Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2021-3483 (GCVE-0-2021-3483)
Vulnerability from cvelistv5 – Published: 2021-05-17 11:25 – Updated: 2024-08-03 16:53
VLAI
EPSS
Summary
A flaw was found in the Nosy driver in the Linux kernel. This issue allows a device to be inserted twice into a doubly-linked list, leading to a use-after-free when one of these devices is removed. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability. Versions before kernel 5.12-rc6 are affected
Severity
No CVSS data available.
CWE
Assigner
References
5 references
| URL | Tags |
|---|---|
| http://www.openwall.com/lists/oss-security/2021/04/07/1 | mailing-listx_refsource_MLIST |
| https://bugzilla.redhat.com/show_bug.cgi?id=1948045 | x_refsource_MISC |
| https://lists.debian.org/debian-lts-announce/2021… | mailing-listx_refsource_MLIST |
| https://lists.debian.org/debian-lts-announce/2021… | mailing-listx_refsource_MLIST |
| https://security.netapp.com/advisory/ntap-2021062… | x_refsource_CONFIRM |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T16:53:17.603Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "[oss-security] 20210407 CVE-2021-3483: Linux kernel: a use-after-free bug in nosy driver",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2021/04/07/1"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1948045"
},
{
"name": "[debian-lts-announce] 20210623 [SECURITY] [DLA 2689-1] linux security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2021/06/msg00020.html"
},
{
"name": "[debian-lts-announce] 20210623 [SECURITY] [DLA 2690-1] linux-4.19 security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2021/06/msg00019.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20210629-0002/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "kernel",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "kernel 5.12-rc6"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A flaw was found in the Nosy driver in the Linux kernel. This issue allows a device to be inserted twice into a doubly-linked list, leading to a use-after-free when one of these devices is removed. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability. Versions before kernel 5.12-rc6 are affected"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-416",
"description": "CWE-416",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-06-29T09:06:16.000Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "[oss-security] 20210407 CVE-2021-3483: Linux kernel: a use-after-free bug in nosy driver",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2021/04/07/1"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1948045"
},
{
"name": "[debian-lts-announce] 20210623 [SECURITY] [DLA 2689-1] linux security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2021/06/msg00020.html"
},
{
"name": "[debian-lts-announce] 20210623 [SECURITY] [DLA 2690-1] linux-4.19 security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2021/06/msg00019.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://security.netapp.com/advisory/ntap-20210629-0002/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2021-3483",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "kernel",
"version": {
"version_data": [
{
"version_value": "kernel 5.12-rc6"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A flaw was found in the Nosy driver in the Linux kernel. This issue allows a device to be inserted twice into a doubly-linked list, leading to a use-after-free when one of these devices is removed. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability. Versions before kernel 5.12-rc6 are affected"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-416"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "[oss-security] 20210407 CVE-2021-3483: Linux kernel: a use-after-free bug in nosy driver",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2021/04/07/1"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1948045",
"refsource": "MISC",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1948045"
},
{
"name": "[debian-lts-announce] 20210623 [SECURITY] [DLA 2689-1] linux security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2021/06/msg00020.html"
},
{
"name": "[debian-lts-announce] 20210623 [SECURITY] [DLA 2690-1] linux-4.19 security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2021/06/msg00019.html"
},
{
"name": "https://security.netapp.com/advisory/ntap-20210629-0002/",
"refsource": "CONFIRM",
"url": "https://security.netapp.com/advisory/ntap-20210629-0002/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2021-3483",
"datePublished": "2021-05-17T11:25:12.000Z",
"dateReserved": "2021-04-06T00:00:00.000Z",
"dateUpdated": "2024-08-03T16:53:17.603Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"epss": {
"cve": "CVE-2021-3483",
"date": "2026-05-29",
"epss": "0.00167",
"percentile": "0.37529"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2021-3483\",\"sourceIdentifier\":\"secalert@redhat.com\",\"published\":\"2021-05-17T12:15:07.523\",\"lastModified\":\"2024-11-21T06:21:39.150\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"A flaw was found in the Nosy driver in the Linux kernel. This issue allows a device to be inserted twice into a doubly-linked list, leading to a use-after-free when one of these devices is removed. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability. Versions before kernel 5.12-rc6 are affected\"},{\"lang\":\"es\",\"value\":\"Se encontr\u00f3 una fallo en el controlador Nosy en el kernel de Linux.\u0026#xa0;Este problema permite a un dispositivo ser insertado dos veces en una lista doblemente enlazada, conllevando a un uso de la memoria previamente liberada cuando uno de estos dispositivos es eliminado.\u0026#xa0;La mayor amenaza de esta vulnerabilidad es la confidencialidad, la integridad as\u00ed como la disponibilidad del sistema.\u0026#xa0;Las versiones anteriores al kernel 5.12-rc6 est\u00e1n afectadas\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":7.8,\"baseSeverity\":\"HIGH\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.8,\"impactScore\":5.9}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:L/AC:L/Au:N/C:P/I:P/A:P\",\"baseScore\":4.6,\"accessVector\":\"LOCAL\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":3.9,\"impactScore\":6.4,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"secalert@redhat.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-416\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"5.12\",\"matchCriteriaId\":\"40362FFA-6C99-41DB-AC04-5B835E7DE052\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:5.12:rc1:*:*:*:*:*:*\",\"matchCriteriaId\":\"07875739-0CCB-4F48-9330-3D4B6A4064FA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:5.12:rc2:*:*:*:*:*:*\",\"matchCriteriaId\":\"DA09B732-04F8-452C-94CF-97644E78684D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:5.12:rc3:*:*:*:*:*:*\",\"matchCriteriaId\":\"E5371152-7515-4908-BB7E-494805EA5DF2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:5.12:rc4:*:*:*:*:*:*\",\"matchCriteriaId\":\"D7788E5B-D54E-45BF-9043-2C7B77842FD0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:5.12:rc5:*:*:*:*:*:*\",\"matchCriteriaId\":\"A935F9F1-DA8B-49F4-BF2B-FA01A92F113E\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DEECE5FC-CACF-4496-A3E7-164736409252\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netapp:cloud_backup:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5C2089EE-5D7F-47EC-8EA5-0F69790564C4\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:netapp:h300s_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6770B6C3-732E-4E22-BF1C-2D2FD610061C\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:netapp:h300s:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9F9C8C20-42EB-4AB5-BD97-212DEB070C43\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:netapp:h500s_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7FFF7106-ED78-49BA-9EC5-B889E3685D53\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:netapp:h500s:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E63D8B0F-006E-4801-BF9D-1C001BBFB4F9\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:netapp:h700s_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"56409CEC-5A1E-4450-AA42-641E459CC2AF\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:netapp:h700s:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B06F4839-D16A-4A61-9BB5-55B13F41E47F\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:netapp:h300e_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"108A2215-50FB-4074-94CF-C130FA14566D\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:netapp:h300e:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7AFC73CE-ABB9-42D3-9A71-3F5BC5381E0E\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:netapp:h500e_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"32F0B6C0-F930-480D-962B-3F4EFDCC13C7\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:netapp:h500e:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"803BC414-B250-4E3A-A478-A3881340D6B8\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:netapp:h700e_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0FEB3337-BFDE-462A-908B-176F92053CEC\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:netapp:h700e:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"736AEAE9-782B-4F71-9893-DED53367E102\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:netapp:h410s_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D0B4AD8A-F172-4558-AEC6-FF424BA2D912\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:netapp:h410s:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8497A4C9-8474-4A62-8331-3FE862ED4098\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:netapp:h410c_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"234DEFE0-5CE5-4B0A-96B8-5D227CB8ED31\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:netapp:h410c:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CDDF61B7-EC5C-467C-B710-B89F502CD04F\"}]}]}],\"references\":[{\"url\":\"http://www.openwall.com/lists/oss-security/2021/04/07/1\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Mailing List\",\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://bugzilla.redhat.com/show_bug.cgi?id=1948045\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Issue Tracking\",\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2021/06/msg00019.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2021/06/msg00020.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://security.netapp.com/advisory/ntap-20210629-0002/\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2021/04/07/1\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://bugzilla.redhat.com/show_bug.cgi?id=1948045\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\",\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2021/06/msg00019.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2021/06/msg00020.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://security.netapp.com/advisory/ntap-20210629-0002/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]}]}}"
