rpm package
suse/kernel-default-base&distro=SUSE Enterprise Storage 7
pkg:rpm/suse/kernel-default-base&distro=SUSE%20Enterprise%20Storage%207
Vulnerabilities (279)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2022-2977 | Hig | 7.8 | < 5.3.18-150200.24.129.1.150200.9.61.1 | 5.3.18-150200.24.129.1.150200.9.61.1 | Sep 14, 2022 | A flaw was found in the Linux kernel implementation of proxied virtualized TPM devices. On a system where virtualized TPM devices are configured (this is not the default) a local attacker can create a use-after-free and create a situation where it may be possible to escalate priv | |
| CVE-2022-3169 | Med | 5.5 | < 5.3.18-150200.24.139.1.150200.9.65.2 | 5.3.18-150200.24.139.1.150200.9.65.2 | Sep 9, 2022 | A flaw was found in the Linux kernel. A denial of service flaw may occur if there is a consecutive request of the NVME_IOCTL_RESET and the NVME_IOCTL_SUBSYS_RESET through the device file of the driver, resulting in a PCIe link disconnect. | |
| CVE-2022-38096 | Med | 6.3 | < 5.3.18-150200.24.145.1.150200.9.69.1 | 5.3.18-150200.24.145.1.150200.9.69.1 | Sep 9, 2022 | A NULL pointer dereference vulnerability was found in vmwgfx driver in drivers/gpu/vmxgfx/vmxgfx_execbuf.c in GPU component of Linux kernel with device file '/dev/dri/renderD128 (or Dxxx)'. This flaw allows a local attacker with a user account on the system to gain privilege, cau | |
| CVE-2022-36280 | Med | 6.3 | < 5.3.18-150200.24.145.1.150200.9.69.1 | 5.3.18-150200.24.145.1.150200.9.69.1 | Sep 9, 2022 | An out-of-bounds(OOB) memory access vulnerability was found in vmwgfx driver in drivers/gpu/vmxgfx/vmxgfx_kms.c in GPU component in the Linux kernel with device file '/dev/dri/renderD128 (or Dxxx)'. This flaw allows a local attacker with a user account on the system to gain privi | |
| CVE-2022-2964 | Hig | 7.8 | < 5.3.18-150200.24.139.1.150200.9.65.2 | 5.3.18-150200.24.139.1.150200.9.65.2 | Sep 9, 2022 | A flaw was found in the Linux kernel’s driver for the ASIX AX88179_178A-based USB 2.0/3.0 Gigabit Ethernet Devices. The vulnerability contains multiple out-of-bounds reads and possible out-of-bounds writes. | |
| CVE-2022-2905 | Med | 5.5 | < 5.3.18-150200.24.129.1.150200.9.61.1 | 5.3.18-150200.24.129.1.150200.9.61.1 | Sep 9, 2022 | An out-of-bounds memory read flaw was found in the Linux kernel's BPF subsystem in how a user calls the bpf_tail_call function with a key larger than the max_entries of the map. This flaw allows a local user to gain unauthorized access to data. | |
| CVE-2022-40307 | Med | 4.7 | < 5.3.18-150200.24.139.1.150200.9.65.2 | 5.3.18-150200.24.139.1.150200.9.65.2 | Sep 9, 2022 | An issue was discovered in the Linux kernel through 5.19.8. drivers/firmware/efi/capsule-loader.c has a race condition with a resultant use-after-free. | |
| CVE-2022-39189 | Hig | 7.8 | < 5.3.18-150200.24.139.1.150200.9.65.2 | 5.3.18-150200.24.139.1.150200.9.65.2 | Sep 2, 2022 | An issue was discovered the x86 KVM subsystem in the Linux kernel before 5.18.17. Unprivileged guest users can compromise the guest kernel because TLB flush operations are mishandled in certain KVM_VCPU_PREEMPTED situations. | |
| CVE-2022-39188 | Med | 4.7 | < 5.3.18-150200.24.129.1.150200.9.61.1 | 5.3.18-150200.24.129.1.150200.9.61.1 | Sep 2, 2022 | An issue was discovered in include/asm-generic/tlb.h in the Linux kernel before 5.19. Because of a race condition (unmap_mapping_range versus munmap), a device driver can free a page while it still has stale TLB entries. This only occurs in situations with VM_PFNMAP VMAs. | |
