kgraft-patch-SLE12-SP3_Update_40 (SUSE:Linux Enterprise Server 12 SP3-LTSS) — known CVEs & security advisories
Known CVE vulnerabilities and GitHub Security Advisories affecting the SUSE:Linux Enterprise Server 12 SP3-LTSS package kgraft-patch-SLE12-SP3_Update_40, with affected version ranges, CVSS severity, EPSS exploit prediction, and CISA KEV status.
CVEs (48)
CVE-2021-3653 — CVSS 8.8 (high): A flaw was found in the KVM's AMD code for supporting SVM nested virtualization. The flaw occurs when processing the VMCB (virtual machine…
CVE-2022-1011 — CVSS 7.8 (high): A use-after-free flaw was found in the Linux kernel’s FUSE filesystem in the way a user triggers write(). This flaw allows a local user…
CVE-2022-0330 — CVSS 7.8 (high): A random memory access flaw was found in the Linux kernel's GPU i915 kernel driver functionality in the way a user may run malicious code…
CVE-2021-38160 — CVSS 7.8 (high): In drivers/char/virtio_console.c in the Linux kernel before 5.13.4, data corruption or loss can be triggered by an untrusted device that…
CVE-2021-37576 — CVSS 7.8 (high): arch/powerpc/kvm/book3s_rtas.c in the Linux kernel through 5.13.5 on the powerpc platform allows KVM guest OS users to cause host OS memory…
CVE-2021-3715 — CVSS 7.8 (high): A flaw was found in the "Routing decision" classifier in the Linux kernel's Traffic Control networking subsystem in the way it handled…
CVE-2022-30594 — CVSS 7.8 (high): The Linux kernel before 5.17.2 mishandles seccomp permissions. The PTRACE_SEIZE code path allows attackers to bypass intended restrictions…
CVE-2021-23134 — CVSS 7.8 (high): Use After Free vulnerability in nfc sockets in the Linux Kernel before 5.12.4 allows local attackers to elevate their privileges. In…
CVE-2021-0512 — CVSS 7.8 (high): In __hidinput_change_resolution_multipliers of hid-input.c, there is a possible out of bounds write due to a heap buffer overflow. This…
CVE-2021-33909 — CVSS 7.8 (high): fs/seq_file.c in the Linux kernel 3.16 through 5.13.x before 5.13.4 does not properly restrict seq buffer allocations, leading to an…
CVE-2020-36385 — CVSS 7.8 (high): An issue was discovered in the Linux kernel before 5.10. drivers/infiniband/core/ucma.c has a use-after-free because the ctx is reached via…
CVE-2018-25020 — CVSS 7.8 (high): The BPF subsystem in the Linux kernel before 4.17 mishandles situations with a long jump over an instruction sequence where inner…
CVE-2021-33034 — CVSS 7.8 (high): In the Linux kernel before 5.12.4, net/bluetooth/hci_event.c has a use-after-free when destroying an hci_chan, aka CID-5c4c8c954409. This…
CVE-2021-20322 — CVSS 7.4 (high): A flaw in the processing of received ICMP errors (ICMP fragment needed and ICMP redirect) in the Linux kernel functionality was found to…
CVE-2019-0136 — CVSS 7.4 (high): Insufficient access control in the Intel(R) PROSet/Wireless WiFi Software driver before version 21.10 may allow an unauthenticated user to…
CVE-2020-36386 — CVSS 7.1 (high): An issue was discovered in the Linux kernel before 5.8.1. net/bluetooth/hci_event.c has a slab out-of-bounds read in hci_extended_inquiry_re…
CVE-2021-3752 — CVSS 7.1 (high): A use-after-free flaw was found in the Linux kernel’s Bluetooth subsystem in the way user calls connect to the socket and disconnect…
CVE-2021-3640 — CVSS 7.0 (high): A flaw use-after-free in function sco_sock_sendmsg() of the Linux kernel HCI subsystem was found in the way user calls ioct UFFDIO_REGISTER…
CVE-2021-4202 — CVSS 7.0 (high): A use-after-free flaw was found in nci_request in net/nfc/nci/core.c in NFC Controller Interface (NCI) in the Linux kernel. This flaw could…
CVE-2021-3609 — CVSS 7.0 (high): .A flaw was found in the CAN BCM networking protocol in the Linux kernel, where a local attacker can abuse a flaw in the CAN subsystem to…
CVE-2021-4083 — CVSS 7.0 (high): A read-after-free memory flaw was found in the Linux kernel's garbage collection for Unix domain socket file handlers in the way users call…
CVE-2021-32399 — CVSS 7.0 (high): net/bluetooth/hci_request.c in the Linux kernel through 5.12.2 has a race condition for removal of the HCI controller.
