rpm package
suse/kernel-default&distro=SUSE Linux Enterprise High Availability Extension 15 SP2
pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20High%20Availability%20Extension%2015%20SP2
Vulnerabilities (997)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2022-1974 | Med | 4.1 | < 5.3.18-150200.24.115.1 | 5.3.18-150200.24.115.1 | Aug 31, 2022 | A use-after-free flaw was found in the Linux kernel's NFC core functionality due to a race condition between kobject creation and delete. This vulnerability allows a local attacker with CAP_NET_ADMIN privilege to leak kernel information. | |
| CVE-2022-1184 | Med | 5.5 | < 5.3.18-150200.24.115.1 | 5.3.18-150200.24.115.1 | Aug 29, 2022 | A use-after-free flaw was found in fs/ext4/namei.c:dx_insert_block() in the Linux kernel’s filesystem sub-component. This flaw allows a local attacker with a user privilege to cause a denial of service. | |
| CVE-2022-1016 | Med | 5.5 | < 5.3.18-150200.24.112.1 | 5.3.18-150200.24.112.1 | Aug 29, 2022 | A flaw was found in the Linux kernel in net/netfilter/nf_tables_core.c:nft_do_chain, which can cause a use-after-free. This issue needs to handle 'return' with proper preconditions, as it can lead to a kernel information leak problem caused by a local, unprivileged attacker. | |
| CVE-2022-0850 | Hig | 7.1 | < 5.3.18-150200.24.112.1 | 5.3.18-150200.24.112.1 | Aug 29, 2022 | A vulnerability was found in linux kernel, where an information leak occurs via ext4_extent_header to userspace. | |
| CVE-2022-0168 | Med | 4.4 | < 5.3.18-150200.24.115.1 | 5.3.18-150200.24.115.1 | Aug 26, 2022 | A denial of service (DOS) issue was found in the Linux kernel’s smb2_ioctl_query_info function in the fs/cifs/smb2ops.c Common Internet File System (CIFS) due to an incorrect return from the memdup_user function. This flaw allows a local, privileged (CAP_SYS_ADMIN) attacker to cr | |
| CVE-2021-3669 | Med | 5.5 | < 5.3.18-24.86.2 | 5.3.18-24.86.2 | Aug 26, 2022 | A flaw was found in the Linux kernel. Measuring usage of the shared memory does not scale with large shared memory segment counts which could lead to resource exhaustion and DoS. | |
| CVE-2022-2978 | Hig | 7.8 | < 5.3.18-150200.24.139.1 | 5.3.18-150200.24.139.1 | Aug 24, 2022 | A flaw use after free in the Linux kernel NILFS file system was found in the way user triggers function security_inode_alloc to fail with following call to function nilfs_mdt_destroy. A local user could use this flaw to crash the system or potentially escalate their privileges on | |
| CVE-2021-4155 | Med | 5.5 | < 5.3.18-150200.24.129.1 | 5.3.18-150200.24.129.1 | Aug 24, 2022 | A data leak flaw was found in the way XFS_IOC_ALLOCSP IOCTL in the XFS filesystem allowed for size increase of files with unaligned size. A local attacker could use this flaw to leak data on the XFS filesystem otherwise not accessible to them. | |
| CVE-2021-4037 | Hig | 7.8 | < 5.3.18-150200.24.139.1 | 5.3.18-150200.24.139.1 | Aug 24, 2022 | A vulnerability was found in the fs/inode.c:inode_init_owner() function logic of the LInux kernel that allows local users to create files for the XFS file-system with an unintended group ownership and with group execution and SGID permission bits set, in a scenario where a direct | |
| CVE-2022-2938 | Hig | 7.8 | < 5.3.18-150200.24.197.1 | 5.3.18-150200.24.197.1 | Aug 23, 2022 | A flaw was found in the Linux kernel's implementation of Pressure Stall Information. While the feature is disabled by default, it could allow an attacker to crash the system or have other memory-corruption side effects. | |
| CVE-2021-3764 | Med | 5.5 | < 5.3.18-24.86.2 | 5.3.18-24.86.2 | Aug 23, 2022 | A memory leak flaw was found in the Linux kernel's ccp_run_aes_gcm_cmd() function that allows an attacker to cause a denial of service. The vulnerability is similar to the older CVE-2019-18808. The highest threat from this vulnerability is to system availability. | |
