:4.12.14-95.32.10:4.12.14-95.37.10:4.12.14-95.45.10:4.12.14-95.48.10:4.12.14-95.51.10:4.12.14-95.51.10:5-12.2-00:4.12.14-122.12.10:4.12.14-122.17.10:4.12.14-122.20.10:4.12.14-150.22.10:4.12.14-150.27.10:4.12.14-150.32.10:4.12.14-150.35.10:4.12.14-150.38.10:4.12.14-150.47.10:4.12.14-150.47.10:4.12.14-195.10:12-34.1-00:4.12.14-197.10.10:4.12.14-197.15.10:4.12.14-197.18.10:4.12.14-197.21.10:4.12.14-197.29.10:4.12.14-197.34.10:4.12.14-197.37.10:4.12.14-197.4.10:4.12.14-197.40.10:4.12.14-197.7.10:4.12.14-197.7.10:4.4.131-94.29.10:4.4.132-94.33.10:4.12.14-25.13.10:3-2.3-00:4.12.14-25.6.10:4.12.14-25.6.10:4.4.138-94.39.10:4.4.140-94.42.10:4.4.143-94.47.10:4-10.2-0(aarch64|x86_64)0:2.9.2-150200.13.10:4.12.14-25.16.10:9-25.2-00:4.12.14-23.10:4.4.155-94.50.10:4.4.156-94.57.10:4.4.156-94.61.10:4.4.156-94.64.10:5-13.2-00:4.12.14-25.19.10:4.4.140-94.42.10:10-28.1-00:3-7.3-00:4.12.14-94.41.10:9-2.25.1-00:4.12.14-95.3.10:8-2.5-00:4.12.14-95.6.10:7-2.5-00:4.12.14-95.6.10:4.12.14-25.28.10:7-2.3-00:4.12.14-25.28.10:4.4.162-94.69.20:4.4.162-94.72.10:4.4.162-94.72.10:3-2.7.2-00:4.12.14-95.3.10:8-22.2-00:4.12.14-25.22.10:4.12.14-25.25.10:6-16.2-00:4.12.14-95.68.10:14-2.2-00:4.12.14-95.71.10:13-2.2-00:4.12.14-95.74.10:10-2.2-00:4.12.14-95.77.10:9-2.2-00:4.12.14-95.80.10:4.12.14-95.83.20:4.12.14-95.83.20:4.12.14-150.66.10:4.12.14-150.69.10:4.12.14-150.72.10:4.12.14-150.75.10:4.12.14-150.78.10:4.12.14-150.78.10:5-2.5-00:4-2.5-00:2-2.5-00:10-2.5-00:9-2.5-00:12-2.1-00:4.4.132-94.33.10:7-19.2-00:6-15.2-00:4.12.14-120.10:4.12.14-95.13.10:6-2.5-00:4.12.14-95.16.10:4.12.14-150.14.20:6-2.3-00:4.12.14-150.17.10:5-2.13.1-0(noarch)0:202008-150300.10.17.10:4.4.175-94.79.10:4.4.176-94.88.10:4.4.178-94.91.20:4.4.178-94.91.20:6-2.16.1-00:4-10.1-00:4.12.14-195.10:4.4.180-94.97.10:4.4.180-94.97.10:3-7.2-00:4.12.14-197.4.1(aarch64|x86_64)0:6.7.0-150000.3.3.1(noarch)0:202008-150300.10.20.10:7-2.19.1-00:6-16.1-00:4.12.14-95.45.10:4.12.14-197.29.10:4.12.14-197.18.10:4.12.14-95.29.10:4.12.14-150.32.10:4-2.2-00:4.12.14-95.54.10:4.12.14-95.54.10:4.12.14-150.52.10:4.12.14-150.52.10:8-2.22.1-00:7-19.1-0(aarch64|x86_64)0:3.6.15-150300.10.37.2(aarch64|x86_64)0:5.3.18-150300.59.109.1(aarch64|x86_64)0:5.3.18-150300.59.109.1.150300.18.62.1(x86_64)0:5.3.18-150300.115.1(x86_64)0:5.3.18-150300.93.1(aarch64|x86_64)0:10.31-150000.3.12.1(aarch64|x86_64)0:4.8.30-150000.7.6.10:3-6.2-00:10-28.2-0(aarch64|x86_64)