rpm package

opensuse/kernel-obs-qa&distro=openSUSE Leap 15.2

pkg:rpm/opensuse/kernel-obs-qa&distro=openSUSE%20Leap%2015.2

Vulnerabilities (187)

CVE	CVSS	Affected versions	Fixed in	Published	Description
CVE-2020-29660	—	< 5.3.18-lp152.60.1	5.3.18-lp152.60.1	Dec 9, 2020	A locking inconsistency issue was discovered in the tty subsystem of the Linux kernel through 5.9.13. drivers/tty/tty_io.c and drivers/tty/tty_jobctrl.c may allow a read-after-free attack against TIOCGSID, aka CID-c8bcd9c5be24.
CVE-2020-29661	—	< 5.3.18-lp152.60.1	5.3.18-lp152.60.1	Dec 9, 2020	A locking issue was discovered in the tty subsystem of the Linux kernel through 5.9.13. drivers/tty/tty_jobctrl.c allows a use-after-free attack against TIOCSPGRP, aka CID-54ffccbf053b.
CVE-2020-14351	—	< 5.3.18-lp152.50.1	5.3.18-lp152.50.1	Dec 3, 2020	A flaw was found in the Linux kernel. A use-after-free memory flaw was found in the perf subsystem allowing a local attacker with permission to monitor perf events to corrupt memory and possibly escalate privileges. The highest threat from this vulnerability is to data confidenti
CVE-2020-25704	—	< 5.3.18-lp152.50.1	5.3.18-lp152.50.1	Dec 2, 2020	A flaw memory leak in the Linux kernel performance monitoring subsystem was found in the way if using PERF_EVENT_IOC_SET_FILTER. A local user could use this flaw to starve the resources causing denial of service.
CVE-2020-25656	—	< 5.3.18-lp152.50.1	5.3.18-lp152.50.1	Dec 2, 2020	A flaw was found in the Linux kernel. A use-after-free was found in the way the console subsystem was using ioctls KDGKBSENT and KDSKBSENT. A local user could use this flaw to get read memory access out of bounds. The highest threat from this vulnerability is to data confidential
CVE-2020-29368	—	< 5.3.18-lp152.66.2	5.3.18-lp152.66.2	Nov 28, 2020	An issue was discovered in __split_huge_pmd in mm/huge_memory.c in the Linux kernel before 5.7.5. The copy-on-write implementation can grant unintended write access because of a race condition in a THP mapcount check, aka CID-c444eb564fb1.
CVE-2020-29369	—	< 5.3.18-lp152.54.1	5.3.18-lp152.54.1	Nov 28, 2020	An issue was discovered in mm/mmap.c in the Linux kernel before 5.7.11. There is a race condition between certain expand functions (expand_downwards and expand_upwards) and page-table free operations from an munmap call, aka CID-246c320a8cfe.
CVE-2020-29370	—	< 5.3.18-lp152.60.1	5.3.18-lp152.60.1	Nov 28, 2020	An issue was discovered in kmem_cache_alloc_bulk in mm/slub.c in the Linux kernel before 5.5.11. The slowpath lacks the required TID increment, aka CID-fd4d9c7d0c71.
CVE-2020-29371	—	< 5.3.18-lp152.54.1	5.3.18-lp152.54.1	Nov 28, 2020	An issue was discovered in romfs_dev_read in fs/romfs/storage.c in the Linux kernel before 5.8.4. Uninitialized memory leaks to userspace, aka CID-bcf85fcedfdd.
CVE-2020-29373	—	< 5.3.18-lp152.60.1	5.3.18-lp152.60.1	Nov 28, 2020	An issue was discovered in fs/io_uring.c in the Linux kernel before 5.6. It unsafely handles the root directory during path lookups, and thus a process inside a mount namespace can escape to unintended filesystem locations, aka CID-ff002b30181d.
