rpm package

suse/kernel-syms&distro=SUSE Linux Enterprise Server 11 SP4-LTSS

pkg:rpm/suse/kernel-syms&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP4-LTSS

Vulnerabilities (177)

CVE	Sev	CVSS	Affected versions	Fixed in	Published	Description
CVE-2021-0512		—	< 3.0.101-108.129.1	3.0.101-108.129.1	Jun 21, 2021	In __hidinput_change_resolution_multipliers of hid-input.c, there is a possible out of bounds write due to a heap buffer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Prod
CVE-2021-34693		—	< 3.0.101-108.129.1	3.0.101-108.129.1	Jun 14, 2021	net/can/bcm.c in the Linux kernel through 5.12.10 allows local users to obtain sensitive information from kernel stack memory because parts of a data structure are uninitialized.
CVE-2020-36386		—	< 3.0.101-108.129.1	3.0.101-108.129.1	Jun 7, 2021	An issue was discovered in the Linux kernel before 5.8.1. net/bluetooth/hci_event.c has a slab out-of-bounds read in hci_extended_inquiry_result_evt, aka CID-51c19bf3d5cf.
CVE-2020-36385		—	< 3.0.101-108.132.1	3.0.101-108.132.1	Jun 7, 2021	An issue was discovered in the Linux kernel before 5.10. drivers/infiniband/core/ucma.c has a use-after-free because the ctx is reached via the ctx_list in some ucma_migrate_id situations where ucma_close is called, aka CID-f5449e74802c.
CVE-2020-25669		—	< 3.0.101-108.120.1	3.0.101-108.120.1	May 26, 2021	A vulnerability was found in the Linux Kernel where the function sunkbd_reinit having been scheduled by sunkbd_interrupt before sunkbd being freed. Though the dangling pointer is set to NULL in sunkbd_disconnect, there is still an alias in sunkbd_reinit causing Use After Free.
CVE-2020-25668		—	< 3.0.101-108.120.1	3.0.101-108.120.1	May 26, 2021	A flaw was found in Linux Kernel because access to the global variable fg_console is not properly synchronized leading to a use after free in con_font_op.
CVE-2021-3483		—	< 3.0.101-108.126.1	3.0.101-108.126.1	May 17, 2021	A flaw was found in the Nosy driver in the Linux kernel. This issue allows a device to be inserted twice into a doubly-linked list, leading to a use-after-free when one of these devices is removed. The highest threat from this vulnerability is to confidentiality, integrity, as we
CVE-2021-33033		—	< 3.0.101-108.132.1	3.0.101-108.132.1	May 14, 2021	The Linux kernel before 5.11.14 has a use-after-free in cipso_v4_genopt in net/ipv4/cipso_ipv4.c because the CIPSO and CALIPSO refcounting for the DOI definitions is mishandled, aka CID-ad5d07f4a9cd. This leads to writing an arbitrary value.
CVE-2020-26139	Med	5.3	< 3.0.101-108.129.1	3.0.101-108.129.1	May 11, 2021	An issue was discovered in the kernel in NetBSD 7.1. An Access Point (AP) forwards EAPOL frames to other clients even though the sender has not yet successfully authenticated to the AP. This might be abused in projected Wi-Fi networks to launch denial-of-service attacks against c
CVE-2020-24588	Low	3.5	< 3.0.101-108.129.1	3.0.101-108.129.1	May 11, 2021	The 802.11 standard that underpins Wi-Fi Protected Access (WPA, WPA2, and WPA3) and Wired Equivalent Privacy (WEP) doesn't require that the A-MSDU flag in the plaintext QoS header field is authenticated. Against devices that support receiving non-SSP A-MSDU frames (which is manda
