VYPR

rpm package

opensuse/kernel-source&distro=openSUSE Tumbleweed

pkg:rpm/opensuse/kernel-source&distro=openSUSE%20Tumbleweed

Vulnerabilities (1,435)

  • CVE-2021-3653Sep 29, 2021
    affected < 5.14.6-1.4fixed 5.14.6-1.4

    A flaw was found in the KVM's AMD code for supporting SVM nested virtualization. The flaw occurs when processing the VMCB (virtual machine control block) provided by the L1 guest to spawn/handle a nested guest (L2). Due to improper validation of the "int_ctl" field, this issue co

  • CVE-2021-38166Aug 7, 2021
    affected < 5.14.6-1.4fixed 5.14.6-1.4

    In kernel/bpf/hashtab.c in the Linux kernel through 5.13.8, there is an integer overflow and out-of-bounds write when many elements are placed in a single bucket. NOTE: exploitation might be impractical without the CAP_SYS_ADMIN capability.

  • CVE-2021-37576Jul 26, 2021
    affected < 5.14.6-1.4fixed 5.14.6-1.4

    arch/powerpc/kvm/book3s_rtas.c in the Linux kernel through 5.13.5 on the powerpc platform allows KVM guest OS users to cause host OS memory corruption via rtas_args.nargs, aka CID-f62f3c20647e.

  • CVE-2021-33909Jul 20, 2021
    affected < 5.14.6-1.4fixed 5.14.6-1.4

    fs/seq_file.c in the Linux kernel 3.16 through 5.13.x before 5.13.4 does not properly restrict seq buffer allocations, leading to an integer overflow, an Out-of-bounds Write, and escalation to root by an unprivileged user, aka CID-8cae8cd89f05.

  • CVE-2021-3491Jun 4, 2021
    affected < 5.14.6-1.4fixed 5.14.6-1.4

    The io_uring subsystem in the Linux kernel allowed the MAX_RW_COUNT limit to be bypassed in the PROVIDE_BUFFERS operation, which led to negative values being usedin mem_rw when reading /proc//mem. This could be used to create a heap overflow leading to arbitrary code executi

  • CVE-2021-3490Jun 4, 2021
    affected < 5.14.6-1.4fixed 5.14.6-1.4

    The eBPF ALU32 bounds tracking for bitwise ops (AND, OR and XOR) in the Linux kernel did not properly update 32-bit bounds, which could be turned into out of bounds reads and writes in the Linux kernel and therefore, arbitrary code execution. This issue was fixed via commit 049c4

  • CVE-2021-3489Jun 4, 2021
    affected < 5.14.6-1.4fixed 5.14.6-1.4

    The eBPF RINGBUF bpf_ringbuf_reserve() function in the Linux kernel did not check that the allocated size was smaller than the ringbuf size, allowing an attacker to perform out-of-bounds writes within the kernel and therefore, arbitrary code execution. This issue was fixed via co

  • CVE-2020-25668May 26, 2021
    affected < 5.14.6-1.4fixed 5.14.6-1.4

    A flaw was found in Linux Kernel because access to the global variable fg_console is not properly synchronized leading to a use after free in con_font_op.

  • CVE-2021-3483May 17, 2021
    affected < 5.14.6-1.4fixed 5.14.6-1.4

    A flaw was found in the Nosy driver in the Linux kernel. This issue allows a device to be inserted twice into a doubly-linked list, leading to a use-after-free when one of these devices is removed. The highest threat from this vulnerability is to confidentiality, integrity, as we

  • CVE-2020-26141MedMay 11, 2021
    affected < 5.14.6-1.4fixed 5.14.6-1.4

    An issue was discovered in the ALFA Windows 10 driver 6.1316.1209 for AWUS036H. The Wi-Fi implementation does not verify the Message Integrity Check (authenticity) of fragmented TKIP frames. An adversary can abuse this to inject and possibly decrypt packets in WPA or WPA2 network

