VYPR

rpm package

suse/kgraft-patch-SLE12-SP4_Update_17&distro=SUSE Linux Enterprise Live Patching 12 SP4

pkg:rpm/suse/kgraft-patch-SLE12-SP4_Update_17&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2012%20SP4

Vulnerabilities (64)

  • CVE-2020-0427Sep 17, 2020
    affected < 1-6.5.1fixed 1-6.5.1

    In create_pinctrl of core.c, there is a possible out of bounds read due to a use after free. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAnd

  • CVE-2020-25284Sep 13, 2020
    affected < 1-6.5.1fixed 1-6.5.1

    The rbd block device driver in drivers/block/rbd.c in the Linux kernel through 5.8.9 used incomplete permission checking for access to rbd devices, which could be leveraged by local attackers to map or unmap rbd block devices, aka CID-f44d04e696fe.

  • CVE-2020-25285Sep 13, 2020
    affected < 1-6.5.1fixed 1-6.5.1

    A race condition between hugetlb sysctl handlers in mm/hugetlb.c in the Linux kernel before 5.8.8 could be used by local attackers to corrupt memory, cause a NULL pointer dereference, or possibly have unspecified other impact, aka CID-17743798d812.

  • CVE-2020-25212Sep 9, 2020
    affected < 1-6.5.1fixed 1-6.5.1

    A TOCTOU mismatch in the NFS client code in the Linux kernel before 5.8.3 could be used by local attackers to corrupt memory or possibly have unspecified other impact because a size check is in fs/nfs/nfs4proc.c instead of fs/nfs/nfs4xdr.c, aka CID-b4487b935452.

Page 4 of 4