rpm package

suse/kernel-docs&distro=SUSE Enterprise Storage 7

pkg:rpm/suse/kernel-docs&distro=SUSE%20Enterprise%20Storage%207

Vulnerabilities (279)

CVE	CVSS	Affected versions	Fixed in	Published	Description
CVE-2022-0168	—	< 5.3.18-150200.24.115.1	5.3.18-150200.24.115.1	Aug 26, 2022	A denial of service (DOS) issue was found in the Linux kernel’s smb2_ioctl_query_info function in the fs/cifs/smb2ops.c Common Internet File System (CIFS) due to an incorrect return from the memdup_user function. This flaw allows a local, privileged (CAP_SYS_ADMIN) attacker to cr
CVE-2021-4155	—	< 5.3.18-150200.24.129.1	5.3.18-150200.24.129.1	Aug 24, 2022	A data leak flaw was found in the way XFS_IOC_ALLOCSP IOCTL in the XFS filesystem allowed for size increase of files with unaligned size. A local attacker could use this flaw to leak data on the XFS filesystem otherwise not accessible to them.
CVE-2022-2978	—	< 5.3.18-150200.24.139.1	5.3.18-150200.24.139.1	Aug 24, 2022	A flaw use after free in the Linux kernel NILFS file system was found in the way user triggers function security_inode_alloc to fail with following call to function nilfs_mdt_destroy. A local user could use this flaw to crash the system or potentially escalate their privileges on
CVE-2021-4037	—	< 5.3.18-150200.24.139.1	5.3.18-150200.24.139.1	Aug 24, 2022	A vulnerability was found in the fs/inode.c:inode_init_owner() function logic of the LInux kernel that allows local users to create files for the XFS file-system with an unintended group ownership and with group execution and SGID permission bits set, in a scenario where a direct
CVE-2022-26373	—	< 5.3.18-150200.24.129.1	5.3.18-150200.24.129.1	Aug 18, 2022	Non-transparent sharing of return predictor targets between contexts in some Intel(R) Processors may allow an authorized user to potentially enable information disclosure via local access.
CVE-2022-2503	—	< 5.3.18-150200.24.134.1	5.3.18-150200.24.134.1	Aug 12, 2022	Dm-verity is used for extending root-of-trust to root filesystems. LoadPin builds on this property to restrict module/firmware loads to just the trusted root filesystem. Device-mapper table reloads currently allow users with root privileges to switch out the target with an equiva
CVE-2022-20368	—	< 5.3.18-150200.24.129.1	5.3.18-150200.24.129.1	Aug 11, 2022	Product: AndroidVersions: Android kernelAndroid ID: A-224546354References: Upstream kernel
CVE-2022-20369	—	< 5.3.18-150200.24.129.1	5.3.18-150200.24.129.1	Aug 11, 2022	In v4l2_m2m_querybuf of v4l2-mem2mem.c, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: An
CVE-2022-1158	—	< 5.3.18-150200.24.115.1	5.3.18-150200.24.115.1	Aug 5, 2022	A flaw was found in KVM. When updating a guest's page table entry, vm_pgoff was improperly used as the offset to get the page's pfn. As vaddr and vm_pgoff are controllable by user-mode processes, this flaw allows unprivileged local users on the host to write outside the userspace