CVE-2020-29374	—	< 5.3.18-lp152.66.2	5.3.18-lp152.66.2	Nov 28, 2020	An issue was discovered in the Linux kernel before 5.7.3, related to mm/gup.c and mm/huge_memory.c. The get_user_pages (aka gup) implementation, when used for a copy-on-write page, does not properly consider the semantics of read operations and therefore can grant unintended writ
CVE-2020-15437	—	< 5.3.18-lp152.54.1	5.3.18-lp152.54.1	Nov 23, 2020	The Linux kernel before version 5.8 is vulnerable to a NULL pointer dereference in drivers/tty/serial/8250/8250_core.c:serial8250_isa_init_ports() that allows local users to cause a denial of service by using the p->serial_in pointer which uninitialized.
CVE-2020-15436	—	< 5.3.18-lp152.54.1	5.3.18-lp152.54.1	Nov 23, 2020	Use-after-free vulnerability in fs/block_dev.c in the Linux kernel before 5.8 allows local users to gain privileges or cause a denial of service by leveraging improper access to a certain error field.
CVE-2020-12352	—	< 5.3.18-lp152.47.1	5.3.18-lp152.47.1	Nov 23, 2020	Improper access control in BlueZ may allow an unauthenticated user to potentially enable information disclosure via adjacent access.
CVE-2020-12351	—	< 5.3.18-lp152.47.1	5.3.18-lp152.47.1	Nov 23, 2020	Improper input validation in BlueZ may allow an unauthenticated user to potentially enable escalation of privilege via adjacent access.
CVE-2020-28974	—	< 5.3.18-lp152.54.1	5.3.18-lp152.54.1	Nov 20, 2020	A slab-out-of-bounds read in fbcon in the Linux kernel before 5.9.7 could be used by local attackers to read privileged information or potentially crash the kernel, aka CID-3c4e0dff2095. This occurs because KD_FONT_OP_COPY in drivers/tty/vt/vt.c can be used for manipulations such
CVE-2020-4788	—	< 5.3.18-lp152.54.1	5.3.18-lp152.54.1	Nov 20, 2020	IBM Power9 (AIX 7.1, 7.2, and VIOS 3.1) processors could allow a local user to obtain sensitive information from the data in the L1 cache under extenuating circumstances. IBM X-Force ID: 189296.
CVE-2020-28941	—	< 5.3.18-lp152.54.1	5.3.18-lp152.54.1	Nov 19, 2020	An issue was discovered in drivers/accessibility/speakup/spk_ttyio.c in the Linux kernel through 5.9.9. Local attackers on systems with the speakup driver could cause a local denial of service attack, aka CID-d41227544427. This occurs because of an invalid free when the line disc
CVE-2020-28915	—	< 5.3.18-lp152.54.1	5.3.18-lp152.54.1	Nov 18, 2020	A buffer over-read (at the framebuffer layer) in the fbcon code in the Linux kernel before 5.8.15 could be used by local attackers to read kernel memory, aka CID-6735b4632def.
CVE-2020-25705	—	< 5.3.18-lp152.50.1	5.3.18-lp152.50.1	Nov 17, 2020	A flaw in ICMP packets in the Linux kernel may allow an attacker to quickly scan open UDP ports. This flaw allows an off-path remote attacker to effectively bypass source port UDP randomization. Software that relies on UDP source port randomization are indirectly affected as well

