rpm package
almalinux/kernel-doc
pkg:rpm/almalinux/kernel-doc
Vulnerabilities (1,264)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2020-0404 | Med | 5.5 | < 4.18.0-372.9.1.el8 | 4.18.0-372.9.1.el8 | Sep 17, 2020 | In uvc_scan_chain_forward of uvc_driver.c, there is a possible linked list corruption due to an unusual root cause. This could lead to local escalation of privilege in the kernel with no additional execution privileges needed. User interaction is not needed for exploitation.Produ | |
| CVE-2020-13974 | Hig | 7.8 | < 4.18.0-372.9.1.el8 | 4.18.0-372.9.1.el8 | Jun 9, 2020 | An issue was discovered in the Linux kernel 4.4 through 5.7.1. drivers/tty/vt/keyboard.c has an integer overflow if k_ascii is called several times in a row, aka CID-b86dab054059. NOTE: Members in the community argue that the integer overflow does not lead to a security issue in | |
| CVE-2018-13405 | Hig | 7.8 | < 4.18.0-372.9.1.el8 | 4.18.0-372.9.1.el8 | Jul 6, 2018 | The inode_init_owner function in fs/inode.c in the Linux kernel through 3.16 allows local users to create files with an unintended group ownership, in a scenario where a directory is SGID to a certain group and is writable by a user who is not a member of that group. Here, the no | |
| CVE-2017-5715 | Med | 5.6 | < 4.18.0-372.9.1.el8 | 4.18.0-372.9.1.el8 | Jan 4, 2018 | Systems with microprocessors utilizing speculative execution and indirect branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis. |
- affected < 4.18.0-372.9.1.el8fixed 4.18.0-372.9.1.el8
In uvc_scan_chain_forward of uvc_driver.c, there is a possible linked list corruption due to an unusual root cause. This could lead to local escalation of privilege in the kernel with no additional execution privileges needed. User interaction is not needed for exploitation.Produ
- affected < 4.18.0-372.9.1.el8fixed 4.18.0-372.9.1.el8
An issue was discovered in the Linux kernel 4.4 through 5.7.1. drivers/tty/vt/keyboard.c has an integer overflow if k_ascii is called several times in a row, aka CID-b86dab054059. NOTE: Members in the community argue that the integer overflow does not lead to a security issue in
- affected < 4.18.0-372.9.1.el8fixed 4.18.0-372.9.1.el8
The inode_init_owner function in fs/inode.c in the Linux kernel through 3.16 allows local users to create files with an unintended group ownership, in a scenario where a directory is SGID to a certain group and is writable by a user who is not a member of that group. Here, the no
- affected < 4.18.0-372.9.1.el8fixed 4.18.0-372.9.1.el8
Systems with microprocessors utilizing speculative execution and indirect branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis.
Page 64 of 64