rpm package
almalinux/kernel-tools-libs-devel
pkg:rpm/almalinux/kernel-tools-libs-devel
Vulnerabilities (1,303)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2020-27152 | — | < 4.18.0-240.22.1.el8_3 | 4.18.0-240.22.1.el8_3 | Nov 6, 2020 | An issue was discovered in ioapic_lazy_update_eoi in arch/x86/kvm/ioapic.c in the Linux kernel before 5.9.2. It has an infinite loop related to improper interaction between a resampler and edge triggering, aka CID-77377064c3a9. | ||
| CVE-2020-25641 | — | < 4.18.0-240.el8 | 4.18.0-240.el8 | Oct 6, 2020 | A flaw was found in the Linux kernel's implementation of biovecs in versions before 5.9-rc7. A zero-length biovec request issued by the block subsystem could cause the kernel to enter an infinite loop, causing a denial of service. This flaw allows a local attacker with basic priv | ||
| CVE-2020-25643 | — | < 4.18.0-305.el8 | 4.18.0-305.el8 | Oct 6, 2020 | A flaw was found in the HDLC_PPP module of the Linux kernel in versions before 5.9-rc7. Memory corruption and a read overflow is caused by improper input validation in the ppp_cp_parse_cr function which can cause the system to crash or cause a denial of service. The highest threa | ||
| CVE-2020-26541 | — | < 4.18.0-305.7.1.el8_4 | 4.18.0-305.7.1.el8_4 | Oct 2, 2020 | The Linux kernel through 5.8.13 does not properly enforce the Secure Boot Forbidden Signature Database (aka dbx) protection mechanism. This affects certs/blacklist.c and certs/system_keyring.c. | ||
| CVE-2020-0431 | — | < 4.18.0-305.el8 | 4.18.0-305.el8 | Sep 17, 2020 | In kbd_keycode of keyboard.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android | ||
| CVE-2020-0404 | — | < 4.18.0-372.9.1.el8 | 4.18.0-372.9.1.el8 | Sep 17, 2020 | In uvc_scan_chain_forward of uvc_driver.c, there is a possible linked list corruption due to an unusual root cause. This could lead to local escalation of privilege in the kernel with no additional execution privileges needed. User interaction is not needed for exploitation.Produ | ||
| CVE-2020-0427 | — | < 4.18.0-348.el8 | 4.18.0-348.el8 | Sep 17, 2020 | In create_pinctrl of core.c, there is a possible out of bounds read due to a use after free. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAnd | ||
| CVE-2020-14314 | — | < 4.18.0-305.el8 | 4.18.0-305.el8 | Sep 15, 2020 | A memory out-of-bounds read flaw was found in the Linux kernel before 5.9-rc2 with the ext3/ext4 file system, in the way it accesses a directory with broken indexing. This flaw allows a local user to crash the system if the directory exists. The highest threat from this vulnerabi | ||
| CVE-2020-25284 | — | < 4.18.0-305.el8 | 4.18.0-305.el8 | Sep 13, 2020 | The rbd block device driver in drivers/block/rbd.c in the Linux kernel through 5.8.9 used incomplete permission checking for access to rbd devices, which could be leveraged by local attackers to map or unmap rbd block devices, aka CID-f44d04e696fe. | ||
| CVE-2020-25285 | — | < 4.18.0-305.el8 | 4.18.0-305.el8 | Sep 13, 2020 | A race condition between hugetlb sysctl handlers in mm/hugetlb.c in the Linux kernel before 5.8.8 could be used by local attackers to corrupt memory, cause a NULL pointer dereference, or possibly have unspecified other impact, aka CID-17743798d812. | ||
| CVE-2020-10773 | — | < 4.18.0-240.el8 | 4.18.0-240.el8 | Sep 10, 2020 | A stack information leak flaw was found in s390/s390x in the Linux kernel’s memory manager functionality, where it incorrectly writes to the /proc/sys/vm/cmm_timeout file. This flaw allows a local user to see the kernel data. | ||
| CVE-2020-25212 | — | < 4.18.0-305.el8 | 4.18.0-305.el8 | Sep 9, 2020 | A TOCTOU mismatch in the NFS client code in the Linux kernel before 5.8.3 could be used by local attackers to corrupt memory or possibly have unspecified other impact because a size check is in fs/nfs/nfs4proc.c instead of fs/nfs/nfs4xdr.c, aka CID-b4487b935452. | ||
