rpm package
suse/kernel-default&distro=SUSE Linux Enterprise Live Patching 15 SP3
pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2015%20SP3
Vulnerabilities (1,750)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2020-27673 | Med | 5.5 | < 5.3.18-59.5.2 | 5.3.18-59.5.2 | Oct 22, 2020 | An issue was discovered in the Linux kernel through 5.9.1, as used with Xen through 4.14.x. Guest OS users can cause a denial of service (host OS hang) via a high rate of events to dom0, aka CID-e99502f76271. | |
| CVE-2020-26541 | Med | 6.5 | < 5.3.18-150300.59.76.1 | 5.3.18-150300.59.76.1 | Oct 2, 2020 | The Linux kernel through 5.8.13 does not properly enforce the Secure Boot Forbidden Signature Database (aka dbx) protection mechanism. This affects certs/blacklist.c and certs/system_keyring.c. | |
| CVE-2020-3702 | Med | 6.5 | < 5.3.18-59.27.1 | 5.3.18-59.27.1 | Sep 8, 2020 | u'Specifically timed and handcrafted traffic can cause internal errors in a WLAN device that lead to improper layer 2 Wi-Fi encryption with a consequent possibility of information disclosure over the air for a discrete set of traffic' in Snapdragon Auto, Snapdragon Compute, Snapd | |
| CVE-2020-12770 | Med | 6.7 | < 5.3.18-59.24.1 | 5.3.18-59.24.1 | May 9, 2020 | An issue was discovered in the Linux kernel through 5.6.11. sg_write lacks an sg_remove_request call in a certain failure case, aka CID-83c6f2390040. | |
| CVE-2019-19769 | Med | 6.7 | < 5.3.18-59.5.2 | 5.3.18-59.5.2 | Dec 12, 2019 | In the Linux kernel 5.3.10, there is a use-after-free (read) in the perf_trace_lock_acquire function (related to include/trace/events/lock.h). | |
| CVE-2019-19377 | Hig | 7.8 | < 5.3.18-150300.59.71.2 | 5.3.18-150300.59.71.2 | Nov 29, 2019 | In the Linux kernel 5.0.21, mounting a crafted btrfs filesystem image, performing some operations, and unmounting can lead to a use-after-free in btrfs_queue_work in fs/btrfs/async-thread.c. | |
| CVE-2019-19083 | Med | 4.7 | < 5.3.18-150300.59.109.1 | 5.3.18-150300.59.109.1 | Nov 18, 2019 | Memory leaks in *clock_source_create() functions under drivers/gpu/drm/amd/display/dc in the Linux kernel before 5.3.8 allow attackers to cause a denial of service (memory consumption). This affects the dce112_clock_source_create() function in drivers/gpu/drm/amd/display/dc/dce11 | |
| CVE-2019-18814 | Cri | 9.8 | < 5.3.18-59.5.2 | 5.3.18-59.5.2 | Nov 7, 2019 | An issue was discovered in the Linux kernel through 5.3.9. There is a use-after-free when aa_label_parse() fails in aa_audit_rule_init() in security/apparmor/audit.c. | |
| CVE-2017-5753 | Med | 5.6 | < 5.3.18-150300.59.118.1 | 5.3.18-150300.59.118.1 | Jan 4, 2018 | Systems with microprocessors utilizing speculative execution and branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis. | |
| CVE-2016-3695 | Med | 5.5 | < 5.3.18-150300.59.93.1 | 5.3.18-150300.59.93.1 | Dec 29, 2017 | The einj_error_inject function in drivers/acpi/apei/einj.c in the Linux kernel allows local users to simulate hardware errors and consequently cause a denial of service by leveraging failure to disable APEI error injection through EINJ when securelevel is set. |
- affected < 5.3.18-59.5.2fixed 5.3.18-59.5.2
An issue was discovered in the Linux kernel through 5.9.1, as used with Xen through 4.14.x. Guest OS users can cause a denial of service (host OS hang) via a high rate of events to dom0, aka CID-e99502f76271.
- affected < 5.3.18-150300.59.76.1fixed 5.3.18-150300.59.76.1
The Linux kernel through 5.8.13 does not properly enforce the Secure Boot Forbidden Signature Database (aka dbx) protection mechanism. This affects certs/blacklist.c and certs/system_keyring.c.
- affected < 5.3.18-59.27.1fixed 5.3.18-59.27.1
u'Specifically timed and handcrafted traffic can cause internal errors in a WLAN device that lead to improper layer 2 Wi-Fi encryption with a consequent possibility of information disclosure over the air for a discrete set of traffic' in Snapdragon Auto, Snapdragon Compute, Snapd
- affected < 5.3.18-59.24.1fixed 5.3.18-59.24.1
An issue was discovered in the Linux kernel through 5.6.11. sg_write lacks an sg_remove_request call in a certain failure case, aka CID-83c6f2390040.
- affected < 5.3.18-59.5.2fixed 5.3.18-59.5.2
In the Linux kernel 5.3.10, there is a use-after-free (read) in the perf_trace_lock_acquire function (related to include/trace/events/lock.h).
- affected < 5.3.18-150300.59.71.2fixed 5.3.18-150300.59.71.2
In the Linux kernel 5.0.21, mounting a crafted btrfs filesystem image, performing some operations, and unmounting can lead to a use-after-free in btrfs_queue_work in fs/btrfs/async-thread.c.
- affected < 5.3.18-150300.59.109.1fixed 5.3.18-150300.59.109.1
Memory leaks in *clock_source_create() functions under drivers/gpu/drm/amd/display/dc in the Linux kernel before 5.3.8 allow attackers to cause a denial of service (memory consumption). This affects the dce112_clock_source_create() function in drivers/gpu/drm/amd/display/dc/dce11
- affected < 5.3.18-59.5.2fixed 5.3.18-59.5.2
An issue was discovered in the Linux kernel through 5.3.9. There is a use-after-free when aa_label_parse() fails in aa_audit_rule_init() in security/apparmor/audit.c.
- affected < 5.3.18-150300.59.118.1fixed 5.3.18-150300.59.118.1
Systems with microprocessors utilizing speculative execution and branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis.
- affected < 5.3.18-150300.59.93.1fixed 5.3.18-150300.59.93.1
The einj_error_inject function in drivers/acpi/apei/einj.c in the Linux kernel allows local users to simulate hardware errors and consequently cause a denial of service by leveraging failure to disable APEI error injection through EINJ when securelevel is set.
Page 88 of 88