rpm package
suse/kernel-default&distro=SUSE Linux Enterprise High Availability Extension 15 SP3
pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20High%20Availability%20Extension%2015%20SP3
Vulnerabilities (1,750)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2021-29264 | — | < 5.3.18-59.5.2 | 5.3.18-59.5.2 | Mar 26, 2021 | An issue was discovered in the Linux kernel through 5.11.10. drivers/net/ethernet/freescale/gianfar.c in the Freescale Gianfar Ethernet driver allows attackers to cause a system crash because a negative fragment size is calculated in situations involving an rx queue overrun when | ||
| CVE-2021-29265 | — | < 5.3.18-59.5.2 | 5.3.18-59.5.2 | Mar 26, 2021 | An issue was discovered in the Linux kernel before 5.11.7. usbip_sockfd_store in drivers/usb/usbip/stub_dev.c allows attackers to cause a denial of service (GPF) because the stub-up sequence has race conditions during an update of the local and shared status, aka CID-9380afd6df70 | ||
| CVE-2021-3444 | — | < 5.3.18-59.5.2 | 5.3.18-59.5.2 | Mar 23, 2021 | The bpf verifier in the Linux kernel did not properly handle mod32 destination register truncation when the source register was known to be 0. A local attacker with the ability to load bpf programs could use this gain out-of-bounds reads in kernel memory leading to information di | ||
| CVE-2021-28971 | — | < 5.3.18-59.5.2 | 5.3.18-59.5.2 | Mar 22, 2021 | In intel_pmu_drain_pebs_nhm in arch/x86/events/intel/ds.c in the Linux kernel through 5.11.8 on some Haswell CPUs, userspace applications (such as perf-fuzzer) can cause a system crash because the PEBS status in a PEBS record is mishandled, aka CID-d88d05a9e0b6. | ||
| CVE-2021-28972 | — | < 5.3.18-59.5.2 | 5.3.18-59.5.2 | Mar 22, 2021 | In drivers/pci/hotplug/rpadlpar_sysfs.c in the Linux kernel through 5.11.8, the RPA PCI Hotplug driver has a user-tolerable buffer overflow when writing a new device name to the driver from userspace, allowing userspace to write data to the kernel stack frame directly. This occur | ||
| CVE-2021-28964 | — | < 5.3.18-59.5.2 | 5.3.18-59.5.2 | Mar 22, 2021 | A race condition was discovered in get_old_root in fs/btrfs/ctree.c in the Linux kernel through 5.11.8. It allows attackers to cause a denial of service (BUG) because of a lack of locking on an extent buffer before a cloning operation, aka CID-dbcc7d57bffc. | ||
| CVE-2020-27171 | — | < 5.3.18-59.5.2 | 5.3.18-59.5.2 | Mar 20, 2021 | An issue was discovered in the Linux kernel before 5.11.8. kernel/bpf/verifier.c has an off-by-one error (with a resultant integer underflow) affecting out-of-bounds speculation on pointer arithmetic, leading to side-channel attacks that defeat Spectre mitigations and obtain sens | ||
| CVE-2020-27170 | — | < 5.3.18-59.5.2 | 5.3.18-59.5.2 | Mar 20, 2021 | An issue was discovered in the Linux kernel before 5.11.8. kernel/bpf/verifier.c performs undesirable out-of-bounds speculation on pointer arithmetic, leading to side-channel attacks that defeat Spectre mitigations and obtain sensitive information from kernel memory, aka CID-f232 | ||
| CVE-2021-28952 | — | < 5.3.18-59.5.2 | 5.3.18-59.5.2 | Mar 20, 2021 | An issue was discovered in the Linux kernel through 5.11.8. The sound/soc/qcom/sdm845.c soundwire device driver has a buffer overflow when an unexpected port ID number is encountered, aka CID-1c668e1c0a0f. (This has been fixed in 5.12-rc4.) | ||
