VYPR

rpm package

suse/kgraft-patch-SLE12-SP5_Update_15&distro=SUSE Linux Enterprise Live Patching 12 SP5

pkg:rpm/suse/kgraft-patch-SLE12-SP5_Update_15&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2012%20SP5

Vulnerabilities (48)

  • CVE-2021-0342Jan 11, 2021
    affected < 1-8.3.1fixed 1-8.3.1

    In tun_get_user of tun.c, there is possible memory corruption due to a use after free. This could lead to local escalation of privilege with System execution privileges required. User interaction is not required for exploitation. Product: Android; Versions: Android kernel; Androi

  • CVE-2020-27835Jan 7, 2021
    affected < 1-8.3.1fixed 1-8.3.1

    A use after free in the Linux kernel infiniband hfi1 driver in versions prior to 5.10-rc6 was found in the way user calls Ioctl after open dev file and fork. A local user could use this flaw to crash the system.

  • CVE-2020-29569Dec 15, 2020
    affected < 1-8.3.1fixed 1-8.3.1

    An issue was discovered in the Linux kernel through 5.10.1, as used with Xen through 4.14.x. The Linux kernel PV block backend expects the kernel thread handler to reset ring->xenblkd to NULL when stopped. However, the handler may not have time to run if the frontend quickly togg

  • CVE-2020-29568Dec 15, 2020
    affected < 1-8.3.1fixed 1-8.3.1

    An issue was discovered in Xen through 4.14.x. Some OSes (such as Linux, FreeBSD, and NetBSD) are processing watch events using a single thread. If the events are received faster than the thread is able to handle, they will get queued. As the queue is unbounded, a guest may be ab

  • CVE-2020-27786Dec 11, 2020
    affected < 2-2.2fixed 2-2.2

    A flaw was found in the Linux kernel’s implementation of MIDI, where an attacker with a local account and the permissions to issue ioctl commands to midi devices could trigger a use-after-free issue. A write to this specific memory while freed and before use causes the flow of ex

  • CVE-2020-29368Nov 28, 2020
    affected < 2-2.2fixed 2-2.2

    An issue was discovered in __split_huge_pmd in mm/huge_memory.c in the Linux kernel before 5.7.5. The copy-on-write implementation can grant unintended write access because of a race condition in a THP mapcount check, aka CID-c444eb564fb1.

  • CVE-2020-25211Sep 9, 2020
    affected < 1-8.3.1fixed 1-8.3.1

    In the Linux kernel through 5.8.7, local attackers able to inject conntrack netlink configuration could overflow a local buffer, causing crashes or triggering use of incorrect protocol numbers in ctnetlink_parse_tuple_filter in net/netfilter/nf_conntrack_netlink.c, aka CID-1cc5ef

  • CVE-2020-3702Sep 8, 2020
    affected < 14-2.2fixed 14-2.2

    u'Specifically timed and handcrafted traffic can cause internal errors in a WLAN device that lead to improper layer 2 Wi-Fi encryption with a consequent possibility of information disclosure over the air for a discrete set of traffic' in Snapdragon Auto, Snapdragon Compute, Snapd

Page 3 of 3