rpm package
suse/kernel-default&distro=SUSE Linux Enterprise High Availability Extension 15 SP2
pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20High%20Availability%20Extension%2015%20SP2
Vulnerabilities (997)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2020-36516 | Med | 5.9 | < 5.3.18-150200.24.129.1 | 5.3.18-150200.24.129.1 | Feb 26, 2022 | An issue was discovered in the Linux kernel through 5.16.11. The mixed IPID assignment method with the hash-based IPID assignment policy allows an off-path attacker to inject data into a victim's TCP session or terminate that session. | |
| CVE-2022-25375 | Med | 5.5 | < 5.3.18-24.107.1 | 5.3.18-24.107.1 | Feb 20, 2022 | An issue was discovered in drivers/usb/gadget/function/rndis.c in the Linux kernel before 5.16.10. The RNDIS USB gadget lacks validation of the size of the RNDIS_MSG_SET command. Attackers can obtain sensitive information from kernel memory. | |
| CVE-2021-20322 | Hig | 7.4 | < 5.3.18-24.96.1 | 5.3.18-24.96.1 | Feb 18, 2022 | A flaw in the processing of received ICMP errors (ICMP fragment needed and ICMP redirect) in the Linux kernel functionality was found to allow the ability to quickly scan open UDP ports. This flaw allows an off-path remote user to effectively bypass the source port UDP randomizat | |
| CVE-2021-20321 | Med | 4.7 | < 5.3.18-150200.24.115.1 | 5.3.18-150200.24.115.1 | Feb 18, 2022 | A race condition accessing file object in the Linux kernel OverlayFS subsystem was found in the way users do rename in specific way with OverlayFS. A local user could use this flaw to crash the system. | |
| CVE-2022-25258 | Med | 4.6 | < 5.3.18-24.107.1 | 5.3.18-24.107.1 | Feb 16, 2022 | An issue was discovered in drivers/usb/gadget/composite.c in the Linux kernel before 5.16.10. The USB Gadget subsystem lacks certain validation of interface OS descriptor requests (ones with a large array index and ones associated with NULL function pointer retrieval). Memory cor | |
| CVE-2021-3760 | Hig | 7.8 | < 5.3.18-24.93.1 | 5.3.18-24.93.1 | Feb 16, 2022 | A flaw was found in the Linux kernel. A use-after-free vulnerability in the NFC stack can lead to a threat to confidentiality, integrity, and system availability. | |
| CVE-2021-3753 | Med | 4.7 | < 5.3.18-24.83.2 | 5.3.18-24.83.2 | Feb 16, 2022 | A race problem was seen in the vt_k_ioctl in drivers/tty/vt/vt_ioctl.c in the Linux kernel, which may cause an out of bounds read in vt as the write access to vc_mode is not protected by lock-in vt_ioctl (KDSETMDE). The highest threat from this vulnerability is to data confidenti | |
| CVE-2021-3752 | Hig | 7.1 | < 5.3.18-24.86.2 | 5.3.18-24.86.2 | Feb 16, 2022 | A use-after-free flaw was found in the Linux kernel’s Bluetooth subsystem in the way user calls connect to the socket and disconnect simultaneously due to a race condition. This flaw allows a user to crash the system or escalate their privileges. The highest threat from this vuln | |
| CVE-2022-0617 | Med | 5.5 | < 5.3.18-24.107.1 | 5.3.18-24.107.1 | Feb 16, 2022 | A flaw null pointer dereference in the Linux kernel UDF file system functionality was found in the way user triggers udf_file_write_iter function for the malicious UDF image. A local user could use this flaw to crash the system. Actual from Linux kernel 4.2-rc1 till 5.17-rc2. | |
| CVE-2021-44879 | Med | 5.5 | < 5.3.18-24.107.1 | 5.3.18-24.107.1 | Feb 14, 2022 | In gc_data_segment in fs/f2fs/gc.c in the Linux kernel before 5.16.3, special files are not considered, leading to a move_data_page NULL pointer dereference. | |
| CVE-2022-0185 | Hig | 8.4 | KEV | < 5.3.18-24.99.1 | 5.3.18-24.99.1 | Feb 11, 2022 | A heap-based buffer overflow flaw was found in the way the legacy_parse_param function in the Filesystem Context functionality of the Linux kernel verified the supplied parameters length. An unprivileged (in case of unprivileged user namespaces enabled, otherwise needs namespaced |
