rpm package
suse/kernel-source-azure&distro=SUSE Linux Enterprise Module for Public Cloud 15 SP4
pkg:rpm/suse/kernel-source-azure&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Public%20Cloud%2015%20SP4
Vulnerabilities (315)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2022-2873 | Med | 5.5 | < 5.14.21-150400.14.13.1 | 5.14.21-150400.14.13.1 | Aug 22, 2022 | An out-of-bounds memory access flaw was found in the Linux kernel Intel’s iSMT SMBus host controller driver in the way a user triggers the I2C_SMBUS_BLOCK_DATA (with the ioctl I2C_SMBUS) with malicious input data. This flaw allows a local user to crash the system. | |
| CVE-2022-26373 | Med | 5.5 | < 5.14.21-150400.14.13.1 | 5.14.21-150400.14.13.1 | Aug 18, 2022 | Non-transparent sharing of return predictor targets between contexts in some Intel(R) Processors may allow an authorized user to potentially enable information disclosure via local access. | |
| CVE-2022-20369 | Med | 6.7 | < 5.14.21-150400.14.13.1 | 5.14.21-150400.14.13.1 | Aug 11, 2022 | In v4l2_m2m_querybuf of v4l2-mem2mem.c, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: An | |
| CVE-2022-20368 | Hig | 7.8 | < 5.14.21-150400.14.13.1 | 5.14.21-150400.14.13.1 | Aug 11, 2022 | Product: AndroidVersions: Android kernelAndroid ID: A-224546354References: Upstream kernel | |
| CVE-2022-1012 | Hig | 8.2 | < 5.14.21-150400.14.7.1 | 5.14.21-150400.14.7.1 | Aug 5, 2022 | A memory leak problem was found in the TCP source port generation algorithm in net/ipv4/tcp.c due to the small table perturb size. This flaw may allow an attacker to information leak and may cause a denial of service problem. | |
| CVE-2022-36946 | Hig | 7.5 | < 5.14.21-150400.14.13.1 | 5.14.21-150400.14.13.1 | Jul 27, 2022 | nfqnl_mangle in net/netfilter/nfnetlink_queue.c in the Linux kernel through 5.18.14 allows remote attackers to cause a denial of service (panic) because, in the case of an nf_queue verdict with a one-byte nfta_payload attribute, an skb_pull can encounter a negative skb->len. | |
| CVE-2022-36879 | Med | 5.5 | < 5.14.21-150400.14.13.1 | 5.14.21-150400.14.13.1 | Jul 27, 2022 | An issue was discovered in the Linux kernel through 5.18.14. xfrm_expand_policies in net/xfrm/xfrm_policy.c can cause a refcount to be dropped twice. | |
| CVE-2022-1671 | Hig | 7.1 | < 5.14.21-150400.14.7.1 | 5.14.21-150400.14.7.1 | Jul 26, 2022 | A NULL pointer dereference flaw was found in rxrpc_preparse_s in net/rxrpc/server_key.c in the Linux kernel. This flaw allows a local attacker to crash the system or leak internal kernel information. | |
| CVE-2022-1651 | Hig | 7.1 | < 5.14.21-150400.14.7.1 | 5.14.21-150400.14.7.1 | Jul 26, 2022 | A memory leak flaw was found in the Linux kernel in acrn_dev_ioctl in the drivers/virt/acrn/hsm.c function in how the ACRN Device Model emulates virtual NICs in VM. This flaw allows a local privileged attacker to leak unauthorized kernel information, causing a denial of service. | |
| CVE-2021-33655 | Med | 6.7 | < 5.14.21-150400.14.10.1 | 5.14.21-150400.14.10.1 | Jul 18, 2022 | When sending malicous data to kernel by ioctl cmd FBIOPUT_VSCREENINFO,kernel will write memory out of bounds. | |
| CVE-2022-29901 | Med | 5.6 | < 5.14.21-150400.14.7.1 | 5.14.21-150400.14.7.1 | Jul 12, 2022 | Intel microprocessor generations 6 to 8 are affected by a new Spectre variant that is able to bypass their retpoline mitigation in the kernel to leak arbitrary data. An attacker with unprivileged user access can hijack return instructions to achieve arbitrary speculative code exe | |
| CVE-2022-29900 | Med | 6.5 | < 5.14.21-150400.14.7.1 | 5.14.21-150400.14.7.1 | Jul 12, 2022 | Mis-trained branch predictions for return instructions may allow arbitrary speculative code execution under certain microarchitecture-dependent conditions. | |
