kernel-livepatch-SLE15-SP2_Update_11 (SUSE:Linux Enterprise Live Patching 15 SP2) — known CVEs & security advisories
Known CVE vulnerabilities and GitHub Security Advisories affecting the SUSE:Linux Enterprise Live Patching 15 SP2 package kernel-livepatch-SLE15-SP2_Update_11, with affected version ranges, CVSS severity, EPSS exploit prediction, and CISA KEV status.
CVEs (51)
CVE-2021-3653 — CVSS 8.8 (high): A flaw was found in the KVM's AMD code for supporting SVM nested virtualization. The flaw occurs when processing the VMCB (virtual machine…
CVE-2022-0435 — CVSS 8.8 (high): A stack overflow flaw was found in the Linux kernel's TIPC protocol functionality in the way a user sends a packet with malicious content…
CVE-2021-28660 — CVSS 8.8 (high): rtw_wx_set_scan in drivers/staging/rtl8188eu/os_dep/ioctl_linux.c in the Linux kernel through 5.11.6 allows writing beyond the end of the…
CVE-2021-3656 — CVSS 8.8 (high): A flaw was found in the KVM's AMD code for supporting SVM nested virtualization. The flaw occurs when processing the VMCB (virtual machine…
CVE-2021-4154 — CVSS 8.8 (high): A use-after-free flaw was found in cgroup1_parse_param in kernel/cgroup/cgroup-v1.c in the Linux kernel's cgroup v1 parser. A local…
CVE-2021-37576 — CVSS 7.8 (high): arch/powerpc/kvm/book3s_rtas.c in the Linux kernel through 5.13.5 on the powerpc platform allows KVM guest OS users to cause host OS memory…
CVE-2021-27365 — CVSS 7.8 (high): An issue was discovered in the Linux kernel through 5.11.3. Certain iSCSI data structures do not have appropriate length constraints or…
CVE-2021-3444 — CVSS 7.8 (high): The bpf verifier in the Linux kernel did not properly handle mod32 destination register truncation when the source register was known to be…
CVE-2021-33909 — CVSS 7.8 (high): fs/seq_file.c in the Linux kernel 3.16 through 5.13.x before 5.13.4 does not properly restrict seq buffer allocations, leading to an…
CVE-2021-22543 — CVSS 7.8 (high): An issue was discovered in Linux: KVM through Improper handling of VM_IO|VM_PFNMAP vmas in KVM can bypass RO checks and can lead to pages…
CVE-2021-33034 — CVSS 7.8 (high): In the Linux kernel before 5.12.4, net/bluetooth/hci_event.c has a use-after-free when destroying an hci_chan, aka CID-5c4c8c954409. This…
CVE-2021-29154 — CVSS 7.8 (high): BPF JIT compilers in the Linux kernel through 5.11.12 have incorrect computation of branch displacements, allowing them to execute…
CVE-2021-23134 — CVSS 7.8 (high): Use After Free vulnerability in nfc sockets in the Linux Kernel before 5.12.4 allows local attackers to elevate their privileges. In…
CVE-2021-26930 — CVSS 7.8 (high): An issue was discovered in the Linux kernel 3.11 through 5.10.16, as used by Xen. To service requests to the PV backend, the driver maps…
CVE-2020-36385 — CVSS 7.8 (high): An issue was discovered in the Linux kernel before 5.10. drivers/infiniband/core/ucma.c has a use-after-free because the ctx is reached via…
CVE-2022-0516 — CVSS 7.8 (high): A vulnerability was found in kvm_s390_guest_sida_op in the arch/s390/kvm/kvm-s390.c function in KVM for s390 in the Linux kernel. This flaw…
CVE-2020-25670 — CVSS 7.8 (high): A vulnerability was found in Linux Kernel where refcount leak in llcp_sock_bind() causing use-after-free which might lead to privilege…
CVE-2020-25671 — CVSS 7.8 (high): A vulnerability was found in Linux Kernel, where a refcount leak in llcp_sock_connect() causing use-after-free which might lead to…
CVE-2020-12362 — CVSS 7.8 (high): Integer overflow in the firmware for some Intel(R) Graphics Drivers for Windows * before version 26.20.100.7212 and before Linux kernel…
CVE-2021-41864 — CVSS 7.8 (high): prealloc_elems_and_freelist in kernel/bpf/stackmap.c in the Linux kernel before 5.14.12 allows unprivileged users to trigger an eBPF…
CVE-2021-38160 — CVSS 7.8 (high): In drivers/char/virtio_console.c in the Linux kernel before 5.13.4, data corruption or loss can be triggered by an untrusted device that…
CVE-2021-20322 — CVSS 7.4 (high): A flaw in the processing of received ICMP errors (ICMP fragment needed and ICMP redirect) in the Linux kernel functionality was found to…
CVE-2021-3752 — CVSS 7.1 (high): A use-after-free flaw was found in the Linux kernel’s Bluetooth subsystem in the way user calls connect to the socket and disconnect…
CVE-2021-27364 — CVSS 7.1 (high): An issue was discovered in the Linux kernel through 5.11.3. drivers/scsi/scsi_transport_iscsi.c is adversely affected by the ability of an…
CVE-2021-4083 — CVSS 7.0 (high): A read-after-free memory flaw was found in the Linux kernel's garbage collection for Unix domain socket file handlers in the way users call…
CVE-2020-29368 — CVSS 7.0 (high): An issue was discovered in __split_huge_pmd in mm/huge_memory.c in the Linux kernel before 5.7.5. The copy-on-write implementation can…
CVE-2021-32399 — CVSS 7.0 (high): net/bluetooth/hci_request.c in the Linux kernel through 5.12.2 has a race condition for removal of the HCI controller.
