rpm package
suse/kernel-obs-build&distro=SUSE Linux Enterprise Server 15 SP1-LTSS
pkg:rpm/suse/kernel-obs-build&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP1-LTSS
Vulnerabilities (396)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2020-35519 | — | < 4.12.14-197.89.2 | 4.12.14-197.89.2 | May 6, 2021 | An out-of-bounds (OOB) memory access flaw was found in x25_bind in net/x25/af_x25.c in the Linux kernel version v5.12-rc5. A bounds check failure allows a local attacker with a user account on the system to gain access to out-of-bounds memory, leading to a system crash or a leak | ||
| CVE-2021-23133 | — | < 4.12.14-197.92.1 | 4.12.14-197.92.1 | Apr 22, 2021 | A race condition in Linux kernel SCTP sockets (net/sctp/socket.c) before 5.12-rc8 can lead to kernel privilege escalation from the context of a network service or an unprivileged process. If sctp_destroy_sock is called without sock_net(sk)->sctp.addr_wq_lock then an element is re | ||
| CVE-2021-29155 | — | < 4.12.14-197.89.2 | 4.12.14-197.89.2 | Apr 20, 2021 | An issue was discovered in the Linux kernel through 5.11.x. kernel/bpf/verifier.c performs undesirable out-of-bounds speculation on pointer arithmetic, leading to side-channel attacks that defeat Spectre mitigations and obtain sensitive information from kernel memory. Specificall | ||
| CVE-2020-36322 | — | < 4.12.14-197.89.2 | 4.12.14-197.89.2 | Apr 14, 2021 | An issue was discovered in the FUSE filesystem implementation in the Linux kernel before 5.10.6, aka CID-5d069dbe8aaf. fuse_do_getattr() calls make_bad_inode() in inappropriate situations, causing a system crash. NOTE: the original fix for this vulnerability was incomplete, and i | ||
| CVE-2021-29154 | — | < 4.12.14-197.89.2 | 4.12.14-197.89.2 | Apr 8, 2021 | BPF JIT compilers in the Linux kernel through 5.11.12 have incorrect computation of branch displacements, allowing them to execute arbitrary code within the kernel context. This affects arch/x86/net/bpf_jit_comp.c and arch/x86/net/bpf_jit_comp32.c. | ||
| CVE-2020-36310 | — | < 4.12.14-197.89.2 | 4.12.14-197.89.2 | Apr 6, 2021 | An issue was discovered in the Linux kernel before 5.8. arch/x86/kvm/svm/svm.c allows a set_memory_region_test infinite loop for certain nested page faults, aka CID-e72436bc3a52. | ||
| CVE-2020-36311 | — | < 4.12.14-197.89.2 | 4.12.14-197.89.2 | Apr 6, 2021 | An issue was discovered in the Linux kernel before 5.9. arch/x86/kvm/svm/sev.c allows attackers to cause a denial of service (soft lockup) by triggering destruction of a large SEV VM (which requires unregistering many encrypted regions), aka CID-7be74942f184. | ||
| CVE-2020-36312 | — | < 4.12.14-197.89.2 | 4.12.14-197.89.2 | Apr 6, 2021 | An issue was discovered in the Linux kernel before 5.8.10. virt/kvm/kvm_main.c has a kvm_io_bus_unregister_dev memory leak upon a kmalloc failure, aka CID-f65886606c2d. | ||
| CVE-2021-28688 | — | < 4.12.14-197.89.2 | 4.12.14-197.89.2 | Apr 6, 2021 | The fix for XSA-365 includes initialization of pointers such that subsequent cleanup code wouldn't use uninitialized or stale values. This initialization went too far and may under certain conditions also overwrite pointers which are in need of cleaning up. The lack of cleanup wo | ||
| CVE-2021-30002 | — | < 4.12.14-197.89.2 | 4.12.14-197.89.2 | Apr 2, 2021 | An issue was discovered in the Linux kernel before 5.11.3 when a webcam device exists. video_usercopy in drivers/media/v4l2-core/v4l2-ioctl.c has a memory leak for large arguments, aka CID-fb18802a338b. | ||
