rpm package
suse/kernel-syms&distro=SUSE Linux Enterprise Server 12 SP3-BCL
pkg:rpm/suse/kernel-syms&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP3-BCL
Vulnerabilities (414)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2022-2991 | Med | 6.7 | < 4.4.180-94.174.1 | 4.4.180-94.174.1 | Aug 25, 2022 | A heap-based buffer overflow was found in the Linux kernel's LightNVM subsystem. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length heap-based buffer. This vulnerability allows a local attacker to escalat | |
| CVE-2021-4155 | Med | 5.5 | < 4.4.180-94.153.1 | 4.4.180-94.153.1 | Aug 24, 2022 | A data leak flaw was found in the way XFS_IOC_ALLOCSP IOCTL in the XFS filesystem allowed for size increase of files with unaligned size. A local attacker could use this flaw to leak data on the XFS filesystem otherwise not accessible to them. | |
| CVE-2021-4037 | Hig | 7.8 | < 4.4.180-94.182.1 | 4.4.180-94.182.1 | Aug 24, 2022 | A vulnerability was found in the fs/inode.c:inode_init_owner() function logic of the LInux kernel that allows local users to create files for the XFS file-system with an unintended group ownership and with group execution and SGID permission bits set, in a scenario where a direct | |
| CVE-2021-3659 | Med | 5.5 | < 4.4.180-94.150.1 | 4.4.180-94.150.1 | Aug 22, 2022 | A NULL pointer dereference flaw was found in the Linux kernel’s IEEE 802.15.4 wireless networking subsystem in the way the user closes the LR-WPAN connection. This flaw allows a local user to crash the system. The highest threat from this vulnerability is to system availability. | |
| CVE-2022-26373 | Med | 5.5 | < 4.4.180-94.174.1 | 4.4.180-94.174.1 | Aug 18, 2022 | Non-transparent sharing of return predictor targets between contexts in some Intel(R) Processors may allow an authorized user to potentially enable information disclosure via local access. | |
| CVE-2022-2503 | Med | 6.9 | < 4.4.180-94.177.1 | 4.4.180-94.177.1 | Aug 12, 2022 | Dm-verity is used for extending root-of-trust to root filesystems. LoadPin builds on this property to restrict module/firmware loads to just the trusted root filesystem. Device-mapper table reloads currently allow users with root privileges to switch out the target with an equiva | |
| CVE-2022-20369 | Med | 6.7 | < 4.4.180-94.174.1 | 4.4.180-94.174.1 | Aug 11, 2022 | In v4l2_m2m_querybuf of v4l2-mem2mem.c, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: An | |
| CVE-2022-20368 | Hig | 7.8 | < 4.4.180-94.174.1 | 4.4.180-94.174.1 | Aug 11, 2022 | Product: AndroidVersions: Android kernelAndroid ID: A-224546354References: Upstream kernel | |
| CVE-2022-36946 | Hig | 7.5 | < 4.4.180-94.171.1 | 4.4.180-94.171.1 | Jul 27, 2022 | nfqnl_mangle in net/netfilter/nfnetlink_queue.c in the Linux kernel through 5.18.14 allows remote attackers to cause a denial of service (panic) because, in the case of an nf_queue verdict with a one-byte nfta_payload attribute, an skb_pull can encounter a negative skb->len. | |
| CVE-2022-36879 | Med | 5.5 | < 4.4.180-94.174.1 | 4.4.180-94.174.1 | Jul 27, 2022 | An issue was discovered in the Linux kernel through 5.18.14. xfrm_expand_policies in net/xfrm/xfrm_policy.c can cause a refcount to be dropped twice. | |
| CVE-2020-36558 | Med | 5.1 | < 4.4.180-94.171.1 | 4.4.180-94.171.1 | Jul 21, 2022 | A race condition in the Linux kernel before 5.5.7 involving VT_RESIZEX could lead to a NULL pointer dereference and general protection fault. | |
| CVE-2020-36557 | Med | 5.1 | < 4.4.180-94.171.1 | 4.4.180-94.171.1 | Jul 21, 2022 | A race condition in the Linux kernel before 5.6.2 between the VT_DISALLOCATE ioctl and closing/opening of ttys could lead to a use-after-free. | |
| CVE-2021-33656 | Med | 6.8 | < 4.4.180-94.171.1 | 4.4.180-94.171.1 | Jul 18, 2022 | When setting font with malicous data by ioctl cmd PIO_FONT,kernel will write memory out of bounds. | |
| CVE-2021-33655 | Med | 6.7 | < 4.4.180-94.171.1 | 4.4.180-94.171.1 | Jul 18, 2022 | When sending malicous data to kernel by ioctl cmd FBIOPUT_VSCREENINFO,kernel will write memory out of bounds. | |
| CVE-2022-29901 | Med | 5.6 | < 4.4.180-94.167.1 | 4.4.180-94.167.1 | Jul 12, 2022 | Intel microprocessor generations 6 to 8 are affected by a new Spectre variant that is able to bypass their retpoline mitigation in the kernel to leak arbitrary data. An attacker with unprivileged user access can hijack return instructions to achieve arbitrary speculative code exe | |
| CVE-2022-29900 | Med | 6.5 | < 4.4.180-94.167.1 | 4.4.180-94.167.1 | Jul 12, 2022 | Mis-trained branch predictions for return instructions may allow arbitrary speculative code execution under certain microarchitecture-dependent conditions. | |
| CVE-2022-2318 | Med | 5.5 | < 4.4.180-94.171.1 | 4.4.180-94.171.1 | Jul 6, 2022 | There are use-after-free vulnerabilities caused by timer handler in net/rose/rose_timer.c of linux that allow attackers to crash linux kernel without any privileges. | |
| CVE-2022-33742 | Hig | 7.1 | < 4.4.180-94.171.1 | 4.4.180-94.171.1 | Jul 5, 2022 | Linux disk/nic frontends data leaks T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Linux Block and Network PV device frontends don't zero memory regions before sharing them with the backend (CVE-202 | |
| CVE-2022-33741 | Hig | 7.1 | < 4.4.180-94.171.1 | 4.4.180-94.171.1 | Jul 5, 2022 | Linux disk/nic frontends data leaks T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Linux Block and Network PV device frontends don't zero memory regions before sharing them with the backend (CVE-202 | |
| CVE-2022-33740 | Hig | 7.1 | < 4.4.180-94.171.1 | 4.4.180-94.171.1 | Jul 5, 2022 | Linux disk/nic frontends data leaks T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Linux Block and Network PV device frontends don't zero memory regions before sharing them with the backend (CVE-202 |
- affected < 4.4.180-94.174.1fixed 4.4.180-94.174.1
A heap-based buffer overflow was found in the Linux kernel's LightNVM subsystem. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length heap-based buffer. This vulnerability allows a local attacker to escalat
- affected < 4.4.180-94.153.1fixed 4.4.180-94.153.1
A data leak flaw was found in the way XFS_IOC_ALLOCSP IOCTL in the XFS filesystem allowed for size increase of files with unaligned size. A local attacker could use this flaw to leak data on the XFS filesystem otherwise not accessible to them.
