rpm package
suse/kernel-obs-build&distro=SUSE Linux Enterprise Server 15 SP1-LTSS
pkg:rpm/suse/kernel-obs-build&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP1-LTSS
Vulnerabilities (396)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2021-0920 | — | KEV | < 4.12.14-197.105.1 | 4.12.14-197.105.1 | Dec 15, 2021 | In unix_scm_to_skb of af_unix.c, there is a possible use after free bug due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndro | |
| CVE-2018-25020 | — | < 4.12.14-197.105.1 | 4.12.14-197.105.1 | Dec 8, 2021 | The BPF subsystem in the Linux kernel before 4.17 mishandles situations with a long jump over an instruction sequence where inner instructions require substantial expansions into multiple BPF instructions, leading to an overflow. This affects kernel/bpf/core.c and net/core/filter | ||
| CVE-2021-33098 | — | < 4.12.14-197.105.1 | 4.12.14-197.105.1 | Nov 17, 2021 | Improper input validation in the Intel(R) Ethernet ixgbe driver for Linux before version 3.17.3 may allow an authenticated user to potentially enable denial of service via local access. | ||
| CVE-2021-43975 | — | < 4.12.14-197.105.1 | 4.12.14-197.105.1 | Nov 17, 2021 | In the Linux kernel through 5.15.2, hw_atl_utils_fw_rpc_wait in drivers/net/ethernet/aquantia/atlantic/hw_atl/hw_atl_utils.c allows an attacker (who can introduce a crafted device) to trigger an out-of-bounds write via a crafted length value. | ||
| CVE-2021-43976 | — | < 4.12.14-197.105.1 | 4.12.14-197.105.1 | Nov 17, 2021 | In the Linux kernel through 5.15.2, mwifiex_usb_recv in drivers/net/wireless/marvell/mwifiex/usb.c allows an attacker (who can connect a crafted USB device) to cause a denial of service (skb_over_panic). | ||
| CVE-2021-43389 | — | < 4.12.14-150100.197.114.2 | 4.12.14-150100.197.114.2 | Nov 4, 2021 | An issue was discovered in the Linux kernel before 5.14.15. There is an array-index-out-of-bounds flaw in the detach_capi_ctr function in drivers/isdn/capi/kcapi.c. | ||
| CVE-2020-27820 | — | < 4.12.14-197.105.1 | 4.12.14-197.105.1 | Nov 2, 2021 | A vulnerability was found in Linux kernel, where a use-after-frees in nouveau's postclose() handler could happen if removing device (that is not common to remove video card physically without power-off, but same happens if "unbind" the driver). | ||
| CVE-2021-0935 | — | < 4.12.14-197.105.1 | 4.12.14-197.105.1 | Oct 25, 2021 | In ip6_xmit of ip6_output.c, there is a possible out of bounds write due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid | ||
| CVE-2021-0941 | — | < 4.12.14-197.102.1 | 4.12.14-197.102.1 | Oct 25, 2021 | In bpf_skb_change_head of filter.c, there is a possible out of bounds read due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAn | ||
| CVE-2021-42739 | — | < 4.12.14-197.102.1 | 4.12.14-197.102.1 | Oct 20, 2021 | The firewire subsystem in the Linux kernel through 5.14.13 has a buffer overflow related to drivers/media/firewire/firedtv-avc.c and drivers/media/firewire/firedtv-ci.c, because avc_ca_pmt mishandles bounds checking. | ||
| CVE-2021-42252 | — | < 4.12.14-197.102.1 | 4.12.14-197.102.1 | Oct 11, 2021 | An issue was discovered in aspeed_lpc_ctrl_mmap in drivers/soc/aspeed/aspeed-lpc-ctrl.c in the Linux kernel before 5.14.6. Local attackers able to access the Aspeed LPC control interface could overwrite memory in the kernel and potentially execute privileges, aka CID-b49a0e69a7b1 | ||
| CVE-2021-42008 | — | < 4.12.14-197.102.1 | 4.12.14-197.102.1 | Oct 4, 2021 | The decode_data function in drivers/net/hamradio/6pack.c in the Linux kernel before 5.13.13 has a slab out-of-bounds write. Input from a process that has the CAP_NET_ADMIN capability can lead to root access. | ||
| CVE-2021-41864 | — | < 4.12.14-197.102.1 | 4.12.14-197.102.1 | Oct 1, 2021 | prealloc_elems_and_freelist in kernel/bpf/stackmap.c in the Linux kernel before 5.14.12 allows unprivileged users to trigger an eBPF multiplication integer overflow with a resultant out-of-bounds write. | ||
