rpm package
suse/kernel-xen&distro=SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE
pkg:rpm/suse/kernel-xen&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP4%20LTSS%20EXTREME%20CORE
Vulnerabilities (263)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2022-1353 | — | < 3.0.101-108.138.1 | 3.0.101-108.138.1 | Apr 29, 2022 | A vulnerability was found in the pfkey_register function in net/key/af_key.c in the Linux kernel. This flaw allows a local, unprivileged user to gain access to kernel memory, leading to a system crash or a leak of internal kernel information. | ||
| CVE-2022-1048 | — | < 3.0.101-108.138.1 | 3.0.101-108.138.1 | Apr 29, 2022 | A use-after-free flaw was found in the Linux kernel’s sound subsystem in the way a user triggers concurrent calls of PCM hw_params. The hw_free ioctls or similar race condition happens inside ALSA PCM for other ioctls. This flaw allows a local user to crash or potentially escalat | ||
| CVE-2022-28356 | — | < 3.0.101-108.138.1 | 3.0.101-108.138.1 | Apr 2, 2022 | In the Linux kernel before 5.17.1, a refcount leak bug was found in net/llc/af_llc.c. | ||
| CVE-2021-45868 | — | < 3.0.101-108.138.1 | 3.0.101-108.138.1 | Mar 18, 2022 | In the Linux kernel before 5.15.3, fs/quota/quota_tree.c does not validate the block number in the quota tree (on disk). This can, for example, lead to a kernel/locking/rwsem.c use-after-free if there is a corrupted quota file. | ||
| CVE-2022-1011 | — | < 3.0.101-108.138.1 | 3.0.101-108.138.1 | Mar 18, 2022 | A use-after-free flaw was found in the Linux kernel’s FUSE filesystem in the way a user triggers write(). This flaw allows a local user to gain unauthorized access to data from the FUSE filesystem, resulting in privilege escalation. | ||
| CVE-2021-39713 | — | < 3.0.101-108.138.1 | 3.0.101-108.138.1 | Mar 16, 2022 | Product: AndroidVersions: Android kernelAndroid ID: A-173788806References: Upstream kernel | ||
| CVE-2021-26341 | — | < 3.0.101-108.138.1 | 3.0.101-108.138.1 | Mar 11, 2022 | Some AMD CPUs may transiently execute beyond unconditional direct branches, which may potentially result in data leakage. | ||
| CVE-2021-0920 | — | KEV | < 3.0.101-108.201.1 | 3.0.101-108.201.1 | Dec 15, 2021 | In unix_scm_to_skb of af_unix.c, there is a possible use after free bug due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndro | |
| CVE-2021-43389 | — | < 3.0.101-108.159.1 | 3.0.101-108.159.1 | Nov 4, 2021 | An issue was discovered in the Linux kernel before 5.14.15. There is an array-index-out-of-bounds flaw in the detach_capi_ctr function in drivers/isdn/capi/kcapi.c. | ||
| CVE-2020-26555 | — | < 3.0.101-108.150.1 | 3.0.101-108.150.1 | May 24, 2021 | Bluetooth legacy BR/EDR PIN code pairing in Bluetooth Core Specification 1.0B through 5.2 may permit an unauthenticated nearby device to spoof the BD_ADDR of the peer device to complete pairing without knowledge of the PIN. | ||
| CVE-2020-16119 | — | < 3.0.101-108.138.1 | 3.0.101-108.138.1 | Jan 14, 2021 | Use-after-free vulnerability in the Linux kernel exploitable by a local attacker due to reuse of a DCCP socket with an attached dccps_hc_tx_ccid object as a listener after being released. Fixed in Ubuntu Linux kernel 5.4.0-51.56, 5.3.0-68.63, 4.15.0-121.123, 4.4.0-193.224, 3.13.0 | ||
| CVE-2020-15393 | — | < 3.0.101-108.138.1 | 3.0.101-108.138.1 | Jun 29, 2020 | In the Linux kernel 4.4 through 5.7.6, usbtest_disconnect in drivers/usb/misc/usbtest.c has a memory leak, aka CID-28ebeb8db770. | ||
| CVE-2019-3900 | — | < 3.0.101-108.138.1 | 3.0.101-108.138.1 | Apr 25, 2019 | An infinite loop issue was found in the vhost_net kernel module in Linux Kernel up to and including v5.1-rc6, while handling incoming packets in handle_rx(). It could occur if one end sends packets faster than the other end can process them. A guest user, maybe remote one, could | ||