| CVE-2021-29647 | — | < 4.12.14-197.89.2 | 4.12.14-197.89.2 | Mar 30, 2021 | An issue was discovered in the Linux kernel before 5.11.11. qrtr_recvmsg in net/qrtr/qrtr.c allows attackers to obtain sensitive information from kernel memory because of a partially uninitialized data structure, aka CID-50535249f624. | ||
| CVE-2021-29650 | — | < 4.12.14-197.89.2 | 4.12.14-197.89.2 | Mar 30, 2021 | An issue was discovered in the Linux kernel before 5.11.11. The netfilter subsystem allows attackers to cause a denial of service (panic) because net/netfilter/x_tables.c and include/linux/netfilter/x_tables.h lack a full memory barrier upon the assignment of a new table value, a | ||
| CVE-2021-29264 | — | < 4.12.14-197.89.2 | 4.12.14-197.89.2 | Mar 26, 2021 | An issue was discovered in the Linux kernel through 5.11.10. drivers/net/ethernet/freescale/gianfar.c in the Freescale Gianfar Ethernet driver allows attackers to cause a system crash because a negative fragment size is calculated in situations involving an rx queue overrun when | ||
| CVE-2021-29265 | — | < 4.12.14-197.89.2 | 4.12.14-197.89.2 | Mar 26, 2021 | An issue was discovered in the Linux kernel before 5.11.7. usbip_sockfd_store in drivers/usb/usbip/stub_dev.c allows attackers to cause a denial of service (GPF) because the stub-up sequence has race conditions during an update of the local and shared status, aka CID-9380afd6df70 | ||
| CVE-2021-3444 | — | < 4.12.14-197.89.2 | 4.12.14-197.89.2 | Mar 23, 2021 | The bpf verifier in the Linux kernel did not properly handle mod32 destination register truncation when the source register was known to be 0. A local attacker with the ability to load bpf programs could use this gain out-of-bounds reads in kernel memory leading to information di | ||
| CVE-2021-20219 | — | < 4.12.14-197.89.2 | 4.12.14-197.89.2 | Mar 23, 2021 | A denial of service vulnerability was found in n_tty_receive_char_special in drivers/tty/n_tty.c of the Linux kernel. In this flaw a local attacker with a normal user privilege could delay the loop (due to a changing ldata->read_head, and a missing sanity check) and cause a threa | ||
| CVE-2021-28971 | — | < 4.12.14-197.89.2 | 4.12.14-197.89.2 | Mar 22, 2021 | In intel_pmu_drain_pebs_nhm in arch/x86/events/intel/ds.c in the Linux kernel through 5.11.8 on some Haswell CPUs, userspace applications (such as perf-fuzzer) can cause a system crash because the PEBS status in a PEBS record is mishandled, aka CID-d88d05a9e0b6. | ||
| CVE-2021-28972 | — | < 4.12.14-197.89.2 | 4.12.14-197.89.2 | Mar 22, 2021 | In drivers/pci/hotplug/rpadlpar_sysfs.c in the Linux kernel through 5.11.8, the RPA PCI Hotplug driver has a user-tolerable buffer overflow when writing a new device name to the driver from userspace, allowing userspace to write data to the kernel stack frame directly. This occur | ||
| CVE-2021-28964 | — | < 4.12.14-197.89.2 | 4.12.14-197.89.2 | Mar 22, 2021 | A race condition was discovered in get_old_root in fs/btrfs/ctree.c in the Linux kernel through 5.11.8. It allows attackers to cause a denial of service (BUG) because of a lack of locking on an extent buffer before a cloning operation, aka CID-dbcc7d57bffc. | ||