| CVE-2021-3653 | — | < 4.12.14-197.102.1 | 4.12.14-197.102.1 | Sep 29, 2021 | A flaw was found in the KVM's AMD code for supporting SVM nested virtualization. The flaw occurs when processing the VMCB (virtual machine control block) provided by the L1 guest to spawn/handle a nested guest (L2). Due to improper validation of the "int_ctl" field, this issue co | ||
| CVE-2021-40490 | — | < 4.12.14-197.102.1 | 4.12.14-197.102.1 | Sep 3, 2021 | A race condition was discovered in ext4_write_inline_data_end in fs/ext4/inline.c in the ext4 subsystem in the Linux kernel through 5.13.13. | ||
| CVE-2021-38198 | — | < 4.12.14-197.102.1 | 4.12.14-197.102.1 | Aug 8, 2021 | arch/x86/kvm/mmu/paging_tmpl.h in the Linux kernel before 5.12.11 incorrectly computes the access permissions of a shadow page, leading to a missing guest protection page fault. | ||
| CVE-2021-38204 | — | < 4.12.14-197.102.1 | 4.12.14-197.102.1 | Aug 8, 2021 | drivers/usb/host/max3421-hcd.c in the Linux kernel before 5.13.6 allows physically proximate attackers to cause a denial of service (use-after-free and panic) by removing a MAX-3421 USB device in certain situations. | ||
| CVE-2021-38208 | — | < 4.12.14-150100.197.114.2 | 4.12.14-150100.197.114.2 | Aug 8, 2021 | net/nfc/llcp_sock.c in the Linux kernel before 5.12.10 allows local unprivileged users to cause a denial of service (NULL pointer dereference and BUG) by making a getsockname call after a certain type of failure of a bind call. | ||
| CVE-2021-38160 | — | < 4.12.14-197.102.1 | 4.12.14-197.102.1 | Aug 7, 2021 | In drivers/char/virtio_console.c in the Linux kernel before 5.13.4, data corruption or loss can be triggered by an untrusted device that supplies a buf->len value exceeding the buffer size. NOTE: the vendor indicates that the cited data corruption is not a vulnerability in any ex | ||
| CVE-2021-3655 | — | < 4.12.14-197.102.1 | 4.12.14-197.102.1 | Aug 5, 2021 | A vulnerability was found in the Linux kernel in versions prior to v5.14-rc1. Missing size validations on inbound SCTP packets may allow the kernel to read uninitialized memory. |
- affected < 4.12.14-197.105.1fixed 4.12.14-197.105.1
In unix_scm_to_skb of af_unix.c, there is a possible use after free bug due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndro
- CVE-2018-25020Dec 8, 2021affected < 4.12.14-197.105.1fixed 4.12.14-197.105.1
The BPF subsystem in the Linux kernel before 4.17 mishandles situations with a long jump over an instruction sequence where inner instructions require substantial expansions into multiple BPF instructions, leading to an overflow. This affects kernel/bpf/core.c and net/core/filter
- CVE-2021-33098Nov 17, 2021affected < 4.12.14-197.105.1fixed 4.12.14-197.105.1
Improper input validation in the Intel(R) Ethernet ixgbe driver for Linux before version 3.17.3 may allow an authenticated user to potentially enable denial of service via local access.
- CVE-2021-43975Nov 17, 2021affected < 4.12.14-197.105.1fixed 4.12.14-197.105.1
In the Linux kernel through 5.15.2, hw_atl_utils_fw_rpc_wait in drivers/net/ethernet/aquantia/atlantic/hw_atl/hw_atl_utils.c allows an attacker (who can introduce a crafted device) to trigger an out-of-bounds write via a crafted length value.
- CVE-2021-43976Nov 17, 2021affected < 4.12.14-197.105.1fixed 4.12.14-197.105.1
In the Linux kernel through 5.15.2, mwifiex_usb_recv in drivers/net/wireless/marvell/mwifiex/usb.c allows an attacker (who can connect a crafted USB device) to cause a denial of service (skb_over_panic).
- CVE-2021-43389Nov 4, 2021affected < 4.12.14-150100.197.114.2fixed 4.12.14-150100.197.114.2
An issue was discovered in the Linux kernel before 5.14.15. There is an array-index-out-of-bounds flaw in the detach_capi_ctr function in drivers/isdn/capi/kcapi.c.