0:0.19.0-150100.3.19.10:4-2.10.2-00:4.4.175-94.79.10:4.12.14-95.48.10:4.12.14-197.37.10:4.12.14-95.57.10:4.12.14-95.60.10:4.12.14-95.60.10:4.12.14-150.55.10:4.12.14-150.58.10:4.12.14-150.58.10:7-18.2-00:4.12.14-197.40.10:4.12.14-150.63.10:4.12.14-150.69.10:4.12.14-95.65.10:4.12.14-95.65.10:4.12.14-122.23.10:4.12.14-122.26.10:4.12.14-122.29.10:4.12.14-122.32.10:4.12.14-122.37.10:4.12.14-122.41.10:4.12.14-122.46.10:4.12.14-122.51.20:4.12.14-122.54.10:4.12.14-122.54.10:4.12.14-150.63.10:4.12.14-197.45.10:4.12.14-197.48.10:4.12.14-197.51.10:4.12.14-197.56.10:4.12.14-197.61.10:4.12.14-197.64.10:4.12.14-197.67.10:4.12.14-197.72.10:4.12.14-197.75.10:4.12.14-197.75.10:5.3.18-22.20:7-5.2-00:5.3.18-24.12.10:5.3.18-24.15.10:5.3.18-24.9.10:5.3.18-24.9.10:5.3.18-24.24.10:5.3.18-24.29.20:5.3.18-24.34.10:5.3.18-24.37.10:5.3.18-24.43.2(aarch64|ppc64le|s390x|x86_64)0:73.2-150000.1.3.1(noarch)0:73.2-150000.1.3.10:4.12.14-197.61.10:4-9.1-00:11-31.2-00:4.12.14-95.57.10:4.12.14-150.55.10:4.12.14-197.51.10:2-5.2-00:2-2.3-00:4.12.14-197.56.1(aarch64|x86_64)0:5.2.0-150300.121.2(aarch64)0:5.2.0-150300.121.2(noarch)0:1.0.0+-150300.121.2(noarch)0:1.14.0_0_g155821a-150300.121.2(noarch)0:8-150300.121.2(x86_64)0:5.2.0-150300.121.20:4.12.14-197.45.10:5.3.18-22.2(aarch64|x86_64)0:5.3.18-150300.59.98.1(aarch64|x86_64)0:5.3.18-150300.59.98.1.150300.18.56.3(aarch64|x86_64)0:65.1-150200.4.5.1(noarch)0:65.1-150200.4.5.1(aarch64|x86_64)0:0.35.2-150000.3.14.1(noarch)0:3.4.2-150000.3.7.1(aarch64|x86_64)0:3.3.2-150200.16.10:9-3.2-00:4.12.14-197.67.10:5-5.2-00:4.12.14-95.71.10:4.12.14-122.60.10:4.12.14-122.63.10:4.12.14-122.63.10:4.12.14-197.83.10:4.12.14-197.86.10:4.12.14-197.86.10:5.3.18-24.49.20:5.3.18-24.52.10:5.3.18-24.52.10:5.3.18-57.30:10-3.2-00:5.3.18-57.3(aarch64|x86_64)0:5.3.18-150300.59.76.1(aarch64|x86_64)0:5.3.18-150300.59.76.1.150300.18.45.20:11-2.2-00:4.12.14-122.57.10:4.12.14-122.60.10:4.12.14-197.78.10:4.12.14-197.78.10:8-5.2-0(aarch64|x86_64)0:0.4.7-150100.3.18.1(aarch64|x86_64)0:0.23.2-150000.4.16.10:4.12.14-95.68.10:4.12.14-150.66.10:4.12.14-197.83.10:5.3.18-24.46.10:6-5.2-00:4.12.14-122.57.1(aarch64|x86_64)0:8.1.2-150000.32.5.10:12-2.2-00:4.12.14-122.66.20:4.12.14-122.66.20:11-5.2-00:5.3.18-24.53.4.10:4.12.14-95.77.10:15-2.2-00:4.12.14-122.71.10:4.12.14-122.74.10:4.12.14-122.77.10:4.12.14-122.77.10:4.12.14-150.72.10:4.12.14-197.89.20:4.12.14-197.92.10:4.12.14-197.92.10:14-5.2-00:5.3.18-24.61.10:5.3.18-24.64.10:5.3.18-24.67.30:4.12.14-95.102.10:4.12.14-95.105.10:13-2.3-00:4.12.14-95.88.10:9-2.3-00:4.12.14-95.93.10:8-2.3-00:4.12.14-95.96.10:4.12.14-95.99.30:4.12.14-95.99.30:4.12.14-122.103.10:14-2.3-00:4.12.14-122.106.10:12-2.3-00:4.12.14-122.110.10:10-2.3-00:4.12.14-122.113.10:4.12.14-122.116.10:4.12.14-122.121.20:5-2.3-00:4.12.14-122.124.30:4.12.14-122.127.10:4.12.14-122.130.10:4.12.14-122.88.10:16-2.3-00:4.12.14-122.91.20:4.12.14-122.98.10:4.12.14-122.98.10:4.12.14-150000.150.89.10:7-150000.2.2-00:4.12.14-150000.150.92.20:4-150000.2.1-00:4.12.14-150000.150.95.10:2-150000.2.1-00:4.12.14-150000.150.98.10:13-150000.2.2-00:4.12.14-150.83.10:9-150000.2.2-00:4.12.14-150.86.10:8-150000.2.2-00:4.12.14-150.86.10:4.12.14-150100.197.111.10:7-150100.2.2-00:4.12.14-150100.197.114.20:4-150100.2.1-00:4.12.14-150100.197.117.10:2-150100.2.1-00:4.12.14-150100.197.120.10:4.12.14-197.102.20:13-150100.2.2-00:4.12.14-197.105.10:9-150100.2.2-00:4.12.14-197.108.10:8-150100.2.2-00:4.12.14-197.108.10:5.3.18-150200.24.112.10:7-150200.2.2-00:5.3.18-150200.24.115.10:5-150200.2.1-00:5.3.18-150200.24.126.10:2-150200.2.1-00:5.3.18-24.102.10:12-150200.2.2-00:5.3.18-24.107.10:11-150200.2.2-00:5.3.18-24.83.20:16-150200.2.2-00:5.3.18-24.86.20:5.3.18-24.93.10:15-150200.2.2-00:5.3.18-24.96.10:14-150200.2.2-00:5.3.18-24.99.10:13-150200.2.2-00:5.3.18-24.99.10:5.3.18-150300.59.43.10:13-150300.2.2-00:5.3.18-150300.59.46.10:5.3.18-150300.59.49.10:12-150300.2.2-00:5.3.18-150300.59.54.10:11-150300.2.2-00:5.3.18-150300.59.60.40:10-150300.2.2-00:5.3.18-150300.59.63.10:7-150300.2.2-00:5.3.18-150300.59.68.10:6-150300.2.2-00:5.3.18-150300.59.71.20:5-150300.2.1-00:5.3.18-150300.59.76.10:4-150300.2.1-00:5.3.18-150300.59.87.10:3-150300.2.1-00:5.3.18-59.24.10:16-150300.2.2-00:5.3.18-59.27.10:5.3.18-59.34.10:15-150300.2.2-00:5.3.18-59.37.20:14-150300.2.2-00:5.3.18-59.40.10:5.3.18-59.40.10:5.14.21-150400.22.10:5-150400.4.12.3-00:5.14.21-150400.24.11.10:2-150400.2.1-00:5.14.21-150400.24.18.10:5.14.21-150400.24.18.1(aarch64|x86_64)0:5.3.18-150300.59.90.1(aarch64|x86_64)0:5.3.18-150300.59.90.1.150300.18.52.1(x86_64)0:5.3.18-150300.99.10:6-150000.2.1-00:15-150000.2.2-00:11-150000.2.2-00:10-150000.2.2-00:4.12.14-95.80.10:4.12.14-122.80.10:4.12.14-122.83.10:4.12.14-122.88.10:4.12.14-150.75.10:4.12.14-197.99.10:4.12.14-197.99.10:5.3.18-24.70.10:5.3.18-24.75.30:5.3.18-24.78.10