VYPR

rpm package

suse/kgraft-patch-SLE12-SP2_Update_39&distro=SUSE OpenStack Cloud 7

pkg:rpm/suse/kgraft-patch-SLE12-SP2_Update_39&distro=SUSE%20OpenStack%20Cloud%207

Vulnerabilities (26)

  • CVE-2020-27673Oct 22, 2020
    affected < 1-3.3.1fixed 1-3.3.1

    An issue was discovered in the Linux kernel through 5.9.1, as used with Xen through 4.14.x. Guest OS users can cause a denial of service (host OS hang) via a high rate of events to dom0, aka CID-e99502f76271.

  • CVE-2020-25285Sep 13, 2020
    affected < 1-3.3.1fixed 1-3.3.1

    A race condition between hugetlb sysctl handlers in mm/hugetlb.c in the Linux kernel before 5.8.8 could be used by local attackers to corrupt memory, cause a NULL pointer dereference, or possibly have unspecified other impact, aka CID-17743798d812.

  • CVE-2020-25211Sep 9, 2020
    affected < 1-3.3.1fixed 1-3.3.1

    In the Linux kernel through 5.8.7, local attackers able to inject conntrack netlink configuration could overflow a local buffer, causing crashes or triggering use of incorrect protocol numbers in ctnetlink_parse_tuple_filter in net/netfilter/nf_conntrack_netlink.c, aka CID-1cc5ef

  • CVE-2020-11668Apr 9, 2020
    affected < 1-3.3.1fixed 1-3.3.1

    In the Linux kernel before 5.6.1, drivers/media/usb/gspca/xirlink_cit.c (aka the Xirlink camera USB driver) mishandles invalid descriptors, aka CID-a246b4d54770.

  • CVE-2019-19063Nov 18, 2019
    affected < 1-3.3.1fixed 1-3.3.1

    Two memory leaks in the rtl_usb_probe() function in drivers/net/wireless/realtek/rtlwifi/usb.c in the Linux kernel through 5.3.11 allow attackers to cause a denial of service (memory consumption), aka CID-3f9361695113.

  • CVE-2019-6133Jan 11, 2019
    affected < 1-3.3.1fixed 1-3.3.1

    In PolicyKit (aka polkit) 0.115, the "start time" protection mechanism can be bypassed because fork() is not atomic, and therefore authorization decisions are improperly cached. This is related to lack of uid checking in polkitbackend/polkitbackendinteractiveauthority.c.

Page 2 of 2