rpm package

suse/kernel-livepatch-SLE15_Update_21&distro=SUSE Linux Enterprise Live Patching 15

pkg:rpm/suse/kernel-livepatch-SLE15_Update_21&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2015

Vulnerabilities (67)

CVE	CVSS	Affected versions	Fixed in	Published	Description
CVE-2020-29661	—	< 3-2.1	3-2.1	Dec 9, 2020	A locking issue was discovered in the tty subsystem of the Linux kernel through 5.9.13. drivers/tty/tty_jobctrl.c allows a use-after-free attack against TIOCSPGRP, aka CID-54ffccbf053b.
CVE-2020-14351	—	< 1-1.5.1	1-1.5.1	Dec 3, 2020	A flaw was found in the Linux kernel. A use-after-free memory flaw was found in the perf subsystem allowing a local attacker with permission to monitor perf events to corrupt memory and possibly escalate privileges. The highest threat from this vulnerability is to data confidenti
CVE-2020-14381	—	< 1-1.5.1	1-1.5.1	Dec 3, 2020	A flaw was found in the Linux kernel’s futex implementation. This flaw allows a local attacker to corrupt system memory or escalate their privileges when creating a futex on a filesystem that is about to be unmounted. The highest threat from this vulnerability is to confidentiali
CVE-2020-25704	—	< 1-1.5.1	1-1.5.1	Dec 2, 2020	A flaw memory leak in the Linux kernel performance monitoring subsystem was found in the way if using PERF_EVENT_IOC_SET_FILTER. A local user could use this flaw to starve the resources causing denial of service.
CVE-2020-25656	—	< 1-1.5.1	1-1.5.1	Dec 2, 2020	A flaw was found in the Linux kernel. A use-after-free was found in the way the console subsystem was using ioctls KDGKBSENT and KDSKBSENT. A local user could use this flaw to get read memory access out of bounds. The highest threat from this vulnerability is to data confidential
CVE-2020-29368	—	< 3-2.1	3-2.1	Nov 28, 2020	An issue was discovered in __split_huge_pmd in mm/huge_memory.c in the Linux kernel before 5.7.5. The copy-on-write implementation can grant unintended write access because of a race condition in a THP mapcount check, aka CID-c444eb564fb1.
CVE-2020-12352	—	< 1-1.5.1	1-1.5.1	Nov 23, 2020	Improper access control in BlueZ may allow an unauthenticated user to potentially enable information disclosure via adjacent access.
CVE-2020-12351	—	< 1-1.5.1	1-1.5.1	Nov 23, 2020	Improper input validation in BlueZ may allow an unauthenticated user to potentially enable escalation of privilege via adjacent access.
CVE-2020-25705	—	< 1-1.5.1	1-1.5.1	Nov 17, 2020	A flaw in ICMP packets in the Linux kernel may allow an attacker to quickly scan open UDP ports. This flaw allows an off-path remote attacker to effectively bypass source port UDP randomization. Software that relies on UDP source port randomization are indirectly affected as well