}
}
CERTFR-2021-AVI-469
Vulnerability from certfr_avis - Published: 2021-06-17 - Updated: 2021-06-17
De multiples vulnérabilités ont été découvertes dans le noyau Linux de SUSE. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire, un déni de service et un contournement de la politique de sécurité.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| SUSE | N/A | SUSE Linux Enterprise High Availability 15-SP3 | ||
| SUSE | N/A | SUSE Linux Enterprise Module for Live Patching 15-SP3 | ||
| SUSE | N/A | SUSE Linux Enterprise Module for Basesystem 15-SP3 | ||
| SUSE | N/A | SUSE Linux Enterprise Module for Development Tools 15-SP3 | ||
| SUSE | N/A | SUSE Linux Enterprise Module for Public Cloud 15-SP3 | ||
| SUSE | N/A | SUSE Linux Enterprise Workstation Extension 15-SP3 | ||
| SUSE | N/A | SUSE Linux Enterprise Module for Legacy Software 15-SP3 |
References
| Title | Publication Time | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "SUSE Linux Enterprise High Availability 15-SP3",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Module for Live Patching 15-SP3",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Module for Basesystem 15-SP3",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Module for Development Tools 15-SP3",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Module for Public Cloud 15-SP3",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Workstation Extension 15-SP3",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Module for Legacy Software 15-SP3",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2020-26139",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-26139"
},
{
"name": "CVE-2021-29264",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-29264"
},
{
"name": "CVE-2020-24587",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-24587"
},
{
"name": "CVE-2021-33034",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-33034"
},
{
"name": "CVE-2020-25672",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-25672"
},
{
"name": "CVE-2021-30002",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-30002"
},
{
"name": "CVE-2021-29154",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-29154"
},
{
"name": "CVE-2021-3483",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3483"
},
{
"name": "CVE-2020-36312",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-36312"
},
{
"name": "CVE-2020-36311",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-36311"
},
{
"name": "CVE-2021-27363",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-27363"
},
{
"name": "CVE-2021-3490",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3490"
},
{
"name": "CVE-2021-27364",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-27364"
},
{
"name": "CVE-2021-29647",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-29647"
},
{
"name": "CVE-2020-24588",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-24588"
},
{
"name": "CVE-2021-28971",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-28971"
},
{
"name": "CVE-2020-35519",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-35519"
},
{
"name": "CVE-2020-27815",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-27815"
},
{
"name": "CVE-2021-28952",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-28952"
},
{
"name": "CVE-2020-36310",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-36310"
},
{
"name": "CVE-2021-27365",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-27365"
},
{
"name": "CVE-2021-3428",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3428"
},
{
"name": "CVE-2020-27170",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-27170"
},
{
"name": "CVE-2020-24586",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-24586"
},
{
"name": "CVE-2021-29265",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-29265"
},
{
"name": "CVE-2021-3444",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3444"
},
{
"name": "CVE-2021-28038",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-28038"
},
{
"name": "CVE-2019-19769",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-19769"
},
{
"name": "CVE-2020-25671",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-25671"
},
{
"name": "CVE-2021-28950",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-28950"
},
{
"name": "CVE-2021-29650",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-29650"
},
{
"name": "CVE-2020-36322",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-36322"
},
{
"name": "CVE-2021-28688",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-28688"
},
{
"name": "CVE-2021-3489",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3489"
},
{
"name": "CVE-2020-26147",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-26147"
},
{
"name": "CVE-2021-20268",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-20268"
},
{
"name": "CVE-2021-29155",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-29155"
},
{
"name": "CVE-2020-25670",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-25670"
},
{
"name": "CVE-2020-26141",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-26141"
},
{
"name": "CVE-2021-28972",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-28972"
},
{
"name": "CVE-2021-23134",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-23134"
},
{
"name": "CVE-2021-32399",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-32399"
},
{
"name": "CVE-2019-18814",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-18814"
},
{
"name": "CVE-2021-28660",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-28660"
},
{
"name": "CVE-2021-3491",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3491"
},
{
"name": "CVE-2021-33200",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-33200"
},
{
"name": "CVE-2021-28964",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-28964"
},
{
"name": "CVE-2020-25673",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-25673"
},
{
"name": "CVE-2020-27673",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-27673"
},
{
"name": "CVE-2020-27171",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-27171"
},
{
"name": "CVE-2021-28375",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-28375"
},
{
"name": "CVE-2020-26145",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-26145"
}
],
"initial_release_date": "2021-06-17T00:00:00",
"last_revision_date": "2021-06-17T00:00:00",
"links": [],
"reference": "CERTFR-2021-AVI-469",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2021-06-17T00:00:00.000000"
}
],
"risks": [
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Ex\u00e9cution de code arbitraire"
},
{
"description": "D\u00e9ni de service"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans le noyau Linux de\nSUSE. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une\nex\u00e9cution de code arbitraire, un d\u00e9ni de service et un contournement de\nla politique de s\u00e9curit\u00e9.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans le noyau Linux de SUSE",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SUSE suse-su-20211977-1 du 15 juin 2021",
"url": "https://www.suse.com/support/update/announcement/2021/suse-su-20211977-1/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SUSE suse-su-20211975-1 du 15 juin 2021",
"url": "https://www.suse.com/support/update/announcement/2021/suse-su-20211975-1"
}
]
}
CERTFR-2021-AVI-482
Vulnerability from certfr_avis - Published: 2021-06-24 - Updated: 2021-06-24
De multiples vulnérabilités ont été découvertes dans le noyau Linux de Debian LTS. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire, un déni de service et une atteinte à la confidentialité des données.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
References
| Title | Publication Time | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Debian 9 Stretch versions ant\u00e9rieures \u00e0 4.19.194-1~deb9u1",
"product": {
"name": "N/A",
"vendor": {
"name": "Debian",
"scada": false
}
}
},
{
"description": "Debian 9 Stretch versions ant\u00e9rieures \u00e0 4.9.272-1",
"product": {
"name": "N/A",
"vendor": {
"name": "Debian",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2020-26139",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-26139"
},
{
"name": "CVE-2021-29264",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-29264"
},
{
"name": "CVE-2020-24587",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-24587"
},
{
"name": "CVE-2021-33034",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-33034"
},
{
"name": "CVE-2020-25672",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-25672"
},
{