- CVE-2020-27820Nov 2, 2021affected < 4.12.14-197.105.1fixed 4.12.14-197.105.1
A vulnerability was found in Linux kernel, where a use-after-frees in nouveau's postclose() handler could happen if removing device (that is not common to remove video card physically without power-off, but same happens if "unbind" the driver).
- CVE-2021-0935Oct 25, 2021affected < 4.12.14-197.105.1fixed 4.12.14-197.105.1
In ip6_xmit of ip6_output.c, there is a possible out of bounds write due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid
- CVE-2021-0941Oct 25, 2021affected < 4.12.14-197.102.1fixed 4.12.14-197.102.1
In bpf_skb_change_head of filter.c, there is a possible out of bounds read due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAn
- CVE-2021-42739Oct 20, 2021affected < 4.12.14-197.102.1fixed 4.12.14-197.102.1
The firewire subsystem in the Linux kernel through 5.14.13 has a buffer overflow related to drivers/media/firewire/firedtv-avc.c and drivers/media/firewire/firedtv-ci.c, because avc_ca_pmt mishandles bounds checking.
- CVE-2021-42252Oct 11, 2021affected < 4.12.14-197.102.1fixed 4.12.14-197.102.1
An issue was discovered in aspeed_lpc_ctrl_mmap in drivers/soc/aspeed/aspeed-lpc-ctrl.c in the Linux kernel before 5.14.6. Local attackers able to access the Aspeed LPC control interface could overwrite memory in the kernel and potentially execute privileges, aka CID-b49a0e69a7b1
- CVE-2021-42008Oct 4, 2021affected < 4.12.14-197.102.1fixed 4.12.14-197.102.1
The decode_data function in drivers/net/hamradio/6pack.c in the Linux kernel before 5.13.13 has a slab out-of-bounds write. Input from a process that has the CAP_NET_ADMIN capability can lead to root access.
- CVE-2021-41864Oct 1, 2021affected < 4.12.14-197.102.1fixed 4.12.14-197.102.1
prealloc_elems_and_freelist in kernel/bpf/stackmap.c in the Linux kernel before 5.14.12 allows unprivileged users to trigger an eBPF multiplication integer overflow with a resultant out-of-bounds write.
- CVE-2021-3653Sep 29, 2021affected < 4.12.14-197.102.1fixed 4.12.14-197.102.1
A flaw was found in the KVM's AMD code for supporting SVM nested virtualization. The flaw occurs when processing the VMCB (virtual machine control block) provided by the L1 guest to spawn/handle a nested guest (L2). Due to improper validation of the "int_ctl" field, this issue co
- CVE-2021-40490Sep 3, 2021affected < 4.12.14-197.102.1fixed 4.12.14-197.102.1
A race condition was discovered in ext4_write_inline_data_end in fs/ext4/inline.c in the ext4 subsystem in the Linux kernel through 5.13.13.
- CVE-2021-38198Aug 8, 2021affected < 4.12.14-197.102.1fixed 4.12.14-197.102.1
arch/x86/kvm/mmu/paging_tmpl.h in the Linux kernel before 5.12.11 incorrectly computes the access permissions of a shadow page, leading to a missing guest protection page fault.
- CVE-2021-38204Aug 8, 2021affected < 4.12.14-197.102.1fixed 4.12.14-197.102.1
drivers/usb/host/max3421-hcd.c in the Linux kernel before 5.13.6 allows physically proximate attackers to cause a denial of service (use-after-free and panic) by removing a MAX-3421 USB device in certain situations.
- CVE-2021-38208Aug 8, 2021affected < 4.12.14-150100.197.114.2fixed 4.12.14-150100.197.114.2
net/nfc/llcp_sock.c in the Linux kernel before 5.12.10 allows local unprivileged users to cause a denial of service (NULL pointer dereference and BUG) by making a getsockname call after a certain type of failure of a bind call.
- CVE-2021-38160Aug 7, 2021affected < 4.12.14-197.102.1fixed 4.12.14-197.102.1
In drivers/char/virtio_console.c in the Linux kernel before 5.13.4, data corruption or loss can be triggered by an untrusted device that supplies a buf->len value exceeding the buffer size. NOTE: the vendor indicates that the cited data corruption is not a vulnerability in any ex
- CVE-2021-3655Aug 5, 2021affected < 4.12.14-197.102.1fixed 4.12.14-197.102.1
A vulnerability was found in the Linux kernel in versions prior to v5.14-rc1. Missing size validations on inbound SCTP packets may allow the kernel to read uninitialized memory.
Page 15 of 20