| CVE-2019-3837 | — | < 3.0.101-108.138.1 | 3.0.101-108.138.1 | Apr 11, 2019 | It was found that the net_dma code in tcp_recvmsg() in the 2.6.32 kernel as shipped in RHEL6 is thread-unsafe. So an unprivileged multi-threaded userspace application calling recvmsg() for the same network socket in parallel executed on ioatdma-enabled hardware with net_dma enabl | ||
| CVE-2018-9517 | — | < 3.0.101-108.141.1 | 3.0.101-108.141.1 | Dec 7, 2018 | In pppol2tp_connect, there is possible memory corruption due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: Android kernel. Android ID: A-3 | ||
| CVE-2017-18344 | Med | 5.5 | < 3.0.101-108.144.1 | 3.0.101-108.144.1 | Jul 26, 2018 | The timer_create syscall implementation in kernel/time/posix-timers.c in the Linux kernel before 4.14.8 doesn't properly validate the sigevent->sigev_notify field, which leads to out-of-bounds access in the show_timer function (called when /proc/$PID/timers is read). This allows | |
| CVE-2018-3639 | Med | 5.5 | < 3.0.101-108.144.1 | 3.0.101-108.144.1 | May 22, 2018 | Systems with microprocessors utilizing speculative execution and speculative execution of memory reads before the addresses of all prior memory writes are known may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis, aka | |
| CVE-2018-7755 | Med | 5.5 | < 3.0.101-108.138.1 | 3.0.101-108.138.1 | Mar 8, 2018 | An issue was discovered in the fd_locked_ioctl function in drivers/block/floppy.c in the Linux kernel through 4.15.7. The floppy driver will copy a kernel pointer to user memory in response to the FDGETPRM ioctl. An attacker can send the FDGETPRM ioctl and use the obtained kernel | |
| CVE-2017-5753 | Med | 5.6 | < 3.0.101-108.141.1 | 3.0.101-108.141.1 | Jan 4, 2018 | Systems with microprocessors utilizing speculative execution and branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis. | |
| CVE-2017-1000253 | Hig | 7.8 | KEV | < 3.0.101-108.174.1 | 3.0.101-108.174.1 | Oct 5, 2017 | Linux distributions that have not patched their long-term kernels with https://git.kernel.org/linus/a87938b2e246b81b4fb713edb371a9fa3c5c3c86 (committed on April 14, 2015). This kernel vulnerability was fixed in April 2015 by commit a87938b2e246b81b4fb713edb371a9fa3c5c3c86 (backpo |
- CVE-2022-1353Apr 29, 2022affected < 3.0.101-108.138.1fixed 3.0.101-108.138.1
A vulnerability was found in the pfkey_register function in net/key/af_key.c in the Linux kernel. This flaw allows a local, unprivileged user to gain access to kernel memory, leading to a system crash or a leak of internal kernel information.
- CVE-2022-1048Apr 29, 2022affected < 3.0.101-108.138.1fixed 3.0.101-108.138.1
A use-after-free flaw was found in the Linux kernel’s sound subsystem in the way a user triggers concurrent calls of PCM hw_params. The hw_free ioctls or similar race condition happens inside ALSA PCM for other ioctls. This flaw allows a local user to crash or potentially escalat
- CVE-2022-28356Apr 2, 2022affected < 3.0.101-108.138.1fixed 3.0.101-108.138.1
In the Linux kernel before 5.17.1, a refcount leak bug was found in net/llc/af_llc.c.
- CVE-2021-45868Mar 18, 2022affected < 3.0.101-108.138.1fixed 3.0.101-108.138.1
In the Linux kernel before 5.15.3, fs/quota/quota_tree.c does not validate the block number in the quota tree (on disk). This can, for example, lead to a kernel/locking/rwsem.c use-after-free if there is a corrupted quota file.
- CVE-2022-1011Mar 18, 2022affected < 3.0.101-108.138.1fixed 3.0.101-108.138.1
A use-after-free flaw was found in the Linux kernel’s FUSE filesystem in the way a user triggers write(). This flaw allows a local user to gain unauthorized access to data from the FUSE filesystem, resulting in privilege escalation.