"name": "CVE-2021-30002",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-30002"
},
{
"name": "CVE-2021-29154",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-29154"
},
{
"name": "CVE-2021-3483",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3483"
},
{
"name": "CVE-2021-31916",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-31916"
},
{
"name": "CVE-2021-3587",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3587"
},
{
"name": "CVE-2021-3573",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3573"
},
{
"name": "CVE-2021-29647",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-29647"
},
{
"name": "CVE-2020-24588",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-24588"
},
{
"name": "CVE-2021-28971",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-28971"
},
{
"name": "CVE-2021-23133",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-23133"
},
{
"name": "CVE-2021-3428",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3428"
},
{
"name": "CVE-2021-3506",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3506"
},
{
"name": "CVE-2020-24586",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-24586"
},
{
"name": "CVE-2021-29265",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-29265"
},
{
"name": "CVE-2021-0129",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-0129"
},
{
"name": "CVE-2020-25671",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-25671"
},
{
"name": "CVE-2021-28950",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-28950"
},
{
"name": "CVE-2021-29650",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-29650"
},
{
"name": "CVE-2020-36322",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-36322"
},
{
"name": "CVE-2020-29374",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-29374"
},
{
"name": "CVE-2021-3564",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3564"
},
{
"name": "CVE-2020-26558",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-26558"
},
{
"name": "CVE-2021-28688",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-28688"
},
{
"name": "CVE-2020-26147",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-26147"
},
{
"name": "CVE-2021-29155",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-29155"
},
{
"name": "CVE-2020-25670",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-25670"
},
{
"name": "CVE-2021-23134",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-23134"
},
{
"name": "CVE-2021-32399",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-32399"
},
{
"name": "CVE-2021-20292",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-20292"
},
{
"name": "CVE-2021-28660",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-28660"
},
{
"name": "CVE-2021-28964",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-28964"
},
{
"name": "CVE-2021-31829",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-31829"
}
],
"initial_release_date": "2021-06-24T00:00:00",
"last_revision_date": "2021-06-24T00:00:00",
"links": [],
"reference": "CERTFR-2021-AVI-482",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2021-06-24T00:00:00.000000"
}
],
"risks": [
{
"description": "Ex\u00e9cution de code arbitraire"
},
{
"description": "D\u00e9ni de service"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans le noyau Linux de\nDebian LTS. Certaines d\u0027entre elles permettent \u00e0 un attaquant de\nprovoquer une ex\u00e9cution de code arbitraire, un d\u00e9ni de service et une\natteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans le noyau Linux de Debian LTS",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Debian LTS dla-2689 du 22 juin 2021",
"url": "https://www.debian.org/lts/security/2021/dla-2689"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Debian LTS dla-2690 du 22 juin 2021",
"url": "https://www.debian.org/lts/security/2021/dla-2690"
}
]
}
CERTFR-2022-AVI-176
Vulnerability from certfr_avis - Published: 2022-02-23 - Updated: 2022-02-23
De multiples vulnérabilités ont été découvertes dans le noyau Linux d'Ubuntu. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire, un déni de service à distance et une atteinte à l'intégrité des données.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
References
| Title | Publication Time | Tags | ||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Ubuntu 16.04 ESM",
"product": {
"name": "Ubuntu",
"vendor": {
"name": "Ubuntu",
"scada": false
}
}
},
{
"description": "Ubuntu 18.04 LTS",
"product": {
"name": "Ubuntu",
"vendor": {
"name": "Ubuntu",
"scada": false
}
}
},
{
"description": "Ubuntu 21.10",
"product": {
"name": "Ubuntu",
"vendor": {
"name": "Ubuntu",
"scada": false
}
}
},
{
"description": "Ubuntu 20.04 LTS",
"product": {
"name": "Ubuntu",
"vendor": {
"name": "Ubuntu",
"scada": false
}
}
},
{
"description": "Ubuntu 14.04 ESM",
"product": {
"name": "Ubuntu",
"vendor": {
"name": "Ubuntu",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2021-45485",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-45485"
},
{
"name": "CVE-2021-44879",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-44879"
},
{
"name": "CVE-2021-33034",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-33034"
},
{
"name": "CVE-2021-34693",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-34693"
},
{
"name": "CVE-2021-4202",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-4202"
},
{
"name": "CVE-2021-3679",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3679"
},
{
"name": "CVE-2021-3483",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3483"
},
{
"name": "CVE-2021-38204",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-38204"
},
{
"name": "CVE-2021-28711",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-28711"
},
{
"name": "CVE-2021-43975",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-43975"
},
{
"name": "CVE-2021-28713",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-28713"
},
{
"name": "CVE-2021-4083",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-4083"
},
{
"name": "CVE-2022-0330",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0330"
},
{
"name": "CVE-2021-28712",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-28712"
},
{
"name": "CVE-2021-0129",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-0129"
},
{
"name": "CVE-2022-22942",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22942"
},
{
"name": "CVE-2021-4155",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-4155"
},
{
"name": "CVE-2021-3564",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3564"
},
{
"name": "CVE-2021-43976",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-43976"
},
{
"name": "CVE-2020-26558",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-26558"
},
{
"name": "CVE-2021-22600",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-22600"
},
{
"name": "CVE-2022-24448",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-24448"
},
{
"name": "CVE-2022-0492",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0492"
},
{
"name": "CVE-2021-39685",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-39685"
},
{
"name": "CVE-2020-26147",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-26147"
},
{
"name": "CVE-2022-0435",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0435"
},
{
"name": "CVE-2021-3612",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3612"
},
{
"name": "CVE-2021-28714",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-28714"
},
{
"name": "CVE-2021-42008",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-42008"
},
{
"name": "CVE-2021-28972",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-28972"
},
{
"name": "CVE-2021-28715",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-28715"
},
{
"name": "CVE-2022-24959",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-24959"
}
],
"initial_release_date": "2022-02-23T00:00:00",
"last_revision_date": "2022-02-23T00:00:00",
"links": [],
"reference": "CERTFR-2022-AVI-176",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2022-02-23T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Ex\u00e9cution de code arbitraire"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans le noyau Linux\nd\u0027Ubuntu. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer\nune ex\u00e9cution de code arbitraire, un d\u00e9ni de service \u00e0 distance et une\natteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans le noyau Linux d\u0027Ubuntu",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-5302-1 du 22 f\u00e9vrier 2022",
"url": "https://ubuntu.com/security/notices/USN-5302-1"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-5295-2 du 22 f\u00e9vrier 2022",
"url": "https://ubuntu.com/security/notices/USN-5295-2"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-5298-1 du 22 f\u00e9vrier 2022",
"url": "https://ubuntu.com/security/notices/USN-5298-1"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-5297-1 du 22 f\u00e9vrier 2022",
"url": "https://ubuntu.com/security/notices/USN-5297-1"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-5294-2 du 22 f\u00e9vrier 2022",
"url": "https://ubuntu.com/security/notices/USN-5294-2"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-5299-1 du 22 f\u00e9vrier 2022",
"url": "https://ubuntu.com/security/notices/USN-5299-1"
}
]
}
CERTFR-2022-AVI-265
Vulnerability from certfr_avis - Published: 2022-03-23 - Updated: 2022-03-23
De multiples vulnérabilités ont été découvertes dans le noyau Linux de Ubuntu. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire, un déni de service et une atteinte à l'intégrité des données.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
References
| Title | Publication Time | Tags | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Ubuntu 16.04 ESM",
"product": {
"name": "Ubuntu",
"vendor": {
"name": "Ubuntu",
"scada": false
}
}
},
{
"description": "Ubuntu 18.04 LTS",
"product": {
"name": "Ubuntu",