| CVE-2022-24959 | Med | 5.5 | < 5.3.18-24.107.1 | 5.3.18-24.107.1 | Feb 11, 2022 | An issue was discovered in the Linux kernel before 5.16.5. There is a memory leak in yam_siocdevprivate in drivers/net/hamradio/yam.c. | |
| CVE-2022-24958 | Hig | 7.8 | < 5.3.18-24.107.1 | 5.3.18-24.107.1 | Feb 11, 2022 | drivers/usb/gadget/legacy/inode.c in the Linux kernel through 5.16.8 mishandles dev->buf release. | |
| CVE-2021-33061 | Med | 5.5 | < 5.3.18-150200.24.115.1 | 5.3.18-150200.24.115.1 | Feb 9, 2022 | Insufficient control flow management for the Intel(R) 82599 Ethernet Controllers and Adapters may allow an authenticated user to potentially enable denial of service via local access. | |
| CVE-2022-0487 | Med | 5.5 | < 5.3.18-24.107.1 | 5.3.18-24.107.1 | Feb 4, 2022 | A use-after-free vulnerability was found in rtsx_usb_ms_drv_remove in drivers/memstick/host/rtsx_usb_ms.c in memstick in the Linux kernel. In this flaw, a local attacker with a user privilege may impact system Confidentiality. This flaw affects kernel versions prior to 5.14 rc1. | |
| CVE-2022-24448 | Low | 3.3 | < 5.3.18-24.107.1 | 5.3.18-24.107.1 | Feb 4, 2022 | An issue was discovered in fs/nfs/dir.c in the Linux kernel before 5.16.5. If an application sets the O_DIRECTORY flag, and tries to open a regular file, nfs_atomic_open() performs a regular lookup. If a regular file is found, ENOTDIR should occur, but the server instead returns | |
| CVE-2021-22600 | Med | 6.6 | KEV | < 5.3.18-24.102.1 | 5.3.18-24.102.1 | Jan 26, 2022 | A double free bug in packet_set_ring() in net/packet/af_packet.c can be exploited by a local user through crafted syscalls to escalate privileges or deny service. We recommend upgrading kernel past the effected versions or rebuilding past ec6af094ea28f0f2dda1a6a33b14cd57e36a9755 |
| CVE-2021-4001 | Med | 4.1 | < 5.3.18-24.99.1 | 5.3.18-24.99.1 | Jan 21, 2022 | A race condition was found in the Linux kernel's ebpf verifier between bpf_map_update_elem and bpf_map_freeze due to a missing lock in kernel/bpf/syscall.c. In this flaw, a local user with a special privilege (cap_sys_admin or cap_bpf) can modify the frozen mapped address space. | |
| CVE-2021-4083 | Hig | 7.0 | < 5.3.18-24.99.1 | 5.3.18-24.99.1 | Jan 18, 2022 | A read-after-free memory flaw was found in the Linux kernel's garbage collection for Unix domain socket file handlers in the way users call close() and fget() simultaneously and can potentially trigger a race condition. This flaw allows a local user to crash the system or escalat | |
| CVE-2021-28715 | Med | 6.5 | < 5.3.18-24.99.1 | 5.3.18-24.99.1 | Jan 6, 2022 | Guest can force Linux netback driver to hog large amounts of kernel memory T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Incoming data packets for a guest in the Linux kernel's netback driver are b |
- affected < 5.3.18-150200.24.129.1fixed 5.3.18-150200.24.129.1
An issue was discovered in the Linux kernel through 5.16.11. The mixed IPID assignment method with the hash-based IPID assignment policy allows an off-path attacker to inject data into a victim's TCP session or terminate that session.
- affected < 5.3.18-24.107.1fixed 5.3.18-24.107.1
An issue was discovered in drivers/usb/gadget/function/rndis.c in the Linux kernel before 5.16.10. The RNDIS USB gadget lacks validation of the size of the RNDIS_MSG_SET command. Attackers can obtain sensitive information from kernel memory.
- affected < 5.3.18-24.96.1fixed 5.3.18-24.96.1
A flaw in the processing of received ICMP errors (ICMP fragment needed and ICMP redirect) in the Linux kernel functionality was found to allow the ability to quickly scan open UDP ports. This flaw allows an off-path remote user to effectively bypass the source port UDP randomizat
- affected < 5.3.18-150200.24.115.1fixed 5.3.18-150200.24.115.1
A race condition accessing file object in the Linux kernel OverlayFS subsystem was found in the way users do rename in specific way with OverlayFS. A local user could use this flaw to crash the system.