CVE-2020-8694	—	< 1-1.5.1	1-1.5.1	Nov 12, 2020	Insufficient access control in the Linux kernel driver for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.
CVE-2020-27673	—	< 1-1.5.1	1-1.5.1	Oct 22, 2020	An issue was discovered in the Linux kernel through 5.9.1, as used with Xen through 4.14.x. Guest OS users can cause a denial of service (host OS hang) via a high rate of events to dom0, aka CID-e99502f76271.
CVE-2020-27675	—	< 1-1.5.1	1-1.5.1	Oct 22, 2020	An issue was discovered in the Linux kernel through 5.9.1, as used with Xen through 4.14.x. drivers/xen/events/events_base.c allows event-channel removal during the event-handling loop (a race condition). This can cause a use-after-free or NULL pointer dereference, as demonstrate
CVE-2020-25645	—	< 1-1.5.1	1-1.5.1	Oct 13, 2020	A flaw was found in the Linux kernel in versions before 5.9-rc7. Traffic between two Geneve endpoints may be unencrypted when IPsec is configured to encrypt traffic for the specific UDP port used by the GENEVE tunnel allowing anyone between the two endpoints to read the traffic u
CVE-2020-25641	—	< 1-1.5.1	1-1.5.1	Oct 6, 2020	A flaw was found in the Linux kernel's implementation of biovecs in versions before 5.9-rc7. A zero-length biovec request issued by the block subsystem could cause the kernel to enter an infinite loop, causing a denial of service. This flaw allows a local attacker with basic priv
CVE-2020-25643	—	< 1-1.5.1	1-1.5.1	Oct 6, 2020	A flaw was found in the HDLC_PPP module of the Linux kernel in versions before 5.9-rc7. Memory corruption and a read overflow is caused by improper input validation in the ppp_cp_parse_cr function which can cause the system to crash or cause a denial of service. The highest threa
CVE-2020-26088	—	< 1-1.5.1	1-1.5.1	Sep 24, 2020	A missing CAP_NET_RAW check in NFC socket creation in net/nfc/rawsock.c in the Linux kernel before 5.8.2 could be used by local attackers to create raw sockets, bypassing security mechanisms, aka CID-26896f01467a.
CVE-2020-14390	—	< 1-1.5.1	1-1.5.1	Sep 18, 2020	A flaw was found in the Linux kernel in versions before 5.9-rc6. When changing screen size, an out-of-bounds memory write can occur leading to memory corruption or a denial of service. Due to the nature of the flaw, privilege escalation cannot be fully ruled out.
CVE-2020-0433	—	< 7-2.2	7-2.2	Sep 17, 2020	In blk_mq_queue_tag_busy_iter of blk-mq-tag.c, there is a possible use after free due to improper locking. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: An
CVE-2020-0432	—	< 1-1.5.1	1-1.5.1	Sep 17, 2020	In skb_to_mamac of networking.c, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android
CVE-2020-0431	—	< 1-1.5.1	1-1.5.1	Sep 17, 2020	In kbd_keycode of keyboard.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android

