release-notes-sle_rt (SUSE:Linux Enterprise Real Time 15 SP3) — known CVEs & security advisories
Known CVE vulnerabilities and GitHub Security Advisories affecting the SUSE:Linux Enterprise Real Time 15 SP3 package release-notes-sle_rt, with affected version ranges, CVSS severity, EPSS exploit prediction, and CISA KEV status.
CVEs (16)
CVE-2021-4154 — CVSS 8.8 (high): A use-after-free flaw was found in cgroup1_parse_param in kernel/cgroup/cgroup-v1.c in the Linux kernel's cgroup v1 parser. A local…
CVE-2021-0707 — CVSS 7.8 (high): In dma_buf_release of dma-buf.c, there is a possible memory corruption due to a use after free. This could lead to local escalation of…
CVE-2022-29156 — CVSS 7.8 (high): drivers/infiniband/ulp/rtrs/rtrs-clt.c in the Linux kernel before 5.16.12 has a double free related to rtrs_clt_dev_release.
CVE-2022-28893 — CVSS 7.8 (high): The SUNRPC subsystem in the Linux kernel through 5.17.2 can call xs_xprt_free before ensuring that sockets are in the intended state.
CVE-2022-1158 — CVSS 7.8 (high): A flaw was found in KVM. When updating a guest's page table entry, vm_pgoff was improperly used as the offset to get the page's pfn. As…
CVE-2022-1419 — CVSS 7.8 (high): The root cause of this vulnerability is that the ioctl$DRM_IOCTL_MODE_DESTROY_DUMB can decrease refcount of *drm_vgem_gem_object *(created…
CVE-2022-1353 — CVSS 7.1 (high): A vulnerability was found in the pfkey_register function in net/key/af_key.c in the Linux kernel. This flaw allows a local, unprivileged…
CVE-2021-20292 — CVSS 6.7 (medium): There is a flaw reported in the Linux kernel in versions before 5.9 in drivers/gpu/drm/nouveau/nouveau_sgdma.c in nouveau_sgdma_create_ttm…
CVE-2022-1280 — CVSS 6.3 (medium): A use-after-free vulnerability was found in drm_lease_held in drivers/gpu/drm/drm_lease.c in the Linux kernel due to a race problem. This…
CVE-2022-1516 — CVSS 5.5 (medium): A NULL pointer dereference flaw was found in the Linux kernel’s X.25 set of standardized network protocols functionality in the way a…
CVE-2021-38208 — CVSS 5.5 (medium): net/nfc/llcp_sock.c in the Linux kernel before 5.12.10 allows local unprivileged users to cause a denial of service (NULL pointer…
CVE-2021-20321 — CVSS 4.7 (medium): A race condition accessing file object in the Linux kernel OverlayFS subsystem was found in the way users do rename in specific way with…
CVE-2020-27835 — CVSS 4.4 (medium): A use after free in the Linux kernel infiniband hfi1 driver in versions prior to 5.10-rc6 was found in the way user calls Ioctl after open…
CVE-2022-0812 — CVSS 4.3 (medium): An information leak flaw was found in NFS over RDMA in the net/sunrpc/xprtrdma/rpc_rdma.c in the Linux Kernel. This flaw allows an attacker…
CVE-2022-28748: Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2022-2964. Reason: This candidate is a reservation duplicate of…