- affected < 4.4.180-94.182.1fixed 4.4.180-94.182.1
A vulnerability was found in the fs/inode.c:inode_init_owner() function logic of the LInux kernel that allows local users to create files for the XFS file-system with an unintended group ownership and with group execution and SGID permission bits set, in a scenario where a direct
- affected < 4.4.180-94.150.1fixed 4.4.180-94.150.1
A NULL pointer dereference flaw was found in the Linux kernel’s IEEE 802.15.4 wireless networking subsystem in the way the user closes the LR-WPAN connection. This flaw allows a local user to crash the system. The highest threat from this vulnerability is to system availability.
- affected < 4.4.180-94.174.1fixed 4.4.180-94.174.1
Non-transparent sharing of return predictor targets between contexts in some Intel(R) Processors may allow an authorized user to potentially enable information disclosure via local access.
- affected < 4.4.180-94.177.1fixed 4.4.180-94.177.1
Dm-verity is used for extending root-of-trust to root filesystems. LoadPin builds on this property to restrict module/firmware loads to just the trusted root filesystem. Device-mapper table reloads currently allow users with root privileges to switch out the target with an equiva
- affected < 4.4.180-94.174.1fixed 4.4.180-94.174.1
In v4l2_m2m_querybuf of v4l2-mem2mem.c, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: An
- affected < 4.4.180-94.174.1fixed 4.4.180-94.174.1
Product: AndroidVersions: Android kernelAndroid ID: A-224546354References: Upstream kernel
- affected < 4.4.180-94.171.1fixed 4.4.180-94.171.1
nfqnl_mangle in net/netfilter/nfnetlink_queue.c in the Linux kernel through 5.18.14 allows remote attackers to cause a denial of service (panic) because, in the case of an nf_queue verdict with a one-byte nfta_payload attribute, an skb_pull can encounter a negative skb->len.
- affected < 4.4.180-94.174.1fixed 4.4.180-94.174.1
An issue was discovered in the Linux kernel through 5.18.14. xfrm_expand_policies in net/xfrm/xfrm_policy.c can cause a refcount to be dropped twice.
- affected < 4.4.180-94.171.1fixed 4.4.180-94.171.1
A race condition in the Linux kernel before 5.5.7 involving VT_RESIZEX could lead to a NULL pointer dereference and general protection fault.
- affected < 4.4.180-94.171.1fixed 4.4.180-94.171.1
A race condition in the Linux kernel before 5.6.2 between the VT_DISALLOCATE ioctl and closing/opening of ttys could lead to a use-after-free.
- affected < 4.4.180-94.171.1fixed 4.4.180-94.171.1
When setting font with malicous data by ioctl cmd PIO_FONT,kernel will write memory out of bounds.
- affected < 4.4.180-94.171.1fixed 4.4.180-94.171.1
When sending malicous data to kernel by ioctl cmd FBIOPUT_VSCREENINFO,kernel will write memory out of bounds.
- affected < 4.4.180-94.167.1fixed 4.4.180-94.167.1
Intel microprocessor generations 6 to 8 are affected by a new Spectre variant that is able to bypass their retpoline mitigation in the kernel to leak arbitrary data. An attacker with unprivileged user access can hijack return instructions to achieve arbitrary speculative code exe
- affected < 4.4.180-94.167.1fixed 4.4.180-94.167.1
Mis-trained branch predictions for return instructions may allow arbitrary speculative code execution under certain microarchitecture-dependent conditions.
- affected < 4.4.180-94.171.1fixed 4.4.180-94.171.1
There are use-after-free vulnerabilities caused by timer handler in net/rose/rose_timer.c of linux that allow attackers to crash linux kernel without any privileges.
- affected < 4.4.180-94.171.1fixed 4.4.180-94.171.1
Linux disk/nic frontends data leaks T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Linux Block and Network PV device frontends don't zero memory regions before sharing them with the backend (CVE-202
- affected < 4.4.180-94.171.1fixed 4.4.180-94.171.1
Linux disk/nic frontends data leaks T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Linux Block and Network PV device frontends don't zero memory regions before sharing them with the backend (CVE-202
- affected < 4.4.180-94.171.1fixed 4.4.180-94.171.1
Linux disk/nic frontends data leaks T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Linux Block and Network PV device frontends don't zero memory regions before sharing them with the backend (CVE-202
Page 3 of 21