rpm package
suse/kernel-default-base&distro=SUSE Manager Server 4.2
pkg:rpm/suse/kernel-default-base&distro=SUSE%20Manager%20Server%204.2
Vulnerabilities (174)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2022-3606 | — | < 5.3.18-150300.59.112.1.150300.18.64.1 | 5.3.18-150300.59.112.1.150300.18.64.1 | Oct 19, 2022 | A vulnerability was found in Linux Kernel. It has been classified as problematic. This affects the function find_prog_by_sec_insn of the file tools/lib/bpf/libbpf.c of the component BPF. The manipulation leads to null pointer dereference. It is recommended to apply a patch to fix | ||
| CVE-2022-3567 | — | < 5.3.18-150300.59.106.1.150300.18.60.2 | 5.3.18-150300.59.106.1.150300.18.60.2 | Oct 17, 2022 | A vulnerability has been found in Linux Kernel and classified as problematic. This vulnerability affects the function inet6_stream_ops/inet6_dgram_ops of the component IPv6 Handler. The manipulation leads to race condition. It is recommended to apply a patch to fix this issue. VD | ||
| CVE-2022-3566 | — | < 5.3.18-150300.59.124.1.150300.18.72.1 | 5.3.18-150300.59.124.1.150300.18.72.1 | Oct 17, 2022 | A vulnerability, which was classified as problematic, was found in Linux Kernel. This affects the function tcp_getsockopt/tcp_setsockopt of the component TCP Handler. The manipulation leads to race condition. It is recommended to apply a patch to fix this issue. The identifier VD | ||
| CVE-2022-3564 | — | < 5.3.18-150300.59.109.1.150300.18.62.1 | 5.3.18-150300.59.109.1.150300.18.62.1 | Oct 17, 2022 | A vulnerability classified as critical was found in Linux Kernel. Affected by this vulnerability is the function l2cap_reassemble_sdu of the file net/bluetooth/l2cap_core.c of the component Bluetooth. The manipulation leads to use after free. It is recommended to apply a patch to | ||
| CVE-2022-3435 | — | < 5.3.18-150300.59.109.1.150300.18.62.1 | 5.3.18-150300.59.109.1.150300.18.62.1 | Oct 8, 2022 | A vulnerability classified as problematic has been found in Linux Kernel. This affects the function fib_nh_match of the file net/ipv4/fib_semantics.c of the component IPv4 Handler. The manipulation leads to out-of-bounds read. It is possible to initiate the attack remotely. It is | ||
| CVE-2022-41850 | — | < 5.3.18-150300.59.106.1.150300.18.60.2 | 5.3.18-150300.59.106.1.150300.18.60.2 | Sep 30, 2022 | roccat_report_event in drivers/hid/hid-roccat.c in the Linux kernel through 5.19.12 has a race condition and resultant use-after-free in certain situations where a report is received while copying a report->value is in progress. | ||
| CVE-2022-36402 | — | < 5.3.18-150300.59.133.1.150300.18.78.1 | 5.3.18-150300.59.133.1.150300.18.78.1 | Sep 16, 2022 | An integer overflow vulnerability was found in vmwgfx driver in drivers/gpu/vmxgfx/vmxgfx_execbuf.c in GPU component of Linux kernel with device file '/dev/dri/renderD128 (or Dxxx)'. This flaw allows a local attacker with a user account on the system to gain privilege, causing a | ||
| CVE-2022-38096 | Med | 6.3 | < 5.3.18-150300.59.115.2.150300.18.66.1 | 5.3.18-150300.59.115.2.150300.18.66.1 | Sep 9, 2022 | A NULL pointer dereference vulnerability was found in vmwgfx driver in drivers/gpu/vmxgfx/vmxgfx_execbuf.c in GPU component of Linux kernel with device file '/dev/dri/renderD128 (or Dxxx)'. This flaw allows a local attacker with a user account on the system to gain privilege, cau | |
| CVE-2022-36280 | — | < 5.3.18-150300.59.115.2.150300.18.66.1 | 5.3.18-150300.59.115.2.150300.18.66.1 | Sep 9, 2022 | An out-of-bounds(OOB) memory access vulnerability was found in vmwgfx driver in drivers/gpu/vmxgfx/vmxgfx_kms.c in GPU component in the Linux kernel with device file '/dev/dri/renderD128 (or Dxxx)'. This flaw allows a local attacker with a user account on the system to gain privi | ||
| CVE-2022-29900 | — | < 5.3.18-150300.59.106.1.150300.18.60.2 | 5.3.18-150300.59.106.1.150300.18.60.2 | Jul 12, 2022 | Mis-trained branch predictions for return instructions may allow arbitrary speculative code execution under certain microarchitecture-dependent conditions. | ||
