VYPR

rpm package

almalinux/kernel-tools-libs-devel

pkg:rpm/almalinux/kernel-tools-libs-devel

Vulnerabilities (1,406)

  • CVE-2021-32399May 10, 2021
    affected < 4.18.0-305.10.2.el8_4fixed 4.18.0-305.10.2.el8_4

    net/bluetooth/hci_request.c in the Linux kernel through 5.12.2 has a race condition for removal of the HCI controller.

  • CVE-2021-31916May 6, 2021
    affected < 4.18.0-348.el8fixed 4.18.0-348.el8

    An out-of-bounds (OOB) memory write flaw was found in list_devices in drivers/md/dm-ioctl.c in the Multi-device driver module in the Linux kernel before 5.12. A bound check failure allows an attacker with special user (CAP_SYS_ADMIN) privilege to gain access to out-of-bounds memo

  • CVE-2021-31829May 6, 2021
    affected < 4.18.0-348.el8fixed 4.18.0-348.el8

    kernel/bpf/verifier.c in the Linux kernel through 5.12.1 performs undesirable speculative loads, leading to disclosure of stack content via side-channel attacks, aka CID-801c6058d14a. The specific concern is not protecting the BPF stack area against speculative loads. Also, the B

  • CVE-2021-3501May 5, 2021
    affected < 4.18.0-305.3.1.el8_4fixed 4.18.0-305.3.1.el8_4

    A flaw was found in the Linux kernel in versions before 5.12. The value of internal.ndata, in the KVM API, is mapped to an array index, which can be updated by a user process at anytime which could lead to an out-of-bounds write. The highest threat from this vulnerability is to d

  • CVE-2021-23133Apr 22, 2021
    affected < 4.18.0-348.el8fixed 4.18.0-348.el8

    A race condition in Linux kernel SCTP sockets (net/sctp/socket.c) before 5.12-rc8 can lead to kernel privilege escalation from the context of a network service or an unprivileged process. If sctp_destroy_sock is called without sock_net(sk)->sctp.addr_wq_lock then an element is re

  • CVE-2021-29155Apr 20, 2021
    affected < 4.18.0-348.el8fixed 4.18.0-348.el8

    An issue was discovered in the Linux kernel through 5.11.x. kernel/bpf/verifier.c performs undesirable out-of-bounds speculation on pointer arithmetic, leading to side-channel attacks that defeat Spectre mitigations and obtain sensitive information from kernel memory. Specificall

  • CVE-2020-36322Apr 14, 2021
    affected < 4.18.0-305.el8fixed 4.18.0-305.el8

    An issue was discovered in the FUSE filesystem implementation in the Linux kernel before 5.10.6, aka CID-5d069dbe8aaf. fuse_do_getattr() calls make_bad_inode() in inappropriate situations, causing a system crash. NOTE: the original fix for this vulnerability was incomplete, and i

  • CVE-2021-29154Apr 8, 2021
    affected < 4.18.0-372.9.1.el8fixed 4.18.0-372.9.1.el8

    BPF JIT compilers in the Linux kernel through 5.11.12 have incorrect computation of branch displacements, allowing them to execute arbitrary code within the kernel context. This affects arch/x86/net/bpf_jit_comp.c and arch/x86/net/bpf_jit_comp32.c.

  • CVE-2021-30002Apr 2, 2021
    affected < 4.18.0-425.3.1.el8fixed 4.18.0-425.3.1.el8

    An issue was discovered in the Linux kernel before 5.11.3 when a webcam device exists. video_usercopy in drivers/media/v4l2-core/v4l2-ioctl.c has a memory leak for large arguments, aka CID-fb18802a338b.

  • CVE-2021-29646Mar 30, 2021
    affected < 4.18.0-348.el8fixed 4.18.0-348.el8

    An issue was discovered in the Linux kernel before 5.11.11. tipc_nl_retrieve_key in net/tipc/node.c does not properly validate certain data sizes, aka CID-0217ed2848e8.

