rpm package

suse/kgraft-patch-SLE12-SP3_Update_37&distro=SUSE Linux Enterprise Server 12 SP3-LTSS

pkg:rpm/suse/kgraft-patch-SLE12-SP3_Update_37&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP3-LTSS

Vulnerabilities (66)

CVE	CVSS	Affected versions	Fixed in	Published	Description
CVE-2020-29569	—	< 1-4.3.1	1-4.3.1	Dec 15, 2020	An issue was discovered in the Linux kernel through 5.10.1, as used with Xen through 4.14.x. The Linux kernel PV block backend expects the kernel thread handler to reset ring->xenblkd to NULL when stopped. However, the handler may not have time to run if the frontend quickly togg
CVE-2020-27777	—	< 1-4.3.1	1-4.3.1	Dec 15, 2020	A flaw was found in the way RTAS handled memory accesses in userspace to kernel communication. On a locked down (usually due to Secure Boot) guest system running on top of PowerVM or KVM hypervisors (pseries platform) a root like local user could use this flaw to further increase
CVE-2020-29568	—	< 1-4.3.1	1-4.3.1	Dec 15, 2020	An issue was discovered in Xen through 4.14.x. Some OSes (such as Linux, FreeBSD, and NetBSD) are processing watch events using a single thread. If the events are received faster than the thread is able to handle, they will get queued. As the queue is unbounded, a guest may be ab
CVE-2020-27068	—	< 1-4.3.1	1-4.3.1	Dec 15, 2020	Product: AndroidVersions: Android kernelAndroid ID: A-127973231References: Upstream kernel
CVE-2020-0465	—	< 1-4.3.1	1-4.3.1	Dec 14, 2020	In various methods of hid-multitouch.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions
CVE-2020-0444	—	< 1-4.3.1	1-4.3.1	Dec 14, 2020	In audit_free_lsm_field of auditfilter.c, there is a possible bad kfree due to a logic error in audit_data_to_entry. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVe
CVE-2020-0466	—	< 1-4.3.1	1-4.3.1	Dec 14, 2020	In do_epoll_ctl and ep_loop_check_proc of eventpoll.c, there is a possible use after free due to a logic error. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersion
CVE-2020-27825	—	< 1-4.3.1	1-4.3.1	Dec 11, 2020	A use-after-free flaw was found in kernel/trace/ring_buffer.c in Linux kernel (before 5.10-rc1). There was a race problem in trace_open and resize of cpu buffer running parallely on different cpus, may cause a denial of service problem (DOS). This flaw could even allow a local at
CVE-2020-27786	—	< 1-4.3.1	1-4.3.1	Dec 11, 2020	A flaw was found in the Linux kernel’s implementation of MIDI, where an attacker with a local account and the permissions to issue ioctl commands to midi devices could trigger a use-after-free issue. A write to this specific memory while freed and before use causes the flow of ex
CVE-2020-29660	—	< 1-4.3.1	1-4.3.1	Dec 9, 2020	A locking inconsistency issue was discovered in the tty subsystem of the Linux kernel through 5.9.13. drivers/tty/tty_io.c and drivers/tty/tty_jobctrl.c may allow a read-after-free attack against TIOCGSID, aka CID-c8bcd9c5be24.
