rpm package
suse/kernel-azure&distro=SUSE Linux Enterprise Server 12 SP5
pkg:rpm/suse/kernel-azure&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP5
Vulnerabilities (1,481)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2020-25284 | — | < 4.12.14-16.31.1 | 4.12.14-16.31.1 | Sep 13, 2020 | The rbd block device driver in drivers/block/rbd.c in the Linux kernel through 5.8.9 used incomplete permission checking for access to rbd devices, which could be leveraged by local attackers to map or unmap rbd block devices, aka CID-f44d04e696fe. | ||
| CVE-2020-25285 | — | < 4.12.14-16.34.1 | 4.12.14-16.34.1 | Sep 13, 2020 | A race condition between hugetlb sysctl handlers in mm/hugetlb.c in the Linux kernel before 5.8.8 could be used by local attackers to corrupt memory, cause a NULL pointer dereference, or possibly have unspecified other impact, aka CID-17743798d812. | ||
| CVE-2020-10773 | — | < 4.12.14-16.22.1 | 4.12.14-16.22.1 | Sep 10, 2020 | A stack information leak flaw was found in s390/s390x in the Linux kernel’s memory manager functionality, where it incorrectly writes to the /proc/sys/vm/cmm_timeout file. This flaw allows a local user to see the kernel data. | ||
| CVE-2020-25212 | — | < 4.12.14-16.31.1 | 4.12.14-16.31.1 | Sep 9, 2020 | A TOCTOU mismatch in the NFS client code in the Linux kernel before 5.8.3 could be used by local attackers to corrupt memory or possibly have unspecified other impact because a size check is in fs/nfs/nfs4proc.c instead of fs/nfs/nfs4xdr.c, aka CID-b4487b935452. | ||
| CVE-2020-1749 | — | < 4.12.14-16.25.1 | 4.12.14-16.25.1 | Sep 9, 2020 | A flaw was found in the Linux kernel's implementation of some networking protocols in IPsec, such as VXLAN and GENEVE tunnels over IPv6. When an encrypted tunnel is created between two hosts, the kernel isn't correctly routing tunneled data over the encrypted link; rather sending | ||
| CVE-2020-3702 | — | < 4.12.14-16.76.2 | 4.12.14-16.76.2 | Sep 8, 2020 | u'Specifically timed and handcrafted traffic can cause internal errors in a WLAN device that lead to improper layer 2 Wi-Fi encryption with a consequent possibility of information disclosure over the air for a discrete set of traffic' in Snapdragon Auto, Snapdragon Compute, Snapd | ||
| CVE-2020-10720 | — | < 4.12.14-16.16.1 | 4.12.14-16.16.1 | Sep 3, 2020 | A flaw was found in the Linux kernel's implementation of GRO in versions before 5.2. This flaw allows an attacker with local access to crash the system. | ||
| CVE-2020-14356 | — | < 4.12.14-16.25.1 | 4.12.14-16.25.1 | Aug 19, 2020 | A flaw null pointer dereference in the Linux kernel cgroupv2 subsystem in versions before 5.7.10 was found in the way when reboot the system. A local user could use this flaw to crash the system or escalate their privileges on the system. | ||
| CVE-2020-24394 | — | < 4.12.14-16.25.1 | 4.12.14-16.25.1 | Aug 19, 2020 | In the Linux kernel before 5.7.8, fs/nfsd/vfs.c (in the NFS server) can set incorrect permissions on new filesystem objects when the filesystem lacks ACL support, aka CID-22cf8419f131. This occurs because the current umask is not considered. | ||
| CVE-2020-16166 | — | < 4.12.14-16.25.1 | 4.12.14-16.25.1 | Jul 30, 2020 | The Linux kernel through 5.7.11 allows remote attackers to make observations that help to obtain sensitive information about the internal state of the network RNG, aka CID-f227e3ec3b5c. This is related to drivers/char/random.c and kernel/time/timer.c. | ||
| CVE-2020-0305 | — | < 4.12.14-16.22.1 | 4.12.14-16.22.1 | Jul 17, 2020 | In cdev_get of char_dev.c, there is a possible use-after-free due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-15346 | ||
| CVE-2019-20908 | — | < 4.12.14-16.22.1 | 4.12.14-16.22.1 | Jul 15, 2020 | An issue was discovered in drivers/firmware/efi/efi.c in the Linux kernel before 5.4. Incorrect access permissions for the efivar_ssdt ACPI variable could be used by attackers to bypass lockdown or secure boot restrictions, aka CID-1957a85b0032. | ||
| CVE-2020-15780 | — | < 4.12.14-16.22.1 | 4.12.14-16.22.1 | Jul 15, 2020 | An issue was discovered in drivers/acpi/acpi_configfs.c in the Linux kernel before 5.7.7. Injection of malicious ACPI tables via configfs could be used by attackers to bypass lockdown and secure boot restrictions, aka CID-75b0cea7bf30. | ||
