rpm package
suse/kernel-default&distro=SUSE Linux Enterprise Server for SAP Applications 15 SP3
pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP3
Vulnerabilities (1,468)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2020-26558 | — | < 5.3.18-150300.59.170.1 | 5.3.18-150300.59.170.1 | May 24, 2021 | Bluetooth LE and BR/EDR secure pairing in Bluetooth Core Specification 2.1 through 5.2 may permit a nearby man-in-the-middle attacker to identify the Passkey used during pairing (in the Passkey authentication procedure) by reflection of the public key and the authentication evide | ||
| CVE-2021-23134 | — | < 5.3.18-150300.59.158.1 | 5.3.18-150300.59.158.1 | May 12, 2021 | Use After Free vulnerability in nfc sockets in the Linux Kernel before 5.12.4 allows local attackers to elevate their privileges. In typical configurations, the issue can only be triggered by a privileged local user with the CAP_NET_RAW capability. | ||
| CVE-2021-32399 | — | < 5.3.18-150300.59.207.1 | 5.3.18-150300.59.207.1 | May 10, 2021 | net/bluetooth/hci_request.c in the Linux kernel through 5.12.2 has a race condition for removal of the HCI controller. | ||
| CVE-2021-29155 | — | < 5.3.18-150300.59.158.1 | 5.3.18-150300.59.158.1 | Apr 20, 2021 | An issue was discovered in the Linux kernel through 5.11.x. kernel/bpf/verifier.c performs undesirable out-of-bounds speculation on pointer arithmetic, leading to side-channel attacks that defeat Spectre mitigations and obtain sensitive information from kernel memory. Specificall | ||
| CVE-2021-29650 | — | < 5.3.18-150300.59.124.1 | 5.3.18-150300.59.124.1 | Mar 30, 2021 | An issue was discovered in the Linux kernel before 5.11.11. The netfilter subsystem allows attackers to cause a denial of service (panic) because net/netfilter/x_tables.c and include/linux/netfilter/x_tables.h lack a full memory barrier upon the assignment of a new table value, a | ||
| CVE-2020-27835 | — | < 5.3.18-150300.59.201.1 | 5.3.18-150300.59.201.1 | Jan 7, 2021 | A use after free in the Linux kernel infiniband hfi1 driver in versions prior to 5.10-rc6 was found in the way user calls Ioctl after open dev file and fork. A local user could use this flaw to crash the system. | ||
| CVE-2019-19083 | — | < 5.3.18-150300.59.109.1 | 5.3.18-150300.59.109.1 | Nov 18, 2019 | Memory leaks in *clock_source_create() functions under drivers/gpu/drm/amd/display/dc in the Linux kernel before 5.3.8 allow attackers to cause a denial of service (memory consumption). This affects the dce112_clock_source_create() function in drivers/gpu/drm/amd/display/dc/dce11 | ||
| CVE-2017-5753 | — | < 5.3.18-150300.59.118.1 | 5.3.18-150300.59.118.1 | Jan 4, 2018 | Systems with microprocessors utilizing speculative execution and branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis. |
- CVE-2020-26558May 24, 2021affected < 5.3.18-150300.59.170.1fixed 5.3.18-150300.59.170.1
Bluetooth LE and BR/EDR secure pairing in Bluetooth Core Specification 2.1 through 5.2 may permit a nearby man-in-the-middle attacker to identify the Passkey used during pairing (in the Passkey authentication procedure) by reflection of the public key and the authentication evide
- CVE-2021-23134May 12, 2021affected < 5.3.18-150300.59.158.1fixed 5.3.18-150300.59.158.1
Use After Free vulnerability in nfc sockets in the Linux Kernel before 5.12.4 allows local attackers to elevate their privileges. In typical configurations, the issue can only be triggered by a privileged local user with the CAP_NET_RAW capability.
- CVE-2021-32399May 10, 2021affected < 5.3.18-150300.59.207.1fixed 5.3.18-150300.59.207.1
net/bluetooth/hci_request.c in the Linux kernel through 5.12.2 has a race condition for removal of the HCI controller.
- CVE-2021-29155Apr 20, 2021affected < 5.3.18-150300.59.158.1fixed 5.3.18-150300.59.158.1
An issue was discovered in the Linux kernel through 5.11.x. kernel/bpf/verifier.c performs undesirable out-of-bounds speculation on pointer arithmetic, leading to side-channel attacks that defeat Spectre mitigations and obtain sensitive information from kernel memory. Specificall
- CVE-2021-29650Mar 30, 2021affected < 5.3.18-150300.59.124.1fixed 5.3.18-150300.59.124.1
An issue was discovered in the Linux kernel before 5.11.11. The netfilter subsystem allows attackers to cause a denial of service (panic) because net/netfilter/x_tables.c and include/linux/netfilter/x_tables.h lack a full memory barrier upon the assignment of a new table value, a
- CVE-2020-27835Jan 7, 2021affected < 5.3.18-150300.59.201.1fixed 5.3.18-150300.59.201.1
A use after free in the Linux kernel infiniband hfi1 driver in versions prior to 5.10-rc6 was found in the way user calls Ioctl after open dev file and fork. A local user could use this flaw to crash the system.
- CVE-2019-19083Nov 18, 2019affected < 5.3.18-150300.59.109.1fixed 5.3.18-150300.59.109.1
Memory leaks in *clock_source_create() functions under drivers/gpu/drm/amd/display/dc in the Linux kernel before 5.3.8 allow attackers to cause a denial of service (memory consumption). This affects the dce112_clock_source_create() function in drivers/gpu/drm/amd/display/dc/dce11
- CVE-2017-5753Jan 4, 2018affected < 5.3.18-150300.59.118.1fixed 5.3.18-150300.59.118.1
Systems with microprocessors utilizing speculative execution and branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis.
Page 74 of 74