rpm package
suse/kernel-livepatch-SLE15_Update_21&distro=SUSE Linux Enterprise Live Patching 15
pkg:rpm/suse/kernel-livepatch-SLE15_Update_21&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2015
Vulnerabilities (67)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2021-3656 | — | < 12-2.2 | 12-2.2 | Mar 4, 2022 | A flaw was found in the KVM's AMD code for supporting SVM nested virtualization. The flaw occurs when processing the VMCB (virtual machine control block) provided by the L1 guest to spawn/handle a nested guest (L2). Due to improper validation of the "virt_ext" field, this issue c | ||
| CVE-2021-3640 | — | < 13-2.2 | 13-2.2 | Mar 3, 2022 | A flaw use-after-free in function sco_sock_sendmsg() of the Linux kernel HCI subsystem was found in the way user calls ioct UFFDIO_REGISTER or other way triggers race condition of the call sco_conn_del() together with the call sco_sock_sendmsg() with the expected controllable fau | ||
| CVE-2021-3609 | — | < 11-2.2 | 11-2.2 | Mar 3, 2022 | .A flaw was found in the CAN BCM networking protocol in the Linux kernel, where a local attacker can abuse a flaw in the CAN subsystem to corrupt memory, crash the system or escalate privileges. This race condition in net/can/bcm.c in the Linux kernel allows for local privilege e | ||
| CVE-2021-3715 | — | < 13-2.2 | 13-2.2 | Mar 2, 2022 | A flaw was found in the "Routing decision" classifier in the Linux kernel's Traffic Control networking subsystem in the way it handled changing of classification filters, leading to a use-after-free condition. This flaw allows unprivileged local users to escalate their privileges | ||
| CVE-2021-3752 | — | < 14-2.2 | 14-2.2 | Feb 16, 2022 | A use-after-free flaw was found in the Linux kernel’s Bluetooth subsystem in the way user calls connect to the socket and disconnect simultaneously due to a race condition. This flaw allows a user to crash the system or escalate their privileges. The highest threat from this vuln | ||
| CVE-2021-0935 | — | < 14-2.2 | 14-2.2 | Oct 25, 2021 | In ip6_xmit of ip6_output.c, there is a possible out of bounds write due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid | ||
| CVE-2021-41864 | — | < 14-2.2 | 14-2.2 | Oct 1, 2021 | prealloc_elems_and_freelist in kernel/bpf/stackmap.c in the Linux kernel before 5.14.12 allows unprivileged users to trigger an eBPF multiplication integer overflow with a resultant out-of-bounds write. | ||
| CVE-2021-3653 | — | < 12-2.2 | 12-2.2 | Sep 29, 2021 | A flaw was found in the KVM's AMD code for supporting SVM nested virtualization. The flaw occurs when processing the VMCB (virtual machine control block) provided by the L1 guest to spawn/handle a nested guest (L2). Due to improper validation of the "int_ctl" field, this issue co | ||
| CVE-2021-3573 | — | < 13-2.2 | 13-2.2 | Aug 13, 2021 | A use-after-free in function hci_sock_bound_ioctl() of the Linux kernel HCI subsystem was found in the way user calls ioct HCIUNBLOCKADDR or other way triggers race condition of the call hci_unregister_dev() together with one of the calls hci_sock_blacklist_add(), hci_sock_blackl | ||
| CVE-2021-38198 | — | < 12-2.2 | 12-2.2 | Aug 8, 2021 | arch/x86/kvm/mmu/paging_tmpl.h in the Linux kernel before 5.12.11 incorrectly computes the access permissions of a shadow page, leading to a missing guest protection page fault. | ||
| CVE-2021-38160 | — | < 13-2.2 | 13-2.2 | Aug 7, 2021 | In drivers/char/virtio_console.c in the Linux kernel before 5.13.4, data corruption or loss can be triggered by an untrusted device that supplies a buf->len value exceeding the buffer size. NOTE: the vendor indicates that the cited data corruption is not a vulnerability in any ex | ||
| CVE-2021-37576 | — | < 11-2.2 | 11-2.2 | Jul 26, 2021 | arch/powerpc/kvm/book3s_rtas.c in the Linux kernel through 5.13.5 on the powerpc platform allows KVM guest OS users to cause host OS memory corruption via rtas_args.nargs, aka CID-f62f3c20647e. | ||
| CVE-2021-33909 | — | < 10-2.2 | 10-2.2 | Jul 20, 2021 | fs/seq_file.c in the Linux kernel 3.16 through 5.13.x before 5.13.4 does not properly restrict seq buffer allocations, leading to an integer overflow, an Out-of-bounds Write, and escalation to root by an unprivileged user, aka CID-8cae8cd89f05. | ||
