VYPR

rpm package

suse/kgraft-patch-SLE12-SP4_Update_17&distro=SUSE Linux Enterprise Live Patching 12 SP4

pkg:rpm/suse/kgraft-patch-SLE12-SP4_Update_17&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2012%20SP4

Vulnerabilities (64)

  • CVE-2020-0404MedSep 17, 2020
    affected < 1-6.5.1fixed 1-6.5.1

    In uvc_scan_chain_forward of uvc_driver.c, there is a possible linked list corruption due to an unusual root cause. This could lead to local escalation of privilege in the kernel with no additional execution privileges needed. User interaction is not needed for exploitation.Produ

  • CVE-2020-25285MedSep 13, 2020
    affected < 1-6.5.1fixed 1-6.5.1

    A race condition between hugetlb sysctl handlers in mm/hugetlb.c in the Linux kernel before 5.8.8 could be used by local attackers to corrupt memory, cause a NULL pointer dereference, or possibly have unspecified other impact, aka CID-17743798d812.

  • CVE-2020-25284MedSep 13, 2020
    affected < 1-6.5.1fixed 1-6.5.1

    The rbd block device driver in drivers/block/rbd.c in the Linux kernel through 5.8.9 used incomplete permission checking for access to rbd devices, which could be leveraged by local attackers to map or unmap rbd block devices, aka CID-f44d04e696fe.

  • CVE-2020-25212HigSep 9, 2020
    affected < 1-6.5.1fixed 1-6.5.1

    A TOCTOU mismatch in the NFS client code in the Linux kernel before 5.8.3 could be used by local attackers to corrupt memory or possibly have unspecified other impact because a size check is in fs/nfs/nfs4proc.c instead of fs/nfs/nfs4xdr.c, aka CID-b4487b935452.

Page 4 of 4