rpm package
suse/kernel-default&distro=SUSE Linux Enterprise Server 12 SP3-BCL
pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP3-BCL
Vulnerabilities (414)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2021-29154 | — | < 4.4.180-94.144.1 | 4.4.180-94.144.1 | Apr 8, 2021 | BPF JIT compilers in the Linux kernel through 5.11.12 have incorrect computation of branch displacements, allowing them to execute arbitrary code within the kernel context. This affects arch/x86/net/bpf_jit_comp.c and arch/x86/net/bpf_jit_comp32.c. | ||
| CVE-2020-36312 | — | < 4.4.180-94.144.1 | 4.4.180-94.144.1 | Apr 6, 2021 | An issue was discovered in the Linux kernel before 5.8.10. virt/kvm/kvm_main.c has a kvm_io_bus_unregister_dev memory leak upon a kmalloc failure, aka CID-f65886606c2d. | ||
| CVE-2021-28688 | — | < 4.4.180-94.164.3 | 4.4.180-94.164.3 | Apr 6, 2021 | The fix for XSA-365 includes initialization of pointers such that subsequent cleanup code wouldn't use uninitialized or stale values. This initialization went too far and may under certain conditions also overwrite pointers which are in need of cleaning up. The lack of cleanup wo | ||
| CVE-2021-30002 | — | < 4.4.180-94.144.1 | 4.4.180-94.144.1 | Apr 2, 2021 | An issue was discovered in the Linux kernel before 5.11.3 when a webcam device exists. video_usercopy in drivers/media/v4l2-core/v4l2-ioctl.c has a memory leak for large arguments, aka CID-fb18802a338b. | ||
| CVE-2021-29650 | — | < 4.4.180-94.144.1 | 4.4.180-94.144.1 | Mar 30, 2021 | An issue was discovered in the Linux kernel before 5.11.11. The netfilter subsystem allows attackers to cause a denial of service (panic) because net/netfilter/x_tables.c and include/linux/netfilter/x_tables.h lack a full memory barrier upon the assignment of a new table value, a | ||
| CVE-2021-29264 | — | < 4.4.180-94.144.1 | 4.4.180-94.144.1 | Mar 26, 2021 | An issue was discovered in the Linux kernel through 5.11.10. drivers/net/ethernet/freescale/gianfar.c in the Freescale Gianfar Ethernet driver allows attackers to cause a system crash because a negative fragment size is calculated in situations involving an rx queue overrun when | ||
| CVE-2021-29265 | — | < 4.4.180-94.144.1 | 4.4.180-94.144.1 | Mar 26, 2021 | An issue was discovered in the Linux kernel before 5.11.7. usbip_sockfd_store in drivers/usb/usbip/stub_dev.c allows attackers to cause a denial of service (GPF) because the stub-up sequence has race conditions during an update of the local and shared status, aka CID-9380afd6df70 | ||
| CVE-2021-20219 | — | < 4.4.180-94.144.1 | 4.4.180-94.144.1 | Mar 23, 2021 | A denial of service vulnerability was found in n_tty_receive_char_special in drivers/tty/n_tty.c of the Linux kernel. In this flaw a local attacker with a normal user privilege could delay the loop (due to a changing ldata->read_head, and a missing sanity check) and cause a threa | ||
| CVE-2021-28972 | — | < 4.4.180-94.144.1 | 4.4.180-94.144.1 | Mar 22, 2021 | In drivers/pci/hotplug/rpadlpar_sysfs.c in the Linux kernel through 5.11.8, the RPA PCI Hotplug driver has a user-tolerable buffer overflow when writing a new device name to the driver from userspace, allowing userspace to write data to the kernel stack frame directly. This occur | ||
| CVE-2021-28950 | — | < 4.4.180-94.144.1 | 4.4.180-94.144.1 | Mar 20, 2021 | An issue was discovered in fs/fuse/fuse_i.h in the Linux kernel before 5.11.8. A "stall on CPU" can occur because a retry loop continually finds the same bad inode, aka CID-775c5033a0d1. | ||
| CVE-2021-28660 | — | < 4.4.180-94.144.1 | 4.4.180-94.144.1 | Mar 17, 2021 | rtw_wx_set_scan in drivers/staging/rtl8188eu/os_dep/ioctl_linux.c in the Linux kernel through 5.11.6 allows writing beyond the end of the ->ssid[] array. NOTE: from the perspective of kernel.org releases, CVE IDs are not normally used for drivers/staging/* (unfinished work); howe | ||
| CVE-2021-20265 | — | < 4.4.180-94.150.1 | 4.4.180-94.150.1 | Mar 10, 2021 | A flaw was found in the way memory resources were freed in the unix_stream_recvmsg function in the Linux kernel when a signal was pending. This flaw allows an unprivileged local user to crash the system by exhausting available memory. The highest threat from this vulnerability is | ||
