rpm package
suse/kernel-livepatch-SLE15-SP2_Update_10&distro=SUSE Linux Enterprise Live Patching 15 SP2
pkg:rpm/suse/kernel-livepatch-SLE15-SP2_Update_10&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2015%20SP2
Vulnerabilities (50)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2021-3348 | — | < 1-5.3.2 | 1-5.3.2 | Feb 1, 2021 | nbd_add_socket in drivers/block/nbd.c in the Linux kernel through 5.10.12 has an ndb_queue_rq use-after-free that could be triggered by local attackers (with access to the nbd device) via an I/O request at a certain point during device setup, aka CID-b98e762e3d71. | ||
| CVE-2021-3347 | — | < 1-5.3.2 | 1-5.3.2 | Jan 29, 2021 | An issue was discovered in the Linux kernel through 5.10.11. PI futexes have a kernel stack use-after-free during fault handling, allowing local users to execute code in the kernel, aka CID-34b1a1ce1458. | ||
| CVE-2021-0342 | — | < 1-5.3.2 | 1-5.3.2 | Jan 11, 2021 | In tun_get_user of tun.c, there is possible memory corruption due to a use after free. This could lead to local escalation of privilege with System execution privileges required. User interaction is not required for exploitation. Product: Android; Versions: Android kernel; Androi | ||
| CVE-2020-27835 | — | < 1-5.3.2 | 1-5.3.2 | Jan 7, 2021 | A use after free in the Linux kernel infiniband hfi1 driver in versions prior to 5.10-rc6 was found in the way user calls Ioctl after open dev file and fork. A local user could use this flaw to crash the system. | ||
| CVE-2020-29569 | — | < 1-5.3.2 | 1-5.3.2 | Dec 15, 2020 | An issue was discovered in the Linux kernel through 5.10.1, as used with Xen through 4.14.x. The Linux kernel PV block backend expects the kernel thread handler to reset ring->xenblkd to NULL when stopped. However, the handler may not have time to run if the frontend quickly togg | ||
| CVE-2020-29568 | — | < 1-5.3.2 | 1-5.3.2 | Dec 15, 2020 | An issue was discovered in Xen through 4.14.x. Some OSes (such as Linux, FreeBSD, and NetBSD) are processing watch events using a single thread. If the events are received faster than the thread is able to handle, they will get queued. As the queue is unbounded, a guest may be ab | ||
| CVE-2020-29368 | — | < 2-2.2 | 2-2.2 | Nov 28, 2020 | An issue was discovered in __split_huge_pmd in mm/huge_memory.c in the Linux kernel before 5.7.5. The copy-on-write implementation can grant unintended write access because of a race condition in a THP mapcount check, aka CID-c444eb564fb1. | ||
| CVE-2020-29373 | — | < 2-2.2 | 2-2.2 | Nov 28, 2020 | An issue was discovered in fs/io_uring.c in the Linux kernel before 5.6. It unsafely handles the root directory during path lookups, and thus a process inside a mount namespace can escape to unintended filesystem locations, aka CID-ff002b30181d. | ||
| CVE-2020-25211 | — | < 1-5.3.2 | 1-5.3.2 | Sep 9, 2020 | In the Linux kernel through 5.8.7, local attackers able to inject conntrack netlink configuration could overflow a local buffer, causing crashes or triggering use of incorrect protocol numbers in ctnetlink_parse_tuple_filter in net/netfilter/nf_conntrack_netlink.c, aka CID-1cc5ef | ||
| CVE-2020-3702 | — | < 14-2.2 | 14-2.2 | Sep 8, 2020 | u'Specifically timed and handcrafted traffic can cause internal errors in a WLAN device that lead to improper layer 2 Wi-Fi encryption with a consequent possibility of information disclosure over the air for a discrete set of traffic' in Snapdragon Auto, Snapdragon Compute, Snapd |
- CVE-2021-3348Feb 1, 2021affected < 1-5.3.2fixed 1-5.3.2
nbd_add_socket in drivers/block/nbd.c in the Linux kernel through 5.10.12 has an ndb_queue_rq use-after-free that could be triggered by local attackers (with access to the nbd device) via an I/O request at a certain point during device setup, aka CID-b98e762e3d71.
- CVE-2021-3347Jan 29, 2021affected < 1-5.3.2fixed 1-5.3.2
An issue was discovered in the Linux kernel through 5.10.11. PI futexes have a kernel stack use-after-free during fault handling, allowing local users to execute code in the kernel, aka CID-34b1a1ce1458.
- CVE-2021-0342Jan 11, 2021affected < 1-5.3.2fixed 1-5.3.2
In tun_get_user of tun.c, there is possible memory corruption due to a use after free. This could lead to local escalation of privilege with System execution privileges required. User interaction is not required for exploitation. Product: Android; Versions: Android kernel; Androi
- CVE-2020-27835Jan 7, 2021affected < 1-5.3.2fixed 1-5.3.2
A use after free in the Linux kernel infiniband hfi1 driver in versions prior to 5.10-rc6 was found in the way user calls Ioctl after open dev file and fork. A local user could use this flaw to crash the system.
- CVE-2020-29569Dec 15, 2020affected < 1-5.3.2fixed 1-5.3.2
An issue was discovered in the Linux kernel through 5.10.1, as used with Xen through 4.14.x. The Linux kernel PV block backend expects the kernel thread handler to reset ring->xenblkd to NULL when stopped. However, the handler may not have time to run if the frontend quickly togg
- CVE-2020-29568Dec 15, 2020affected < 1-5.3.2fixed 1-5.3.2
An issue was discovered in Xen through 4.14.x. Some OSes (such as Linux, FreeBSD, and NetBSD) are processing watch events using a single thread. If the events are received faster than the thread is able to handle, they will get queued. As the queue is unbounded, a guest may be ab
- CVE-2020-29368Nov 28, 2020affected < 2-2.2fixed 2-2.2
An issue was discovered in __split_huge_pmd in mm/huge_memory.c in the Linux kernel before 5.7.5. The copy-on-write implementation can grant unintended write access because of a race condition in a THP mapcount check, aka CID-c444eb564fb1.
- CVE-2020-29373Nov 28, 2020affected < 2-2.2fixed 2-2.2
An issue was discovered in fs/io_uring.c in the Linux kernel before 5.6. It unsafely handles the root directory during path lookups, and thus a process inside a mount namespace can escape to unintended filesystem locations, aka CID-ff002b30181d.
- CVE-2020-25211Sep 9, 2020affected < 1-5.3.2fixed 1-5.3.2
In the Linux kernel through 5.8.7, local attackers able to inject conntrack netlink configuration could overflow a local buffer, causing crashes or triggering use of incorrect protocol numbers in ctnetlink_parse_tuple_filter in net/netfilter/nf_conntrack_netlink.c, aka CID-1cc5ef
- CVE-2020-3702Sep 8, 2020affected < 14-2.2fixed 14-2.2
u'Specifically timed and handcrafted traffic can cause internal errors in a WLAN device that lead to improper layer 2 Wi-Fi encryption with a consequent possibility of information disclosure over the air for a discrete set of traffic' in Snapdragon Auto, Snapdragon Compute, Snapd
Page 3 of 3