rpm package

suse/kernel-livepatch-SLE15_Update_24&distro=SUSE Linux Enterprise Live Patching 15

pkg:rpm/suse/kernel-livepatch-SLE15_Update_24&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2015

Vulnerabilities (74)

CVE	CVSS	Affected versions	Fixed in	Published	Description
CVE-2021-3483	—	< 1-1.3.1	1-1.3.1	May 17, 2021	A flaw was found in the Nosy driver in the Linux kernel. This issue allows a device to be inserted twice into a doubly-linked list, leading to a use-after-free when one of these devices is removed. The highest threat from this vulnerability is to confidentiality, integrity, as we
CVE-2021-33034	—	< 2-2.1	2-2.1	May 14, 2021	In the Linux kernel before 5.12.4, net/bluetooth/hci_event.c has a use-after-free when destroying an hci_chan, aka CID-5c4c8c954409. This leads to writing an arbitrary value.
CVE-2021-23134	—	< 2-2.1	2-2.1	May 12, 2021	Use After Free vulnerability in nfc sockets in the Linux Kernel before 5.12.4 allows local attackers to elevate their privileges. In typical configurations, the issue can only be triggered by a privileged local user with the CAP_NET_RAW capability.
CVE-2021-32399	—	< 2-2.1	2-2.1	May 10, 2021	net/bluetooth/hci_request.c in the Linux kernel through 5.12.2 has a race condition for removal of the HCI controller.
CVE-2020-35519	—	< 1-1.3.1	1-1.3.1	May 6, 2021	An out-of-bounds (OOB) memory access flaw was found in x25_bind in net/x25/af_x25.c in the Linux kernel version v5.12-rc5. A bounds check failure allows a local attacker with a user account on the system to gain access to out-of-bounds memory, leading to a system crash or a leak
CVE-2021-23133	—	< 3-2.1	3-2.1	Apr 22, 2021	A race condition in Linux kernel SCTP sockets (net/sctp/socket.c) before 5.12-rc8 can lead to kernel privilege escalation from the context of a network service or an unprivileged process. If sctp_destroy_sock is called without sock_net(sk)->sctp.addr_wq_lock then an element is re
CVE-2021-29155	—	< 1-1.3.1	1-1.3.1	Apr 20, 2021	An issue was discovered in the Linux kernel through 5.11.x. kernel/bpf/verifier.c performs undesirable out-of-bounds speculation on pointer arithmetic, leading to side-channel attacks that defeat Spectre mitigations and obtain sensitive information from kernel memory. Specificall
CVE-2020-36322	—	< 1-1.3.1	1-1.3.1	Apr 14, 2021	An issue was discovered in the FUSE filesystem implementation in the Linux kernel before 5.10.6, aka CID-5d069dbe8aaf. fuse_do_getattr() calls make_bad_inode() in inappropriate situations, causing a system crash. NOTE: the original fix for this vulnerability was incomplete, and i
CVE-2021-29154	—	< 1-1.3.1	1-1.3.1	Apr 8, 2021	BPF JIT compilers in the Linux kernel through 5.11.12 have incorrect computation of branch displacements, allowing them to execute arbitrary code within the kernel context. This affects arch/x86/net/bpf_jit_comp.c and arch/x86/net/bpf_jit_comp32.c.
CVE-2020-36310	—	< 1-1.3.1	1-1.3.1	Apr 6, 2021	An issue was discovered in the Linux kernel before 5.8. arch/x86/kvm/svm/svm.c allows a set_memory_region_test infinite loop for certain nested page faults, aka CID-e72436bc3a52.