| CVE-2022-2318 | Med | 5.5 | < 5.14.21-150400.14.7.1 | 5.14.21-150400.14.7.1 | Jul 6, 2022 | There are use-after-free vulnerabilities caused by timer handler in net/rose/rose_timer.c of linux that allow attackers to crash linux kernel without any privileges. | |
| CVE-2022-33743 | Hig | 7.8 | < 5.14.21-150400.14.7.1 | 5.14.21-150400.14.7.1 | Jul 5, 2022 | network backend may cause Linux netfront to use freed SKBs While adding logic to support XDP (eXpress Data Path), a code label was moved in a way allowing for SKBs having references (pointers) retained for further processing to nevertheless be freed. | |
| CVE-2022-33742 | Hig | 7.1 | < 5.14.21-150400.14.7.1 | 5.14.21-150400.14.7.1 | Jul 5, 2022 | Linux disk/nic frontends data leaks T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Linux Block and Network PV device frontends don't zero memory regions before sharing them with the backend (CVE-202 | |
| CVE-2022-33741 | Hig | 7.1 | < 5.14.21-150400.14.7.1 | 5.14.21-150400.14.7.1 | Jul 5, 2022 | Linux disk/nic frontends data leaks T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Linux Block and Network PV device frontends don't zero memory regions before sharing them with the backend (CVE-202 | |
| CVE-2022-33740 | Hig | 7.1 | < 5.14.21-150400.14.7.1 | 5.14.21-150400.14.7.1 | Jul 5, 2022 | Linux disk/nic frontends data leaks T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Linux Block and Network PV device frontends don't zero memory regions before sharing them with the backend (CVE-202 | |
| CVE-2022-26365 | Hig | 7.1 | < 5.14.21-150400.14.7.1 | 5.14.21-150400.14.7.1 | Jul 5, 2022 | Linux disk/nic frontends data leaks T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Linux Block and Network PV device frontends don't zero memory regions before sharing them with the backend (CVE-202 | |
| CVE-2022-34918 | Hig | 7.8 | < 5.14.21-150400.14.7.1 | 5.14.21-150400.14.7.1 | Jul 4, 2022 | An issue was discovered in the Linux kernel through 5.18.9. A type confusion bug in nft_set_elem_init (leading to a buffer overflow) could be used by a local attacker to escalate privileges, a different vulnerability than CVE-2022-32250. (The attacker can obtain root access, but | |
| CVE-2022-1852 | Med | 5.5 | < 5.14.21-150400.14.7.1 | 5.14.21-150400.14.7.1 | Jun 30, 2022 | A NULL pointer dereference flaw was found in the Linux kernel’s KVM module, which can lead to a denial of service in the x86_emulate_insn in arch/x86/kvm/emulate.c. This flaw occurs while executing an illegal instruction in guest in the Intel CPU. |
- affected < 5.14.21-150400.14.13.1fixed 5.14.21-150400.14.13.1
An out-of-bounds memory access flaw was found in the Linux kernel Intel’s iSMT SMBus host controller driver in the way a user triggers the I2C_SMBUS_BLOCK_DATA (with the ioctl I2C_SMBUS) with malicious input data. This flaw allows a local user to crash the system.
- affected < 5.14.21-150400.14.13.1fixed 5.14.21-150400.14.13.1
Non-transparent sharing of return predictor targets between contexts in some Intel(R) Processors may allow an authorized user to potentially enable information disclosure via local access.
- affected < 5.14.21-150400.14.13.1fixed 5.14.21-150400.14.13.1
In v4l2_m2m_querybuf of v4l2-mem2mem.c, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: An
- affected < 5.14.21-150400.14.13.1fixed 5.14.21-150400.14.13.1
Product: AndroidVersions: Android kernelAndroid ID: A-224546354References: Upstream kernel
- affected < 5.14.21-150400.14.7.1fixed 5.14.21-150400.14.7.1
A memory leak problem was found in the TCP source port generation algorithm in net/ipv4/tcp.c due to the small table perturb size. This flaw may allow an attacker to information leak and may cause a denial of service problem.