| CVE-2020-27171 | — | < 4.12.14-197.89.2 | 4.12.14-197.89.2 | Mar 20, 2021 | An issue was discovered in the Linux kernel before 5.11.8. kernel/bpf/verifier.c has an off-by-one error (with a resultant integer underflow) affecting out-of-bounds speculation on pointer arithmetic, leading to side-channel attacks that defeat Spectre mitigations and obtain sens |
- CVE-2020-35519May 6, 2021affected < 4.12.14-197.89.2fixed 4.12.14-197.89.2
An out-of-bounds (OOB) memory access flaw was found in x25_bind in net/x25/af_x25.c in the Linux kernel version v5.12-rc5. A bounds check failure allows a local attacker with a user account on the system to gain access to out-of-bounds memory, leading to a system crash or a leak
- CVE-2021-23133Apr 22, 2021affected < 4.12.14-197.92.1fixed 4.12.14-197.92.1
A race condition in Linux kernel SCTP sockets (net/sctp/socket.c) before 5.12-rc8 can lead to kernel privilege escalation from the context of a network service or an unprivileged process. If sctp_destroy_sock is called without sock_net(sk)->sctp.addr_wq_lock then an element is re
- CVE-2021-29155Apr 20, 2021affected < 4.12.14-197.89.2fixed 4.12.14-197.89.2
An issue was discovered in the Linux kernel through 5.11.x. kernel/bpf/verifier.c performs undesirable out-of-bounds speculation on pointer arithmetic, leading to side-channel attacks that defeat Spectre mitigations and obtain sensitive information from kernel memory. Specificall
- CVE-2020-36322Apr 14, 2021affected < 4.12.14-197.89.2fixed 4.12.14-197.89.2
An issue was discovered in the FUSE filesystem implementation in the Linux kernel before 5.10.6, aka CID-5d069dbe8aaf. fuse_do_getattr() calls make_bad_inode() in inappropriate situations, causing a system crash. NOTE: the original fix for this vulnerability was incomplete, and i
- CVE-2021-29154Apr 8, 2021affected < 4.12.14-197.89.2fixed 4.12.14-197.89.2
BPF JIT compilers in the Linux kernel through 5.11.12 have incorrect computation of branch displacements, allowing them to execute arbitrary code within the kernel context. This affects arch/x86/net/bpf_jit_comp.c and arch/x86/net/bpf_jit_comp32.c.
- CVE-2020-36310Apr 6, 2021affected < 4.12.14-197.89.2fixed 4.12.14-197.89.2
An issue was discovered in the Linux kernel before 5.8. arch/x86/kvm/svm/svm.c allows a set_memory_region_test infinite loop for certain nested page faults, aka CID-e72436bc3a52.
- CVE-2020-36311Apr 6, 2021affected < 4.12.14-197.89.2fixed 4.12.14-197.89.2
An issue was discovered in the Linux kernel before 5.9. arch/x86/kvm/svm/sev.c allows attackers to cause a denial of service (soft lockup) by triggering destruction of a large SEV VM (which requires unregistering many encrypted regions), aka CID-7be74942f184.
- CVE-2020-36312Apr 6, 2021affected < 4.12.14-197.89.2fixed 4.12.14-197.89.2
An issue was discovered in the Linux kernel before 5.8.10. virt/kvm/kvm_main.c has a kvm_io_bus_unregister_dev memory leak upon a kmalloc failure, aka CID-f65886606c2d.
- CVE-2021-28688Apr 6, 2021affected < 4.12.14-197.89.2fixed 4.12.14-197.89.2
The fix for XSA-365 includes initialization of pointers such that subsequent cleanup code wouldn't use uninitialized or stale values. This initialization went too far and may under certain conditions also overwrite pointers which are in need of cleaning up. The lack of cleanup wo
- CVE-2021-30002Apr 2, 2021affected < 4.12.14-197.89.2fixed 4.12.14-197.89.2
An issue was discovered in the Linux kernel before 5.11.3 when a webcam device exists. video_usercopy in drivers/media/v4l2-core/v4l2-ioctl.c has a memory leak for large arguments, aka CID-fb18802a338b.