- affected < 5.3.18-24.107.1fixed 5.3.18-24.107.1
An issue was discovered in drivers/usb/gadget/composite.c in the Linux kernel before 5.16.10. The USB Gadget subsystem lacks certain validation of interface OS descriptor requests (ones with a large array index and ones associated with NULL function pointer retrieval). Memory cor
- affected < 5.3.18-24.93.1fixed 5.3.18-24.93.1
A flaw was found in the Linux kernel. A use-after-free vulnerability in the NFC stack can lead to a threat to confidentiality, integrity, and system availability.
- affected < 5.3.18-24.83.2fixed 5.3.18-24.83.2
A race problem was seen in the vt_k_ioctl in drivers/tty/vt/vt_ioctl.c in the Linux kernel, which may cause an out of bounds read in vt as the write access to vc_mode is not protected by lock-in vt_ioctl (KDSETMDE). The highest threat from this vulnerability is to data confidenti
- affected < 5.3.18-24.86.2fixed 5.3.18-24.86.2
A use-after-free flaw was found in the Linux kernel’s Bluetooth subsystem in the way user calls connect to the socket and disconnect simultaneously due to a race condition. This flaw allows a user to crash the system or escalate their privileges. The highest threat from this vuln
- affected < 5.3.18-24.107.1fixed 5.3.18-24.107.1
A flaw null pointer dereference in the Linux kernel UDF file system functionality was found in the way user triggers udf_file_write_iter function for the malicious UDF image. A local user could use this flaw to crash the system. Actual from Linux kernel 4.2-rc1 till 5.17-rc2.
- affected < 5.3.18-24.107.1fixed 5.3.18-24.107.1
In gc_data_segment in fs/f2fs/gc.c in the Linux kernel before 5.16.3, special files are not considered, leading to a move_data_page NULL pointer dereference.
- affected < 5.3.18-24.99.1fixed 5.3.18-24.99.1
A heap-based buffer overflow flaw was found in the way the legacy_parse_param function in the Filesystem Context functionality of the Linux kernel verified the supplied parameters length. An unprivileged (in case of unprivileged user namespaces enabled, otherwise needs namespaced
- affected < 5.3.18-24.107.1fixed 5.3.18-24.107.1
An issue was discovered in the Linux kernel before 5.16.5. There is a memory leak in yam_siocdevprivate in drivers/net/hamradio/yam.c.
- affected < 5.3.18-24.107.1fixed 5.3.18-24.107.1
drivers/usb/gadget/legacy/inode.c in the Linux kernel through 5.16.8 mishandles dev->buf release.
- affected < 5.3.18-150200.24.115.1fixed 5.3.18-150200.24.115.1
Insufficient control flow management for the Intel(R) 82599 Ethernet Controllers and Adapters may allow an authenticated user to potentially enable denial of service via local access.
- affected < 5.3.18-24.107.1fixed 5.3.18-24.107.1
A use-after-free vulnerability was found in rtsx_usb_ms_drv_remove in drivers/memstick/host/rtsx_usb_ms.c in memstick in the Linux kernel. In this flaw, a local attacker with a user privilege may impact system Confidentiality. This flaw affects kernel versions prior to 5.14 rc1.
- affected < 5.3.18-24.107.1fixed 5.3.18-24.107.1
An issue was discovered in fs/nfs/dir.c in the Linux kernel before 5.16.5. If an application sets the O_DIRECTORY flag, and tries to open a regular file, nfs_atomic_open() performs a regular lookup. If a regular file is found, ENOTDIR should occur, but the server instead returns
- affected < 5.3.18-24.102.1fixed 5.3.18-24.102.1
A double free bug in packet_set_ring() in net/packet/af_packet.c can be exploited by a local user through crafted syscalls to escalate privileges or deny service. We recommend upgrading kernel past the effected versions or rebuilding past ec6af094ea28f0f2dda1a6a33b14cd57e36a9755
- affected < 5.3.18-24.99.1fixed 5.3.18-24.99.1
A race condition was found in the Linux kernel's ebpf verifier between bpf_map_update_elem and bpf_map_freeze due to a missing lock in kernel/bpf/syscall.c. In this flaw, a local user with a special privilege (cap_sys_admin or cap_bpf) can modify the frozen mapped address space.
- affected < 5.3.18-24.99.1fixed 5.3.18-24.99.1
A read-after-free memory flaw was found in the Linux kernel's garbage collection for Unix domain socket file handlers in the way users call close() and fget() simultaneously and can potentially trigger a race condition. This flaw allows a local user to crash the system or escalat
- affected < 5.3.18-24.99.1fixed 5.3.18-24.99.1
Guest can force Linux netback driver to hog large amounts of kernel memory T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Incoming data packets for a guest in the Linux kernel's netback driver are b
Page 40 of 50