CVE-2022-1734 — CVSS 7.0 (high): A flaw in Linux Kernel found in nfcmrvl_nci_unregister_dev() in drivers/nfc/nfcmrvl/main.c can lead to use after free both read or write…
CVE-2022-1048 — CVSS 7.0 (high): A use-after-free flaw was found in the Linux kernel’s sound subsystem in the way a user triggers concurrent calls of PCM hw_params. The…
CVE-2021-0935 — CVSS 6.7 (medium): In ip6_xmit of ip6_output.c, there is a possible out of bounds write due to a use after free. This could lead to local escalation of…
CVE-2020-0429 — CVSS 6.7 (medium): In l2tp_session_delete and related functions of l2tp_core.c, there is possible memory corruption due to a use after free. This could lead…
CVE-2021-42739 — CVSS 6.7 (medium): The firewire subsystem in the Linux kernel through 5.14.13 has a buffer overflow related to drivers/media/firewire/firedtv-avc.c and…
CVE-2020-26141 — CVSS 6.5 (medium): An issue was discovered in the ALFA Windows 10 driver 6.1316.1209 for AWUS036H. The Wi-Fi implementation does not verify the Message…
CVE-2021-28688 — CVSS 6.5 (medium): The fix for XSA-365 includes initialization of pointers such that subsequent cleanup code wouldn't use uninitialized or stale values. This…
CVE-2020-3702 — CVSS 6.5 (medium): u'Specifically timed and handcrafted traffic can cause internal errors in a WLAN device that lead to improper layer 2 Wi-Fi encryption with…
CVE-2020-26145 — CVSS 6.5 (medium): An issue was discovered on Samsung Galaxy S3 i9305 4.4.4 devices. The WEP, WPA, WPA2, and WPA3 implementations accept second (or…
CVE-2021-3573 — CVSS 6.4 (medium): A use-after-free in function hci_sock_bound_ioctl() of the Linux kernel HCI subsystem was found in the way user calls ioct HCIUNBLOCKADDR…
CVE-2021-0129 — CVSS 5.7 (medium): Improper access control in BlueZ may allow an authenticated user to potentially enable information disclosure via adjacent access.
CVE-2022-0487 — CVSS 5.5 (medium): A use-after-free vulnerability was found in rtsx_usb_ms_drv_remove in drivers/memstick/host/rtsx_usb_ms.c in memstick in the Linux kernel…
CVE-2021-38198 — CVSS 5.5 (medium): arch/x86/kvm/mmu/paging_tmpl.h in the Linux kernel before 5.12.11 incorrectly computes the access permissions of a shadow page, leading to…
CVE-2021-34693 — CVSS 5.5 (medium): net/can/bcm.c in the Linux kernel through 5.12.10 allows local users to obtain sensitive information from kernel stack memory because parts…
CVE-2022-1016 — CVSS 5.5 (medium): A flaw was found in the Linux kernel in net/netfilter/nf_tables_core.c:nft_do_chain, which can cause a use-after-free. This issue needs to…
CVE-2020-26147 — CVSS 5.4 (medium): An issue was discovered in the Linux kernel 5.8.9. The WEP, WPA, WPA2, and WPA3 implementations reassemble fragments even though some of…
CVE-2020-26139 — CVSS 5.3 (medium): An issue was discovered in the kernel in NetBSD 7.1. An Access Point (AP) forwards EAPOL frames to other clients even though the sender has…
CVE-2021-0605 — CVSS 4.4 (medium): In pfkey_dump of af_key.c, there is a possible out-of-bounds read due to a missing bounds check. This could lead to local information…
CVE-2020-26558 — CVSS 4.2 (medium): Bluetooth LE and BR/EDR secure pairing in Bluetooth Core Specification 2.1 through 5.2 may permit a nearby man-in-the-middle attacker to…
CVE-2020-24586 — CVSS 3.5 (low): The 802.11 standard that underpins Wi-Fi Protected Access (WPA, WPA2, and WPA3) and Wired Equivalent Privacy (WEP) doesn't require that…
CVE-2020-24588 — CVSS 3.5 (low): The 802.11 standard that underpins Wi-Fi Protected Access (WPA, WPA2, and WPA3) and Wired Equivalent Privacy (WEP) doesn't require that the…
CVE-2020-24587 — CVSS 2.6 (low): The 802.11 standard that underpins Wi-Fi Protected Access (WPA, WPA2, and WPA3) and Wired Equivalent Privacy (WEP) doesn't require that all…