CVE-2020-36311	—	< 1-1.3.1	1-1.3.1	Apr 6, 2021	An issue was discovered in the Linux kernel before 5.9. arch/x86/kvm/svm/sev.c allows attackers to cause a denial of service (soft lockup) by triggering destruction of a large SEV VM (which requires unregistering many encrypted regions), aka CID-7be74942f184.
CVE-2020-36312	—	< 1-1.3.1	1-1.3.1	Apr 6, 2021	An issue was discovered in the Linux kernel before 5.8.10. virt/kvm/kvm_main.c has a kvm_io_bus_unregister_dev memory leak upon a kmalloc failure, aka CID-f65886606c2d.
CVE-2021-28688	—	< 1-1.3.1	1-1.3.1	Apr 6, 2021	The fix for XSA-365 includes initialization of pointers such that subsequent cleanup code wouldn't use uninitialized or stale values. This initialization went too far and may under certain conditions also overwrite pointers which are in need of cleaning up. The lack of cleanup wo
CVE-2021-30002	—	< 1-1.3.1	1-1.3.1	Apr 2, 2021	An issue was discovered in the Linux kernel before 5.11.3 when a webcam device exists. video_usercopy in drivers/media/v4l2-core/v4l2-ioctl.c has a memory leak for large arguments, aka CID-fb18802a338b.
CVE-2021-29647	—	< 1-1.3.1	1-1.3.1	Mar 30, 2021	An issue was discovered in the Linux kernel before 5.11.11. qrtr_recvmsg in net/qrtr/qrtr.c allows attackers to obtain sensitive information from kernel memory because of a partially uninitialized data structure, aka CID-50535249f624.
CVE-2021-29650	—	< 1-1.3.1	1-1.3.1	Mar 30, 2021	An issue was discovered in the Linux kernel before 5.11.11. The netfilter subsystem allows attackers to cause a denial of service (panic) because net/netfilter/x_tables.c and include/linux/netfilter/x_tables.h lack a full memory barrier upon the assignment of a new table value, a
CVE-2021-29264	—	< 1-1.3.1	1-1.3.1	Mar 26, 2021	An issue was discovered in the Linux kernel through 5.11.10. drivers/net/ethernet/freescale/gianfar.c in the Freescale Gianfar Ethernet driver allows attackers to cause a system crash because a negative fragment size is calculated in situations involving an rx queue overrun when
CVE-2021-29265	—	< 1-1.3.1	1-1.3.1	Mar 26, 2021	An issue was discovered in the Linux kernel before 5.11.7. usbip_sockfd_store in drivers/usb/usbip/stub_dev.c allows attackers to cause a denial of service (GPF) because the stub-up sequence has race conditions during an update of the local and shared status, aka CID-9380afd6df70
CVE-2021-3444	—	< 1-1.3.1	1-1.3.1	Mar 23, 2021	The bpf verifier in the Linux kernel did not properly handle mod32 destination register truncation when the source register was known to be 0. A local attacker with the ability to load bpf programs could use this gain out-of-bounds reads in kernel memory leading to information di
CVE-2021-20219	—	< 1-1.3.1	1-1.3.1	Mar 23, 2021	A denial of service vulnerability was found in n_tty_receive_char_special in drivers/tty/n_tty.c of the Linux kernel. In this flaw a local attacker with a normal user privilege could delay the loop (due to a changing ldata->read_head, and a missing sanity check) and cause a threa

