rpm package

suse/kernel-livepatch-SLE15-SP1_Update_28&distro=SUSE Linux Enterprise Live Patching 15 SP1

pkg:rpm/suse/kernel-livepatch-SLE15-SP1_Update_28&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2015%20SP1

Vulnerabilities (59)

CVE	CVSS	KEV	Affected versions	Fixed in	Published	Description
CVE-2021-28715	—		< 1-3.3.1	1-3.3.1	Jan 6, 2022	Guest can force Linux netback driver to hog large amounts of kernel memory T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Incoming data packets for a guest in the Linux kernel's netback driver are b
CVE-2021-28714	—		< 1-3.3.1	1-3.3.1	Jan 6, 2022	Guest can force Linux netback driver to hog large amounts of kernel memory T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Incoming data packets for a guest in the Linux kernel's netback driver are b
CVE-2021-28713	—		< 1-3.3.1	1-3.3.1	Jan 5, 2022	Rogue backends can cause DoS of guests via high frequency events T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Xen offers the ability to run PV backends in regular unprivileged guests, typically re
CVE-2021-28712	—		< 1-3.3.1	1-3.3.1	Jan 5, 2022	Rogue backends can cause DoS of guests via high frequency events T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Xen offers the ability to run PV backends in regular unprivileged guests, typically re
CVE-2021-28711	—		< 1-3.3.1	1-3.3.1	Jan 5, 2022	Rogue backends can cause DoS of guests via high frequency events T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Xen offers the ability to run PV backends in regular unprivileged guests, typically re
CVE-2021-45486	—		< 1-3.3.1	1-3.3.1	Dec 25, 2021	In the IPv4 implementation in the Linux kernel before 5.12.4, net/ipv4/route.c has an information leak because the hash table is very small.
CVE-2021-44733	—		< 1-3.3.1	1-3.3.1	Dec 22, 2021	A use-after-free exists in drivers/tee/tee_shm.c in the TEE subsystem in the Linux kernel through 5.15.11. This occurs because of a race condition in tee_shm_get_from_id during an attempt to free a shared memory object.
CVE-2021-45095	—		< 1-3.3.1	1-3.3.1	Dec 16, 2021	pep_sock_accept in net/phonet/pep.c in the Linux kernel through 5.15.8 has a refcount leak.
CVE-2021-39657	—		< 1-3.3.1	1-3.3.1	Dec 15, 2021	In ufshcd_eh_device_reset_handler of ufshcd.c, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:
CVE-2021-39648	—		< 1-3.3.1	1-3.3.1	Dec 15, 2021	In gadget_dev_desc_UDC_show of configfs.c, there is a possible disclosure of kernel heap memory due to a race condition. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersio
CVE-2021-0920	—	KEV	< 1-3.3.1	1-3.3.1	Dec 15, 2021	In unix_scm_to_skb of af_unix.c, there is a possible use after free bug due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndro
CVE-2018-25020	—		< 1-3.3.1	1-3.3.1	Dec 8, 2021	The BPF subsystem in the Linux kernel before 4.17 mishandles situations with a long jump over an instruction sequence where inner instructions require substantial expansions into multiple BPF instructions, leading to an overflow. This affects kernel/bpf/core.c and net/core/filter
CVE-2021-33098	—		< 1-3.3.1	1-3.3.1	Nov 17, 2021	Improper input validation in the Intel(R) Ethernet ixgbe driver for Linux before version 3.17.3 may allow an authenticated user to potentially enable denial of service via local access.
CVE-2021-43975	—		< 1-3.3.1	1-3.3.1	Nov 17, 2021	In the Linux kernel through 5.15.2, hw_atl_utils_fw_rpc_wait in drivers/net/ethernet/aquantia/atlantic/hw_atl/hw_atl_utils.c allows an attacker (who can introduce a crafted device) to trigger an out-of-bounds write via a crafted length value.
CVE-2021-43976	—		< 1-3.3.1	1-3.3.1	Nov 17, 2021	In the Linux kernel through 5.15.2, mwifiex_usb_recv in drivers/net/wireless/marvell/mwifiex/usb.c allows an attacker (who can connect a crafted USB device) to cause a denial of service (skb_over_panic).
CVE-2020-27820	—		< 1-3.3.1	1-3.3.1	Nov 2, 2021	A vulnerability was found in Linux kernel, where a use-after-frees in nouveau's postclose() handler could happen if removing device (that is not common to remove video card physically without power-off, but same happens if "unbind" the driver).
CVE-2021-0935	—		< 1-3.3.1	1-3.3.1	Oct 25, 2021	In ip6_xmit of ip6_output.c, there is a possible out of bounds write due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid
CVE-2021-3564	—		< 1-3.3.1	1-3.3.1	Jun 8, 2021	A flaw double-free memory corruption in the Linux kernel HCI device initialization subsystem was found in the way user attach malicious HCI TTY Bluetooth device. A local user could use this flaw to crash the system. This flaw affects all the Linux kernel versions starting from 3.
CVE-2019-15126	—		< 1-3.3.1	1-3.3.1	Feb 5, 2020	An issue was discovered on Broadcom Wi-Fi client devices. Specifically timed and handcrafted traffic can cause internal errors (related to state transitions) in a WLAN device that lead to improper layer 2 Wi-Fi encryption with a consequent possibility of information disclosure ov

