rpm package
suse/kernel-source-azure&distro=SUSE Linux Enterprise Module for Public Cloud 15 SP3
pkg:rpm/suse/kernel-source-azure&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Public%20Cloud%2015%20SP3
Vulnerabilities (319)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2021-20321 | — | < 5.3.18-150300.38.56.1 | 5.3.18-150300.38.56.1 | Feb 18, 2022 | A race condition accessing file object in the Linux kernel OverlayFS subsystem was found in the way users do rename in specific way with OverlayFS. A local user could use this flaw to crash the system. | ||
| CVE-2021-3752 | — | < 5.3.18-38.25.2 | 5.3.18-38.25.2 | Feb 16, 2022 | A use-after-free flaw was found in the Linux kernel’s Bluetooth subsystem in the way user calls connect to the socket and disconnect simultaneously due to a race condition. This flaw allows a user to crash the system or escalate their privileges. The highest threat from this vuln | ||
| CVE-2021-3760 | — | < 5.3.18-38.28.2 | 5.3.18-38.28.2 | Feb 16, 2022 | A flaw was found in the Linux kernel. A use-after-free vulnerability in the NFC stack can lead to a threat to confidentiality, integrity, and system availability. | ||
| CVE-2022-0617 | — | < 5.3.18-150300.38.50.1 | 5.3.18-150300.38.50.1 | Feb 16, 2022 | A flaw null pointer dereference in the Linux kernel UDF file system functionality was found in the way user triggers udf_file_write_iter function for the malicious UDF image. A local user could use this flaw to crash the system. Actual from Linux kernel 4.2-rc1 till 5.17-rc2. | ||
| CVE-2022-25258 | — | < 5.3.18-150300.38.50.1 | 5.3.18-150300.38.50.1 | Feb 16, 2022 | An issue was discovered in drivers/usb/gadget/composite.c in the Linux kernel before 5.16.10. The USB Gadget subsystem lacks certain validation of interface OS descriptor requests (ones with a large array index and ones associated with NULL function pointer retrieval). Memory cor | ||
| CVE-2021-3753 | — | < 5.3.18-38.22.1 | 5.3.18-38.22.1 | Feb 16, 2022 | A race problem was seen in the vt_k_ioctl in drivers/tty/vt/vt_ioctl.c in the Linux kernel, which may cause an out of bounds read in vt as the write access to vc_mode is not protected by lock-in vt_ioctl (KDSETMDE). The highest threat from this vulnerability is to data confidenti | ||
| CVE-2021-44879 | — | < 5.3.18-150300.38.50.1 | 5.3.18-150300.38.50.1 | Feb 13, 2022 | In gc_data_segment in fs/f2fs/gc.c in the Linux kernel before 5.16.3, special files are not considered, leading to a move_data_page NULL pointer dereference. | ||
| CVE-2022-0185 | — | KEV | < 5.3.18-150300.38.37.1 | 5.3.18-150300.38.37.1 | Feb 11, 2022 | A heap-based buffer overflow flaw was found in the way the legacy_parse_param function in the Filesystem Context functionality of the Linux kernel verified the supplied parameters length. An unprivileged (in case of unprivileged user namespaces enabled, otherwise needs namespaced | |
| CVE-2021-45402 | — | < 5.3.18-150300.38.53.1 | 5.3.18-150300.38.53.1 | Feb 11, 2022 | The check_alu_op() function in kernel/bpf/verifier.c in the Linux kernel through v5.16-rc5 did not properly update bounds while handling the mov32 instruction, which allows local users to obtain potentially sensitive address information, aka a "pointer leak." | ||
| CVE-2022-24958 | — | < 5.3.18-150300.38.50.1 | 5.3.18-150300.38.50.1 | Feb 11, 2022 | drivers/usb/gadget/legacy/inode.c in the Linux kernel through 5.16.8 mishandles dev->buf release. | ||
| CVE-2022-24959 | — | < 5.3.18-150300.38.50.1 | 5.3.18-150300.38.50.1 | Feb 11, 2022 | An issue was discovered in the Linux kernel before 5.16.5. There is a memory leak in yam_siocdevprivate in drivers/net/hamradio/yam.c. | ||
| CVE-2021-33061 | — | < 5.3.18-150300.38.59.1 | 5.3.18-150300.38.59.1 | Feb 9, 2022 | Insufficient control flow management for the Intel(R) 82599 Ethernet Controllers and Adapters may allow an authenticated user to potentially enable denial of service via local access. | ||
| CVE-2022-0487 | — | < 5.3.18-150300.38.50.1 | 5.3.18-150300.38.50.1 | Feb 4, 2022 | A use-after-free vulnerability was found in rtsx_usb_ms_drv_remove in drivers/memstick/host/rtsx_usb_ms.c in memstick in the Linux kernel. In this flaw, a local attacker with a user privilege may impact system Confidentiality. This flaw affects kernel versions prior to 5.14 rc1. | ||
