rpm package
suse/kernel-preempt&distro=SUSE Linux Enterprise Server 15 SP2-BCL
pkg:rpm/suse/kernel-preempt&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP2-BCL
Vulnerabilities (183)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2022-2153 | Med | 5.5 | < 5.3.18-150200.24.139.1 | 5.3.18-150200.24.139.1 | Aug 31, 2022 | A flaw was found in the Linux kernel’s KVM when attempting to set a SynIC IRQ. This issue makes it possible for a misbehaving VMM to write to SYNIC/STIMER MSRs, causing a NULL pointer dereference. This flaw allows an unprivileged local attacker on the host to issue specific ioctl | |
| CVE-2022-1975 | Med | 5.5 | < 5.3.18-150200.24.115.1 | 5.3.18-150200.24.115.1 | Aug 31, 2022 | There is a sleep-in-atomic bug in /net/nfc/netlink.c that allows an attacker to crash the Linux kernel by simulating a nfc device from user-space. | |
| CVE-2022-1974 | Med | 4.1 | < 5.3.18-150200.24.115.1 | 5.3.18-150200.24.115.1 | Aug 31, 2022 | A use-after-free flaw was found in the Linux kernel's NFC core functionality due to a race condition between kobject creation and delete. This vulnerability allows a local attacker with CAP_NET_ADMIN privilege to leak kernel information. | |
| CVE-2022-1184 | Med | 5.5 | < 5.3.18-150200.24.115.1 | 5.3.18-150200.24.115.1 | Aug 29, 2022 | A use-after-free flaw was found in fs/ext4/namei.c:dx_insert_block() in the Linux kernel’s filesystem sub-component. This flaw allows a local attacker with a user privilege to cause a denial of service. | |
| CVE-2022-1016 | Med | 5.5 | < 5.3.18-150200.24.112.1 | 5.3.18-150200.24.112.1 | Aug 29, 2022 | A flaw was found in the Linux kernel in net/netfilter/nf_tables_core.c:nft_do_chain, which can cause a use-after-free. This issue needs to handle 'return' with proper preconditions, as it can lead to a kernel information leak problem caused by a local, unprivileged attacker. | |
| CVE-2022-0850 | Hig | 7.1 | < 5.3.18-150200.24.112.1 | 5.3.18-150200.24.112.1 | Aug 29, 2022 | A vulnerability was found in linux kernel, where an information leak occurs via ext4_extent_header to userspace. | |
| CVE-2022-0168 | Med | 4.4 | < 5.3.18-150200.24.115.1 | 5.3.18-150200.24.115.1 | Aug 26, 2022 | A denial of service (DOS) issue was found in the Linux kernel’s smb2_ioctl_query_info function in the fs/cifs/smb2ops.c Common Internet File System (CIFS) due to an incorrect return from the memdup_user function. This flaw allows a local, privileged (CAP_SYS_ADMIN) attacker to cr | |
| CVE-2022-2978 | Hig | 7.8 | < 5.3.18-150200.24.139.1 | 5.3.18-150200.24.139.1 | Aug 24, 2022 | A flaw use after free in the Linux kernel NILFS file system was found in the way user triggers function security_inode_alloc to fail with following call to function nilfs_mdt_destroy. A local user could use this flaw to crash the system or potentially escalate their privileges on | |
| CVE-2021-4155 | Med | 5.5 | < 5.3.18-150200.24.129.1 | 5.3.18-150200.24.129.1 | Aug 24, 2022 | A data leak flaw was found in the way XFS_IOC_ALLOCSP IOCTL in the XFS filesystem allowed for size increase of files with unaligned size. A local attacker could use this flaw to leak data on the XFS filesystem otherwise not accessible to them. | |
| CVE-2021-4037 | Hig | 7.8 | < 5.3.18-150200.24.139.1 | 5.3.18-150200.24.139.1 | Aug 24, 2022 | A vulnerability was found in the fs/inode.c:inode_init_owner() function logic of the LInux kernel that allows local users to create files for the XFS file-system with an unintended group ownership and with group execution and SGID permission bits set, in a scenario where a direct | |
| CVE-2022-26373 | Med | 5.5 | < 5.3.18-150200.24.129.1 | 5.3.18-150200.24.129.1 | Aug 18, 2022 | Non-transparent sharing of return predictor targets between contexts in some Intel(R) Processors may allow an authorized user to potentially enable information disclosure via local access. | |