CVE-2020-24587		—	< 3.0.101-108.129.1	3.0.101-108.129.1	May 11, 2021	The 802.11 standard that underpins Wi-Fi Protected Access (WPA, WPA2, and WPA3) and Wired Equivalent Privacy (WEP) doesn't require that all fragments of a frame are encrypted under the same key. An adversary can abuse this to decrypt selected fragments when another device sends f
CVE-2020-24586		—	< 3.0.101-108.129.1	3.0.101-108.129.1	May 11, 2021	The 802.11 standard that underpins Wi-Fi Protected Access (WPA, WPA2, and WPA3) and Wired Equivalent Privacy (WEP) doesn't require that received fragments be cleared from memory after (re)connecting to a network. Under the right circumstances, when another device sends fragmented
CVE-2021-32399		—	< 3.0.101-108.129.1	3.0.101-108.129.1	May 10, 2021	net/bluetooth/hci_request.c in the Linux kernel through 5.12.2 has a race condition for removal of the HCI controller.
CVE-2020-35519		—	< 3.0.101-108.126.1	3.0.101-108.126.1	May 6, 2021	An out-of-bounds (OOB) memory access flaw was found in x25_bind in net/x25/af_x25.c in the Linux kernel version v5.12-rc5. A bounds check failure allows a local attacker with a user account on the system to gain access to out-of-bounds memory, leading to a system crash or a leak
CVE-2020-36322		—	< 3.0.101-108.126.1	3.0.101-108.126.1	Apr 14, 2021	An issue was discovered in the FUSE filesystem implementation in the Linux kernel before 5.10.6, aka CID-5d069dbe8aaf. fuse_do_getattr() calls make_bad_inode() in inappropriate situations, causing a system crash. NOTE: the original fix for this vulnerability was incomplete, and i
CVE-2021-29154		—	< 3.0.101-108.129.1	3.0.101-108.129.1	Apr 8, 2021	BPF JIT compilers in the Linux kernel through 5.11.12 have incorrect computation of branch displacements, allowing them to execute arbitrary code within the kernel context. This affects arch/x86/net/bpf_jit_comp.c and arch/x86/net/bpf_jit_comp32.c.
CVE-2021-30002		—	< 3.0.101-108.126.1	3.0.101-108.126.1	Apr 2, 2021	An issue was discovered in the Linux kernel before 5.11.3 when a webcam device exists. video_usercopy in drivers/media/v4l2-core/v4l2-ioctl.c has a memory leak for large arguments, aka CID-fb18802a338b.
CVE-2021-29650		—	< 3.0.101-108.126.1	3.0.101-108.126.1	Mar 30, 2021	An issue was discovered in the Linux kernel before 5.11.11. The netfilter subsystem allows attackers to cause a denial of service (panic) because net/netfilter/x_tables.c and include/linux/netfilter/x_tables.h lack a full memory barrier upon the assignment of a new table value, a
CVE-2021-28972		—	< 3.0.101-108.126.1	3.0.101-108.126.1	Mar 22, 2021	In drivers/pci/hotplug/rpadlpar_sysfs.c in the Linux kernel through 5.11.8, the RPA PCI Hotplug driver has a user-tolerable buffer overflow when writing a new device name to the driver from userspace, allowing userspace to write data to the kernel stack frame directly. This occur
CVE-2021-28950		—	< 3.0.101-108.126.1	3.0.101-108.126.1	Mar 20, 2021	An issue was discovered in fs/fuse/fuse_i.h in the Linux kernel before 5.11.8. A "stall on CPU" can occur because a retry loop continually finds the same bad inode, aka CID-775c5033a0d1.

