rpm package

suse/kernel-livepatch-SLE15_Update_25&distro=SUSE Linux Enterprise Live Patching 15

pkg:rpm/suse/kernel-livepatch-SLE15_Update_25&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2015

Vulnerabilities (58)

CVE	CVSS	KEV	Affected versions	Fixed in	Published	Description
CVE-2022-0487	—		< 10-150000.2.1	10-150000.2.1	Feb 4, 2022	A use-after-free vulnerability was found in rtsx_usb_ms_drv_remove in drivers/memstick/host/rtsx_usb_ms.c in memstick in the Linux kernel. In this flaw, a local attacker with a user privilege may impact system Confidentiality. This flaw affects kernel versions prior to 5.14 rc1.
CVE-2021-4083	—		< 8-2.2	8-2.2	Jan 18, 2022	A read-after-free memory flaw was found in the Linux kernel's garbage collection for Unix domain socket file handlers in the way users call close() and fget() simultaneously and can potentially trigger a race condition. This flaw allows a local user to crash the system or escalat
CVE-2021-0920	—	KEV	< 9-2.1	9-2.1	Dec 15, 2021	In unix_scm_to_skb of af_unix.c, there is a possible use after free bug due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndro
CVE-2018-25020	—		< 7-2.2	7-2.2	Dec 8, 2021	The BPF subsystem in the Linux kernel before 4.17 mishandles situations with a long jump over an instruction sequence where inner instructions require substantial expansions into multiple BPF instructions, leading to an overflow. This affects kernel/bpf/core.c and net/core/filter
CVE-2021-0935	—		< 5-2.2	5-2.2	Oct 25, 2021	In ip6_xmit of ip6_output.c, there is a possible out of bounds write due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid
CVE-2021-0941	—		< 6-2.1	6-2.1	Oct 25, 2021	In bpf_skb_change_head of filter.c, there is a possible out of bounds read due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAn
CVE-2021-42739	—		< 7-2.2	7-2.2	Oct 20, 2021	The firewire subsystem in the Linux kernel through 5.14.13 has a buffer overflow related to drivers/media/firewire/firedtv-avc.c and drivers/media/firewire/firedtv-ci.c, because avc_ca_pmt mishandles bounds checking.
CVE-2021-41864	—		< 5-2.2	5-2.2	Oct 1, 2021	prealloc_elems_and_freelist in kernel/bpf/stackmap.c in the Linux kernel before 5.14.12 allows unprivileged users to trigger an eBPF multiplication integer overflow with a resultant out-of-bounds write.
CVE-2021-3653	—		< 3-2.2	3-2.2	Sep 29, 2021	A flaw was found in the KVM's AMD code for supporting SVM nested virtualization. The flaw occurs when processing the VMCB (virtual machine control block) provided by the L1 guest to spawn/handle a nested guest (L2). Due to improper validation of the "int_ctl" field, this issue co
