VYPR

rpm package

suse/kgraft-patch-SLE12-SP4_Update_30&distro=SUSE Linux Enterprise Live Patching 12 SP4

pkg:rpm/suse/kgraft-patch-SLE12-SP4_Update_30&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2012%20SP4

Vulnerabilities (30)

  • CVE-2022-26373Aug 18, 2022
    affected < 1-6.3.1fixed 1-6.3.1

    Non-transparent sharing of return predictor targets between contexts in some Intel(R) Processors may allow an authorized user to potentially enable information disclosure via local access.

  • CVE-2022-20368Aug 11, 2022
    affected < 1-6.3.1fixed 1-6.3.1

    Product: AndroidVersions: Android kernelAndroid ID: A-224546354References: Upstream kernel

  • CVE-2022-20369Aug 11, 2022
    affected < 1-6.3.1fixed 1-6.3.1

    In v4l2_m2m_querybuf of v4l2-mem2mem.c, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: An

  • CVE-2022-36879Jul 27, 2022
    affected < 1-6.3.1fixed 1-6.3.1

    An issue was discovered in the Linux kernel through 5.18.14. xfrm_expand_policies in net/xfrm/xfrm_policy.c can cause a refcount to be dropped twice.

  • CVE-2022-36946Jul 27, 2022
    affected < 1-6.3.1fixed 1-6.3.1

    nfqnl_mangle in net/netfilter/nfnetlink_queue.c in the Linux kernel through 5.18.14 allows remote attackers to cause a denial of service (panic) because, in the case of an nf_queue verdict with a one-byte nfta_payload attribute, an skb_pull can encounter a negative skb->len.

  • CVE-2020-36557Jul 21, 2022
    affected < 1-6.3.1fixed 1-6.3.1

    A race condition in the Linux kernel before 5.6.2 between the VT_DISALLOCATE ioctl and closing/opening of ttys could lead to a use-after-free.

  • CVE-2020-36558Jul 21, 2022
    affected < 1-6.3.1fixed 1-6.3.1

    A race condition in the Linux kernel before 5.5.7 involving VT_RESIZEX could lead to a NULL pointer dereference and general protection fault.

  • CVE-2022-20166Jun 15, 2022
    affected < 1-6.3.1fixed 1-6.3.1

    In various methods of kernel base drivers, there is a possible out of bounds write due to a heap buffer overflow. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: An

  • CVE-2021-4203Mar 25, 2022
    affected < 1-6.3.1fixed 1-6.3.1

    A use-after-free read flaw was found in sock_getsockopt() in net/core/sock.c due to SO_PEERCRED and SO_PEERGROUPS race with listen() (and connect()) in the Linux kernel. In this flaw, an attacker with a user privileges may crash the system or leak internal kernel information.

  • CVE-2020-36516Feb 26, 2022
    affected < 1-6.3.1fixed 1-6.3.1

    An issue was discovered in the Linux kernel through 5.16.11. The mixed IPID assignment method with the hash-based IPID assignment policy allows an off-path attacker to inject data into a victim's TCP session or terminate that session.

Page 2 of 2