rpm package
suse/kernel-livepatch-SLE15-SP2_Update_8&distro=SUSE Linux Enterprise Live Patching 15 SP2
pkg:rpm/suse/kernel-livepatch-SLE15-SP2_Update_8&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2015%20SP2
Vulnerabilities (51)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2020-25704 | — | < 1-5.3.3 | 1-5.3.3 | Dec 2, 2020 | A flaw memory leak in the Linux kernel performance monitoring subsystem was found in the way if using PERF_EVENT_IOC_SET_FILTER. A local user could use this flaw to starve the resources causing denial of service. | ||
| CVE-2020-29368 | — | < 2-2.1 | 2-2.1 | Nov 28, 2020 | An issue was discovered in __split_huge_pmd in mm/huge_memory.c in the Linux kernel before 5.7.5. The copy-on-write implementation can grant unintended write access because of a race condition in a THP mapcount check, aka CID-c444eb564fb1. | ||
| CVE-2020-29369 | — | < 1-5.3.3 | 1-5.3.3 | Nov 28, 2020 | An issue was discovered in mm/mmap.c in the Linux kernel before 5.7.11. There is a race condition between certain expand functions (expand_downwards and expand_upwards) and page-table free operations from an munmap call, aka CID-246c320a8cfe. | ||
| CVE-2020-29371 | — | < 1-5.3.3 | 1-5.3.3 | Nov 28, 2020 | An issue was discovered in romfs_dev_read in fs/romfs/storage.c in the Linux kernel before 5.8.4. Uninitialized memory leaks to userspace, aka CID-bcf85fcedfdd. | ||
| CVE-2020-29373 | — | < 2-2.1 | 2-2.1 | Nov 28, 2020 | An issue was discovered in fs/io_uring.c in the Linux kernel before 5.6. It unsafely handles the root directory during path lookups, and thus a process inside a mount namespace can escape to unintended filesystem locations, aka CID-ff002b30181d. | ||
| CVE-2020-15437 | — | < 1-5.3.3 | 1-5.3.3 | Nov 23, 2020 | The Linux kernel before version 5.8 is vulnerable to a NULL pointer dereference in drivers/tty/serial/8250/8250_core.c:serial8250_isa_init_ports() that allows local users to cause a denial of service by using the p->serial_in pointer which uninitialized. | ||
| CVE-2020-15436 | — | < 1-5.3.3 | 1-5.3.3 | Nov 23, 2020 | Use-after-free vulnerability in fs/block_dev.c in the Linux kernel before 5.8 allows local users to gain privileges or cause a denial of service by leveraging improper access to a certain error field. | ||
| CVE-2020-28974 | — | < 1-5.3.3 | 1-5.3.3 | Nov 20, 2020 | A slab-out-of-bounds read in fbcon in the Linux kernel before 5.9.7 could be used by local attackers to read privileged information or potentially crash the kernel, aka CID-3c4e0dff2095. This occurs because KD_FONT_OP_COPY in drivers/tty/vt/vt.c can be used for manipulations such | ||
| CVE-2020-4788 | — | < 1-5.3.3 | 1-5.3.3 | Nov 20, 2020 | IBM Power9 (AIX 7.1, 7.2, and VIOS 3.1) processors could allow a local user to obtain sensitive information from the data in the L1 cache under extenuating circumstances. IBM X-Force ID: 189296. | ||
| CVE-2020-28941 | — | < 1-5.3.3 | 1-5.3.3 | Nov 19, 2020 | An issue was discovered in drivers/accessibility/speakup/spk_ttyio.c in the Linux kernel through 5.9.9. Local attackers on systems with the speakup driver could cause a local denial of service attack, aka CID-d41227544427. This occurs because of an invalid free when the line disc | ||
| CVE-2020-28915 | — | < 1-5.3.3 | 1-5.3.3 | Nov 18, 2020 | A buffer over-read (at the framebuffer layer) in the fbcon code in the Linux kernel before 5.8.15 could be used by local attackers to read kernel memory, aka CID-6735b4632def. |
- CVE-2020-25704Dec 2, 2020affected < 1-5.3.3fixed 1-5.3.3
A flaw memory leak in the Linux kernel performance monitoring subsystem was found in the way if using PERF_EVENT_IOC_SET_FILTER. A local user could use this flaw to starve the resources causing denial of service.
- CVE-2020-29368Nov 28, 2020affected < 2-2.1fixed 2-2.1
An issue was discovered in __split_huge_pmd in mm/huge_memory.c in the Linux kernel before 5.7.5. The copy-on-write implementation can grant unintended write access because of a race condition in a THP mapcount check, aka CID-c444eb564fb1.
- CVE-2020-29369Nov 28, 2020affected < 1-5.3.3fixed 1-5.3.3
An issue was discovered in mm/mmap.c in the Linux kernel before 5.7.11. There is a race condition between certain expand functions (expand_downwards and expand_upwards) and page-table free operations from an munmap call, aka CID-246c320a8cfe.
- CVE-2020-29371Nov 28, 2020affected < 1-5.3.3fixed 1-5.3.3
An issue was discovered in romfs_dev_read in fs/romfs/storage.c in the Linux kernel before 5.8.4. Uninitialized memory leaks to userspace, aka CID-bcf85fcedfdd.
- CVE-2020-29373Nov 28, 2020affected < 2-2.1fixed 2-2.1
An issue was discovered in fs/io_uring.c in the Linux kernel before 5.6. It unsafely handles the root directory during path lookups, and thus a process inside a mount namespace can escape to unintended filesystem locations, aka CID-ff002b30181d.
- CVE-2020-15437Nov 23, 2020affected < 1-5.3.3fixed 1-5.3.3
The Linux kernel before version 5.8 is vulnerable to a NULL pointer dereference in drivers/tty/serial/8250/8250_core.c:serial8250_isa_init_ports() that allows local users to cause a denial of service by using the p->serial_in pointer which uninitialized.
- CVE-2020-15436Nov 23, 2020affected < 1-5.3.3fixed 1-5.3.3
Use-after-free vulnerability in fs/block_dev.c in the Linux kernel before 5.8 allows local users to gain privileges or cause a denial of service by leveraging improper access to a certain error field.
- CVE-2020-28974Nov 20, 2020affected < 1-5.3.3fixed 1-5.3.3
A slab-out-of-bounds read in fbcon in the Linux kernel before 5.9.7 could be used by local attackers to read privileged information or potentially crash the kernel, aka CID-3c4e0dff2095. This occurs because KD_FONT_OP_COPY in drivers/tty/vt/vt.c can be used for manipulations such
- CVE-2020-4788Nov 20, 2020affected < 1-5.3.3fixed 1-5.3.3
IBM Power9 (AIX 7.1, 7.2, and VIOS 3.1) processors could allow a local user to obtain sensitive information from the data in the L1 cache under extenuating circumstances. IBM X-Force ID: 189296.
- CVE-2020-28941Nov 19, 2020affected < 1-5.3.3fixed 1-5.3.3
An issue was discovered in drivers/accessibility/speakup/spk_ttyio.c in the Linux kernel through 5.9.9. Local attackers on systems with the speakup driver could cause a local denial of service attack, aka CID-d41227544427. This occurs because of an invalid free when the line disc
- CVE-2020-28915Nov 18, 2020affected < 1-5.3.3fixed 1-5.3.3
A buffer over-read (at the framebuffer layer) in the fbcon code in the Linux kernel before 5.8.15 could be used by local attackers to read kernel memory, aka CID-6735b4632def.
Page 3 of 3