rpm package
almalinux/kernel-abi-stablelists
pkg:rpm/almalinux/kernel-abi-stablelists
Vulnerabilities (1,264)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2022-27666 | — | < 5.14.0-70.17.1.el9_0 | 5.14.0-70.17.1.el9_0 | Mar 23, 2022 | A heap buffer overflow flaw was found in IPsec ESP transformation code in net/ipv4/esp4.c and net/ipv6/esp6.c. This flaw allows a local attacker with a normal user privilege to overwrite kernel heap objects and may cause a local privilege escalation threat. | ||
| CVE-2022-1011 | — | < 4.18.0-372.9.1.el8 | 4.18.0-372.9.1.el8 | Mar 18, 2022 | A use-after-free flaw was found in the Linux kernel’s FUSE filesystem in the way a user triggers write(). This flaw allows a local user to gain unauthorized access to data from the FUSE filesystem, resulting in privilege escalation. | ||
| CVE-2022-23960 | — | < 4.18.0-425.3.1.el8 | 4.18.0-425.3.1.el8 | Mar 12, 2022 | Certain Arm Cortex and Neoverse processors through 2022-03-08 do not properly restrict cache speculation, aka Spectre-BHB. An attacker can leverage the shared branch history in the Branch History Buffer (BHB) to influence mispredicted branches. Then, cache allocation can allow th | ||
| CVE-2022-0002 | — | < 4.18.0-372.9.1.el8 | 4.18.0-372.9.1.el8 | Mar 11, 2022 | Non-transparent sharing of branch predictor within a context in some Intel(R) Processors may allow an authorized user to potentially enable information disclosure via local access. | ||
| CVE-2021-26341 | — | < 5.14.0-284.11.1.el9_2 | 5.14.0-284.11.1.el9_2 | Mar 11, 2022 | Some AMD CPUs may transiently execute beyond unconditional direct branches, which may potentially result in data leakage. | ||
| CVE-2021-26401 | — | < 4.18.0-372.9.1.el8 | 4.18.0-372.9.1.el8 | Mar 11, 2022 | LFENCE/JMP (mitigation V2-2) may not sufficiently mitigate CVE-2017-5715 on some AMD CPUs. | ||
| CVE-2022-0001 | — | < 4.18.0-372.9.1.el8 | 4.18.0-372.9.1.el8 | Mar 11, 2022 | Non-transparent sharing of branch predictor selectors between contexts in some Intel(R) Processors may allow an authorized user to potentially enable information disclosure via local access. | ||
| CVE-2021-3744 | — | < 4.18.0-372.9.1.el8 | 4.18.0-372.9.1.el8 | Mar 4, 2022 | A memory leak flaw was found in the Linux kernel in the ccp_run_aes_gcm_cmd() function in drivers/crypto/ccp/ccp-ops.c, which allows attackers to cause a denial of service (memory consumption). This vulnerability is similar with the older CVE-2019-18808. | ||
| CVE-2021-3743 | — | < 4.18.0-372.9.1.el8 | 4.18.0-372.9.1.el8 | Mar 4, 2022 | An out-of-bounds (OOB) memory read flaw was found in the Qualcomm IPC router protocol in the Linux kernel. A missing sanity check allows a local attacker to gain access to out-of-bounds memory, leading to a system crash or a leak of internal kernel information. The highest threat | ||
| CVE-2021-3640 | — | < 4.18.0-425.3.1.el8 | 4.18.0-425.3.1.el8 | Mar 3, 2022 | A flaw use-after-free in function sco_sock_sendmsg() of the Linux kernel HCI subsystem was found in the way user calls ioct UFFDIO_REGISTER or other way triggers race condition of the call sco_conn_del() together with the call sco_sock_sendmsg() with the expected controllable fau | ||
| CVE-2021-4002 | — | < 4.18.0-372.9.1.el8 | 4.18.0-372.9.1.el8 | Mar 3, 2022 | A memory leak flaw in the Linux kernel's hugetlbfs memory usage was found in the way the user maps some regions of memory twice using shmget() which are aligned to PUD alignment with the fault of some of the memory pages. A local user could use this flaw to get unauthorized acces | ||
| CVE-2021-3772 | — | < 4.18.0-372.9.1.el8 | 4.18.0-372.9.1.el8 | Mar 2, 2022 | A flaw was found in the Linux SCTP stack. A blind attacker may be able to kill an existing SCTP association through invalid chunks if the attacker knows the IP-addresses and port numbers being used and the attacker can send packets with spoofed IP addresses. | ||
| CVE-2020-36516 | — | < 4.18.0-425.3.1.el8 | 4.18.0-425.3.1.el8 | Feb 26, 2022 | An issue was discovered in the Linux kernel through 5.16.11. The mixed IPID assignment method with the hash-based IPID assignment policy allows an off-path attacker to inject data into a victim's TCP session or terminate that session. | ||