CVE-2022-1012	—	< 5.3.18-150200.24.129.1	5.3.18-150200.24.129.1	Aug 5, 2022	A memory leak problem was found in the TCP source port generation algorithm in net/ipv4/tcp.c due to the small table perturb size. This flaw may allow an attacker to information leak and may cause a denial of service problem.
CVE-2022-36879	—	< 5.3.18-150200.24.129.1	5.3.18-150200.24.129.1	Jul 27, 2022	An issue was discovered in the Linux kernel through 5.18.14. xfrm_expand_policies in net/xfrm/xfrm_policy.c can cause a refcount to be dropped twice.
CVE-2022-36946	—	< 5.3.18-150200.24.126.1	5.3.18-150200.24.126.1	Jul 27, 2022	nfqnl_mangle in net/netfilter/nfnetlink_queue.c in the Linux kernel through 5.18.14 allows remote attackers to cause a denial of service (panic) because, in the case of an nf_queue verdict with a one-byte nfta_payload attribute, an skb_pull can encounter a negative skb->len.
CVE-2020-36557	—	< 5.3.18-150200.24.126.1	5.3.18-150200.24.126.1	Jul 21, 2022	A race condition in the Linux kernel before 5.6.2 between the VT_DISALLOCATE ioctl and closing/opening of ttys could lead to a use-after-free.
CVE-2020-36558	—	< 5.3.18-150200.24.126.1	5.3.18-150200.24.126.1	Jul 21, 2022	A race condition in the Linux kernel before 5.5.7 involving VT_RESIZEX could lead to a NULL pointer dereference and general protection fault.
CVE-2021-33655	—	< 5.3.18-150200.24.126.1	5.3.18-150200.24.126.1	Jul 18, 2022	When sending malicous data to kernel by ioctl cmd FBIOPUT_VSCREENINFO,kernel will write memory out of bounds.
CVE-2021-33656	—	< 5.3.18-150200.24.126.1	5.3.18-150200.24.126.1	Jul 18, 2022	When setting font with malicous data by ioctl cmd PIO_FONT,kernel will write memory out of bounds.
CVE-2021-4135	—	< 5.3.18-24.99.1	5.3.18-24.99.1	Jul 14, 2022	A memory leak vulnerability was found in the Linux kernel's eBPF for the Simulated networking device driver in the way user uses BPF for the device such that function nsim_map_alloc_elem being called. A local user could use this flaw to get unauthorized access to some data.
CVE-2022-29900	—	< 5.3.18-150200.24.126.1	5.3.18-150200.24.126.1	Jul 12, 2022	Mis-trained branch predictions for return instructions may allow arbitrary speculative code execution under certain microarchitecture-dependent conditions.
CVE-2022-29901	—	< 5.3.18-150200.24.126.1	5.3.18-150200.24.126.1	Jul 12, 2022	Intel microprocessor generations 6 to 8 are affected by a new Spectre variant that is able to bypass their retpoline mitigation in the kernel to leak arbitrary data. An attacker with unprivileged user access can hijack return instructions to achieve arbitrary speculative code exe
CVE-2022-2318	—	< 5.3.18-150200.24.126.1	5.3.18-150200.24.126.1	Jul 6, 2022	There are use-after-free vulnerabilities caused by timer handler in net/rose/rose_timer.c of linux that allow attackers to crash linux kernel without any privileges.