CVE-2021-3483May 17, 2021
affected < 1-1.3.1fixed 1-1.3.1
A flaw was found in the Nosy driver in the Linux kernel. This issue allows a device to be inserted twice into a doubly-linked list, leading to a use-after-free when one of these devices is removed. The highest threat from this vulnerability is to confidentiality, integrity, as we
CVE-2021-33034May 14, 2021
affected < 2-2.1fixed 2-2.1
In the Linux kernel before 5.12.4, net/bluetooth/hci_event.c has a use-after-free when destroying an hci_chan, aka CID-5c4c8c954409. This leads to writing an arbitrary value.
CVE-2021-23134May 12, 2021
affected < 2-2.1fixed 2-2.1
Use After Free vulnerability in nfc sockets in the Linux Kernel before 5.12.4 allows local attackers to elevate their privileges. In typical configurations, the issue can only be triggered by a privileged local user with the CAP_NET_RAW capability.
CVE-2021-32399May 10, 2021
affected < 2-2.1fixed 2-2.1
net/bluetooth/hci_request.c in the Linux kernel through 5.12.2 has a race condition for removal of the HCI controller.
CVE-2020-35519May 6, 2021
affected < 1-1.3.1fixed 1-1.3.1
An out-of-bounds (OOB) memory access flaw was found in x25_bind in net/x25/af_x25.c in the Linux kernel version v5.12-rc5. A bounds check failure allows a local attacker with a user account on the system to gain access to out-of-bounds memory, leading to a system crash or a leak
CVE-2021-23133Apr 22, 2021
affected < 3-2.1fixed 3-2.1
A race condition in Linux kernel SCTP sockets (net/sctp/socket.c) before 5.12-rc8 can lead to kernel privilege escalation from the context of a network service or an unprivileged process. If sctp_destroy_sock is called without sock_net(sk)->sctp.addr_wq_lock then an element is re
CVE-2021-29155Apr 20, 2021
affected < 1-1.3.1fixed 1-1.3.1
An issue was discovered in the Linux kernel through 5.11.x. kernel/bpf/verifier.c performs undesirable out-of-bounds speculation on pointer arithmetic, leading to side-channel attacks that defeat Spectre mitigations and obtain sensitive information from kernel memory. Specificall
CVE-2020-36322Apr 14, 2021
affected < 1-1.3.1fixed 1-1.3.1
An issue was discovered in the FUSE filesystem implementation in the Linux kernel before 5.10.6, aka CID-5d069dbe8aaf. fuse_do_getattr() calls make_bad_inode() in inappropriate situations, causing a system crash. NOTE: the original fix for this vulnerability was incomplete, and i
CVE-2021-29154Apr 8, 2021
affected < 1-1.3.1fixed 1-1.3.1
BPF JIT compilers in the Linux kernel through 5.11.12 have incorrect computation of branch displacements, allowing them to execute arbitrary code within the kernel context. This affects arch/x86/net/bpf_jit_comp.c and arch/x86/net/bpf_jit_comp32.c.
CVE-2020-36310Apr 6, 2021
affected < 1-1.3.1fixed 1-1.3.1
An issue was discovered in the Linux kernel before 5.8. arch/x86/kvm/svm/svm.c allows a set_memory_region_test infinite loop for certain nested page faults, aka CID-e72436bc3a52.
CVE-2020-36311Apr 6, 2021
affected < 1-1.3.1fixed 1-1.3.1
An issue was discovered in the Linux kernel before 5.9. arch/x86/kvm/svm/sev.c allows attackers to cause a denial of service (soft lockup) by triggering destruction of a large SEV VM (which requires unregistering many encrypted regions), aka CID-7be74942f184.
CVE-2020-36312Apr 6, 2021
affected < 1-1.3.1fixed 1-1.3.1
An issue was discovered in the Linux kernel before 5.8.10. virt/kvm/kvm_main.c has a kvm_io_bus_unregister_dev memory leak upon a kmalloc failure, aka CID-f65886606c2d.
CVE-2021-28688Apr 6, 2021
affected < 1-1.3.1fixed 1-1.3.1
The fix for XSA-365 includes initialization of pointers such that subsequent cleanup code wouldn't use uninitialized or stale values. This initialization went too far and may under certain conditions also overwrite pointers which are in need of cleaning up. The lack of cleanup wo
CVE-2021-30002Apr 2, 2021
affected < 1-1.3.1fixed 1-1.3.1
An issue was discovered in the Linux kernel before 5.11.3 when a webcam device exists. video_usercopy in drivers/media/v4l2-core/v4l2-ioctl.c has a memory leak for large arguments, aka CID-fb18802a338b.
CVE-2021-29647Mar 30, 2021
affected < 1-1.3.1fixed 1-1.3.1
An issue was discovered in the Linux kernel before 5.11.11. qrtr_recvmsg in net/qrtr/qrtr.c allows attackers to obtain sensitive information from kernel memory because of a partially uninitialized data structure, aka CID-50535249f624.
CVE-2021-29650Mar 30, 2021
affected < 1-1.3.1fixed 1-1.3.1
An issue was discovered in the Linux kernel before 5.11.11. The netfilter subsystem allows attackers to cause a denial of service (panic) because net/netfilter/x_tables.c and include/linux/netfilter/x_tables.h lack a full memory barrier upon the assignment of a new table value, a
CVE-2021-29264Mar 26, 2021
affected < 1-1.3.1fixed 1-1.3.1
An issue was discovered in the Linux kernel through 5.11.10. drivers/net/ethernet/freescale/gianfar.c in the Freescale Gianfar Ethernet driver allows attackers to cause a system crash because a negative fragment size is calculated in situations involving an rx queue overrun when
CVE-2021-29265Mar 26, 2021
affected < 1-1.3.1fixed 1-1.3.1
An issue was discovered in the Linux kernel before 5.11.7. usbip_sockfd_store in drivers/usb/usbip/stub_dev.c allows attackers to cause a denial of service (GPF) because the stub-up sequence has race conditions during an update of the local and shared status, aka CID-9380afd6df70
CVE-2021-3444Mar 23, 2021
affected < 1-1.3.1fixed 1-1.3.1
The bpf verifier in the Linux kernel did not properly handle mod32 destination register truncation when the source register was known to be 0. A local attacker with the ability to load bpf programs could use this gain out-of-bounds reads in kernel memory leading to information di
CVE-2021-20219Mar 23, 2021
affected < 1-1.3.1fixed 1-1.3.1
A denial of service vulnerability was found in n_tty_receive_char_special in drivers/tty/n_tty.c of the Linux kernel. In this flaw a local attacker with a normal user privilege could delay the loop (due to a changing ldata->read_head, and a missing sanity check) and cause a threa

Page 3 of 4