| CVE-2020-14356 | — | < 4.18.0-305.el8 | 4.18.0-305.el8 | Aug 19, 2020 | A flaw null pointer dereference in the Linux kernel cgroupv2 subsystem in versions before 5.7.10 was found in the way when reboot the system. A local user could use this flaw to crash the system or escalate their privileges on the system. | ||
| CVE-2020-24394 | — | < 4.18.0-305.el8 | 4.18.0-305.el8 | Aug 19, 2020 | In the Linux kernel before 5.7.8, fs/nfsd/vfs.c (in the NFS server) can set incorrect permissions on new filesystem objects when the filesystem lacks ACL support, aka CID-22cf8419f131. This occurs because the current umask is not considered. | ||
| CVE-2020-0305 | — | < 4.18.0-240.el8 | 4.18.0-240.el8 | Jul 17, 2020 | In cdev_get of char_dev.c, there is a possible use-after-free due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-15346 | ||
| CVE-2020-10732 | — | < 4.18.0-240.el8 | 4.18.0-240.el8 | Jun 12, 2020 | A flaw was found in the Linux kernel's implementation of Userspace core dumps. This flaw allows an attacker with a local account to crash a trivial program and exfiltrate private kernel data. | ||
| CVE-2020-13974 | — | < 4.18.0-372.9.1.el8 | 4.18.0-372.9.1.el8 | Jun 9, 2020 | An issue was discovered in the Linux kernel 4.4 through 5.7.1. drivers/tty/vt/keyboard.c has an integer overflow if k_ascii is called several times in a row, aka CID-b86dab054059. NOTE: Members in the community argue that the integer overflow does not lead to a security issue in | ||
| CVE-2020-10751 | — | < 4.18.0-240.el8 | 4.18.0-240.el8 | May 26, 2020 | A flaw was found in the Linux kernels SELinux LSM hook implementation before version 5.7, where it incorrectly assumed that an skb would only contain a single netlink message. The hook would incorrectly only validate the first netlink message in the skb and allow or deny the rest | ||
| CVE-2020-12826 | — | < 4.18.0-240.el8 | 4.18.0-240.el8 | May 12, 2020 | A signal access-control issue was discovered in the Linux kernel before 5.6.5, aka CID-7395ea4e65c2. Because exec_id in include/linux/sched.h is only 32 bits, an integer overflow can interfere with a do_notify_parent protection mechanism. A child process can send an arbitrary sig | ||
| CVE-2020-12770 | — | < 4.18.0-240.el8 | 4.18.0-240.el8 | May 9, 2020 | An issue was discovered in the Linux kernel through 5.6.11. sg_write lacks an sg_remove_request call in a certain failure case, aka CID-83c6f2390040. |
- CVE-2020-27152Nov 6, 2020affected < 4.18.0-240.22.1.el8_3fixed 4.18.0-240.22.1.el8_3
An issue was discovered in ioapic_lazy_update_eoi in arch/x86/kvm/ioapic.c in the Linux kernel before 5.9.2. It has an infinite loop related to improper interaction between a resampler and edge triggering, aka CID-77377064c3a9.
- CVE-2020-25641Oct 6, 2020affected < 4.18.0-240.el8fixed 4.18.0-240.el8
A flaw was found in the Linux kernel's implementation of biovecs in versions before 5.9-rc7. A zero-length biovec request issued by the block subsystem could cause the kernel to enter an infinite loop, causing a denial of service. This flaw allows a local attacker with basic priv
- CVE-2020-25643Oct 6, 2020affected < 4.18.0-305.el8fixed 4.18.0-305.el8
A flaw was found in the HDLC_PPP module of the Linux kernel in versions before 5.9-rc7. Memory corruption and a read overflow is caused by improper input validation in the ppp_cp_parse_cr function which can cause the system to crash or cause a denial of service. The highest threa
- CVE-2020-26541Oct 2, 2020affected < 4.18.0-305.7.1.el8_4fixed 4.18.0-305.7.1.el8_4
The Linux kernel through 5.8.13 does not properly enforce the Secure Boot Forbidden Signature Database (aka dbx) protection mechanism. This affects certs/blacklist.c and certs/system_keyring.c.
