rpm package
suse/kernel-default-base&distro=SUSE Linux Enterprise Micro 5.2
pkg:rpm/suse/kernel-default-base&distro=SUSE%20Linux%20Enterprise%20Micro%205.2
Vulnerabilities (1,696)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2022-28356 | — | < 5.3.18-150300.59.68.1.150300.18.41.3 | 5.3.18-150300.59.68.1.150300.18.41.3 | Apr 2, 2022 | In the Linux kernel before 5.17.1, a refcount leak bug was found in net/llc/af_llc.c. | ||
| CVE-2022-1055 | — | < 5.3.18-150300.59.63.1.150300.18.39.1 | 5.3.18-150300.59.63.1.150300.18.39.1 | Mar 29, 2022 | A use-after-free exists in the Linux Kernel in tc_new_tfilter that could allow a local attacker to gain privilege escalation. The exploit requires unprivileged user namespaces. We recommend upgrading past commit 04c2a47ffb13c29778e2a14e414ad4cb5a5db4b5 | ||
| CVE-2021-4157 | — | < 5.3.18-150300.59.87.1.150300.18.50.2 | 5.3.18-150300.59.87.1.150300.18.50.2 | Mar 25, 2022 | An out of memory bounds write flaw (1 or 2 bytes of memory) in the Linux kernel NFS subsystem was found in the way users use mirroring (replication of files with NFS). A user, having access to the NFS mount, could potentially use this flaw to crash the system or escalate privileg | ||
| CVE-2022-0435 | — | < 5.3.18-150300.59.167.1.150300.18.98.1 | 5.3.18-150300.59.167.1.150300.18.98.1 | Mar 25, 2022 | A stack overflow flaw was found in the Linux kernel's TIPC protocol functionality in the way a user sends a packet with malicious content where the number of domain member nodes is higher than the 64 allowed. This flaw allows a remote user to crash the system or possibly escalate | ||
| CVE-2021-4203 | — | < 5.3.18-150300.59.93.1.150300.18.54.1 | 5.3.18-150300.59.93.1.150300.18.54.1 | Mar 25, 2022 | A use-after-free read flaw was found in sock_getsockopt() in net/core/sock.c due to SO_PEERCRED and SO_PEERGROUPS race with listen() (and connect()) in the Linux kernel. In this flaw, an attacker with a user privileges may crash the system or leak internal kernel information. | ||
| CVE-2022-0854 | — | < 5.3.18-150300.59.63.1.150300.18.39.1 | 5.3.18-150300.59.63.1.150300.18.39.1 | Mar 23, 2022 | A memory leak flaw was found in the Linux kernel’s DMA subsystem, in the way a user calls DMA_FROM_DEVICE. This flaw allows a local user to read random memory from the kernel space. | ||
| CVE-2022-27666 | — | < 5.3.18-150300.59.63.1.150300.18.39.1 | 5.3.18-150300.59.63.1.150300.18.39.1 | Mar 23, 2022 | A heap buffer overflow flaw was found in IPsec ESP transformation code in net/ipv4/esp4.c and net/ipv6/esp6.c. This flaw allows a local attacker with a normal user privilege to overwrite kernel heap objects and may cause a local privilege escalation threat. | ||
| CVE-2021-45868 | — | < 5.3.18-150300.59.63.1.150300.18.39.1 | 5.3.18-150300.59.63.1.150300.18.39.1 | Mar 18, 2022 | In the Linux kernel before 5.15.3, fs/quota/quota_tree.c does not validate the block number in the quota tree (on disk). This can, for example, lead to a kernel/locking/rwsem.c use-after-free if there is a corrupted quota file. | ||
| CVE-2022-1011 | — | < 5.3.18-150300.59.63.1.150300.18.39.1 | 5.3.18-150300.59.63.1.150300.18.39.1 | Mar 18, 2022 | A use-after-free flaw was found in the Linux kernel’s FUSE filesystem in the way a user triggers write(). This flaw allows a local user to gain unauthorized access to data from the FUSE filesystem, resulting in privilege escalation. | ||
| CVE-2021-39698 | — | < 5.3.18-150300.59.164.1.150300.18.96.1 | 5.3.18-150300.59.164.1.150300.18.96.1 | Mar 16, 2022 | In aio_poll_complete_work of aio.c, there is a possible memory corruption due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android ke | ||
