rpm package

opensuse/kernel-vanilla&distro=openSUSE Leap 15.4

pkg:rpm/opensuse/kernel-vanilla&distro=openSUSE%20Leap%2015.4

Vulnerabilities (213)

CVE	Sev	CVSS	Affected versions	Fixed in	Published	Description
CVE-2021-26341		—	< 4.12.14-150100.197.117.1	4.12.14-150100.197.117.1	Mar 11, 2022	Some AMD CPUs may transiently execute beyond unconditional direct branches, which may potentially result in data leakage.
CVE-2020-36516		—	< 4.12.14-150100.197.123.1	4.12.14-150100.197.123.1	Feb 26, 2022	An issue was discovered in the Linux kernel through 5.16.11. The mixed IPID assignment method with the hash-based IPID assignment policy allows an off-path attacker to inject data into a victim's TCP session or terminate that session.
CVE-2021-20321		—	< 4.12.14-150100.197.114.2	4.12.14-150100.197.114.2	Feb 18, 2022	A race condition accessing file object in the Linux kernel OverlayFS subsystem was found in the way users do rename in specific way with OverlayFS. A local user could use this flaw to crash the system.
CVE-2021-33061		—	< 4.12.14-150100.197.114.2	4.12.14-150100.197.114.2	Feb 9, 2022	Insufficient control flow management for the Intel(R) 82599 Ethernet Controllers and Adapters may allow an authenticated user to potentially enable denial of service via local access.
CVE-2021-43389		—	< 4.12.14-150100.197.114.2	4.12.14-150100.197.114.2	Nov 4, 2021	An issue was discovered in the Linux kernel before 5.14.15. There is an array-index-out-of-bounds flaw in the detach_capi_ctr function in drivers/isdn/capi/kcapi.c.
CVE-2021-38208		—	< 4.12.14-150100.197.114.2	4.12.14-150100.197.114.2	Aug 8, 2021	net/nfc/llcp_sock.c in the Linux kernel before 5.12.10 allows local unprivileged users to cause a denial of service (NULL pointer dereference and BUG) by making a getsockname call after a certain type of failure of a bind call.
CVE-2021-20292		—	< 4.12.14-150100.197.114.2	4.12.14-150100.197.114.2	May 28, 2021	There is a flaw reported in the Linux kernel in versions before 5.9 in drivers/gpu/drm/nouveau/nouveau_sgdma.c in nouveau_sgdma_create_ttm in Nouveau DRM subsystem. The issue results from the lack of validating the existence of an object prior to performing operations on the obje
CVE-2020-26541		—	< 4.12.14-150100.197.114.2	4.12.14-150100.197.114.2	Oct 2, 2020	The Linux kernel through 5.8.13 does not properly enforce the Secure Boot Forbidden Signature Database (aka dbx) protection mechanism. This affects certs/blacklist.c and certs/system_keyring.c.
CVE-2019-20811		—	< 4.12.14-150100.197.114.2	4.12.14-150100.197.114.2	Jun 3, 2020	An issue was discovered in the Linux kernel before 5.0.6. In rx_queue_add_kobject() and netdev_queue_add_kobject() in net/core/net-sysfs.c, a reference count is mishandled, aka CID-a3e23f719f5c.
CVE-2019-19377		—	< 4.12.14-150100.197.114.2	4.12.14-150100.197.114.2	Nov 29, 2019	In the Linux kernel 5.0.21, mounting a crafted btrfs filesystem image, performing some operations, and unmounting can lead to a use-after-free in btrfs_queue_work in fs/btrfs/async-thread.c.
CVE-2018-7755		—	< 4.12.14-150100.197.114.2	4.12.14-150100.197.114.2	Mar 8, 2018	An issue was discovered in the fd_locked_ioctl function in drivers/block/floppy.c in the Linux kernel through 4.15.7. The floppy driver will copy a kernel pointer to user memory in response to the FDGETPRM ioctl. An attacker can send the FDGETPRM ioctl and use the obtained kernel
CVE-2017-5753		—	< 4.12.14-150100.197.142.1	4.12.14-150100.197.142.1	Jan 4, 2018	Systems with microprocessors utilizing speculative execution and branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis.
CVE-2017-13695	Med	5.5	< 4.12.14-150100.197.114.2	4.12.14-150100.197.114.2	Aug 25, 2017	The acpi_ns_evaluate() function in drivers/acpi/acpica/nseval.c in the Linux kernel through 4.12.9 does not flush the operand cache and causes a kernel stack dump, which allows local users to obtain sensitive information from kernel memory and bypass the KASLR protection mechanis

