rpm package
suse/kernel-source&distro=HPE Helion OpenStack 8
pkg:rpm/suse/kernel-source&distro=HPE%20Helion%20OpenStack%208
Vulnerabilities (347)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2021-3655 | — | < 4.4.180-94.150.1 | 4.4.180-94.150.1 | Aug 5, 2021 | A vulnerability was found in the Linux kernel in versions prior to v5.14-rc1. Missing size validations on inbound SCTP packets may allow the kernel to read uninitialized memory. | ||
| CVE-2021-3679 | — | < 4.4.180-94.150.1 | 4.4.180-94.150.1 | Aug 5, 2021 | A lack of CPU resource in the Linux kernel tracing module functionality in versions prior to 5.14-rc3 was found in the way user uses trace ring buffer in a specific way. Only privileged local users (with CAP_SYS_ADMIN capability) could use this flaw to starve the resources causin | ||
| CVE-2021-34556 | — | < 4.4.180-94.150.1 | 4.4.180-94.150.1 | Aug 2, 2021 | In the Linux kernel through 5.13.7, an unprivileged BPF program can obtain sensitive information from kernel memory via a Speculative Store Bypass side-channel attack because the protection mechanism neglects the possibility of uninitialized memory locations on the BPF stack. | ||
| CVE-2021-35477 | — | < 4.4.180-94.150.1 | 4.4.180-94.150.1 | Aug 2, 2021 | In the Linux kernel through 5.13.7, an unprivileged BPF program can obtain sensitive information from kernel memory via a Speculative Store Bypass side-channel attack because a certain preempting store operation does not necessarily occur before a store operation that has an atta | ||
| CVE-2021-37576 | — | < 4.4.180-94.150.1 | 4.4.180-94.150.1 | Jul 26, 2021 | arch/powerpc/kvm/book3s_rtas.c in the Linux kernel through 5.13.5 on the powerpc platform allows KVM guest OS users to cause host OS memory corruption via rtas_args.nargs, aka CID-f62f3c20647e. | ||
| CVE-2021-37159 | — | < 4.4.180-94.150.1 | 4.4.180-94.150.1 | Jul 21, 2021 | hso_free_net_device in drivers/net/usb/hso.c in the Linux kernel through 5.13.4 calls unregister_netdev without checking for the NETREG_REGISTERED state, leading to a use-after-free and a double free. | ||
| CVE-2021-33909 | — | < 4.4.180-94.147.1 | 4.4.180-94.147.1 | Jul 20, 2021 | fs/seq_file.c in the Linux kernel 3.16 through 5.13.x before 5.13.4 does not properly restrict seq buffer allocations, leading to an integer overflow, an Out-of-bounds Write, and escalation to root by an unprivileged user, aka CID-8cae8cd89f05. | ||
| CVE-2021-22555 | — | KEV | < 4.4.180-94.147.1 | 4.4.180-94.147.1 | Jul 7, 2021 | A heap out-of-bounds write affecting Linux since v2.6.19-rc1 was discovered in net/netfilter/x_tables.c. This allows an attacker to gain privileges or cause a DoS (via heap memory corruption) through user name space | |
| CVE-2021-0605 | — | < 4.4.180-94.147.1 | 4.4.180-94.147.1 | Jun 22, 2021 | In pfkey_dump of af_key.c, there is a possible out-of-bounds read due to a missing bounds check. This could lead to local information disclosure in the kernel with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Androi | ||
| CVE-2021-0512 | — | < 4.4.180-94.147.1 | 4.4.180-94.147.1 | Jun 21, 2021 | In __hidinput_change_resolution_multipliers of hid-input.c, there is a possible out of bounds write due to a heap buffer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Prod | ||
| CVE-2021-34693 | — | < 4.4.180-94.147.1 | 4.4.180-94.147.1 | Jun 14, 2021 | net/can/bcm.c in the Linux kernel through 5.12.10 allows local users to obtain sensitive information from kernel stack memory because parts of a data structure are uninitialized. | ||
| CVE-2021-0129 | — | < 4.4.180-94.147.1 | 4.4.180-94.147.1 | Jun 9, 2021 | Improper access control in BlueZ may allow an authenticated user to potentially enable information disclosure via adjacent access. | ||
| CVE-2021-3564 | — | < 4.4.180-94.153.1 | 4.4.180-94.153.1 | Jun 8, 2021 | A flaw double-free memory corruption in the Linux kernel HCI device initialization subsystem was found in the way user attach malicious HCI TTY Bluetooth device. A local user could use this flaw to crash the system. This flaw affects all the Linux kernel versions starting from 3. | ||
