rpm package
suse/kernel-docs&distro=SUSE Enterprise Storage 7
pkg:rpm/suse/kernel-docs&distro=SUSE%20Enterprise%20Storage%207
Vulnerabilities (279)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2021-28711 | — | < 5.3.18-24.99.1 | 5.3.18-24.99.1 | Jan 5, 2022 | Rogue backends can cause DoS of guests via high frequency events T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Xen offers the ability to run PV backends in regular unprivileged guests, typically re | ||
| CVE-2021-45485 | — | < 5.3.18-24.99.1 | 5.3.18-24.99.1 | Dec 25, 2021 | In the IPv6 implementation in the Linux kernel before 5.13.3, net/ipv6/output_core.c has an information leak because of certain use of a hash table which, although big, doesn't properly consider that IPv6-based attackers can typically choose among many IPv6 source addresses. | ||
| CVE-2021-45486 | — | < 5.3.18-24.99.1 | 5.3.18-24.99.1 | Dec 25, 2021 | In the IPv4 implementation in the Linux kernel before 5.12.4, net/ipv4/route.c has an information leak because the hash table is very small. | ||
| CVE-2021-44733 | — | < 5.3.18-24.99.1 | 5.3.18-24.99.1 | Dec 22, 2021 | A use-after-free exists in drivers/tee/tee_shm.c in the TEE subsystem in the Linux kernel through 5.15.11. This occurs because of a race condition in tee_shm_get_from_id during an attempt to free a shared memory object. | ||
| CVE-2021-45095 | — | < 5.3.18-24.102.1 | 5.3.18-24.102.1 | Dec 16, 2021 | pep_sock_accept in net/phonet/pep.c in the Linux kernel through 5.15.8 has a refcount leak. | ||
| CVE-2021-39657 | — | < 5.3.18-24.102.1 | 5.3.18-24.102.1 | Dec 15, 2021 | In ufshcd_eh_device_reset_handler of ufshcd.c, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: | ||
| CVE-2021-39648 | — | < 5.3.18-24.102.1 | 5.3.18-24.102.1 | Dec 15, 2021 | In gadget_dev_desc_UDC_show of configfs.c, there is a possible disclosure of kernel heap memory due to a race condition. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersio | ||
| CVE-2021-0920 | — | KEV | < 5.3.18-150200.24.112.1 | 5.3.18-150200.24.112.1 | Dec 15, 2021 | In unix_scm_to_skb of af_unix.c, there is a possible use after free bug due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndro | |
| CVE-2021-33098 | — | < 5.3.18-24.99.1 | 5.3.18-24.99.1 | Nov 17, 2021 | Improper input validation in the Intel(R) Ethernet ixgbe driver for Linux before version 3.17.3 may allow an authenticated user to potentially enable denial of service via local access. | ||
| CVE-2021-43975 | — | < 5.3.18-24.99.1 | 5.3.18-24.99.1 | Nov 17, 2021 | In the Linux kernel through 5.15.2, hw_atl_utils_fw_rpc_wait in drivers/net/ethernet/aquantia/atlantic/hw_atl/hw_atl_utils.c allows an attacker (who can introduce a crafted device) to trigger an out-of-bounds write via a crafted length value. | ||
| CVE-2021-43976 | — | < 5.3.18-24.99.1 | 5.3.18-24.99.1 | Nov 17, 2021 | In the Linux kernel through 5.15.2, mwifiex_usb_recv in drivers/net/wireless/marvell/mwifiex/usb.c allows an attacker (who can connect a crafted USB device) to cause a denial of service (skb_over_panic). | ||
| CVE-2020-27820 | — | < 5.3.18-24.99.1 | 5.3.18-24.99.1 | Nov 2, 2021 | A vulnerability was found in Linux kernel, where a use-after-frees in nouveau's postclose() handler could happen if removing device (that is not common to remove video card physically without power-off, but same happens if "unbind" the driver). | ||