CVE-2022-0168Aug 26, 2022
affected < 5.3.18-150200.24.115.1fixed 5.3.18-150200.24.115.1
A denial of service (DOS) issue was found in the Linux kernel’s smb2_ioctl_query_info function in the fs/cifs/smb2ops.c Common Internet File System (CIFS) due to an incorrect return from the memdup_user function. This flaw allows a local, privileged (CAP_SYS_ADMIN) attacker to cr
CVE-2021-4155Aug 24, 2022
affected < 5.3.18-150200.24.129.1fixed 5.3.18-150200.24.129.1
A data leak flaw was found in the way XFS_IOC_ALLOCSP IOCTL in the XFS filesystem allowed for size increase of files with unaligned size. A local attacker could use this flaw to leak data on the XFS filesystem otherwise not accessible to them.
CVE-2022-2978Aug 24, 2022
affected < 5.3.18-150200.24.139.1fixed 5.3.18-150200.24.139.1
A flaw use after free in the Linux kernel NILFS file system was found in the way user triggers function security_inode_alloc to fail with following call to function nilfs_mdt_destroy. A local user could use this flaw to crash the system or potentially escalate their privileges on
CVE-2021-4037Aug 24, 2022
affected < 5.3.18-150200.24.139.1fixed 5.3.18-150200.24.139.1
A vulnerability was found in the fs/inode.c:inode_init_owner() function logic of the LInux kernel that allows local users to create files for the XFS file-system with an unintended group ownership and with group execution and SGID permission bits set, in a scenario where a direct
CVE-2022-26373Aug 18, 2022
affected < 5.3.18-150200.24.129.1fixed 5.3.18-150200.24.129.1
Non-transparent sharing of return predictor targets between contexts in some Intel(R) Processors may allow an authorized user to potentially enable information disclosure via local access.
CVE-2022-2503Aug 12, 2022
affected < 5.3.18-150200.24.134.1fixed 5.3.18-150200.24.134.1
Dm-verity is used for extending root-of-trust to root filesystems. LoadPin builds on this property to restrict module/firmware loads to just the trusted root filesystem. Device-mapper table reloads currently allow users with root privileges to switch out the target with an equiva
CVE-2022-20368Aug 11, 2022
affected < 5.3.18-150200.24.129.1fixed 5.3.18-150200.24.129.1
Product: AndroidVersions: Android kernelAndroid ID: A-224546354References: Upstream kernel
CVE-2022-20369Aug 11, 2022
affected < 5.3.18-150200.24.129.1fixed 5.3.18-150200.24.129.1
In v4l2_m2m_querybuf of v4l2-mem2mem.c, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: An
CVE-2022-1158Aug 5, 2022
affected < 5.3.18-150200.24.115.1fixed 5.3.18-150200.24.115.1
A flaw was found in KVM. When updating a guest's page table entry, vm_pgoff was improperly used as the offset to get the page's pfn. As vaddr and vm_pgoff are controllable by user-mode processes, this flaw allows unprivileged local users on the host to write outside the userspace
CVE-2022-1012Aug 5, 2022
affected < 5.3.18-150200.24.129.1fixed 5.3.18-150200.24.129.1
A memory leak problem was found in the TCP source port generation algorithm in net/ipv4/tcp.c due to the small table perturb size. This flaw may allow an attacker to information leak and may cause a denial of service problem.
CVE-2022-36879Jul 27, 2022
affected < 5.3.18-150200.24.129.1fixed 5.3.18-150200.24.129.1
An issue was discovered in the Linux kernel through 5.18.14. xfrm_expand_policies in net/xfrm/xfrm_policy.c can cause a refcount to be dropped twice.
CVE-2022-36946Jul 27, 2022
affected < 5.3.18-150200.24.126.1fixed 5.3.18-150200.24.126.1
nfqnl_mangle in net/netfilter/nfnetlink_queue.c in the Linux kernel through 5.18.14 allows remote attackers to cause a denial of service (panic) because, in the case of an nf_queue verdict with a one-byte nfta_payload attribute, an skb_pull can encounter a negative skb->len.
CVE-2020-36557Jul 21, 2022
affected < 5.3.18-150200.24.126.1fixed 5.3.18-150200.24.126.1
A race condition in the Linux kernel before 5.6.2 between the VT_DISALLOCATE ioctl and closing/opening of ttys could lead to a use-after-free.
CVE-2020-36558Jul 21, 2022
affected < 5.3.18-150200.24.126.1fixed 5.3.18-150200.24.126.1
A race condition in the Linux kernel before 5.5.7 involving VT_RESIZEX could lead to a NULL pointer dereference and general protection fault.
CVE-2021-33655Jul 18, 2022
affected < 5.3.18-150200.24.126.1fixed 5.3.18-150200.24.126.1
When sending malicous data to kernel by ioctl cmd FBIOPUT_VSCREENINFO,kernel will write memory out of bounds.
CVE-2021-33656Jul 18, 2022
affected < 5.3.18-150200.24.126.1fixed 5.3.18-150200.24.126.1
When setting font with malicous data by ioctl cmd PIO_FONT,kernel will write memory out of bounds.
CVE-2021-4135Jul 14, 2022
affected < 5.3.18-24.99.1fixed 5.3.18-24.99.1
A memory leak vulnerability was found in the Linux kernel's eBPF for the Simulated networking device driver in the way user uses BPF for the device such that function nsim_map_alloc_elem being called. A local user could use this flaw to get unauthorized access to some data.
CVE-2022-29900Jul 12, 2022
affected < 5.3.18-150200.24.126.1fixed 5.3.18-150200.24.126.1
Mis-trained branch predictions for return instructions may allow arbitrary speculative code execution under certain microarchitecture-dependent conditions.
CVE-2022-29901Jul 12, 2022
affected < 5.3.18-150200.24.126.1fixed 5.3.18-150200.24.126.1
Intel microprocessor generations 6 to 8 are affected by a new Spectre variant that is able to bypass their retpoline mitigation in the kernel to leak arbitrary data. An attacker with unprivileged user access can hijack return instructions to achieve arbitrary speculative code exe
CVE-2022-2318Jul 6, 2022
affected < 5.3.18-150200.24.126.1fixed 5.3.18-150200.24.126.1
There are use-after-free vulnerabilities caused by timer handler in net/rose/rose_timer.c of linux that allow attackers to crash linux kernel without any privileges.

Page 9 of 14