"vendor": {
"name": "Ubuntu",
"scada": false
}
}
},
{
"description": "Ubuntu 21.10",
"product": {
"name": "Ubuntu",
"vendor": {
"name": "Ubuntu",
"scada": false
}
}
},
{
"description": "Ubuntu 20.04 LTS",
"product": {
"name": "Ubuntu",
"vendor": {
"name": "Ubuntu",
"scada": false
}
}
},
{
"description": "Ubuntu 14.04 ESM",
"product": {
"name": "Ubuntu",
"vendor": {
"name": "Ubuntu",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2021-38208",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-38208"
},
{
"name": "CVE-2021-20317",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-20317"
},
{
"name": "CVE-2020-26139",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-26139"
},
{
"name": "CVE-2021-45485",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-45485"
},
{
"name": "CVE-2021-33034",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-33034"
},
{
"name": "CVE-2021-34693",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-34693"
},
{
"name": "CVE-2020-25672",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-25672"
},
{
"name": "CVE-2021-3679",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3679"
},
{
"name": "CVE-2021-3483",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3483"
},
{
"name": "CVE-2021-38204",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-38204"
},
{
"name": "CVE-2020-36385",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-36385"
},
{
"name": "CVE-2021-45095",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-45095"
},
{
"name": "CVE-2021-3573",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3573"
},
{
"name": "CVE-2021-38160",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-38160"
},
{
"name": "CVE-2018-5995",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-5995"
},
{
"name": "CVE-2020-12655",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-12655"
},
{
"name": "CVE-2021-28711",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-28711"
},
{
"name": "CVE-2021-43975",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-43975"
},
{
"name": "CVE-2021-4135",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-4135"
},
{
"name": "CVE-2021-28713",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-28713"
},
{
"name": "CVE-2021-45402",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-45402"
},
{
"name": "CVE-2022-0264",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0264"
},
{
"name": "CVE-2021-44733",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-44733"
},
{
"name": "CVE-2021-3506",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3506"
},
{
"name": "CVE-2021-28712",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-28712"
},
{
"name": "CVE-2021-33098",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-33098"
},
{
"name": "CVE-2022-0516",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0516"
},
{
"name": "CVE-2021-0129",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-0129"
},
{
"name": "CVE-2021-45480",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-45480"
},
{
"name": "CVE-2021-40490",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-40490"
},
{
"name": "CVE-2020-25671",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-25671"
},
{
"name": "CVE-2021-38198",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-38198"
},
{
"name": "CVE-2021-29650",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-29650"
},
{
"name": "CVE-2020-36322",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-36322"
},
{
"name": "CVE-2021-3564",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3564"
},
{
"name": "CVE-2021-43976",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-43976"
},
{
"name": "CVE-2020-26558",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-26558"
},
{
"name": "CVE-2021-28688",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-28688"
},
{
"name": "CVE-2021-45469",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-45469"
},
{
"name": "CVE-2022-0492",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0492"
},
{
"name": "CVE-2021-39685",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-39685"
},
{
"name": "CVE-2020-26147",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-26147"
},
{
"name": "CVE-2022-0435",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0435"
},
{
"name": "CVE-2021-3612",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3612"
},
{
"name": "CVE-2016-2854",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-2854"
},
{
"name": "CVE-2021-39698",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-39698"
},
{
"name": "CVE-2022-0382",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0382"
},
{
"name": "CVE-2021-28714",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-28714"
},
{
"name": "CVE-2020-25670",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-25670"
},
{
"name": "CVE-2021-42008",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-42008"
},
{
"name": "CVE-2021-28972",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-28972"
},
{
"name": "CVE-2021-23134",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-23134"
},
{
"name": "CVE-2021-32399",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-32399"
},
{
"name": "CVE-2021-20292",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-20292"
},
{
"name": "CVE-2019-19449",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-19449"
},
{
"name": "CVE-2020-26555",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-26555"
},
{
"name": "CVE-2021-28715",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-28715"
},
{
"name": "CVE-2021-33033",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-33033"
},
{
"name": "CVE-2016-2853",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-2853"
},
{
"name": "CVE-2021-39648",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-39648"
},
{
"name": "CVE-2021-4197",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-4197"
},
{
"name": "CVE-2020-25673",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-25673"
},
{
"name": "CVE-2022-23222",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-23222"
},
{
"name": "CVE-2022-0742",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0742"
},
{
"name": "CVE-2021-43389",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-43389"
}
],
"initial_release_date": "2022-03-23T00:00:00",
"last_revision_date": "2022-03-23T00:00:00",
"links": [],
"reference": "CERTFR-2022-AVI-265",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2022-03-23T00:00:00.000000"
}
],
"risks": [
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Ex\u00e9cution de code arbitraire"
},
{
"description": "D\u00e9ni de service"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans le noyau Linux de\nUbuntu. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer\nune ex\u00e9cution de code arbitraire, un d\u00e9ni de service et une atteinte \u00e0\nl\u0027int\u00e9grit\u00e9 des donn\u00e9es.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans le noyau Linux de Ubuntu",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 le noyau Linux de Ubuntu USN-5343-1 du 22 mars 2022",
"url": "https://ubuntu.com/security/notices/USN-5343-1"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 le noyau Linux de Ubuntu USN-5339-1 du 22 mars 2022",
"url": "https://ubuntu.com/security/notices/USN-5339-1"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 le noyau Linux de Ubuntu USN-5338-1 du 22 mars 2022",
"url": "https://ubuntu.com/security/notices/USN-5338-1"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 le noyau Linux de Ubuntu USN-5337-1 du 22 mars 2022",
"url": "https://ubuntu.com/security/notices/USN-5337-1"
}
]
}
Title
Linux Kernel资源管理错误漏洞
Description
Linux kernel是美国Linux基金会的开源操作系统Linux所使用的内核。
Linux kernel存在安全漏洞,攻击者可利用该漏洞可以通过嘈杂的Linux内核的ioctl()强制使用一个释放的内存区域,以触发拒绝服务,并可能运行代码。
Severity
高
Patch Name
Linux Kernel资源管理错误漏洞的补丁
Patch Description
Linux kernel是美国Linux基金会的开源操作系统Linux所使用的内核。
Linux kernel存在安全漏洞,攻击者可利用该漏洞可以通过嘈杂的Linux内核的ioctl()强制使用一个释放的内存区域,以触发拒绝服务,并可能运行代码。目前,供应商发布了安全公告及相关补丁信息,修复了此漏洞。
Formal description
厂商已发布了漏洞修复程序,请及时关注更新: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=829933ef05a951c8ff140e814656d73e74915faf
Reference
https://exchange.xforce.ibmcloud.com/vulnerabilities/199527
Impacted products
| Name | Linux Linux kernel |
|---|
{
"cves": {
"cve": {
"cveNumber": "CVE-2021-3483"
}
},
"description": "Linux kernel\u662f\u7f8e\u56fdLinux\u57fa\u91d1\u4f1a\u7684\u5f00\u6e90\u64cd\u4f5c\u7cfb\u7edfLinux\u6240\u4f7f\u7528\u7684\u5185\u6838\u3002\n\nLinux kernel\u5b58\u5728\u5b89\u5168\u6f0f\u6d1e\uff0c\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u53ef\u4ee5\u901a\u8fc7\u5608\u6742\u7684Linux\u5185\u6838\u7684ioctl()\u5f3a\u5236\u4f7f\u7528\u4e00\u4e2a\u91ca\u653e\u7684\u5185\u5b58\u533a\u57df\uff0c\u4ee5\u89e6\u53d1\u62d2\u7edd\u670d\u52a1\uff0c\u5e76\u53ef\u80fd\u8fd0\u884c\u4ee3\u7801\u3002",
"formalWay": "\u5382\u5546\u5df2\u53d1\u5e03\u4e86\u6f0f\u6d1e\u4fee\u590d\u7a0b\u5e8f\uff0c\u8bf7\u53ca\u65f6\u5173\u6ce8\u66f4\u65b0\uff1a\r\nhttps://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=829933ef05a951c8ff140e814656d73e74915faf",
"isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
"number": "CNVD-2021-36261",
"openTime": "2021-05-21",
"patchDescription": "Linux kernel\u662f\u7f8e\u56fdLinux\u57fa\u91d1\u4f1a\u7684\u5f00\u6e90\u64cd\u4f5c\u7cfb\u7edfLinux\u6240\u4f7f\u7528\u7684\u5185\u6838\u3002\r\n\r\nLinux kernel\u5b58\u5728\u5b89\u5168\u6f0f\u6d1e\uff0c\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u53ef\u4ee5\u901a\u8fc7\u5608\u6742\u7684Linux\u5185\u6838\u7684ioctl()\u5f3a\u5236\u4f7f\u7528\u4e00\u4e2a\u91ca\u653e\u7684\u5185\u5b58\u533a\u57df\uff0c\u4ee5\u89e6\u53d1\u62d2\u7edd\u670d\u52a1\uff0c\u5e76\u53ef\u80fd\u8fd0\u884c\u4ee3\u7801\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
