rpm package
suse/kgraft-patch-SLE12-SP5_Update_17&distro=SUSE Linux Enterprise Live Patching 12 SP5
pkg:rpm/suse/kgraft-patch-SLE12-SP5_Update_17&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2012%20SP5
Vulnerabilities (67)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2021-3653 | — | < 7-2.2 | 7-2.2 | Sep 29, 2021 | A flaw was found in the KVM's AMD code for supporting SVM nested virtualization. The flaw occurs when processing the VMCB (virtual machine control block) provided by the L1 guest to spawn/handle a nested guest (L2). Due to improper validation of the "int_ctl" field, this issue co | ||
| CVE-2021-3573 | — | < 8-2.1 | 8-2.1 | Aug 13, 2021 | A use-after-free in function hci_sock_bound_ioctl() of the Linux kernel HCI subsystem was found in the way user calls ioct HCIUNBLOCKADDR or other way triggers race condition of the call hci_unregister_dev() together with one of the calls hci_sock_blacklist_add(), hci_sock_blackl | ||
| CVE-2021-38198 | — | < 7-2.2 | 7-2.2 | Aug 8, 2021 | arch/x86/kvm/mmu/paging_tmpl.h in the Linux kernel before 5.12.11 incorrectly computes the access permissions of a shadow page, leading to a missing guest protection page fault. | ||
| CVE-2021-38160 | — | < 8-2.1 | 8-2.1 | Aug 7, 2021 | In drivers/char/virtio_console.c in the Linux kernel before 5.13.4, data corruption or loss can be triggered by an untrusted device that supplies a buf->len value exceeding the buffer size. NOTE: the vendor indicates that the cited data corruption is not a vulnerability in any ex | ||
| CVE-2021-37576 | — | < 6-2.1 | 6-2.1 | Jul 26, 2021 | arch/powerpc/kvm/book3s_rtas.c in the Linux kernel through 5.13.5 on the powerpc platform allows KVM guest OS users to cause host OS memory corruption via rtas_args.nargs, aka CID-f62f3c20647e. | ||
| CVE-2021-33909 | — | < 5-2.1 | 5-2.1 | Jul 20, 2021 | fs/seq_file.c in the Linux kernel 3.16 through 5.13.x before 5.13.4 does not properly restrict seq buffer allocations, leading to an integer overflow, an Out-of-bounds Write, and escalation to root by an unprivileged user, aka CID-8cae8cd89f05. | ||
| CVE-2021-22555 | — | KEV | < 5-2.1 | 5-2.1 | Jul 7, 2021 | A heap out-of-bounds write affecting Linux since v2.6.19-rc1 was discovered in net/netfilter/x_tables.c. This allows an attacker to gain privileges or cause a DoS (via heap memory corruption) through user name space | |
| CVE-2020-36385 | — | < 5-2.1 | 5-2.1 | Jun 7, 2021 | An issue was discovered in the Linux kernel before 5.10. drivers/infiniband/core/ucma.c has a use-after-free because the ctx is reached via the ctx_list in some ucma_migrate_id situations where ucma_close is called, aka CID-f5449e74802c. | ||
| CVE-2020-27815 | — | < 1-8.3.2 | 1-8.3.2 | May 26, 2021 | A flaw was found in the JFS filesystem code in the Linux Kernel which allows a local attacker with the ability to set extended attributes to panic the system, causing memory corruption or escalating privileges. The highest threat from this vulnerability is to confidentiality, int | ||
| CVE-2020-25673 | — | < 1-8.3.2 | 1-8.3.2 | May 26, 2021 | A vulnerability was found in Linux kernel where non-blocking socket in llcp_sock_connect() leads to leak and eventually hanging-up the system. | ||
| CVE-2020-25671 | — | < 1-8.3.2 | 1-8.3.2 | May 26, 2021 | A vulnerability was found in Linux Kernel, where a refcount leak in llcp_sock_connect() causing use-after-free which might lead to privilege escalations. | ||
| CVE-2021-22543 | — | < 6-2.1 | 6-2.1 | May 26, 2021 | An issue was discovered in Linux: KVM through Improper handling of VM_IO|VM_PFNMAP vmas in KVM can bypass RO checks and can lead to pages being freed while still accessible by the VMM and guest. This allows users with the ability to start and control a VM to read/write random pag | ||
