rpm package
opensuse/kernel-default&distro=openSUSE Leap 15.3
pkg:rpm/opensuse/kernel-default&distro=openSUSE%20Leap%2015.3
Vulnerabilities (340)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2021-3609 | — | < 4.12.14-197.99.1 | 4.12.14-197.99.1 | Mar 3, 2022 | .A flaw was found in the CAN BCM networking protocol in the Linux kernel, where a local attacker can abuse a flaw in the CAN subsystem to corrupt memory, crash the system or escalate privileges. This race condition in net/can/bcm.c in the Linux kernel allows for local privilege e | ||
| CVE-2022-0492 | — | < 5.3.18-150300.59.54.1 | 5.3.18-150300.59.54.1 | Mar 3, 2022 | A vulnerability was found in the Linux kernel’s cgroup_release_agent_write in the kernel/cgroup/cgroup-v1.c function. This flaw, under certain circumstances, allows the use of the cgroups v1 release_agent feature to escalate privileges and bypass the namespace isolation unexpecte | ||
| CVE-2021-3715 | — | < 5.3.18-59.34.1 | 5.3.18-59.34.1 | Mar 2, 2022 | A flaw was found in the "Routing decision" classifier in the Linux kernel's Traffic Control networking subsystem in the way it handled changing of classification filters, leading to a use-after-free condition. This flaw allows unprivileged local users to escalate their privileges | ||
| CVE-2021-3772 | — | < 5.3.18-59.34.1 | 5.3.18-59.34.1 | Mar 2, 2022 | A flaw was found in the Linux SCTP stack. A blind attacker may be able to kill an existing SCTP association through invalid chunks if the attacker knows the IP-addresses and port numbers being used and the attacker can send packets with spoofed IP addresses. | ||
| CVE-2020-36516 | — | < 5.3.18-150300.59.90.1 | 5.3.18-150300.59.90.1 | Feb 26, 2022 | An issue was discovered in the Linux kernel through 5.16.11. The mixed IPID assignment method with the hash-based IPID assignment policy allows an off-path attacker to inject data into a victim's TCP session or terminate that session. | ||
| CVE-2022-25636 | — | < 5.3.18-150300.59.60.4 | 5.3.18-150300.59.60.4 | Feb 22, 2022 | net/netfilter/nf_dup_netdev.c in the Linux kernel 5.4 through 5.6.10 allows local users to gain privileges because of a heap out-of-bounds write. This is related to nf_tables_offload. | ||
| CVE-2022-25375 | — | < 5.3.18-150300.59.54.1 | 5.3.18-150300.59.54.1 | Feb 20, 2022 | An issue was discovered in drivers/usb/gadget/function/rndis.c in the Linux kernel before 5.16.10. The RNDIS USB gadget lacks validation of the size of the RNDIS_MSG_SET command. Attackers can obtain sensitive information from kernel memory. | ||
| CVE-2021-20322 | — | < 4.12.14-197.102.2 | 4.12.14-197.102.2 | Feb 18, 2022 | A flaw in the processing of received ICMP errors (ICMP fragment needed and ICMP redirect) in the Linux kernel functionality was found to allow the ability to quickly scan open UDP ports. This flaw allows an off-path remote user to effectively bypass the source port UDP randomizat | ||
| CVE-2021-20321 | — | < 5.3.18-150300.59.68.1 | 5.3.18-150300.59.68.1 | Feb 18, 2022 | A race condition accessing file object in the Linux kernel OverlayFS subsystem was found in the way users do rename in specific way with OverlayFS. A local user could use this flaw to crash the system. | ||
| CVE-2021-3752 | — | < 5.3.18-59.27.1 | 5.3.18-59.27.1 | Feb 16, 2022 | A use-after-free flaw was found in the Linux kernel’s Bluetooth subsystem in the way user calls connect to the socket and disconnect simultaneously due to a race condition. This flaw allows a user to crash the system or escalate their privileges. The highest threat from this vuln | ||
| CVE-2021-3760 | — | < 5.3.18-59.34.1 | 5.3.18-59.34.1 | Feb 16, 2022 | A flaw was found in the Linux kernel. A use-after-free vulnerability in the NFC stack can lead to a threat to confidentiality, integrity, and system availability. | ||
| CVE-2022-0617 | — | < 4.12.14-197.108.1 | 4.12.14-197.108.1 | Feb 16, 2022 | A flaw null pointer dereference in the Linux kernel UDF file system functionality was found in the way user triggers udf_file_write_iter function for the malicious UDF image. A local user could use this flaw to crash the system. Actual from Linux kernel 4.2-rc1 till 5.17-rc2. | ||