CVE-2021-3573	—		< 4-2.1	4-2.1	Aug 13, 2021	A use-after-free in function hci_sock_bound_ioctl() of the Linux kernel HCI subsystem was found in the way user calls ioct HCIUNBLOCKADDR or other way triggers race condition of the call hci_unregister_dev() together with one of the calls hci_sock_blacklist_add(), hci_sock_blackl
CVE-2021-38198	—		< 3-2.2	3-2.2	Aug 8, 2021	arch/x86/kvm/mmu/paging_tmpl.h in the Linux kernel before 5.12.11 incorrectly computes the access permissions of a shadow page, leading to a missing guest protection page fault.
CVE-2021-38160	—		< 4-2.1	4-2.1	Aug 7, 2021	In drivers/char/virtio_console.c in the Linux kernel before 5.13.4, data corruption or loss can be triggered by an untrusted device that supplies a buf->len value exceeding the buffer size. NOTE: the vendor indicates that the cited data corruption is not a vulnerability in any ex
CVE-2021-37576	—		< 2-2.1	2-2.1	Jul 26, 2021	arch/powerpc/kvm/book3s_rtas.c in the Linux kernel through 5.13.5 on the powerpc platform allows KVM guest OS users to cause host OS memory corruption via rtas_args.nargs, aka CID-f62f3c20647e.
CVE-2021-33909	—		< 1-1.3.1	1-1.3.1	Jul 20, 2021	fs/seq_file.c in the Linux kernel 3.16 through 5.13.x before 5.13.4 does not properly restrict seq buffer allocations, leading to an integer overflow, an Out-of-bounds Write, and escalation to root by an unprivileged user, aka CID-8cae8cd89f05.
CVE-2021-22555	—	KEV	< 1-1.3.1	1-1.3.1	Jul 7, 2021	A heap out-of-bounds write affecting Linux since v2.6.19-rc1 was discovered in net/netfilter/x_tables.c. This allows an attacker to gain privileges or cause a DoS (via heap memory corruption) through user name space
CVE-2021-33624	—		< 1-1.3.1	1-1.3.1	Jun 23, 2021	In kernel/bpf/verifier.c in the Linux kernel before 5.12.13, a branch can be mispredicted (e.g., because of type confusion) and consequently an unprivileged BPF program can read arbitrary memory locations via a side-channel attack, aka CID-9183671af6db.
CVE-2021-0605	—		< 1-1.3.1	1-1.3.1	Jun 22, 2021	In pfkey_dump of af_key.c, there is a possible out-of-bounds read due to a missing bounds check. This could lead to local information disclosure in the kernel with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Androi
CVE-2021-0512	—		< 1-1.3.1	1-1.3.1	Jun 21, 2021	In __hidinput_change_resolution_multipliers of hid-input.c, there is a possible out of bounds write due to a heap buffer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Prod
CVE-2021-34693	—		< 1-1.3.1	1-1.3.1	Jun 14, 2021	net/can/bcm.c in the Linux kernel through 5.12.10 allows local users to obtain sensitive information from kernel stack memory because parts of a data structure are uninitialized.
CVE-2021-0129	—		< 1-1.3.1	1-1.3.1	Jun 9, 2021	Improper access control in BlueZ may allow an authenticated user to potentially enable information disclosure via adjacent access.

