rpm package
suse/kernel-rt&distro=SUSE Linux Enterprise Micro 5.4
pkg:rpm/suse/kernel-rt&distro=SUSE%20Linux%20Enterprise%20Micro%205.4
Vulnerabilities (2,965)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2022-0854 | — | < 5.14.21-150400.15.142.1 | 5.14.21-150400.15.142.1 | Mar 23, 2022 | A memory leak flaw was found in the Linux kernel’s DMA subsystem, in the way a user calls DMA_FROM_DEVICE. This flaw allows a local user to read random memory from the kernel space. | ||
| CVE-2021-43527 | — | < 5.14.21-150400.15.82.1 | 5.14.21-150400.15.82.1 | Dec 8, 2021 | NSS (Network Security Services) versions prior to 3.73 or 3.68.1 ESR are vulnerable to a heap overflow when handling DER-encoded DSA or RSA-PSS signatures. Applications using NSS for handling signatures encoded within CMS, S/MIME, PKCS \#7, or PKCS \#12 are likely to be impacted. | ||
| CVE-2021-42327 | — | < 5.14.21-150400.15.106.1 | 5.14.21-150400.15.106.1 | Oct 21, 2021 | dp_link_settings_write in drivers/gpu/drm/amd/display/amdgpu_dm/amdgpu_dm_debugfs.c in the Linux kernel through 5.14.14 allows a heap-based buffer overflow by an attacker who can write a string to the AMD GPU display drivers debug filesystem. There are no checks on size within pa | ||
| CVE-2020-26555 | — | < 5.14.21-150400.15.65.1 | 5.14.21-150400.15.65.1 | May 24, 2021 | Bluetooth legacy BR/EDR PIN code pairing in Bluetooth Core Specification 1.0B through 5.2 may permit an unauthenticated nearby device to spoof the BD_ADDR of the peer device to complete pairing without knowledge of the PIN. | ||
| CVE-2017-5753 | Med | 5.6 | < 5.14.21-150400.15.23.1 | 5.14.21-150400.15.23.1 | Jan 4, 2018 | Systems with microprocessors utilizing speculative execution and branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis. |
- CVE-2022-0854Mar 23, 2022affected < 5.14.21-150400.15.142.1fixed 5.14.21-150400.15.142.1
A memory leak flaw was found in the Linux kernel’s DMA subsystem, in the way a user calls DMA_FROM_DEVICE. This flaw allows a local user to read random memory from the kernel space.
- CVE-2021-43527Dec 8, 2021affected < 5.14.21-150400.15.82.1fixed 5.14.21-150400.15.82.1
NSS (Network Security Services) versions prior to 3.73 or 3.68.1 ESR are vulnerable to a heap overflow when handling DER-encoded DSA or RSA-PSS signatures. Applications using NSS for handling signatures encoded within CMS, S/MIME, PKCS \#7, or PKCS \#12 are likely to be impacted.
- CVE-2021-42327Oct 21, 2021affected < 5.14.21-150400.15.106.1fixed 5.14.21-150400.15.106.1
dp_link_settings_write in drivers/gpu/drm/amd/display/amdgpu_dm/amdgpu_dm_debugfs.c in the Linux kernel through 5.14.14 allows a heap-based buffer overflow by an attacker who can write a string to the AMD GPU display drivers debug filesystem. There are no checks on size within pa
- CVE-2020-26555May 24, 2021affected < 5.14.21-150400.15.65.1fixed 5.14.21-150400.15.65.1
Bluetooth legacy BR/EDR PIN code pairing in Bluetooth Core Specification 1.0B through 5.2 may permit an unauthenticated nearby device to spoof the BD_ADDR of the peer device to complete pairing without knowledge of the PIN.
- affected < 5.14.21-150400.15.23.1fixed 5.14.21-150400.15.23.1
Systems with microprocessors utilizing speculative execution and branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis.
Page 149 of 149