| CVE-2021-4154 | — | < 5.3.18-150300.38.56.1 | 5.3.18-150300.38.56.1 | Feb 4, 2022 | A use-after-free flaw was found in cgroup1_parse_param in kernel/cgroup/cgroup-v1.c in the Linux kernel's cgroup v1 parser. A local attacker with a user privilege could cause a privilege escalation by exploiting the fsconfig syscall parameter leading to a container breakout and a | ||
| CVE-2022-24448 | — | < 5.3.18-150300.38.59.1 | 5.3.18-150300.38.59.1 | Feb 4, 2022 | An issue was discovered in fs/nfs/dir.c in the Linux kernel before 5.16.5. If an application sets the O_DIRECTORY flag, and tries to open a regular file, nfs_atomic_open() performs a regular lookup. If a regular file is found, ENOTDIR should occur, but the server instead returns | ||
| CVE-2022-0286 | — | < 5.3.18-150300.38.40.4 | 5.3.18-150300.38.40.4 | Jan 31, 2022 | A flaw was found in the Linux kernel. A null pointer dereference in bond_ipsec_add_sa() may lead to local denial of service. | ||
| CVE-2021-22600 | — | KEV | < 5.3.18-150300.38.40.4 | 5.3.18-150300.38.40.4 | Jan 26, 2022 | A double free bug in packet_set_ring() in net/packet/af_packet.c can be exploited by a local user through crafted syscalls to escalate privileges or deny service. We recommend upgrading kernel past the effected versions or rebuilding past ec6af094ea28f0f2dda1a6a33b14cd57e36a9755 | |
| CVE-2021-34866 | — | < 5.3.18-38.28.2 | 5.3.18-38.28.2 | Jan 25, 2022 | This vulnerability allows local attackers to escalate privileges on affected installations of Linux Kernel 5.14-rc3. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists with | ||
| CVE-2021-4001 | — | < 5.3.18-38.34.1 | 5.3.18-38.34.1 | Jan 21, 2022 | A race condition was found in the Linux kernel's ebpf verifier between bpf_map_update_elem and bpf_map_freeze due to a missing lock in kernel/bpf/syscall.c. In this flaw, a local user with a special privilege (cap_sys_admin or cap_bpf) can modify the frozen mapped address space. | ||
| CVE-2021-4083 | — | < 5.3.18-150300.38.37.1 | 5.3.18-150300.38.37.1 | Jan 18, 2022 | A read-after-free memory flaw was found in the Linux kernel's garbage collection for Unix domain socket file handlers in the way users call close() and fget() simultaneously and can potentially trigger a race condition. This flaw allows a local user to crash the system or escalat |
- CVE-2021-20321Feb 18, 2022affected < 5.3.18-150300.38.56.1fixed 5.3.18-150300.38.56.1
A race condition accessing file object in the Linux kernel OverlayFS subsystem was found in the way users do rename in specific way with OverlayFS. A local user could use this flaw to crash the system.
- CVE-2021-3752Feb 16, 2022affected < 5.3.18-38.25.2fixed 5.3.18-38.25.2
A use-after-free flaw was found in the Linux kernel’s Bluetooth subsystem in the way user calls connect to the socket and disconnect simultaneously due to a race condition. This flaw allows a user to crash the system or escalate their privileges. The highest threat from this vuln
- CVE-2021-3760Feb 16, 2022affected < 5.3.18-38.28.2fixed 5.3.18-38.28.2
A flaw was found in the Linux kernel. A use-after-free vulnerability in the NFC stack can lead to a threat to confidentiality, integrity, and system availability.
- CVE-2022-0617Feb 16, 2022affected < 5.3.18-150300.38.50.1fixed 5.3.18-150300.38.50.1
A flaw null pointer dereference in the Linux kernel UDF file system functionality was found in the way user triggers udf_file_write_iter function for the malicious UDF image. A local user could use this flaw to crash the system. Actual from Linux kernel 4.2-rc1 till 5.17-rc2.
- CVE-2022-25258Feb 16, 2022affected < 5.3.18-150300.38.50.1fixed 5.3.18-150300.38.50.1
An issue was discovered in drivers/usb/gadget/composite.c in the Linux kernel before 5.16.10. The USB Gadget subsystem lacks certain validation of interface OS descriptor requests (ones with a large array index and ones associated with NULL function pointer retrieval). Memory cor
- CVE-2021-3753Feb 16, 2022affected < 5.3.18-38.22.1fixed 5.3.18-38.22.1
A race problem was seen in the vt_k_ioctl in drivers/tty/vt/vt_ioctl.c in the Linux kernel, which may cause an out of bounds read in vt as the write access to vc_mode is not protected by lock-in vt_ioctl (KDSETMDE). The highest threat from this vulnerability is to data confidenti
- CVE-2021-44879Feb 13, 2022affected < 5.3.18-150300.38.50.1fixed 5.3.18-150300.38.50.1
In gc_data_segment in fs/f2fs/gc.c in the Linux kernel before 5.16.3, special files are not considered, leading to a move_data_page NULL pointer dereference.
