rpm package
almalinux/kernel-cross-headers
pkg:rpm/almalinux/kernel-cross-headers
Vulnerabilities (1,148)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2022-47929 | — | < 5.14.0-284.11.1.el9_2 | 5.14.0-284.11.1.el9_2 | Jan 17, 2023 | In the Linux kernel before 6.1.6, a NULL pointer dereference bug in the traffic control subsystem allows an unprivileged user to trigger a denial of service (system crash) via a crafted traffic control configuration that is set up with "tc qdisc" and "tc class" commands. This aff | ||
| CVE-2022-41858 | — | < 4.18.0-513.18.1.el8_9 | 4.18.0-513.18.1.el8_9 | Jan 17, 2023 | A flaw was found in the Linux kernel. A NULL pointer dereference may occur while a slip driver is in progress to detach in sl_tx_timeout in drivers/net/slip/slip.c. This issue could allow an attacker to crash the system or leak internal kernel information. | ||
| CVE-2023-23455 | — | < 4.18.0-513.5.1.el8_9 | 4.18.0-513.5.1.el8_9 | Jan 12, 2023 | atm_tc_enqueue in net/sched/sch_atm.c in the Linux kernel through 6.1.4 allows attackers to cause a denial of service because of type confusion (non-negative numbers can sometimes indicate a TC_ACT_SHOT condition rather than valid classification results). | ||
| CVE-2023-23454 | — | < 4.18.0-477.10.1.el8_8 | 4.18.0-477.10.1.el8_8 | Jan 12, 2023 | cbq_classify in net/sched/sch_cbq.c in the Linux kernel through 6.1.4 allows attackers to cause a denial of service (slab-out-of-bounds read) because of type confusion (non-negative numbers can sometimes indicate a TC_ACT_SHOT condition rather than valid classification results). | ||
| CVE-2022-3628 | — | < 5.14.0-284.11.1.el9_2 | 5.14.0-284.11.1.el9_2 | Jan 12, 2023 | A buffer overflow flaw was found in the Linux kernel Broadcom Full MAC Wi-Fi driver. This issue occurs when a user connects to a malicious USB device. This can allow a local user to crash the system or escalate their privileges. | ||
| CVE-2022-4379 | — | < 5.14.0-162.18.1.el9_1 | 5.14.0-162.18.1.el9_1 | Jan 10, 2023 | A use-after-free vulnerability was found in __nfs42_ssc_open() in fs/nfs/nfs4file.c in the Linux kernel. This flaw allows an attacker to conduct a remote denial | ||
| CVE-2022-2196 | — | < 5.14.0-284.11.1.el9_2 | 5.14.0-284.11.1.el9_2 | Jan 9, 2023 | A regression exists in the Linux Kernel within KVM: nVMX that allowed for speculative execution attacks. L2 can carry out Spectre v2 attacks on L1 due to L1 thinking it doesn't need retpolines or IBPB after running L2 due to KVM (L0) advertising eIBRS support to L1. An attacker a | ||
| CVE-2022-4378 | — | < 5.14.0-162.18.1.el9_1 | 5.14.0-162.18.1.el9_1 | Jan 5, 2023 | A stack overflow flaw was found in the Linux kernel's SYSCTL subsystem in how a user changes certain kernel parameters and variables. This flaw allows a local user to crash or potentially escalate their privileges on the system. | ||
| CVE-2022-4269 | — | < 5.14.0-162.22.2.el9_1 | 5.14.0-162.22.2.el9_1 | Dec 5, 2022 | A flaw was found in the Linux kernel Traffic Control (TC) subsystem. Using a specific networking configuration (redirecting egress packets to ingress using TC action "mirred") a local unprivileged user could trigger a CPU soft lockup (ABBA deadlock) when the transport protocol in | ||
| CVE-2022-45869 | — | < 5.14.0-284.25.1.el9_2 | 5.14.0-284.25.1.el9_2 | Nov 30, 2022 | A race condition in the x86 KVM subsystem in the Linux kernel through 6.1-rc6 allows guest OS users to cause a denial of service (host OS crash or host OS memory corruption) when nested virtualisation and the TDP MMU are enabled. | ||