:5.3.18-24.78.10:5.3.18-59.10.10:8-150300.2.2-00:5.3.18-59.13.10:5.3.18-59.16.10:5.3.18-59.19.10:5.3.18-59.5.20:5.3.18-59.5.20:4.12.14-197.64.10:13-5.2-00:4.12.14-122.32.10:13-2.1-00:2-150300.2.1-00:12-3.1-00:10-150300.2.1-00:9-150300.2.1-00:8-150300.2.1-00:6-150300.2.1-00:5.3.18-24.53.4.10:9-3.1-0(aarch64|x86_64)0:4.3.1-150300.9.15.1(noarch)0:4.3.1-150300.9.15.1(aarch64|x86_64)0:0.14.3-150300.3.3.1(aarch64|x86_64)0:4.15.13+git.591.ab36624310c-150300.3.49.10:5.3.18-24.93.10:16-2.2-00:4.12.14-122.80.10:5.3.18-24.75.30:5-3.1-0(aarch64|x86_64)0:3.9.2-150200.4.19.20:4.12.14-95.74.10:4.12.14-122.71.10:4.12.14-197.89.20:5.3.18-24.64.1(aarch64|x86_64)0:5.3.18-150300.59.87.1(aarch64|x86_64)0:5.3.18-150300.59.87.1.150300.18.50.2(x86_64)0:5.3.18-150300.96.10:10-5.2-00:9-5.2-0(aarch64|x86_64)0:2.62.6-150200.3.10.1(x86_64)0:4.14.5_06-150300.3.35.1(aarch64|x86_64)0:3.6.15-150300.10.30.1(aarch64|x86_64)0:1.1.32-150000.3.14.10:12-5.2-00:6-150100.2.1-00:15-150100.2.2-00:11-150100.2.2-00:10-150100.2.2-00:10-150200.2.2-00:8-150200.2.1-00:18-150200.2.2-00:17-150200.2.2-00:9-150300.2.2-00:7-150300.2.1-00:18-150300.2.2-00:17-150300.2.2-00:8-150400.4.21.1-00:5-150400.2.1-00:5.14.21-150400.24.11.10:8-3.2-0(aarch64|x86_64)0:1.16.3-150200.4.6.2(aarch64|x86_64)0:2.9.7-150000.3.57.10:4.12.14-122.83.1(aarch64|x86_64)0:4.3.1-150300.11.10:5.3.18-24.70.1(aarch64|x86_64)0:0.8.2-150300.3.6.10:11-2.3-00:6-3.2-0(aarch64|x86_64)0:3.39.3-150000.3.17.1(aarch64|x86_64)0:1.18.0-150200.3.3.1(aarch64|x86_64)0:99~1.18.0-150200.3.3.1(noarch)0:9.0.0814-150000.5.28.1(aarch64|x86_64)0:9.0.0814-150000.5.28.10:2-150200.2.2-00:3-150200.2.2-00:5.3.18-150200.24.129.10:5.3.18-150200.24.134.10:4-150200.2.1-00:3-150200.2.1-00:12-150200.2.1-00:14-150200.2.1-00:11-150200.2.1-00:10-150200.2.1-00:7-150200.2.1-00:6-150200.2.1-00:2-150300.2.2-00:3-150300.2.2-00:5.3.18-150300.59.90.10:5.3.18-150300.59.93.10:5.3.18-150300.59.98.10:14-150200.3.1-00:12-150300.2.1-00:11-150300.2.1-00:2-150400.4.3.3-00:5.14.21-150400.24.21.20:2-150400.2.2-00:5.14.21-150400.24.28.10:5.14.21-150400.24.33.20:5.14.21-150400.24.33.20:15-2.1-00:14-2.1-00:4.12.14-95.96.10:15-150000.2.1-00:12-150000.2.1-00:7-150000.2.1-00:3-150000.2.1-0(aarch64|x86_64)0:8.0.1-150300.7.5.1(aarch64|x86_64)0:16.2.9.536+g41a9f9a5573-150300.6.3.10:13-150200.3.1-00:4-150300.2.2-0(aarch64|x86_64)0:5.3.18-150300.59.101.1(aarch64|x86_64)0:5.3.18-150300.59.101.1.150