| CVE-2022-2663 | Med | 5.3 | < 5.3.18-150200.24.129.1.150200.9.61.1 | 5.3.18-150200.24.129.1.150200.9.61.1 | Sep 1, 2022 | An issue was found in the Linux kernel in nf_conntrack_irc where the message handling can be confused and incorrectly matches the message. A firewall may be able to be bypassed when users are using unencrypted IRC with nf_conntrack_irc configured. | |
| CVE-2022-2639 | Hig | 7.8 | < 5.3.18-150200.24.129.1.150200.9.61.1 | 5.3.18-150200.24.129.1.150200.9.61.1 | Sep 1, 2022 | An integer coercion error was found in the openvswitch kernel module. Given a sufficiently large number of actions, while copying and reserving memory for a new action of a new flow, the reserve_sfa_size() function does not return -EMSGSIZE as expected, potentially leading to an | |
| CVE-2022-1729 | Hig | 7.0 | < 5.3.18-150200.24.115.1.150200.9.54.1 | 5.3.18-150200.24.115.1.150200.9.54.1 | Sep 1, 2022 | A race condition was found the Linux kernel in perf_event_open() which can be exploited by an unprivileged user to gain root privileges. The bug allows to build several exploit primitives such as kernel address information leak, arbitrary execution, etc. | |
| CVE-2020-27784 | Med | 5.5 | < 5.3.18-150200.24.129.1.150200.9.61.1 | 5.3.18-150200.24.129.1.150200.9.61.1 | Sep 1, 2022 | A vulnerability was found in the Linux kernel, where accessing a deallocated instance in printer_ioctl() printer_ioctl() tries to access of a printer_dev instance. However, use-after-free arises because it had been freed by gprinter_free(). | |
| CVE-2022-3028 | Hig | 7.0 | < 5.3.18-150200.24.129.1.150200.9.61.1 | 5.3.18-150200.24.129.1.150200.9.61.1 | Aug 31, 2022 | A race condition was found in the Linux kernel's IP framework for transforming packets (XFRM subsystem) when multiple calls to xfrm_probe_algs occurred simultaneously. This flaw could allow a local attacker to potentially trigger an out-of-bounds write or leak kernel heap memory | |
| CVE-2022-2153 | Med | 5.5 | < 5.3.18-150200.24.139.1.150200.9.65.2 | 5.3.18-150200.24.139.1.150200.9.65.2 | Aug 31, 2022 | A flaw was found in the Linux kernel’s KVM when attempting to set a SynIC IRQ. This issue makes it possible for a misbehaving VMM to write to SYNIC/STIMER MSRs, causing a NULL pointer dereference. This flaw allows an unprivileged local attacker on the host to issue specific ioctl | |
| CVE-2022-1975 | Med | 5.5 | < 5.3.18-150200.24.115.1.150200.9.54.1 | 5.3.18-150200.24.115.1.150200.9.54.1 | Aug 31, 2022 | There is a sleep-in-atomic bug in /net/nfc/netlink.c that allows an attacker to crash the Linux kernel by simulating a nfc device from user-space. | |
| CVE-2022-1974 | Med | 4.1 | < 5.3.18-150200.24.115.1.150200.9.54.1 | 5.3.18-150200.24.115.1.150200.9.54.1 | Aug 31, 2022 | A use-after-free flaw was found in the Linux kernel's NFC core functionality due to a race condition between kobject creation and delete. This vulnerability allows a local attacker with CAP_NET_ADMIN privilege to leak kernel information. | |
| CVE-2022-1184 | Med | 5.5 | < 5.3.18-150200.24.115.1.150200.9.54.1 | 5.3.18-150200.24.115.1.150200.9.54.1 | Aug 29, 2022 | A use-after-free flaw was found in fs/ext4/namei.c:dx_insert_block() in the Linux kernel’s filesystem sub-component. This flaw allows a local attacker with a user privilege to cause a denial of service. | |