| CVE-2021-27365 | — | < 4.4.180-94.144.1 | 4.4.180-94.144.1 | Mar 7, 2021 | An issue was discovered in the Linux kernel through 5.11.3. Certain iSCSI data structures do not have appropriate length constraints or checks, and can exceed the PAGE_SIZE value. An unprivileged user can send a Netlink message that is associated with iSCSI, and has a length up t | ||
| CVE-2021-27364 | — | < 4.4.180-94.144.1 | 4.4.180-94.144.1 | Mar 7, 2021 | An issue was discovered in the Linux kernel through 5.11.3. drivers/scsi/scsi_transport_iscsi.c is adversely affected by the ability of an unprivileged user to craft Netlink messages. | ||
| CVE-2021-27363 | — | < 4.4.180-94.144.1 | 4.4.180-94.144.1 | Mar 7, 2021 | An issue was discovered in the Linux kernel through 5.11.3. A kernel pointer leak can be used to determine the address of the iscsi_transport structure. When an iSCSI transport is registered with the iSCSI subsystem, the transport's handle is available to unprivileged users via t | ||
| CVE-2021-28038 | — | < 4.4.180-94.144.1 | 4.4.180-94.144.1 | Mar 5, 2021 | An issue was discovered in the Linux kernel through 5.11.3, as used with Xen PV. A certain part of the netback driver lacks necessary treatment of errors such as failed memory allocations (as a result of changes to the handling of grant mapping errors). A host OS denial of servic | ||
| CVE-2021-26932 | — | < 4.4.180-94.141.2 | 4.4.180-94.141.2 | Feb 17, 2021 | An issue was discovered in the Linux kernel 3.2 through 5.10.16, as used by Xen. Grant mapping operations often occur in batch hypercalls, where a number of operations are done in a single hypercall, the success or failure of each one is reported to the backend driver, and the ba | ||
| CVE-2021-26931 | — | < 4.4.180-94.141.2 | 4.4.180-94.141.2 | Feb 17, 2021 | An issue was discovered in the Linux kernel 2.6.39 through 5.10.16, as used in Xen. Block, net, and SCSI backends consider certain errors a plain bug, deliberately causing a kernel crash. For errors potentially being at least under the influence of guests (such as out of memory c | ||
| CVE-2021-26930 | — | < 4.4.180-94.141.2 | 4.4.180-94.141.2 | Feb 17, 2021 | An issue was discovered in the Linux kernel 3.11 through 5.10.16, as used by Xen. To service requests to the PV backend, the driver maps grant references provided by the frontend. In this process, errors may be encountered. In one case, an error encountered earlier might be disca | ||
| CVE-2021-3347 | — | < 4.4.180-94.138.1 | 4.4.180-94.138.1 | Jan 29, 2021 | An issue was discovered in the Linux kernel through 5.10.11. PI futexes have a kernel stack use-after-free during fault handling, allowing local users to execute code in the kernel, aka CID-34b1a1ce1458. |
- CVE-2021-29154Apr 8, 2021affected < 4.4.180-94.144.1fixed 4.4.180-94.144.1
BPF JIT compilers in the Linux kernel through 5.11.12 have incorrect computation of branch displacements, allowing them to execute arbitrary code within the kernel context. This affects arch/x86/net/bpf_jit_comp.c and arch/x86/net/bpf_jit_comp32.c.
- CVE-2020-36312Apr 6, 2021affected < 4.4.180-94.144.1fixed 4.4.180-94.144.1
An issue was discovered in the Linux kernel before 5.8.10. virt/kvm/kvm_main.c has a kvm_io_bus_unregister_dev memory leak upon a kmalloc failure, aka CID-f65886606c2d.
- CVE-2021-28688Apr 6, 2021affected < 4.4.180-94.164.3fixed 4.4.180-94.164.3
The fix for XSA-365 includes initialization of pointers such that subsequent cleanup code wouldn't use uninitialized or stale values. This initialization went too far and may under certain conditions also overwrite pointers which are in need of cleaning up. The lack of cleanup wo
- CVE-2021-30002Apr 2, 2021affected < 4.4.180-94.144.1fixed 4.4.180-94.144.1
An issue was discovered in the Linux kernel before 5.11.3 when a webcam device exists. video_usercopy in drivers/media/v4l2-core/v4l2-ioctl.c has a memory leak for large arguments, aka CID-fb18802a338b.