| CVE-2021-26341 | — | < 5.3.18-150300.59.87.1.150300.18.50.2 | 5.3.18-150300.59.87.1.150300.18.50.2 | Mar 11, 2022 | Some AMD CPUs may transiently execute beyond unconditional direct branches, which may potentially result in data leakage. | ||
| CVE-2021-3743 | — | < 5.3.18-150300.59.164.1.150300.18.96.1 | 5.3.18-150300.59.164.1.150300.18.96.1 | Mar 4, 2022 | An out-of-bounds (OOB) memory read flaw was found in the Qualcomm IPC router protocol in the Linux kernel. A missing sanity check allows a local attacker to gain access to out-of-bounds memory, leading to a system crash or a leak of internal kernel information. The highest threat | ||
| CVE-2020-36516 | — | < 5.3.18-150300.59.90.1.150300.18.52.1 | 5.3.18-150300.59.90.1.150300.18.52.1 | Feb 26, 2022 | An issue was discovered in the Linux kernel through 5.16.11. The mixed IPID assignment method with the hash-based IPID assignment policy allows an off-path attacker to inject data into a victim's TCP session or terminate that session. | ||
| CVE-2021-20321 | — | < 5.3.18-150300.59.68.1.150300.18.41.3 | 5.3.18-150300.59.68.1.150300.18.41.3 | Feb 18, 2022 | A race condition accessing file object in the Linux kernel OverlayFS subsystem was found in the way users do rename in specific way with OverlayFS. A local user could use this flaw to crash the system. | ||
| CVE-2021-33061 | — | < 5.3.18-150300.59.71.2.150300.18.43.2 | 5.3.18-150300.59.71.2.150300.18.43.2 | Feb 9, 2022 | Insufficient control flow management for the Intel(R) 82599 Ethernet Controllers and Adapters may allow an authenticated user to potentially enable denial of service via local access. | ||
| CVE-2022-0487 | — | < 5.3.18-150300.59.158.1.150300.18.92.5 | 5.3.18-150300.59.158.1.150300.18.92.5 | Feb 4, 2022 | A use-after-free vulnerability was found in rtsx_usb_ms_drv_remove in drivers/memstick/host/rtsx_usb_ms.c in memstick in the Linux kernel. In this flaw, a local attacker with a user privilege may impact system Confidentiality. This flaw affects kernel versions prior to 5.14 rc1. | ||
| CVE-2021-4154 | — | < 5.3.18-150300.59.68.1.150300.18.41.3 | 5.3.18-150300.59.68.1.150300.18.41.3 | Feb 4, 2022 | A use-after-free flaw was found in cgroup1_parse_param in kernel/cgroup/cgroup-v1.c in the Linux kernel's cgroup v1 parser. A local attacker with a user privilege could cause a privilege escalation by exploiting the fsconfig syscall parameter leading to a container breakout and a | ||
| CVE-2021-43527 | — | < 5.3.18-150300.59.164.1.150300.18.96.1 | 5.3.18-150300.59.164.1.150300.18.96.1 | Dec 8, 2021 | NSS (Network Security Services) versions prior to 3.73 or 3.68.1 ESR are vulnerable to a heap overflow when handling DER-encoded DSA or RSA-PSS signatures. Applications using NSS for handling signatures encoded within CMS, S/MIME, PKCS \#7, or PKCS \#12 are likely to be impacted. | ||
| CVE-2021-43389 | — | < 5.3.18-150300.59.167.1.150300.18.98.1 | 5.3.18-150300.59.167.1.150300.18.98.1 | Nov 4, 2021 | An issue was discovered in the Linux kernel before 5.14.15. There is an array-index-out-of-bounds flaw in the detach_capi_ctr function in drivers/isdn/capi/kcapi.c. | ||
| CVE-2021-43056 | — | < 5.3.18-150300.59.164.1.150300.18.96.1 | 5.3.18-150300.59.164.1.150300.18.96.1 | Oct 28, 2021 | An issue was discovered in the Linux kernel for powerpc before 5.14.15. It allows a malicious KVM guest to crash the host, when the host is running on Power8, due to an arch/powerpc/kvm/book3s_hv_rmhandlers.S implementation bug in the handling of the SRR1 register values. |
- CVE-2022-28356Apr 2, 2022affected < 5.3.18-150300.59.68.1.150300.18.41.3fixed 5.3.18-150300.59.68.1.150300.18.41.3
In the Linux kernel before 5.17.1, a refcount leak bug was found in net/llc/af_llc.c.