| CVE-2021-20322 | — | < 4.18.0-372.9.1.el8 | 4.18.0-372.9.1.el8 | Feb 18, 2022 | A flaw in the processing of received ICMP errors (ICMP fragment needed and ICMP redirect) in the Linux kernel functionality was found to allow the ability to quickly scan open UDP ports. This flaw allows an off-path remote user to effectively bypass the source port UDP randomizat | ||
| CVE-2022-25265 | — | < 4.18.0-477.10.1.el8_8 | 4.18.0-477.10.1.el8_8 | Feb 16, 2022 | In the Linux kernel through 5.16.10, certain binary files may have the exec-all attribute if they were built in approximately 2003 (e.g., with GCC 3.2.2 and Linux kernel 2.4.20). This can cause execution of bytes located in supposedly non-executable regions of a file. | ||
| CVE-2021-3752 | — | < 4.18.0-372.9.1.el8 | 4.18.0-372.9.1.el8 | Feb 16, 2022 | A use-after-free flaw was found in the Linux kernel’s Bluetooth subsystem in the way user calls connect to the socket and disconnect simultaneously due to a race condition. This flaw allows a user to crash the system or escalate their privileges. The highest threat from this vuln | ||
| CVE-2021-3773 | — | < 4.18.0-372.9.1.el8 | 4.18.0-372.9.1.el8 | Feb 16, 2022 | A flaw in netfilter could allow a network-connected attacker to infer openvpn connection endpoint information for further use in traditional network attacks. | ||
| CVE-2022-0617 | — | < 4.18.0-425.3.1.el8 | 4.18.0-425.3.1.el8 | Feb 16, 2022 | A flaw null pointer dereference in the Linux kernel UDF file system functionality was found in the way user triggers udf_file_write_iter function for the malicious UDF image. A local user could use this flaw to crash the system. Actual from Linux kernel 4.2-rc1 till 5.17-rc2. | ||
| CVE-2022-24448 | — | < 4.18.0-425.3.1.el8 | 4.18.0-425.3.1.el8 | Feb 4, 2022 | An issue was discovered in fs/nfs/dir.c in the Linux kernel before 5.16.5. If an application sets the O_DIRECTORY flag, and tries to open a regular file, nfs_atomic_open() performs a regular lookup. If a regular file is found, ENOTDIR should occur, but the server instead returns | ||
| CVE-2022-0286 | — | < 4.18.0-372.9.1.el8 | 4.18.0-372.9.1.el8 | Jan 31, 2022 | A flaw was found in the Linux kernel. A null pointer dereference in bond_ipsec_add_sa() may lead to local denial of service. |
- CVE-2022-27666Mar 23, 2022affected < 5.14.0-70.17.1.el9_0fixed 5.14.0-70.17.1.el9_0
A heap buffer overflow flaw was found in IPsec ESP transformation code in net/ipv4/esp4.c and net/ipv6/esp6.c. This flaw allows a local attacker with a normal user privilege to overwrite kernel heap objects and may cause a local privilege escalation threat.
- CVE-2022-1011Mar 18, 2022affected < 4.18.0-372.9.1.el8fixed 4.18.0-372.9.1.el8
A use-after-free flaw was found in the Linux kernel’s FUSE filesystem in the way a user triggers write(). This flaw allows a local user to gain unauthorized access to data from the FUSE filesystem, resulting in privilege escalation.
- CVE-2022-23960Mar 12, 2022affected < 4.18.0-425.3.1.el8fixed 4.18.0-425.3.1.el8
Certain Arm Cortex and Neoverse processors through 2022-03-08 do not properly restrict cache speculation, aka Spectre-BHB. An attacker can leverage the shared branch history in the Branch History Buffer (BHB) to influence mispredicted branches. Then, cache allocation can allow th
- CVE-2022-0002Mar 11, 2022affected < 4.18.0-372.9.1.el8fixed 4.18.0-372.9.1.el8
Non-transparent sharing of branch predictor within a context in some Intel(R) Processors may allow an authorized user to potentially enable information disclosure via local access.
- CVE-2021-26341Mar 11, 2022affected < 5.14.0-284.11.1.el9_2fixed 5.14.0-284.11.1.el9_2
Some AMD CPUs may transiently execute beyond unconditional direct branches, which may potentially result in data leakage.
- CVE-2021-26401Mar 11, 2022affected < 4.18.0-372.9.1.el8fixed 4.18.0-372.9.1.el8
LFENCE/JMP (mitigation V2-2) may not sufficiently mitigate CVE-2017-5715 on some AMD CPUs.
- CVE-2022-0001Mar 11, 2022affected < 4.18.0-372.9.1.el8fixed 4.18.0-372.9.1.el8
Non-transparent sharing of branch predictor selectors between contexts in some Intel(R) Processors may allow an authorized user to potentially enable information disclosure via local access.