| CVE-2022-1016 | Med | 5.5 | < 5.3.18-150200.24.112.1.150200.9.52.2 | 5.3.18-150200.24.112.1.150200.9.52.2 | Aug 29, 2022 | A flaw was found in the Linux kernel in net/netfilter/nf_tables_core.c:nft_do_chain, which can cause a use-after-free. This issue needs to handle 'return' with proper preconditions, as it can lead to a kernel information leak problem caused by a local, unprivileged attacker. | |
| CVE-2022-0850 | Hig | 7.1 | < 5.3.18-150200.24.112.1.150200.9.52.2 | 5.3.18-150200.24.112.1.150200.9.52.2 | Aug 29, 2022 | A vulnerability was found in linux kernel, where an information leak occurs via ext4_extent_header to userspace. |
- affected < 5.3.18-150200.24.129.1.150200.9.61.1fixed 5.3.18-150200.24.129.1.150200.9.61.1
A flaw was found in the Linux kernel implementation of proxied virtualized TPM devices. On a system where virtualized TPM devices are configured (this is not the default) a local attacker can create a use-after-free and create a situation where it may be possible to escalate priv
- affected < 5.3.18-150200.24.139.1.150200.9.65.2fixed 5.3.18-150200.24.139.1.150200.9.65.2
A flaw was found in the Linux kernel. A denial of service flaw may occur if there is a consecutive request of the NVME_IOCTL_RESET and the NVME_IOCTL_SUBSYS_RESET through the device file of the driver, resulting in a PCIe link disconnect.
- affected < 5.3.18-150200.24.145.1.150200.9.69.1fixed 5.3.18-150200.24.145.1.150200.9.69.1
A NULL pointer dereference vulnerability was found in vmwgfx driver in drivers/gpu/vmxgfx/vmxgfx_execbuf.c in GPU component of Linux kernel with device file '/dev/dri/renderD128 (or Dxxx)'. This flaw allows a local attacker with a user account on the system to gain privilege, cau
- affected < 5.3.18-150200.24.145.1.150200.9.69.1fixed 5.3.18-150200.24.145.1.150200.9.69.1
An out-of-bounds(OOB) memory access vulnerability was found in vmwgfx driver in drivers/gpu/vmxgfx/vmxgfx_kms.c in GPU component in the Linux kernel with device file '/dev/dri/renderD128 (or Dxxx)'. This flaw allows a local attacker with a user account on the system to gain privi
- affected < 5.3.18-150200.24.139.1.150200.9.65.2fixed 5.3.18-150200.24.139.1.150200.9.65.2
A flaw was found in the Linux kernel’s driver for the ASIX AX88179_178A-based USB 2.0/3.0 Gigabit Ethernet Devices. The vulnerability contains multiple out-of-bounds reads and possible out-of-bounds writes.
- affected < 5.3.18-150200.24.129.1.150200.9.61.1fixed 5.3.18-150200.24.129.1.150200.9.61.1
An out-of-bounds memory read flaw was found in the Linux kernel's BPF subsystem in how a user calls the bpf_tail_call function with a key larger than the max_entries of the map. This flaw allows a local user to gain unauthorized access to data.
- affected < 5.3.18-150200.24.139.1.150200.9.65.2fixed 5.3.18-150200.24.139.1.150200.9.65.2
An issue was discovered in the Linux kernel through 5.19.8. drivers/firmware/efi/capsule-loader.c has a race condition with a resultant use-after-free.
- affected < 5.3.18-150200.24.139.1.150200.9.65.2fixed 5.3.18-150200.24.139.1.150200.9.65.2
An issue was discovered the x86 KVM subsystem in the Linux kernel before 5.18.17. Unprivileged guest users can compromise the guest kernel because TLB flush operations are mishandled in certain KVM_VCPU_PREEMPTED situations.