| CVE-2021-22555 | — | KEV | < 10-2.2 | 10-2.2 | Jul 7, 2021 | A heap out-of-bounds write affecting Linux since v2.6.19-rc1 was discovered in net/netfilter/x_tables.c. This allows an attacker to gain privileges or cause a DoS (via heap memory corruption) through user name space | |
| CVE-2021-0605 | — | < 9-2.2 | 9-2.2 | Jun 22, 2021 | In pfkey_dump of af_key.c, there is a possible out-of-bounds read due to a missing bounds check. This could lead to local information disclosure in the kernel with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Androi | ||
| CVE-2021-0512 | — | < 9-2.2 | 9-2.2 | Jun 21, 2021 | In __hidinput_change_resolution_multipliers of hid-input.c, there is a possible out of bounds write due to a heap buffer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Prod | ||
| CVE-2020-36385 | — | < 10-2.2 | 10-2.2 | Jun 7, 2021 | An issue was discovered in the Linux kernel before 5.10. drivers/infiniband/core/ucma.c has a use-after-free because the ctx is reached via the ctx_list in some ucma_migrate_id situations where ucma_close is called, aka CID-f5449e74802c. | ||
| CVE-2020-25668 | — | < 1-1.5.1 | 1-1.5.1 | May 26, 2021 | A flaw was found in Linux Kernel because access to the global variable fg_console is not properly synchronized leading to a use after free in con_font_op. | ||
| CVE-2021-22543 | — | < 11-2.2 | 11-2.2 | May 26, 2021 | An issue was discovered in Linux: KVM through Improper handling of VM_IO|VM_PFNMAP vmas in KVM can bypass RO checks and can lead to pages being freed while still accessible by the VMM and guest. This allows users with the ability to start and control a VM to read/write random pag | ||
| CVE-2021-33034 | — | < 8-2.2 | 8-2.2 | May 14, 2021 | In the Linux kernel before 5.12.4, net/bluetooth/hci_event.c has a use-after-free when destroying an hci_chan, aka CID-5c4c8c954409. This leads to writing an arbitrary value. |
- CVE-2021-3656Mar 4, 2022affected < 12-2.2fixed 12-2.2
A flaw was found in the KVM's AMD code for supporting SVM nested virtualization. The flaw occurs when processing the VMCB (virtual machine control block) provided by the L1 guest to spawn/handle a nested guest (L2). Due to improper validation of the "virt_ext" field, this issue c
- CVE-2021-3640Mar 3, 2022affected < 13-2.2fixed 13-2.2
A flaw use-after-free in function sco_sock_sendmsg() of the Linux kernel HCI subsystem was found in the way user calls ioct UFFDIO_REGISTER or other way triggers race condition of the call sco_conn_del() together with the call sco_sock_sendmsg() with the expected controllable fau
- CVE-2021-3609Mar 3, 2022affected < 11-2.2fixed 11-2.2
.A flaw was found in the CAN BCM networking protocol in the Linux kernel, where a local attacker can abuse a flaw in the CAN subsystem to corrupt memory, crash the system or escalate privileges. This race condition in net/can/bcm.c in the Linux kernel allows for local privilege e
- CVE-2021-3715Mar 2, 2022affected < 13-2.2fixed 13-2.2
A flaw was found in the "Routing decision" classifier in the Linux kernel's Traffic Control networking subsystem in the way it handled changing of classification filters, leading to a use-after-free condition. This flaw allows unprivileged local users to escalate their privileges
- CVE-2021-3752Feb 16, 2022affected < 14-2.2fixed 14-2.2
A use-after-free flaw was found in the Linux kernel’s Bluetooth subsystem in the way user calls connect to the socket and disconnect simultaneously due to a race condition. This flaw allows a user to crash the system or escalate their privileges. The highest threat from this vuln
- CVE-2021-0935Oct 25, 2021affected < 14-2.2fixed 14-2.2
In ip6_xmit of ip6_output.c, there is a possible out of bounds write due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid
- CVE-2021-41864Oct 1, 2021affected < 14-2.2fixed 14-2.2
prealloc_elems_and_freelist in kernel/bpf/stackmap.c in the Linux kernel before 5.14.12 allows unprivileged users to trigger an eBPF multiplication integer overflow with a resultant out-of-bounds write.