- CVE-2021-29650Mar 30, 2021affected < 4.4.180-94.144.1fixed 4.4.180-94.144.1
An issue was discovered in the Linux kernel before 5.11.11. The netfilter subsystem allows attackers to cause a denial of service (panic) because net/netfilter/x_tables.c and include/linux/netfilter/x_tables.h lack a full memory barrier upon the assignment of a new table value, a
- CVE-2021-29264Mar 26, 2021affected < 4.4.180-94.144.1fixed 4.4.180-94.144.1
An issue was discovered in the Linux kernel through 5.11.10. drivers/net/ethernet/freescale/gianfar.c in the Freescale Gianfar Ethernet driver allows attackers to cause a system crash because a negative fragment size is calculated in situations involving an rx queue overrun when
- CVE-2021-29265Mar 26, 2021affected < 4.4.180-94.144.1fixed 4.4.180-94.144.1
An issue was discovered in the Linux kernel before 5.11.7. usbip_sockfd_store in drivers/usb/usbip/stub_dev.c allows attackers to cause a denial of service (GPF) because the stub-up sequence has race conditions during an update of the local and shared status, aka CID-9380afd6df70
- CVE-2021-20219Mar 23, 2021affected < 4.4.180-94.144.1fixed 4.4.180-94.144.1
A denial of service vulnerability was found in n_tty_receive_char_special in drivers/tty/n_tty.c of the Linux kernel. In this flaw a local attacker with a normal user privilege could delay the loop (due to a changing ldata->read_head, and a missing sanity check) and cause a threa
- CVE-2021-28972Mar 22, 2021affected < 4.4.180-94.144.1fixed 4.4.180-94.144.1
In drivers/pci/hotplug/rpadlpar_sysfs.c in the Linux kernel through 5.11.8, the RPA PCI Hotplug driver has a user-tolerable buffer overflow when writing a new device name to the driver from userspace, allowing userspace to write data to the kernel stack frame directly. This occur
- CVE-2021-28950Mar 20, 2021affected < 4.4.180-94.144.1fixed 4.4.180-94.144.1
An issue was discovered in fs/fuse/fuse_i.h in the Linux kernel before 5.11.8. A "stall on CPU" can occur because a retry loop continually finds the same bad inode, aka CID-775c5033a0d1.
- CVE-2021-28660Mar 17, 2021affected < 4.4.180-94.144.1fixed 4.4.180-94.144.1
rtw_wx_set_scan in drivers/staging/rtl8188eu/os_dep/ioctl_linux.c in the Linux kernel through 5.11.6 allows writing beyond the end of the ->ssid[] array. NOTE: from the perspective of kernel.org releases, CVE IDs are not normally used for drivers/staging/* (unfinished work); howe
- CVE-2021-20265Mar 10, 2021affected < 4.4.180-94.150.1fixed 4.4.180-94.150.1
A flaw was found in the way memory resources were freed in the unix_stream_recvmsg function in the Linux kernel when a signal was pending. This flaw allows an unprivileged local user to crash the system by exhausting available memory. The highest threat from this vulnerability is
- CVE-2021-27365Mar 7, 2021affected < 4.4.180-94.144.1fixed 4.4.180-94.144.1
An issue was discovered in the Linux kernel through 5.11.3. Certain iSCSI data structures do not have appropriate length constraints or checks, and can exceed the PAGE_SIZE value. An unprivileged user can send a Netlink message that is associated with iSCSI, and has a length up t
- CVE-2021-27364Mar 7, 2021affected < 4.4.180-94.144.1fixed 4.4.180-94.144.1
An issue was discovered in the Linux kernel through 5.11.3. drivers/scsi/scsi_transport_iscsi.c is adversely affected by the ability of an unprivileged user to craft Netlink messages.
- CVE-2021-27363Mar 7, 2021affected < 4.4.180-94.144.1fixed 4.4.180-94.144.1
An issue was discovered in the Linux kernel through 5.11.3. A kernel pointer leak can be used to determine the address of the iscsi_transport structure. When an iSCSI transport is registered with the iSCSI subsystem, the transport's handle is available to unprivileged users via t
- CVE-2021-28038Mar 5, 2021affected < 4.4.180-94.144.1fixed 4.4.180-94.144.1
An issue was discovered in the Linux kernel through 5.11.3, as used with Xen PV. A certain part of the netback driver lacks necessary treatment of errors such as failed memory allocations (as a result of changes to the handling of grant mapping errors). A host OS denial of servic
- CVE-2021-26932Feb 17, 2021affected < 4.4.180-94.141.2fixed 4.4.180-94.141.2
An issue was discovered in the Linux kernel 3.2 through 5.10.16, as used by Xen. Grant mapping operations often occur in batch hypercalls, where a number of operations are done in a single hypercall, the success or failure of each one is reported to the backend driver, and the ba
- CVE-2021-26931Feb 17, 2021affected < 4.4.180-94.141.2fixed 4.4.180-94.141.2
An issue was discovered in the Linux kernel 2.6.39 through 5.10.16, as used in Xen. Block, net, and SCSI backends consider certain errors a plain bug, deliberately causing a kernel crash. For errors potentially being at least under the influence of guests (such as out of memory c
- CVE-2021-26930Feb 17, 2021affected < 4.4.180-94.141.2fixed 4.4.180-94.141.2
An issue was discovered in the Linux kernel 3.11 through 5.10.16, as used by Xen. To service requests to the PV backend, the driver maps grant references provided by the frontend. In this process, errors may be encountered. In one case, an error encountered earlier might be disca
- CVE-2021-3347Jan 29, 2021affected < 4.4.180-94.138.1fixed 4.4.180-94.138.1
An issue was discovered in the Linux kernel through 5.10.11. PI futexes have a kernel stack use-after-free during fault handling, allowing local users to execute code in the kernel, aka CID-34b1a1ce1458.
Page 10 of 21