VYPR

rpm package

suse/kgraft-patch-SLE12-SP5_Update_6&distro=SUSE Linux Enterprise Live Patching 12 SP5

pkg:rpm/suse/kgraft-patch-SLE12-SP5_Update_6&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2012%20SP5

Vulnerabilities (40)

  • CVE-2020-27786Dec 11, 2020
    affected < 9-2.2fixed 9-2.2

    A flaw was found in the Linux kernel’s implementation of MIDI, where an attacker with a local account and the permissions to issue ioctl commands to midi devices could trigger a use-after-free issue. A write to this specific memory while freed and before use causes the flow of ex

  • CVE-2020-29660Dec 9, 2020
    affected < 6-2.2fixed 6-2.2

    A locking inconsistency issue was discovered in the tty subsystem of the Linux kernel through 5.9.13. drivers/tty/tty_io.c and drivers/tty/tty_jobctrl.c may allow a read-after-free attack against TIOCGSID, aka CID-c8bcd9c5be24.

  • CVE-2020-29661Dec 9, 2020
    affected < 6-2.2fixed 6-2.2

    A locking issue was discovered in the tty subsystem of the Linux kernel through 5.9.13. drivers/tty/tty_jobctrl.c allows a use-after-free attack against TIOCSPGRP, aka CID-54ffccbf053b.

  • CVE-2020-14381Dec 3, 2020
    affected < 3-2.2fixed 3-2.2

    A flaw was found in the Linux kernel’s futex implementation. This flaw allows a local attacker to corrupt system memory or escalate their privileges when creating a futex on a filesystem that is about to be unmounted. The highest threat from this vulnerability is to confidentiali

  • CVE-2020-29368Nov 28, 2020
    affected < 6-2.2fixed 6-2.2

    An issue was discovered in __split_huge_pmd in mm/huge_memory.c in the Linux kernel before 5.7.5. The copy-on-write implementation can grant unintended write access because of a race condition in a THP mapcount check, aka CID-c444eb564fb1.

  • CVE-2020-12351Nov 23, 2020
    affected < 4-2.2fixed 4-2.2

    Improper input validation in BlueZ may allow an unauthenticated user to potentially enable escalation of privilege via adjacent access.

  • CVE-2020-25705Nov 17, 2020
    affected < 5-2.2fixed 5-2.2

    A flaw in ICMP packets in the Linux kernel may allow an attacker to quickly scan open UDP ports. This flaw allows an off-path remote attacker to effectively bypass source port UDP randomization. Software that relies on UDP source port randomization are indirectly affected as well

  • CVE-2020-8694Nov 12, 2020
    affected < 5-2.2fixed 5-2.2

    Insufficient access control in the Linux kernel driver for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.

  • CVE-2020-25645Oct 13, 2020
    affected < 4-2.2fixed 4-2.2

    A flaw was found in the Linux kernel in versions before 5.9-rc7. Traffic between two Geneve endpoints may be unencrypted when IPsec is configured to encrypt traffic for the specific UDP port used by the GENEVE tunnel allowing anyone between the two endpoints to read the traffic u

  • CVE-2020-14386Sep 16, 2020
    affected < 3-2.2fixed 3-2.2

    A flaw was found in the Linux kernel before 5.9-rc4. Memory corruption can be exploited to gain root privileges from unprivileged processes. The highest threat from this vulnerability is to data confidentiality and integrity.

  • CVE-2020-10768Sep 15, 2020
    affected < 1-8.3.1fixed 1-8.3.1

    A flaw was found in the Linux Kernel before 5.8-rc1 in the prctl() function, where it can be used to enable indirect branch speculation after it has been disabled. This call incorrectly reports it as being 'force disabled' when it is not and opens the system to Spectre v2 attacks

  • CVE-2020-10767Sep 15, 2020
    affected < 1-8.3.1fixed 1-8.3.1

    A flaw was found in the Linux kernel before 5.8-rc1 in the implementation of the Enhanced IBPB (Indirect Branch Prediction Barrier). The IBPB mitigation will be disabled when STIBP is not available or when the Enhanced Indirect Branch Restricted Speculation (IBRS) is available. T

  • CVE-2020-10766Sep 15, 2020
    affected < 1-8.3.1fixed 1-8.3.1

    A logic bug flaw was found in Linux kernel before 5.8-rc1 in the implementation of SSBD. A bug in the logic handling allows an attacker with a local account to disable SSBD protection during a context switch when additional speculative execution mitigations are in place. This iss

  • CVE-2020-14331Sep 15, 2020
    affected < 2-2.2fixed 2-2.2

    A flaw was found in the Linux kernel’s implementation of the invert video code on VGA consoles when a local attacker attempts to resize the console, calling an ioctl VT_RESIZE, which causes an out-of-bounds write to occur. This flaw allows a local user with access to the VGA cons

  • CVE-2020-25212Sep 9, 2020
    affected < 3-2.2fixed 3-2.2

    A TOCTOU mismatch in the NFS client code in the Linux kernel before 5.8.3 could be used by local attackers to corrupt memory or possibly have unspecified other impact because a size check is in fs/nfs/nfs4proc.c instead of fs/nfs/nfs4xdr.c, aka CID-b4487b935452.

  • CVE-2020-1749Sep 9, 2020
    affected < 2-2.2fixed 2-2.2

    A flaw was found in the Linux kernel's implementation of some networking protocols in IPsec, such as VXLAN and GENEVE tunnels over IPv6. When an encrypted tunnel is created between two hosts, the kernel isn't correctly routing tunneled data over the encrypted link; rather sending

  • CVE-2020-24394Aug 19, 2020
    affected < 3-2.2fixed 3-2.2

    In the Linux kernel before 5.7.8, fs/nfsd/vfs.c (in the NFS server) can set incorrect permissions on new filesystem objects when the filesystem lacks ACL support, aka CID-22cf8419f131. This occurs because the current umask is not considered.

  • CVE-2020-15780Jul 15, 2020
    affected < 2-2.2fixed 2-2.2

    An issue was discovered in drivers/acpi/acpi_configfs.c in the Linux kernel before 5.7.7. Injection of malicious ACPI tables via configfs could be used by attackers to bypass lockdown and secure boot restrictions, aka CID-75b0cea7bf30.

  • CVE-2020-13974Jun 9, 2020
    affected < 1-8.3.1fixed 1-8.3.1

    An issue was discovered in the Linux kernel 4.4 through 5.7.1. drivers/tty/vt/keyboard.c has an integer overflow if k_ascii is called several times in a row, aka CID-b86dab054059. NOTE: Members in the community argue that the integer overflow does not lead to a security issue in

  • CVE-2019-20810Jun 2, 2020
    affected < 1-8.3.1fixed 1-8.3.1

    go7007_snd_init in drivers/media/usb/go7007/snd-go7007.c in the Linux kernel before 5.6 does not call snd_card_free for a failure path, which causes a memory leak, aka CID-9453264ef586.

Page 2 of 2