| CVE-2022-2503 | Med | 6.9 | < 5.3.18-150200.24.134.1 | 5.3.18-150200.24.134.1 | Aug 12, 2022 | Dm-verity is used for extending root-of-trust to root filesystems. LoadPin builds on this property to restrict module/firmware loads to just the trusted root filesystem. Device-mapper table reloads currently allow users with root privileges to switch out the target with an equiva | |
| CVE-2022-20369 | Med | 6.7 | < 5.3.18-150200.24.129.1 | 5.3.18-150200.24.129.1 | Aug 11, 2022 | In v4l2_m2m_querybuf of v4l2-mem2mem.c, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: An | |
| CVE-2022-20368 | Hig | 7.8 | < 5.3.18-150200.24.129.1 | 5.3.18-150200.24.129.1 | Aug 11, 2022 | Product: AndroidVersions: Android kernelAndroid ID: A-224546354References: Upstream kernel | |
| CVE-2022-1158 | Hig | 7.8 | < 5.3.18-150200.24.115.1 | 5.3.18-150200.24.115.1 | Aug 5, 2022 | A flaw was found in KVM. When updating a guest's page table entry, vm_pgoff was improperly used as the offset to get the page's pfn. As vaddr and vm_pgoff are controllable by user-mode processes, this flaw allows unprivileged local users on the host to write outside the userspace | |
| CVE-2022-1012 | Hig | 8.2 | < 5.3.18-150200.24.129.1 | 5.3.18-150200.24.129.1 | Aug 5, 2022 | A memory leak problem was found in the TCP source port generation algorithm in net/ipv4/tcp.c due to the small table perturb size. This flaw may allow an attacker to information leak and may cause a denial of service problem. | |
| CVE-2022-36946 | Hig | 7.5 | < 5.3.18-150200.24.126.1 | 5.3.18-150200.24.126.1 | Jul 27, 2022 | nfqnl_mangle in net/netfilter/nfnetlink_queue.c in the Linux kernel through 5.18.14 allows remote attackers to cause a denial of service (panic) because, in the case of an nf_queue verdict with a one-byte nfta_payload attribute, an skb_pull can encounter a negative skb->len. | |
| CVE-2022-36879 | Med | 5.5 | < 5.3.18-150200.24.129.1 | 5.3.18-150200.24.129.1 | Jul 27, 2022 | An issue was discovered in the Linux kernel through 5.18.14. xfrm_expand_policies in net/xfrm/xfrm_policy.c can cause a refcount to be dropped twice. | |
| CVE-2020-36558 | Med | 5.1 | < 5.3.18-150200.24.126.1 | 5.3.18-150200.24.126.1 | Jul 21, 2022 | A race condition in the Linux kernel before 5.5.7 involving VT_RESIZEX could lead to a NULL pointer dereference and general protection fault. | |
| CVE-2020-36557 | Med | 5.1 | < 5.3.18-150200.24.126.1 | 5.3.18-150200.24.126.1 | Jul 21, 2022 | A race condition in the Linux kernel before 5.6.2 between the VT_DISALLOCATE ioctl and closing/opening of ttys could lead to a use-after-free. |
- affected < 5.3.18-150200.24.139.1fixed 5.3.18-150200.24.139.1
A flaw was found in the Linux kernel’s KVM when attempting to set a SynIC IRQ. This issue makes it possible for a misbehaving VMM to write to SYNIC/STIMER MSRs, causing a NULL pointer dereference. This flaw allows an unprivileged local attacker on the host to issue specific ioctl
- affected < 5.3.18-150200.24.115.1fixed 5.3.18-150200.24.115.1
There is a sleep-in-atomic bug in /net/nfc/netlink.c that allows an attacker to crash the Linux kernel by simulating a nfc device from user-space.
- affected < 5.3.18-150200.24.115.1fixed 5.3.18-150200.24.115.1
A use-after-free flaw was found in the Linux kernel's NFC core functionality due to a race condition between kobject creation and delete. This vulnerability allows a local attacker with CAP_NET_ADMIN privilege to leak kernel information.
- affected < 5.3.18-150200.24.115.1fixed 5.3.18-150200.24.115.1
A use-after-free flaw was found in fs/ext4/namei.c:dx_insert_block() in the Linux kernel’s filesystem sub-component. This flaw allows a local attacker with a user privilege to cause a denial of service.