CVE-2020-29661	—	< 1-4.3.1	1-4.3.1	Dec 9, 2020	A locking issue was discovered in the tty subsystem of the Linux kernel through 5.9.13. drivers/tty/tty_jobctrl.c allows a use-after-free attack against TIOCSPGRP, aka CID-54ffccbf053b.
CVE-2019-20934	—	< 1-4.3.1	1-4.3.1	Nov 28, 2020	An issue was discovered in the Linux kernel before 5.2.6. On NUMA systems, the Linux fair scheduler has a use-after-free in show_numa_stats() because NUMA fault statistics are inappropriately freed, aka CID-16d51a590a8c.
CVE-2020-15437	—	< 1-4.3.1	1-4.3.1	Nov 23, 2020	The Linux kernel before version 5.8 is vulnerable to a NULL pointer dereference in drivers/tty/serial/8250/8250_core.c:serial8250_isa_init_ports() that allows local users to cause a denial of service by using the p->serial_in pointer which uninitialized.
CVE-2020-15436	—	< 1-4.3.1	1-4.3.1	Nov 23, 2020	Use-after-free vulnerability in fs/block_dev.c in the Linux kernel before 5.8 allows local users to gain privileges or cause a denial of service by leveraging improper access to a certain error field.
CVE-2020-28974	—	< 1-4.3.1	1-4.3.1	Nov 20, 2020	A slab-out-of-bounds read in fbcon in the Linux kernel before 5.9.7 could be used by local attackers to read privileged information or potentially crash the kernel, aka CID-3c4e0dff2095. This occurs because KD_FONT_OP_COPY in drivers/tty/vt/vt.c can be used for manipulations such
CVE-2020-4788	—	< 1-4.3.1	1-4.3.1	Nov 20, 2020	IBM Power9 (AIX 7.1, 7.2, and VIOS 3.1) processors could allow a local user to obtain sensitive information from the data in the L1 cache under extenuating circumstances. IBM X-Force ID: 189296.
CVE-2020-28915	—	< 1-4.3.1	1-4.3.1	Nov 18, 2020	A buffer over-read (at the framebuffer layer) in the fbcon code in the Linux kernel before 5.8.15 could be used by local attackers to read kernel memory, aka CID-6735b4632def.
CVE-2020-25645	—	< 2-2.2	2-2.2	Oct 13, 2020	A flaw was found in the Linux kernel in versions before 5.9-rc7. Traffic between two Geneve endpoints may be unencrypted when IPsec is configured to encrypt traffic for the specific UDP port used by the GENEVE tunnel allowing anyone between the two endpoints to read the traffic u
CVE-2020-0429	—	< 2-2.2	2-2.2	Sep 17, 2020	In l2tp_session_delete and related functions of l2tp_core.c, there is possible memory corruption due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVers
CVE-2020-25285	—	< 1-4.3.1	1-4.3.1	Sep 13, 2020	A race condition between hugetlb sysctl handlers in mm/hugetlb.c in the Linux kernel before 5.8.8 could be used by local attackers to corrupt memory, cause a NULL pointer dereference, or possibly have unspecified other impact, aka CID-17743798d812.