CVE-2021-26341Mar 11, 2022
affected < 4.12.14-150100.197.117.1fixed 4.12.14-150100.197.117.1
Some AMD CPUs may transiently execute beyond unconditional direct branches, which may potentially result in data leakage.
CVE-2020-36516Feb 26, 2022
affected < 4.12.14-150100.197.123.1fixed 4.12.14-150100.197.123.1
An issue was discovered in the Linux kernel through 5.16.11. The mixed IPID assignment method with the hash-based IPID assignment policy allows an off-path attacker to inject data into a victim's TCP session or terminate that session.
CVE-2021-20321Feb 18, 2022
affected < 4.12.14-150100.197.114.2fixed 4.12.14-150100.197.114.2
A race condition accessing file object in the Linux kernel OverlayFS subsystem was found in the way users do rename in specific way with OverlayFS. A local user could use this flaw to crash the system.
CVE-2021-33061Feb 9, 2022
affected < 4.12.14-150100.197.114.2fixed 4.12.14-150100.197.114.2
Insufficient control flow management for the Intel(R) 82599 Ethernet Controllers and Adapters may allow an authenticated user to potentially enable denial of service via local access.
CVE-2021-43389Nov 4, 2021
affected < 4.12.14-150100.197.114.2fixed 4.12.14-150100.197.114.2
An issue was discovered in the Linux kernel before 5.14.15. There is an array-index-out-of-bounds flaw in the detach_capi_ctr function in drivers/isdn/capi/kcapi.c.
CVE-2021-38208Aug 8, 2021
affected < 4.12.14-150100.197.114.2fixed 4.12.14-150100.197.114.2
net/nfc/llcp_sock.c in the Linux kernel before 5.12.10 allows local unprivileged users to cause a denial of service (NULL pointer dereference and BUG) by making a getsockname call after a certain type of failure of a bind call.
CVE-2021-20292May 28, 2021
affected < 4.12.14-150100.197.114.2fixed 4.12.14-150100.197.114.2
There is a flaw reported in the Linux kernel in versions before 5.9 in drivers/gpu/drm/nouveau/nouveau_sgdma.c in nouveau_sgdma_create_ttm in Nouveau DRM subsystem. The issue results from the lack of validating the existence of an object prior to performing operations on the obje
CVE-2020-26541Oct 2, 2020
affected < 4.12.14-150100.197.114.2fixed 4.12.14-150100.197.114.2
The Linux kernel through 5.8.13 does not properly enforce the Secure Boot Forbidden Signature Database (aka dbx) protection mechanism. This affects certs/blacklist.c and certs/system_keyring.c.
CVE-2019-20811Jun 3, 2020
affected < 4.12.14-150100.197.114.2fixed 4.12.14-150100.197.114.2
An issue was discovered in the Linux kernel before 5.0.6. In rx_queue_add_kobject() and netdev_queue_add_kobject() in net/core/net-sysfs.c, a reference count is mishandled, aka CID-a3e23f719f5c.
CVE-2019-19377Nov 29, 2019
affected < 4.12.14-150100.197.114.2fixed 4.12.14-150100.197.114.2
In the Linux kernel 5.0.21, mounting a crafted btrfs filesystem image, performing some operations, and unmounting can lead to a use-after-free in btrfs_queue_work in fs/btrfs/async-thread.c.
CVE-2018-7755Mar 8, 2018
affected < 4.12.14-150100.197.114.2fixed 4.12.14-150100.197.114.2
An issue was discovered in the fd_locked_ioctl function in drivers/block/floppy.c in the Linux kernel through 4.15.7. The floppy driver will copy a kernel pointer to user memory in response to the FDGETPRM ioctl. An attacker can send the FDGETPRM ioctl and use the obtained kernel
CVE-2017-5753Jan 4, 2018
affected < 4.12.14-150100.197.142.1fixed 4.12.14-150100.197.142.1
Systems with microprocessors utilizing speculative execution and branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis.
CVE-2017-13695MedAug 25, 2017
affected < 4.12.14-150100.197.114.2fixed 4.12.14-150100.197.114.2
The acpi_ns_evaluate() function in drivers/acpi/acpica/nseval.c in the Linux kernel through 4.12.9 does not flush the operand cache and causes a kernel stack dump, which allows local users to obtain sensitive information from kernel memory and bypass the KASLR protection mechanis

Page 11 of 11