| CVE-2021-29650 | — | < 5.3.18-150200.24.154.2 | 5.3.18-150200.24.154.2 | Mar 30, 2021 | An issue was discovered in the Linux kernel before 5.11.11. The netfilter subsystem allows attackers to cause a denial of service (panic) because net/netfilter/x_tables.c and include/linux/netfilter/x_tables.h lack a full memory barrier upon the assignment of a new table value, a | ||
| CVE-2020-16119 | — | < 5.3.18-150200.24.134.1 | 5.3.18-150200.24.134.1 | Jan 14, 2021 | Use-after-free vulnerability in the Linux kernel exploitable by a local attacker due to reuse of a DCCP socket with an attached dccps_hc_tx_ccid object as a listener after being released. Fixed in Ubuntu Linux kernel 5.4.0-51.56, 5.3.0-68.63, 4.15.0-121.123, 4.4.0-193.224, 3.13.0 | ||
| CVE-2020-27825 | — | < 5.3.18-24.99.1 | 5.3.18-24.99.1 | Dec 11, 2020 | A use-after-free flaw was found in kernel/trace/ring_buffer.c in Linux kernel (before 5.10-rc1). There was a race problem in trace_open and resize of cpu buffer running parallely on different cpus, may cause a denial of service problem (DOS). This flaw could even allow a local at | ||
| CVE-2020-26541 | — | < 5.3.18-150200.24.115.1 | 5.3.18-150200.24.115.1 | Oct 2, 2020 | The Linux kernel through 5.8.13 does not properly enforce the Secure Boot Forbidden Signature Database (aka dbx) protection mechanism. This affects certs/blacklist.c and certs/system_keyring.c. | ||
| CVE-2019-19377 | — | < 5.3.18-150200.24.115.1 | 5.3.18-150200.24.115.1 | Nov 29, 2019 | In the Linux kernel 5.0.21, mounting a crafted btrfs filesystem image, performing some operations, and unmounting can lead to a use-after-free in btrfs_queue_work in fs/btrfs/async-thread.c. | ||
| CVE-2017-5753 | — | < 5.3.18-150200.24.148.1 | 5.3.18-150200.24.148.1 | Jan 4, 2018 | Systems with microprocessors utilizing speculative execution and branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis. | ||
| CVE-2016-3695 | Med | 5.5 | < 5.3.18-150200.24.129.1 | 5.3.18-150200.24.129.1 | Dec 29, 2017 | The einj_error_inject function in drivers/acpi/apei/einj.c in the Linux kernel allows local users to simulate hardware errors and consequently cause a denial of service by leveraging failure to disable APEI error injection through EINJ when securelevel is set. |
- CVE-2021-28711Jan 5, 2022affected < 5.3.18-24.99.1fixed 5.3.18-24.99.1
Rogue backends can cause DoS of guests via high frequency events T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Xen offers the ability to run PV backends in regular unprivileged guests, typically re
- CVE-2021-45485Dec 25, 2021affected < 5.3.18-24.99.1fixed 5.3.18-24.99.1
In the IPv6 implementation in the Linux kernel before 5.13.3, net/ipv6/output_core.c has an information leak because of certain use of a hash table which, although big, doesn't properly consider that IPv6-based attackers can typically choose among many IPv6 source addresses.
- CVE-2021-45486Dec 25, 2021affected < 5.3.18-24.99.1fixed 5.3.18-24.99.1
In the IPv4 implementation in the Linux kernel before 5.12.4, net/ipv4/route.c has an information leak because the hash table is very small.
- CVE-2021-44733Dec 22, 2021affected < 5.3.18-24.99.1fixed 5.3.18-24.99.1
A use-after-free exists in drivers/tee/tee_shm.c in the TEE subsystem in the Linux kernel through 5.15.11. This occurs because of a race condition in tee_shm_get_from_id during an attempt to free a shared memory object.
- CVE-2021-45095Dec 16, 2021affected < 5.3.18-24.102.1fixed 5.3.18-24.102.1
pep_sock_accept in net/phonet/pep.c in the Linux kernel through 5.15.8 has a refcount leak.