| CVE-2022-29901 | — | < 5.3.18-150300.59.106.1.150300.18.60.2 | 5.3.18-150300.59.106.1.150300.18.60.2 | Jul 12, 2022 | Intel microprocessor generations 6 to 8 are affected by a new Spectre variant that is able to bypass their retpoline mitigation in the kernel to leak arbitrary data. An attacker with unprivileged user access can hijack return instructions to achieve arbitrary speculative code exe | ||
| CVE-2021-29650 | — | < 5.3.18-150300.59.124.1.150300.18.72.1 | 5.3.18-150300.59.124.1.150300.18.72.1 | Mar 30, 2021 | An issue was discovered in the Linux kernel before 5.11.11. The netfilter subsystem allows attackers to cause a denial of service (panic) because net/netfilter/x_tables.c and include/linux/netfilter/x_tables.h lack a full memory barrier upon the assignment of a new table value, a | ||
| CVE-2019-19083 | — | < 5.3.18-150300.59.109.1.150300.18.62.1 | 5.3.18-150300.59.109.1.150300.18.62.1 | Nov 18, 2019 | Memory leaks in *clock_source_create() functions under drivers/gpu/drm/amd/display/dc in the Linux kernel before 5.3.8 allow attackers to cause a denial of service (memory consumption). This affects the dce112_clock_source_create() function in drivers/gpu/drm/amd/display/dc/dce11 | ||
| CVE-2017-5753 | — | < 5.3.18-150300.59.118.1.150300.18.68.1 | 5.3.18-150300.59.118.1.150300.18.68.1 | Jan 4, 2018 | Systems with microprocessors utilizing speculative execution and branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis. |
- CVE-2022-3606Oct 19, 2022affected < 5.3.18-150300.59.112.1.150300.18.64.1fixed 5.3.18-150300.59.112.1.150300.18.64.1
A vulnerability was found in Linux Kernel. It has been classified as problematic. This affects the function find_prog_by_sec_insn of the file tools/lib/bpf/libbpf.c of the component BPF. The manipulation leads to null pointer dereference. It is recommended to apply a patch to fix
- CVE-2022-3567Oct 17, 2022affected < 5.3.18-150300.59.106.1.150300.18.60.2fixed 5.3.18-150300.59.106.1.150300.18.60.2
A vulnerability has been found in Linux Kernel and classified as problematic. This vulnerability affects the function inet6_stream_ops/inet6_dgram_ops of the component IPv6 Handler. The manipulation leads to race condition. It is recommended to apply a patch to fix this issue. VD
- CVE-2022-3566Oct 17, 2022affected < 5.3.18-150300.59.124.1.150300.18.72.1fixed 5.3.18-150300.59.124.1.150300.18.72.1
A vulnerability, which was classified as problematic, was found in Linux Kernel. This affects the function tcp_getsockopt/tcp_setsockopt of the component TCP Handler. The manipulation leads to race condition. It is recommended to apply a patch to fix this issue. The identifier VD
- CVE-2022-3564Oct 17, 2022affected < 5.3.18-150300.59.109.1.150300.18.62.1fixed 5.3.18-150300.59.109.1.150300.18.62.1
A vulnerability classified as critical was found in Linux Kernel. Affected by this vulnerability is the function l2cap_reassemble_sdu of the file net/bluetooth/l2cap_core.c of the component Bluetooth. The manipulation leads to use after free. It is recommended to apply a patch to
- CVE-2022-3435Oct 8, 2022affected < 5.3.18-150300.59.109.1.150300.18.62.1fixed 5.3.18-150300.59.109.1.150300.18.62.1
A vulnerability classified as problematic has been found in Linux Kernel. This affects the function fib_nh_match of the file net/ipv4/fib_semantics.c of the component IPv4 Handler. The manipulation leads to out-of-bounds read. It is possible to initiate the attack remotely. It is
- CVE-2022-41850Sep 30, 2022affected < 5.3.18-150300.59.106.1.150300.18.60.2fixed 5.3.18-150300.59.106.1.150300.18.60.2
roccat_report_event in drivers/hid/hid-roccat.c in the Linux kernel through 5.19.12 has a race condition and resultant use-after-free in certain situations where a report is received while copying a report->value is in progress.