"patchName": "Linux Kernel\u8d44\u6e90\u7ba1\u7406\u9519\u8bef\u6f0f\u6d1e\u7684\u8865\u4e01",
"products": {
"product": "Linux Linux kernel"
},
"referenceLink": "https://exchange.xforce.ibmcloud.com/vulnerabilities/199527",
"serverity": "\u9ad8",
"submitTime": "2021-04-12",
"title": "Linux Kernel\u8d44\u6e90\u7ba1\u7406\u9519\u8bef\u6f0f\u6d1e"
}
FKIE_CVE-2021-3483
Vulnerability from fkie_nvd - Published: 2021-05-17 12:15 - Updated: 2024-11-21 06:21
Severity
Summary
A flaw was found in the Nosy driver in the Linux kernel. This issue allows a device to be inserted twice into a doubly-linked list, leading to a use-after-free when one of these devices is removed. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability. Versions before kernel 5.12-rc6 are affected
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| linux | linux_kernel | * | |
| linux | linux_kernel | 5.12 | |
| linux | linux_kernel | 5.12 | |
| linux | linux_kernel | 5.12 | |
| linux | linux_kernel | 5.12 | |
| linux | linux_kernel | 5.12 | |
| debian | debian_linux | 9.0 | |
| netapp | cloud_backup | - | |
| netapp | h300s_firmware | - | |
| netapp | h300s | - | |
| netapp | h500s_firmware | - | |
| netapp | h500s | - | |
| netapp | h700s_firmware | - | |
| netapp | h700s | - | |
| netapp | h300e_firmware | - | |
| netapp | h300e | - | |
| netapp | h500e_firmware | - | |
| netapp | h500e | - | |
| netapp | h700e_firmware | - | |
| netapp | h700e | - | |
| netapp | h410s_firmware | - | |
| netapp | h410s | - | |
| netapp | h410c_firmware | - | |
| netapp | h410c | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"matchCriteriaId": "40362FFA-6C99-41DB-AC04-5B835E7DE052",
"versionEndExcluding": "5.12",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:5.12:rc1:*:*:*:*:*:*",
"matchCriteriaId": "07875739-0CCB-4F48-9330-3D4B6A4064FA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:5.12:rc2:*:*:*:*:*:*",
"matchCriteriaId": "DA09B732-04F8-452C-94CF-97644E78684D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:5.12:rc3:*:*:*:*:*:*",
"matchCriteriaId": "E5371152-7515-4908-BB7E-494805EA5DF2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:5.12:rc4:*:*:*:*:*:*",
"matchCriteriaId": "D7788E5B-D54E-45BF-9043-2C7B77842FD0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:5.12:rc5:*:*:*:*:*:*",
"matchCriteriaId": "A935F9F1-DA8B-49F4-BF2B-FA01A92F113E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DEECE5FC-CACF-4496-A3E7-164736409252",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:netapp:cloud_backup:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5C2089EE-5D7F-47EC-8EA5-0F69790564C4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netapp:h300s_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6770B6C3-732E-4E22-BF1C-2D2FD610061C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netapp:h300s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9F9C8C20-42EB-4AB5-BD97-212DEB070C43",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netapp:h500s_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7FFF7106-ED78-49BA-9EC5-B889E3685D53",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netapp:h500s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E63D8B0F-006E-4801-BF9D-1C001BBFB4F9",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netapp:h700s_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "56409CEC-5A1E-4450-AA42-641E459CC2AF",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netapp:h700s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B06F4839-D16A-4A61-9BB5-55B13F41E47F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netapp:h300e_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "108A2215-50FB-4074-94CF-C130FA14566D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netapp:h300e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7AFC73CE-ABB9-42D3-9A71-3F5BC5381E0E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netapp:h500e_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "32F0B6C0-F930-480D-962B-3F4EFDCC13C7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netapp:h500e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "803BC414-B250-4E3A-A478-A3881340D6B8",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netapp:h700e_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0FEB3337-BFDE-462A-908B-176F92053CEC",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netapp:h700e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "736AEAE9-782B-4F71-9893-DED53367E102",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netapp:h410s_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D0B4AD8A-F172-4558-AEC6-FF424BA2D912",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netapp:h410s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8497A4C9-8474-4A62-8331-3FE862ED4098",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netapp:h410c_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "234DEFE0-5CE5-4B0A-96B8-5D227CB8ED31",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netapp:h410c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CDDF61B7-EC5C-467C-B710-B89F502CD04F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A flaw was found in the Nosy driver in the Linux kernel. This issue allows a device to be inserted twice into a doubly-linked list, leading to a use-after-free when one of these devices is removed. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability. Versions before kernel 5.12-rc6 are affected"
},
{
"lang": "es",
"value": "Se encontr\u00f3 una fallo en el controlador Nosy en el kernel de Linux.\u0026#xa0;Este problema permite a un dispositivo ser insertado dos veces en una lista doblemente enlazada, conllevando a un uso de la memoria previamente liberada cuando uno de estos dispositivos es eliminado.\u0026#xa0;La mayor amenaza de esta vulnerabilidad es la confidencialidad, la integridad as\u00ed como la disponibilidad del sistema.\u0026#xa0;Las versiones anteriores al kernel 5.12-rc6 est\u00e1n afectadas"
}
],
"id": "CVE-2021-3483",
"lastModified": "2024-11-21T06:21:39.150",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-05-17T12:15:07.523",
"references": [
{
"source": "secalert@redhat.com",
"tags": [
"Mailing List",
"Patch",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2021/04/07/1"
},
{
"source": "secalert@redhat.com",
"tags": [
"Issue Tracking",
"Patch",
"Third Party Advisory"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1948045"
},
{
"source": "secalert@redhat.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2021/06/msg00019.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2021/06/msg00020.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20210629-0002/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Patch",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2021/04/07/1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Patch",
"Third Party Advisory"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1948045"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2021/06/msg00019.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2021/06/msg00020.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20210629-0002/"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-416"
}
],
"source": "secalert@redhat.com",
"type": "Secondary"
}
]
}
GHSA-JVQW-V5H3-CCW4
Vulnerability from github – Published: 2022-05-24 19:02 – Updated: 2022-05-24 19:02
VLAI
Details
A flaw was found in the Nosy driver in the Linux kernel. This issue allows a device to be inserted twice into a doubly-linked list, leading to a use-after-free when one of these devices is removed. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability. Versions before kernel 5.12-rc6 are affected
Severity
7.8 (High)
{
"affected": [],
"aliases": [
"CVE-2021-3483"
],
"database_specific": {
"cwe_ids": [
"CWE-416"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2021-05-17T12:15:00Z",
"severity": "HIGH"
},
"details": "A flaw was found in the Nosy driver in the Linux kernel. This issue allows a device to be inserted twice into a doubly-linked list, leading to a use-after-free when one of these devices is removed. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability. Versions before kernel 5.12-rc6 are affected",
"id": "GHSA-jvqw-v5h3-ccw4",
"modified": "2022-05-24T19:02:38Z",
"published": "2022-05-24T19:02:38Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-3483"
},
{
"type": "WEB",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1948045"
},
{
"type": "WEB",
"url": "https://lists.debian.org/debian-lts-announce/2021/06/msg00019.html"
},
{
"type": "WEB",
"url": "https://lists.debian.org/debian-lts-announce/2021/06/msg00020.html"
},
{
"type": "WEB",
"url": "https://security.netapp.com/advisory/ntap-20210629-0002"
},
{
"type": "WEB",
"url": "http://www.openwall.com/lists/oss-security/2021/04/07/1"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GSD-2021-3483
Vulnerability from gsd - Updated: 2023-12-13 01:23Details
A flaw was found in the Nosy driver in the Linux kernel. This issue allows a device to be inserted twice into a doubly-linked list, leading to a use-after-free when one of these devices is removed. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability. Versions before kernel 5.12-rc6 are affected
Aliases
Aliases
{
"GSD": {
"alias": "CVE-2021-3483",
"description": "A flaw was found in the Nosy driver in the Linux kernel. This issue allows a device to be inserted twice into a doubly-linked list, leading to a use-after-free when one of these devices is removed. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability. Versions before kernel 5.12-rc6 are affected",
"id": "GSD-2021-3483",
"references": [
"https://www.suse.com/security/cve/CVE-2021-3483.html",
"https://ubuntu.com/security/CVE-2021-3483",
"https://advisories.mageia.org/CVE-2021-3483.html",
"https://security.archlinux.org/CVE-2021-3483"
