rpm package
opensuse/dtb-aarch64&distro=openSUSE Leap 15.4
pkg:rpm/opensuse/dtb-aarch64&distro=openSUSE%20Leap%2015.4
Vulnerabilities (364)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2021-4157 | — | < 5.3.18-150300.59.87.1 | 5.3.18-150300.59.87.1 | Mar 25, 2022 | An out of memory bounds write flaw (1 or 2 bytes of memory) in the Linux kernel NFS subsystem was found in the way users use mirroring (replication of files with NFS). A user, having access to the NFS mount, could potentially use this flaw to crash the system or escalate privileg | ||
| CVE-2021-4203 | — | < 5.3.18-150300.59.93.1 | 5.3.18-150300.59.93.1 | Mar 25, 2022 | A use-after-free read flaw was found in sock_getsockopt() in net/core/sock.c due to SO_PEERCRED and SO_PEERGROUPS race with listen() (and connect()) in the Linux kernel. In this flaw, an attacker with a user privileges may crash the system or leak internal kernel information. | ||
| CVE-2021-26341 | — | < 5.14.21-150400.24.11.1 | 5.14.21-150400.24.11.1 | Mar 11, 2022 | Some AMD CPUs may transiently execute beyond unconditional direct branches, which may potentially result in data leakage. | ||
| CVE-2022-26490 | — | < 5.14.21-150400.24.11.1 | 5.14.21-150400.24.11.1 | Mar 6, 2022 | st21nfca_connectivity_event_received in drivers/nfc/st21nfca/se.c in the Linux kernel through 5.16.12 has EVT_TRANSACTION buffer overflows because of untrusted length parameters. | ||
| CVE-2020-36516 | — | < 5.3.18-150300.59.90.1 | 5.3.18-150300.59.90.1 | Feb 26, 2022 | An issue was discovered in the Linux kernel through 5.16.11. The mixed IPID assignment method with the hash-based IPID assignment policy allows an off-path attacker to inject data into a victim's TCP session or terminate that session. | ||
| CVE-2021-20321 | — | < 5.3.18-150300.59.68.1 | 5.3.18-150300.59.68.1 | Feb 18, 2022 | A race condition accessing file object in the Linux kernel OverlayFS subsystem was found in the way users do rename in specific way with OverlayFS. A local user could use this flaw to crash the system. | ||
| CVE-2022-0617 | — | < 5.14.21-150400.24.11.1 | 5.14.21-150400.24.11.1 | Feb 16, 2022 | A flaw null pointer dereference in the Linux kernel UDF file system functionality was found in the way user triggers udf_file_write_iter function for the malicious UDF image. A local user could use this flaw to crash the system. Actual from Linux kernel 4.2-rc1 till 5.17-rc2. | ||
| CVE-2021-44879 | — | < 5.14.21-150400.24.11.1 | 5.14.21-150400.24.11.1 | Feb 13, 2022 | In gc_data_segment in fs/f2fs/gc.c in the Linux kernel before 5.16.3, special files are not considered, leading to a move_data_page NULL pointer dereference. | ||
| CVE-2021-45402 | — | < 5.14.21-150400.24.11.1 | 5.14.21-150400.24.11.1 | Feb 11, 2022 | The check_alu_op() function in kernel/bpf/verifier.c in the Linux kernel through v5.16-rc5 did not properly update bounds while handling the mov32 instruction, which allows local users to obtain potentially sensitive address information, aka a "pointer leak." | ||
| CVE-2021-33061 | — | < 5.3.18-150300.59.71.1 | 5.3.18-150300.59.71.1 | Feb 9, 2022 | Insufficient control flow management for the Intel(R) 82599 Ethernet Controllers and Adapters may allow an authenticated user to potentially enable denial of service via local access. | ||
| CVE-2021-4154 | — | < 5.3.18-150300.59.68.1 | 5.3.18-150300.59.68.1 | Feb 4, 2022 | A use-after-free flaw was found in cgroup1_parse_param in kernel/cgroup/cgroup-v1.c in the Linux kernel's cgroup v1 parser. A local attacker with a user privilege could cause a privilege escalation by exploiting the fsconfig syscall parameter leading to a container breakout and a | ||
| CVE-2022-0264 | — | < 5.14.21-150400.24.11.1 | 5.14.21-150400.24.11.1 | Feb 4, 2022 | A vulnerability was found in the Linux kernel's eBPF verifier when handling internal data structures. Internal memory locations could be returned to userspace. A local attacker with the permissions to insert eBPF code to the kernel can use this to leak internal kernel memory deta | ||
| CVE-2022-23222 | — | < 5.14.21-150400.24.11.1 | 5.14.21-150400.24.11.1 | Jan 14, 2022 | kernel/bpf/verifier.c in the Linux kernel through 5.15.14 allows local users to gain privileges because of the availability of pointer arithmetic via certain *_OR_NULL pointer types. | ||