  • CVE-2021-29650Mar 30, 2021
    affected < 4.18.0-348.el8fixed 4.18.0-348.el8

    An issue was discovered in the Linux kernel before 5.11.11. The netfilter subsystem allows attackers to cause a denial of service (panic) because net/netfilter/x_tables.c and include/linux/netfilter/x_tables.h lack a full memory barrier upon the assignment of a new table value, a

  • CVE-2020-35508Mar 26, 2021
    affected < 4.18.0-305.el8fixed 4.18.0-305.el8

    A flaw possibility of race condition and incorrect initialization of the process id was found in the Linux kernel child/parent process identification handling while filtering signal handlers. A local attacker is able to abuse this flaw to bypass checks to send any signal to a pri

  • CVE-2021-28971Mar 22, 2021
    affected < 4.18.0-348.el8fixed 4.18.0-348.el8

    In intel_pmu_drain_pebs_nhm in arch/x86/events/intel/ds.c in the Linux kernel through 5.11.8 on some Haswell CPUs, userspace applications (such as perf-fuzzer) can cause a system crash because the PEBS status in a PEBS record is mishandled, aka CID-d88d05a9e0b6.

  • CVE-2021-28950Mar 20, 2021
    affected < 4.18.0-348.el8fixed 4.18.0-348.el8

    An issue was discovered in fs/fuse/fuse_i.h in the Linux kernel before 5.11.8. A "stall on CPU" can occur because a retry loop continually finds the same bad inode, aka CID-775c5033a0d1.

  • CVE-2021-27365Mar 7, 2021
    affected < 4.18.0-240.22.1.el8_3fixed 4.18.0-240.22.1.el8_3

    An issue was discovered in the Linux kernel through 5.11.3. Certain iSCSI data structures do not have appropriate length constraints or checks, and can exceed the PAGE_SIZE value. An unprivileged user can send a Netlink message that is associated with iSCSI, and has a length up t

  • CVE-2021-27364Mar 7, 2021
    affected < 4.18.0-240.22.1.el8_3fixed 4.18.0-240.22.1.el8_3

    An issue was discovered in the Linux kernel through 5.11.3. drivers/scsi/scsi_transport_iscsi.c is adversely affected by the ability of an unprivileged user to craft Netlink messages.

  • CVE-2021-27363Mar 7, 2021
    affected < 4.18.0-240.22.1.el8_3fixed 4.18.0-240.22.1.el8_3

    An issue was discovered in the Linux kernel through 5.11.3. A kernel pointer leak can be used to determine the address of the iscsi_transport structure. When an iSCSI transport is registered with the iSCSI subsystem, the transport's handle is available to unprivileged users via t

  • CVE-2021-20194Feb 23, 2021
    affected < 4.18.0-348.el8fixed 4.18.0-348.el8

    There is a vulnerability in the linux kernel versions higher than 5.2 (if kernel compiled with config params CONFIG_BPF_SYSCALL=y , CONFIG_BPF=y , CONFIG_CGROUPS=y , CONFIG_CGROUP_BPF=y , CONFIG_HARDENED_USERCOPY not set, and BPF hook to getsockopt is registered). As result of BP

  • CVE-2020-24503Feb 17, 2021
    affected < 4.18.0-348.el8fixed 4.18.0-348.el8

    Insufficient access control in some Intel(R) Ethernet E810 Adapter drivers for Linux before version 1.0.4 may allow an authenticated user to potentially enable information disclosure via local access.

  • CVE-2020-24502Feb 17, 2021
    affected < 4.18.0-348.el8fixed 4.18.0-348.el8

    Improper input validation in some Intel(R) Ethernet E810 Adapter drivers for Linux before version 1.0.4 and before version 1.4.29.0 for Windows*, may allow an authenticated user to potentially enable a denial of service via local access.

Page 66 of 71