| CVE-2019-19338 | — | < 4.12.14-16.7.1 | 4.12.14-16.7.1 | Jul 13, 2020 | A flaw was found in the fix for CVE-2019-11135, in the Linux upstream kernel versions before 5.5 where, the way Intel CPUs handle speculative execution of instructions when a TSX Asynchronous Abort (TAA) error occurs. When a guest is running on a host CPU affected by the TAA flaw | ||
| CVE-2020-15393 | — | < 4.12.14-16.22.1 | 4.12.14-16.22.1 | Jun 29, 2020 | In the Linux kernel 4.4 through 5.7.6, usbtest_disconnect in drivers/usb/misc/usbtest.c has a memory leak, aka CID-28ebeb8db770. | ||
| CVE-2020-10769 | — | < 4.12.14-16.22.1 | 4.12.14-16.22.1 | Jun 26, 2020 | A buffer over-read flaw was found in RH kernel versions before 5.0 in crypto_authenc_extractkeys in crypto/authenc.c in the IPsec Cryptographic algorithm's module, authenc. When a payload longer than 4 bytes, and is not following 4-byte alignment boundary guidelines, it causes a | ||
| CVE-2020-14416 | — | < 4.12.14-16.22.1 | 4.12.14-16.22.1 | Jun 18, 2020 | In the Linux kernel before 5.4.16, a race condition in tty->disc_data handling in the slip and slcan line discipline could lead to a use-after-free, aka CID-0ace17d56824. This affects drivers/net/slip/slip.c and drivers/net/can/slcan.c. | ||
| CVE-2020-0543 | — | < 4.12.14-16.16.1 | 4.12.14-16.16.1 | Jun 15, 2020 | Incomplete cleanup from specific special register read operations in some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access. | ||
| CVE-2020-10732 | — | < 4.12.14-16.16.1 | 4.12.14-16.16.1 | Jun 12, 2020 | A flaw was found in the Linux kernel's implementation of Userspace core dumps. This flaw allows an attacker with a local account to crash a trivial program and exfiltrate private kernel data. | ||
| CVE-2020-10757 | — | < 4.12.14-16.16.1 | 4.12.14-16.16.1 | Jun 9, 2020 | A flaw was found in the Linux Kernel in versions after 4.5-rc1 in the way mremap handled DAX Huge Pages. This flaw allows a local attacker with access to a DAX enabled storage to escalate their privileges on the system. |
- CVE-2020-25284Sep 13, 2020affected < 4.12.14-16.31.1fixed 4.12.14-16.31.1
The rbd block device driver in drivers/block/rbd.c in the Linux kernel through 5.8.9 used incomplete permission checking for access to rbd devices, which could be leveraged by local attackers to map or unmap rbd block devices, aka CID-f44d04e696fe.
- CVE-2020-25285Sep 13, 2020affected < 4.12.14-16.34.1fixed 4.12.14-16.34.1
A race condition between hugetlb sysctl handlers in mm/hugetlb.c in the Linux kernel before 5.8.8 could be used by local attackers to corrupt memory, cause a NULL pointer dereference, or possibly have unspecified other impact, aka CID-17743798d812.
- CVE-2020-10773Sep 10, 2020affected < 4.12.14-16.22.1fixed 4.12.14-16.22.1
A stack information leak flaw was found in s390/s390x in the Linux kernel’s memory manager functionality, where it incorrectly writes to the /proc/sys/vm/cmm_timeout file. This flaw allows a local user to see the kernel data.
- CVE-2020-25212Sep 9, 2020affected < 4.12.14-16.31.1fixed 4.12.14-16.31.1
A TOCTOU mismatch in the NFS client code in the Linux kernel before 5.8.3 could be used by local attackers to corrupt memory or possibly have unspecified other impact because a size check is in fs/nfs/nfs4proc.c instead of fs/nfs/nfs4xdr.c, aka CID-b4487b935452.
- CVE-2020-1749Sep 9, 2020affected < 4.12.14-16.25.1fixed 4.12.14-16.25.1
A flaw was found in the Linux kernel's implementation of some networking protocols in IPsec, such as VXLAN and GENEVE tunnels over IPv6. When an encrypted tunnel is created between two hosts, the kernel isn't correctly routing tunneled data over the encrypted link; rather sending
- CVE-2020-3702Sep 8, 2020affected < 4.12.14-16.76.2fixed 4.12.14-16.76.2
u'Specifically timed and handcrafted traffic can cause internal errors in a WLAN device that lead to improper layer 2 Wi-Fi encryption with a consequent possibility of information disclosure over the air for a discrete set of traffic' in Snapdragon Auto, Snapdragon Compute, Snapd
- CVE-2020-10720Sep 3, 2020affected < 4.12.14-16.16.1fixed 4.12.14-16.16.1
A flaw was found in the Linux kernel's implementation of GRO in versions before 5.2. This flaw allows an attacker with local access to crash the system.
