kernel-syms (SUSE:Linux Enterprise Real Time 15 SP2) — known CVEs & security advisories
Known CVE vulnerabilities and GitHub Security Advisories affecting the SUSE:Linux Enterprise Real Time 15 SP2 package kernel-syms, with affected version ranges, CVSS severity, EPSS exploit prediction, and CISA KEV status.
CVEs (42)
CVE-2022-0435 — CVSS 8.8 (high): A stack overflow flaw was found in the Linux kernel's TIPC protocol functionality in the way a user sends a packet with malicious content…
CVE-2022-28390 — CVSS 7.8 (high): ems_usb_start_xmit in drivers/net/can/usb/ems_usb.c in the Linux kernel through 5.17.1 has a double free.
CVE-2022-27666 — CVSS 7.8 (high): A heap buffer overflow flaw was found in IPsec ESP transformation code in net/ipv4/esp4.c and net/ipv6/esp6.c. This flaw allows a local…
CVE-2022-26490 — CVSS 7.8 (high): st21nfca_connectivity_event_received in drivers/nfc/st21nfca/se.c in the Linux kernel through 5.16.12 has EVT_TRANSACTION buffer overflows…
CVE-2021-39698 — CVSS 7.8 (high): In aio_poll_complete_work of aio.c, there is a possible memory corruption due to a use after free. This could lead to local escalation of…
CVE-2022-24958 — CVSS 7.8 (high): drivers/usb/gadget/legacy/inode.c in the Linux kernel through 5.16.8 mishandles dev->buf release.
CVE-2022-22942 — CVSS 7.8 (high): The vmwgfx driver contains a local privilege escalation vulnerability that allows unprivileged users to gain access to files opened by…
CVE-2022-1055 — CVSS 7.8 (high): A use-after-free exists in the Linux Kernel in tc_new_tfilter that could allow a local attacker to gain privilege escalation. The exploit…
CVE-2022-0330 — CVSS 7.8 (high): A random memory access flaw was found in the Linux kernel's GPU i915 kernel driver functionality in the way a user may run malicious code…
CVE-2022-0516 — CVSS 7.8 (high): A vulnerability was found in kvm_s390_guest_sida_op in the arch/s390/kvm/kvm-s390.c function in KVM for s390 in the Linux kernel. This flaw…
CVE-2022-0850 — CVSS 7.1 (high): A vulnerability was found in linux kernel, where an information leak occurs via ext4_extent_header to userspace.
CVE-2022-23038 — CVSS 7.0 (high): Linux PV device frontends vulnerable to attacks by backends T[his CNA information record relates to multiple CVEs; the text explains which…
CVE-2022-1048 — CVSS 7.0 (high): A use-after-free flaw was found in the Linux kernel’s sound subsystem in the way a user triggers concurrent calls of PCM hw_params. The…
CVE-2022-23036 — CVSS 7.0 (high): Linux PV device frontends vulnerable to attacks by backends T[his CNA information record relates to multiple CVEs; the text explains which…
CVE-2022-23037 — CVSS 7.0 (high): Linux PV device frontends vulnerable to attacks by backends T[his CNA information record relates to multiple CVEs; the text explains which…
CVE-2022-23039 — CVSS 7.0 (high): Linux PV device frontends vulnerable to attacks by backends T[his CNA information record relates to multiple CVEs; the text explains which…
CVE-2022-23040 — CVSS 7.0 (high): Linux PV device frontends vulnerable to attacks by backends T[his CNA information record relates to multiple CVEs; the text explains which…
CVE-2022-23041 — CVSS 7.0 (high): Linux PV device frontends vulnerable to attacks by backends T[his CNA information record relates to multiple CVEs; the text explains which…
CVE-2022-23042 — CVSS 7.0 (high): Linux PV device frontends vulnerable to attacks by backends T[his CNA information record relates to multiple CVEs; the text explains which…
CVE-2022-0002 — CVSS 6.5 (medium): Non-transparent sharing of branch predictor within a context in some Intel(R) Processors may allow an authorized user to potentially enable…
CVE-2022-0001 — CVSS 6.5 (medium): Non-transparent sharing of branch predictor selectors between contexts in some Intel(R) Processors may allow an authorized user to…
CVE-2022-28388 — CVSS 5.5 (medium): usb_8dev_start_xmit in drivers/net/can/usb/usb_8dev.c in the Linux kernel through 5.17.1 has a double free.
CVE-2022-28389 — CVSS 5.5 (medium): mcba_usb_start_xmit in drivers/net/can/usb/mcba_usb.c in the Linux kernel through 5.17.1 has a double free.
CVE-2022-25375 — CVSS 5.5 (medium): An issue was discovered in drivers/usb/gadget/function/rndis.c in the Linux kernel before 5.16.10. The RNDIS USB gadget lacks validation of…
CVE-2021-45868 — CVSS 5.5 (medium): In the Linux kernel before 5.15.3, fs/quota/quota_tree.c does not validate the block number in the quota tree (on disk). This can, for…
CVE-2022-26966 — CVSS 5.5 (medium): An issue was discovered in the Linux kernel before 5.16.12. drivers/net/usb/sr9700.c allows attackers to obtain sensitive information from…
CVE-2022-24959 — CVSS 5.5 (medium): An issue was discovered in the Linux kernel before 5.16.5. There is a memory leak in yam_siocdevprivate in drivers/net/hamradio/yam.c.
CVE-2022-0487 — CVSS 5.5 (medium): A use-after-free vulnerability was found in rtsx_usb_ms_drv_remove in drivers/memstick/host/rtsx_usb_ms.c in memstick in the Linux kernel…
CVE-2022-0617 — CVSS 5.5 (medium): A flaw null pointer dereference in the Linux kernel UDF file system functionality was found in the way user triggers udf_file_write_iter…
CVE-2022-0854 — CVSS 5.5 (medium): A memory leak flaw was found in the Linux kernel’s DMA subsystem, in the way a user calls DMA_FROM_DEVICE. This flaw allows a local user…
CVE-2022-1016 — CVSS 5.5 (medium): A flaw was found in the Linux kernel in net/netfilter/nf_tables_core.c:nft_do_chain, which can cause a use-after-free. This issue needs to…
CVE-2021-44879 — CVSS 5.5 (medium): In gc_data_segment in fs/f2fs/gc.c in the Linux kernel before 5.16.3, special files are not considered, leading to a move_data_page NULL…
CVE-2022-25258 — CVSS 4.6 (medium): An issue was discovered in drivers/usb/gadget/composite.c in the Linux kernel before 5.16.10. The USB Gadget subsystem lacks certain…
CVE-2021-39657 — CVSS 4.4 (medium): In ufshcd_eh_device_reset_handler of ufshcd.c, there is a possible out of bounds read due to a missing bounds check. This could lead to…
CVE-2021-39648 — CVSS 4.1 (medium): In gadget_dev_desc_UDC_show of configfs.c, there is a possible disclosure of kernel heap memory due to a race condition. This could lead to…
CVE-2022-24448 — CVSS 3.3 (low): An issue was discovered in fs/nfs/dir.c in the Linux kernel before 5.16.5. If an application sets the O_DIRECTORY flag, and tries to open a…
CVE-2022-0644: Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation…