rpm package
almalinux/kernel-doc
pkg:rpm/almalinux/kernel-doc
Vulnerabilities (1,156)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2022-1280 | — | < 5.14.0-162.6.1.el9_1 | 5.14.0-162.6.1.el9_1 | Apr 13, 2022 | A use-after-free vulnerability was found in drm_lease_held in drivers/gpu/drm/drm_lease.c in the Linux kernel due to a race problem. This flaw allows a local user privilege attacker to cause a denial of service (DoS) or a kernel information leak. | ||
| CVE-2022-28893 | — | < 4.18.0-425.3.1.el8 | 4.18.0-425.3.1.el8 | Apr 11, 2022 | The SUNRPC subsystem in the Linux kernel through 5.17.2 can call xs_xprt_free before ensuring that sockets are in the intended state. | ||
| CVE-2022-28388 | — | < 5.14.0-284.11.1.el9_2 | 5.14.0-284.11.1.el9_2 | Apr 3, 2022 | usb_8dev_start_xmit in drivers/net/can/usb/usb_8dev.c in the Linux kernel through 5.17.1 has a double free. | ||
| CVE-2022-28390 | — | < 4.18.0-425.3.1.el8 | 4.18.0-425.3.1.el8 | Apr 3, 2022 | ems_usb_start_xmit in drivers/net/can/usb/ems_usb.c in the Linux kernel through 5.17.1 has a double free. | ||
| CVE-2022-1055 | — | < 5.14.0-70.22.1.el9_0 | 5.14.0-70.22.1.el9_0 | Mar 29, 2022 | A use-after-free exists in the Linux Kernel in tc_new_tfilter that could allow a local attacker to gain privilege escalation. The exploit requires unprivileged user namespaces. We recommend upgrading past commit 04c2a47ffb13c29778e2a14e414ad4cb5a5db4b5 | ||
| CVE-2022-27950 | — | < 4.18.0-425.3.1.el8 | 4.18.0-425.3.1.el8 | Mar 28, 2022 | In drivers/hid/hid-elo.c in the Linux kernel before 5.16.11, a memory leak exists for a certain hid_parse error condition. | ||
| CVE-2022-0494 | — | < 5.14.0-70.22.1.el9_0 | 5.14.0-70.22.1.el9_0 | Mar 25, 2022 | A kernel information leak flaw was identified in the scsi_ioctl function in drivers/scsi/scsi_ioctl.c in the Linux kernel. This flaw allows a local attacker with a special user privilege (CAP_SYS_ADMIN or CAP_SYS_RAWIO) to create issues with confidentiality. | ||
| CVE-2022-0322 | — | < 4.18.0-372.9.1.el8 | 4.18.0-372.9.1.el8 | Mar 25, 2022 | A flaw was found in the sctp_make_strreset_req function in net/sctp/sm_make_chunk.c in the SCTP network protocol in the Linux kernel with a local user privilege access. In this flaw, an attempt to use more buffer than is allocated triggers a BUG_ON issue, leading to a denial of s | ||
| CVE-2021-4157 | — | < 4.18.0-372.9.1.el8 | 4.18.0-372.9.1.el8 | Mar 25, 2022 | An out of memory bounds write flaw (1 or 2 bytes of memory) in the Linux kernel NFS subsystem was found in the way users use mirroring (replication of files with NFS). A user, having access to the NFS mount, could potentially use this flaw to crash the system or escalate privileg | ||
| CVE-2021-4203 | — | < 4.18.0-372.9.1.el8 | 4.18.0-372.9.1.el8 | Mar 25, 2022 | A use-after-free read flaw was found in sock_getsockopt() in net/core/sock.c due to SO_PEERCRED and SO_PEERGROUPS race with listen() (and connect()) in the Linux kernel. In this flaw, an attacker with a user privileges may crash the system or leak internal kernel information. | ||
| CVE-2021-4197 | — | < 4.18.0-372.9.1.el8 | 4.18.0-372.9.1.el8 | Mar 23, 2022 | An unprivileged write to the file handler flaw in the Linux kernel's control groups and namespaces subsystem was found in the way users have access to some less privileged process that are controlled by cgroups and have higher privileged parent process. It is actually both for cg | ||
| CVE-2022-0854 | — | < 4.18.0-425.3.1.el8 | 4.18.0-425.3.1.el8 | Mar 23, 2022 | A memory leak flaw was found in the Linux kernel’s DMA subsystem, in the way a user calls DMA_FROM_DEVICE. This flaw allows a local user to read random memory from the kernel space. | ||
| CVE-2022-27666 | — | < 5.14.0-70.17.1.el9_0 | 5.14.0-70.17.1.el9_0 | Mar 23, 2022 | A heap buffer overflow flaw was found in IPsec ESP transformation code in net/ipv4/esp4.c and net/ipv6/esp6.c. This flaw allows a local attacker with a normal user privilege to overwrite kernel heap objects and may cause a local privilege escalation threat. | ||
| CVE-2022-1011 | — | < 4.18.0-372.9.1.el8 | 4.18.0-372.9.1.el8 | Mar 18, 2022 | A use-after-free flaw was found in the Linux kernel’s FUSE filesystem in the way a user triggers write(). This flaw allows a local user to gain unauthorized access to data from the FUSE filesystem, resulting in privilege escalation. | ||
| CVE-2022-23960 | — | < 4.18.0-425.3.1.el8 | 4.18.0-425.3.1.el8 | Mar 12, 2022 | Certain Arm Cortex and Neoverse processors through 2022-03-08 do not properly restrict cache speculation, aka Spectre-BHB. An attacker can leverage the shared branch history in the Branch History Buffer (BHB) to influence mispredicted branches. Then, cache allocation can allow th | ||
| CVE-2022-0002 | — | < 4.18.0-372.9.1.el8 | 4.18.0-372.9.1.el8 | Mar 11, 2022 | Non-transparent sharing of branch predictor within a context in some Intel(R) Processors may allow an authorized user to potentially enable information disclosure via local access. | ||
| CVE-2021-26341 | — | < 5.14.0-284.11.1.el9_2 | 5.14.0-284.11.1.el9_2 | Mar 11, 2022 | Some AMD CPUs may transiently execute beyond unconditional direct branches, which may potentially result in data leakage. | ||
| CVE-2021-26401 | — | < 4.18.0-372.9.1.el8 | 4.18.0-372.9.1.el8 | Mar 11, 2022 | LFENCE/JMP (mitigation V2-2) may not sufficiently mitigate CVE-2017-5715 on some AMD CPUs. | ||
| CVE-2022-0001 | — | < 4.18.0-372.9.1.el8 | 4.18.0-372.9.1.el8 | Mar 11, 2022 | Non-transparent sharing of branch predictor selectors between contexts in some Intel(R) Processors may allow an authorized user to potentially enable information disclosure via local access. | ||
| CVE-2021-3744 | — | < 4.18.0-372.9.1.el8 | 4.18.0-372.9.1.el8 | Mar 4, 2022 | A memory leak flaw was found in the Linux kernel in the ccp_run_aes_gcm_cmd() function in drivers/crypto/ccp/ccp-ops.c, which allows attackers to cause a denial of service (memory consumption). This vulnerability is similar with the older CVE-2019-18808. |
- CVE-2022-1280Apr 13, 2022affected < 5.14.0-162.6.1.el9_1fixed 5.14.0-162.6.1.el9_1
A use-after-free vulnerability was found in drm_lease_held in drivers/gpu/drm/drm_lease.c in the Linux kernel due to a race problem. This flaw allows a local user privilege attacker to cause a denial of service (DoS) or a kernel information leak.
- CVE-2022-28893Apr 11, 2022affected < 4.18.0-425.3.1.el8fixed 4.18.0-425.3.1.el8
The SUNRPC subsystem in the Linux kernel through 5.17.2 can call xs_xprt_free before ensuring that sockets are in the intended state.
- CVE-2022-28388Apr 3, 2022affected < 5.14.0-284.11.1.el9_2fixed 5.14.0-284.11.1.el9_2
usb_8dev_start_xmit in drivers/net/can/usb/usb_8dev.c in the Linux kernel through 5.17.1 has a double free.
- CVE-2022-28390Apr 3, 2022affected < 4.18.0-425.3.1.el8fixed 4.18.0-425.3.1.el8
ems_usb_start_xmit in drivers/net/can/usb/ems_usb.c in the Linux kernel through 5.17.1 has a double free.
- CVE-2022-1055Mar 29, 2022affected < 5.14.0-70.22.1.el9_0fixed 5.14.0-70.22.1.el9_0
A use-after-free exists in the Linux Kernel in tc_new_tfilter that could allow a local attacker to gain privilege escalation. The exploit requires unprivileged user namespaces. We recommend upgrading past commit 04c2a47ffb13c29778e2a14e414ad4cb5a5db4b5
- CVE-2022-27950Mar 28, 2022affected < 4.18.0-425.3.1.el8fixed 4.18.0-425.3.1.el8
In drivers/hid/hid-elo.c in the Linux kernel before 5.16.11, a memory leak exists for a certain hid_parse error condition.
- CVE-2022-0494Mar 25, 2022affected < 5.14.0-70.22.1.el9_0fixed 5.14.0-70.22.1.el9_0
A kernel information leak flaw was identified in the scsi_ioctl function in drivers/scsi/scsi_ioctl.c in the Linux kernel. This flaw allows a local attacker with a special user privilege (CAP_SYS_ADMIN or CAP_SYS_RAWIO) to create issues with confidentiality.
- CVE-2022-0322Mar 25, 2022affected < 4.18.0-372.9.1.el8fixed 4.18.0-372.9.1.el8
A flaw was found in the sctp_make_strreset_req function in net/sctp/sm_make_chunk.c in the SCTP network protocol in the Linux kernel with a local user privilege access. In this flaw, an attempt to use more buffer than is allocated triggers a BUG_ON issue, leading to a denial of s
- CVE-2021-4157Mar 25, 2022affected < 4.18.0-372.9.1.el8fixed 4.18.0-372.9.1.el8
An out of memory bounds write flaw (1 or 2 bytes of memory) in the Linux kernel NFS subsystem was found in the way users use mirroring (replication of files with NFS). A user, having access to the NFS mount, could potentially use this flaw to crash the system or escalate privileg
- CVE-2021-4203Mar 25, 2022affected < 4.18.0-372.9.1.el8fixed 4.18.0-372.9.1.el8
A use-after-free read flaw was found in sock_getsockopt() in net/core/sock.c due to SO_PEERCRED and SO_PEERGROUPS race with listen() (and connect()) in the Linux kernel. In this flaw, an attacker with a user privileges may crash the system or leak internal kernel information.
- CVE-2021-4197Mar 23, 2022affected < 4.18.0-372.9.1.el8fixed 4.18.0-372.9.1.el8
An unprivileged write to the file handler flaw in the Linux kernel's control groups and namespaces subsystem was found in the way users have access to some less privileged process that are controlled by cgroups and have higher privileged parent process. It is actually both for cg
- CVE-2022-0854Mar 23, 2022affected < 4.18.0-425.3.1.el8fixed 4.18.0-425.3.1.el8
A memory leak flaw was found in the Linux kernel’s DMA subsystem, in the way a user calls DMA_FROM_DEVICE. This flaw allows a local user to read random memory from the kernel space.
- CVE-2022-27666Mar 23, 2022affected < 5.14.0-70.17.1.el9_0fixed 5.14.0-70.17.1.el9_0
A heap buffer overflow flaw was found in IPsec ESP transformation code in net/ipv4/esp4.c and net/ipv6/esp6.c. This flaw allows a local attacker with a normal user privilege to overwrite kernel heap objects and may cause a local privilege escalation threat.
- CVE-2022-1011Mar 18, 2022affected < 4.18.0-372.9.1.el8fixed 4.18.0-372.9.1.el8
A use-after-free flaw was found in the Linux kernel’s FUSE filesystem in the way a user triggers write(). This flaw allows a local user to gain unauthorized access to data from the FUSE filesystem, resulting in privilege escalation.
- CVE-2022-23960Mar 12, 2022affected < 4.18.0-425.3.1.el8fixed 4.18.0-425.3.1.el8
Certain Arm Cortex and Neoverse processors through 2022-03-08 do not properly restrict cache speculation, aka Spectre-BHB. An attacker can leverage the shared branch history in the Branch History Buffer (BHB) to influence mispredicted branches. Then, cache allocation can allow th
- CVE-2022-0002Mar 11, 2022affected < 4.18.0-372.9.1.el8fixed 4.18.0-372.9.1.el8
Non-transparent sharing of branch predictor within a context in some Intel(R) Processors may allow an authorized user to potentially enable information disclosure via local access.
- CVE-2021-26341Mar 11, 2022affected < 5.14.0-284.11.1.el9_2fixed 5.14.0-284.11.1.el9_2
Some AMD CPUs may transiently execute beyond unconditional direct branches, which may potentially result in data leakage.
- CVE-2021-26401Mar 11, 2022affected < 4.18.0-372.9.1.el8fixed 4.18.0-372.9.1.el8
LFENCE/JMP (mitigation V2-2) may not sufficiently mitigate CVE-2017-5715 on some AMD CPUs.
- CVE-2022-0001Mar 11, 2022affected < 4.18.0-372.9.1.el8fixed 4.18.0-372.9.1.el8
Non-transparent sharing of branch predictor selectors between contexts in some Intel(R) Processors may allow an authorized user to potentially enable information disclosure via local access.
- CVE-2021-3744Mar 4, 2022affected < 4.18.0-372.9.1.el8fixed 4.18.0-372.9.1.el8
A memory leak flaw was found in the Linux kernel in the ccp_run_aes_gcm_cmd() function in drivers/crypto/ccp/ccp-ops.c, which allows attackers to cause a denial of service (memory consumption). This vulnerability is similar with the older CVE-2019-18808.
Page 56 of 58