| CVE-2021-3759 | Med | 5.5 | < 5.3.18-24.83.2 | 5.3.18-24.83.2 | Aug 23, 2022 | A memory overflow vulnerability was found in the Linux kernel’s ipc functionality of the memcg subsystem, in the way a user calls the semget function multiple times, creating semaphores. This flaw allows a local user to starve the resources, causing a denial of service. The highe | |
| CVE-2021-3659 | Med | 5.5 | < 5.3.18-24.78.1 | 5.3.18-24.78.1 | Aug 22, 2022 | A NULL pointer dereference flaw was found in the Linux kernel’s IEEE 802.15.4 wireless networking subsystem in the way the user closes the LR-WPAN connection. This flaw allows a local user to crash the system. The highest threat from this vulnerability is to system availability. | |
| CVE-2022-26373 | Med | 5.5 | < 5.3.18-150200.24.129.1 | 5.3.18-150200.24.129.1 | Aug 18, 2022 | Non-transparent sharing of return predictor targets between contexts in some Intel(R) Processors may allow an authorized user to potentially enable information disclosure via local access. | |
| CVE-2022-2503 | Med | 6.9 | < 5.3.18-150200.24.134.1 | 5.3.18-150200.24.134.1 | Aug 12, 2022 | Dm-verity is used for extending root-of-trust to root filesystems. LoadPin builds on this property to restrict module/firmware loads to just the trusted root filesystem. Device-mapper table reloads currently allow users with root privileges to switch out the target with an equiva | |
| CVE-2022-20369 | Med | 6.7 | < 5.3.18-150200.24.129.1 | 5.3.18-150200.24.129.1 | Aug 11, 2022 | In v4l2_m2m_querybuf of v4l2-mem2mem.c, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: An | |
| CVE-2022-20368 | Hig | 7.8 | < 5.3.18-150200.24.129.1 | 5.3.18-150200.24.129.1 | Aug 11, 2022 | Product: AndroidVersions: Android kernelAndroid ID: A-224546354References: Upstream kernel | |
| CVE-2022-1158 | Hig | 7.8 | < 5.3.18-150200.24.115.1 | 5.3.18-150200.24.115.1 | Aug 5, 2022 | A flaw was found in KVM. When updating a guest's page table entry, vm_pgoff was improperly used as the offset to get the page's pfn. As vaddr and vm_pgoff are controllable by user-mode processes, this flaw allows unprivileged local users on the host to write outside the userspace | |
| CVE-2022-1012 | Hig | 8.2 | < 5.3.18-150200.24.129.1 | 5.3.18-150200.24.129.1 | Aug 5, 2022 | A memory leak problem was found in the TCP source port generation algorithm in net/ipv4/tcp.c due to the small table perturb size. This flaw may allow an attacker to information leak and may cause a denial of service problem. | |
| CVE-2022-36946 | Hig | 7.5 | < 5.3.18-150200.24.126.1 | 5.3.18-150200.24.126.1 | Jul 27, 2022 | nfqnl_mangle in net/netfilter/nfnetlink_queue.c in the Linux kernel through 5.18.14 allows remote attackers to cause a denial of service (panic) because, in the case of an nf_queue verdict with a one-byte nfta_payload attribute, an skb_pull can encounter a negative skb->len. |
- affected < 5.3.18-150200.24.115.1fixed 5.3.18-150200.24.115.1
A use-after-free flaw was found in the Linux kernel's NFC core functionality due to a race condition between kobject creation and delete. This vulnerability allows a local attacker with CAP_NET_ADMIN privilege to leak kernel information.
- affected < 5.3.18-150200.24.115.1fixed 5.3.18-150200.24.115.1
A use-after-free flaw was found in fs/ext4/namei.c:dx_insert_block() in the Linux kernel’s filesystem sub-component. This flaw allows a local attacker with a user privilege to cause a denial of service.
- affected < 5.3.18-150200.24.112.1fixed 5.3.18-150200.24.112.1
A flaw was found in the Linux kernel in net/netfilter/nf_tables_core.c:nft_do_chain, which can cause a use-after-free. This issue needs to handle 'return' with proper preconditions, as it can lead to a kernel information leak problem caused by a local, unprivileged attacker.
- affected < 5.3.18-150200.24.112.1fixed 5.3.18-150200.24.112.1
A vulnerability was found in linux kernel, where an information leak occurs via ext4_extent_header to userspace.