| CVE-2022-4129 | — | < 5.14.0-284.11.1.el9_2 | 5.14.0-284.11.1.el9_2 | Nov 28, 2022 | A flaw was found in the Linux kernel's Layer 2 Tunneling Protocol (L2TP). A missing lock when clearing sk_user_data can lead to a race condition and NULL pointer dereference. A local user could use this flaw to potentially crash the system causing a denial of service. | ||
| CVE-2022-4128 | — | < 5.14.0-284.11.1.el9_2 | 5.14.0-284.11.1.el9_2 | Nov 28, 2022 | A NULL pointer dereference issue was discovered in the Linux kernel in the MPTCP protocol when traversing the subflow list at disconnect time. A local user could use this flaw to potentially crash the system causing a denial of service. | ||
| CVE-2022-45934 | — | < 5.14.0-427.13.1.el9_4 | 5.14.0-427.13.1.el9_4 | Nov 27, 2022 | An issue was discovered in the Linux kernel through 6.0.10. l2cap_config_req in net/bluetooth/l2cap_core.c has an integer wraparound via L2CAP_CONF_REQ packets. | ||
| CVE-2022-45919 | — | < 4.18.0-513.9.1.el8_9 | 4.18.0-513.9.1.el8_9 | Nov 27, 2022 | An issue was discovered in the Linux kernel through 6.0.10. In drivers/media/dvb-core/dvb_ca_en50221.c, a use-after-free can occur is there is a disconnect after an open, because of the lack of a wait_event. | ||
| CVE-2022-45887 | — | < 4.18.0-513.5.1.el8_9 | 4.18.0-513.5.1.el8_9 | Nov 25, 2022 | An issue was discovered in the Linux kernel through 6.0.9. drivers/media/usb/ttusb-dec/ttusb_dec.c has a memory leak because of the lack of a dvb_frontend_detach call. | ||
| CVE-2022-45886 | — | < 4.18.0-513.9.1.el8_9 | 4.18.0-513.9.1.el8_9 | Nov 25, 2022 | An issue was discovered in the Linux kernel through 6.0.9. drivers/media/dvb-core/dvb_net.c has a .disconnect versus dvb_device_open race condition that leads to a use-after-free. | ||
| CVE-2022-45884 | — | < 4.18.0-513.9.1.el8_9 | 4.18.0-513.9.1.el8_9 | Nov 25, 2022 | An issue was discovered in the Linux kernel through 6.0.9. drivers/media/dvb-core/dvbdev.c has a use-after-free, related to dvb_register_device dynamically allocating fops. | ||
| CVE-2022-42896 | — | < 5.14.0-284.11.1.el9_2 | 5.14.0-284.11.1.el9_2 | Nov 23, 2022 | There are use-after-free vulnerabilities in the Linux kernel's net/bluetooth/l2cap_core.c's l2cap_connect and l2cap_le_connect_req functions which may allow code execution and leaking kernel memory (respectively) remotely via Bluetooth. A remote attacker could execute code leakin | ||
| CVE-2022-42895 | — | < 4.18.0-513.5.1.el8_9 | 4.18.0-513.5.1.el8_9 | Nov 23, 2022 | There is an infoleak vulnerability in the Linux kernel's net/bluetooth/l2cap_core.c's l2cap_parse_conf_req function which can be used to leak kernel pointers remotely. We recommend upgrading past commit https://github.com/torvalds/linux/commit/b1a2cd50c0357f243b7435a732b4e62ba31 | ||
| CVE-2022-43945 | Hig | 7.5 | < 5.14.0-162.12.1.el9_1 | 5.14.0-162.12.1.el9_1 | Nov 4, 2022 | The Linux kernel NFSD implementation prior to versions 5.19.17 and 6.0.2 are vulnerable to buffer overflow. NFSD tracks the number of pages held by each NFSD thread by combining the receive and send buffers of a remote procedure call (RPC) into a single array of pages. A client c |
- CVE-2022-47929Jan 17, 2023affected < 5.14.0-284.11.1.el9_2fixed 5.14.0-284.11.1.el9_2
In the Linux kernel before 6.1.6, a NULL pointer dereference bug in the traffic control subsystem allows an unprivileged user to trigger a denial of service (system crash) via a crafted traffic control configuration that is set up with "tc qdisc" and "tc class" commands. This aff
- CVE-2022-41858Jan 17, 2023affected < 4.18.0-513.18.1.el8_9fixed 4.18.0-513.18.1.el8_9
A flaw was found in the Linux kernel. A NULL pointer dereference may occur while a slip driver is in progress to detach in sl_tx_timeout in drivers/net/slip/slip.c. This issue could allow an attacker to crash the system or leak internal kernel information.
- CVE-2023-23455Jan 12, 2023affected < 4.18.0-513.5.1.el8_9fixed 4.18.0-513.5.1.el8_9
atm_tc_enqueue in net/sched/sch_atm.c in the Linux kernel through 6.1.4 allows attackers to cause a denial of service because of type confusion (non-negative numbers can sometimes indicate a TC_ACT_SHOT condition rather than valid classification results).
- CVE-2023-23454Jan 12, 2023affected < 4.18.0-477.10.1.el8_8fixed 4.18.0-477.10.1.el8_8
cbq_classify in net/sched/sch_cbq.c in the Linux kernel through 6.1.4 allows attackers to cause a denial of service (slab-out-of-bounds read) because of type confusion (non-negative numbers can sometimes indicate a TC_ACT_SHOT condition rather than valid classification results).
- CVE-2022-3628Jan 12, 2023affected < 5.14.0-284.11.1.el9_2fixed 5.14.0-284.11.1.el9_2
A buffer overflow flaw was found in the Linux kernel Broadcom Full MAC Wi-Fi driver. This issue occurs when a user connects to a malicious USB device. This can allow a local user to crash the system or escalate their privileges.
- CVE-2022-4379Jan 10, 2023affected < 5.14.0-162.18.1.el9_1fixed 5.14.0-162.18.1.el9_1
A use-after-free vulnerability was found in __nfs42_ssc_open() in fs/nfs/nfs4file.c in the Linux kernel. This flaw allows an attacker to conduct a remote denial
- CVE-2022-2196Jan 9, 2023affected < 5.14.0-284.11.1.el9_2fixed 5.14.0-284.11.1.el9_2
A regression exists in the Linux Kernel within KVM: nVMX that allowed for speculative execution attacks. L2 can carry out Spectre v2 attacks on L1 due to L1 thinking it doesn't need retpolines or IBPB after running L2 due to KVM (L0) advertising eIBRS support to L1. An attacker a
- CVE-2022-4378Jan 5, 2023affected < 5.14.0-162.18.1.el9_1fixed 5.14.0-162.18.1.el9_1
A stack overflow flaw was found in the Linux kernel's SYSCTL subsystem in how a user changes certain kernel parameters and variables. This flaw allows a local user to crash or potentially escalate their privileges on the system.
- CVE-2022-4269Dec 5, 2022affected < 5.14.0-162.22.2.el9_1fixed 5.14.0-162.22.2.el9_1
A flaw was found in the Linux kernel Traffic Control (TC) subsystem. Using a specific networking configuration (redirecting egress packets to ingress using TC action "mirred") a local unprivileged user could trigger a CPU soft lockup (ABBA deadlock) when the transport protocol in
- CVE-2022-45869Nov 30, 2022affected < 5.14.0-284.25.1.el9_2fixed 5.14.0-284.25.1.el9_2
A race condition in the x86 KVM subsystem in the Linux kernel through 6.1-rc6 allows guest OS users to cause a denial of service (host OS crash or host OS memory corruption) when nested virtualisation and the TDP MMU are enabled.