CVE-2021-4202 — CVSS 7.0 (high): A use-after-free flaw was found in nci_request in net/nfc/nci/core.c in NFC Controller Interface (NCI) in the Linux kernel. This flaw could…
CVE-2021-3609 — CVSS 7.0 (high): .A flaw was found in the CAN BCM networking protocol in the Linux kernel, where a local attacker can abuse a flaw in the CAN subsystem to…
CVE-2021-3640 — CVSS 7.0 (high): A flaw use-after-free in function sco_sock_sendmsg() of the Linux kernel HCI subsystem was found in the way user calls ioct UFFDIO_REGISTER…
CVE-2020-12373 — CVSS 6.7 (medium): Expired pointer dereference in some Intel(R) Graphics Drivers before version 26.20.100.8141 may allow a privileged user to potentially…
CVE-2021-23133 — CVSS 6.7 (medium): A race condition in Linux kernel SCTP sockets (net/sctp/socket.c) before 5.12-rc8 can lead to kernel privilege escalation from the context…
CVE-2021-42739 — CVSS 6.7 (medium): The firewire subsystem in the Linux kernel through 5.14.13 has a buffer overflow related to drivers/media/firewire/firedtv-avc.c and…
CVE-2021-0941 — CVSS 6.7 (medium): In bpf_skb_change_head of filter.c, there is a possible out of bounds read due to a use after free. This could lead to local escalation of…
CVE-2020-3702 — CVSS 6.5 (medium): u'Specifically timed and handcrafted traffic can cause internal errors in a WLAN device that lead to improper layer 2 Wi-Fi encryption with…
CVE-2021-28688 — CVSS 6.5 (medium): The fix for XSA-365 includes initialization of pointers such that subsequent cleanup code wouldn't use uninitialized or stale values. This…
CVE-2021-3573 — CVSS 6.4 (medium): A use-after-free in function hci_sock_bound_ioctl() of the Linux kernel HCI subsystem was found in the way user calls ioct HCIUNBLOCKADDR…
CVE-2020-12363 — CVSS 5.5 (medium): Improper input validation in some Intel(R) Graphics Drivers for Windows* before version 26.20.100.7212 and before Linux kernel version 5.5…
CVE-2021-26932 — CVSS 5.5 (medium): An issue was discovered in the Linux kernel 3.2 through 5.10.16, as used by Xen. Grant mapping operations often occur in batch hypercalls…
CVE-2021-26931 — CVSS 5.5 (medium): An issue was discovered in the Linux kernel 2.6.39 through 5.10.16, as used in Xen. Block, net, and SCSI backends consider certain errors a…
CVE-2020-36322 — CVSS 5.5 (medium): An issue was discovered in the FUSE filesystem implementation in the Linux kernel before 5.10.6, aka CID-5d069dbe8aaf. fuse_do_getattr()…
CVE-2021-38198 — CVSS 5.5 (medium): arch/x86/kvm/mmu/paging_tmpl.h in the Linux kernel before 5.12.11 incorrectly computes the access permissions of a shadow page, leading to…
CVE-2020-25673 — CVSS 5.5 (medium): A vulnerability was found in Linux kernel where non-blocking socket in llcp_sock_connect() leads to leak and eventually hanging-up the…
CVE-2020-12364 — CVSS 5.5 (medium): Null pointer reference in some Intel(R) Graphics Drivers for Windows* before version 26.20.100.7212 and before version Linux kernel version…
CVE-2021-27363 — CVSS 4.4 (medium): An issue was discovered in the Linux kernel through 5.11.3. A kernel pointer leak can be used to determine the address of the…
CVE-2020-29374 — CVSS 3.6 (low): An issue was discovered in the Linux kernel before 5.7.3, related to mm/gup.c and mm/huge_memory.c. The get_user_pages (aka gup)…