| CVE-2021-38208 | — | < 5.3.18-150300.59.68.1 | 5.3.18-150300.59.68.1 | Aug 8, 2021 | net/nfc/llcp_sock.c in the Linux kernel before 5.12.10 allows local unprivileged users to cause a denial of service (NULL pointer dereference and BUG) by making a getsockname call after a certain type of failure of a bind call. | ||
| CVE-2021-20292 | — | < 5.3.18-150300.59.68.1 | 5.3.18-150300.59.68.1 | May 28, 2021 | There is a flaw reported in the Linux kernel in versions before 5.9 in drivers/gpu/drm/nouveau/nouveau_sgdma.c in nouveau_sgdma_create_ttm in Nouveau DRM subsystem. The issue results from the lack of validating the existence of an object prior to performing operations on the obje | ||
| CVE-2020-24588 | Low | 3.5 | < 5.14.21-150400.24.46.1 | 5.14.21-150400.24.46.1 | May 11, 2021 | The 802.11 standard that underpins Wi-Fi Protected Access (WPA, WPA2, and WPA3) and Wired Equivalent Privacy (WEP) doesn't require that the A-MSDU flag in the plaintext QoS header field is authenticated. Against devices that support receiving non-SSP A-MSDU frames (which is manda | |
| CVE-2021-29650 | — | < 5.3.18-150300.59.124.1 | 5.3.18-150300.59.124.1 | Mar 30, 2021 | An issue was discovered in the Linux kernel before 5.11.11. The netfilter subsystem allows attackers to cause a denial of service (panic) because net/netfilter/x_tables.c and include/linux/netfilter/x_tables.h lack a full memory barrier upon the assignment of a new table value, a | ||
| CVE-2020-16119 | — | < 5.3.18-150300.59.98.1 | 5.3.18-150300.59.98.1 | Jan 14, 2021 | Use-after-free vulnerability in the Linux kernel exploitable by a local attacker due to reuse of a DCCP socket with an attached dccps_hc_tx_ccid object as a listener after being released. Fixed in Ubuntu Linux kernel 5.4.0-51.56, 5.3.0-68.63, 4.15.0-121.123, 4.4.0-193.224, 3.13.0 | ||
| CVE-2020-27835 | — | < 5.3.18-150300.59.68.1 | 5.3.18-150300.59.68.1 | Jan 7, 2021 | A use after free in the Linux kernel infiniband hfi1 driver in versions prior to 5.10-rc6 was found in the way user calls Ioctl after open dev file and fork. A local user could use this flaw to crash the system. | ||
| CVE-2020-26541 | — | < 5.3.18-150300.59.76.1 | 5.3.18-150300.59.76.1 | Oct 2, 2020 | The Linux kernel through 5.8.13 does not properly enforce the Secure Boot Forbidden Signature Database (aka dbx) protection mechanism. This affects certs/blacklist.c and certs/system_keyring.c. |
- CVE-2021-4157Mar 25, 2022affected < 5.3.18-150300.59.87.1fixed 5.3.18-150300.59.87.1
An out of memory bounds write flaw (1 or 2 bytes of memory) in the Linux kernel NFS subsystem was found in the way users use mirroring (replication of files with NFS). A user, having access to the NFS mount, could potentially use this flaw to crash the system or escalate privileg
- CVE-2021-4203Mar 25, 2022affected < 5.3.18-150300.59.93.1fixed 5.3.18-150300.59.93.1
A use-after-free read flaw was found in sock_getsockopt() in net/core/sock.c due to SO_PEERCRED and SO_PEERGROUPS race with listen() (and connect()) in the Linux kernel. In this flaw, an attacker with a user privileges may crash the system or leak internal kernel information.
- CVE-2021-26341Mar 11, 2022affected < 5.14.21-150400.24.11.1fixed 5.14.21-150400.24.11.1
Some AMD CPUs may transiently execute beyond unconditional direct branches, which may potentially result in data leakage.
- CVE-2022-26490Mar 6, 2022affected < 5.14.21-150400.24.11.1fixed 5.14.21-150400.24.11.1
st21nfca_connectivity_event_received in drivers/nfc/st21nfca/se.c in the Linux kernel through 5.16.12 has EVT_TRANSACTION buffer overflows because of untrusted length parameters.
- CVE-2020-36516Feb 26, 2022affected < 5.3.18-150300.59.90.1fixed 5.3.18-150300.59.90.1
An issue was discovered in the Linux kernel through 5.16.11. The mixed IPID assignment method with the hash-based IPID assignment policy allows an off-path attacker to inject data into a victim's TCP session or terminate that session.
- CVE-2021-20321Feb 18, 2022affected < 5.3.18-150300.59.68.1fixed 5.3.18-150300.59.68.1
A race condition accessing file object in the Linux kernel OverlayFS subsystem was found in the way users do rename in specific way with OverlayFS. A local user could use this flaw to crash the system.
