rpm package
suse/kernel-livepatch-SLE15_Update_23&distro=SUSE Linux Enterprise Live Patching 15
pkg:rpm/suse/kernel-livepatch-SLE15_Update_23&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2015
Vulnerabilities (48)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2021-27363 | — | < 2-2.2 | 2-2.2 | Mar 7, 2021 | An issue was discovered in the Linux kernel through 5.11.3. A kernel pointer leak can be used to determine the address of the iscsi_transport structure. When an iSCSI transport is registered with the iSCSI subsystem, the transport's handle is available to unprivileged users via t | ||
| CVE-2021-26932 | — | < 1-1.3.1 | 1-1.3.1 | Feb 17, 2021 | An issue was discovered in the Linux kernel 3.2 through 5.10.16, as used by Xen. Grant mapping operations often occur in batch hypercalls, where a number of operations are done in a single hypercall, the success or failure of each one is reported to the backend driver, and the ba | ||
| CVE-2021-26931 | — | < 1-1.3.1 | 1-1.3.1 | Feb 17, 2021 | An issue was discovered in the Linux kernel 2.6.39 through 5.10.16, as used in Xen. Block, net, and SCSI backends consider certain errors a plain bug, deliberately causing a kernel crash. For errors potentially being at least under the influence of guests (such as out of memory c | ||
| CVE-2021-26930 | — | < 1-1.3.1 | 1-1.3.1 | Feb 17, 2021 | An issue was discovered in the Linux kernel 3.11 through 5.10.16, as used by Xen. To service requests to the PV backend, the driver maps grant references provided by the frontend. In this process, errors may be encountered. In one case, an error encountered earlier might be disca | ||
| CVE-2020-29368 | — | < 1-1.3.1 | 1-1.3.1 | Nov 28, 2020 | An issue was discovered in __split_huge_pmd in mm/huge_memory.c in the Linux kernel before 5.7.5. The copy-on-write implementation can grant unintended write access because of a race condition in a THP mapcount check, aka CID-c444eb564fb1. | ||
| CVE-2020-29374 | — | < 1-1.3.1 | 1-1.3.1 | Nov 28, 2020 | An issue was discovered in the Linux kernel before 5.7.3, related to mm/gup.c and mm/huge_memory.c. The get_user_pages (aka gup) implementation, when used for a copy-on-write page, does not properly consider the semantics of read operations and therefore can grant unintended writ | ||
| CVE-2020-0433 | — | < 4-2.2 | 4-2.2 | Sep 17, 2020 | In blk_mq_queue_tag_busy_iter of blk-mq-tag.c, there is a possible use after free due to improper locking. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: An | ||
| CVE-2020-3702 | — | < 13-2.2 | 13-2.2 | Sep 8, 2020 | u'Specifically timed and handcrafted traffic can cause internal errors in a WLAN device that lead to improper layer 2 Wi-Fi encryption with a consequent possibility of information disclosure over the air for a discrete set of traffic' in Snapdragon Auto, Snapdragon Compute, Snapd |
- CVE-2021-27363Mar 7, 2021affected < 2-2.2fixed 2-2.2
An issue was discovered in the Linux kernel through 5.11.3. A kernel pointer leak can be used to determine the address of the iscsi_transport structure. When an iSCSI transport is registered with the iSCSI subsystem, the transport's handle is available to unprivileged users via t
- CVE-2021-26932Feb 17, 2021affected < 1-1.3.1fixed 1-1.3.1
An issue was discovered in the Linux kernel 3.2 through 5.10.16, as used by Xen. Grant mapping operations often occur in batch hypercalls, where a number of operations are done in a single hypercall, the success or failure of each one is reported to the backend driver, and the ba
- CVE-2021-26931Feb 17, 2021affected < 1-1.3.1fixed 1-1.3.1
An issue was discovered in the Linux kernel 2.6.39 through 5.10.16, as used in Xen. Block, net, and SCSI backends consider certain errors a plain bug, deliberately causing a kernel crash. For errors potentially being at least under the influence of guests (such as out of memory c
- CVE-2021-26930Feb 17, 2021affected < 1-1.3.1fixed 1-1.3.1
An issue was discovered in the Linux kernel 3.11 through 5.10.16, as used by Xen. To service requests to the PV backend, the driver maps grant references provided by the frontend. In this process, errors may be encountered. In one case, an error encountered earlier might be disca
- CVE-2020-29368Nov 28, 2020affected < 1-1.3.1fixed 1-1.3.1
An issue was discovered in __split_huge_pmd in mm/huge_memory.c in the Linux kernel before 5.7.5. The copy-on-write implementation can grant unintended write access because of a race condition in a THP mapcount check, aka CID-c444eb564fb1.
- CVE-2020-29374Nov 28, 2020affected < 1-1.3.1fixed 1-1.3.1
An issue was discovered in the Linux kernel before 5.7.3, related to mm/gup.c and mm/huge_memory.c. The get_user_pages (aka gup) implementation, when used for a copy-on-write page, does not properly consider the semantics of read operations and therefore can grant unintended writ
- CVE-2020-0433Sep 17, 2020affected < 4-2.2fixed 4-2.2
In blk_mq_queue_tag_busy_iter of blk-mq-tag.c, there is a possible use after free due to improper locking. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: An
- CVE-2020-3702Sep 8, 2020affected < 13-2.2fixed 13-2.2
u'Specifically timed and handcrafted traffic can cause internal errors in a WLAN device that lead to improper layer 2 Wi-Fi encryption with a consequent possibility of information disclosure over the air for a discrete set of traffic' in Snapdragon Auto, Snapdragon Compute, Snapd
Page 3 of 3