rpm package
almalinux/kernel-tools-libs-devel
pkg:rpm/almalinux/kernel-tools-libs-devel
Vulnerabilities (1,303)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2021-26341 | — | < 5.14.0-284.11.1.el9_2 | 5.14.0-284.11.1.el9_2 | Mar 11, 2022 | Some AMD CPUs may transiently execute beyond unconditional direct branches, which may potentially result in data leakage. | ||
| CVE-2021-26401 | — | < 4.18.0-372.9.1.el8 | 4.18.0-372.9.1.el8 | Mar 11, 2022 | LFENCE/JMP (mitigation V2-2) may not sufficiently mitigate CVE-2017-5715 on some AMD CPUs. | ||
| CVE-2022-0001 | — | < 4.18.0-372.9.1.el8 | 4.18.0-372.9.1.el8 | Mar 11, 2022 | Non-transparent sharing of branch predictor selectors between contexts in some Intel(R) Processors may allow an authorized user to potentially enable information disclosure via local access. | ||
| CVE-2022-0516 | — | < 4.18.0-348.20.1.el8_5 | 4.18.0-348.20.1.el8_5 | Mar 8, 2022 | A vulnerability was found in kvm_s390_guest_sida_op in the arch/s390/kvm/kvm-s390.c function in KVM for s390 in the Linux kernel. This flaw allows a local attacker with a normal user privilege to obtain unauthorized memory write access. This flaw affects Linux kernel versions pri | ||
| CVE-2021-3732 | — | < 4.18.0-348.el8 | 4.18.0-348.el8 | Mar 7, 2022 | A flaw was found in the Linux kernel's OverlayFS subsystem in the way the user mounts the TmpFS filesystem with OverlayFS. This flaw allows a local user to gain access to hidden files that should not be accessible. | ||
| CVE-2022-0847 | — | KEV | < 4.18.0-348.20.1.el8_5 | 4.18.0-348.20.1.el8_5 | Mar 7, 2022 | A flaw was found in the way the "flags" member of the new pipe buffer structure was lacking proper initialization in copy_page_to_iter_pipe and push_pipe functions in the Linux kernel and could thus contain stale values. An unprivileged local user could use this flaw to write to | |
| CVE-2021-3656 | — | < 4.18.0-305.25.1.el8_4 | 4.18.0-305.25.1.el8_4 | Mar 4, 2022 | A flaw was found in the KVM's AMD code for supporting SVM nested virtualization. The flaw occurs when processing the VMCB (virtual machine control block) provided by the L1 guest to spawn/handle a nested guest (L2). Due to improper validation of the "virt_ext" field, this issue c | ||
| CVE-2021-3744 | — | < 4.18.0-372.9.1.el8 | 4.18.0-372.9.1.el8 | Mar 4, 2022 | A memory leak flaw was found in the Linux kernel in the ccp_run_aes_gcm_cmd() function in drivers/crypto/ccp/ccp-ops.c, which allows attackers to cause a denial of service (memory consumption). This vulnerability is similar with the older CVE-2019-18808. | ||
| CVE-2021-3743 | — | < 4.18.0-372.9.1.el8 | 4.18.0-372.9.1.el8 | Mar 4, 2022 | An out-of-bounds (OOB) memory read flaw was found in the Qualcomm IPC router protocol in the Linux kernel. A missing sanity check allows a local attacker to gain access to out-of-bounds memory, leading to a system crash or a leak of internal kernel information. The highest threat | ||
| CVE-2021-3640 | — | < 4.18.0-425.3.1.el8 | 4.18.0-425.3.1.el8 | Mar 3, 2022 | A flaw use-after-free in function sco_sock_sendmsg() of the Linux kernel HCI subsystem was found in the way user calls ioct UFFDIO_REGISTER or other way triggers race condition of the call sco_conn_del() together with the call sco_sock_sendmsg() with the expected controllable fau | ||
| CVE-2021-4002 | — | < 4.18.0-372.9.1.el8 | 4.18.0-372.9.1.el8 | Mar 3, 2022 | A memory leak flaw in the Linux kernel's hugetlbfs memory usage was found in the way the user maps some regions of memory twice using shmget() which are aligned to PUD alignment with the fault of some of the memory pages. A local user could use this flaw to get unauthorized acces | ||
| CVE-2021-3609 | — | < 4.18.0-305.12.1.el8_4 | 4.18.0-305.12.1.el8_4 | Mar 3, 2022 | .A flaw was found in the CAN BCM networking protocol in the Linux kernel, where a local attacker can abuse a flaw in the CAN subsystem to corrupt memory, crash the system or escalate privileges. This race condition in net/can/bcm.c in the Linux kernel allows for local privilege e | ||
| CVE-2022-0492 | — | < 4.18.0-348.20.1.el8_5 | 4.18.0-348.20.1.el8_5 | Mar 3, 2022 | A vulnerability was found in the Linux kernel’s cgroup_release_agent_write in the kernel/cgroup/cgroup-v1.c function. This flaw, under certain circumstances, allows the use of the cgroups v1 release_agent feature to escalate privileges and bypass the namespace isolation unexpecte | ||
