rpm package
suse/kernel-default-base&distro=SUSE Manager Server 4.1
pkg:rpm/suse/kernel-default-base&distro=SUSE%20Manager%20Server%204.1
Vulnerabilities (183)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2020-26541 | — | < 5.3.18-150200.24.115.1.150200.9.54.1 | 5.3.18-150200.24.115.1.150200.9.54.1 | Oct 2, 2020 | The Linux kernel through 5.8.13 does not properly enforce the Secure Boot Forbidden Signature Database (aka dbx) protection mechanism. This affects certs/blacklist.c and certs/system_keyring.c. | ||
| CVE-2019-19377 | — | < 5.3.18-150200.24.115.1.150200.9.54.1 | 5.3.18-150200.24.115.1.150200.9.54.1 | Nov 29, 2019 | In the Linux kernel 5.0.21, mounting a crafted btrfs filesystem image, performing some operations, and unmounting can lead to a use-after-free in btrfs_queue_work in fs/btrfs/async-thread.c. | ||
| CVE-2016-3695 | Med | 5.5 | < 5.3.18-150200.24.129.1.150200.9.61.1 | 5.3.18-150200.24.129.1.150200.9.61.1 | Dec 29, 2017 | The einj_error_inject function in drivers/acpi/apei/einj.c in the Linux kernel allows local users to simulate hardware errors and consequently cause a denial of service by leveraging failure to disable APEI error injection through EINJ when securelevel is set. |
- CVE-2020-26541Oct 2, 2020affected < 5.3.18-150200.24.115.1.150200.9.54.1fixed 5.3.18-150200.24.115.1.150200.9.54.1
The Linux kernel through 5.8.13 does not properly enforce the Secure Boot Forbidden Signature Database (aka dbx) protection mechanism. This affects certs/blacklist.c and certs/system_keyring.c.
- CVE-2019-19377Nov 29, 2019affected < 5.3.18-150200.24.115.1.150200.9.54.1fixed 5.3.18-150200.24.115.1.150200.9.54.1
In the Linux kernel 5.0.21, mounting a crafted btrfs filesystem image, performing some operations, and unmounting can lead to a use-after-free in btrfs_queue_work in fs/btrfs/async-thread.c.
- affected < 5.3.18-150200.24.129.1.150200.9.61.1fixed 5.3.18-150200.24.129.1.150200.9.61.1
The einj_error_inject function in drivers/acpi/apei/einj.c in the Linux kernel allows local users to simulate hardware errors and consequently cause a denial of service by leveraging failure to disable APEI error injection through EINJ when securelevel is set.
Page 10 of 10