- CVE-2021-3653Sep 29, 2021affected < 12-2.2fixed 12-2.2
A flaw was found in the KVM's AMD code for supporting SVM nested virtualization. The flaw occurs when processing the VMCB (virtual machine control block) provided by the L1 guest to spawn/handle a nested guest (L2). Due to improper validation of the "int_ctl" field, this issue co
- CVE-2021-3573Aug 13, 2021affected < 13-2.2fixed 13-2.2
A use-after-free in function hci_sock_bound_ioctl() of the Linux kernel HCI subsystem was found in the way user calls ioct HCIUNBLOCKADDR or other way triggers race condition of the call hci_unregister_dev() together with one of the calls hci_sock_blacklist_add(), hci_sock_blackl
- CVE-2021-38198Aug 8, 2021affected < 12-2.2fixed 12-2.2
arch/x86/kvm/mmu/paging_tmpl.h in the Linux kernel before 5.12.11 incorrectly computes the access permissions of a shadow page, leading to a missing guest protection page fault.
- CVE-2021-38160Aug 7, 2021affected < 13-2.2fixed 13-2.2
In drivers/char/virtio_console.c in the Linux kernel before 5.13.4, data corruption or loss can be triggered by an untrusted device that supplies a buf->len value exceeding the buffer size. NOTE: the vendor indicates that the cited data corruption is not a vulnerability in any ex
- CVE-2021-37576Jul 26, 2021affected < 11-2.2fixed 11-2.2
arch/powerpc/kvm/book3s_rtas.c in the Linux kernel through 5.13.5 on the powerpc platform allows KVM guest OS users to cause host OS memory corruption via rtas_args.nargs, aka CID-f62f3c20647e.
- CVE-2021-33909Jul 20, 2021affected < 10-2.2fixed 10-2.2
fs/seq_file.c in the Linux kernel 3.16 through 5.13.x before 5.13.4 does not properly restrict seq buffer allocations, leading to an integer overflow, an Out-of-bounds Write, and escalation to root by an unprivileged user, aka CID-8cae8cd89f05.
- affected < 10-2.2fixed 10-2.2
A heap out-of-bounds write affecting Linux since v2.6.19-rc1 was discovered in net/netfilter/x_tables.c. This allows an attacker to gain privileges or cause a DoS (via heap memory corruption) through user name space
- CVE-2021-0605Jun 22, 2021affected < 9-2.2fixed 9-2.2
In pfkey_dump of af_key.c, there is a possible out-of-bounds read due to a missing bounds check. This could lead to local information disclosure in the kernel with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Androi
- CVE-2021-0512Jun 21, 2021affected < 9-2.2fixed 9-2.2
In __hidinput_change_resolution_multipliers of hid-input.c, there is a possible out of bounds write due to a heap buffer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Prod
- CVE-2020-36385Jun 7, 2021affected < 10-2.2fixed 10-2.2
An issue was discovered in the Linux kernel before 5.10. drivers/infiniband/core/ucma.c has a use-after-free because the ctx is reached via the ctx_list in some ucma_migrate_id situations where ucma_close is called, aka CID-f5449e74802c.
- CVE-2020-25668May 26, 2021affected < 1-1.5.1fixed 1-1.5.1
A flaw was found in Linux Kernel because access to the global variable fg_console is not properly synchronized leading to a use after free in con_font_op.
- CVE-2021-22543May 26, 2021affected < 11-2.2fixed 11-2.2
An issue was discovered in Linux: KVM through Improper handling of VM_IO|VM_PFNMAP vmas in KVM can bypass RO checks and can lead to pages being freed while still accessible by the VMM and guest. This allows users with the ability to start and control a VM to read/write random pag
- CVE-2021-33034May 14, 2021affected < 8-2.2fixed 8-2.2
In the Linux kernel before 5.12.4, net/bluetooth/hci_event.c has a use-after-free when destroying an hci_chan, aka CID-5c4c8c954409. This leads to writing an arbitrary value.
Page 1 of 4