rpm package
almalinux/kernel-tools-libs-devel
pkg:rpm/almalinux/kernel-tools-libs-devel
Vulnerabilities (1,303)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2021-3501 | — | < 4.18.0-305.3.1.el8_4 | 4.18.0-305.3.1.el8_4 | May 5, 2021 | A flaw was found in the Linux kernel in versions before 5.12. The value of internal.ndata, in the KVM API, is mapped to an array index, which can be updated by a user process at anytime which could lead to an out-of-bounds write. The highest threat from this vulnerability is to d | ||
| CVE-2021-23133 | — | < 4.18.0-348.el8 | 4.18.0-348.el8 | Apr 22, 2021 | A race condition in Linux kernel SCTP sockets (net/sctp/socket.c) before 5.12-rc8 can lead to kernel privilege escalation from the context of a network service or an unprivileged process. If sctp_destroy_sock is called without sock_net(sk)->sctp.addr_wq_lock then an element is re | ||
| CVE-2021-29155 | — | < 4.18.0-348.el8 | 4.18.0-348.el8 | Apr 20, 2021 | An issue was discovered in the Linux kernel through 5.11.x. kernel/bpf/verifier.c performs undesirable out-of-bounds speculation on pointer arithmetic, leading to side-channel attacks that defeat Spectre mitigations and obtain sensitive information from kernel memory. Specificall | ||
| CVE-2020-36322 | — | < 4.18.0-305.el8 | 4.18.0-305.el8 | Apr 14, 2021 | An issue was discovered in the FUSE filesystem implementation in the Linux kernel before 5.10.6, aka CID-5d069dbe8aaf. fuse_do_getattr() calls make_bad_inode() in inappropriate situations, causing a system crash. NOTE: the original fix for this vulnerability was incomplete, and i | ||
| CVE-2021-29154 | — | < 4.18.0-372.9.1.el8 | 4.18.0-372.9.1.el8 | Apr 8, 2021 | BPF JIT compilers in the Linux kernel through 5.11.12 have incorrect computation of branch displacements, allowing them to execute arbitrary code within the kernel context. This affects arch/x86/net/bpf_jit_comp.c and arch/x86/net/bpf_jit_comp32.c. | ||
| CVE-2021-30002 | — | < 4.18.0-425.3.1.el8 | 4.18.0-425.3.1.el8 | Apr 2, 2021 | An issue was discovered in the Linux kernel before 5.11.3 when a webcam device exists. video_usercopy in drivers/media/v4l2-core/v4l2-ioctl.c has a memory leak for large arguments, aka CID-fb18802a338b. | ||
| CVE-2021-29646 | — | < 4.18.0-348.el8 | 4.18.0-348.el8 | Mar 30, 2021 | An issue was discovered in the Linux kernel before 5.11.11. tipc_nl_retrieve_key in net/tipc/node.c does not properly validate certain data sizes, aka CID-0217ed2848e8. | ||
| CVE-2021-29650 | — | < 4.18.0-348.el8 | 4.18.0-348.el8 | Mar 30, 2021 | An issue was discovered in the Linux kernel before 5.11.11. The netfilter subsystem allows attackers to cause a denial of service (panic) because net/netfilter/x_tables.c and include/linux/netfilter/x_tables.h lack a full memory barrier upon the assignment of a new table value, a | ||
| CVE-2020-35508 | — | < 4.18.0-305.el8 | 4.18.0-305.el8 | Mar 26, 2021 | A flaw possibility of race condition and incorrect initialization of the process id was found in the Linux kernel child/parent process identification handling while filtering signal handlers. A local attacker is able to abuse this flaw to bypass checks to send any signal to a pri | ||
| CVE-2021-28971 | — | < 4.18.0-348.el8 | 4.18.0-348.el8 | Mar 22, 2021 | In intel_pmu_drain_pebs_nhm in arch/x86/events/intel/ds.c in the Linux kernel through 5.11.8 on some Haswell CPUs, userspace applications (such as perf-fuzzer) can cause a system crash because the PEBS status in a PEBS record is mishandled, aka CID-d88d05a9e0b6. | ||
| CVE-2021-28950 | — | < 4.18.0-348.el8 | 4.18.0-348.el8 | Mar 20, 2021 | An issue was discovered in fs/fuse/fuse_i.h in the Linux kernel before 5.11.8. A "stall on CPU" can occur because a retry loop continually finds the same bad inode, aka CID-775c5033a0d1. | ||
| CVE-2021-27365 | — | < 4.18.0-240.22.1.el8_3 | 4.18.0-240.22.1.el8_3 | Mar 7, 2021 | An issue was discovered in the Linux kernel through 5.11.3. Certain iSCSI data structures do not have appropriate length constraints or checks, and can exceed the PAGE_SIZE value. An unprivileged user can send a Netlink message that is associated with iSCSI, and has a length up t | ||
| CVE-2021-27364 | — | < 4.18.0-240.22.1.el8_3 | 4.18.0-240.22.1.el8_3 | Mar 7, 2021 | An issue was discovered in the Linux kernel through 5.11.3. drivers/scsi/scsi_transport_iscsi.c is adversely affected by the ability of an unprivileged user to craft Netlink messages. | ||