300.18.58.1(x86_64)0:5.3.18-150300.109.10:5.3.18-24.96.10:11-3.2-00:5-150300.2.2-00:4.12.14-122.91.20:5.3.18-24.86.2(aarch64|x86_64)0:1.4.4-150200.4.6.1(aarch64|x86_64)0:2.40.0-150200.3.9.1(aarch64|x86_64)0:1.2.6-150300.3.14.1(aarch64|x86_64)0:2.40.0-150200.3.6.1(aarch64|x86_64)0:4.13-150000.4.8.10:16-2.1-00:16-150000.2.1-00:13-150000.2.1-00:8-150000.2.1-00:8-150100.2.1-00:16-150100.2.1-00:15-150100.2.1-00:13-150100.2.1-00:16-150200.2.1-00:13-150200.2.1-00:9-150200.2.1-00:16-150200.3.1-00:14-150300.2.1-00:13-150300.2.1-00:10-150000.2.1-00:5-150000.2.1-00:5-150100.2.1-00:12-150100.2.1-00:10-150100.2.1-00:4.12.14-95.88.10:4.12.14-150.83.1(aarch64|x86_64)0:4.0.9-150000.45.16.1(aarch64|x86_64)0:16.2.11.58+g38d6afd3b78-150300.5.7.10:7-150100.2.1-00:3-150100.2.1-00:14-150100.2.1-00:15-150200.2.1-00:15-150200.3.1-00:4.12.14-95.93.10:5.14.21-150400.22.10:14-150000.2.2-00:5-150000.2.2-00:4-150000.2.2-00:5-150100.2.2-00:4-150100.2.2-00:16-150100.2.2-00:14-150100.2.2-00:8-150200.2.2-00:9-150200.2.2-00:18-150200.3.2-00:4-150200.2.2-00:19-150200.3.2-0(aarch64|x86_64)0:3.4.7-150300.9.9.2(noarch)0:3.4.7-150300.9.9.20:17-150200.3.1-00:15-150300.2.1-0(aarch64|x86_64)0:1.1.1d-150200.11.48.10:17-2.2-00:6-150000.2.2-00:12-150000.2.2-00:6-150100.2.2-00:12-150100.2.2-0(aarch64|x86_64)0:8.45-150000.20.13.1(aarch64|x86_64)0:4.15.8+git.527.8d0c05d313e-150300.3.40.20:6-150400.4.15.3-00:6-150200.2.2-00:4-150400.4.9.3-0(aarch64|x86_64)0:2.14.0-150300.6.7.1(noarch)0:15-150100.8.17.1(aarch64|x86_64)0:2.1.5-150300.8.6.1(noarch)0:9.0.0313-150000.5.25.1(aarch64|x86_64)0:9.0.0313-150000.5.25.10:18-2.3-00:17-2.3-00:5-150000.2.3-00:16-150000.2.3-00:11-150000.2.3-00:7-150000.2.3-00:6-150000.2.3-00:5-150100.2.3-00:11-150100.2.3-00:7-150100.2.3-00:6-150100.2.3-00:16-150100.2.3-00:5-150200.2.3-00:10-150200.2.3-00:9-150200.2.3-00:18-150200.2.3-00:17-150200.2.3-00:16-150200.2.3-00:14-150200.2.3-00:13-150200.2.3-00:12-150200.2.3-00:11-150200.2.3-00:11-150300.2.3-00:10-150300.2.3-00:9-150300.2.3-00:8-150300.3.2-00:5-150300.2.3-00:4-150300.2.3-00:18-150300.2.3-00:17-150300.2.3-00:16-150300.2.3-00:14-150300.2.3-00:13-150300.2.3-00:12-150300.2.3-00:3-150400.4.6.2-0(aarch64|x86_64)0:2.4.3-150300.3.20.1(aarch64|x86_64)0:4.15.12+git.535.7750e5c95ef-150300.3.43.1(aarch64|x86_64)0:4.0.9-150000.45.11.1(aarch64|x86_64)0:1.1.1d-150200.11.51.1(x86_64)0:4.14.5_04-150300.3.32.1(x86_64)0:20230214-150200.21.1