kgraft-patch-SLE12-SP5_Update_22 (SUSE:Linux Enterprise Live Patching 12 SP5) — known CVEs & security advisories
Known CVE vulnerabilities and GitHub Security Advisories affecting the SUSE:Linux Enterprise Live Patching 12 SP5 package kgraft-patch-SLE12-SP5_Update_22, with affected version ranges, CVSS severity, EPSS exploit prediction, and CISA KEV status.
CVEs (41)
CVE-2021-3656 — CVSS 8.8 (high): A flaw was found in the KVM's AMD code for supporting SVM nested virtualization. The flaw occurs when processing the VMCB (virtual machine…
CVE-2022-0435 — CVSS 8.8 (high): A stack overflow flaw was found in the Linux kernel's TIPC protocol functionality in the way a user sends a packet with malicious content…
CVE-2021-3653 — CVSS 8.8 (high): A flaw was found in the KVM's AMD code for supporting SVM nested virtualization. The flaw occurs when processing the VMCB (virtual machine…
CVE-2022-1011 — CVSS 7.8 (high): A use-after-free flaw was found in the Linux kernel’s FUSE filesystem in the way a user triggers write(). This flaw allows a local user…
CVE-2021-22543 — CVSS 7.8 (high): An issue was discovered in Linux: KVM through Improper handling of VM_IO|VM_PFNMAP vmas in KVM can bypass RO checks and can lead to pages…
CVE-2022-27666 — CVSS 7.8 (high): A heap buffer overflow flaw was found in IPsec ESP transformation code in net/ipv4/esp4.c and net/ipv6/esp6.c. This flaw allows a local…
CVE-2022-1419 — CVSS 7.8 (high): The root cause of this vulnerability is that the ioctl$DRM_IOCTL_MODE_DESTROY_DUMB can decrease refcount of *drm_vgem_gem_object *(created…
CVE-2022-28390 — CVSS 7.8 (high): ems_usb_start_xmit in drivers/net/can/usb/ems_usb.c in the Linux kernel through 5.17.1 has a double free.
CVE-2022-0330 — CVSS 7.8 (high): A random memory access flaw was found in the Linux kernel's GPU i915 kernel driver functionality in the way a user may run malicious code…
CVE-2022-30594 — CVSS 7.8 (high): The Linux kernel before 5.17.2 mishandles seccomp permissions. The PTRACE_SEIZE code path allows attackers to bypass intended restrictions…
CVE-2022-22942 — CVSS 7.8 (high): The vmwgfx driver contains a local privilege escalation vulnerability that allows unprivileged users to gain access to files opened by…
CVE-2022-1679 — CVSS 7.8 (high): A use-after-free flaw was found in the Linux kernel’s Atheros wireless adapter driver in the way a user forces the ath9k_htc_wait_for_targ…
CVE-2021-41864 — CVSS 7.8 (high): prealloc_elems_and_freelist in kernel/bpf/stackmap.c in the Linux kernel before 5.14.12 allows unprivileged users to trigger an eBPF…
CVE-2022-26490 — CVSS 7.8 (high): st21nfca_connectivity_event_received in drivers/nfc/st21nfca/se.c in the Linux kernel through 5.16.12 has EVT_TRANSACTION buffer overflows…
CVE-2021-37576 — CVSS 7.8 (high): arch/powerpc/kvm/book3s_rtas.c in the Linux kernel through 5.13.5 on the powerpc platform allows KVM guest OS users to cause host OS memory…
CVE-2021-20322 — CVSS 7.4 (high): A flaw in the processing of received ICMP errors (ICMP fragment needed and ICMP redirect) in the Linux kernel functionality was found to…
CVE-2020-36386 — CVSS 7.1 (high): An issue was discovered in the Linux kernel before 5.8.1. net/bluetooth/hci_event.c has a slab out-of-bounds read in hci_extended_inquiry_re…
CVE-2021-3752 — CVSS 7.1 (high): A use-after-free flaw was found in the Linux kernel’s Bluetooth subsystem in the way user calls connect to the socket and disconnect…
