rpm package
suse/kernel-obs-build&distro=SUSE Linux Enterprise Server for SAP Applications 15 SP3
pkg:rpm/suse/kernel-obs-build&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP3
Vulnerabilities (1,468)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2020-26555 | Med | 5.4 | < 5.3.18-150300.59.147.2 | 5.3.18-150300.59.147.2 | May 24, 2021 | Bluetooth legacy BR/EDR PIN code pairing in Bluetooth Core Specification 1.0B through 5.2 may permit an unauthenticated nearby device to spoof the BD_ADDR of the peer device to complete pairing without knowledge of the PIN. | |
| CVE-2021-23134 | Hig | 7.8 | < 5.3.18-150300.59.158.1 | 5.3.18-150300.59.158.1 | May 12, 2021 | Use After Free vulnerability in nfc sockets in the Linux Kernel before 5.12.4 allows local attackers to elevate their privileges. In typical configurations, the issue can only be triggered by a privileged local user with the CAP_NET_RAW capability. | |
| CVE-2021-32399 | Hig | 7.0 | < 5.3.18-150300.59.207.1 | 5.3.18-150300.59.207.1 | May 10, 2021 | net/bluetooth/hci_request.c in the Linux kernel through 5.12.2 has a race condition for removal of the HCI controller. | |
| CVE-2021-29155 | Med | 5.5 | < 5.3.18-150300.59.158.1 | 5.3.18-150300.59.158.1 | Apr 20, 2021 | An issue was discovered in the Linux kernel through 5.11.x. kernel/bpf/verifier.c performs undesirable out-of-bounds speculation on pointer arithmetic, leading to side-channel attacks that defeat Spectre mitigations and obtain sensitive information from kernel memory. Specificall | |
| CVE-2021-29650 | Med | 5.5 | < 5.3.18-150300.59.124.1 | 5.3.18-150300.59.124.1 | Mar 30, 2021 | An issue was discovered in the Linux kernel before 5.11.11. The netfilter subsystem allows attackers to cause a denial of service (panic) because net/netfilter/x_tables.c and include/linux/netfilter/x_tables.h lack a full memory barrier upon the assignment of a new table value, a | |
| CVE-2020-27835 | Med | 4.4 | < 5.3.18-150300.59.201.1 | 5.3.18-150300.59.201.1 | Jan 7, 2021 | A use after free in the Linux kernel infiniband hfi1 driver in versions prior to 5.10-rc6 was found in the way user calls Ioctl after open dev file and fork. A local user could use this flaw to crash the system. | |
| CVE-2019-19083 | Med | 4.7 | < 5.3.18-150300.59.109.1 | 5.3.18-150300.59.109.1 | Nov 18, 2019 | Memory leaks in *clock_source_create() functions under drivers/gpu/drm/amd/display/dc in the Linux kernel before 5.3.8 allow attackers to cause a denial of service (memory consumption). This affects the dce112_clock_source_create() function in drivers/gpu/drm/amd/display/dc/dce11 | |
| CVE-2017-5753 | Med | 5.6 | < 5.3.18-150300.59.118.1 | 5.3.18-150300.59.118.1 | Jan 4, 2018 | Systems with microprocessors utilizing speculative execution and branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis. |
- affected < 5.3.18-150300.59.147.2fixed 5.3.18-150300.59.147.2
Bluetooth legacy BR/EDR PIN code pairing in Bluetooth Core Specification 1.0B through 5.2 may permit an unauthenticated nearby device to spoof the BD_ADDR of the peer device to complete pairing without knowledge of the PIN.
- affected < 5.3.18-150300.59.158.1fixed 5.3.18-150300.59.158.1
Use After Free vulnerability in nfc sockets in the Linux Kernel before 5.12.4 allows local attackers to elevate their privileges. In typical configurations, the issue can only be triggered by a privileged local user with the CAP_NET_RAW capability.
- affected < 5.3.18-150300.59.207.1fixed 5.3.18-150300.59.207.1
net/bluetooth/hci_request.c in the Linux kernel through 5.12.2 has a race condition for removal of the HCI controller.
- affected < 5.3.18-150300.59.158.1fixed 5.3.18-150300.59.158.1
An issue was discovered in the Linux kernel through 5.11.x. kernel/bpf/verifier.c performs undesirable out-of-bounds speculation on pointer arithmetic, leading to side-channel attacks that defeat Spectre mitigations and obtain sensitive information from kernel memory. Specificall
- affected < 5.3.18-150300.59.124.1fixed 5.3.18-150300.59.124.1
An issue was discovered in the Linux kernel before 5.11.11. The netfilter subsystem allows attackers to cause a denial of service (panic) because net/netfilter/x_tables.c and include/linux/netfilter/x_tables.h lack a full memory barrier upon the assignment of a new table value, a
- affected < 5.3.18-150300.59.201.1fixed 5.3.18-150300.59.201.1
A use after free in the Linux kernel infiniband hfi1 driver in versions prior to 5.10-rc6 was found in the way user calls Ioctl after open dev file and fork. A local user could use this flaw to crash the system.
- affected < 5.3.18-150300.59.109.1fixed 5.3.18-150300.59.109.1
Memory leaks in *clock_source_create() functions under drivers/gpu/drm/amd/display/dc in the Linux kernel before 5.3.8 allow attackers to cause a denial of service (memory consumption). This affects the dce112_clock_source_create() function in drivers/gpu/drm/amd/display/dc/dce11
- affected < 5.3.18-150300.59.118.1fixed 5.3.18-150300.59.118.1
Systems with microprocessors utilizing speculative execution and branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis.
Page 74 of 74