- affected < 5.3.18-150200.24.112.1fixed 5.3.18-150200.24.112.1
A flaw was found in the Linux kernel in net/netfilter/nf_tables_core.c:nft_do_chain, which can cause a use-after-free. This issue needs to handle 'return' with proper preconditions, as it can lead to a kernel information leak problem caused by a local, unprivileged attacker.
- affected < 5.3.18-150200.24.112.1fixed 5.3.18-150200.24.112.1
A vulnerability was found in linux kernel, where an information leak occurs via ext4_extent_header to userspace.
- affected < 5.3.18-150200.24.115.1fixed 5.3.18-150200.24.115.1
A denial of service (DOS) issue was found in the Linux kernel’s smb2_ioctl_query_info function in the fs/cifs/smb2ops.c Common Internet File System (CIFS) due to an incorrect return from the memdup_user function. This flaw allows a local, privileged (CAP_SYS_ADMIN) attacker to cr
- affected < 5.3.18-150200.24.139.1fixed 5.3.18-150200.24.139.1
A flaw use after free in the Linux kernel NILFS file system was found in the way user triggers function security_inode_alloc to fail with following call to function nilfs_mdt_destroy. A local user could use this flaw to crash the system or potentially escalate their privileges on
- affected < 5.3.18-150200.24.129.1fixed 5.3.18-150200.24.129.1
A data leak flaw was found in the way XFS_IOC_ALLOCSP IOCTL in the XFS filesystem allowed for size increase of files with unaligned size. A local attacker could use this flaw to leak data on the XFS filesystem otherwise not accessible to them.
- affected < 5.3.18-150200.24.139.1fixed 5.3.18-150200.24.139.1
A vulnerability was found in the fs/inode.c:inode_init_owner() function logic of the LInux kernel that allows local users to create files for the XFS file-system with an unintended group ownership and with group execution and SGID permission bits set, in a scenario where a direct
- affected < 5.3.18-150200.24.129.1fixed 5.3.18-150200.24.129.1
Non-transparent sharing of return predictor targets between contexts in some Intel(R) Processors may allow an authorized user to potentially enable information disclosure via local access.
- affected < 5.3.18-150200.24.134.1fixed 5.3.18-150200.24.134.1
Dm-verity is used for extending root-of-trust to root filesystems. LoadPin builds on this property to restrict module/firmware loads to just the trusted root filesystem. Device-mapper table reloads currently allow users with root privileges to switch out the target with an equiva
- affected < 5.3.18-150200.24.129.1fixed 5.3.18-150200.24.129.1
In v4l2_m2m_querybuf of v4l2-mem2mem.c, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: An
- affected < 5.3.18-150200.24.129.1fixed 5.3.18-150200.24.129.1
Product: AndroidVersions: Android kernelAndroid ID: A-224546354References: Upstream kernel
- affected < 5.3.18-150200.24.115.1fixed 5.3.18-150200.24.115.1
A flaw was found in KVM. When updating a guest's page table entry, vm_pgoff was improperly used as the offset to get the page's pfn. As vaddr and vm_pgoff are controllable by user-mode processes, this flaw allows unprivileged local users on the host to write outside the userspace
- affected < 5.3.18-150200.24.129.1fixed 5.3.18-150200.24.129.1
A memory leak problem was found in the TCP source port generation algorithm in net/ipv4/tcp.c due to the small table perturb size. This flaw may allow an attacker to information leak and may cause a denial of service problem.
- affected < 5.3.18-150200.24.126.1fixed 5.3.18-150200.24.126.1
nfqnl_mangle in net/netfilter/nfnetlink_queue.c in the Linux kernel through 5.18.14 allows remote attackers to cause a denial of service (panic) because, in the case of an nf_queue verdict with a one-byte nfta_payload attribute, an skb_pull can encounter a negative skb->len.
- affected < 5.3.18-150200.24.129.1fixed 5.3.18-150200.24.129.1
An issue was discovered in the Linux kernel through 5.18.14. xfrm_expand_policies in net/xfrm/xfrm_policy.c can cause a refcount to be dropped twice.
- affected < 5.3.18-150200.24.126.1fixed 5.3.18-150200.24.126.1
A race condition in the Linux kernel before 5.5.7 involving VT_RESIZEX could lead to a NULL pointer dereference and general protection fault.
- affected < 5.3.18-150200.24.126.1fixed 5.3.18-150200.24.126.1
A race condition in the Linux kernel before 5.6.2 between the VT_DISALLOCATE ioctl and closing/opening of ttys could lead to a use-after-free.
Page 4 of 10