rpm package
almalinux/kernel-tools-libs-devel
pkg:rpm/almalinux/kernel-tools-libs-devel
Vulnerabilities (1,406)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2019-9458 | — | < 4.18.0-240.el8 | 4.18.0-240.el8 | Sep 6, 2019 | In the Android kernel in the video driver there is a use after free due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. | ||
| CVE-2019-15925 | — | < 4.18.0-240.el8 | 4.18.0-240.el8 | Sep 4, 2019 | An issue was discovered in the Linux kernel before 5.2.3. An out of bounds access exists in the function hclge_tm_schd_mode_vnet_base_cfg in the file drivers/net/ethernet/hisilicon/hns3/hns3pf/hclge_tm.c. | ||
| CVE-2019-15917 | — | < 4.18.0-240.el8 | 4.18.0-240.el8 | Sep 4, 2019 | An issue was discovered in the Linux kernel before 5.0.5. There is a use-after-free issue when hci_uart_register_dev() fails in hci_uart_set_proto() in drivers/bluetooth/hci_ldisc.c. | ||
| CVE-2019-12614 | — | < 4.18.0-240.el8 | 4.18.0-240.el8 | Jun 3, 2019 | An issue was discovered in dlpar_parse_cc_property in arch/powerpc/platforms/pseries/dlpar.c in the Linux kernel through 5.1.6. There is an unchecked kstrdup of prop->name, which might allow an attacker to cause a denial of service (NULL pointer dereference and system crash). | ||
| CVE-2018-13405 | Hig | 7.8 | < 4.18.0-372.9.1.el8 | 4.18.0-372.9.1.el8 | Jul 6, 2018 | The inode_init_owner function in fs/inode.c in the Linux kernel through 3.16 allows local users to create files with an unintended group ownership, in a scenario where a directory is SGID to a certain group and is writable by a user who is not a member of that group. Here, the no | |
| CVE-2017-5715 | Med | 5.6 | < 4.18.0-372.9.1.el8 | 4.18.0-372.9.1.el8 | Jan 4, 2018 | Systems with microprocessors utilizing speculative execution and indirect branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis. |
- CVE-2019-9458Sep 6, 2019affected < 4.18.0-240.el8fixed 4.18.0-240.el8
In the Android kernel in the video driver there is a use after free due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
- CVE-2019-15925Sep 4, 2019affected < 4.18.0-240.el8fixed 4.18.0-240.el8
An issue was discovered in the Linux kernel before 5.2.3. An out of bounds access exists in the function hclge_tm_schd_mode_vnet_base_cfg in the file drivers/net/ethernet/hisilicon/hns3/hns3pf/hclge_tm.c.
- CVE-2019-15917Sep 4, 2019affected < 4.18.0-240.el8fixed 4.18.0-240.el8
An issue was discovered in the Linux kernel before 5.0.5. There is a use-after-free issue when hci_uart_register_dev() fails in hci_uart_set_proto() in drivers/bluetooth/hci_ldisc.c.
- CVE-2019-12614Jun 3, 2019affected < 4.18.0-240.el8fixed 4.18.0-240.el8
An issue was discovered in dlpar_parse_cc_property in arch/powerpc/platforms/pseries/dlpar.c in the Linux kernel through 5.1.6. There is an unchecked kstrdup of prop->name, which might allow an attacker to cause a denial of service (NULL pointer dereference and system crash).
- affected < 4.18.0-372.9.1.el8fixed 4.18.0-372.9.1.el8
The inode_init_owner function in fs/inode.c in the Linux kernel through 3.16 allows local users to create files with an unintended group ownership, in a scenario where a directory is SGID to a certain group and is writable by a user who is not a member of that group. Here, the no
- affected < 4.18.0-372.9.1.el8fixed 4.18.0-372.9.1.el8
Systems with microprocessors utilizing speculative execution and indirect branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis.
Page 71 of 71