(x86_64)0:20220809-150200.18.10:11-150100.2.1-0(aarch64|x86_64)0:3004-150300.53.24.1(aarch64|x86_64)0:2.9-4.33.1(aarch64|x86_64)0:1.6.16-150000.82.2(aarch64|x86_64)0:3.79.3-150000.3.90.1(noarch)0:2018.1.18-150000.3.3.1(x86_64)0:4.14.5_10-150300.3.45.1(aarch64|x86_64)0:2.1.0-150000.4.3.1(aarch64|x86_64)0:3.6.7-150200.14.19.2(aarch64|x86_64)0:2.04-150300.22.25.1(noarch)0:2.04-150300.22.25.10:5.3.18-150300.59.101.10:5.3.18-150300.59.98.10:10-150400.4.2-00:7-150400.2.1-00:6-150400.2.1-00:4-150400.2.1-00:3-150400.2.1-0(aarch64|x86_64)0:5.3.18-150300.59.106.1(aarch64|x86_64)0:5.3.18-150300.59.106.1.150300.18.60.2(x86_64)0:5.3.18-150300.112.1(aarch64|x86_64)0:1.6.12-150000.79.1(aarch64|x86_64)0:2.10.4-150000.4.12.10:14-150000.2.1-00:11-150000.2.1-0(aarch64|x86_64)0:15.7-150300.4.16.1(aarch64|x86_64)0:3.1.3-150000.4.13.1(aarch64|x86_64)0:6.1-150000.5.12.10:3-150100.2.2-00:3-150400.2.2-00:16-150000.2.2-00:19-150300.2.2-0(aarch64|x86_64)0:6.9-150100.5.18.1(aarch64|x86_64)0:1.42-150300.9.3.10:4.12.14-122.130.10:4.12.14-150100.197.120.10:5.3.18-150200.24.126.10:3-150000.2.2-0(x86_64)0:5.3.18-150300.118.1(aarch64|x86_64)0:20181225-150200.23.15.1(x86_64)0:12.1.0-150300.19.1(aarch64|x86_64)0:3.79-150000.3.74.1(aarch64|x86_64)0:4.34-150000.3.23.1(aarch64|x86_64)0:7.66.0-150200.4.36.1(aarch64|x86_64)0:7.66.0-150200.4.42.1(aarch64|x86_64)0:2.4.4-150300.3.23.1(aarch64|x86_64)0:4.15.13+git.636.53d93c5b9d6-150300.3.52.1(aarch64|x86_64)0:2.6.4-150200.3.3.1(x86_64)0:4.14.5_08-150300.3.40.10:4.12.14-95.108.10:4.12.14-95.111.10:4.12.14-122.133.10:4.12.14-122.136.10:4.12.14-122.136.10:4.12.14-150100.197.123.10:4.12.14-150100.197.126.10:5.14.21-150400.24.28.1(aarch64|x86_64)0:2.2.27-150300.3.5.1(noarch)0:9.0.1040-150000.5.31.1(aarch64|x86_64)0:9.0.1040-150000.5.31.1(aarch64|x86_64)0:1.3.5-150000.4.3.1(aarch64|x86_64)0:7.66.0-150200.4.39.1(aarch64|x86_64)0:5.2.0-150300.118.3(aarch64)0:5.2.0-150300.118.3(noarch)0:1.0.0+-150300.118.3(noarch)0:1.14.0_0_g155821a-150300.118.3(noarch)0:8-150300.118.3(x86_64)0:5.2.0-150300.118.30:4.12.14-150000.150.101.10:4.12.14-150000.150.104.10:9-150400.4.24.1-0(aarch64|x86_64)0:1.6.5-150000.3.24.1(noarch)0:1.6.5-150000.3.24.1(aarch64|x86_64)0:1.6.5-150000.3.27.1(noarch)0:1.6.5-150000.3.27.10:4.12.14-95.114.10:4.12.14-122.139.10:4.12.14-122.144.10:4.12.14-122.144.10:9-150100.2.1-00:4.12.14-150100.197.131.10:5.3.18-150200.24.139.10:5.3.18-24.107.10:11-150400.7.2-00:8-150400.2.1-0(aarch64|x86_64)0:4.0.9-150000.45.22.1(aarch64|x86_64)0:4.0.9-150000.45.19.1(aarch64|x86_64)0:5.3.18-150300.59.112.1(aarch64|x86_64)0:5.3.18-150300.59.112.1.150300.18.64.1(x86_64)0:5.3.18-150300.121.1(aarch64|x86_64)0:20.10.23_ce-150000.175.1(aarch64|x86_64)0:5.3.18-150300.59.115.2(aarch64|x86_64)0:5.3.18-150300.59.115.2.150300.18.66.1(aarch64|x86_64)0:1.2.11-150000.3.33.1(aarch64|x86_64)0:4.15.13+git.540.fab3b2a46c6-150300.3.46.1(aarch64|x86_64)0:246.16-150300.7.54.10:7-150400.4.18.3-00:5.14.21-150400.24.21.2(aarch64|x86_64)0:2.2.5-150000.3.22.1(noarch)0:40.5.0-150100.6.6.1(noarch)0:0.18.2-150300.3.3.1(aarch64|x86_64)0:0.8.5+126+suse.8ce8da5-150300.2.14.1(aarch64|x86_64)0:1.12.2-150100.8.14.1(x86_64)0:4.14.5_12-150300.3.48.1(aarch64|x86_64)0:1.16.1-150300.23.37.1(aarch64|x86_64)0:1.19.2-150300.10.1(noarch)0:1.10.0-150100.5.12.1(aarch64|x86_64)0:1.1.1d-150200.11.57.1(aarch64|x86_64)0:7.66.0-150200.4.45.1(aarch64|x86_64)0:2.2.5-150000.3.25.10:5.14.21-150400.24.38.10:(aarch64|x86_64)0:1.9.5p2-150300.3.13.1(aarch64|x86_64)0:246.16-150300.7.57.1(aarch64|x86_64)0:0.34.0-150000.7.5.1(aarch64|x86_64)0:3.6.15-150300.10.40.1(aarch64|x86_64)0:3.39.3-150000.3.20.10:5.3.18-150200.24.142.10:5-150200.2.2-00:5.3.18-150200.24.145.10:5.3.18-150200.24.145.10:5.3.18-150300.59.106.10:5.3.18-150300.59.109.10:5.3.18-150300.59.112.10:5.3.18-150300.59.115.20:12-150400.2.3-0(aarch64|x86_64)0:1.3.5-150000.4.6.1(aarch64|x86_64)0:4.0.9-150000.45.25.1(aarch64|x86_64)0:1.34-150000.3.31.1(aarch64|x86_64)0:1.4.4-150000.1.9.1(aarch64|x86_64)0:1.19.0-150000.3.20.1(noarch)0:9.0.1234-150000.5.34.1(aarch64|x86_64)0:9.0.1234-150000.5.34.10:5.14.21-150400.24.41.10:4.12.14-122.147.10:4.12.14-122.147.10:6-150200.2.3-00:3-150200.2.3-00:5.3.18-150200.24.139.10:3-150300.2.3-00:8-150300.2.3-00:6-150300.2.3-00:4-150400.2.3-00:12-150400.10.3-00:9-150400.2.3-00:8-150400.2.3-00:6-150400.2.3-00:5-150400.2.3-00:3-150400.2.3-0(aarch64|x86_64)0:3.6.7-150200.14.25.20:4-150400.2.2-00:6-150400.2.2-00:5-150400.2.2-00:14-150400.16.1-00:11-150400.2.3-00:10-150400.2.3-00:7-150400.2.3-00:5.14.21-150400.24.46.10:5.14.21-150400.24.55.30:5.14.21-150400.24.60.10:2-150400.2.3-00:8-150200.2.3-00:4-150200.2.3-00:7-150300.2.3-0(aarch64|x86_64)0:1.1.1d-150200.11.62.1(noarch)0:9.0.1386-150000.5.37.1(aarch64|x86_64)0:9.0.1386-150000.5.37.10:4.12.14-95.117.10:4.12.14-150100.197.134.10:4.12.