rpm package
suse/kgraft-patch-SLE12-SP5_Update_35&distro=SUSE Linux Enterprise Live Patching 12 SP5
pkg:rpm/suse/kgraft-patch-SLE12-SP5_Update_35&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2012%20SP5
Vulnerabilities (26)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2022-20368 | — | < 1-8.3.1 | 1-8.3.1 | Aug 11, 2022 | Product: AndroidVersions: Android kernelAndroid ID: A-224546354References: Upstream kernel | ||
| CVE-2022-20369 | — | < 1-8.3.1 | 1-8.3.1 | Aug 11, 2022 | In v4l2_m2m_querybuf of v4l2-mem2mem.c, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: An | ||
| CVE-2022-36879 | — | < 1-8.3.1 | 1-8.3.1 | Jul 27, 2022 | An issue was discovered in the Linux kernel through 5.18.14. xfrm_expand_policies in net/xfrm/xfrm_policy.c can cause a refcount to be dropped twice. | ||
| CVE-2022-29581 | — | < 1-8.3.1 | 1-8.3.1 | May 17, 2022 | Improper Update of Reference Count vulnerability in net/sched of Linux Kernel allows local attacker to cause privilege escalation to root. This issue affects: Linux Kernel versions prior to 5.18; version 4.14 and later versions. | ||
| CVE-2021-4203 | — | < 1-8.3.1 | 1-8.3.1 | Mar 25, 2022 | A use-after-free read flaw was found in sock_getsockopt() in net/core/sock.c due to SO_PEERCRED and SO_PEERGROUPS race with listen() (and connect()) in the Linux kernel. In this flaw, an attacker with a user privileges may crash the system or leak internal kernel information. | ||
| CVE-2020-36516 | — | < 1-8.3.1 | 1-8.3.1 | Feb 26, 2022 | An issue was discovered in the Linux kernel through 5.16.11. The mixed IPID assignment method with the hash-based IPID assignment policy allows an off-path attacker to inject data into a victim's TCP session or terminate that session. |
- CVE-2022-20368Aug 11, 2022affected < 1-8.3.1fixed 1-8.3.1
Product: AndroidVersions: Android kernelAndroid ID: A-224546354References: Upstream kernel
- CVE-2022-20369Aug 11, 2022affected < 1-8.3.1fixed 1-8.3.1
In v4l2_m2m_querybuf of v4l2-mem2mem.c, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: An
- CVE-2022-36879Jul 27, 2022affected < 1-8.3.1fixed 1-8.3.1
An issue was discovered in the Linux kernel through 5.18.14. xfrm_expand_policies in net/xfrm/xfrm_policy.c can cause a refcount to be dropped twice.
- CVE-2022-29581May 17, 2022affected < 1-8.3.1fixed 1-8.3.1
Improper Update of Reference Count vulnerability in net/sched of Linux Kernel allows local attacker to cause privilege escalation to root. This issue affects: Linux Kernel versions prior to 5.18; version 4.14 and later versions.
- CVE-2021-4203Mar 25, 2022affected < 1-8.3.1fixed 1-8.3.1
A use-after-free read flaw was found in sock_getsockopt() in net/core/sock.c due to SO_PEERCRED and SO_PEERGROUPS race with listen() (and connect()) in the Linux kernel. In this flaw, an attacker with a user privileges may crash the system or leak internal kernel information.
- CVE-2020-36516Feb 26, 2022affected < 1-8.3.1fixed 1-8.3.1
An issue was discovered in the Linux kernel through 5.16.11. The mixed IPID assignment method with the hash-based IPID assignment policy allows an off-path attacker to inject data into a victim's TCP session or terminate that session.
Page 2 of 2