- affected < 5.3.18-150300.38.37.1fixed 5.3.18-150300.38.37.1
A heap-based buffer overflow flaw was found in the way the legacy_parse_param function in the Filesystem Context functionality of the Linux kernel verified the supplied parameters length. An unprivileged (in case of unprivileged user namespaces enabled, otherwise needs namespaced
- CVE-2021-45402Feb 11, 2022affected < 5.3.18-150300.38.53.1fixed 5.3.18-150300.38.53.1
The check_alu_op() function in kernel/bpf/verifier.c in the Linux kernel through v5.16-rc5 did not properly update bounds while handling the mov32 instruction, which allows local users to obtain potentially sensitive address information, aka a "pointer leak."
- CVE-2022-24958Feb 11, 2022affected < 5.3.18-150300.38.50.1fixed 5.3.18-150300.38.50.1
drivers/usb/gadget/legacy/inode.c in the Linux kernel through 5.16.8 mishandles dev->buf release.
- CVE-2022-24959Feb 11, 2022affected < 5.3.18-150300.38.50.1fixed 5.3.18-150300.38.50.1
An issue was discovered in the Linux kernel before 5.16.5. There is a memory leak in yam_siocdevprivate in drivers/net/hamradio/yam.c.
- CVE-2021-33061Feb 9, 2022affected < 5.3.18-150300.38.59.1fixed 5.3.18-150300.38.59.1
Insufficient control flow management for the Intel(R) 82599 Ethernet Controllers and Adapters may allow an authenticated user to potentially enable denial of service via local access.
- CVE-2022-0487Feb 4, 2022affected < 5.3.18-150300.38.50.1fixed 5.3.18-150300.38.50.1
A use-after-free vulnerability was found in rtsx_usb_ms_drv_remove in drivers/memstick/host/rtsx_usb_ms.c in memstick in the Linux kernel. In this flaw, a local attacker with a user privilege may impact system Confidentiality. This flaw affects kernel versions prior to 5.14 rc1.
- CVE-2021-4154Feb 4, 2022affected < 5.3.18-150300.38.56.1fixed 5.3.18-150300.38.56.1
A use-after-free flaw was found in cgroup1_parse_param in kernel/cgroup/cgroup-v1.c in the Linux kernel's cgroup v1 parser. A local attacker with a user privilege could cause a privilege escalation by exploiting the fsconfig syscall parameter leading to a container breakout and a
- CVE-2022-24448Feb 4, 2022affected < 5.3.18-150300.38.59.1fixed 5.3.18-150300.38.59.1
An issue was discovered in fs/nfs/dir.c in the Linux kernel before 5.16.5. If an application sets the O_DIRECTORY flag, and tries to open a regular file, nfs_atomic_open() performs a regular lookup. If a regular file is found, ENOTDIR should occur, but the server instead returns
- CVE-2022-0286Jan 31, 2022affected < 5.3.18-150300.38.40.4fixed 5.3.18-150300.38.40.4
A flaw was found in the Linux kernel. A null pointer dereference in bond_ipsec_add_sa() may lead to local denial of service.
- affected < 5.3.18-150300.38.40.4fixed 5.3.18-150300.38.40.4
A double free bug in packet_set_ring() in net/packet/af_packet.c can be exploited by a local user through crafted syscalls to escalate privileges or deny service. We recommend upgrading kernel past the effected versions or rebuilding past ec6af094ea28f0f2dda1a6a33b14cd57e36a9755
- CVE-2021-34866Jan 25, 2022affected < 5.3.18-38.28.2fixed 5.3.18-38.28.2
This vulnerability allows local attackers to escalate privileges on affected installations of Linux Kernel 5.14-rc3. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists with
- CVE-2021-4001Jan 21, 2022affected < 5.3.18-38.34.1fixed 5.3.18-38.34.1
A race condition was found in the Linux kernel's ebpf verifier between bpf_map_update_elem and bpf_map_freeze due to a missing lock in kernel/bpf/syscall.c. In this flaw, a local user with a special privilege (cap_sys_admin or cap_bpf) can modify the frozen mapped address space.
- CVE-2021-4083Jan 18, 2022affected < 5.3.18-150300.38.37.1fixed 5.3.18-150300.38.37.1
A read-after-free memory flaw was found in the Linux kernel's garbage collection for Unix domain socket file handlers in the way users call close() and fget() simultaneously and can potentially trigger a race condition. This flaw allows a local user to crash the system or escalat
Page 10 of 16