| CVE-2022-25258 | — | < 5.3.18-150300.59.60.4 | 5.3.18-150300.59.60.4 | Feb 16, 2022 | An issue was discovered in drivers/usb/gadget/composite.c in the Linux kernel before 5.16.10. The USB Gadget subsystem lacks certain validation of interface OS descriptor requests (ones with a large array index and ones associated with NULL function pointer retrieval). Memory cor | ||
| CVE-2021-3753 | — | < 5.3.18-59.24.1 | 5.3.18-59.24.1 | Feb 16, 2022 | A race problem was seen in the vt_k_ioctl in drivers/tty/vt/vt_ioctl.c in the Linux kernel, which may cause an out of bounds read in vt as the write access to vc_mode is not protected by lock-in vt_ioctl (KDSETMDE). The highest threat from this vulnerability is to data confidenti | ||
| CVE-2021-44879 | — | < 4.12.14-197.108.1 | 4.12.14-197.108.1 | Feb 13, 2022 | In gc_data_segment in fs/f2fs/gc.c in the Linux kernel before 5.16.3, special files are not considered, leading to a move_data_page NULL pointer dereference. | ||
| CVE-2022-0185 | — | KEV | < 5.3.18-150300.59.43.1 | 5.3.18-150300.59.43.1 | Feb 11, 2022 | A heap-based buffer overflow flaw was found in the way the legacy_parse_param function in the Filesystem Context functionality of the Linux kernel verified the supplied parameters length. An unprivileged (in case of unprivileged user namespaces enabled, otherwise needs namespaced | |
| CVE-2021-45402 | — | < 5.3.18-150300.59.60.4 | 5.3.18-150300.59.60.4 | Feb 11, 2022 | The check_alu_op() function in kernel/bpf/verifier.c in the Linux kernel through v5.16-rc5 did not properly update bounds while handling the mov32 instruction, which allows local users to obtain potentially sensitive address information, aka a "pointer leak." | ||
| CVE-2022-24958 | — | < 5.3.18-150300.59.60.4 | 5.3.18-150300.59.60.4 | Feb 11, 2022 | drivers/usb/gadget/legacy/inode.c in the Linux kernel through 5.16.8 mishandles dev->buf release. | ||
| CVE-2022-24959 | — | < 4.12.14-197.108.1 | 4.12.14-197.108.1 | Feb 11, 2022 | An issue was discovered in the Linux kernel before 5.16.5. There is a memory leak in yam_siocdevprivate in drivers/net/hamradio/yam.c. | ||
| CVE-2021-33061 | — | < 5.3.18-150300.59.71.2 | 5.3.18-150300.59.71.2 | Feb 9, 2022 | Insufficient control flow management for the Intel(R) 82599 Ethernet Controllers and Adapters may allow an authenticated user to potentially enable denial of service via local access. |
- CVE-2021-3609Mar 3, 2022affected < 4.12.14-197.99.1fixed 4.12.14-197.99.1
.A flaw was found in the CAN BCM networking protocol in the Linux kernel, where a local attacker can abuse a flaw in the CAN subsystem to corrupt memory, crash the system or escalate privileges. This race condition in net/can/bcm.c in the Linux kernel allows for local privilege e
- CVE-2022-0492Mar 3, 2022affected < 5.3.18-150300.59.54.1fixed 5.3.18-150300.59.54.1
A vulnerability was found in the Linux kernel’s cgroup_release_agent_write in the kernel/cgroup/cgroup-v1.c function. This flaw, under certain circumstances, allows the use of the cgroups v1 release_agent feature to escalate privileges and bypass the namespace isolation unexpecte
- CVE-2021-3715Mar 2, 2022affected < 5.3.18-59.34.1fixed 5.3.18-59.34.1
A flaw was found in the "Routing decision" classifier in the Linux kernel's Traffic Control networking subsystem in the way it handled changing of classification filters, leading to a use-after-free condition. This flaw allows unprivileged local users to escalate their privileges
- CVE-2021-3772Mar 2, 2022affected < 5.3.18-59.34.1fixed 5.3.18-59.34.1
A flaw was found in the Linux SCTP stack. A blind attacker may be able to kill an existing SCTP association through invalid chunks if the attacker knows the IP-addresses and port numbers being used and the attacker can send packets with spoofed IP addresses.
- CVE-2020-36516Feb 26, 2022affected < 5.3.18-150300.59.90.1fixed 5.3.18-150300.59.90.1
An issue was discovered in the Linux kernel through 5.16.11. The mixed IPID assignment method with the hash-based IPID assignment policy allows an off-path attacker to inject data into a victim's TCP session or terminate that session.
- CVE-2022-25636Feb 22, 2022affected < 5.3.18-150300.59.60.4fixed 5.3.18-150300.59.60.4
net/netfilter/nf_dup_netdev.c in the Linux kernel 5.4 through 5.6.10 allows local users to gain privileges because of a heap out-of-bounds write. This is related to nf_tables_offload.