| CVE-2021-27363 | — | < 4.18.0-240.22.1.el8_3 | 4.18.0-240.22.1.el8_3 | Mar 7, 2021 | An issue was discovered in the Linux kernel through 5.11.3. A kernel pointer leak can be used to determine the address of the iscsi_transport structure. When an iSCSI transport is registered with the iSCSI subsystem, the transport's handle is available to unprivileged users via t | ||
| CVE-2021-20194 | — | < 4.18.0-348.el8 | 4.18.0-348.el8 | Feb 23, 2021 | There is a vulnerability in the linux kernel versions higher than 5.2 (if kernel compiled with config params CONFIG_BPF_SYSCALL=y , CONFIG_BPF=y , CONFIG_CGROUPS=y , CONFIG_CGROUP_BPF=y , CONFIG_HARDENED_USERCOPY not set, and BPF hook to getsockopt is registered). As result of BP | ||
| CVE-2020-24503 | — | < 4.18.0-348.el8 | 4.18.0-348.el8 | Feb 17, 2021 | Insufficient access control in some Intel(R) Ethernet E810 Adapter drivers for Linux before version 1.0.4 may allow an authenticated user to potentially enable information disclosure via local access. | ||
| CVE-2020-24502 | — | < 4.18.0-348.el8 | 4.18.0-348.el8 | Feb 17, 2021 | Improper input validation in some Intel(R) Ethernet E810 Adapter drivers for Linux before version 1.0.4 and before version 1.4.29.0 for Windows*, may allow an authenticated user to potentially enable a denial of service via local access. | ||
| CVE-2020-24504 | — | < 4.18.0-348.el8 | 4.18.0-348.el8 | Feb 17, 2021 | Uncontrolled resource consumption in some Intel(R) Ethernet E810 Adapter drivers for Linux before version 1.0.4 may allow an authenticated user to potentially enable denial of service via local access. | ||
| CVE-2020-12362 | — | < 4.18.0-305.el8 | 4.18.0-305.el8 | Feb 17, 2021 | Integer overflow in the firmware for some Intel(R) Graphics Drivers for Windows * before version 26.20.100.7212 and before Linux kernel version 5.5 may allow a privileged user to potentially enable an escalation of privilege via local access. | ||
| CVE-2021-26708 | — | < 4.18.0-240.22.1.el8_3 | 4.18.0-240.22.1.el8_3 | Feb 5, 2021 | A local privilege escalation was discovered in the Linux kernel before 5.10.13. Multiple race conditions in the AF_VSOCK implementation are caused by wrong locking in net/vmw_vsock/af_vsock.c. The race conditions were implicitly introduced in the commits that added VSOCK multi-tr |
- CVE-2021-3501May 5, 2021affected < 4.18.0-305.3.1.el8_4fixed 4.18.0-305.3.1.el8_4
A flaw was found in the Linux kernel in versions before 5.12. The value of internal.ndata, in the KVM API, is mapped to an array index, which can be updated by a user process at anytime which could lead to an out-of-bounds write. The highest threat from this vulnerability is to d
- CVE-2021-23133Apr 22, 2021affected < 4.18.0-348.el8fixed 4.18.0-348.el8
A race condition in Linux kernel SCTP sockets (net/sctp/socket.c) before 5.12-rc8 can lead to kernel privilege escalation from the context of a network service or an unprivileged process. If sctp_destroy_sock is called without sock_net(sk)->sctp.addr_wq_lock then an element is re
- CVE-2021-29155Apr 20, 2021affected < 4.18.0-348.el8fixed 4.18.0-348.el8
An issue was discovered in the Linux kernel through 5.11.x. kernel/bpf/verifier.c performs undesirable out-of-bounds speculation on pointer arithmetic, leading to side-channel attacks that defeat Spectre mitigations and obtain sensitive information from kernel memory. Specificall
- CVE-2020-36322Apr 14, 2021affected < 4.18.0-305.el8fixed 4.18.0-305.el8
An issue was discovered in the FUSE filesystem implementation in the Linux kernel before 5.10.6, aka CID-5d069dbe8aaf. fuse_do_getattr() calls make_bad_inode() in inappropriate situations, causing a system crash. NOTE: the original fix for this vulnerability was incomplete, and i
- CVE-2021-29154Apr 8, 2021affected < 4.18.0-372.9.1.el8fixed 4.18.0-372.9.1.el8
BPF JIT compilers in the Linux kernel through 5.11.12 have incorrect computation of branch displacements, allowing them to execute arbitrary code within the kernel context. This affects arch/x86/net/bpf_jit_comp.c and arch/x86/net/bpf_jit_comp32.c.
- CVE-2021-30002Apr 2, 2021affected < 4.18.0-425.3.1.el8fixed 4.18.0-425.3.1.el8
An issue was discovered in the Linux kernel before 5.11.3 when a webcam device exists. video_usercopy in drivers/media/v4l2-core/v4l2-ioctl.c has a memory leak for large arguments, aka CID-fb18802a338b.