- CVE-2022-36402Sep 16, 2022affected < 5.3.18-150300.59.133.1.150300.18.78.1fixed 5.3.18-150300.59.133.1.150300.18.78.1
An integer overflow vulnerability was found in vmwgfx driver in drivers/gpu/vmxgfx/vmxgfx_execbuf.c in GPU component of Linux kernel with device file '/dev/dri/renderD128 (or Dxxx)'. This flaw allows a local attacker with a user account on the system to gain privilege, causing a
- affected < 5.3.18-150300.59.115.2.150300.18.66.1fixed 5.3.18-150300.59.115.2.150300.18.66.1
A NULL pointer dereference vulnerability was found in vmwgfx driver in drivers/gpu/vmxgfx/vmxgfx_execbuf.c in GPU component of Linux kernel with device file '/dev/dri/renderD128 (or Dxxx)'. This flaw allows a local attacker with a user account on the system to gain privilege, cau
- CVE-2022-36280Sep 9, 2022affected < 5.3.18-150300.59.115.2.150300.18.66.1fixed 5.3.18-150300.59.115.2.150300.18.66.1
An out-of-bounds(OOB) memory access vulnerability was found in vmwgfx driver in drivers/gpu/vmxgfx/vmxgfx_kms.c in GPU component in the Linux kernel with device file '/dev/dri/renderD128 (or Dxxx)'. This flaw allows a local attacker with a user account on the system to gain privi
- CVE-2022-29900Jul 12, 2022affected < 5.3.18-150300.59.106.1.150300.18.60.2fixed 5.3.18-150300.59.106.1.150300.18.60.2
Mis-trained branch predictions for return instructions may allow arbitrary speculative code execution under certain microarchitecture-dependent conditions.
- CVE-2022-29901Jul 12, 2022affected < 5.3.18-150300.59.106.1.150300.18.60.2fixed 5.3.18-150300.59.106.1.150300.18.60.2
Intel microprocessor generations 6 to 8 are affected by a new Spectre variant that is able to bypass their retpoline mitigation in the kernel to leak arbitrary data. An attacker with unprivileged user access can hijack return instructions to achieve arbitrary speculative code exe
- CVE-2021-29650Mar 30, 2021affected < 5.3.18-150300.59.124.1.150300.18.72.1fixed 5.3.18-150300.59.124.1.150300.18.72.1
An issue was discovered in the Linux kernel before 5.11.11. The netfilter subsystem allows attackers to cause a denial of service (panic) because net/netfilter/x_tables.c and include/linux/netfilter/x_tables.h lack a full memory barrier upon the assignment of a new table value, a
- CVE-2019-19083Nov 18, 2019affected < 5.3.18-150300.59.109.1.150300.18.62.1fixed 5.3.18-150300.59.109.1.150300.18.62.1
Memory leaks in *clock_source_create() functions under drivers/gpu/drm/amd/display/dc in the Linux kernel before 5.3.8 allow attackers to cause a denial of service (memory consumption). This affects the dce112_clock_source_create() function in drivers/gpu/drm/amd/display/dc/dce11
- CVE-2017-5753Jan 4, 2018affected < 5.3.18-150300.59.118.1.150300.18.68.1fixed 5.3.18-150300.59.118.1.150300.18.68.1
Systems with microprocessors utilizing speculative execution and branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis.
Page 9 of 9