rpm package
suse/kernel-livepatch-SLE15-SP3_Update_9&distro=SUSE Linux Enterprise Live Patching 15 SP3
pkg:rpm/suse/kernel-livepatch-SLE15-SP3_Update_9&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2015%20SP3
Vulnerabilities (70)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2021-0920 | — | KEV | < 5-150300.2.1 | 5-150300.2.1 | Dec 15, 2021 | In unix_scm_to_skb of af_unix.c, there is a possible use after free bug due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndro | |
| CVE-2021-43389 | — | < 1-7.3.1 | 1-7.3.1 | Nov 4, 2021 | An issue was discovered in the Linux kernel before 5.14.15. There is an array-index-out-of-bounds flaw in the detach_capi_ctr function in drivers/isdn/capi/kcapi.c. | ||
| CVE-2021-43056 | — | < 1-7.3.1 | 1-7.3.1 | Oct 28, 2021 | An issue was discovered in the Linux kernel for powerpc before 5.14.15. It allows a malicious KVM guest to crash the host, when the host is running on Power8, due to an arch/powerpc/kvm/book3s_hv_rmhandlers.S implementation bug in the handling of the SRR1 register values. | ||
| CVE-2021-42739 | — | < 1-7.3.1 | 1-7.3.1 | Oct 20, 2021 | The firewire subsystem in the Linux kernel through 5.14.13 has a buffer overflow related to drivers/media/firewire/firedtv-avc.c and drivers/media/firewire/firedtv-ci.c, because avc_ca_pmt mishandles bounds checking. | ||
| CVE-2021-42252 | — | < 1-7.3.1 | 1-7.3.1 | Oct 11, 2021 | An issue was discovered in aspeed_lpc_ctrl_mmap in drivers/soc/aspeed/aspeed-lpc-ctrl.c in the Linux kernel before 5.14.6. Local attackers able to access the Aspeed LPC control interface could overwrite memory in the kernel and potentially execute privileges, aka CID-b49a0e69a7b1 | ||
| CVE-2021-42008 | — | < 1-7.3.1 | 1-7.3.1 | Oct 4, 2021 | The decode_data function in drivers/net/hamradio/6pack.c in the Linux kernel before 5.13.13 has a slab out-of-bounds write. Input from a process that has the CAP_NET_ADMIN capability can lead to root access. | ||
| CVE-2021-41864 | — | < 1-7.3.1 | 1-7.3.1 | Oct 1, 2021 | prealloc_elems_and_freelist in kernel/bpf/stackmap.c in the Linux kernel before 5.14.12 allows unprivileged users to trigger an eBPF multiplication integer overflow with a resultant out-of-bounds write. | ||
| CVE-2021-3655 | — | < 1-7.3.1 | 1-7.3.1 | Aug 5, 2021 | A vulnerability was found in the Linux kernel in versions prior to v5.14-rc1. Missing size validations on inbound SCTP packets may allow the kernel to read uninitialized memory. | ||
| CVE-2021-37159 | — | < 1-7.3.1 | 1-7.3.1 | Jul 21, 2021 | hso_free_net_device in drivers/net/usb/hso.c in the Linux kernel through 5.13.4 calls unregister_netdev without checking for the NETREG_REGISTERED state, leading to a use-after-free and a double free. | ||
| CVE-2021-33033 | — | < 1-7.3.1 | 1-7.3.1 | May 14, 2021 | The Linux kernel before 5.11.14 has a use-after-free in cipso_v4_genopt in net/ipv4/cipso_ipv4.c because the CIPSO and CALIPSO refcounting for the DOI definitions is mishandled, aka CID-ad5d07f4a9cd. This leads to writing an arbitrary value. |
- affected < 5-150300.2.1fixed 5-150300.2.1
In unix_scm_to_skb of af_unix.c, there is a possible use after free bug due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndro
- CVE-2021-43389Nov 4, 2021affected < 1-7.3.1fixed 1-7.3.1
An issue was discovered in the Linux kernel before 5.14.15. There is an array-index-out-of-bounds flaw in the detach_capi_ctr function in drivers/isdn/capi/kcapi.c.
- CVE-2021-43056Oct 28, 2021affected < 1-7.3.1fixed 1-7.3.1
An issue was discovered in the Linux kernel for powerpc before 5.14.15. It allows a malicious KVM guest to crash the host, when the host is running on Power8, due to an arch/powerpc/kvm/book3s_hv_rmhandlers.S implementation bug in the handling of the SRR1 register values.
- CVE-2021-42739Oct 20, 2021affected < 1-7.3.1fixed 1-7.3.1
The firewire subsystem in the Linux kernel through 5.14.13 has a buffer overflow related to drivers/media/firewire/firedtv-avc.c and drivers/media/firewire/firedtv-ci.c, because avc_ca_pmt mishandles bounds checking.
- CVE-2021-42252Oct 11, 2021affected < 1-7.3.1fixed 1-7.3.1
An issue was discovered in aspeed_lpc_ctrl_mmap in drivers/soc/aspeed/aspeed-lpc-ctrl.c in the Linux kernel before 5.14.6. Local attackers able to access the Aspeed LPC control interface could overwrite memory in the kernel and potentially execute privileges, aka CID-b49a0e69a7b1
- CVE-2021-42008Oct 4, 2021affected < 1-7.3.1fixed 1-7.3.1
The decode_data function in drivers/net/hamradio/6pack.c in the Linux kernel before 5.13.13 has a slab out-of-bounds write. Input from a process that has the CAP_NET_ADMIN capability can lead to root access.
- CVE-2021-41864Oct 1, 2021affected < 1-7.3.1fixed 1-7.3.1
prealloc_elems_and_freelist in kernel/bpf/stackmap.c in the Linux kernel before 5.14.12 allows unprivileged users to trigger an eBPF multiplication integer overflow with a resultant out-of-bounds write.
- CVE-2021-3655Aug 5, 2021affected < 1-7.3.1fixed 1-7.3.1
A vulnerability was found in the Linux kernel in versions prior to v5.14-rc1. Missing size validations on inbound SCTP packets may allow the kernel to read uninitialized memory.
- CVE-2021-37159Jul 21, 2021affected < 1-7.3.1fixed 1-7.3.1
hso_free_net_device in drivers/net/usb/hso.c in the Linux kernel through 5.13.4 calls unregister_netdev without checking for the NETREG_REGISTERED state, leading to a use-after-free and a double free.
- CVE-2021-33033May 14, 2021affected < 1-7.3.1fixed 1-7.3.1
The Linux kernel before 5.11.14 has a use-after-free in cipso_v4_genopt in net/ipv4/cipso_ipv4.c because the CIPSO and CALIPSO refcounting for the DOI definitions is mishandled, aka CID-ad5d07f4a9cd. This leads to writing an arbitrary value.
Page 4 of 4