- CVE-2021-29646Mar 30, 2021affected < 4.18.0-348.el8fixed 4.18.0-348.el8
An issue was discovered in the Linux kernel before 5.11.11. tipc_nl_retrieve_key in net/tipc/node.c does not properly validate certain data sizes, aka CID-0217ed2848e8.
- CVE-2021-29650Mar 30, 2021affected < 4.18.0-348.el8fixed 4.18.0-348.el8
An issue was discovered in the Linux kernel before 5.11.11. The netfilter subsystem allows attackers to cause a denial of service (panic) because net/netfilter/x_tables.c and include/linux/netfilter/x_tables.h lack a full memory barrier upon the assignment of a new table value, a
- CVE-2020-35508Mar 26, 2021affected < 4.18.0-305.el8fixed 4.18.0-305.el8
A flaw possibility of race condition and incorrect initialization of the process id was found in the Linux kernel child/parent process identification handling while filtering signal handlers. A local attacker is able to abuse this flaw to bypass checks to send any signal to a pri
- CVE-2021-28971Mar 22, 2021affected < 4.18.0-348.el8fixed 4.18.0-348.el8
In intel_pmu_drain_pebs_nhm in arch/x86/events/intel/ds.c in the Linux kernel through 5.11.8 on some Haswell CPUs, userspace applications (such as perf-fuzzer) can cause a system crash because the PEBS status in a PEBS record is mishandled, aka CID-d88d05a9e0b6.
- CVE-2021-28950Mar 20, 2021affected < 4.18.0-348.el8fixed 4.18.0-348.el8
An issue was discovered in fs/fuse/fuse_i.h in the Linux kernel before 5.11.8. A "stall on CPU" can occur because a retry loop continually finds the same bad inode, aka CID-775c5033a0d1.
- CVE-2021-27365Mar 7, 2021affected < 4.18.0-240.22.1.el8_3fixed 4.18.0-240.22.1.el8_3
An issue was discovered in the Linux kernel through 5.11.3. Certain iSCSI data structures do not have appropriate length constraints or checks, and can exceed the PAGE_SIZE value. An unprivileged user can send a Netlink message that is associated with iSCSI, and has a length up t
- CVE-2021-27364Mar 7, 2021affected < 4.18.0-240.22.1.el8_3fixed 4.18.0-240.22.1.el8_3
An issue was discovered in the Linux kernel through 5.11.3. drivers/scsi/scsi_transport_iscsi.c is adversely affected by the ability of an unprivileged user to craft Netlink messages.
- CVE-2021-27363Mar 7, 2021affected < 4.18.0-240.22.1.el8_3fixed 4.18.0-240.22.1.el8_3
An issue was discovered in the Linux kernel through 5.11.3. A kernel pointer leak can be used to determine the address of the iscsi_transport structure. When an iSCSI transport is registered with the iSCSI subsystem, the transport's handle is available to unprivileged users via t
- CVE-2021-20194Feb 23, 2021affected < 4.18.0-348.el8fixed 4.18.0-348.el8
There is a vulnerability in the linux kernel versions higher than 5.2 (if kernel compiled with config params CONFIG_BPF_SYSCALL=y , CONFIG_BPF=y , CONFIG_CGROUPS=y , CONFIG_CGROUP_BPF=y , CONFIG_HARDENED_USERCOPY not set, and BPF hook to getsockopt is registered). As result of BP
- CVE-2020-24503Feb 17, 2021affected < 4.18.0-348.el8fixed 4.18.0-348.el8
Insufficient access control in some Intel(R) Ethernet E810 Adapter drivers for Linux before version 1.0.4 may allow an authenticated user to potentially enable information disclosure via local access.
- CVE-2020-24502Feb 17, 2021affected < 4.18.0-348.el8fixed 4.18.0-348.el8
Improper input validation in some Intel(R) Ethernet E810 Adapter drivers for Linux before version 1.0.4 and before version 1.4.29.0 for Windows*, may allow an authenticated user to potentially enable a denial of service via local access.
- CVE-2020-24504Feb 17, 2021affected < 4.18.0-348.el8fixed 4.18.0-348.el8
Uncontrolled resource consumption in some Intel(R) Ethernet E810 Adapter drivers for Linux before version 1.0.4 may allow an authenticated user to potentially enable denial of service via local access.
- CVE-2020-12362Feb 17, 2021affected < 4.18.0-305.el8fixed 4.18.0-305.el8
Integer overflow in the firmware for some Intel(R) Graphics Drivers for Windows * before version 26.20.100.7212 and before Linux kernel version 5.5 may allow a privileged user to potentially enable an escalation of privilege via local access.
- CVE-2021-26708Feb 5, 2021affected < 4.18.0-240.22.1.el8_3fixed 4.18.0-240.22.1.el8_3
A local privilege escalation was discovered in the Linux kernel before 5.10.13. Multiple race conditions in the AF_VSOCK implementation are caused by wrong locking in net/vmw_vsock/af_vsock.c. The race conditions were implicitly introduced in the commits that added VSOCK multi-tr
Page 61 of 66