kgraft-patch-SLE12-SP3_Update_41 (SUSE:OpenStack Cloud 8) — known CVEs & security advisories
Known CVE vulnerabilities and GitHub Security Advisories affecting the SUSE:OpenStack Cloud 8 package kgraft-patch-SLE12-SP3_Update_41, with affected version ranges, CVSS severity, EPSS exploit prediction, and CISA KEV status.
CVEs (38)
CVE-2021-3653 — CVSS 8.8 (high): A flaw was found in the KVM's AMD code for supporting SVM nested virtualization. The flaw occurs when processing the VMCB (virtual machine…
CVE-2018-16882 — CVSS 8.8 (high): A use-after-free issue was found in the way the Linux kernel's KVM hypervisor processed posted interrupts when nested(=1) virtualization is…
CVE-2020-14305 — CVSS 8.1 (high): An out-of-bounds memory write flaw was found in how the Linux kernel’s Voice Over IP H.323 connection tracking functionality handled…
CVE-2021-3760 — CVSS 7.8 (high): A flaw was found in the Linux kernel. A use-after-free vulnerability in the NFC stack can lead to a threat to confidentiality, integrity…
CVE-2021-3715 — CVSS 7.8 (high): A flaw was found in the "Routing decision" classifier in the Linux kernel's Traffic Control networking subsystem in the way it handled…
CVE-2021-38160 — CVSS 7.8 (high): In drivers/char/virtio_console.c in the Linux kernel before 5.13.4, data corruption or loss can be triggered by an untrusted device that…
CVE-2021-37576 — CVSS 7.8 (high): arch/powerpc/kvm/book3s_rtas.c in the Linux kernel through 5.13.5 on the powerpc platform allows KVM guest OS users to cause host OS memory…
CVE-2021-42008 — CVSS 7.8 (high): The decode_data function in drivers/net/hamradio/6pack.c in the Linux kernel before 5.13.13 has a slab out-of-bounds write. Input from a…
CVE-2018-13405 — CVSS 7.8 (high): The inode_init_owner function in fs/inode.c in the Linux kernel through 3.16 allows local users to create files with an unintended group…
CVE-2021-33033 — CVSS 7.8 (high): The Linux kernel before 5.11.14 has a use-after-free in cipso_v4_genopt in net/ipv4/cipso_ipv4.c because the CIPSO and CALIPSO refcounting…
CVE-2021-20322 — CVSS 7.4 (high): A flaw in the processing of received ICMP errors (ICMP fragment needed and ICMP redirect) in the Linux kernel functionality was found to…
CVE-2021-3752 — CVSS 7.1 (high): A use-after-free flaw was found in the Linux kernel’s Bluetooth subsystem in the way user calls connect to the socket and disconnect…
CVE-2021-40490 — CVSS 7.0 (high): A race condition was discovered in ext4_write_inline_data_end in fs/ext4/inline.c in the ext4 subsystem in the Linux kernel through 5.13.13.
CVE-2021-3640 — CVSS 7.0 (high): A flaw use-after-free in function sco_sock_sendmsg() of the Linux kernel HCI subsystem was found in the way user calls ioct UFFDIO_REGISTER…
CVE-2021-38204 — CVSS 6.8 (medium): drivers/usb/host/max3421-hcd.c in the Linux kernel before 5.13.6 allows physically proximate attackers to cause a denial of service…
CVE-2021-42739 — CVSS 6.7 (medium): The firewire subsystem in the Linux kernel through 5.14.13 has a buffer overflow related to drivers/media/firewire/firedtv-avc.c and…
CVE-2021-31916 — CVSS 6.7 (medium): An out-of-bounds (OOB) memory write flaw was found in list_devices in drivers/md/dm-ioctl.c in the Multi-device driver module in the Linux…
CVE-2021-34981 — CVSS 6.7 (medium): Linux Kernel Bluetooth CMTP Module Double Free Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate…
CVE-2020-0429 — CVSS 6.7 (medium): In l2tp_session_delete and related functions of l2tp_core.c, there is possible memory corruption due to a use after free. This could lead…
CVE-2021-3772 — CVSS 6.5 (medium): A flaw was found in the Linux SCTP stack. A blind attacker may be able to kill an existing SCTP association through invalid chunks if the…
CVE-2020-3702 — CVSS 6.5 (medium): u'Specifically timed and handcrafted traffic can cause internal errors in a WLAN device that lead to improper layer 2 Wi-Fi encryption with…
CVE-2021-37159 — CVSS 6.4 (medium): hso_free_net_device in drivers/net/usb/hso.c in the Linux kernel through 5.13.4 calls unregister_netdev without checking for the…
CVE-2017-17862 — CVSS 5.5 (medium): kernel/bpf/verifier.c in the Linux kernel through 4.14.8 ignores unreachable code, even though it would still be processed by JIT…
CVE-2020-12655 — CVSS 5.5 (medium): An issue was discovered in xfs_agf_verify in fs/xfs/libxfs/xfs_alloc.c in the Linux kernel through 5.6.10. Attackers may trigger a sync of…
CVE-2021-20265 — CVSS 5.5 (medium): A flaw was found in the way memory resources were freed in the unix_stream_recvmsg function in the Linux kernel when a signal was pending…
CVE-2021-34556 — CVSS 5.5 (medium): In the Linux kernel through 5.13.7, an unprivileged BPF program can obtain sensitive information from kernel memory via a Speculative Store…
CVE-2021-35477 — CVSS 5.5 (medium): In the Linux kernel through 5.13.7, an unprivileged BPF program can obtain sensitive information from kernel memory via a Speculative Store…
CVE-2021-3659 — CVSS 5.5 (medium): A NULL pointer dereference flaw was found in the Linux kernel’s IEEE 802.15.4 wireless networking subsystem in the way the user closes…
CVE-2021-3679 — CVSS 5.5 (medium): A lack of CPU resource in the Linux kernel tracing module functionality in versions prior to 5.14-rc3 was found in the way user uses trace…
CVE-2021-3732 — CVSS 5.5 (medium): A flaw was found in the Linux kernel's OverlayFS subsystem in the way the user mounts the TmpFS filesystem with OverlayFS. This flaw allows…
CVE-2021-38198 — CVSS 5.5 (medium): arch/x86/kvm/mmu/paging_tmpl.h in the Linux kernel before 5.12.11 incorrectly computes the access permissions of a shadow page, leading to…
CVE-2021-43389 — CVSS 5.5 (medium): An issue was discovered in the Linux kernel before 5.14.15. There is an array-index-out-of-bounds flaw in the detach_capi_ctr function in…
CVE-2020-4788 — CVSS 4.7 (medium): IBM Power9 (AIX 7.1, 7.2, and VIOS 3.1) processors could allow a local user to obtain sensitive information from the data in the L1 cache…
CVE-2021-3753 — CVSS 4.7 (medium): A race problem was seen in the vt_k_ioctl in drivers/tty/vt/vt_ioctl.c in the Linux kernel, which may cause an out of bounds read in vt as…
CVE-2021-3655 — CVSS 3.3 (low): A vulnerability was found in the Linux kernel in versions prior to v5.14-rc1. Missing size validations on inbound SCTP packets may allow…
CVE-2017-17864 — CVSS 3.3 (low): kernel/bpf/verifier.c in the Linux kernel through 4.14.8 mishandles states_equal comparisons between the pointer data type and the…
CVE-2021-3896: Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2021-43389. Reason: This candidate is a reservation duplicate of…
CVE-2021-3542: Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2021-42739. Reason: This candidate is a reservation duplicate of…