rpm package

almalinux/kernel-debug-devel-matched

pkg:rpm/almalinux/kernel-debug-devel-matched

Vulnerabilities (782)

CVE	CVSS	Affected versions	Fixed in	Published	Description
CVE-2022-1789	—	< 5.14.0-284.11.1.el9_2	5.14.0-284.11.1.el9_2	May 31, 2022	With shadow paging enabled, the INVPCID instruction results in a call to kvm_mmu_invpcid_gva. If INVPCID is executed with CR0.PG=0, the invlpg callback is not set and the result is a NULL pointer dereference.
CVE-2022-1462	—	< 5.14.0-284.11.1.el9_2	5.14.0-284.11.1.el9_2	May 31, 2022	An out-of-bounds read flaw was found in the Linux kernel’s TeleTYpe subsystem. The issue occurs in how a user triggers a race condition using ioctls TIOCSPTLCK and TIOCGPTPEER and TIOCSTI and TCXONC with leakage of memory in the flush_to_ldisc function. This flaw allows a local u
CVE-2022-1882	—	< 5.14.0-284.11.1.el9_2	5.14.0-284.11.1.el9_2	May 26, 2022	A use-after-free flaw was found in the Linux kernel’s pipes functionality in how a user performs manipulations with the pipe post_one_notification() after free_pipe_info() that is already called. This flaw allows a local user to crash or potentially escalate their privileges on t
CVE-2022-29581	—	< 5.14.0-162.6.1.el9_1	5.14.0-162.6.1.el9_1	May 17, 2022	Improper Update of Reference Count vulnerability in net/sched of Linux Kernel allows local attacker to cause privilege escalation to root. This issue affects: Linux Kernel versions prior to 5.18; version 4.14 and later versions.
CVE-2022-1679	—	< 5.14.0-162.6.1.el9_1	5.14.0-162.6.1.el9_1	May 16, 2022	A use-after-free flaw was found in the Linux kernel’s Atheros wireless adapter driver in the way a user forces the ath9k_htc_wait_for_target function to fail with some input messages. This flaw allows a local user to crash or potentially escalate their privileges on the system.
CVE-2022-30594	—	< 5.14.0-70.30.1.el9_0	5.14.0-70.30.1.el9_0	May 12, 2022	The Linux kernel before 5.17.2 mishandles seccomp permissions. The PTRACE_SEIZE code path allows attackers to bypass intended restrictions on setting the PT_SUSPEND_SECCOMP flag.
CVE-2022-1353	—	< 5.14.0-162.6.1.el9_1	5.14.0-162.6.1.el9_1	Apr 29, 2022	A vulnerability was found in the pfkey_register function in net/key/af_key.c in the Linux kernel. This flaw allows a local, unprivileged user to gain access to kernel memory, leading to a system crash or a leak of internal kernel information.
CVE-2022-1048	—	< 5.14.0-162.6.1.el9_1	5.14.0-162.6.1.el9_1	Apr 29, 2022	A use-after-free flaw was found in the Linux kernel’s sound subsystem in the way a user triggers concurrent calls of PCM hw_params. The hw_free ioctls or similar race condition happens inside ALSA PCM for other ioctls. This flaw allows a local user to crash or potentially escalat
CVE-2022-1280	—	< 5.14.0-162.6.1.el9_1	5.14.0-162.6.1.el9_1	Apr 13, 2022	A use-after-free vulnerability was found in drm_lease_held in drivers/gpu/drm/drm_lease.c in the Linux kernel due to a race problem. This flaw allows a local user privilege attacker to cause a denial of service (DoS) or a kernel information leak.
CVE-2022-28893	—	< 5.14.0-162.6.1.el9_1	5.14.0-162.6.1.el9_1	Apr 11, 2022	The SUNRPC subsystem in the Linux kernel through 5.17.2 can call xs_xprt_free before ensuring that sockets are in the intended state.
CVE-2022-28388	—	< 5.14.0-284.11.1.el9_2	5.14.0-284.11.1.el9_2	Apr 3, 2022	usb_8dev_start_xmit in drivers/net/can/usb/usb_8dev.c in the Linux kernel through 5.17.1 has a double free.
CVE-2022-28390	—	< 5.14.0-162.6.1.el9_1	5.14.0-162.6.1.el9_1	Apr 3, 2022	ems_usb_start_xmit in drivers/net/can/usb/ems_usb.c in the Linux kernel through 5.17.1 has a double free.
CVE-2022-1055	—	< 5.14.0-70.22.1.el9_0	5.14.0-70.22.1.el9_0	Mar 29, 2022	A use-after-free exists in the Linux Kernel in tc_new_tfilter that could allow a local attacker to gain privilege escalation. The exploit requires unprivileged user namespaces. We recommend upgrading past commit 04c2a47ffb13c29778e2a14e414ad4cb5a5db4b5
CVE-2022-0494	—	< 5.14.0-70.22.1.el9_0	5.14.0-70.22.1.el9_0	Mar 25, 2022	A kernel information leak flaw was identified in the scsi_ioctl function in drivers/scsi/scsi_ioctl.c in the Linux kernel. This flaw allows a local attacker with a special user privilege (CAP_SYS_ADMIN or CAP_SYS_RAWIO) to create issues with confidentiality.
CVE-2022-0854	—	< 5.14.0-162.6.1.el9_1	5.14.0-162.6.1.el9_1	Mar 23, 2022	A memory leak flaw was found in the Linux kernel’s DMA subsystem, in the way a user calls DMA_FROM_DEVICE. This flaw allows a local user to read random memory from the kernel space.
CVE-2022-27666	—	< 5.14.0-70.17.1.el9_0	5.14.0-70.17.1.el9_0	Mar 23, 2022	A heap buffer overflow flaw was found in IPsec ESP transformation code in net/ipv4/esp4.c and net/ipv6/esp6.c. This flaw allows a local attacker with a normal user privilege to overwrite kernel heap objects and may cause a local privilege escalation threat.
CVE-2021-26341	—	< 5.14.0-284.11.1.el9_2	5.14.0-284.11.1.el9_2	Mar 11, 2022	Some AMD CPUs may transiently execute beyond unconditional direct branches, which may potentially result in data leakage.
CVE-2021-3640	—	< 5.14.0-162.6.1.el9_1	5.14.0-162.6.1.el9_1	Mar 3, 2022	A flaw use-after-free in function sco_sock_sendmsg() of the Linux kernel HCI subsystem was found in the way user calls ioct UFFDIO_REGISTER or other way triggers race condition of the call sco_conn_del() together with the call sco_sock_sendmsg() with the expected controllable fau
CVE-2020-36516	—	< 5.14.0-162.6.1.el9_1	5.14.0-162.6.1.el9_1	Feb 26, 2022	An issue was discovered in the Linux kernel through 5.16.11. The mixed IPID assignment method with the hash-based IPID assignment policy allows an off-path attacker to inject data into a victim's TCP session or terminate that session.
CVE-2022-0617	—	< 5.14.0-162.6.1.el9_1	5.14.0-162.6.1.el9_1	Feb 16, 2022	A flaw null pointer dereference in the Linux kernel UDF file system functionality was found in the way user triggers udf_file_write_iter function for the malicious UDF image. A local user could use this flaw to crash the system. Actual from Linux kernel 4.2-rc1 till 5.17-rc2.

CVE-2022-1789May 31, 2022
affected < 5.14.0-284.11.1.el9_2fixed 5.14.0-284.11.1.el9_2
With shadow paging enabled, the INVPCID instruction results in a call to kvm_mmu_invpcid_gva. If INVPCID is executed with CR0.PG=0, the invlpg callback is not set and the result is a NULL pointer dereference.
CVE-2022-1462May 31, 2022
affected < 5.14.0-284.11.1.el9_2fixed 5.14.0-284.11.1.el9_2
An out-of-bounds read flaw was found in the Linux kernel’s TeleTYpe subsystem. The issue occurs in how a user triggers a race condition using ioctls TIOCSPTLCK and TIOCGPTPEER and TIOCSTI and TCXONC with leakage of memory in the flush_to_ldisc function. This flaw allows a local u
CVE-2022-1882May 26, 2022
affected < 5.14.0-284.11.1.el9_2fixed 5.14.0-284.11.1.el9_2
A use-after-free flaw was found in the Linux kernel’s pipes functionality in how a user performs manipulations with the pipe post_one_notification() after free_pipe_info() that is already called. This flaw allows a local user to crash or potentially escalate their privileges on t
CVE-2022-29581May 17, 2022
affected < 5.14.0-162.6.1.el9_1fixed 5.14.0-162.6.1.el9_1
Improper Update of Reference Count vulnerability in net/sched of Linux Kernel allows local attacker to cause privilege escalation to root. This issue affects: Linux Kernel versions prior to 5.18; version 4.14 and later versions.
CVE-2022-1679May 16, 2022
affected < 5.14.0-162.6.1.el9_1fixed 5.14.0-162.6.1.el9_1
A use-after-free flaw was found in the Linux kernel’s Atheros wireless adapter driver in the way a user forces the ath9k_htc_wait_for_target function to fail with some input messages. This flaw allows a local user to crash or potentially escalate their privileges on the system.
CVE-2022-30594May 12, 2022
affected < 5.14.0-70.30.1.el9_0fixed 5.14.0-70.30.1.el9_0
The Linux kernel before 5.17.2 mishandles seccomp permissions. The PTRACE_SEIZE code path allows attackers to bypass intended restrictions on setting the PT_SUSPEND_SECCOMP flag.
CVE-2022-1353Apr 29, 2022
affected < 5.14.0-162.6.1.el9_1fixed 5.14.0-162.6.1.el9_1
A vulnerability was found in the pfkey_register function in net/key/af_key.c in the Linux kernel. This flaw allows a local, unprivileged user to gain access to kernel memory, leading to a system crash or a leak of internal kernel information.
CVE-2022-1048Apr 29, 2022
affected < 5.14.0-162.6.1.el9_1fixed 5.14.0-162.6.1.el9_1
A use-after-free flaw was found in the Linux kernel’s sound subsystem in the way a user triggers concurrent calls of PCM hw_params. The hw_free ioctls or similar race condition happens inside ALSA PCM for other ioctls. This flaw allows a local user to crash or potentially escalat
CVE-2022-1280Apr 13, 2022
affected < 5.14.0-162.6.1.el9_1fixed 5.14.0-162.6.1.el9_1
A use-after-free vulnerability was found in drm_lease_held in drivers/gpu/drm/drm_lease.c in the Linux kernel due to a race problem. This flaw allows a local user privilege attacker to cause a denial of service (DoS) or a kernel information leak.
CVE-2022-28893Apr 11, 2022
affected < 5.14.0-162.6.1.el9_1fixed 5.14.0-162.6.1.el9_1
The SUNRPC subsystem in the Linux kernel through 5.17.2 can call xs_xprt_free before ensuring that sockets are in the intended state.
CVE-2022-28388Apr 3, 2022
affected < 5.14.0-284.11.1.el9_2fixed 5.14.0-284.11.1.el9_2
usb_8dev_start_xmit in drivers/net/can/usb/usb_8dev.c in the Linux kernel through 5.17.1 has a double free.
CVE-2022-28390Apr 3, 2022
affected < 5.14.0-162.6.1.el9_1fixed 5.14.0-162.6.1.el9_1
ems_usb_start_xmit in drivers/net/can/usb/ems_usb.c in the Linux kernel through 5.17.1 has a double free.
CVE-2022-1055Mar 29, 2022
affected < 5.14.0-70.22.1.el9_0fixed 5.14.0-70.22.1.el9_0
A use-after-free exists in the Linux Kernel in tc_new_tfilter that could allow a local attacker to gain privilege escalation. The exploit requires unprivileged user namespaces. We recommend upgrading past commit 04c2a47ffb13c29778e2a14e414ad4cb5a5db4b5
CVE-2022-0494Mar 25, 2022
affected < 5.14.0-70.22.1.el9_0fixed 5.14.0-70.22.1.el9_0
A kernel information leak flaw was identified in the scsi_ioctl function in drivers/scsi/scsi_ioctl.c in the Linux kernel. This flaw allows a local attacker with a special user privilege (CAP_SYS_ADMIN or CAP_SYS_RAWIO) to create issues with confidentiality.
CVE-2022-0854Mar 23, 2022
affected < 5.14.0-162.6.1.el9_1fixed 5.14.0-162.6.1.el9_1
A memory leak flaw was found in the Linux kernel’s DMA subsystem, in the way a user calls DMA_FROM_DEVICE. This flaw allows a local user to read random memory from the kernel space.
CVE-2022-27666Mar 23, 2022
affected < 5.14.0-70.17.1.el9_0fixed 5.14.0-70.17.1.el9_0
A heap buffer overflow flaw was found in IPsec ESP transformation code in net/ipv4/esp4.c and net/ipv6/esp6.c. This flaw allows a local attacker with a normal user privilege to overwrite kernel heap objects and may cause a local privilege escalation threat.
CVE-2021-26341Mar 11, 2022
affected < 5.14.0-284.11.1.el9_2fixed 5.14.0-284.11.1.el9_2
Some AMD CPUs may transiently execute beyond unconditional direct branches, which may potentially result in data leakage.
CVE-2021-3640Mar 3, 2022
affected < 5.14.0-162.6.1.el9_1fixed 5.14.0-162.6.1.el9_1
A flaw use-after-free in function sco_sock_sendmsg() of the Linux kernel HCI subsystem was found in the way user calls ioct UFFDIO_REGISTER or other way triggers race condition of the call sco_conn_del() together with the call sco_sock_sendmsg() with the expected controllable fau
CVE-2020-36516Feb 26, 2022
affected < 5.14.0-162.6.1.el9_1fixed 5.14.0-162.6.1.el9_1
An issue was discovered in the Linux kernel through 5.16.11. The mixed IPID assignment method with the hash-based IPID assignment policy allows an off-path attacker to inject data into a victim's TCP session or terminate that session.
CVE-2022-0617Feb 16, 2022
affected < 5.14.0-162.6.1.el9_1fixed 5.14.0-162.6.1.el9_1
A flaw null pointer dereference in the Linux kernel UDF file system functionality was found in the way user triggers udf_file_write_iter function for the malicious UDF image. A local user could use this flaw to crash the system. Actual from Linux kernel 4.2-rc1 till 5.17-rc2.

Page 39 of 40