CVE-2022-1734 — CVSS 7.0 (high): A flaw in Linux Kernel found in nfcmrvl_nci_unregister_dev() in drivers/nfc/nfcmrvl/main.c can lead to use after free both read or write…
CVE-2022-1729 — CVSS 7.0 (high): A race condition was found the Linux kernel in perf_event_open() which can be exploited by an unprivileged user to gain root privileges…
CVE-2021-3640 — CVSS 7.0 (high): A flaw use-after-free in function sco_sock_sendmsg() of the Linux kernel HCI subsystem was found in the way user calls ioct UFFDIO_REGISTER…
CVE-2021-4083 — CVSS 7.0 (high): A read-after-free memory flaw was found in the Linux kernel's garbage collection for Unix domain socket file handlers in the way users call…
CVE-2021-4202 — CVSS 7.0 (high): A use-after-free flaw was found in nci_request in net/nfc/nci/core.c in NFC Controller Interface (NCI) in the Linux kernel. This flaw could…
CVE-2022-20141 — CVSS 7.0 (high): In ip_check_mc_rcu of igmp.c, there is a possible use after free due to improper locking. This could lead to local escalation of privilege…
CVE-2022-1048 — CVSS 7.0 (high): A use-after-free flaw was found in the Linux kernel’s sound subsystem in the way a user triggers concurrent calls of PCM hw_params. The…
CVE-2021-0941 — CVSS 6.7 (medium): In bpf_skb_change_head of filter.c, there is a possible out of bounds read due to a use after free. This could lead to local escalation of…
CVE-2021-0935 — CVSS 6.7 (medium): In ip6_xmit of ip6_output.c, there is a possible out of bounds write due to a use after free. This could lead to local escalation of…
CVE-2020-0429 — CVSS 6.7 (medium): In l2tp_session_delete and related functions of l2tp_core.c, there is possible memory corruption due to a use after free. This could lead…
CVE-2021-42739 — CVSS 6.7 (medium): The firewire subsystem in the Linux kernel through 5.14.13 has a buffer overflow related to drivers/media/firewire/firedtv-avc.c and…
CVE-2022-21499 — CVSS 6.7 (medium): KGDB and KDB allow read and write access to kernel memory, and thus should be restricted during lockdown. An attacker with access to a…
CVE-2020-3702 — CVSS 6.5 (medium): u'Specifically timed and handcrafted traffic can cause internal errors in a WLAN device that lead to improper layer 2 Wi-Fi encryption with…
CVE-2021-3573 — CVSS 6.4 (medium): A use-after-free in function hci_sock_bound_ioctl() of the Linux kernel HCI subsystem was found in the way user calls ioct HCIUNBLOCKADDR…
CVE-2022-20154 — CVSS 6.4 (medium): In lock_sock_nested of sock.c, there is a possible use after free due to a race condition. This could lead to local escalation of privilege…
CVE-2022-1280 — CVSS 6.3 (medium): A use-after-free vulnerability was found in drm_lease_held in drivers/gpu/drm/drm_lease.c in the Linux kernel due to a race problem. This…
CVE-2021-3659 — CVSS 5.5 (medium): A NULL pointer dereference flaw was found in the Linux kernel’s IEEE 802.15.4 wireless networking subsystem in the way the user closes…
CVE-2022-0487 — CVSS 5.5 (medium): A use-after-free vulnerability was found in rtsx_usb_ms_drv_remove in drivers/memstick/host/rtsx_usb_ms.c in memstick in the Linux kernel…
CVE-2021-38198 — CVSS 5.5 (medium): arch/x86/kvm/mmu/paging_tmpl.h in the Linux kernel before 5.12.11 incorrectly computes the access permissions of a shadow page, leading to…
CVE-2022-1016 — CVSS 5.5 (medium): A flaw was found in the Linux kernel in net/netfilter/nf_tables_core.c:nft_do_chain, which can cause a use-after-free. This issue needs to…
CVE-2022-28389 — CVSS 5.5 (medium): mcba_usb_start_xmit in drivers/net/can/usb/mcba_usb.c in the Linux kernel through 5.17.1 has a double free.