- CVE-2021-39713Mar 16, 2022affected < 3.0.101-108.138.1fixed 3.0.101-108.138.1
Product: AndroidVersions: Android kernelAndroid ID: A-173788806References: Upstream kernel
- CVE-2021-26341Mar 11, 2022affected < 3.0.101-108.138.1fixed 3.0.101-108.138.1
Some AMD CPUs may transiently execute beyond unconditional direct branches, which may potentially result in data leakage.
- affected < 3.0.101-108.201.1fixed 3.0.101-108.201.1
In unix_scm_to_skb of af_unix.c, there is a possible use after free bug due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndro
- CVE-2021-43389Nov 4, 2021affected < 3.0.101-108.159.1fixed 3.0.101-108.159.1
An issue was discovered in the Linux kernel before 5.14.15. There is an array-index-out-of-bounds flaw in the detach_capi_ctr function in drivers/isdn/capi/kcapi.c.
- CVE-2020-26555May 24, 2021affected < 3.0.101-108.150.1fixed 3.0.101-108.150.1
Bluetooth legacy BR/EDR PIN code pairing in Bluetooth Core Specification 1.0B through 5.2 may permit an unauthenticated nearby device to spoof the BD_ADDR of the peer device to complete pairing without knowledge of the PIN.
- CVE-2020-16119Jan 14, 2021affected < 3.0.101-108.138.1fixed 3.0.101-108.138.1
Use-after-free vulnerability in the Linux kernel exploitable by a local attacker due to reuse of a DCCP socket with an attached dccps_hc_tx_ccid object as a listener after being released. Fixed in Ubuntu Linux kernel 5.4.0-51.56, 5.3.0-68.63, 4.15.0-121.123, 4.4.0-193.224, 3.13.0
- CVE-2020-15393Jun 29, 2020affected < 3.0.101-108.138.1fixed 3.0.101-108.138.1
In the Linux kernel 4.4 through 5.7.6, usbtest_disconnect in drivers/usb/misc/usbtest.c has a memory leak, aka CID-28ebeb8db770.
- CVE-2019-3900Apr 25, 2019affected < 3.0.101-108.138.1fixed 3.0.101-108.138.1
An infinite loop issue was found in the vhost_net kernel module in Linux Kernel up to and including v5.1-rc6, while handling incoming packets in handle_rx(). It could occur if one end sends packets faster than the other end can process them. A guest user, maybe remote one, could
- CVE-2019-3837Apr 11, 2019affected < 3.0.101-108.138.1fixed 3.0.101-108.138.1
It was found that the net_dma code in tcp_recvmsg() in the 2.6.32 kernel as shipped in RHEL6 is thread-unsafe. So an unprivileged multi-threaded userspace application calling recvmsg() for the same network socket in parallel executed on ioatdma-enabled hardware with net_dma enabl
- CVE-2018-9517Dec 7, 2018affected < 3.0.101-108.141.1fixed 3.0.101-108.141.1
In pppol2tp_connect, there is possible memory corruption due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: Android kernel. Android ID: A-3
- affected < 3.0.101-108.144.1fixed 3.0.101-108.144.1
The timer_create syscall implementation in kernel/time/posix-timers.c in the Linux kernel before 4.14.8 doesn't properly validate the sigevent->sigev_notify field, which leads to out-of-bounds access in the show_timer function (called when /proc/$PID/timers is read). This allows
- affected < 3.0.101-108.144.1fixed 3.0.101-108.144.1
Systems with microprocessors utilizing speculative execution and speculative execution of memory reads before the addresses of all prior memory writes are known may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis, aka
- affected < 3.0.101-108.138.1fixed 3.0.101-108.138.1
An issue was discovered in the fd_locked_ioctl function in drivers/block/floppy.c in the Linux kernel through 4.15.7. The floppy driver will copy a kernel pointer to user memory in response to the FDGETPRM ioctl. An attacker can send the FDGETPRM ioctl and use the obtained kernel
- affected < 3.0.101-108.141.1fixed 3.0.101-108.141.1
Systems with microprocessors utilizing speculative execution and branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis.
- affected < 3.0.101-108.174.1fixed 3.0.101-108.174.1
Linux distributions that have not patched their long-term kernels with https://git.kernel.org/linus/a87938b2e246b81b4fb713edb371a9fa3c5c3c86 (committed on April 14, 2015). This kernel vulnerability was fixed in April 2015 by commit a87938b2e246b81b4fb713edb371a9fa3c5c3c86 (backpo
Page 13 of 14