| CVE-2021-28950 | — | < 5.3.18-59.5.2 | 5.3.18-59.5.2 | Mar 20, 2021 | An issue was discovered in fs/fuse/fuse_i.h in the Linux kernel before 5.11.8. A "stall on CPU" can occur because a retry loop continually finds the same bad inode, aka CID-775c5033a0d1. | ||
| CVE-2021-28660 | — | < 5.3.18-59.5.2 | 5.3.18-59.5.2 | Mar 17, 2021 | rtw_wx_set_scan in drivers/staging/rtl8188eu/os_dep/ioctl_linux.c in the Linux kernel through 5.11.6 allows writing beyond the end of the ->ssid[] array. NOTE: from the perspective of kernel.org releases, CVE IDs are not normally used for drivers/staging/* (unfinished work); howe | ||
| CVE-2021-28375 | — | < 5.3.18-59.5.2 | 5.3.18-59.5.2 | Mar 15, 2021 | An issue was discovered in the Linux kernel through 5.11.6. fastrpc_internal_invoke in drivers/misc/fastrpc.c does not prevent user applications from sending kernel RPC messages, aka CID-20c40794eb85. This is a related issue to CVE-2019-2308. | ||
| CVE-2021-20268 | — | < 5.3.18-59.5.2 | 5.3.18-59.5.2 | Mar 9, 2021 | An out-of-bounds access flaw was found in the Linux kernel's implementation of the eBPF code verifier in the way a user running the eBPF script calls dev_map_init_map or sock_map_alloc. This flaw allows a local user to crash the system or possibly escalate their privileges. The h | ||
| CVE-2021-27365 | — | < 5.3.18-59.5.2 | 5.3.18-59.5.2 | Mar 7, 2021 | An issue was discovered in the Linux kernel through 5.11.3. Certain iSCSI data structures do not have appropriate length constraints or checks, and can exceed the PAGE_SIZE value. An unprivileged user can send a Netlink message that is associated with iSCSI, and has a length up t | ||
| CVE-2021-27364 | — | < 5.3.18-59.5.2 | 5.3.18-59.5.2 | Mar 7, 2021 | An issue was discovered in the Linux kernel through 5.11.3. drivers/scsi/scsi_transport_iscsi.c is adversely affected by the ability of an unprivileged user to craft Netlink messages. | ||
| CVE-2021-27363 | — | < 5.3.18-59.5.2 | 5.3.18-59.5.2 | Mar 7, 2021 | An issue was discovered in the Linux kernel through 5.11.3. A kernel pointer leak can be used to determine the address of the iscsi_transport structure. When an iSCSI transport is registered with the iSCSI subsystem, the transport's handle is available to unprivileged users via t | ||
| CVE-2021-28038 | — | < 5.3.18-59.5.2 | 5.3.18-59.5.2 | Mar 5, 2021 | An issue was discovered in the Linux kernel through 5.11.3, as used with Xen PV. A certain part of the netback driver lacks necessary treatment of errors such as failed memory allocations (as a result of changes to the handling of grant mapping errors). A host OS denial of servic | ||
| CVE-2020-24504 | — | < 5.3.18-59.40.1 | 5.3.18-59.40.1 | Feb 17, 2021 | Uncontrolled resource consumption in some Intel(R) Ethernet E810 Adapter drivers for Linux before version 1.0.4 may allow an authenticated user to potentially enable denial of service via local access. | ||
| CVE-2020-16119 | — | < 5.3.18-150300.59.98.1 | 5.3.18-150300.59.98.1 | Jan 14, 2021 | Use-after-free vulnerability in the Linux kernel exploitable by a local attacker due to reuse of a DCCP socket with an attached dccps_hc_tx_ccid object as a listener after being released. Fixed in Ubuntu Linux kernel 5.4.0-51.56, 5.3.0-68.63, 4.15.0-121.123, 4.4.0-193.224, 3.13.0 | ||