CVE-2022-0487Feb 4, 2022
affected < 10-150000.2.1fixed 10-150000.2.1
A use-after-free vulnerability was found in rtsx_usb_ms_drv_remove in drivers/memstick/host/rtsx_usb_ms.c in memstick in the Linux kernel. In this flaw, a local attacker with a user privilege may impact system Confidentiality. This flaw affects kernel versions prior to 5.14 rc1.
CVE-2021-4083Jan 18, 2022
affected < 8-2.2fixed 8-2.2
A read-after-free memory flaw was found in the Linux kernel's garbage collection for Unix domain socket file handlers in the way users call close() and fget() simultaneously and can potentially trigger a race condition. This flaw allows a local user to crash the system or escalat
CVE-2021-0920KEVDec 15, 2021
affected < 9-2.1fixed 9-2.1
In unix_scm_to_skb of af_unix.c, there is a possible use after free bug due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndro
CVE-2018-25020Dec 8, 2021
affected < 7-2.2fixed 7-2.2
The BPF subsystem in the Linux kernel before 4.17 mishandles situations with a long jump over an instruction sequence where inner instructions require substantial expansions into multiple BPF instructions, leading to an overflow. This affects kernel/bpf/core.c and net/core/filter
CVE-2021-0935Oct 25, 2021
affected < 5-2.2fixed 5-2.2
In ip6_xmit of ip6_output.c, there is a possible out of bounds write due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid
CVE-2021-0941Oct 25, 2021
affected < 6-2.1fixed 6-2.1
In bpf_skb_change_head of filter.c, there is a possible out of bounds read due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAn
CVE-2021-42739Oct 20, 2021
affected < 7-2.2fixed 7-2.2
The firewire subsystem in the Linux kernel through 5.14.13 has a buffer overflow related to drivers/media/firewire/firedtv-avc.c and drivers/media/firewire/firedtv-ci.c, because avc_ca_pmt mishandles bounds checking.
CVE-2021-41864Oct 1, 2021
affected < 5-2.2fixed 5-2.2
prealloc_elems_and_freelist in kernel/bpf/stackmap.c in the Linux kernel before 5.14.12 allows unprivileged users to trigger an eBPF multiplication integer overflow with a resultant out-of-bounds write.
CVE-2021-3653Sep 29, 2021
affected < 3-2.2fixed 3-2.2
A flaw was found in the KVM's AMD code for supporting SVM nested virtualization. The flaw occurs when processing the VMCB (virtual machine control block) provided by the L1 guest to spawn/handle a nested guest (L2). Due to improper validation of the "int_ctl" field, this issue co
CVE-2021-3573Aug 13, 2021
affected < 4-2.1fixed 4-2.1
A use-after-free in function hci_sock_bound_ioctl() of the Linux kernel HCI subsystem was found in the way user calls ioct HCIUNBLOCKADDR or other way triggers race condition of the call hci_unregister_dev() together with one of the calls hci_sock_blacklist_add(), hci_sock_blackl
CVE-2021-38198Aug 8, 2021
affected < 3-2.2fixed 3-2.2
arch/x86/kvm/mmu/paging_tmpl.h in the Linux kernel before 5.12.11 incorrectly computes the access permissions of a shadow page, leading to a missing guest protection page fault.
CVE-2021-38160Aug 7, 2021
affected < 4-2.1fixed 4-2.1
In drivers/char/virtio_console.c in the Linux kernel before 5.13.4, data corruption or loss can be triggered by an untrusted device that supplies a buf->len value exceeding the buffer size. NOTE: the vendor indicates that the cited data corruption is not a vulnerability in any ex
CVE-2021-37576Jul 26, 2021
affected < 2-2.1fixed 2-2.1
arch/powerpc/kvm/book3s_rtas.c in the Linux kernel through 5.13.5 on the powerpc platform allows KVM guest OS users to cause host OS memory corruption via rtas_args.nargs, aka CID-f62f3c20647e.
CVE-2021-33909Jul 20, 2021
affected < 1-1.3.1fixed 1-1.3.1
fs/seq_file.c in the Linux kernel 3.16 through 5.13.x before 5.13.4 does not properly restrict seq buffer allocations, leading to an integer overflow, an Out-of-bounds Write, and escalation to root by an unprivileged user, aka CID-8cae8cd89f05.
CVE-2021-22555KEVJul 7, 2021
affected < 1-1.3.1fixed 1-1.3.1
A heap out-of-bounds write affecting Linux since v2.6.19-rc1 was discovered in net/netfilter/x_tables.c. This allows an attacker to gain privileges or cause a DoS (via heap memory corruption) through user name space
CVE-2021-33624Jun 23, 2021
affected < 1-1.3.1fixed 1-1.3.1
In kernel/bpf/verifier.c in the Linux kernel before 5.12.13, a branch can be mispredicted (e.g., because of type confusion) and consequently an unprivileged BPF program can read arbitrary memory locations via a side-channel attack, aka CID-9183671af6db.
CVE-2021-0605Jun 22, 2021
affected < 1-1.3.1fixed 1-1.3.1
In pfkey_dump of af_key.c, there is a possible out-of-bounds read due to a missing bounds check. This could lead to local information disclosure in the kernel with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Androi
CVE-2021-0512Jun 21, 2021
affected < 1-1.3.1fixed 1-1.3.1
In __hidinput_change_resolution_multipliers of hid-input.c, there is a possible out of bounds write due to a heap buffer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Prod
CVE-2021-34693Jun 14, 2021
affected < 1-1.3.1fixed 1-1.3.1
net/can/bcm.c in the Linux kernel through 5.12.10 allows local users to obtain sensitive information from kernel stack memory because parts of a data structure are uninitialized.
CVE-2021-0129Jun 9, 2021
affected < 1-1.3.1fixed 1-1.3.1
Improper access control in BlueZ may allow an authenticated user to potentially enable information disclosure via adjacent access.

Page 2 of 3