- affected < 5.14.21-150400.14.13.1fixed 5.14.21-150400.14.13.1
nfqnl_mangle in net/netfilter/nfnetlink_queue.c in the Linux kernel through 5.18.14 allows remote attackers to cause a denial of service (panic) because, in the case of an nf_queue verdict with a one-byte nfta_payload attribute, an skb_pull can encounter a negative skb->len.
- affected < 5.14.21-150400.14.13.1fixed 5.14.21-150400.14.13.1
An issue was discovered in the Linux kernel through 5.18.14. xfrm_expand_policies in net/xfrm/xfrm_policy.c can cause a refcount to be dropped twice.
- affected < 5.14.21-150400.14.7.1fixed 5.14.21-150400.14.7.1
A NULL pointer dereference flaw was found in rxrpc_preparse_s in net/rxrpc/server_key.c in the Linux kernel. This flaw allows a local attacker to crash the system or leak internal kernel information.
- affected < 5.14.21-150400.14.7.1fixed 5.14.21-150400.14.7.1
A memory leak flaw was found in the Linux kernel in acrn_dev_ioctl in the drivers/virt/acrn/hsm.c function in how the ACRN Device Model emulates virtual NICs in VM. This flaw allows a local privileged attacker to leak unauthorized kernel information, causing a denial of service.
- affected < 5.14.21-150400.14.10.1fixed 5.14.21-150400.14.10.1
When sending malicous data to kernel by ioctl cmd FBIOPUT_VSCREENINFO,kernel will write memory out of bounds.
- affected < 5.14.21-150400.14.7.1fixed 5.14.21-150400.14.7.1
Intel microprocessor generations 6 to 8 are affected by a new Spectre variant that is able to bypass their retpoline mitigation in the kernel to leak arbitrary data. An attacker with unprivileged user access can hijack return instructions to achieve arbitrary speculative code exe
- affected < 5.14.21-150400.14.7.1fixed 5.14.21-150400.14.7.1
Mis-trained branch predictions for return instructions may allow arbitrary speculative code execution under certain microarchitecture-dependent conditions.
- affected < 5.14.21-150400.14.7.1fixed 5.14.21-150400.14.7.1
There are use-after-free vulnerabilities caused by timer handler in net/rose/rose_timer.c of linux that allow attackers to crash linux kernel without any privileges.
- affected < 5.14.21-150400.14.7.1fixed 5.14.21-150400.14.7.1
network backend may cause Linux netfront to use freed SKBs While adding logic to support XDP (eXpress Data Path), a code label was moved in a way allowing for SKBs having references (pointers) retained for further processing to nevertheless be freed.
- affected < 5.14.21-150400.14.7.1fixed 5.14.21-150400.14.7.1
Linux disk/nic frontends data leaks T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Linux Block and Network PV device frontends don't zero memory regions before sharing them with the backend (CVE-202
- affected < 5.14.21-150400.14.7.1fixed 5.14.21-150400.14.7.1
Linux disk/nic frontends data leaks T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Linux Block and Network PV device frontends don't zero memory regions before sharing them with the backend (CVE-202
- affected < 5.14.21-150400.14.7.1fixed 5.14.21-150400.14.7.1
Linux disk/nic frontends data leaks T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Linux Block and Network PV device frontends don't zero memory regions before sharing them with the backend (CVE-202
- affected < 5.14.21-150400.14.7.1fixed 5.14.21-150400.14.7.1
Linux disk/nic frontends data leaks T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Linux Block and Network PV device frontends don't zero memory regions before sharing them with the backend (CVE-202
- affected < 5.14.21-150400.14.7.1fixed 5.14.21-150400.14.7.1
An issue was discovered in the Linux kernel through 5.18.9. A type confusion bug in nft_set_elem_init (leading to a buffer overflow) could be used by a local attacker to escalate privileges, a different vulnerability than CVE-2022-32250. (The attacker can obtain root access, but
- affected < 5.14.21-150400.14.7.1fixed 5.14.21-150400.14.7.1
A NULL pointer dereference flaw was found in the Linux kernel’s KVM module, which can lead to a denial of service in the x86_emulate_insn in arch/x86/kvm/emulate.c. This flaw occurs while executing an illegal instruction in guest in the Intel CPU.
Page 14 of 16