| CVE-2021-3772 | — | < 4.18.0-372.9.1.el8 | 4.18.0-372.9.1.el8 | Mar 2, 2022 | A flaw was found in the Linux SCTP stack. A blind attacker may be able to kill an existing SCTP association through invalid chunks if the attacker knows the IP-addresses and port numbers being used and the attacker can send packets with spoofed IP addresses. | ||
| CVE-2020-36516 | — | < 4.18.0-425.3.1.el8 | 4.18.0-425.3.1.el8 | Feb 26, 2022 | An issue was discovered in the Linux kernel through 5.16.11. The mixed IPID assignment method with the hash-based IPID assignment policy allows an off-path attacker to inject data into a victim's TCP session or terminate that session. | ||
| CVE-2022-25636 | — | < 4.18.0-348.23.1.el8_5 | 4.18.0-348.23.1.el8_5 | Feb 22, 2022 | net/netfilter/nf_dup_netdev.c in the Linux kernel 5.4 through 5.6.10 allows local users to gain privileges because of a heap out-of-bounds write. This is related to nf_tables_offload. | ||
| CVE-2021-20322 | — | < 4.18.0-372.9.1.el8 | 4.18.0-372.9.1.el8 | Feb 18, 2022 | A flaw in the processing of received ICMP errors (ICMP fragment needed and ICMP redirect) in the Linux kernel functionality was found to allow the ability to quickly scan open UDP ports. This flaw allows an off-path remote user to effectively bypass the source port UDP randomizat | ||
| CVE-2021-20321 | — | < 4.18.0-348.7.1.el8_5 | 4.18.0-348.7.1.el8_5 | Feb 18, 2022 | A race condition accessing file object in the Linux kernel OverlayFS subsystem was found in the way users do rename in specific way with OverlayFS. A local user could use this flaw to crash the system. | ||
| CVE-2022-25265 | — | < 4.18.0-477.10.1.el8_8 | 4.18.0-477.10.1.el8_8 | Feb 16, 2022 | In the Linux kernel through 5.16.10, certain binary files may have the exec-all attribute if they were built in approximately 2003 (e.g., with GCC 3.2.2 and Linux kernel 2.4.20). This can cause execution of bytes located in supposedly non-executable regions of a file. | ||
| CVE-2021-3752 | — | < 4.18.0-372.9.1.el8 | 4.18.0-372.9.1.el8 | Feb 16, 2022 | A use-after-free flaw was found in the Linux kernel’s Bluetooth subsystem in the way user calls connect to the socket and disconnect simultaneously due to a race condition. This flaw allows a user to crash the system or escalate their privileges. The highest threat from this vuln |
- CVE-2021-26341Mar 11, 2022affected < 5.14.0-284.11.1.el9_2fixed 5.14.0-284.11.1.el9_2
Some AMD CPUs may transiently execute beyond unconditional direct branches, which may potentially result in data leakage.
- CVE-2021-26401Mar 11, 2022affected < 4.18.0-372.9.1.el8fixed 4.18.0-372.9.1.el8
LFENCE/JMP (mitigation V2-2) may not sufficiently mitigate CVE-2017-5715 on some AMD CPUs.
- CVE-2022-0001Mar 11, 2022affected < 4.18.0-372.9.1.el8fixed 4.18.0-372.9.1.el8
Non-transparent sharing of branch predictor selectors between contexts in some Intel(R) Processors may allow an authorized user to potentially enable information disclosure via local access.
- CVE-2022-0516Mar 8, 2022affected < 4.18.0-348.20.1.el8_5fixed 4.18.0-348.20.1.el8_5
A vulnerability was found in kvm_s390_guest_sida_op in the arch/s390/kvm/kvm-s390.c function in KVM for s390 in the Linux kernel. This flaw allows a local attacker with a normal user privilege to obtain unauthorized memory write access. This flaw affects Linux kernel versions pri
- CVE-2021-3732Mar 7, 2022affected < 4.18.0-348.el8fixed 4.18.0-348.el8
A flaw was found in the Linux kernel's OverlayFS subsystem in the way the user mounts the TmpFS filesystem with OverlayFS. This flaw allows a local user to gain access to hidden files that should not be accessible.
- affected < 4.18.0-348.20.1.el8_5fixed 4.18.0-348.20.1.el8_5
A flaw was found in the way the "flags" member of the new pipe buffer structure was lacking proper initialization in copy_page_to_iter_pipe and push_pipe functions in the Linux kernel and could thus contain stale values. An unprivileged local user could use this flaw to write to
- CVE-2021-3656Mar 4, 2022affected < 4.18.0-305.25.1.el8_4fixed 4.18.0-305.25.1.el8_4
A flaw was found in the KVM's AMD code for supporting SVM nested virtualization. The flaw occurs when processing the VMCB (virtual machine control block) provided by the L1 guest to spawn/handle a nested guest (L2). Due to improper validation of the "virt_ext" field, this issue c
- CVE-2021-3744Mar 4, 2022affected < 4.18.0-372.9.1.el8fixed 4.18.0-372.9.1.el8
A memory leak flaw was found in the Linux kernel in the ccp_run_aes_gcm_cmd() function in drivers/crypto/ccp/ccp-ops.c, which allows attackers to cause a denial of service (memory consumption). This vulnerability is similar with the older CVE-2019-18808.