- CVE-2020-14356Aug 19, 2020affected < 4.12.14-16.25.1fixed 4.12.14-16.25.1
A flaw null pointer dereference in the Linux kernel cgroupv2 subsystem in versions before 5.7.10 was found in the way when reboot the system. A local user could use this flaw to crash the system or escalate their privileges on the system.
- CVE-2020-24394Aug 19, 2020affected < 4.12.14-16.25.1fixed 4.12.14-16.25.1
In the Linux kernel before 5.7.8, fs/nfsd/vfs.c (in the NFS server) can set incorrect permissions on new filesystem objects when the filesystem lacks ACL support, aka CID-22cf8419f131. This occurs because the current umask is not considered.
- CVE-2020-16166Jul 30, 2020affected < 4.12.14-16.25.1fixed 4.12.14-16.25.1
The Linux kernel through 5.7.11 allows remote attackers to make observations that help to obtain sensitive information about the internal state of the network RNG, aka CID-f227e3ec3b5c. This is related to drivers/char/random.c and kernel/time/timer.c.
- CVE-2020-0305Jul 17, 2020affected < 4.12.14-16.22.1fixed 4.12.14-16.22.1
In cdev_get of char_dev.c, there is a possible use-after-free due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-15346
- CVE-2019-20908Jul 15, 2020affected < 4.12.14-16.22.1fixed 4.12.14-16.22.1
An issue was discovered in drivers/firmware/efi/efi.c in the Linux kernel before 5.4. Incorrect access permissions for the efivar_ssdt ACPI variable could be used by attackers to bypass lockdown or secure boot restrictions, aka CID-1957a85b0032.
- CVE-2020-15780Jul 15, 2020affected < 4.12.14-16.22.1fixed 4.12.14-16.22.1
An issue was discovered in drivers/acpi/acpi_configfs.c in the Linux kernel before 5.7.7. Injection of malicious ACPI tables via configfs could be used by attackers to bypass lockdown and secure boot restrictions, aka CID-75b0cea7bf30.
- CVE-2019-19338Jul 13, 2020affected < 4.12.14-16.7.1fixed 4.12.14-16.7.1
A flaw was found in the fix for CVE-2019-11135, in the Linux upstream kernel versions before 5.5 where, the way Intel CPUs handle speculative execution of instructions when a TSX Asynchronous Abort (TAA) error occurs. When a guest is running on a host CPU affected by the TAA flaw
- CVE-2020-15393Jun 29, 2020affected < 4.12.14-16.22.1fixed 4.12.14-16.22.1
In the Linux kernel 4.4 through 5.7.6, usbtest_disconnect in drivers/usb/misc/usbtest.c has a memory leak, aka CID-28ebeb8db770.
- CVE-2020-10769Jun 26, 2020affected < 4.12.14-16.22.1fixed 4.12.14-16.22.1
A buffer over-read flaw was found in RH kernel versions before 5.0 in crypto_authenc_extractkeys in crypto/authenc.c in the IPsec Cryptographic algorithm's module, authenc. When a payload longer than 4 bytes, and is not following 4-byte alignment boundary guidelines, it causes a
- CVE-2020-14416Jun 18, 2020affected < 4.12.14-16.22.1fixed 4.12.14-16.22.1
In the Linux kernel before 5.4.16, a race condition in tty->disc_data handling in the slip and slcan line discipline could lead to a use-after-free, aka CID-0ace17d56824. This affects drivers/net/slip/slip.c and drivers/net/can/slcan.c.
- CVE-2020-0543Jun 15, 2020affected < 4.12.14-16.16.1fixed 4.12.14-16.16.1
Incomplete cleanup from specific special register read operations in some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.
- CVE-2020-10732Jun 12, 2020affected < 4.12.14-16.16.1fixed 4.12.14-16.16.1
A flaw was found in the Linux kernel's implementation of Userspace core dumps. This flaw allows an attacker with a local account to crash a trivial program and exfiltrate private kernel data.
- CVE-2020-10757Jun 9, 2020affected < 4.12.14-16.16.1fixed 4.12.14-16.16.1
A flaw was found in the Linux Kernel in versions after 4.5-rc1 in the way mremap handled DAX Huge Pages. This flaw allows a local attacker with access to a DAX enabled storage to escalate their privileges on the system.
Page 67 of 75