]
},
"gsd": {
"metadata": {
"exploitCode": "unknown",
"remediation": "unknown",
"reportConfidence": "confirmed",
"type": "vulnerability"
},
"osvSchema": {
"aliases": [
"CVE-2021-3483"
],
"details": "A flaw was found in the Nosy driver in the Linux kernel. This issue allows a device to be inserted twice into a doubly-linked list, leading to a use-after-free when one of these devices is removed. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability. Versions before kernel 5.12-rc6 are affected",
"id": "GSD-2021-3483",
"modified": "2023-12-13T01:23:34.228333Z",
"schema_version": "1.4.0"
}
},
"namespaces": {
"cve.org": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2021-3483",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "kernel",
"version": {
"version_data": [
{
"version_value": "kernel 5.12-rc6"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A flaw was found in the Nosy driver in the Linux kernel. This issue allows a device to be inserted twice into a doubly-linked list, leading to a use-after-free when one of these devices is removed. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability. Versions before kernel 5.12-rc6 are affected"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-416"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "[oss-security] 20210407 CVE-2021-3483: Linux kernel: a use-after-free bug in nosy driver",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2021/04/07/1"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1948045",
"refsource": "MISC",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1948045"
},
{
"name": "[debian-lts-announce] 20210623 [SECURITY] [DLA 2689-1] linux security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2021/06/msg00020.html"
},
{
"name": "[debian-lts-announce] 20210623 [SECURITY] [DLA 2690-1] linux-4.19 security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2021/06/msg00019.html"
},
{
"name": "https://security.netapp.com/advisory/ntap-20210629-0002/",
"refsource": "CONFIRM",
"url": "https://security.netapp.com/advisory/ntap-20210629-0002/"
}
]
}
},
"nvd.nist.gov": {
"configurations": {
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:5.12:rc1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:5.12:rc2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:5.12:rc3:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:5.12:rc4:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "5.12",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:5.12:rc5:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:netapp:cloud_backup:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:netapp:h300s_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:netapp:h300s:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:netapp:h500s_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:netapp:h500s:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:netapp:h700s_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:netapp:h700s:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:netapp:h300e_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:netapp:h300e:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:netapp:h500e_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:netapp:h500e:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:netapp:h700e_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:netapp:h700e:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:netapp:h410s_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:netapp:h410s:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:netapp:h410c_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:netapp:h410c:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
},
"cve": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2021-3483"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "en",
"value": "A flaw was found in the Nosy driver in the Linux kernel. This issue allows a device to be inserted twice into a doubly-linked list, leading to a use-after-free when one of these devices is removed. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability. Versions before kernel 5.12-rc6 are affected"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "en",
"value": "CWE-416"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "[oss-security] 20210407 CVE-2021-3483: Linux kernel: a use-after-free bug in nosy driver",
"refsource": "MLIST",
"tags": [
"Mailing List",
"Patch",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2021/04/07/1"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1948045",
"refsource": "MISC",
"tags": [
"Issue Tracking",
"Patch",
"Third Party Advisory"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1948045"
},
{
"name": "[debian-lts-announce] 20210623 [SECURITY] [DLA 2690-1] linux-4.19 security update",
"refsource": "MLIST",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2021/06/msg00019.html"
},
{
"name": "[debian-lts-announce] 20210623 [SECURITY] [DLA 2689-1] linux security update",
"refsource": "MLIST",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2021/06/msg00020.html"
},
{
"name": "https://security.netapp.com/advisory/ntap-20210629-0002/",
"refsource": "CONFIRM",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20210629-0002/"
}
]
}
},
"impact": {
"baseMetricV2": {
"acInsufInfo": false,
"cvssV2": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"userInteractionRequired": false
},
"baseMetricV3": {
"cvssV3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
},
"lastModifiedDate": "2022-05-13T19:40Z",
"publishedDate": "2021-05-17T12:15Z"
}
}
}
MSRC_CVE-2021-3483
Vulnerability from csaf_microsoft - Published: 2021-05-02 00:00 - Updated: 2021-12-16 00:00Summary
A flaw was found in the Nosy driver in the Linux kernel. This issue allows a device to be inserted twice into a doubly-linked list leading to a use-after-free when one of these devices is removed. The highest threat from this vulnerability is to confidentiality integrity as well as system availability. Versions before kernel 5.12-rc6 are affected
Notes
Additional Resources: To determine the support lifecycle for your software, see the Microsoft Support Lifecycle: https://support.microsoft.com/lifecycle
Disclaimer: The information provided in the Microsoft Knowledge Base is provided \"as is\" without warranty of any kind. Microsoft disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose. In no event shall Microsoft Corporation or its suppliers be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages, even if Microsoft Corporation or its suppliers have been advised of the possibility of such damages. Some states do not allow the exclusion or limitation of liability for consequential or incidental damages so the foregoing limitation may not apply.
7.8 (High)
Affected products
Fixed
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 16919-16820 | — | ||
| Unresolved product id: 16920-17086 | — |
References
4 references
| URL | Category |
|---|---|
| https://msrc.microsoft.com/csaf/vex/2021/msrc_cve… | self |
| https://support.microsoft.com/lifecycle | external |
| https://www.first.org/cvss | external |
| https://msrc.microsoft.com/csaf/vex/2021/msrc_cve… | self |
{
"document": {
"category": "csaf_vex",
"csaf_version": "2.0",
"distribution": {
"text": "Public",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en-US",
"notes": [
{
"category": "general",
"text": "To determine the support lifecycle for your software, see the Microsoft Support Lifecycle: https://support.microsoft.com/lifecycle",
"title": "Additional Resources"
},
{
"category": "legal_disclaimer",
"text": "The information provided in the Microsoft Knowledge Base is provided \\\"as is\\\" without warranty of any kind. Microsoft disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose. In no event shall Microsoft Corporation or its suppliers be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages, even if Microsoft Corporation or its suppliers have been advised of the possibility of such damages. Some states do not allow the exclusion or limitation of liability for consequential or incidental damages so the foregoing limitation may not apply.",
"title": "Disclaimer"
}
],
"publisher": {
"category": "vendor",
"contact_details": "secure@microsoft.com",
"name": "Microsoft Security Response Center",
"namespace": "https://msrc.microsoft.com"
},
"references": [
{
"category": "self",
"summary": "CVE-2021-3483 A flaw was found in the Nosy driver in the Linux kernel. This issue allows a device to be inserted twice into a doubly-linked list leading to a use-after-free when one of these devices is removed. The highest threat from this vulnerability is to confidentiality integrity as well as system availability. Versions before kernel 5.12-rc6 are affected - VEX",
"url": "https://msrc.microsoft.com/csaf/vex/2021/msrc_cve-2021-3483.json"
},
{
"category": "external",
"summary": "Microsoft Support Lifecycle",
"url": "https://support.microsoft.com/lifecycle"
},
{
"category": "external",
"summary": "Common Vulnerability Scoring System",
"url": "https://www.first.org/cvss"
}
],
"title": "A flaw was found in the Nosy driver in the Linux kernel. This issue allows a device to be inserted twice into a doubly-linked list leading to a use-after-free when one of these devices is removed. The highest threat from this vulnerability is to confidentiality integrity as well as system availability. Versions before kernel 5.12-rc6 are affected",
"tracking": {
"current_release_date": "2021-12-16T00:00:00.000Z",
"generator": {
"date": "2025-12-27T18:53:44.503Z",
"engine": {
"name": "MSRC Generator",
"version": "1.0"
}
},
"id": "msrc_CVE-2021-3483",
"initial_release_date": "2021-05-02T00:00:00.000Z",
"revision_history": [
{
"date": "2021-05-26T00:00:00.000Z",
"legacy_version": "1",
"number": "1",
"summary": "Information published."