| CVE-2020-25670 | — | < 1-8.3.2 | 1-8.3.2 | May 26, 2021 | A vulnerability was found in Linux Kernel where refcount leak in llcp_sock_bind() causing use-after-free which might lead to privilege escalations. | ||
| CVE-2020-25672 | — | < 1-8.3.2 | 1-8.3.2 | May 25, 2021 | A memory leak vulnerability was found in Linux kernel in llcp_sock_connect | ||
| CVE-2021-3483 | — | < 1-8.3.2 | 1-8.3.2 | May 17, 2021 | A flaw was found in the Nosy driver in the Linux kernel. This issue allows a device to be inserted twice into a doubly-linked list, leading to a use-after-free when one of these devices is removed. The highest threat from this vulnerability is to confidentiality, integrity, as we | ||
| CVE-2021-33034 | — | < 3-2.1 | 3-2.1 | May 14, 2021 | In the Linux kernel before 5.12.4, net/bluetooth/hci_event.c has a use-after-free when destroying an hci_chan, aka CID-5c4c8c954409. This leads to writing an arbitrary value. | ||
| CVE-2021-23134 | — | < 3-2.1 | 3-2.1 | May 12, 2021 | Use After Free vulnerability in nfc sockets in the Linux Kernel before 5.12.4 allows local attackers to elevate their privileges. In typical configurations, the issue can only be triggered by a privileged local user with the CAP_NET_RAW capability. | ||
| CVE-2021-32399 | — | < 3-2.1 | 3-2.1 | May 10, 2021 | net/bluetooth/hci_request.c in the Linux kernel through 5.12.2 has a race condition for removal of the HCI controller. | ||
| CVE-2020-35519 | — | < 1-8.3.2 | 1-8.3.2 | May 6, 2021 | An out-of-bounds (OOB) memory access flaw was found in x25_bind in net/x25/af_x25.c in the Linux kernel version v5.12-rc5. A bounds check failure allows a local attacker with a user account on the system to gain access to out-of-bounds memory, leading to a system crash or a leak | ||
| CVE-2021-23133 | — | < 4-2.2 | 4-2.2 | Apr 22, 2021 | A race condition in Linux kernel SCTP sockets (net/sctp/socket.c) before 5.12-rc8 can lead to kernel privilege escalation from the context of a network service or an unprivileged process. If sctp_destroy_sock is called without sock_net(sk)->sctp.addr_wq_lock then an element is re |
- CVE-2021-3653Sep 29, 2021affected < 7-2.2fixed 7-2.2
A flaw was found in the KVM's AMD code for supporting SVM nested virtualization. The flaw occurs when processing the VMCB (virtual machine control block) provided by the L1 guest to spawn/handle a nested guest (L2). Due to improper validation of the "int_ctl" field, this issue co
- CVE-2021-3573Aug 13, 2021affected < 8-2.1fixed 8-2.1
A use-after-free in function hci_sock_bound_ioctl() of the Linux kernel HCI subsystem was found in the way user calls ioct HCIUNBLOCKADDR or other way triggers race condition of the call hci_unregister_dev() together with one of the calls hci_sock_blacklist_add(), hci_sock_blackl
- CVE-2021-38198Aug 8, 2021affected < 7-2.2fixed 7-2.2
arch/x86/kvm/mmu/paging_tmpl.h in the Linux kernel before 5.12.11 incorrectly computes the access permissions of a shadow page, leading to a missing guest protection page fault.
- CVE-2021-38160Aug 7, 2021affected < 8-2.1fixed 8-2.1
In drivers/char/virtio_console.c in the Linux kernel before 5.13.4, data corruption or loss can be triggered by an untrusted device that supplies a buf->len value exceeding the buffer size. NOTE: the vendor indicates that the cited data corruption is not a vulnerability in any ex
- CVE-2021-37576Jul 26, 2021affected < 6-2.1fixed 6-2.1
arch/powerpc/kvm/book3s_rtas.c in the Linux kernel through 5.13.5 on the powerpc platform allows KVM guest OS users to cause host OS memory corruption via rtas_args.nargs, aka CID-f62f3c20647e.