- CVE-2022-4129Nov 28, 2022affected < 5.14.0-284.11.1.el9_2fixed 5.14.0-284.11.1.el9_2
A flaw was found in the Linux kernel's Layer 2 Tunneling Protocol (L2TP). A missing lock when clearing sk_user_data can lead to a race condition and NULL pointer dereference. A local user could use this flaw to potentially crash the system causing a denial of service.
- CVE-2022-4128Nov 28, 2022affected < 5.14.0-284.11.1.el9_2fixed 5.14.0-284.11.1.el9_2
A NULL pointer dereference issue was discovered in the Linux kernel in the MPTCP protocol when traversing the subflow list at disconnect time. A local user could use this flaw to potentially crash the system causing a denial of service.
- CVE-2022-45934Nov 27, 2022affected < 5.14.0-427.13.1.el9_4fixed 5.14.0-427.13.1.el9_4
An issue was discovered in the Linux kernel through 6.0.10. l2cap_config_req in net/bluetooth/l2cap_core.c has an integer wraparound via L2CAP_CONF_REQ packets.
- CVE-2022-45919Nov 27, 2022affected < 4.18.0-513.9.1.el8_9fixed 4.18.0-513.9.1.el8_9
An issue was discovered in the Linux kernel through 6.0.10. In drivers/media/dvb-core/dvb_ca_en50221.c, a use-after-free can occur is there is a disconnect after an open, because of the lack of a wait_event.
- CVE-2022-45887Nov 25, 2022affected < 4.18.0-513.5.1.el8_9fixed 4.18.0-513.5.1.el8_9
An issue was discovered in the Linux kernel through 6.0.9. drivers/media/usb/ttusb-dec/ttusb_dec.c has a memory leak because of the lack of a dvb_frontend_detach call.
- CVE-2022-45886Nov 25, 2022affected < 4.18.0-513.9.1.el8_9fixed 4.18.0-513.9.1.el8_9
An issue was discovered in the Linux kernel through 6.0.9. drivers/media/dvb-core/dvb_net.c has a .disconnect versus dvb_device_open race condition that leads to a use-after-free.
- CVE-2022-45884Nov 25, 2022affected < 4.18.0-513.9.1.el8_9fixed 4.18.0-513.9.1.el8_9
An issue was discovered in the Linux kernel through 6.0.9. drivers/media/dvb-core/dvbdev.c has a use-after-free, related to dvb_register_device dynamically allocating fops.
- CVE-2022-42896Nov 23, 2022affected < 5.14.0-284.11.1.el9_2fixed 5.14.0-284.11.1.el9_2
There are use-after-free vulnerabilities in the Linux kernel's net/bluetooth/l2cap_core.c's l2cap_connect and l2cap_le_connect_req functions which may allow code execution and leaking kernel memory (respectively) remotely via Bluetooth. A remote attacker could execute code leakin
- CVE-2022-42895Nov 23, 2022affected < 4.18.0-513.5.1.el8_9fixed 4.18.0-513.5.1.el8_9
There is an infoleak vulnerability in the Linux kernel's net/bluetooth/l2cap_core.c's l2cap_parse_conf_req function which can be used to leak kernel pointers remotely. We recommend upgrading past commit https://github.com/torvalds/linux/commit/b1a2cd50c0357f243b7435a732b4e62ba31
- affected < 5.14.0-162.12.1.el9_1fixed 5.14.0-162.12.1.el9_1
The Linux kernel NFSD implementation prior to versions 5.19.17 and 6.0.2 are vulnerable to buffer overflow. NFSD tracks the number of pages held by each NFSD thread by combining the receive and send buffers of a remote procedure call (RPC) into a single array of pages. A client c
Page 51 of 58