suse/kernel-livepatch-SLE15_Update_24&distro=SUSE Linux Enterprise Live Patching 15

Vulnerabilities (74)

• CVE-2021-0941Oct 25, 2021
  affected < 9-2.1fixed 9-2.1

  In bpf_skb_change_head of filter.c, there is a possible out of bounds read due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAn

• CVE-2021-42739Oct 20, 2021
  affected < 10-2.2fixed 10-2.2

  The firewire subsystem in the Linux kernel through 5.14.13 has a buffer overflow related to drivers/media/firewire/firedtv-avc.c and drivers/media/firewire/firedtv-ci.c, because avc_ca_pmt mishandles bounds checking.

• CVE-2021-41864Oct 1, 2021
  affected < 8-2.2fixed 8-2.2

  prealloc_elems_and_freelist in kernel/bpf/stackmap.c in the Linux kernel before 5.14.12 allows unprivileged users to trigger an eBPF multiplication integer overflow with a resultant out-of-bounds write.

• CVE-2021-3653Sep 29, 2021
  affected < 6-2.2fixed 6-2.2

  A flaw was found in the KVM's AMD code for supporting SVM nested virtualization. The flaw occurs when processing the VMCB (virtual machine control block) provided by the L1 guest to spawn/handle a nested guest (L2). Due to improper validation of the "int_ctl" field, this issue co

• CVE-2021-3573Aug 13, 2021
  affected < 7-2.1fixed 7-2.1

  A use-after-free in function hci_sock_bound_ioctl() of the Linux kernel HCI subsystem was found in the way user calls ioct HCIUNBLOCKADDR or other way triggers race condition of the call hci_unregister_dev() together with one of the calls hci_sock_blacklist_add(), hci_sock_blackl

• CVE-2021-38198Aug 8, 2021
  affected < 6-2.2fixed 6-2.2

  arch/x86/kvm/mmu/paging_tmpl.h in the Linux kernel before 5.12.11 incorrectly computes the access permissions of a shadow page, leading to a missing guest protection page fault.

• CVE-2021-38160Aug 7, 2021
  affected < 7-2.1fixed 7-2.1

  In drivers/char/virtio_console.c in the Linux kernel before 5.13.4, data corruption or loss can be triggered by an untrusted device that supplies a buf->len value exceeding the buffer size. NOTE: the vendor indicates that the cited data corruption is not a vulnerability in any ex

• CVE-2021-37576Jul 26, 2021
  affected < 5-2.1fixed 5-2.1

  arch/powerpc/kvm/book3s_rtas.c in the Linux kernel through 5.13.5 on the powerpc platform allows KVM guest OS users to cause host OS memory corruption via rtas_args.nargs, aka CID-f62f3c20647e.

• CVE-2021-33909Jul 20, 2021
  affected < 4-2.1fixed 4-2.1

  fs/seq_file.c in the Linux kernel 3.16 through 5.13.x before 5.13.4 does not properly restrict seq buffer allocations, leading to an integer overflow, an Out-of-bounds Write, and escalation to root by an unprivileged user, aka CID-8cae8cd89f05.

• CVE-2021-22555KEVJul 7, 2021
  affected < 4-2.1fixed 4-2.1

  A heap out-of-bounds write affecting Linux since v2.6.19-rc1 was discovered in net/netfilter/x_tables.c. This allows an attacker to gain privileges or cause a DoS (via heap memory corruption) through user name space

• CVE-2021-0605Jun 22, 2021
  affected < 3-2.1fixed 3-2.1

  In pfkey_dump of af_key.c, there is a possible out-of-bounds read due to a missing bounds check. This could lead to local information disclosure in the kernel with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Androi

• CVE-2021-0512Jun 21, 2021
  affected < 3-2.1fixed 3-2.1

  In __hidinput_change_resolution_multipliers of hid-input.c, there is a possible out of bounds write due to a heap buffer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Prod

• CVE-2020-36385Jun 7, 2021
  affected < 4-2.1fixed 4-2.1

  An issue was discovered in the Linux kernel before 5.10. drivers/infiniband/core/ucma.c has a use-after-free because the ctx is reached via the ctx_list in some ucma_migrate_id situations where ucma_close is called, aka CID-f5449e74802c.

• CVE-2021-33200May 27, 2021
  affected < 2-2.1fixed 2-2.1

  kernel/bpf/verifier.c in the Linux kernel through 5.12.7 enforces incorrect limits for pointer arithmetic operations, aka CID-bb01a1bba579. This can be abused to perform out-of-bounds reads and writes in kernel memory, leading to local privilege escalation to root. In particular,

• CVE-2020-27815May 26, 2021
  affected < 1-1.3.1fixed 1-1.3.1

  A flaw was found in the JFS filesystem code in the Linux Kernel which allows a local attacker with the ability to set extended attributes to panic the system, causing memory corruption or escalating privileges. The highest threat from this vulnerability is to confidentiality, int

• CVE-2020-25673May 26, 2021
  affected < 1-1.3.1fixed 1-1.3.1

  A vulnerability was found in Linux kernel where non-blocking socket in llcp_sock_connect() leads to leak and eventually hanging-up the system.

• CVE-2020-25671May 26, 2021
  affected < 1-1.3.1fixed 1-1.3.1

  A vulnerability was found in Linux Kernel, where a refcount leak in llcp_sock_connect() causing use-after-free which might lead to privilege escalations.

• CVE-2021-22543May 26, 2021
  affected < 5-2.1fixed 5-2.1

  An issue was discovered in Linux: KVM through Improper handling of VM_IO|VM_PFNMAP vmas in KVM can bypass RO checks and can lead to pages being freed while still accessible by the VMM and guest. This allows users with the ability to start and control a VM to read/write random pag

• CVE-2020-25670May 26, 2021
  affected < 1-1.3.1fixed 1-1.3.1

  A vulnerability was found in Linux Kernel where refcount leak in llcp_sock_bind() causing use-after-free which might lead to privilege escalations.

• CVE-2020-25672May 25, 2021
  affected < 1-1.3.1fixed 1-1.3.1

  A memory leak vulnerability was found in Linux kernel in llcp_sock_connect