rpm package
almalinux/kernel-tools-libs-devel
pkg:rpm/almalinux/kernel-tools-libs-devel
Vulnerabilities (1,303)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2021-3773 | — | < 4.18.0-372.9.1.el8 | 4.18.0-372.9.1.el8 | Feb 16, 2022 | A flaw in netfilter could allow a network-connected attacker to infer openvpn connection endpoint information for further use in traditional network attacks. | ||
| CVE-2022-0617 | — | < 4.18.0-425.3.1.el8 | 4.18.0-425.3.1.el8 | Feb 16, 2022 | A flaw null pointer dereference in the Linux kernel UDF file system functionality was found in the way user triggers udf_file_write_iter function for the malicious UDF image. A local user could use this flaw to crash the system. Actual from Linux kernel 4.2-rc1 till 5.17-rc2. | ||
| CVE-2022-0185 | — | KEV | < 4.18.0-348.12.2.el8_5 | 4.18.0-348.12.2.el8_5 | Feb 11, 2022 | A heap-based buffer overflow flaw was found in the way the legacy_parse_param function in the Filesystem Context functionality of the Linux kernel verified the supplied parameters length. An unprivileged (in case of unprivileged user namespaces enabled, otherwise needs namespaced | |
| CVE-2021-4154 | — | < 4.18.0-348.20.1.el8_5 | 4.18.0-348.20.1.el8_5 | Feb 4, 2022 | A use-after-free flaw was found in cgroup1_parse_param in kernel/cgroup/cgroup-v1.c in the Linux kernel's cgroup v1 parser. A local attacker with a user privilege could cause a privilege escalation by exploiting the fsconfig syscall parameter leading to a container breakout and a | ||
| CVE-2022-24448 | — | < 4.18.0-425.3.1.el8 | 4.18.0-425.3.1.el8 | Feb 4, 2022 | An issue was discovered in fs/nfs/dir.c in the Linux kernel before 5.16.5. If an application sets the O_DIRECTORY flag, and tries to open a regular file, nfs_atomic_open() performs a regular lookup. If a regular file is found, ENOTDIR should occur, but the server instead returns | ||
| CVE-2022-0286 | — | < 4.18.0-372.9.1.el8 | 4.18.0-372.9.1.el8 | Jan 31, 2022 | A flaw was found in the Linux kernel. A null pointer dereference in bond_ipsec_add_sa() may lead to local denial of service. | ||
| CVE-2021-4083 | — | < 4.18.0-372.9.1.el8 | 4.18.0-372.9.1.el8 | Jan 18, 2022 | A read-after-free memory flaw was found in the Linux kernel's garbage collection for Unix domain socket file handlers in the way users call close() and fget() simultaneously and can potentially trigger a race condition. This flaw allows a local user to crash the system or escalat | ||
| CVE-2021-45485 | — | < 4.18.0-372.9.1.el8 | 4.18.0-372.9.1.el8 | Dec 25, 2021 | In the IPv6 implementation in the Linux kernel before 5.13.3, net/ipv6/output_core.c has an information leak because of certain use of a hash table which, although big, doesn't properly consider that IPv6-based attackers can typically choose among many IPv6 source addresses. | ||
| CVE-2021-45486 | — | < 4.18.0-372.9.1.el8 | 4.18.0-372.9.1.el8 | Dec 25, 2021 | In the IPv4 implementation in the Linux kernel before 5.12.4, net/ipv4/route.c has an information leak because the hash table is very small. | ||
| CVE-2021-44733 | — | < 4.18.0-372.9.1.el8 | 4.18.0-372.9.1.el8 | Dec 22, 2021 | A use-after-free exists in drivers/tee/tee_shm.c in the TEE subsystem in the Linux kernel through 5.15.11. This occurs because of a race condition in tee_shm_get_from_id during an attempt to free a shared memory object. | ||
| CVE-2021-0920 | — | KEV | < 4.18.0-348.20.1.el8_5 | 4.18.0-348.20.1.el8_5 | Dec 15, 2021 | In unix_scm_to_skb of af_unix.c, there is a possible use after free bug due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndro | |
| CVE-2021-43975 | — | < 4.18.0-513.5.1.el8_9 | 4.18.0-513.5.1.el8_9 | Nov 17, 2021 | In the Linux kernel through 5.15.2, hw_atl_utils_fw_rpc_wait in drivers/net/ethernet/aquantia/atlantic/hw_atl/hw_atl_utils.c allows an attacker (who can introduce a crafted device) to trigger an out-of-bounds write via a crafted length value. | ||
| CVE-2021-43976 | — | < 4.18.0-372.9.1.el8 | 4.18.0-372.9.1.el8 | Nov 17, 2021 | In the Linux kernel through 5.15.2, mwifiex_usb_recv in drivers/net/wireless/marvell/mwifiex/usb.c allows an attacker (who can connect a crafted USB device) to cause a denial of service (skb_over_panic). | ||