- CVE-2021-3743Mar 4, 2022affected < 4.18.0-372.9.1.el8fixed 4.18.0-372.9.1.el8
An out-of-bounds (OOB) memory read flaw was found in the Qualcomm IPC router protocol in the Linux kernel. A missing sanity check allows a local attacker to gain access to out-of-bounds memory, leading to a system crash or a leak of internal kernel information. The highest threat
- CVE-2021-3640Mar 3, 2022affected < 4.18.0-425.3.1.el8fixed 4.18.0-425.3.1.el8
A flaw use-after-free in function sco_sock_sendmsg() of the Linux kernel HCI subsystem was found in the way user calls ioct UFFDIO_REGISTER or other way triggers race condition of the call sco_conn_del() together with the call sco_sock_sendmsg() with the expected controllable fau
- CVE-2021-4002Mar 3, 2022affected < 4.18.0-372.9.1.el8fixed 4.18.0-372.9.1.el8
A memory leak flaw in the Linux kernel's hugetlbfs memory usage was found in the way the user maps some regions of memory twice using shmget() which are aligned to PUD alignment with the fault of some of the memory pages. A local user could use this flaw to get unauthorized acces
- CVE-2021-3609Mar 3, 2022affected < 4.18.0-305.12.1.el8_4fixed 4.18.0-305.12.1.el8_4
.A flaw was found in the CAN BCM networking protocol in the Linux kernel, where a local attacker can abuse a flaw in the CAN subsystem to corrupt memory, crash the system or escalate privileges. This race condition in net/can/bcm.c in the Linux kernel allows for local privilege e
- CVE-2022-0492Mar 3, 2022affected < 4.18.0-348.20.1.el8_5fixed 4.18.0-348.20.1.el8_5
A vulnerability was found in the Linux kernel’s cgroup_release_agent_write in the kernel/cgroup/cgroup-v1.c function. This flaw, under certain circumstances, allows the use of the cgroups v1 release_agent feature to escalate privileges and bypass the namespace isolation unexpecte
- CVE-2021-3772Mar 2, 2022affected < 4.18.0-372.9.1.el8fixed 4.18.0-372.9.1.el8
A flaw was found in the Linux SCTP stack. A blind attacker may be able to kill an existing SCTP association through invalid chunks if the attacker knows the IP-addresses and port numbers being used and the attacker can send packets with spoofed IP addresses.
- CVE-2020-36516Feb 26, 2022affected < 4.18.0-425.3.1.el8fixed 4.18.0-425.3.1.el8
An issue was discovered in the Linux kernel through 5.16.11. The mixed IPID assignment method with the hash-based IPID assignment policy allows an off-path attacker to inject data into a victim's TCP session or terminate that session.
- CVE-2022-25636Feb 22, 2022affected < 4.18.0-348.23.1.el8_5fixed 4.18.0-348.23.1.el8_5
net/netfilter/nf_dup_netdev.c in the Linux kernel 5.4 through 5.6.10 allows local users to gain privileges because of a heap out-of-bounds write. This is related to nf_tables_offload.
- CVE-2021-20322Feb 18, 2022affected < 4.18.0-372.9.1.el8fixed 4.18.0-372.9.1.el8
A flaw in the processing of received ICMP errors (ICMP fragment needed and ICMP redirect) in the Linux kernel functionality was found to allow the ability to quickly scan open UDP ports. This flaw allows an off-path remote user to effectively bypass the source port UDP randomizat
- CVE-2021-20321Feb 18, 2022affected < 4.18.0-348.7.1.el8_5fixed 4.18.0-348.7.1.el8_5
A race condition accessing file object in the Linux kernel OverlayFS subsystem was found in the way users do rename in specific way with OverlayFS. A local user could use this flaw to crash the system.
- CVE-2022-25265Feb 16, 2022affected < 4.18.0-477.10.1.el8_8fixed 4.18.0-477.10.1.el8_8
In the Linux kernel through 5.16.10, certain binary files may have the exec-all attribute if they were built in approximately 2003 (e.g., with GCC 3.2.2 and Linux kernel 2.4.20). This can cause execution of bytes located in supposedly non-executable regions of a file.
- CVE-2021-3752Feb 16, 2022affected < 4.18.0-372.9.1.el8fixed 4.18.0-372.9.1.el8
A use-after-free flaw was found in the Linux kernel’s Bluetooth subsystem in the way user calls connect to the socket and disconnect simultaneously due to a race condition. This flaw allows a user to crash the system or escalate their privileges. The highest threat from this vuln
Page 57 of 66