rpm package
suse/kernel-source-rt&distro=SUSE Linux Enterprise Micro 5.5
pkg:rpm/suse/kernel-source-rt&distro=SUSE%20Linux%20Enterprise%20Micro%205.5
Vulnerabilities (4,551)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2021-4148 | — | < 5.14.21-150500.13.58.1 | 5.14.21-150500.13.58.1 | Mar 23, 2022 | A vulnerability was found in the Linux kernel's block_invalidatepage in fs/buffer.c in the filesystem. A missing sanity check may allow a local attacker with user privilege to cause a denial of service (DOS) problem. | ||
| CVE-2022-0854 | — | < 5.14.21-150500.13.118.1 | 5.14.21-150500.13.118.1 | Mar 23, 2022 | A memory leak flaw was found in the Linux kernel’s DMA subsystem, in the way a user calls DMA_FROM_DEVICE. This flaw allows a local user to read random memory from the kernel space. | ||
| CVE-2021-39698 | — | < 5.14.21-150500.13.58.1 | 5.14.21-150500.13.58.1 | Mar 16, 2022 | In aio_poll_complete_work of aio.c, there is a possible memory corruption due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android ke | ||
| CVE-2021-43527 | — | < 5.14.21-150500.13.58.1 | 5.14.21-150500.13.58.1 | Dec 8, 2021 | NSS (Network Security Services) versions prior to 3.73 or 3.68.1 ESR are vulnerable to a heap overflow when handling DER-encoded DSA or RSA-PSS signatures. Applications using NSS for handling signatures encoded within CMS, S/MIME, PKCS \#7, or PKCS \#12 are likely to be impacted. | ||
| CVE-2021-43056 | — | < 5.14.21-150500.13.58.1 | 5.14.21-150500.13.58.1 | Oct 28, 2021 | An issue was discovered in the Linux kernel for powerpc before 5.14.15. It allows a malicious KVM guest to crash the host, when the host is running on Power8, due to an arch/powerpc/kvm/book3s_hv_rmhandlers.S implementation bug in the handling of the SRR1 register values. | ||
| CVE-2021-42327 | — | < 5.14.21-150500.13.58.1 | 5.14.21-150500.13.58.1 | Oct 21, 2021 | dp_link_settings_write in drivers/gpu/drm/amd/display/amdgpu_dm/amdgpu_dm_debugfs.c in the Linux kernel through 5.14.14 allows a heap-based buffer overflow by an attacker who can write a string to the AMD GPU display drivers debug filesystem. There are no checks on size within pa | ||
| CVE-2021-38160 | — | < 5.14.21-150500.13.82.1 | 5.14.21-150500.13.82.1 | Aug 7, 2021 | In drivers/char/virtio_console.c in the Linux kernel before 5.13.4, data corruption or loss can be triggered by an untrusted device that supplies a buf->len value exceeding the buffer size. NOTE: the vendor indicates that the cited data corruption is not a vulnerability in any ex | ||
| CVE-2021-34556 | — | < 5.14.21-150500.13.82.1 | 5.14.21-150500.13.82.1 | Aug 2, 2021 | In the Linux kernel through 5.13.7, an unprivileged BPF program can obtain sensitive information from kernel memory via a Speculative Store Bypass side-channel attack because the protection mechanism neglects the possibility of uninitialized memory locations on the BPF stack. | ||
| CVE-2021-35477 | — | < 5.14.21-150500.13.82.1 | 5.14.21-150500.13.82.1 | Aug 2, 2021 | In the Linux kernel through 5.13.7, an unprivileged BPF program can obtain sensitive information from kernel memory via a Speculative Store Bypass side-channel attack because a certain preempting store operation does not necessarily occur before a store operation that has an atta | ||
| CVE-2020-12770 | — | < 5.14.21-150500.13.82.1 | 5.14.21-150500.13.82.1 | May 9, 2020 | An issue was discovered in the Linux kernel through 5.6.11. sg_write lacks an sg_remove_request call in a certain failure case, aka CID-83c6f2390040. | ||
| CVE-2017-5753 | — | < 5.14.21-150500.13.91.1 | 5.14.21-150500.13.91.1 | Jan 4, 2018 | Systems with microprocessors utilizing speculative execution and branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis. |
- CVE-2021-4148Mar 23, 2022affected < 5.14.21-150500.13.58.1fixed 5.14.21-150500.13.58.1
A vulnerability was found in the Linux kernel's block_invalidatepage in fs/buffer.c in the filesystem. A missing sanity check may allow a local attacker with user privilege to cause a denial of service (DOS) problem.