- CVE-2022-25375Feb 20, 2022affected < 5.3.18-150300.59.54.1fixed 5.3.18-150300.59.54.1
An issue was discovered in drivers/usb/gadget/function/rndis.c in the Linux kernel before 5.16.10. The RNDIS USB gadget lacks validation of the size of the RNDIS_MSG_SET command. Attackers can obtain sensitive information from kernel memory.
- CVE-2021-20322Feb 18, 2022affected < 4.12.14-197.102.2fixed 4.12.14-197.102.2
A flaw in the processing of received ICMP errors (ICMP fragment needed and ICMP redirect) in the Linux kernel functionality was found to allow the ability to quickly scan open UDP ports. This flaw allows an off-path remote user to effectively bypass the source port UDP randomizat
- CVE-2021-20321Feb 18, 2022affected < 5.3.18-150300.59.68.1fixed 5.3.18-150300.59.68.1
A race condition accessing file object in the Linux kernel OverlayFS subsystem was found in the way users do rename in specific way with OverlayFS. A local user could use this flaw to crash the system.
- CVE-2021-3752Feb 16, 2022affected < 5.3.18-59.27.1fixed 5.3.18-59.27.1
A use-after-free flaw was found in the Linux kernel’s Bluetooth subsystem in the way user calls connect to the socket and disconnect simultaneously due to a race condition. This flaw allows a user to crash the system or escalate their privileges. The highest threat from this vuln
- CVE-2021-3760Feb 16, 2022affected < 5.3.18-59.34.1fixed 5.3.18-59.34.1
A flaw was found in the Linux kernel. A use-after-free vulnerability in the NFC stack can lead to a threat to confidentiality, integrity, and system availability.
- CVE-2022-0617Feb 16, 2022affected < 4.12.14-197.108.1fixed 4.12.14-197.108.1
A flaw null pointer dereference in the Linux kernel UDF file system functionality was found in the way user triggers udf_file_write_iter function for the malicious UDF image. A local user could use this flaw to crash the system. Actual from Linux kernel 4.2-rc1 till 5.17-rc2.
- CVE-2022-25258Feb 16, 2022affected < 5.3.18-150300.59.60.4fixed 5.3.18-150300.59.60.4
An issue was discovered in drivers/usb/gadget/composite.c in the Linux kernel before 5.16.10. The USB Gadget subsystem lacks certain validation of interface OS descriptor requests (ones with a large array index and ones associated with NULL function pointer retrieval). Memory cor
- CVE-2021-3753Feb 16, 2022affected < 5.3.18-59.24.1fixed 5.3.18-59.24.1
A race problem was seen in the vt_k_ioctl in drivers/tty/vt/vt_ioctl.c in the Linux kernel, which may cause an out of bounds read in vt as the write access to vc_mode is not protected by lock-in vt_ioctl (KDSETMDE). The highest threat from this vulnerability is to data confidenti
- CVE-2021-44879Feb 13, 2022affected < 4.12.14-197.108.1fixed 4.12.14-197.108.1
In gc_data_segment in fs/f2fs/gc.c in the Linux kernel before 5.16.3, special files are not considered, leading to a move_data_page NULL pointer dereference.
- affected < 5.3.18-150300.59.43.1fixed 5.3.18-150300.59.43.1
A heap-based buffer overflow flaw was found in the way the legacy_parse_param function in the Filesystem Context functionality of the Linux kernel verified the supplied parameters length. An unprivileged (in case of unprivileged user namespaces enabled, otherwise needs namespaced
- CVE-2021-45402Feb 11, 2022affected < 5.3.18-150300.59.60.4fixed 5.3.18-150300.59.60.4
The check_alu_op() function in kernel/bpf/verifier.c in the Linux kernel through v5.16-rc5 did not properly update bounds while handling the mov32 instruction, which allows local users to obtain potentially sensitive address information, aka a "pointer leak."
- CVE-2022-24958Feb 11, 2022affected < 5.3.18-150300.59.60.4fixed 5.3.18-150300.59.60.4
drivers/usb/gadget/legacy/inode.c in the Linux kernel through 5.16.8 mishandles dev->buf release.
- CVE-2022-24959Feb 11, 2022affected < 4.12.14-197.108.1fixed 4.12.14-197.108.1
An issue was discovered in the Linux kernel before 5.16.5. There is a memory leak in yam_siocdevprivate in drivers/net/hamradio/yam.c.
- CVE-2021-33061Feb 9, 2022affected < 5.3.18-150300.59.71.2fixed 5.3.18-150300.59.71.2
Insufficient control flow management for the Intel(R) 82599 Ethernet Controllers and Adapters may allow an authenticated user to potentially enable denial of service via local access.
Page 10 of 17