- CVE-2021-29647Mar 30, 2021affected < 4.12.14-197.89.2fixed 4.12.14-197.89.2
An issue was discovered in the Linux kernel before 5.11.11. qrtr_recvmsg in net/qrtr/qrtr.c allows attackers to obtain sensitive information from kernel memory because of a partially uninitialized data structure, aka CID-50535249f624.
- CVE-2021-29650Mar 30, 2021affected < 4.12.14-197.89.2fixed 4.12.14-197.89.2
An issue was discovered in the Linux kernel before 5.11.11. The netfilter subsystem allows attackers to cause a denial of service (panic) because net/netfilter/x_tables.c and include/linux/netfilter/x_tables.h lack a full memory barrier upon the assignment of a new table value, a
- CVE-2021-29264Mar 26, 2021affected < 4.12.14-197.89.2fixed 4.12.14-197.89.2
An issue was discovered in the Linux kernel through 5.11.10. drivers/net/ethernet/freescale/gianfar.c in the Freescale Gianfar Ethernet driver allows attackers to cause a system crash because a negative fragment size is calculated in situations involving an rx queue overrun when
- CVE-2021-29265Mar 26, 2021affected < 4.12.14-197.89.2fixed 4.12.14-197.89.2
An issue was discovered in the Linux kernel before 5.11.7. usbip_sockfd_store in drivers/usb/usbip/stub_dev.c allows attackers to cause a denial of service (GPF) because the stub-up sequence has race conditions during an update of the local and shared status, aka CID-9380afd6df70
- CVE-2021-3444Mar 23, 2021affected < 4.12.14-197.89.2fixed 4.12.14-197.89.2
The bpf verifier in the Linux kernel did not properly handle mod32 destination register truncation when the source register was known to be 0. A local attacker with the ability to load bpf programs could use this gain out-of-bounds reads in kernel memory leading to information di
- CVE-2021-20219Mar 23, 2021affected < 4.12.14-197.89.2fixed 4.12.14-197.89.2
A denial of service vulnerability was found in n_tty_receive_char_special in drivers/tty/n_tty.c of the Linux kernel. In this flaw a local attacker with a normal user privilege could delay the loop (due to a changing ldata->read_head, and a missing sanity check) and cause a threa
- CVE-2021-28971Mar 22, 2021affected < 4.12.14-197.89.2fixed 4.12.14-197.89.2
In intel_pmu_drain_pebs_nhm in arch/x86/events/intel/ds.c in the Linux kernel through 5.11.8 on some Haswell CPUs, userspace applications (such as perf-fuzzer) can cause a system crash because the PEBS status in a PEBS record is mishandled, aka CID-d88d05a9e0b6.
- CVE-2021-28972Mar 22, 2021affected < 4.12.14-197.89.2fixed 4.12.14-197.89.2
In drivers/pci/hotplug/rpadlpar_sysfs.c in the Linux kernel through 5.11.8, the RPA PCI Hotplug driver has a user-tolerable buffer overflow when writing a new device name to the driver from userspace, allowing userspace to write data to the kernel stack frame directly. This occur
- CVE-2021-28964Mar 22, 2021affected < 4.12.14-197.89.2fixed 4.12.14-197.89.2
A race condition was discovered in get_old_root in fs/btrfs/ctree.c in the Linux kernel through 5.11.8. It allows attackers to cause a denial of service (BUG) because of a lack of locking on an extent buffer before a cloning operation, aka CID-dbcc7d57bffc.
- CVE-2020-27171Mar 20, 2021affected < 4.12.14-197.89.2fixed 4.12.14-197.89.2
An issue was discovered in the Linux kernel before 5.11.8. kernel/bpf/verifier.c has an off-by-one error (with a resultant integer underflow) affecting out-of-bounds speculation on pointer arithmetic, leading to side-channel attacks that defeat Spectre mitigations and obtain sens
Page 18 of 20