- CVE-2022-1055Mar 29, 2022affected < 5.3.18-150300.59.63.1.150300.18.39.1fixed 5.3.18-150300.59.63.1.150300.18.39.1
A use-after-free exists in the Linux Kernel in tc_new_tfilter that could allow a local attacker to gain privilege escalation. The exploit requires unprivileged user namespaces. We recommend upgrading past commit 04c2a47ffb13c29778e2a14e414ad4cb5a5db4b5
- CVE-2021-4157Mar 25, 2022affected < 5.3.18-150300.59.87.1.150300.18.50.2fixed 5.3.18-150300.59.87.1.150300.18.50.2
An out of memory bounds write flaw (1 or 2 bytes of memory) in the Linux kernel NFS subsystem was found in the way users use mirroring (replication of files with NFS). A user, having access to the NFS mount, could potentially use this flaw to crash the system or escalate privileg
- CVE-2022-0435Mar 25, 2022affected < 5.3.18-150300.59.167.1.150300.18.98.1fixed 5.3.18-150300.59.167.1.150300.18.98.1
A stack overflow flaw was found in the Linux kernel's TIPC protocol functionality in the way a user sends a packet with malicious content where the number of domain member nodes is higher than the 64 allowed. This flaw allows a remote user to crash the system or possibly escalate
- CVE-2021-4203Mar 25, 2022affected < 5.3.18-150300.59.93.1.150300.18.54.1fixed 5.3.18-150300.59.93.1.150300.18.54.1
A use-after-free read flaw was found in sock_getsockopt() in net/core/sock.c due to SO_PEERCRED and SO_PEERGROUPS race with listen() (and connect()) in the Linux kernel. In this flaw, an attacker with a user privileges may crash the system or leak internal kernel information.
- CVE-2022-0854Mar 23, 2022affected < 5.3.18-150300.59.63.1.150300.18.39.1fixed 5.3.18-150300.59.63.1.150300.18.39.1
A memory leak flaw was found in the Linux kernel’s DMA subsystem, in the way a user calls DMA_FROM_DEVICE. This flaw allows a local user to read random memory from the kernel space.
- CVE-2022-27666Mar 23, 2022affected < 5.3.18-150300.59.63.1.150300.18.39.1fixed 5.3.18-150300.59.63.1.150300.18.39.1
A heap buffer overflow flaw was found in IPsec ESP transformation code in net/ipv4/esp4.c and net/ipv6/esp6.c. This flaw allows a local attacker with a normal user privilege to overwrite kernel heap objects and may cause a local privilege escalation threat.
- CVE-2021-45868Mar 18, 2022affected < 5.3.18-150300.59.63.1.150300.18.39.1fixed 5.3.18-150300.59.63.1.150300.18.39.1
In the Linux kernel before 5.15.3, fs/quota/quota_tree.c does not validate the block number in the quota tree (on disk). This can, for example, lead to a kernel/locking/rwsem.c use-after-free if there is a corrupted quota file.
- CVE-2022-1011Mar 18, 2022affected < 5.3.18-150300.59.63.1.150300.18.39.1fixed 5.3.18-150300.59.63.1.150300.18.39.1
A use-after-free flaw was found in the Linux kernel’s FUSE filesystem in the way a user triggers write(). This flaw allows a local user to gain unauthorized access to data from the FUSE filesystem, resulting in privilege escalation.