- CVE-2021-3744Mar 4, 2022affected < 4.18.0-372.9.1.el8fixed 4.18.0-372.9.1.el8
A memory leak flaw was found in the Linux kernel in the ccp_run_aes_gcm_cmd() function in drivers/crypto/ccp/ccp-ops.c, which allows attackers to cause a denial of service (memory consumption). This vulnerability is similar with the older CVE-2019-18808.
- CVE-2021-3743Mar 4, 2022affected < 4.18.0-372.9.1.el8fixed 4.18.0-372.9.1.el8
An out-of-bounds (OOB) memory read flaw was found in the Qualcomm IPC router protocol in the Linux kernel. A missing sanity check allows a local attacker to gain access to out-of-bounds memory, leading to a system crash or a leak of internal kernel information. The highest threat
- CVE-2021-3640Mar 3, 2022affected < 4.18.0-425.3.1.el8fixed 4.18.0-425.3.1.el8
A flaw use-after-free in function sco_sock_sendmsg() of the Linux kernel HCI subsystem was found in the way user calls ioct UFFDIO_REGISTER or other way triggers race condition of the call sco_conn_del() together with the call sco_sock_sendmsg() with the expected controllable fau
- CVE-2021-4002Mar 3, 2022affected < 4.18.0-372.9.1.el8fixed 4.18.0-372.9.1.el8
A memory leak flaw in the Linux kernel's hugetlbfs memory usage was found in the way the user maps some regions of memory twice using shmget() which are aligned to PUD alignment with the fault of some of the memory pages. A local user could use this flaw to get unauthorized acces
- CVE-2021-3772Mar 2, 2022affected < 4.18.0-372.9.1.el8fixed 4.18.0-372.9.1.el8
A flaw was found in the Linux SCTP stack. A blind attacker may be able to kill an existing SCTP association through invalid chunks if the attacker knows the IP-addresses and port numbers being used and the attacker can send packets with spoofed IP addresses.
- CVE-2020-36516Feb 26, 2022affected < 4.18.0-425.3.1.el8fixed 4.18.0-425.3.1.el8
An issue was discovered in the Linux kernel through 5.16.11. The mixed IPID assignment method with the hash-based IPID assignment policy allows an off-path attacker to inject data into a victim's TCP session or terminate that session.
- CVE-2021-20322Feb 18, 2022affected < 4.18.0-372.9.1.el8fixed 4.18.0-372.9.1.el8
A flaw in the processing of received ICMP errors (ICMP fragment needed and ICMP redirect) in the Linux kernel functionality was found to allow the ability to quickly scan open UDP ports. This flaw allows an off-path remote user to effectively bypass the source port UDP randomizat
- CVE-2022-25265Feb 16, 2022affected < 4.18.0-477.10.1.el8_8fixed 4.18.0-477.10.1.el8_8
In the Linux kernel through 5.16.10, certain binary files may have the exec-all attribute if they were built in approximately 2003 (e.g., with GCC 3.2.2 and Linux kernel 2.4.20). This can cause execution of bytes located in supposedly non-executable regions of a file.
- CVE-2021-3752Feb 16, 2022affected < 4.18.0-372.9.1.el8fixed 4.18.0-372.9.1.el8
A use-after-free flaw was found in the Linux kernel’s Bluetooth subsystem in the way user calls connect to the socket and disconnect simultaneously due to a race condition. This flaw allows a user to crash the system or escalate their privileges. The highest threat from this vuln
- CVE-2021-3773Feb 16, 2022affected < 4.18.0-372.9.1.el8fixed 4.18.0-372.9.1.el8
A flaw in netfilter could allow a network-connected attacker to infer openvpn connection endpoint information for further use in traditional network attacks.
- CVE-2022-0617Feb 16, 2022affected < 4.18.0-425.3.1.el8fixed 4.18.0-425.3.1.el8
A flaw null pointer dereference in the Linux kernel UDF file system functionality was found in the way user triggers udf_file_write_iter function for the malicious UDF image. A local user could use this flaw to crash the system. Actual from Linux kernel 4.2-rc1 till 5.17-rc2.
- CVE-2022-24448Feb 4, 2022affected < 4.18.0-425.3.1.el8fixed 4.18.0-425.3.1.el8
An issue was discovered in fs/nfs/dir.c in the Linux kernel before 5.16.5. If an application sets the O_DIRECTORY flag, and tries to open a regular file, nfs_atomic_open() performs a regular lookup. If a regular file is found, ENOTDIR should occur, but the server instead returns
- CVE-2022-0286Jan 31, 2022affected < 4.18.0-372.9.1.el8fixed 4.18.0-372.9.1.el8
A flaw was found in the Linux kernel. A null pointer dereference in bond_ipsec_add_sa() may lead to local denial of service.
Page 62 of 64