  • CVE-2020-24588LowMay 11, 2021
    affected < 5.14.6-1.4fixed 5.14.6-1.4

    The 802.11 standard that underpins Wi-Fi Protected Access (WPA, WPA2, and WPA3) and Wired Equivalent Privacy (WEP) doesn't require that the A-MSDU flag in the plaintext QoS header field is authenticated. Against devices that support receiving non-SSP A-MSDU frames (which is manda

  • CVE-2021-32606May 11, 2021
    affected < 5.14.6-1.4fixed 5.14.6-1.4

    In the Linux kernel 5.11 through 5.12.2, isotp_setsockopt in net/can/isotp.c allows privilege escalation to root by leveraging a use-after-free. (This does not affect earlier versions that lack CAN ISOTP SF_BROADCAST support.)

  • CVE-2020-24587May 11, 2021
    affected < 5.14.6-1.4fixed 5.14.6-1.4

    The 802.11 standard that underpins Wi-Fi Protected Access (WPA, WPA2, and WPA3) and Wired Equivalent Privacy (WEP) doesn't require that all fragments of a frame are encrypted under the same key. An adversary can abuse this to decrypt selected fragments when another device sends f

  • CVE-2020-24586May 11, 2021
    affected < 5.14.6-1.4fixed 5.14.6-1.4

    The 802.11 standard that underpins Wi-Fi Protected Access (WPA, WPA2, and WPA3) and Wired Equivalent Privacy (WEP) doesn't require that received fragments be cleared from memory after (re)connecting to a network. Under the right circumstances, when another device sends fragmented

  • CVE-2021-23133Apr 22, 2021
    affected < 5.14.6-1.4fixed 5.14.6-1.4

    A race condition in Linux kernel SCTP sockets (net/sctp/socket.c) before 5.12-rc8 can lead to kernel privilege escalation from the context of a network service or an unprivileged process. If sctp_destroy_sock is called without sock_net(sk)->sctp.addr_wq_lock then an element is re

  • CVE-2021-28971Mar 22, 2021
    affected < 5.14.6-1.4fixed 5.14.6-1.4

    In intel_pmu_drain_pebs_nhm in arch/x86/events/intel/ds.c in the Linux kernel through 5.11.8 on some Haswell CPUs, userspace applications (such as perf-fuzzer) can cause a system crash because the PEBS status in a PEBS record is mishandled, aka CID-d88d05a9e0b6.

  • CVE-2020-25639Mar 4, 2021
    affected < 5.14.6-1.4fixed 5.14.6-1.4

    A NULL pointer dereference flaw was found in the Linux kernel's GPU Nouveau driver functionality in versions prior to 5.12-rc1 in the way the user calls ioctl DRM_IOCTL_NOUVEAU_CHANNEL_ALLOC. This flaw allows a local user to crash the system.

  • CVE-2021-26708Feb 5, 2021
    affected < 5.14.6-1.4fixed 5.14.6-1.4

    A local privilege escalation was discovered in the Linux kernel before 5.10.13. Multiple race conditions in the AF_VSOCK implementation are caused by wrong locking in net/vmw_vsock/af_vsock.c. The race conditions were implicitly introduced in the commits that added VSOCK multi-tr

  • CVE-2020-29660Dec 9, 2020
    affected < 5.14.6-1.4fixed 5.14.6-1.4

    A locking inconsistency issue was discovered in the tty subsystem of the Linux kernel through 5.9.13. drivers/tty/tty_io.c and drivers/tty/tty_jobctrl.c may allow a read-after-free attack against TIOCGSID, aka CID-c8bcd9c5be24.

  • CVE-2020-29661Dec 9, 2020
    affected < 5.14.6-1.4fixed 5.14.6-1.4

    A locking issue was discovered in the tty subsystem of the Linux kernel through 5.9.13. drivers/tty/tty_jobctrl.c allows a use-after-free attack against TIOCSPGRP, aka CID-54ffccbf053b.

Page 63 of 72