},
{
"date": "2021-12-16T00:00:00.000Z",
"legacy_version": "1.1",
"number": "2",
"summary": "Added kernel to CBL-Mariner 2.0"
}
],
"status": "final",
"version": "2"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "1.0",
"product": {
"name": "CBL Mariner 1.0",
"product_id": "16820"
}
},
{
"category": "product_version",
"name": "2.0",
"product": {
"name": "CBL Mariner 2.0",
"product_id": "17086"
}
}
],
"category": "product_name",
"name": "Azure Linux"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003ccm1 kernel 5.10.60.1-1",
"product": {
"name": "\u003ccm1 kernel 5.10.60.1-1",
"product_id": "2"
}
},
{
"category": "product_version",
"name": "cm1 kernel 5.10.60.1-1",
"product": {
"name": "cm1 kernel 5.10.60.1-1",
"product_id": "16919"
}
},
{
"category": "product_version_range",
"name": "\u003ccbl2 kernel 5.10.78.1-1",
"product": {
"name": "\u003ccbl2 kernel 5.10.78.1-1",
"product_id": "1"
}
},
{
"category": "product_version",
"name": "cbl2 kernel 5.10.78.1-1",
"product": {
"name": "cbl2 kernel 5.10.78.1-1",
"product_id": "16920"
}
}
],
"category": "product_name",
"name": "kernel"
}
],
"category": "vendor",
"name": "Microsoft"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "\u003ccm1 kernel 5.10.60.1-1 as a component of CBL Mariner 1.0",
"product_id": "16820-2"
},
"product_reference": "2",
"relates_to_product_reference": "16820"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cm1 kernel 5.10.60.1-1 as a component of CBL Mariner 1.0",
"product_id": "16919-16820"
},
"product_reference": "16919",
"relates_to_product_reference": "16820"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "\u003ccbl2 kernel 5.10.78.1-1 as a component of CBL Mariner 2.0",
"product_id": "17086-1"
},
"product_reference": "1",
"relates_to_product_reference": "17086"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cbl2 kernel 5.10.78.1-1 as a component of CBL Mariner 2.0",
"product_id": "16920-17086"
},
"product_reference": "16920",
"relates_to_product_reference": "17086"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2021-3483",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "general",
"text": "redhat",
"title": "Assigning CNA"
}
],
"product_status": {
"fixed": [
"16919-16820",
"16920-17086"
],
"known_affected": [
"16820-2",
"17086-1"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2021-3483 A flaw was found in the Nosy driver in the Linux kernel. This issue allows a device to be inserted twice into a doubly-linked list leading to a use-after-free when one of these devices is removed. The highest threat from this vulnerability is to confidentiality integrity as well as system availability. Versions before kernel 5.12-rc6 are affected - VEX",
"url": "https://msrc.microsoft.com/csaf/vex/2021/msrc_cve-2021-3483.json"
}
],
"remediations": [
{
"category": "vendor_fix",
"date": "2021-05-26T00:00:00.000Z",
"details": "-:Security Update:https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade",
"product_ids": [
"16820-2"
],
"url": "https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade"
},
{
"category": "vendor_fix",
"date": "2021-05-26T00:00:00.000Z",
"details": "5.10.78.1-1:Security Update:https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade",
"product_ids": [
"17086-1"
],
"url": "https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"environmentalsScore": 0.0,
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"temporalScore": 7.8,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"16820-2",
"17086-1"
]
}
],
"title": "A flaw was found in the Nosy driver in the Linux kernel. This issue allows a device to be inserted twice into a doubly-linked list leading to a use-after-free when one of these devices is removed. The highest threat from this vulnerability is to confidentiality integrity as well as system availability. Versions before kernel 5.12-rc6 are affected"
}
]
}
OPENSUSE-SU-2021:0579-1
Vulnerability from csaf_opensuse - Published: 2021-04-19 12:09 - Updated: 2021-04-19 12:09Summary
Security update for the Linux Kernel
Severity
Important
Notes
Title of the patch: Security update for the Linux Kernel
Description of the patch: The openSUSE Linux Leap 15.2 kernel was updated to receive various security and bugfixes.
The following security bugs were fixed:
- CVE-2021-3483: Fixed a use-after-free in nosy.c (bsc#1184393).
- CVE-2021-30002: Fixed a memory leak for large arguments in video_usercopy (bsc#1184120).
- CVE-2021-29154: Fixed incorrect computation of branch displacements, allowing arbitrary code execution (bsc#1184391).
- CVE-2021-28950: Fixed an issue in fs/fuse/fuse_i.h due to a retry loop continually was finding the same bad inode (bsc#1184194).
- CVE-2020-36312: Fixed a memory leak upon a kmalloc failure (bsc#1184509 ).
- CVE-2020-36311: Fixed a denial of service (soft lockup) by triggering destruction of a large SEV VM (bsc#1184511).
- CVE-2020-36310: Fixed infinite loop for certain nested page faults (bsc#1184512).
- CVE-2020-25670, CVE-2020-25671, CVE-2020-25672, CVE-2020-25673: Fixed multiple bugs in NFC subsytem (bsc#1178181).
- CVE-2020-36322: Fixed an issue was discovered in FUSE filesystem implementation which could have caused a system crash (bsc#1184211).
The following non-security bugs were fixed:
- ALSA: aloop: Fix initialization of controls (git-fixes).
- ALSA: hda/realtek: Fix speaker amp setup on Acer Aspire E1 (git-fixes).
- appletalk: Fix skb allocation size in loopback case (git-fixes).
- ASoC: cygnus: fix for_each_child.cocci warnings (git-fixes).
- ASoC: fsl_esai: Fix TDM slot setup for I2S mode (git-fixes).
- ASoC: intel: atom: Remove 44100 sample-rate from the media and deep-buffer DAI descriptions (git-fixes).
- ASoC: intel: atom: Stop advertising non working S24LE support (git-fixes).
- ASoC: max98373: Added 30ms turn on/off time delay (git-fixes).
- ASoC: sunxi: sun4i-codec: fill ASoC card owner (git-fixes).
- ASoC: wm8960: Fix wrong bclk and lrclk with pll enabled for some chips (git-fixes).
- ath10k: hold RCU lock when calling ieee80211_find_sta_by_ifaddr() (git-fixes).
- atl1c: fix error return code in atl1c_probe() (git-fixes).
- atl1e: fix error return code in atl1e_probe() (git-fixes).
- batman-adv: initialize 'struct batadv_tvlv_tt_vlan_data'->reserved field (git-fixes).
- bpf: Fix verifier jsgt branch analysis on max bound (bsc#1155518).
- bpf: Remove MTU check in __bpf_skb_max_len (bsc#1155518).
- bpf, sockmap: Fix sk->prot unhash op reset (bsc#1155518).
- brcmfmac: clear EAP/association status bits on linkdown events (git-fixes).
- bus: ti-sysc: Fix warning on unbind if reset is not deasserted (git-fixes).
- cifs: change noisy error message to FYI (bsc#1181507).
- cifs_debug: use %pd instead of messing with ->d_name (bsc#1181507).
- cifs: do not send close in compound create+close requests (bsc#1181507).
- cifs: New optype for session operations (bsc#1181507).
- cifs: print MIDs in decimal notation (bsc#1181507).
- cifs: return proper error code in statfs(2) (bsc#1181507).
- cifs: Tracepoints and logs for tracing credit changes (bsc#1181507).
- clk: fix invalid usage of list cursor in register (git-fixes).
- clk: fix invalid usage of list cursor in unregister (git-fixes).
- clk: socfpga: fix iomem pointer cast on 64-bit (git-fixes).
- dm mpath: switch paths in dm_blk_ioctl() code path (bsc#1167574, bsc#1175995, bsc#1184485).
- drivers: video: fbcon: fix NULL dereference in fbcon_cursor() (git-fixes).
- drm/amdgpu: check alignment on CPU page for bo map (git-fixes).
- drm/amdgpu: fix offset calculation in amdgpu_vm_bo_clear_mappings() (git-fixes).
- drm/i915: Fix invalid access to ACPI _DSM objects (bsc#1184074).
- drm/msm/adreno: a5xx_power: Do not apply A540 lm_setup to other GPUs (git-fixes).
- drm/msm: Ratelimit invalid-fence message (git-fixes).
- drm/msm: Set drvdata to NULL when msm_drm_init() fails (git-fixes).
- enetc: Fix reporting of h/w packet counters (git-fixes).
- fix Patch-mainline: patches.suse/cifs_debug-use-pd-instead-of-messing-with-d_name.patch
- fix patch metadata
- fuse: fix bad inode (bsc#1184211).
- fuse: fix live lock in fuse_iget() (bsc#1184211).
- gianfar: Handle error code at MAC address change (git-fixes).
- i40e: Fix parameters in aq_get_phy_register() (jsc#SLE-8025).
- i40e: Fix sparse error: 'vsi->netdev' could be null (jsc#SLE-8025).
- ice: remove DCBNL_DEVRESET bit from PF state (jsc#SLE-7926).
- iommu/vt-d: Use device numa domain if RHSA is missing (bsc#1184585).
- kABI: powerpc/pmem: Include pmem prototypes (bsc#1113295 git-fixes).
- libbpf: Fix INSTALL flag order (bsc#1155518).
- libbpf: Only create rx and tx XDP rings when necessary (bsc#1155518).
- locking/mutex: Fix non debug version of mutex_lock_io_nested() (git-fixes).
- mac80211: choose first enabled channel for monitor (git-fixes).
- mac80211: fix TXQ AC confusion (git-fixes).
- mISDN: fix crash in fritzpci (git-fixes).
- net: atheros: switch from 'pci_' to 'dma_' API (git-fixes).
- net: b44: fix error return code in b44_init_one() (git-fixes).
- net: ethernet: ti: cpsw: fix error return code in cpsw_probe() (git-fixes).
- net: hns3: Remove the left over redundant check & assignment (bsc#1154353).
- net: lantiq: Wait for the GPHY firmware to be ready (git-fixes).
- net/mlx5: Fix PPLM register mapping (jsc#SLE-8464).
- net: pasemi: fix error return code in pasemi_mac_open() (git-fixes).
- net: phy: broadcom: Only advertise EEE for supported modes (git-fixes).