CVE-2020-29660Dec 9, 2020
affected < 5.3.18-lp152.60.1fixed 5.3.18-lp152.60.1
A locking inconsistency issue was discovered in the tty subsystem of the Linux kernel through 5.9.13. drivers/tty/tty_io.c and drivers/tty/tty_jobctrl.c may allow a read-after-free attack against TIOCGSID, aka CID-c8bcd9c5be24.
CVE-2020-29661Dec 9, 2020
affected < 5.3.18-lp152.60.1fixed 5.3.18-lp152.60.1
A locking issue was discovered in the tty subsystem of the Linux kernel through 5.9.13. drivers/tty/tty_jobctrl.c allows a use-after-free attack against TIOCSPGRP, aka CID-54ffccbf053b.
CVE-2020-14351Dec 3, 2020
affected < 5.3.18-lp152.50.1fixed 5.3.18-lp152.50.1
A flaw was found in the Linux kernel. A use-after-free memory flaw was found in the perf subsystem allowing a local attacker with permission to monitor perf events to corrupt memory and possibly escalate privileges. The highest threat from this vulnerability is to data confidenti
CVE-2020-25704Dec 2, 2020
affected < 5.3.18-lp152.50.1fixed 5.3.18-lp152.50.1
A flaw memory leak in the Linux kernel performance monitoring subsystem was found in the way if using PERF_EVENT_IOC_SET_FILTER. A local user could use this flaw to starve the resources causing denial of service.
CVE-2020-25656Dec 2, 2020
affected < 5.3.18-lp152.50.1fixed 5.3.18-lp152.50.1
A flaw was found in the Linux kernel. A use-after-free was found in the way the console subsystem was using ioctls KDGKBSENT and KDSKBSENT. A local user could use this flaw to get read memory access out of bounds. The highest threat from this vulnerability is to data confidential
CVE-2020-29368Nov 28, 2020
affected < 5.3.18-lp152.66.2fixed 5.3.18-lp152.66.2
An issue was discovered in __split_huge_pmd in mm/huge_memory.c in the Linux kernel before 5.7.5. The copy-on-write implementation can grant unintended write access because of a race condition in a THP mapcount check, aka CID-c444eb564fb1.
CVE-2020-29369Nov 28, 2020
affected < 5.3.18-lp152.54.1fixed 5.3.18-lp152.54.1
An issue was discovered in mm/mmap.c in the Linux kernel before 5.7.11. There is a race condition between certain expand functions (expand_downwards and expand_upwards) and page-table free operations from an munmap call, aka CID-246c320a8cfe.
CVE-2020-29370Nov 28, 2020
affected < 5.3.18-lp152.60.1fixed 5.3.18-lp152.60.1
An issue was discovered in kmem_cache_alloc_bulk in mm/slub.c in the Linux kernel before 5.5.11. The slowpath lacks the required TID increment, aka CID-fd4d9c7d0c71.
CVE-2020-29371Nov 28, 2020
affected < 5.3.18-lp152.54.1fixed 5.3.18-lp152.54.1
An issue was discovered in romfs_dev_read in fs/romfs/storage.c in the Linux kernel before 5.8.4. Uninitialized memory leaks to userspace, aka CID-bcf85fcedfdd.
CVE-2020-29373Nov 28, 2020
affected < 5.3.18-lp152.60.1fixed 5.3.18-lp152.60.1
An issue was discovered in fs/io_uring.c in the Linux kernel before 5.6. It unsafely handles the root directory during path lookups, and thus a process inside a mount namespace can escape to unintended filesystem locations, aka CID-ff002b30181d.
CVE-2020-29374Nov 28, 2020
affected < 5.3.18-lp152.66.2fixed 5.3.18-lp152.66.2
An issue was discovered in the Linux kernel before 5.7.3, related to mm/gup.c and mm/huge_memory.c. The get_user_pages (aka gup) implementation, when used for a copy-on-write page, does not properly consider the semantics of read operations and therefore can grant unintended writ
CVE-2020-15437Nov 23, 2020
affected < 5.3.18-lp152.54.1fixed 5.3.18-lp152.54.1
The Linux kernel before version 5.8 is vulnerable to a NULL pointer dereference in drivers/tty/serial/8250/8250_core.c:serial8250_isa_init_ports() that allows local users to cause a denial of service by using the p->serial_in pointer which uninitialized.
CVE-2020-15436Nov 23, 2020
affected < 5.3.18-lp152.54.1fixed 5.3.18-lp152.54.1
Use-after-free vulnerability in fs/block_dev.c in the Linux kernel before 5.8 allows local users to gain privileges or cause a denial of service by leveraging improper access to a certain error field.
CVE-2020-12352Nov 23, 2020
affected < 5.3.18-lp152.47.1fixed 5.3.18-lp152.47.1
Improper access control in BlueZ may allow an unauthenticated user to potentially enable information disclosure via adjacent access.
CVE-2020-12351Nov 23, 2020
affected < 5.3.18-lp152.47.1fixed 5.3.18-lp152.47.1
Improper input validation in BlueZ may allow an unauthenticated user to potentially enable escalation of privilege via adjacent access.
CVE-2020-28974Nov 20, 2020
affected < 5.3.18-lp152.54.1fixed 5.3.18-lp152.54.1
A slab-out-of-bounds read in fbcon in the Linux kernel before 5.9.7 could be used by local attackers to read privileged information or potentially crash the kernel, aka CID-3c4e0dff2095. This occurs because KD_FONT_OP_COPY in drivers/tty/vt/vt.c can be used for manipulations such
CVE-2020-4788Nov 20, 2020
affected < 5.3.18-lp152.54.1fixed 5.3.18-lp152.54.1
IBM Power9 (AIX 7.1, 7.2, and VIOS 3.1) processors could allow a local user to obtain sensitive information from the data in the L1 cache under extenuating circumstances. IBM X-Force ID: 189296.
CVE-2020-28941Nov 19, 2020
affected < 5.3.18-lp152.54.1fixed 5.3.18-lp152.54.1
An issue was discovered in drivers/accessibility/speakup/spk_ttyio.c in the Linux kernel through 5.9.9. Local attackers on systems with the speakup driver could cause a local denial of service attack, aka CID-d41227544427. This occurs because of an invalid free when the line disc
CVE-2020-28915Nov 18, 2020
affected < 5.3.18-lp152.54.1fixed 5.3.18-lp152.54.1
A buffer over-read (at the framebuffer layer) in the fbcon code in the Linux kernel before 5.8.15 could be used by local attackers to read kernel memory, aka CID-6735b4632def.
CVE-2020-25705Nov 17, 2020
affected < 5.3.18-lp152.50.1fixed 5.3.18-lp152.50.1
A flaw in ICMP packets in the Linux kernel may allow an attacker to quickly scan open UDP ports. This flaw allows an off-path remote attacker to effectively bypass source port UDP randomization. Software that relies on UDP source port randomization are indirectly affected as well

Page 7 of 10