- CVE-2021-33909Jul 20, 2021affected < 5-2.1fixed 5-2.1
fs/seq_file.c in the Linux kernel 3.16 through 5.13.x before 5.13.4 does not properly restrict seq buffer allocations, leading to an integer overflow, an Out-of-bounds Write, and escalation to root by an unprivileged user, aka CID-8cae8cd89f05.
- affected < 5-2.1fixed 5-2.1
A heap out-of-bounds write affecting Linux since v2.6.19-rc1 was discovered in net/netfilter/x_tables.c. This allows an attacker to gain privileges or cause a DoS (via heap memory corruption) through user name space
- CVE-2020-36385Jun 7, 2021affected < 5-2.1fixed 5-2.1
An issue was discovered in the Linux kernel before 5.10. drivers/infiniband/core/ucma.c has a use-after-free because the ctx is reached via the ctx_list in some ucma_migrate_id situations where ucma_close is called, aka CID-f5449e74802c.
- CVE-2020-27815May 26, 2021affected < 1-8.3.2fixed 1-8.3.2
A flaw was found in the JFS filesystem code in the Linux Kernel which allows a local attacker with the ability to set extended attributes to panic the system, causing memory corruption or escalating privileges. The highest threat from this vulnerability is to confidentiality, int
- CVE-2020-25673May 26, 2021affected < 1-8.3.2fixed 1-8.3.2
A vulnerability was found in Linux kernel where non-blocking socket in llcp_sock_connect() leads to leak and eventually hanging-up the system.
- CVE-2020-25671May 26, 2021affected < 1-8.3.2fixed 1-8.3.2
A vulnerability was found in Linux Kernel, where a refcount leak in llcp_sock_connect() causing use-after-free which might lead to privilege escalations.
- CVE-2021-22543May 26, 2021affected < 6-2.1fixed 6-2.1
An issue was discovered in Linux: KVM through Improper handling of VM_IO|VM_PFNMAP vmas in KVM can bypass RO checks and can lead to pages being freed while still accessible by the VMM and guest. This allows users with the ability to start and control a VM to read/write random pag
- CVE-2020-25670May 26, 2021affected < 1-8.3.2fixed 1-8.3.2
A vulnerability was found in Linux Kernel where refcount leak in llcp_sock_bind() causing use-after-free which might lead to privilege escalations.
- CVE-2020-25672May 25, 2021affected < 1-8.3.2fixed 1-8.3.2
A memory leak vulnerability was found in Linux kernel in llcp_sock_connect
- CVE-2021-3483May 17, 2021affected < 1-8.3.2fixed 1-8.3.2
A flaw was found in the Nosy driver in the Linux kernel. This issue allows a device to be inserted twice into a doubly-linked list, leading to a use-after-free when one of these devices is removed. The highest threat from this vulnerability is to confidentiality, integrity, as we
- CVE-2021-33034May 14, 2021affected < 3-2.1fixed 3-2.1
In the Linux kernel before 5.12.4, net/bluetooth/hci_event.c has a use-after-free when destroying an hci_chan, aka CID-5c4c8c954409. This leads to writing an arbitrary value.
- CVE-2021-23134May 12, 2021affected < 3-2.1fixed 3-2.1
Use After Free vulnerability in nfc sockets in the Linux Kernel before 5.12.4 allows local attackers to elevate their privileges. In typical configurations, the issue can only be triggered by a privileged local user with the CAP_NET_RAW capability.
- CVE-2021-32399May 10, 2021affected < 3-2.1fixed 3-2.1
net/bluetooth/hci_request.c in the Linux kernel through 5.12.2 has a race condition for removal of the HCI controller.
- CVE-2020-35519May 6, 2021affected < 1-8.3.2fixed 1-8.3.2
An out-of-bounds (OOB) memory access flaw was found in x25_bind in net/x25/af_x25.c in the Linux kernel version v5.12-rc5. A bounds check failure allows a local attacker with a user account on the system to gain access to out-of-bounds memory, leading to a system crash or a leak
- CVE-2021-23133Apr 22, 2021affected < 4-2.2fixed 4-2.2
A race condition in Linux kernel SCTP sockets (net/sctp/socket.c) before 5.12-rc8 can lead to kernel privilege escalation from the context of a network service or an unprivileged process. If sctp_destroy_sock is called without sock_net(sk)->sctp.addr_wq_lock then an element is re
Page 2 of 4