| CVE-2020-36386 | — | < 4.4.180-94.147.1 | 4.4.180-94.147.1 | Jun 7, 2021 | An issue was discovered in the Linux kernel before 5.8.1. net/bluetooth/hci_event.c has a slab out-of-bounds read in hci_extended_inquiry_result_evt, aka CID-51c19bf3d5cf. | ||
| CVE-2020-36385 | — | < 4.4.180-94.147.1 | 4.4.180-94.147.1 | Jun 7, 2021 | An issue was discovered in the Linux kernel before 5.10. drivers/infiniband/core/ucma.c has a use-after-free because the ctx is reached via the ctx_list in some ucma_migrate_id situations where ucma_close is called, aka CID-f5449e74802c. | ||
| CVE-2021-20292 | — | < 4.4.180-94.164.2 | 4.4.180-94.164.2 | May 28, 2021 | There is a flaw reported in the Linux kernel in versions before 5.9 in drivers/gpu/drm/nouveau/nouveau_sgdma.c in nouveau_sgdma_create_ttm in Nouveau DRM subsystem. The issue results from the lack of validating the existence of an object prior to performing operations on the obje | ||
| CVE-2020-25669 | — | < 4.4.180-94.138.1 | 4.4.180-94.138.1 | May 26, 2021 | A vulnerability was found in the Linux Kernel where the function sunkbd_reinit having been scheduled by sunkbd_interrupt before sunkbd being freed. Though the dangling pointer is set to NULL in sunkbd_disconnect, there is still an alias in sunkbd_reinit causing Use After Free. | ||
| CVE-2020-25668 | — | < 4.4.180-94.135.1 | 4.4.180-94.135.1 | May 26, 2021 | A flaw was found in Linux Kernel because access to the global variable fg_console is not properly synchronized leading to a use after free in con_font_op. | ||
| CVE-2020-25673 | — | < 4.4.180-94.144.1 | 4.4.180-94.144.1 | May 26, 2021 | A vulnerability was found in Linux kernel where non-blocking socket in llcp_sock_connect() leads to leak and eventually hanging-up the system. | ||
| CVE-2020-25671 | — | < 4.4.180-94.144.1 | 4.4.180-94.144.1 | May 26, 2021 | A vulnerability was found in Linux Kernel, where a refcount leak in llcp_sock_connect() causing use-after-free which might lead to privilege escalations. |
- CVE-2021-3655Aug 5, 2021affected < 4.4.180-94.150.1fixed 4.4.180-94.150.1
A vulnerability was found in the Linux kernel in versions prior to v5.14-rc1. Missing size validations on inbound SCTP packets may allow the kernel to read uninitialized memory.
- CVE-2021-3679Aug 5, 2021affected < 4.4.180-94.150.1fixed 4.4.180-94.150.1
A lack of CPU resource in the Linux kernel tracing module functionality in versions prior to 5.14-rc3 was found in the way user uses trace ring buffer in a specific way. Only privileged local users (with CAP_SYS_ADMIN capability) could use this flaw to starve the resources causin
- CVE-2021-34556Aug 2, 2021affected < 4.4.180-94.150.1fixed 4.4.180-94.150.1
In the Linux kernel through 5.13.7, an unprivileged BPF program can obtain sensitive information from kernel memory via a Speculative Store Bypass side-channel attack because the protection mechanism neglects the possibility of uninitialized memory locations on the BPF stack.
- CVE-2021-35477Aug 2, 2021affected < 4.4.180-94.150.1fixed 4.4.180-94.150.1
In the Linux kernel through 5.13.7, an unprivileged BPF program can obtain sensitive information from kernel memory via a Speculative Store Bypass side-channel attack because a certain preempting store operation does not necessarily occur before a store operation that has an atta
- CVE-2021-37576Jul 26, 2021affected < 4.4.180-94.150.1fixed 4.4.180-94.150.1
arch/powerpc/kvm/book3s_rtas.c in the Linux kernel through 5.13.5 on the powerpc platform allows KVM guest OS users to cause host OS memory corruption via rtas_args.nargs, aka CID-f62f3c20647e.
- CVE-2021-37159Jul 21, 2021affected < 4.4.180-94.150.1fixed 4.4.180-94.150.1
hso_free_net_device in drivers/net/usb/hso.c in the Linux kernel through 5.13.4 calls unregister_netdev without checking for the NETREG_REGISTERED state, leading to a use-after-free and a double free.