CVE-2021-28715Jan 6, 2022
affected < 1-3.3.1fixed 1-3.3.1
Guest can force Linux netback driver to hog large amounts of kernel memory T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Incoming data packets for a guest in the Linux kernel's netback driver are b
CVE-2021-28714Jan 6, 2022
affected < 1-3.3.1fixed 1-3.3.1
Guest can force Linux netback driver to hog large amounts of kernel memory T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Incoming data packets for a guest in the Linux kernel's netback driver are b
CVE-2021-28713Jan 5, 2022
affected < 1-3.3.1fixed 1-3.3.1
Rogue backends can cause DoS of guests via high frequency events T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Xen offers the ability to run PV backends in regular unprivileged guests, typically re
CVE-2021-28712Jan 5, 2022
affected < 1-3.3.1fixed 1-3.3.1
Rogue backends can cause DoS of guests via high frequency events T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Xen offers the ability to run PV backends in regular unprivileged guests, typically re
CVE-2021-28711Jan 5, 2022
affected < 1-3.3.1fixed 1-3.3.1
Rogue backends can cause DoS of guests via high frequency events T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Xen offers the ability to run PV backends in regular unprivileged guests, typically re
CVE-2021-45486Dec 25, 2021
affected < 1-3.3.1fixed 1-3.3.1
In the IPv4 implementation in the Linux kernel before 5.12.4, net/ipv4/route.c has an information leak because the hash table is very small.
CVE-2021-44733Dec 22, 2021
affected < 1-3.3.1fixed 1-3.3.1
A use-after-free exists in drivers/tee/tee_shm.c in the TEE subsystem in the Linux kernel through 5.15.11. This occurs because of a race condition in tee_shm_get_from_id during an attempt to free a shared memory object.
CVE-2021-45095Dec 16, 2021
affected < 1-3.3.1fixed 1-3.3.1
pep_sock_accept in net/phonet/pep.c in the Linux kernel through 5.15.8 has a refcount leak.
CVE-2021-39657Dec 15, 2021
affected < 1-3.3.1fixed 1-3.3.1
In ufshcd_eh_device_reset_handler of ufshcd.c, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:
CVE-2021-39648Dec 15, 2021
affected < 1-3.3.1fixed 1-3.3.1
In gadget_dev_desc_UDC_show of configfs.c, there is a possible disclosure of kernel heap memory due to a race condition. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersio
CVE-2021-0920KEVDec 15, 2021
affected < 1-3.3.1fixed 1-3.3.1
In unix_scm_to_skb of af_unix.c, there is a possible use after free bug due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndro
CVE-2018-25020Dec 8, 2021
affected < 1-3.3.1fixed 1-3.3.1
The BPF subsystem in the Linux kernel before 4.17 mishandles situations with a long jump over an instruction sequence where inner instructions require substantial expansions into multiple BPF instructions, leading to an overflow. This affects kernel/bpf/core.c and net/core/filter
CVE-2021-33098Nov 17, 2021
affected < 1-3.3.1fixed 1-3.3.1
Improper input validation in the Intel(R) Ethernet ixgbe driver for Linux before version 3.17.3 may allow an authenticated user to potentially enable denial of service via local access.
CVE-2021-43975Nov 17, 2021
affected < 1-3.3.1fixed 1-3.3.1
In the Linux kernel through 5.15.2, hw_atl_utils_fw_rpc_wait in drivers/net/ethernet/aquantia/atlantic/hw_atl/hw_atl_utils.c allows an attacker (who can introduce a crafted device) to trigger an out-of-bounds write via a crafted length value.
CVE-2021-43976Nov 17, 2021
affected < 1-3.3.1fixed 1-3.3.1
In the Linux kernel through 5.15.2, mwifiex_usb_recv in drivers/net/wireless/marvell/mwifiex/usb.c allows an attacker (who can connect a crafted USB device) to cause a denial of service (skb_over_panic).
CVE-2020-27820Nov 2, 2021
affected < 1-3.3.1fixed 1-3.3.1
A vulnerability was found in Linux kernel, where a use-after-frees in nouveau's postclose() handler could happen if removing device (that is not common to remove video card physically without power-off, but same happens if "unbind" the driver).
CVE-2021-0935Oct 25, 2021
affected < 1-3.3.1fixed 1-3.3.1
In ip6_xmit of ip6_output.c, there is a possible out of bounds write due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid
CVE-2021-3564Jun 8, 2021
affected < 1-3.3.1fixed 1-3.3.1
A flaw double-free memory corruption in the Linux kernel HCI device initialization subsystem was found in the way user attach malicious HCI TTY Bluetooth device. A local user could use this flaw to crash the system. This flaw affects all the Linux kernel versions starting from 3.
CVE-2019-15126Feb 5, 2020
affected < 1-3.3.1fixed 1-3.3.1
An issue was discovered on Broadcom Wi-Fi client devices. Specifically timed and handcrafted traffic can cause internal errors (related to state transitions) in a WLAN device that lead to improper layer 2 Wi-Fi encryption with a consequent possibility of information disclosure ov

Page 3 of 3