CVE-2020-29661Dec 9, 2020
affected < 3-2.1fixed 3-2.1
A locking issue was discovered in the tty subsystem of the Linux kernel through 5.9.13. drivers/tty/tty_jobctrl.c allows a use-after-free attack against TIOCSPGRP, aka CID-54ffccbf053b.
CVE-2020-14351Dec 3, 2020
affected < 1-1.5.1fixed 1-1.5.1
A flaw was found in the Linux kernel. A use-after-free memory flaw was found in the perf subsystem allowing a local attacker with permission to monitor perf events to corrupt memory and possibly escalate privileges. The highest threat from this vulnerability is to data confidenti
CVE-2020-14381Dec 3, 2020
affected < 1-1.5.1fixed 1-1.5.1
A flaw was found in the Linux kernel’s futex implementation. This flaw allows a local attacker to corrupt system memory or escalate their privileges when creating a futex on a filesystem that is about to be unmounted. The highest threat from this vulnerability is to confidentiali
CVE-2020-25704Dec 2, 2020
affected < 1-1.5.1fixed 1-1.5.1
A flaw memory leak in the Linux kernel performance monitoring subsystem was found in the way if using PERF_EVENT_IOC_SET_FILTER. A local user could use this flaw to starve the resources causing denial of service.
CVE-2020-25656Dec 2, 2020
affected < 1-1.5.1fixed 1-1.5.1
A flaw was found in the Linux kernel. A use-after-free was found in the way the console subsystem was using ioctls KDGKBSENT and KDSKBSENT. A local user could use this flaw to get read memory access out of bounds. The highest threat from this vulnerability is to data confidential
CVE-2020-29368Nov 28, 2020
affected < 3-2.1fixed 3-2.1
An issue was discovered in __split_huge_pmd in mm/huge_memory.c in the Linux kernel before 5.7.5. The copy-on-write implementation can grant unintended write access because of a race condition in a THP mapcount check, aka CID-c444eb564fb1.
CVE-2020-12352Nov 23, 2020
affected < 1-1.5.1fixed 1-1.5.1
Improper access control in BlueZ may allow an unauthenticated user to potentially enable information disclosure via adjacent access.
CVE-2020-12351Nov 23, 2020
affected < 1-1.5.1fixed 1-1.5.1
Improper input validation in BlueZ may allow an unauthenticated user to potentially enable escalation of privilege via adjacent access.
CVE-2020-25705Nov 17, 2020
affected < 1-1.5.1fixed 1-1.5.1
A flaw in ICMP packets in the Linux kernel may allow an attacker to quickly scan open UDP ports. This flaw allows an off-path remote attacker to effectively bypass source port UDP randomization. Software that relies on UDP source port randomization are indirectly affected as well
CVE-2020-8694Nov 12, 2020
affected < 1-1.5.1fixed 1-1.5.1
Insufficient access control in the Linux kernel driver for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.
CVE-2020-27673Oct 22, 2020
affected < 1-1.5.1fixed 1-1.5.1
An issue was discovered in the Linux kernel through 5.9.1, as used with Xen through 4.14.x. Guest OS users can cause a denial of service (host OS hang) via a high rate of events to dom0, aka CID-e99502f76271.
CVE-2020-27675Oct 22, 2020
affected < 1-1.5.1fixed 1-1.5.1
An issue was discovered in the Linux kernel through 5.9.1, as used with Xen through 4.14.x. drivers/xen/events/events_base.c allows event-channel removal during the event-handling loop (a race condition). This can cause a use-after-free or NULL pointer dereference, as demonstrate
CVE-2020-25645Oct 13, 2020
affected < 1-1.5.1fixed 1-1.5.1
A flaw was found in the Linux kernel in versions before 5.9-rc7. Traffic between two Geneve endpoints may be unencrypted when IPsec is configured to encrypt traffic for the specific UDP port used by the GENEVE tunnel allowing anyone between the two endpoints to read the traffic u
CVE-2020-25641Oct 6, 2020
affected < 1-1.5.1fixed 1-1.5.1
A flaw was found in the Linux kernel's implementation of biovecs in versions before 5.9-rc7. A zero-length biovec request issued by the block subsystem could cause the kernel to enter an infinite loop, causing a denial of service. This flaw allows a local attacker with basic priv
CVE-2020-25643Oct 6, 2020
affected < 1-1.5.1fixed 1-1.5.1
A flaw was found in the HDLC_PPP module of the Linux kernel in versions before 5.9-rc7. Memory corruption and a read overflow is caused by improper input validation in the ppp_cp_parse_cr function which can cause the system to crash or cause a denial of service. The highest threa
CVE-2020-26088Sep 24, 2020
affected < 1-1.5.1fixed 1-1.5.1
A missing CAP_NET_RAW check in NFC socket creation in net/nfc/rawsock.c in the Linux kernel before 5.8.2 could be used by local attackers to create raw sockets, bypassing security mechanisms, aka CID-26896f01467a.
CVE-2020-14390Sep 18, 2020
affected < 1-1.5.1fixed 1-1.5.1
A flaw was found in the Linux kernel in versions before 5.9-rc6. When changing screen size, an out-of-bounds memory write can occur leading to memory corruption or a denial of service. Due to the nature of the flaw, privilege escalation cannot be fully ruled out.
CVE-2020-0433Sep 17, 2020
affected < 7-2.2fixed 7-2.2
In blk_mq_queue_tag_busy_iter of blk-mq-tag.c, there is a possible use after free due to improper locking. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: An
CVE-2020-0432Sep 17, 2020
affected < 1-1.5.1fixed 1-1.5.1
In skb_to_mamac of networking.c, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android
CVE-2020-0431Sep 17, 2020
affected < 1-1.5.1fixed 1-1.5.1
In kbd_keycode of keyboard.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android

Page 3 of 4