- affected < 5.3.18-150200.24.129.1.150200.9.61.1fixed 5.3.18-150200.24.129.1.150200.9.61.1
An issue was discovered in include/asm-generic/tlb.h in the Linux kernel before 5.19. Because of a race condition (unmap_mapping_range versus munmap), a device driver can free a page while it still has stale TLB entries. This only occurs in situations with VM_PFNMAP VMAs.
- affected < 5.3.18-150200.24.129.1.150200.9.61.1fixed 5.3.18-150200.24.129.1.150200.9.61.1
An issue was found in the Linux kernel in nf_conntrack_irc where the message handling can be confused and incorrectly matches the message. A firewall may be able to be bypassed when users are using unencrypted IRC with nf_conntrack_irc configured.
- affected < 5.3.18-150200.24.129.1.150200.9.61.1fixed 5.3.18-150200.24.129.1.150200.9.61.1
An integer coercion error was found in the openvswitch kernel module. Given a sufficiently large number of actions, while copying and reserving memory for a new action of a new flow, the reserve_sfa_size() function does not return -EMSGSIZE as expected, potentially leading to an
- affected < 5.3.18-150200.24.115.1.150200.9.54.1fixed 5.3.18-150200.24.115.1.150200.9.54.1
A race condition was found the Linux kernel in perf_event_open() which can be exploited by an unprivileged user to gain root privileges. The bug allows to build several exploit primitives such as kernel address information leak, arbitrary execution, etc.
- affected < 5.3.18-150200.24.129.1.150200.9.61.1fixed 5.3.18-150200.24.129.1.150200.9.61.1
A vulnerability was found in the Linux kernel, where accessing a deallocated instance in printer_ioctl() printer_ioctl() tries to access of a printer_dev instance. However, use-after-free arises because it had been freed by gprinter_free().
- affected < 5.3.18-150200.24.129.1.150200.9.61.1fixed 5.3.18-150200.24.129.1.150200.9.61.1
A race condition was found in the Linux kernel's IP framework for transforming packets (XFRM subsystem) when multiple calls to xfrm_probe_algs occurred simultaneously. This flaw could allow a local attacker to potentially trigger an out-of-bounds write or leak kernel heap memory
- affected < 5.3.18-150200.24.139.1.150200.9.65.2fixed 5.3.18-150200.24.139.1.150200.9.65.2
A flaw was found in the Linux kernel’s KVM when attempting to set a SynIC IRQ. This issue makes it possible for a misbehaving VMM to write to SYNIC/STIMER MSRs, causing a NULL pointer dereference. This flaw allows an unprivileged local attacker on the host to issue specific ioctl
- affected < 5.3.18-150200.24.115.1.150200.9.54.1fixed 5.3.18-150200.24.115.1.150200.9.54.1
There is a sleep-in-atomic bug in /net/nfc/netlink.c that allows an attacker to crash the Linux kernel by simulating a nfc device from user-space.
- affected < 5.3.18-150200.24.115.1.150200.9.54.1fixed 5.3.18-150200.24.115.1.150200.9.54.1
A use-after-free flaw was found in the Linux kernel's NFC core functionality due to a race condition between kobject creation and delete. This vulnerability allows a local attacker with CAP_NET_ADMIN privilege to leak kernel information.
- affected < 5.3.18-150200.24.115.1.150200.9.54.1fixed 5.3.18-150200.24.115.1.150200.9.54.1
A use-after-free flaw was found in fs/ext4/namei.c:dx_insert_block() in the Linux kernel’s filesystem sub-component. This flaw allows a local attacker with a user privilege to cause a denial of service.
- affected < 5.3.18-150200.24.112.1.150200.9.52.2fixed 5.3.18-150200.24.112.1.150200.9.52.2
A flaw was found in the Linux kernel in net/netfilter/nf_tables_core.c:nft_do_chain, which can cause a use-after-free. This issue needs to handle 'return' with proper preconditions, as it can lead to a kernel information leak problem caused by a local, unprivileged attacker.
- affected < 5.3.18-150200.24.112.1.150200.9.52.2fixed 5.3.18-150200.24.112.1.150200.9.52.2
A vulnerability was found in linux kernel, where an information leak occurs via ext4_extent_header to userspace.
Page 8 of 14