- CVE-2022-0854Mar 23, 2022affected < 5.14.21-150500.13.118.1fixed 5.14.21-150500.13.118.1
A memory leak flaw was found in the Linux kernel’s DMA subsystem, in the way a user calls DMA_FROM_DEVICE. This flaw allows a local user to read random memory from the kernel space.
- CVE-2021-39698Mar 16, 2022affected < 5.14.21-150500.13.58.1fixed 5.14.21-150500.13.58.1
In aio_poll_complete_work of aio.c, there is a possible memory corruption due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android ke
- CVE-2021-43527Dec 8, 2021affected < 5.14.21-150500.13.58.1fixed 5.14.21-150500.13.58.1
NSS (Network Security Services) versions prior to 3.73 or 3.68.1 ESR are vulnerable to a heap overflow when handling DER-encoded DSA or RSA-PSS signatures. Applications using NSS for handling signatures encoded within CMS, S/MIME, PKCS \#7, or PKCS \#12 are likely to be impacted.
- CVE-2021-43056Oct 28, 2021affected < 5.14.21-150500.13.58.1fixed 5.14.21-150500.13.58.1
An issue was discovered in the Linux kernel for powerpc before 5.14.15. It allows a malicious KVM guest to crash the host, when the host is running on Power8, due to an arch/powerpc/kvm/book3s_hv_rmhandlers.S implementation bug in the handling of the SRR1 register values.
- CVE-2021-42327Oct 21, 2021affected < 5.14.21-150500.13.58.1fixed 5.14.21-150500.13.58.1
dp_link_settings_write in drivers/gpu/drm/amd/display/amdgpu_dm/amdgpu_dm_debugfs.c in the Linux kernel through 5.14.14 allows a heap-based buffer overflow by an attacker who can write a string to the AMD GPU display drivers debug filesystem. There are no checks on size within pa
- CVE-2021-38160Aug 7, 2021affected < 5.14.21-150500.13.82.1fixed 5.14.21-150500.13.82.1
In drivers/char/virtio_console.c in the Linux kernel before 5.13.4, data corruption or loss can be triggered by an untrusted device that supplies a buf->len value exceeding the buffer size. NOTE: the vendor indicates that the cited data corruption is not a vulnerability in any ex
- CVE-2021-34556Aug 2, 2021affected < 5.14.21-150500.13.82.1fixed 5.14.21-150500.13.82.1
In the Linux kernel through 5.13.7, an unprivileged BPF program can obtain sensitive information from kernel memory via a Speculative Store Bypass side-channel attack because the protection mechanism neglects the possibility of uninitialized memory locations on the BPF stack.
- CVE-2021-35477Aug 2, 2021affected < 5.14.21-150500.13.82.1fixed 5.14.21-150500.13.82.1
In the Linux kernel through 5.13.7, an unprivileged BPF program can obtain sensitive information from kernel memory via a Speculative Store Bypass side-channel attack because a certain preempting store operation does not necessarily occur before a store operation that has an atta
- CVE-2020-12770May 9, 2020affected < 5.14.21-150500.13.82.1fixed 5.14.21-150500.13.82.1
An issue was discovered in the Linux kernel through 5.6.11. sg_write lacks an sg_remove_request call in a certain failure case, aka CID-83c6f2390040.
- CVE-2017-5753Jan 4, 2018affected < 5.14.21-150500.13.91.1fixed 5.14.21-150500.13.91.1
Systems with microprocessors utilizing speculative execution and branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis.
Page 228 of 228