14-150100.197.134.10:5.3.18-150200.24.142.10:13-150400.13.2-00:10-150400.2.2-00:9-150400.2.2-00:7-150400.2.2-0(aarch64|x86_64)0:2.31-150300.46.1(aarch64|x86_64)0:3.79.4-150000.3.93.1(aarch64|x86_64)0:4.4.4-150300.9.20.1(noarch)0:4.4.4-150300.9.20.1(aarch64|x86_64)0:0.8.2-150300.3.9.10:4.12.14-122.150.10:4.12.14-122.153.10:4.12.14-122.156.10:4.12.14-122.159.10:4.12.14-122.162.10:4.12.14-122.162.10:8-150100.2.3-00:4.12.14-150100.197.137.20:4.12.14-150100.197.142.10:4.12.14-150100.197.145.10:4.12.14-150100.197.145.10:5.3.18-150200.24.148.10:5.3.18-150200.24.151.10:5.3.18-150200.24.154.10:5.3.18-150200.24.154.10:5.3.18-150300.59.118.10:5.3.18-150300.59.121.20:5.3.18-150300.59.124.10:8-150400.2.2-00:14-150400.2.2-00:13-150400.2.2-00:11-150400.2.2-00:5.14.21-150400.24.63.10:5.14.21-150400.24.66.10:3-150500.6.2-00:5.14.21-150500.53.20:2-150200.2.3-00:2-150300.2.3-00:4.12.14-95.120.40:4.12.14-122.150.1(noarch)0:9.0.1443-150000.5.40.1(aarch64|x86_64)0:9.0.1443-150000.5.40.1(aarch64|ppc64le|s390x|x86_64)0:9.0.1443-150000.5.40.10:4.12.14-122.153.10:2-150100.2.2-00:4.12.14-150100.197.137.20:4.12.14-95.120.40:4.12.14-122.165.10:4.12.14-122.173.10:4.12.14-122.173.10:4.12.14-150100.197.148.10:4.12.14-150100.197.151.10:4.12.14-150100.197.154.10:4.12.14-150100.197.154.10:5.3.18-150200.24.151.10:4-150500.9.2-00:3-150500.2.1-00:5.3.18-150200.24.148.1(aarch64|x86_64)0:0.7-150100.3.24.10:4.12.14-122.156.10:4.12.14-150100.197.142.10:4.12.14-150100.197.148.10:12-150400.2.2-00:2-150500.3.1-00:5.3.18-150300.59.127.10:5.14.21-150400.24.69.10:5.14.21-150400.24.74.10:2-150500.2.1-00:5.14.21-150500.55.12.10:5.14.21-150500.55.7.10:4.12.14-122.159.1(aarch64|x86_64)0:1.9.5p2-150300.3.19.10:4.12.14-95.114.10:4.12.14-150100.197.131.1(aarch64|x86_64)0:7.66.0-150200.4.52.1(aarch64|x86_64)0:3.3.2-150200.19.1(aarch64|x86_64)0:3.6.15-150300.10.45.1(aarch64|x86_64)0:2.62.6-150200.3.15.1(aarch64|x86_64)0:1.6.19-150000.87.1(aarch64|x86_64)0:2.6.4-150200.3.6.1(aarch64|x86_64)0:1.1.5-150000.41.10:13-150100.2.3-00:10-150100.2.3-00:3-150100.2.3-00:2-150100.2.3-0(aarch64|x86_64)0:0.9.57-150000.3.3.1(aarch64|x86_64)0:2.86-150100.7.23.1(aarch64|x86_64)0:1.9.5p2-150300.3.24.1(noarch)0:4.8.1-150300.4.6.1(aarch64|x86_64)0:4.8.1-150300.4.6.1(aarch64|x86_64)0:3.2-150100.9.16.10:4.12.14-95.125.10:4.12.14-95.125.10:4.12.14-122.165.10:4.12.14-150100.197.151.10:5.3.18-150200.24.157.10:5.3.18-150200.24.157.1