- CVE-2022-0617Feb 16, 2022affected < 5.14.21-150400.24.11.1fixed 5.14.21-150400.24.11.1
A flaw null pointer dereference in the Linux kernel UDF file system functionality was found in the way user triggers udf_file_write_iter function for the malicious UDF image. A local user could use this flaw to crash the system. Actual from Linux kernel 4.2-rc1 till 5.17-rc2.
- CVE-2021-44879Feb 13, 2022affected < 5.14.21-150400.24.11.1fixed 5.14.21-150400.24.11.1
In gc_data_segment in fs/f2fs/gc.c in the Linux kernel before 5.16.3, special files are not considered, leading to a move_data_page NULL pointer dereference.
- CVE-2021-45402Feb 11, 2022affected < 5.14.21-150400.24.11.1fixed 5.14.21-150400.24.11.1
The check_alu_op() function in kernel/bpf/verifier.c in the Linux kernel through v5.16-rc5 did not properly update bounds while handling the mov32 instruction, which allows local users to obtain potentially sensitive address information, aka a "pointer leak."
- CVE-2021-33061Feb 9, 2022affected < 5.3.18-150300.59.71.1fixed 5.3.18-150300.59.71.1
Insufficient control flow management for the Intel(R) 82599 Ethernet Controllers and Adapters may allow an authenticated user to potentially enable denial of service via local access.
- CVE-2021-4154Feb 4, 2022affected < 5.3.18-150300.59.68.1fixed 5.3.18-150300.59.68.1
A use-after-free flaw was found in cgroup1_parse_param in kernel/cgroup/cgroup-v1.c in the Linux kernel's cgroup v1 parser. A local attacker with a user privilege could cause a privilege escalation by exploiting the fsconfig syscall parameter leading to a container breakout and a
- CVE-2022-0264Feb 4, 2022affected < 5.14.21-150400.24.11.1fixed 5.14.21-150400.24.11.1
A vulnerability was found in the Linux kernel's eBPF verifier when handling internal data structures. Internal memory locations could be returned to userspace. A local attacker with the permissions to insert eBPF code to the kernel can use this to leak internal kernel memory deta
- CVE-2022-23222Jan 14, 2022affected < 5.14.21-150400.24.11.1fixed 5.14.21-150400.24.11.1
kernel/bpf/verifier.c in the Linux kernel through 5.15.14 allows local users to gain privileges because of the availability of pointer arithmetic via certain *_OR_NULL pointer types.
- CVE-2021-38208Aug 8, 2021affected < 5.3.18-150300.59.68.1fixed 5.3.18-150300.59.68.1
net/nfc/llcp_sock.c in the Linux kernel before 5.12.10 allows local unprivileged users to cause a denial of service (NULL pointer dereference and BUG) by making a getsockname call after a certain type of failure of a bind call.
- CVE-2021-20292May 28, 2021affected < 5.3.18-150300.59.68.1fixed 5.3.18-150300.59.68.1
There is a flaw reported in the Linux kernel in versions before 5.9 in drivers/gpu/drm/nouveau/nouveau_sgdma.c in nouveau_sgdma_create_ttm in Nouveau DRM subsystem. The issue results from the lack of validating the existence of an object prior to performing operations on the obje
- affected < 5.14.21-150400.24.46.1fixed 5.14.21-150400.24.46.1
The 802.11 standard that underpins Wi-Fi Protected Access (WPA, WPA2, and WPA3) and Wired Equivalent Privacy (WEP) doesn't require that the A-MSDU flag in the plaintext QoS header field is authenticated. Against devices that support receiving non-SSP A-MSDU frames (which is manda
- CVE-2021-29650Mar 30, 2021affected < 5.3.18-150300.59.124.1fixed 5.3.18-150300.59.124.1
An issue was discovered in the Linux kernel before 5.11.11. The netfilter subsystem allows attackers to cause a denial of service (panic) because net/netfilter/x_tables.c and include/linux/netfilter/x_tables.h lack a full memory barrier upon the assignment of a new table value, a
- CVE-2020-16119Jan 14, 2021affected < 5.3.18-150300.59.98.1fixed 5.3.18-150300.59.98.1
Use-after-free vulnerability in the Linux kernel exploitable by a local attacker due to reuse of a DCCP socket with an attached dccps_hc_tx_ccid object as a listener after being released. Fixed in Ubuntu Linux kernel 5.4.0-51.56, 5.3.0-68.63, 4.15.0-121.123, 4.4.0-193.224, 3.13.0
- CVE-2020-27835Jan 7, 2021affected < 5.3.18-150300.59.68.1fixed 5.3.18-150300.59.68.1
A use after free in the Linux kernel infiniband hfi1 driver in versions prior to 5.10-rc6 was found in the way user calls Ioctl after open dev file and fork. A local user could use this flaw to crash the system.
- CVE-2020-26541Oct 2, 2020affected < 5.3.18-150300.59.76.1fixed 5.3.18-150300.59.76.1
The Linux kernel through 5.8.13 does not properly enforce the Secure Boot Forbidden Signature Database (aka dbx) protection mechanism. This affects certs/blacklist.c and certs/system_keyring.c.
Page 18 of 19