rpm package
suse/kernel-livepatch-SLE15-SP2_Update_29&distro=SUSE Linux Enterprise Live Patching 15 SP2
pkg:rpm/suse/kernel-livepatch-SLE15-SP2_Update_29&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2015%20SP2
Vulnerabilities (67)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2022-29581 | — | < 3-150200.2.2 | 3-150200.2.2 | May 17, 2022 | Improper Update of Reference Count vulnerability in net/sched of Linux Kernel allows local attacker to cause privilege escalation to root. This issue affects: Linux Kernel versions prior to 5.18; version 4.14 and later versions. | ||
| CVE-2022-1116 | — | < 1-150200.5.5.1 | 1-150200.5.5.1 | May 17, 2022 | Integer Overflow or Wraparound vulnerability in io_uring of Linux Kernel allows local attacker to cause memory corruption and escalate privileges to root. This issue affects: Linux Kernel versions prior to 5.4.189; version 5.4.24 and later versions. | ||
| CVE-2022-1679 | — | < 1-150200.5.5.1 | 1-150200.5.5.1 | May 16, 2022 | A use-after-free flaw was found in the Linux kernel’s Atheros wireless adapter driver in the way a user forces the ath9k_htc_wait_for_target function to fail with some input messages. This flaw allows a local user to crash or potentially escalate their privileges on the system. | ||
| CVE-2021-4157 | — | < 1-150200.5.5.1 | 1-150200.5.5.1 | Mar 25, 2022 | An out of memory bounds write flaw (1 or 2 bytes of memory) in the Linux kernel NFS subsystem was found in the way users use mirroring (replication of files with NFS). A user, having access to the NFS mount, could potentially use this flaw to crash the system or escalate privileg | ||
| CVE-2021-39698 | — | < 3-150200.2.2 | 3-150200.2.2 | Mar 16, 2022 | In aio_poll_complete_work of aio.c, there is a possible memory corruption due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android ke | ||
| CVE-2021-26341 | — | < 1-150200.5.5.1 | 1-150200.5.5.1 | Mar 11, 2022 | Some AMD CPUs may transiently execute beyond unconditional direct branches, which may potentially result in data leakage. | ||
| CVE-2020-36516 | — | < 2-150200.2.1 | 2-150200.2.1 | Feb 26, 2022 | An issue was discovered in the Linux kernel through 5.16.11. The mixed IPID assignment method with the hash-based IPID assignment policy allows an off-path attacker to inject data into a victim's TCP session or terminate that session. |
- CVE-2022-29581May 17, 2022affected < 3-150200.2.2fixed 3-150200.2.2
Improper Update of Reference Count vulnerability in net/sched of Linux Kernel allows local attacker to cause privilege escalation to root. This issue affects: Linux Kernel versions prior to 5.18; version 4.14 and later versions.
- CVE-2022-1116May 17, 2022affected < 1-150200.5.5.1fixed 1-150200.5.5.1
Integer Overflow or Wraparound vulnerability in io_uring of Linux Kernel allows local attacker to cause memory corruption and escalate privileges to root. This issue affects: Linux Kernel versions prior to 5.4.189; version 5.4.24 and later versions.
- CVE-2022-1679May 16, 2022affected < 1-150200.5.5.1fixed 1-150200.5.5.1
A use-after-free flaw was found in the Linux kernel’s Atheros wireless adapter driver in the way a user forces the ath9k_htc_wait_for_target function to fail with some input messages. This flaw allows a local user to crash or potentially escalate their privileges on the system.
- CVE-2021-4157Mar 25, 2022affected < 1-150200.5.5.1fixed 1-150200.5.5.1
An out of memory bounds write flaw (1 or 2 bytes of memory) in the Linux kernel NFS subsystem was found in the way users use mirroring (replication of files with NFS). A user, having access to the NFS mount, could potentially use this flaw to crash the system or escalate privileg
- CVE-2021-39698Mar 16, 2022affected < 3-150200.2.2fixed 3-150200.2.2
In aio_poll_complete_work of aio.c, there is a possible memory corruption due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android ke
- CVE-2021-26341Mar 11, 2022affected < 1-150200.5.5.1fixed 1-150200.5.5.1
Some AMD CPUs may transiently execute beyond unconditional direct branches, which may potentially result in data leakage.
- CVE-2020-36516Feb 26, 2022affected < 2-150200.2.1fixed 2-150200.2.1
An issue was discovered in the Linux kernel through 5.16.11. The mixed IPID assignment method with the hash-based IPID assignment policy allows an off-path attacker to inject data into a victim's TCP session or terminate that session.
Page 4 of 4