- affected < 5.3.18-150200.24.115.1fixed 5.3.18-150200.24.115.1
A denial of service (DOS) issue was found in the Linux kernel’s smb2_ioctl_query_info function in the fs/cifs/smb2ops.c Common Internet File System (CIFS) due to an incorrect return from the memdup_user function. This flaw allows a local, privileged (CAP_SYS_ADMIN) attacker to cr
- affected < 5.3.18-24.86.2fixed 5.3.18-24.86.2
A flaw was found in the Linux kernel. Measuring usage of the shared memory does not scale with large shared memory segment counts which could lead to resource exhaustion and DoS.
- affected < 5.3.18-150200.24.139.1fixed 5.3.18-150200.24.139.1
A flaw use after free in the Linux kernel NILFS file system was found in the way user triggers function security_inode_alloc to fail with following call to function nilfs_mdt_destroy. A local user could use this flaw to crash the system or potentially escalate their privileges on
- affected < 5.3.18-150200.24.129.1fixed 5.3.18-150200.24.129.1
A data leak flaw was found in the way XFS_IOC_ALLOCSP IOCTL in the XFS filesystem allowed for size increase of files with unaligned size. A local attacker could use this flaw to leak data on the XFS filesystem otherwise not accessible to them.
- affected < 5.3.18-150200.24.139.1fixed 5.3.18-150200.24.139.1
A vulnerability was found in the fs/inode.c:inode_init_owner() function logic of the LInux kernel that allows local users to create files for the XFS file-system with an unintended group ownership and with group execution and SGID permission bits set, in a scenario where a direct
- affected < 5.3.18-150200.24.197.1fixed 5.3.18-150200.24.197.1
A flaw was found in the Linux kernel's implementation of Pressure Stall Information. While the feature is disabled by default, it could allow an attacker to crash the system or have other memory-corruption side effects.
- affected < 5.3.18-24.86.2fixed 5.3.18-24.86.2
A memory leak flaw was found in the Linux kernel's ccp_run_aes_gcm_cmd() function that allows an attacker to cause a denial of service. The vulnerability is similar to the older CVE-2019-18808. The highest threat from this vulnerability is to system availability.
- affected < 5.3.18-24.83.2fixed 5.3.18-24.83.2
A memory overflow vulnerability was found in the Linux kernel’s ipc functionality of the memcg subsystem, in the way a user calls the semget function multiple times, creating semaphores. This flaw allows a local user to starve the resources, causing a denial of service. The highe
- affected < 5.3.18-24.78.1fixed 5.3.18-24.78.1
A NULL pointer dereference flaw was found in the Linux kernel’s IEEE 802.15.4 wireless networking subsystem in the way the user closes the LR-WPAN connection. This flaw allows a local user to crash the system. The highest threat from this vulnerability is to system availability.
- affected < 5.3.18-150200.24.129.1fixed 5.3.18-150200.24.129.1
Non-transparent sharing of return predictor targets between contexts in some Intel(R) Processors may allow an authorized user to potentially enable information disclosure via local access.
- affected < 5.3.18-150200.24.134.1fixed 5.3.18-150200.24.134.1
Dm-verity is used for extending root-of-trust to root filesystems. LoadPin builds on this property to restrict module/firmware loads to just the trusted root filesystem. Device-mapper table reloads currently allow users with root privileges to switch out the target with an equiva
- affected < 5.3.18-150200.24.129.1fixed 5.3.18-150200.24.129.1
In v4l2_m2m_querybuf of v4l2-mem2mem.c, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: An
- affected < 5.3.18-150200.24.129.1fixed 5.3.18-150200.24.129.1
Product: AndroidVersions: Android kernelAndroid ID: A-224546354References: Upstream kernel
- affected < 5.3.18-150200.24.115.1fixed 5.3.18-150200.24.115.1
A flaw was found in KVM. When updating a guest's page table entry, vm_pgoff was improperly used as the offset to get the page's pfn. As vaddr and vm_pgoff are controllable by user-mode processes, this flaw allows unprivileged local users on the host to write outside the userspace
- affected < 5.3.18-150200.24.129.1fixed 5.3.18-150200.24.129.1
A memory leak problem was found in the TCP source port generation algorithm in net/ipv4/tcp.c due to the small table perturb size. This flaw may allow an attacker to information leak and may cause a denial of service problem.
- affected < 5.3.18-150200.24.126.1fixed 5.3.18-150200.24.126.1
nfqnl_mangle in net/netfilter/nfnetlink_queue.c in the Linux kernel through 5.18.14 allows remote attackers to cause a denial of service (panic) because, in the case of an nf_queue verdict with a one-byte nfta_payload attribute, an skb_pull can encounter a negative skb->len.
Page 35 of 50