- CVE-2021-39657Dec 15, 2021affected < 5.3.18-24.102.1fixed 5.3.18-24.102.1
In ufshcd_eh_device_reset_handler of ufshcd.c, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:
- CVE-2021-39648Dec 15, 2021affected < 5.3.18-24.102.1fixed 5.3.18-24.102.1
In gadget_dev_desc_UDC_show of configfs.c, there is a possible disclosure of kernel heap memory due to a race condition. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersio
- affected < 5.3.18-150200.24.112.1fixed 5.3.18-150200.24.112.1
In unix_scm_to_skb of af_unix.c, there is a possible use after free bug due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndro
- CVE-2021-33098Nov 17, 2021affected < 5.3.18-24.99.1fixed 5.3.18-24.99.1
Improper input validation in the Intel(R) Ethernet ixgbe driver for Linux before version 3.17.3 may allow an authenticated user to potentially enable denial of service via local access.
- CVE-2021-43975Nov 17, 2021affected < 5.3.18-24.99.1fixed 5.3.18-24.99.1
In the Linux kernel through 5.15.2, hw_atl_utils_fw_rpc_wait in drivers/net/ethernet/aquantia/atlantic/hw_atl/hw_atl_utils.c allows an attacker (who can introduce a crafted device) to trigger an out-of-bounds write via a crafted length value.
- CVE-2021-43976Nov 17, 2021affected < 5.3.18-24.99.1fixed 5.3.18-24.99.1
In the Linux kernel through 5.15.2, mwifiex_usb_recv in drivers/net/wireless/marvell/mwifiex/usb.c allows an attacker (who can connect a crafted USB device) to cause a denial of service (skb_over_panic).
- CVE-2020-27820Nov 2, 2021affected < 5.3.18-24.99.1fixed 5.3.18-24.99.1
A vulnerability was found in Linux kernel, where a use-after-frees in nouveau's postclose() handler could happen if removing device (that is not common to remove video card physically without power-off, but same happens if "unbind" the driver).
- CVE-2021-29650Mar 30, 2021affected < 5.3.18-150200.24.154.2fixed 5.3.18-150200.24.154.2
An issue was discovered in the Linux kernel before 5.11.11. The netfilter subsystem allows attackers to cause a denial of service (panic) because net/netfilter/x_tables.c and include/linux/netfilter/x_tables.h lack a full memory barrier upon the assignment of a new table value, a
- CVE-2020-16119Jan 14, 2021affected < 5.3.18-150200.24.134.1fixed 5.3.18-150200.24.134.1
Use-after-free vulnerability in the Linux kernel exploitable by a local attacker due to reuse of a DCCP socket with an attached dccps_hc_tx_ccid object as a listener after being released. Fixed in Ubuntu Linux kernel 5.4.0-51.56, 5.3.0-68.63, 4.15.0-121.123, 4.4.0-193.224, 3.13.0
- CVE-2020-27825Dec 11, 2020affected < 5.3.18-24.99.1fixed 5.3.18-24.99.1
A use-after-free flaw was found in kernel/trace/ring_buffer.c in Linux kernel (before 5.10-rc1). There was a race problem in trace_open and resize of cpu buffer running parallely on different cpus, may cause a denial of service problem (DOS). This flaw could even allow a local at
- CVE-2020-26541Oct 2, 2020affected < 5.3.18-150200.24.115.1fixed 5.3.18-150200.24.115.1
The Linux kernel through 5.8.13 does not properly enforce the Secure Boot Forbidden Signature Database (aka dbx) protection mechanism. This affects certs/blacklist.c and certs/system_keyring.c.
- CVE-2019-19377Nov 29, 2019affected < 5.3.18-150200.24.115.1fixed 5.3.18-150200.24.115.1
In the Linux kernel 5.0.21, mounting a crafted btrfs filesystem image, performing some operations, and unmounting can lead to a use-after-free in btrfs_queue_work in fs/btrfs/async-thread.c.
- CVE-2017-5753Jan 4, 2018affected < 5.3.18-150200.24.148.1fixed 5.3.18-150200.24.148.1
Systems with microprocessors utilizing speculative execution and branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis.
- affected < 5.3.18-150200.24.129.1fixed 5.3.18-150200.24.129.1
The einj_error_inject function in drivers/acpi/apei/einj.c in the Linux kernel allows local users to simulate hardware errors and consequently cause a denial of service by leveraging failure to disable APEI error injection through EINJ when securelevel is set.
Page 14 of 14