| CVE-2020-27835 | — | < 5.3.18-150300.59.68.1 | 5.3.18-150300.59.68.1 | Jan 7, 2021 | A use after free in the Linux kernel infiniband hfi1 driver in versions prior to 5.10-rc6 was found in the way user calls Ioctl after open dev file and fork. A local user could use this flaw to crash the system. |
- CVE-2021-29264Mar 26, 2021affected < 5.3.18-59.5.2fixed 5.3.18-59.5.2
An issue was discovered in the Linux kernel through 5.11.10. drivers/net/ethernet/freescale/gianfar.c in the Freescale Gianfar Ethernet driver allows attackers to cause a system crash because a negative fragment size is calculated in situations involving an rx queue overrun when
- CVE-2021-29265Mar 26, 2021affected < 5.3.18-59.5.2fixed 5.3.18-59.5.2
An issue was discovered in the Linux kernel before 5.11.7. usbip_sockfd_store in drivers/usb/usbip/stub_dev.c allows attackers to cause a denial of service (GPF) because the stub-up sequence has race conditions during an update of the local and shared status, aka CID-9380afd6df70
- CVE-2021-3444Mar 23, 2021affected < 5.3.18-59.5.2fixed 5.3.18-59.5.2
The bpf verifier in the Linux kernel did not properly handle mod32 destination register truncation when the source register was known to be 0. A local attacker with the ability to load bpf programs could use this gain out-of-bounds reads in kernel memory leading to information di
- CVE-2021-28971Mar 22, 2021affected < 5.3.18-59.5.2fixed 5.3.18-59.5.2
In intel_pmu_drain_pebs_nhm in arch/x86/events/intel/ds.c in the Linux kernel through 5.11.8 on some Haswell CPUs, userspace applications (such as perf-fuzzer) can cause a system crash because the PEBS status in a PEBS record is mishandled, aka CID-d88d05a9e0b6.
- CVE-2021-28972Mar 22, 2021affected < 5.3.18-59.5.2fixed 5.3.18-59.5.2
In drivers/pci/hotplug/rpadlpar_sysfs.c in the Linux kernel through 5.11.8, the RPA PCI Hotplug driver has a user-tolerable buffer overflow when writing a new device name to the driver from userspace, allowing userspace to write data to the kernel stack frame directly. This occur
- CVE-2021-28964Mar 22, 2021affected < 5.3.18-59.5.2fixed 5.3.18-59.5.2
A race condition was discovered in get_old_root in fs/btrfs/ctree.c in the Linux kernel through 5.11.8. It allows attackers to cause a denial of service (BUG) because of a lack of locking on an extent buffer before a cloning operation, aka CID-dbcc7d57bffc.
- CVE-2020-27171Mar 20, 2021affected < 5.3.18-59.5.2fixed 5.3.18-59.5.2
An issue was discovered in the Linux kernel before 5.11.8. kernel/bpf/verifier.c has an off-by-one error (with a resultant integer underflow) affecting out-of-bounds speculation on pointer arithmetic, leading to side-channel attacks that defeat Spectre mitigations and obtain sens
- CVE-2020-27170Mar 20, 2021affected < 5.3.18-59.5.2fixed 5.3.18-59.5.2
An issue was discovered in the Linux kernel before 5.11.8. kernel/bpf/verifier.c performs undesirable out-of-bounds speculation on pointer arithmetic, leading to side-channel attacks that defeat Spectre mitigations and obtain sensitive information from kernel memory, aka CID-f232
- CVE-2021-28952Mar 20, 2021affected < 5.3.18-59.5.2fixed 5.3.18-59.5.2
An issue was discovered in the Linux kernel through 5.11.8. The sound/soc/qcom/sdm845.c soundwire device driver has a buffer overflow when an unexpected port ID number is encountered, aka CID-1c668e1c0a0f. (This has been fixed in 5.12-rc4.)