| CVE-2021-43389 | — | < 4.18.0-372.9.1.el8 | 4.18.0-372.9.1.el8 | Nov 4, 2021 | An issue was discovered in the Linux kernel before 5.14.15. There is an array-index-out-of-bounds flaw in the detach_capi_ctr function in drivers/isdn/capi/kcapi.c. | ||
| CVE-2020-27820 | — | < 4.18.0-372.9.1.el8 | 4.18.0-372.9.1.el8 | Nov 2, 2021 | A vulnerability was found in Linux kernel, where a use-after-frees in nouveau's postclose() handler could happen if removing device (that is not common to remove video card physically without power-off, but same happens if "unbind" the driver). | ||
| CVE-2021-43267 | — | < 4.18.0-348.2.1.el8_5 | 4.18.0-348.2.1.el8_5 | Nov 2, 2021 | An issue was discovered in net/tipc/crypto.c in the Linux kernel before 5.14.16. The Transparent Inter-Process Communication (TIPC) functionality allows remote attackers to exploit insufficient validation of user-supplied sizes for the MSG_CRYPTO message type. | ||
| CVE-2021-43056 | — | < 4.18.0-372.9.1.el8 | 4.18.0-372.9.1.el8 | Oct 28, 2021 | An issue was discovered in the Linux kernel for powerpc before 5.14.15. It allows a malicious KVM guest to crash the host, when the host is running on Power8, due to an arch/powerpc/kvm/book3s_hv_rmhandlers.S implementation bug in the handling of the SRR1 register values. | ||
| CVE-2021-0941 | — | < 4.18.0-372.9.1.el8 | 4.18.0-372.9.1.el8 | Oct 25, 2021 | In bpf_skb_change_head of filter.c, there is a possible out of bounds read due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAn | ||
| CVE-2021-42739 | — | < 4.18.0-372.9.1.el8 | 4.18.0-372.9.1.el8 | Oct 20, 2021 | The firewire subsystem in the Linux kernel through 5.14.13 has a buffer overflow related to drivers/media/firewire/firedtv-avc.c and drivers/media/firewire/firedtv-ci.c, because avc_ca_pmt mishandles bounds checking. | ||
| CVE-2021-41864 | — | < 4.18.0-372.9.1.el8 | 4.18.0-372.9.1.el8 | Oct 1, 2021 | prealloc_elems_and_freelist in kernel/bpf/stackmap.c in the Linux kernel before 5.14.12 allows unprivileged users to trigger an eBPF multiplication integer overflow with a resultant out-of-bounds write. |
- CVE-2021-3773Feb 16, 2022affected < 4.18.0-372.9.1.el8fixed 4.18.0-372.9.1.el8
A flaw in netfilter could allow a network-connected attacker to infer openvpn connection endpoint information for further use in traditional network attacks.
- CVE-2022-0617Feb 16, 2022affected < 4.18.0-425.3.1.el8fixed 4.18.0-425.3.1.el8
A flaw null pointer dereference in the Linux kernel UDF file system functionality was found in the way user triggers udf_file_write_iter function for the malicious UDF image. A local user could use this flaw to crash the system. Actual from Linux kernel 4.2-rc1 till 5.17-rc2.
- affected < 4.18.0-348.12.2.el8_5fixed 4.18.0-348.12.2.el8_5
A heap-based buffer overflow flaw was found in the way the legacy_parse_param function in the Filesystem Context functionality of the Linux kernel verified the supplied parameters length. An unprivileged (in case of unprivileged user namespaces enabled, otherwise needs namespaced
- CVE-2021-4154Feb 4, 2022affected < 4.18.0-348.20.1.el8_5fixed 4.18.0-348.20.1.el8_5
A use-after-free flaw was found in cgroup1_parse_param in kernel/cgroup/cgroup-v1.c in the Linux kernel's cgroup v1 parser. A local attacker with a user privilege could cause a privilege escalation by exploiting the fsconfig syscall parameter leading to a container breakout and a
- CVE-2022-24448Feb 4, 2022affected < 4.18.0-425.3.1.el8fixed 4.18.0-425.3.1.el8
An issue was discovered in fs/nfs/dir.c in the Linux kernel before 5.16.5. If an application sets the O_DIRECTORY flag, and tries to open a regular file, nfs_atomic_open() performs a regular lookup. If a regular file is found, ENOTDIR should occur, but the server instead returns
- CVE-2022-0286Jan 31, 2022affected < 4.18.0-372.9.1.el8fixed 4.18.0-372.9.1.el8
A flaw was found in the Linux kernel. A null pointer dereference in bond_ipsec_add_sa() may lead to local denial of service.