- CVE-2021-39698Mar 16, 2022affected < 5.3.18-150300.59.164.1.150300.18.96.1fixed 5.3.18-150300.59.164.1.150300.18.96.1
In aio_poll_complete_work of aio.c, there is a possible memory corruption due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android ke
- CVE-2021-26341Mar 11, 2022affected < 5.3.18-150300.59.87.1.150300.18.50.2fixed 5.3.18-150300.59.87.1.150300.18.50.2
Some AMD CPUs may transiently execute beyond unconditional direct branches, which may potentially result in data leakage.
- CVE-2021-3743Mar 4, 2022affected < 5.3.18-150300.59.164.1.150300.18.96.1fixed 5.3.18-150300.59.164.1.150300.18.96.1
An out-of-bounds (OOB) memory read flaw was found in the Qualcomm IPC router protocol in the Linux kernel. A missing sanity check allows a local attacker to gain access to out-of-bounds memory, leading to a system crash or a leak of internal kernel information. The highest threat
- CVE-2020-36516Feb 26, 2022affected < 5.3.18-150300.59.90.1.150300.18.52.1fixed 5.3.18-150300.59.90.1.150300.18.52.1
An issue was discovered in the Linux kernel through 5.16.11. The mixed IPID assignment method with the hash-based IPID assignment policy allows an off-path attacker to inject data into a victim's TCP session or terminate that session.
- CVE-2021-20321Feb 18, 2022affected < 5.3.18-150300.59.68.1.150300.18.41.3fixed 5.3.18-150300.59.68.1.150300.18.41.3
A race condition accessing file object in the Linux kernel OverlayFS subsystem was found in the way users do rename in specific way with OverlayFS. A local user could use this flaw to crash the system.
- CVE-2021-33061Feb 9, 2022affected < 5.3.18-150300.59.71.2.150300.18.43.2fixed 5.3.18-150300.59.71.2.150300.18.43.2
Insufficient control flow management for the Intel(R) 82599 Ethernet Controllers and Adapters may allow an authenticated user to potentially enable denial of service via local access.
- CVE-2022-0487Feb 4, 2022affected < 5.3.18-150300.59.158.1.150300.18.92.5fixed 5.3.18-150300.59.158.1.150300.18.92.5
A use-after-free vulnerability was found in rtsx_usb_ms_drv_remove in drivers/memstick/host/rtsx_usb_ms.c in memstick in the Linux kernel. In this flaw, a local attacker with a user privilege may impact system Confidentiality. This flaw affects kernel versions prior to 5.14 rc1.
- CVE-2021-4154Feb 4, 2022affected < 5.3.18-150300.59.68.1.150300.18.41.3fixed 5.3.18-150300.59.68.1.150300.18.41.3
A use-after-free flaw was found in cgroup1_parse_param in kernel/cgroup/cgroup-v1.c in the Linux kernel's cgroup v1 parser. A local attacker with a user privilege could cause a privilege escalation by exploiting the fsconfig syscall parameter leading to a container breakout and a
- CVE-2021-43527Dec 8, 2021affected < 5.3.18-150300.59.164.1.150300.18.96.1fixed 5.3.18-150300.59.164.1.150300.18.96.1
NSS (Network Security Services) versions prior to 3.73 or 3.68.1 ESR are vulnerable to a heap overflow when handling DER-encoded DSA or RSA-PSS signatures. Applications using NSS for handling signatures encoded within CMS, S/MIME, PKCS \#7, or PKCS \#12 are likely to be impacted.
- CVE-2021-43389Nov 4, 2021affected < 5.3.18-150300.59.167.1.150300.18.98.1fixed 5.3.18-150300.59.167.1.150300.18.98.1
An issue was discovered in the Linux kernel before 5.14.15. There is an array-index-out-of-bounds flaw in the detach_capi_ctr function in drivers/isdn/capi/kcapi.c.
- CVE-2021-43056Oct 28, 2021affected < 5.3.18-150300.59.164.1.150300.18.96.1fixed 5.3.18-150300.59.164.1.150300.18.96.1
An issue was discovered in the Linux kernel for powerpc before 5.14.15. It allows a malicious KVM guest to crash the host, when the host is running on Power8, due to an arch/powerpc/kvm/book3s_hv_rmhandlers.S implementation bug in the handling of the SRR1 register values.
Page 84 of 85