CVE-2021-0512Jun 21, 2021
affected < 3.0.101-108.129.1fixed 3.0.101-108.129.1
In __hidinput_change_resolution_multipliers of hid-input.c, there is a possible out of bounds write due to a heap buffer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Prod
CVE-2021-34693Jun 14, 2021
affected < 3.0.101-108.129.1fixed 3.0.101-108.129.1
net/can/bcm.c in the Linux kernel through 5.12.10 allows local users to obtain sensitive information from kernel stack memory because parts of a data structure are uninitialized.
CVE-2020-36386Jun 7, 2021
affected < 3.0.101-108.129.1fixed 3.0.101-108.129.1
An issue was discovered in the Linux kernel before 5.8.1. net/bluetooth/hci_event.c has a slab out-of-bounds read in hci_extended_inquiry_result_evt, aka CID-51c19bf3d5cf.
CVE-2020-36385Jun 7, 2021
affected < 3.0.101-108.132.1fixed 3.0.101-108.132.1
An issue was discovered in the Linux kernel before 5.10. drivers/infiniband/core/ucma.c has a use-after-free because the ctx is reached via the ctx_list in some ucma_migrate_id situations where ucma_close is called, aka CID-f5449e74802c.
CVE-2020-25669May 26, 2021
affected < 3.0.101-108.120.1fixed 3.0.101-108.120.1
A vulnerability was found in the Linux Kernel where the function sunkbd_reinit having been scheduled by sunkbd_interrupt before sunkbd being freed. Though the dangling pointer is set to NULL in sunkbd_disconnect, there is still an alias in sunkbd_reinit causing Use After Free.
CVE-2020-25668May 26, 2021
affected < 3.0.101-108.120.1fixed 3.0.101-108.120.1
A flaw was found in Linux Kernel because access to the global variable fg_console is not properly synchronized leading to a use after free in con_font_op.
CVE-2021-3483May 17, 2021
affected < 3.0.101-108.126.1fixed 3.0.101-108.126.1
A flaw was found in the Nosy driver in the Linux kernel. This issue allows a device to be inserted twice into a doubly-linked list, leading to a use-after-free when one of these devices is removed. The highest threat from this vulnerability is to confidentiality, integrity, as we
CVE-2021-33033May 14, 2021
affected < 3.0.101-108.132.1fixed 3.0.101-108.132.1
The Linux kernel before 5.11.14 has a use-after-free in cipso_v4_genopt in net/ipv4/cipso_ipv4.c because the CIPSO and CALIPSO refcounting for the DOI definitions is mishandled, aka CID-ad5d07f4a9cd. This leads to writing an arbitrary value.
CVE-2020-26139MedMay 11, 2021
affected < 3.0.101-108.129.1fixed 3.0.101-108.129.1
An issue was discovered in the kernel in NetBSD 7.1. An Access Point (AP) forwards EAPOL frames to other clients even though the sender has not yet successfully authenticated to the AP. This might be abused in projected Wi-Fi networks to launch denial-of-service attacks against c
CVE-2020-24588LowMay 11, 2021
affected < 3.0.101-108.129.1fixed 3.0.101-108.129.1
The 802.11 standard that underpins Wi-Fi Protected Access (WPA, WPA2, and WPA3) and Wired Equivalent Privacy (WEP) doesn't require that the A-MSDU flag in the plaintext QoS header field is authenticated. Against devices that support receiving non-SSP A-MSDU frames (which is manda
CVE-2020-24587May 11, 2021
affected < 3.0.101-108.129.1fixed 3.0.101-108.129.1
The 802.11 standard that underpins Wi-Fi Protected Access (WPA, WPA2, and WPA3) and Wired Equivalent Privacy (WEP) doesn't require that all fragments of a frame are encrypted under the same key. An adversary can abuse this to decrypt selected fragments when another device sends f
CVE-2020-24586May 11, 2021
affected < 3.0.101-108.129.1fixed 3.0.101-108.129.1
The 802.11 standard that underpins Wi-Fi Protected Access (WPA, WPA2, and WPA3) and Wired Equivalent Privacy (WEP) doesn't require that received fragments be cleared from memory after (re)connecting to a network. Under the right circumstances, when another device sends fragmented
CVE-2021-32399May 10, 2021
affected < 3.0.101-108.129.1fixed 3.0.101-108.129.1
net/bluetooth/hci_request.c in the Linux kernel through 5.12.2 has a race condition for removal of the HCI controller.
CVE-2020-35519May 6, 2021
affected < 3.0.101-108.126.1fixed 3.0.101-108.126.1
An out-of-bounds (OOB) memory access flaw was found in x25_bind in net/x25/af_x25.c in the Linux kernel version v5.12-rc5. A bounds check failure allows a local attacker with a user account on the system to gain access to out-of-bounds memory, leading to a system crash or a leak
CVE-2020-36322Apr 14, 2021
affected < 3.0.101-108.126.1fixed 3.0.101-108.126.1
An issue was discovered in the FUSE filesystem implementation in the Linux kernel before 5.10.6, aka CID-5d069dbe8aaf. fuse_do_getattr() calls make_bad_inode() in inappropriate situations, causing a system crash. NOTE: the original fix for this vulnerability was incomplete, and i
CVE-2021-29154Apr 8, 2021
affected < 3.0.101-108.129.1fixed 3.0.101-108.129.1
BPF JIT compilers in the Linux kernel through 5.11.12 have incorrect computation of branch displacements, allowing them to execute arbitrary code within the kernel context. This affects arch/x86/net/bpf_jit_comp.c and arch/x86/net/bpf_jit_comp32.c.
CVE-2021-30002Apr 2, 2021
affected < 3.0.101-108.126.1fixed 3.0.101-108.126.1
An issue was discovered in the Linux kernel before 5.11.3 when a webcam device exists. video_usercopy in drivers/media/v4l2-core/v4l2-ioctl.c has a memory leak for large arguments, aka CID-fb18802a338b.
CVE-2021-29650Mar 30, 2021
affected < 3.0.101-108.126.1fixed 3.0.101-108.126.1
An issue was discovered in the Linux kernel before 5.11.11. The netfilter subsystem allows attackers to cause a denial of service (panic) because net/netfilter/x_tables.c and include/linux/netfilter/x_tables.h lack a full memory barrier upon the assignment of a new table value, a
CVE-2021-28972Mar 22, 2021
affected < 3.0.101-108.126.1fixed 3.0.101-108.126.1
In drivers/pci/hotplug/rpadlpar_sysfs.c in the Linux kernel through 5.11.8, the RPA PCI Hotplug driver has a user-tolerable buffer overflow when writing a new device name to the driver from userspace, allowing userspace to write data to the kernel stack frame directly. This occur
CVE-2021-28950Mar 20, 2021
affected < 3.0.101-108.126.1fixed 3.0.101-108.126.1
An issue was discovered in fs/fuse/fuse_i.h in the Linux kernel before 5.11.8. A "stall on CPU" can occur because a retry loop continually finds the same bad inode, aka CID-775c5033a0d1.

Page 2 of 9