- CVE-2021-4083Jan 18, 2022affected < 4.18.0-372.9.1.el8fixed 4.18.0-372.9.1.el8
A read-after-free memory flaw was found in the Linux kernel's garbage collection for Unix domain socket file handlers in the way users call close() and fget() simultaneously and can potentially trigger a race condition. This flaw allows a local user to crash the system or escalat
- CVE-2021-45485Dec 25, 2021affected < 4.18.0-372.9.1.el8fixed 4.18.0-372.9.1.el8
In the IPv6 implementation in the Linux kernel before 5.13.3, net/ipv6/output_core.c has an information leak because of certain use of a hash table which, although big, doesn't properly consider that IPv6-based attackers can typically choose among many IPv6 source addresses.
- CVE-2021-45486Dec 25, 2021affected < 4.18.0-372.9.1.el8fixed 4.18.0-372.9.1.el8
In the IPv4 implementation in the Linux kernel before 5.12.4, net/ipv4/route.c has an information leak because the hash table is very small.
- CVE-2021-44733Dec 22, 2021affected < 4.18.0-372.9.1.el8fixed 4.18.0-372.9.1.el8
A use-after-free exists in drivers/tee/tee_shm.c in the TEE subsystem in the Linux kernel through 5.15.11. This occurs because of a race condition in tee_shm_get_from_id during an attempt to free a shared memory object.
- affected < 4.18.0-348.20.1.el8_5fixed 4.18.0-348.20.1.el8_5
In unix_scm_to_skb of af_unix.c, there is a possible use after free bug due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndro
- CVE-2021-43975Nov 17, 2021affected < 4.18.0-513.5.1.el8_9fixed 4.18.0-513.5.1.el8_9
In the Linux kernel through 5.15.2, hw_atl_utils_fw_rpc_wait in drivers/net/ethernet/aquantia/atlantic/hw_atl/hw_atl_utils.c allows an attacker (who can introduce a crafted device) to trigger an out-of-bounds write via a crafted length value.
- CVE-2021-43976Nov 17, 2021affected < 4.18.0-372.9.1.el8fixed 4.18.0-372.9.1.el8
In the Linux kernel through 5.15.2, mwifiex_usb_recv in drivers/net/wireless/marvell/mwifiex/usb.c allows an attacker (who can connect a crafted USB device) to cause a denial of service (skb_over_panic).
- CVE-2021-43389Nov 4, 2021affected < 4.18.0-372.9.1.el8fixed 4.18.0-372.9.1.el8
An issue was discovered in the Linux kernel before 5.14.15. There is an array-index-out-of-bounds flaw in the detach_capi_ctr function in drivers/isdn/capi/kcapi.c.
- CVE-2020-27820Nov 2, 2021affected < 4.18.0-372.9.1.el8fixed 4.18.0-372.9.1.el8
A vulnerability was found in Linux kernel, where a use-after-frees in nouveau's postclose() handler could happen if removing device (that is not common to remove video card physically without power-off, but same happens if "unbind" the driver).
- CVE-2021-43267Nov 2, 2021affected < 4.18.0-348.2.1.el8_5fixed 4.18.0-348.2.1.el8_5
An issue was discovered in net/tipc/crypto.c in the Linux kernel before 5.14.16. The Transparent Inter-Process Communication (TIPC) functionality allows remote attackers to exploit insufficient validation of user-supplied sizes for the MSG_CRYPTO message type.
- CVE-2021-43056Oct 28, 2021affected < 4.18.0-372.9.1.el8fixed 4.18.0-372.9.1.el8
An issue was discovered in the Linux kernel for powerpc before 5.14.15. It allows a malicious KVM guest to crash the host, when the host is running on Power8, due to an arch/powerpc/kvm/book3s_hv_rmhandlers.S implementation bug in the handling of the SRR1 register values.
- CVE-2021-0941Oct 25, 2021affected < 4.18.0-372.9.1.el8fixed 4.18.0-372.9.1.el8
In bpf_skb_change_head of filter.c, there is a possible out of bounds read due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAn
- CVE-2021-42739Oct 20, 2021affected < 4.18.0-372.9.1.el8fixed 4.18.0-372.9.1.el8
The firewire subsystem in the Linux kernel through 5.14.13 has a buffer overflow related to drivers/media/firewire/firedtv-avc.c and drivers/media/firewire/firedtv-ci.c, because avc_ca_pmt mishandles bounds checking.
- CVE-2021-41864Oct 1, 2021affected < 4.18.0-372.9.1.el8fixed 4.18.0-372.9.1.el8
prealloc_elems_and_freelist in kernel/bpf/stackmap.c in the Linux kernel before 5.14.12 allows unprivileged users to trigger an eBPF multiplication integer overflow with a resultant out-of-bounds write.
Page 58 of 66