VYPR

rpm package

suse/kernel-livepatch-SLE15-SP3_Update_18&distro=SUSE Linux Enterprise Live Patching 15 SP3

pkg:rpm/suse/kernel-livepatch-SLE15-SP3_Update_18&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2015%20SP3

Vulnerabilities (51)

  • CVE-2022-29156Apr 13, 2022
    affected < 1-150300.7.5.1fixed 1-150300.7.5.1

    drivers/infiniband/ulp/rtrs/rtrs-clt.c in the Linux kernel before 5.16.12 has a double free related to rtrs_clt_dev_release.

  • CVE-2021-0707Apr 12, 2022
    affected < 1-150300.7.5.1fixed 1-150300.7.5.1

    In dma_buf_release of dma-buf.c, there is a possible memory corruption due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kerne

  • CVE-2022-28893Apr 11, 2022
    affected < 1-150300.7.5.1fixed 1-150300.7.5.1

    The SUNRPC subsystem in the Linux kernel through 5.17.2 can call xs_xprt_free before ensuring that sockets are in the intended state.

  • CVE-2022-28356Apr 2, 2022
    affected < 1-150300.7.5.1fixed 1-150300.7.5.1

    In the Linux kernel before 5.17.1, a refcount leak bug was found in net/llc/af_llc.c.

  • CVE-2021-39698Mar 16, 2022
    affected < 2-150300.2.2fixed 2-150300.2.2

    In aio_poll_complete_work of aio.c, there is a possible memory corruption due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android ke

  • CVE-2020-36516Feb 26, 2022
    affected < 6-150300.2.2fixed 6-150300.2.2

    An issue was discovered in the Linux kernel through 5.16.11. The mixed IPID assignment method with the hash-based IPID assignment policy allows an off-path attacker to inject data into a victim's TCP session or terminate that session.

  • CVE-2021-20321Feb 18, 2022
    affected < 1-150300.7.5.1fixed 1-150300.7.5.1

    A race condition accessing file object in the Linux kernel OverlayFS subsystem was found in the way users do rename in specific way with OverlayFS. A local user could use this flaw to crash the system.

  • CVE-2021-4154Feb 4, 2022
    affected < 1-150300.7.5.1fixed 1-150300.7.5.1

    A use-after-free flaw was found in cgroup1_parse_param in kernel/cgroup/cgroup-v1.c in the Linux kernel's cgroup v1 parser. A local attacker with a user privilege could cause a privilege escalation by exploiting the fsconfig syscall parameter leading to a container breakout and a

  • CVE-2021-38208Aug 8, 2021
    affected < 1-150300.7.5.1fixed 1-150300.7.5.1

    net/nfc/llcp_sock.c in the Linux kernel before 5.12.10 allows local unprivileged users to cause a denial of service (NULL pointer dereference and BUG) by making a getsockname call after a certain type of failure of a bind call.

  • CVE-2021-20292May 28, 2021
    affected < 1-150300.7.5.1fixed 1-150300.7.5.1

    There is a flaw reported in the Linux kernel in versions before 5.9 in drivers/gpu/drm/nouveau/nouveau_sgdma.c in nouveau_sgdma_create_ttm in Nouveau DRM subsystem. The issue results from the lack of validating the existence of an object prior to performing operations on the obje

  • CVE-2020-27835Jan 7, 2021
    affected < 1-150300.7.5.1fixed 1-150300.7.5.1

    A use after free in the Linux kernel infiniband hfi1 driver in versions prior to 5.10-rc6 was found in the way user calls Ioctl after open dev file and fork. A local user could use this flaw to crash the system.

Page 3 of 3