rpm package
suse/kernel-64kb&distro=SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS
pkg:rpm/suse/kernel-64kb&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP3-LTSS
Vulnerabilities (1,350)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2021-0129 | — | < 5.3.18-150300.59.170.1 | 5.3.18-150300.59.170.1 | Jun 9, 2021 | Improper access control in BlueZ may allow an authenticated user to potentially enable information disclosure via adjacent access. | ||
| CVE-2020-26555 | — | < 5.3.18-150300.59.147.2 | 5.3.18-150300.59.147.2 | May 24, 2021 | Bluetooth legacy BR/EDR PIN code pairing in Bluetooth Core Specification 1.0B through 5.2 may permit an unauthenticated nearby device to spoof the BD_ADDR of the peer device to complete pairing without knowledge of the PIN. | ||
| CVE-2020-26558 | — | < 5.3.18-150300.59.170.1 | 5.3.18-150300.59.170.1 | May 24, 2021 | Bluetooth LE and BR/EDR secure pairing in Bluetooth Core Specification 2.1 through 5.2 may permit a nearby man-in-the-middle attacker to identify the Passkey used during pairing (in the Passkey authentication procedure) by reflection of the public key and the authentication evide | ||
| CVE-2021-23134 | — | < 5.3.18-150300.59.158.1 | 5.3.18-150300.59.158.1 | May 12, 2021 | Use After Free vulnerability in nfc sockets in the Linux Kernel before 5.12.4 allows local attackers to elevate their privileges. In typical configurations, the issue can only be triggered by a privileged local user with the CAP_NET_RAW capability. | ||
| CVE-2021-32399 | — | < 5.3.18-150300.59.207.1 | 5.3.18-150300.59.207.1 | May 10, 2021 | net/bluetooth/hci_request.c in the Linux kernel through 5.12.2 has a race condition for removal of the HCI controller. | ||
| CVE-2021-29155 | — | < 5.3.18-150300.59.158.1 | 5.3.18-150300.59.158.1 | Apr 20, 2021 | An issue was discovered in the Linux kernel through 5.11.x. kernel/bpf/verifier.c performs undesirable out-of-bounds speculation on pointer arithmetic, leading to side-channel attacks that defeat Spectre mitigations and obtain sensitive information from kernel memory. Specificall | ||
| CVE-2021-29650 | — | < 5.3.18-150300.59.124.1 | 5.3.18-150300.59.124.1 | Mar 30, 2021 | An issue was discovered in the Linux kernel before 5.11.11. The netfilter subsystem allows attackers to cause a denial of service (panic) because net/netfilter/x_tables.c and include/linux/netfilter/x_tables.h lack a full memory barrier upon the assignment of a new table value, a | ||
| CVE-2020-27835 | — | < 5.3.18-150300.59.201.1 | 5.3.18-150300.59.201.1 | Jan 7, 2021 | A use after free in the Linux kernel infiniband hfi1 driver in versions prior to 5.10-rc6 was found in the way user calls Ioctl after open dev file and fork. A local user could use this flaw to crash the system. | ||
| CVE-2019-19083 | — | < 5.3.18-150300.59.109.1 | 5.3.18-150300.59.109.1 | Nov 18, 2019 | Memory leaks in *clock_source_create() functions under drivers/gpu/drm/amd/display/dc in the Linux kernel before 5.3.8 allow attackers to cause a denial of service (memory consumption). This affects the dce112_clock_source_create() function in drivers/gpu/drm/amd/display/dc/dce11 | ||
| CVE-2017-5753 | — | < 5.3.18-150300.59.118.1 | 5.3.18-150300.59.118.1 | Jan 4, 2018 | Systems with microprocessors utilizing speculative execution and branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis. |
- CVE-2021-0129Jun 9, 2021affected < 5.3.18-150300.59.170.1fixed 5.3.18-150300.59.170.1
Improper access control in BlueZ may allow an authenticated user to potentially enable information disclosure via adjacent access.
- CVE-2020-26555May 24, 2021affected < 5.3.18-150300.59.147.2fixed 5.3.18-150300.59.147.2
Bluetooth legacy BR/EDR PIN code pairing in Bluetooth Core Specification 1.0B through 5.2 may permit an unauthenticated nearby device to spoof the BD_ADDR of the peer device to complete pairing without knowledge of the PIN.
- CVE-2020-26558May 24, 2021affected < 5.3.18-150300.59.170.1fixed 5.3.18-150300.59.170.1
Bluetooth LE and BR/EDR secure pairing in Bluetooth Core Specification 2.1 through 5.2 may permit a nearby man-in-the-middle attacker to identify the Passkey used during pairing (in the Passkey authentication procedure) by reflection of the public key and the authentication evide
- CVE-2021-23134May 12, 2021affected < 5.3.18-150300.59.158.1fixed 5.3.18-150300.59.158.1
Use After Free vulnerability in nfc sockets in the Linux Kernel before 5.12.4 allows local attackers to elevate their privileges. In typical configurations, the issue can only be triggered by a privileged local user with the CAP_NET_RAW capability.
- CVE-2021-32399May 10, 2021affected < 5.3.18-150300.59.207.1fixed 5.3.18-150300.59.207.1
net/bluetooth/hci_request.c in the Linux kernel through 5.12.2 has a race condition for removal of the HCI controller.
- CVE-2021-29155Apr 20, 2021affected < 5.3.18-150300.59.158.1fixed 5.3.18-150300.59.158.1
An issue was discovered in the Linux kernel through 5.11.x. kernel/bpf/verifier.c performs undesirable out-of-bounds speculation on pointer arithmetic, leading to side-channel attacks that defeat Spectre mitigations and obtain sensitive information from kernel memory. Specificall
- CVE-2021-29650Mar 30, 2021affected < 5.3.18-150300.59.124.1fixed 5.3.18-150300.59.124.1
An issue was discovered in the Linux kernel before 5.11.11. The netfilter subsystem allows attackers to cause a denial of service (panic) because net/netfilter/x_tables.c and include/linux/netfilter/x_tables.h lack a full memory barrier upon the assignment of a new table value, a
- CVE-2020-27835Jan 7, 2021affected < 5.3.18-150300.59.201.1fixed 5.3.18-150300.59.201.1
A use after free in the Linux kernel infiniband hfi1 driver in versions prior to 5.10-rc6 was found in the way user calls Ioctl after open dev file and fork. A local user could use this flaw to crash the system.
- CVE-2019-19083Nov 18, 2019affected < 5.3.18-150300.59.109.1fixed 5.3.18-150300.59.109.1
Memory leaks in *clock_source_create() functions under drivers/gpu/drm/amd/display/dc in the Linux kernel before 5.3.8 allow attackers to cause a denial of service (memory consumption). This affects the dce112_clock_source_create() function in drivers/gpu/drm/amd/display/dc/dce11
- CVE-2017-5753Jan 4, 2018affected < 5.3.18-150300.59.118.1fixed 5.3.18-150300.59.118.1
Systems with microprocessors utilizing speculative execution and branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis.
Page 68 of 68