- CVE-2021-33909Jul 20, 2021affected < 4.4.180-94.147.1fixed 4.4.180-94.147.1
fs/seq_file.c in the Linux kernel 3.16 through 5.13.x before 5.13.4 does not properly restrict seq buffer allocations, leading to an integer overflow, an Out-of-bounds Write, and escalation to root by an unprivileged user, aka CID-8cae8cd89f05.
- affected < 4.4.180-94.147.1fixed 4.4.180-94.147.1
A heap out-of-bounds write affecting Linux since v2.6.19-rc1 was discovered in net/netfilter/x_tables.c. This allows an attacker to gain privileges or cause a DoS (via heap memory corruption) through user name space
- CVE-2021-0605Jun 22, 2021affected < 4.4.180-94.147.1fixed 4.4.180-94.147.1
In pfkey_dump of af_key.c, there is a possible out-of-bounds read due to a missing bounds check. This could lead to local information disclosure in the kernel with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Androi
- CVE-2021-0512Jun 21, 2021affected < 4.4.180-94.147.1fixed 4.4.180-94.147.1
In __hidinput_change_resolution_multipliers of hid-input.c, there is a possible out of bounds write due to a heap buffer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Prod
- CVE-2021-34693Jun 14, 2021affected < 4.4.180-94.147.1fixed 4.4.180-94.147.1
net/can/bcm.c in the Linux kernel through 5.12.10 allows local users to obtain sensitive information from kernel stack memory because parts of a data structure are uninitialized.
- CVE-2021-0129Jun 9, 2021affected < 4.4.180-94.147.1fixed 4.4.180-94.147.1
Improper access control in BlueZ may allow an authenticated user to potentially enable information disclosure via adjacent access.
- CVE-2021-3564Jun 8, 2021affected < 4.4.180-94.153.1fixed 4.4.180-94.153.1
A flaw double-free memory corruption in the Linux kernel HCI device initialization subsystem was found in the way user attach malicious HCI TTY Bluetooth device. A local user could use this flaw to crash the system. This flaw affects all the Linux kernel versions starting from 3.
- CVE-2020-36386Jun 7, 2021affected < 4.4.180-94.147.1fixed 4.4.180-94.147.1
An issue was discovered in the Linux kernel before 5.8.1. net/bluetooth/hci_event.c has a slab out-of-bounds read in hci_extended_inquiry_result_evt, aka CID-51c19bf3d5cf.
- CVE-2020-36385Jun 7, 2021affected < 4.4.180-94.147.1fixed 4.4.180-94.147.1
An issue was discovered in the Linux kernel before 5.10. drivers/infiniband/core/ucma.c has a use-after-free because the ctx is reached via the ctx_list in some ucma_migrate_id situations where ucma_close is called, aka CID-f5449e74802c.
- CVE-2021-20292May 28, 2021affected < 4.4.180-94.164.2fixed 4.4.180-94.164.2
There is a flaw reported in the Linux kernel in versions before 5.9 in drivers/gpu/drm/nouveau/nouveau_sgdma.c in nouveau_sgdma_create_ttm in Nouveau DRM subsystem. The issue results from the lack of validating the existence of an object prior to performing operations on the obje
- CVE-2020-25669May 26, 2021affected < 4.4.180-94.138.1fixed 4.4.180-94.138.1
A vulnerability was found in the Linux Kernel where the function sunkbd_reinit having been scheduled by sunkbd_interrupt before sunkbd being freed. Though the dangling pointer is set to NULL in sunkbd_disconnect, there is still an alias in sunkbd_reinit causing Use After Free.
- CVE-2020-25668May 26, 2021affected < 4.4.180-94.135.1fixed 4.4.180-94.135.1
A flaw was found in Linux Kernel because access to the global variable fg_console is not properly synchronized leading to a use after free in con_font_op.
- CVE-2020-25673May 26, 2021affected < 4.4.180-94.144.1fixed 4.4.180-94.144.1
A vulnerability was found in Linux kernel where non-blocking socket in llcp_sock_connect() leads to leak and eventually hanging-up the system.
- CVE-2020-25671May 26, 2021affected < 4.4.180-94.144.1fixed 4.4.180-94.144.1
A vulnerability was found in Linux Kernel, where a refcount leak in llcp_sock_connect() causing use-after-free which might lead to privilege escalations.
Page 5 of 18