- CVE-2020-0431Sep 17, 2020affected < 4.18.0-305.el8fixed 4.18.0-305.el8
In kbd_keycode of keyboard.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android
- CVE-2020-0404Sep 17, 2020affected < 4.18.0-372.9.1.el8fixed 4.18.0-372.9.1.el8
In uvc_scan_chain_forward of uvc_driver.c, there is a possible linked list corruption due to an unusual root cause. This could lead to local escalation of privilege in the kernel with no additional execution privileges needed. User interaction is not needed for exploitation.Produ
- CVE-2020-0427Sep 17, 2020affected < 4.18.0-348.el8fixed 4.18.0-348.el8
In create_pinctrl of core.c, there is a possible out of bounds read due to a use after free. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAnd
- CVE-2020-14314Sep 15, 2020affected < 4.18.0-305.el8fixed 4.18.0-305.el8
A memory out-of-bounds read flaw was found in the Linux kernel before 5.9-rc2 with the ext3/ext4 file system, in the way it accesses a directory with broken indexing. This flaw allows a local user to crash the system if the directory exists. The highest threat from this vulnerabi
- CVE-2020-25284Sep 13, 2020affected < 4.18.0-305.el8fixed 4.18.0-305.el8
The rbd block device driver in drivers/block/rbd.c in the Linux kernel through 5.8.9 used incomplete permission checking for access to rbd devices, which could be leveraged by local attackers to map or unmap rbd block devices, aka CID-f44d04e696fe.
- CVE-2020-25285Sep 13, 2020affected < 4.18.0-305.el8fixed 4.18.0-305.el8
A race condition between hugetlb sysctl handlers in mm/hugetlb.c in the Linux kernel before 5.8.8 could be used by local attackers to corrupt memory, cause a NULL pointer dereference, or possibly have unspecified other impact, aka CID-17743798d812.
- CVE-2020-10773Sep 10, 2020affected < 4.18.0-240.el8fixed 4.18.0-240.el8
A stack information leak flaw was found in s390/s390x in the Linux kernel’s memory manager functionality, where it incorrectly writes to the /proc/sys/vm/cmm_timeout file. This flaw allows a local user to see the kernel data.
- CVE-2020-25212Sep 9, 2020affected < 4.18.0-305.el8fixed 4.18.0-305.el8
A TOCTOU mismatch in the NFS client code in the Linux kernel before 5.8.3 could be used by local attackers to corrupt memory or possibly have unspecified other impact because a size check is in fs/nfs/nfs4proc.c instead of fs/nfs/nfs4xdr.c, aka CID-b4487b935452.
- CVE-2020-14356Aug 19, 2020affected < 4.18.0-305.el8fixed 4.18.0-305.el8
A flaw null pointer dereference in the Linux kernel cgroupv2 subsystem in versions before 5.7.10 was found in the way when reboot the system. A local user could use this flaw to crash the system or escalate their privileges on the system.
- CVE-2020-24394Aug 19, 2020affected < 4.18.0-305.el8fixed 4.18.0-305.el8
In the Linux kernel before 5.7.8, fs/nfsd/vfs.c (in the NFS server) can set incorrect permissions on new filesystem objects when the filesystem lacks ACL support, aka CID-22cf8419f131. This occurs because the current umask is not considered.
- CVE-2020-0305Jul 17, 2020affected < 4.18.0-240.el8fixed 4.18.0-240.el8
In cdev_get of char_dev.c, there is a possible use-after-free due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-15346
- CVE-2020-10732Jun 12, 2020affected < 4.18.0-240.el8fixed 4.18.0-240.el8
A flaw was found in the Linux kernel's implementation of Userspace core dumps. This flaw allows an attacker with a local account to crash a trivial program and exfiltrate private kernel data.
- CVE-2020-13974Jun 9, 2020affected < 4.18.0-372.9.1.el8fixed 4.18.0-372.9.1.el8
An issue was discovered in the Linux kernel 4.4 through 5.7.1. drivers/tty/vt/keyboard.c has an integer overflow if k_ascii is called several times in a row, aka CID-b86dab054059. NOTE: Members in the community argue that the integer overflow does not lead to a security issue in
- CVE-2020-10751May 26, 2020affected < 4.18.0-240.el8fixed 4.18.0-240.el8
A flaw was found in the Linux kernels SELinux LSM hook implementation before version 5.7, where it incorrectly assumed that an skb would only contain a single netlink message. The hook would incorrectly only validate the first netlink message in the skb and allow or deny the rest
- CVE-2020-12826May 12, 2020affected < 4.18.0-240.el8fixed 4.18.0-240.el8
A signal access-control issue was discovered in the Linux kernel before 5.6.5, aka CID-7395ea4e65c2. Because exec_id in include/linux/sched.h is only 32 bits, an integer overflow can interfere with a do_notify_parent protection mechanism. A child process can send an arbitrary sig
- CVE-2020-12770May 9, 2020affected < 4.18.0-240.el8fixed 4.18.0-240.el8
An issue was discovered in the Linux kernel through 5.6.11. sg_write lacks an sg_remove_request call in a certain failure case, aka CID-83c6f2390040.
Page 63 of 66