CVE-2020-29569Dec 15, 2020
affected < 1-4.3.1fixed 1-4.3.1
An issue was discovered in the Linux kernel through 5.10.1, as used with Xen through 4.14.x. The Linux kernel PV block backend expects the kernel thread handler to reset ring->xenblkd to NULL when stopped. However, the handler may not have time to run if the frontend quickly togg
CVE-2020-27777Dec 15, 2020
affected < 1-4.3.1fixed 1-4.3.1
A flaw was found in the way RTAS handled memory accesses in userspace to kernel communication. On a locked down (usually due to Secure Boot) guest system running on top of PowerVM or KVM hypervisors (pseries platform) a root like local user could use this flaw to further increase
CVE-2020-29568Dec 15, 2020
affected < 1-4.3.1fixed 1-4.3.1
An issue was discovered in Xen through 4.14.x. Some OSes (such as Linux, FreeBSD, and NetBSD) are processing watch events using a single thread. If the events are received faster than the thread is able to handle, they will get queued. As the queue is unbounded, a guest may be ab
CVE-2020-27068Dec 15, 2020
affected < 1-4.3.1fixed 1-4.3.1
Product: AndroidVersions: Android kernelAndroid ID: A-127973231References: Upstream kernel
CVE-2020-0465Dec 14, 2020
affected < 1-4.3.1fixed 1-4.3.1
In various methods of hid-multitouch.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions
CVE-2020-0444Dec 14, 2020
affected < 1-4.3.1fixed 1-4.3.1
In audit_free_lsm_field of auditfilter.c, there is a possible bad kfree due to a logic error in audit_data_to_entry. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVe
CVE-2020-0466Dec 14, 2020
affected < 1-4.3.1fixed 1-4.3.1
In do_epoll_ctl and ep_loop_check_proc of eventpoll.c, there is a possible use after free due to a logic error. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersion
CVE-2020-27825Dec 11, 2020
affected < 1-4.3.1fixed 1-4.3.1
A use-after-free flaw was found in kernel/trace/ring_buffer.c in Linux kernel (before 5.10-rc1). There was a race problem in trace_open and resize of cpu buffer running parallely on different cpus, may cause a denial of service problem (DOS). This flaw could even allow a local at
CVE-2020-27786Dec 11, 2020
affected < 1-4.3.1fixed 1-4.3.1
A flaw was found in the Linux kernel’s implementation of MIDI, where an attacker with a local account and the permissions to issue ioctl commands to midi devices could trigger a use-after-free issue. A write to this specific memory while freed and before use causes the flow of ex
CVE-2020-29660Dec 9, 2020
affected < 1-4.3.1fixed 1-4.3.1
A locking inconsistency issue was discovered in the tty subsystem of the Linux kernel through 5.9.13. drivers/tty/tty_io.c and drivers/tty/tty_jobctrl.c may allow a read-after-free attack against TIOCGSID, aka CID-c8bcd9c5be24.
CVE-2020-29661Dec 9, 2020
affected < 1-4.3.1fixed 1-4.3.1
A locking issue was discovered in the tty subsystem of the Linux kernel through 5.9.13. drivers/tty/tty_jobctrl.c allows a use-after-free attack against TIOCSPGRP, aka CID-54ffccbf053b.
CVE-2019-20934Nov 28, 2020
affected < 1-4.3.1fixed 1-4.3.1
An issue was discovered in the Linux kernel before 5.2.6. On NUMA systems, the Linux fair scheduler has a use-after-free in show_numa_stats() because NUMA fault statistics are inappropriately freed, aka CID-16d51a590a8c.
CVE-2020-15437Nov 23, 2020
affected < 1-4.3.1fixed 1-4.3.1
The Linux kernel before version 5.8 is vulnerable to a NULL pointer dereference in drivers/tty/serial/8250/8250_core.c:serial8250_isa_init_ports() that allows local users to cause a denial of service by using the p->serial_in pointer which uninitialized.
CVE-2020-15436Nov 23, 2020
affected < 1-4.3.1fixed 1-4.3.1
Use-after-free vulnerability in fs/block_dev.c in the Linux kernel before 5.8 allows local users to gain privileges or cause a denial of service by leveraging improper access to a certain error field.
CVE-2020-28974Nov 20, 2020
affected < 1-4.3.1fixed 1-4.3.1
A slab-out-of-bounds read in fbcon in the Linux kernel before 5.9.7 could be used by local attackers to read privileged information or potentially crash the kernel, aka CID-3c4e0dff2095. This occurs because KD_FONT_OP_COPY in drivers/tty/vt/vt.c can be used for manipulations such
CVE-2020-4788Nov 20, 2020
affected < 1-4.3.1fixed 1-4.3.1
IBM Power9 (AIX 7.1, 7.2, and VIOS 3.1) processors could allow a local user to obtain sensitive information from the data in the L1 cache under extenuating circumstances. IBM X-Force ID: 189296.
CVE-2020-28915Nov 18, 2020
affected < 1-4.3.1fixed 1-4.3.1
A buffer over-read (at the framebuffer layer) in the fbcon code in the Linux kernel before 5.8.15 could be used by local attackers to read kernel memory, aka CID-6735b4632def.
CVE-2020-25645Oct 13, 2020
affected < 2-2.2fixed 2-2.2
A flaw was found in the Linux kernel in versions before 5.9-rc7. Traffic between two Geneve endpoints may be unencrypted when IPsec is configured to encrypt traffic for the specific UDP port used by the GENEVE tunnel allowing anyone between the two endpoints to read the traffic u
CVE-2020-0429Sep 17, 2020
affected < 2-2.2fixed 2-2.2
In l2tp_session_delete and related functions of l2tp_core.c, there is possible memory corruption due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVers
CVE-2020-25285Sep 13, 2020
affected < 1-4.3.1fixed 1-4.3.1
A race condition between hugetlb sysctl handlers in mm/hugetlb.c in the Linux kernel before 5.8.8 could be used by local attackers to corrupt memory, cause a NULL pointer dereference, or possibly have unspecified other impact, aka CID-17743798d812.

Page 3 of 4