- CVE-2021-28950Mar 20, 2021affected < 5.3.18-59.5.2fixed 5.3.18-59.5.2
An issue was discovered in fs/fuse/fuse_i.h in the Linux kernel before 5.11.8. A "stall on CPU" can occur because a retry loop continually finds the same bad inode, aka CID-775c5033a0d1.
- CVE-2021-28660Mar 17, 2021affected < 5.3.18-59.5.2fixed 5.3.18-59.5.2
rtw_wx_set_scan in drivers/staging/rtl8188eu/os_dep/ioctl_linux.c in the Linux kernel through 5.11.6 allows writing beyond the end of the ->ssid[] array. NOTE: from the perspective of kernel.org releases, CVE IDs are not normally used for drivers/staging/* (unfinished work); howe
- CVE-2021-28375Mar 15, 2021affected < 5.3.18-59.5.2fixed 5.3.18-59.5.2
An issue was discovered in the Linux kernel through 5.11.6. fastrpc_internal_invoke in drivers/misc/fastrpc.c does not prevent user applications from sending kernel RPC messages, aka CID-20c40794eb85. This is a related issue to CVE-2019-2308.
- CVE-2021-20268Mar 9, 2021affected < 5.3.18-59.5.2fixed 5.3.18-59.5.2
An out-of-bounds access flaw was found in the Linux kernel's implementation of the eBPF code verifier in the way a user running the eBPF script calls dev_map_init_map or sock_map_alloc. This flaw allows a local user to crash the system or possibly escalate their privileges. The h
- CVE-2021-27365Mar 7, 2021affected < 5.3.18-59.5.2fixed 5.3.18-59.5.2
An issue was discovered in the Linux kernel through 5.11.3. Certain iSCSI data structures do not have appropriate length constraints or checks, and can exceed the PAGE_SIZE value. An unprivileged user can send a Netlink message that is associated with iSCSI, and has a length up t
- CVE-2021-27364Mar 7, 2021affected < 5.3.18-59.5.2fixed 5.3.18-59.5.2
An issue was discovered in the Linux kernel through 5.11.3. drivers/scsi/scsi_transport_iscsi.c is adversely affected by the ability of an unprivileged user to craft Netlink messages.
- CVE-2021-27363Mar 7, 2021affected < 5.3.18-59.5.2fixed 5.3.18-59.5.2
An issue was discovered in the Linux kernel through 5.11.3. A kernel pointer leak can be used to determine the address of the iscsi_transport structure. When an iSCSI transport is registered with the iSCSI subsystem, the transport's handle is available to unprivileged users via t
- CVE-2021-28038Mar 5, 2021affected < 5.3.18-59.5.2fixed 5.3.18-59.5.2
An issue was discovered in the Linux kernel through 5.11.3, as used with Xen PV. A certain part of the netback driver lacks necessary treatment of errors such as failed memory allocations (as a result of changes to the handling of grant mapping errors). A host OS denial of servic
- CVE-2020-24504Feb 17, 2021affected < 5.3.18-59.40.1fixed 5.3.18-59.40.1
Uncontrolled resource consumption in some Intel(R) Ethernet E810 Adapter drivers for Linux before version 1.0.4 may allow an authenticated user to potentially enable denial of service via local access.
- CVE-2020-16119Jan 14, 2021affected < 5.3.18-150300.59.98.1fixed 5.3.18-150300.59.98.1
Use-after-free vulnerability in the Linux kernel exploitable by a local attacker due to reuse of a DCCP socket with an attached dccps_hc_tx_ccid object as a listener after being released. Fixed in Ubuntu Linux kernel 5.4.0-51.56, 5.3.0-68.63, 4.15.0-121.123, 4.4.0-193.224, 3.13.0
- CVE-2020-27835Jan 7, 2021affected < 5.3.18-150300.59.68.1fixed 5.3.18-150300.59.68.1
A use after free in the Linux kernel infiniband hfi1 driver in versions prior to 5.10-rc6 was found in the way user calls Ioctl after open dev file and fork. A local user could use this flaw to crash the system.
Page 87 of 88