- net: qualcomm: rmnet: Fix incorrect receive packet handling during cleanup (git-fixes).
- net: sched: disable TCQ_F_NOLOCK for pfifo_fast (bsc#1183405)
- net: wan/lmc: unregister device when no matching device is found (git-fixes).
- platform/x86: intel-hid: Support Lenovo ThinkPad X1 Tablet Gen 2 (git-fixes).
- platform/x86: thinkpad_acpi: Allow the FnLock LED to change state (git-fixes).
- PM: runtime: Fix ordering in pm_runtime_get_suppliers() (git-fixes).
- post.sh: Return an error when module update fails (bsc#1047233 bsc#1184388).
- powerpc/64s: Fix instruction encoding for lis in ppc_function_entry() (bsc#1065729).
- powerpc/pmem: Include pmem prototypes (bsc#1113295 git-fixes).
- powerpc/pseries/ras: Remove unused variable 'status' (bsc#1065729).
- powerpc/sstep: Check instruction validity against ISA version before emulation (bsc#1156395).
- powerpc/sstep: Fix darn emulation (bsc#1156395).
- powerpc/sstep: Fix incorrect return from analyze_instr() (bsc#1156395).
- powerpc/sstep: Fix load-store and update emulation (bsc#1156395).
- qlcnic: fix error return code in qlcnic_83xx_restart_hw() (git-fixes).
- RAS/CEC: Correct ce_add_elem()'s returned values (bsc#1152489).
- regulator: bd9571mwv: Fix AVS and DVFS voltage range (git-fixes).
- rpm/check-for-config-changes: Also ignore AS_VERSION added in 5.12.
- rpm/kernel-binary.spec.in: Fix dependency of kernel-*-devel package (bsc#1184514) The devel package requires the kernel binary package itself for building modules externally.
- samples/bpf: Fix possible hang in xdpsock with multiple threads (bsc#1155518).
- scsi: ibmvfc: Fix invalid state machine BUG_ON() (bsc#1184647 ltc#191231).
- smb3: add dynamic trace point to trace when credits obtained (bsc#1181507).
- smb3: fix crediting for compounding when only one request in flight (bsc#1181507).
- soc/fsl: qbman: fix conflicting alignment attributes (git-fixes).
- staging: comedi: cb_pcidas64: fix request_irq() warn (git-fixes).
- staging: comedi: cb_pcidas: fix request_irq() warn (git-fixes).
- thermal/core: Add NULL pointer check before using cooling device stats (git-fixes).
- USB: cdc-acm: downgrade message to debug (git-fixes).
- USB: cdc-acm: untangle a circular dependency between callback and softint (git-fixes).
- usbip: vhci_hcd fix shift out-of-bounds in vhci_hub_control() (git-fixes).
- USB: quirks: ignore remote wake-up on Fibocom L850-GL LTE modem (git-fixes).
- x86: Introduce TS_COMPAT_RESTART to fix get_nr_restart_syscall() (bsc#1152489).
- x86/ioapic: Ignore IRQ2 again (bsc#1152489).
- x86/mem_encrypt: Correct physical address calculation in __set_clr_pte_enc() (bsc#1152489).
- xen/events: fix setting irq affinity (bsc#1184583).
Patchnames: openSUSE-2021-579
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
7.8 (High)
Affected products
Recommended
19 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 15.2:kernel-debug-5.3.18-lp152.72.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-debug-devel-5.3.18-lp152.72.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-default-5.3.18-lp152.72.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-default-base-5.3.18-lp152.72.1.lp152.8.30.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-default-base-rebuild-5.3.18-lp152.72.1.lp152.8.30.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-default-devel-5.3.18-lp152.72.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-devel-5.3.18-lp152.72.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-docs-5.3.18-lp152.72.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-docs-html-5.3.18-lp152.72.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-kvmsmall-5.3.18-lp152.72.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-kvmsmall-devel-5.3.18-lp152.72.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-macros-5.3.18-lp152.72.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-obs-build-5.3.18-lp152.72.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-obs-qa-5.3.18-lp152.72.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-preempt-5.3.18-lp152.72.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-preempt-devel-5.3.18-lp152.72.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-source-5.3.18-lp152.72.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-source-vanilla-5.3.18-lp152.72.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-syms-5.3.18-lp152.72.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
5.5 (Medium)
Affected products
Recommended
19 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 15.2:kernel-debug-5.3.18-lp152.72.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-debug-devel-5.3.18-lp152.72.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-default-5.3.18-lp152.72.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-default-base-5.3.18-lp152.72.1.lp152.8.30.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-default-base-rebuild-5.3.18-lp152.72.1.lp152.8.30.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-default-devel-5.3.18-lp152.72.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-devel-5.3.18-lp152.72.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-docs-5.3.18-lp152.72.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-docs-html-5.3.18-lp152.72.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-kvmsmall-5.3.18-lp152.72.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-kvmsmall-devel-5.3.18-lp152.72.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-macros-5.3.18-lp152.72.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-obs-build-5.3.18-lp152.72.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-obs-qa-5.3.18-lp152.72.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-preempt-5.3.18-lp152.72.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-preempt-devel-5.3.18-lp152.72.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-source-5.3.18-lp152.72.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-source-vanilla-5.3.18-lp152.72.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-syms-5.3.18-lp152.72.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
5.5 (Medium)
Affected products
Recommended
19 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 15.2:kernel-debug-5.3.18-lp152.72.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-debug-devel-5.3.18-lp152.72.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-default-5.3.18-lp152.72.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-default-base-5.3.18-lp152.72.1.lp152.8.30.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-default-base-rebuild-5.3.18-lp152.72.1.lp152.8.30.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-default-devel-5.3.18-lp152.72.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-devel-5.3.18-lp152.72.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-docs-5.3.18-lp152.72.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-docs-html-5.3.18-lp152.72.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-kvmsmall-5.3.18-lp152.72.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-kvmsmall-devel-5.3.18-lp152.72.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-macros-5.3.18-lp152.72.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-obs-build-5.3.18-lp152.72.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-obs-qa-5.3.18-lp152.72.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-preempt-5.3.18-lp152.72.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-preempt-devel-5.3.18-lp152.72.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-source-5.3.18-lp152.72.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-source-vanilla-5.3.18-lp152.72.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-syms-5.3.18-lp152.72.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
6.1 (Medium)
Affected products
Recommended
19 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 15.2:kernel-debug-5.3.18-lp152.72.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-debug-devel-5.3.18-lp152.72.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-default-5.3.18-lp152.72.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-default-base-5.3.18-lp152.72.1.lp152.8.30.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-default-base-rebuild-5.3.18-lp152.72.1.lp152.8.30.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-default-devel-5.3.18-lp152.72.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-devel-5.3.18-lp152.72.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-docs-5.3.18-lp152.72.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-docs-html-5.3.18-lp152.72.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-kvmsmall-5.3.18-lp152.72.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-kvmsmall-devel-5.3.18-lp152.72.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-macros-5.3.18-lp152.72.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-obs-build-5.3.18-lp152.72.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-obs-qa-5.3.18-lp152.72.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-preempt-5.3.18-lp152.72.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-preempt-devel-5.3.18-lp152.72.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-source-5.3.18-lp152.72.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-source-vanilla-5.3.18-lp152.72.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-syms-5.3.18-lp152.72.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
6.2 (Medium)
Affected products
Recommended
19 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 15.2:kernel-debug-5.3.18-lp152.72.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-debug-devel-5.3.18-lp152.72.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-default-5.3.18-lp152.72.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-default-base-5.3.18-lp152.72.1.lp152.8.30.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-default-base-rebuild-5.3.18-lp152.72.1.lp152.8.30.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-default-devel-5.3.18-lp152.72.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-devel-5.3.18-lp152.72.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-docs-5.3.18-lp152.72.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-docs-html-5.3.18-lp152.72.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-kvmsmall-5.3.18-lp152.72.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-kvmsmall-devel-5.3.18-lp152.72.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-macros-5.3.18-lp152.72.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-obs-build-5.3.18-lp152.72.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-obs-qa-5.3.18-lp152.72.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-preempt-5.3.18-lp152.72.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-preempt-devel-5.3.18-lp152.72.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-source-5.3.18-lp152.72.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-source-vanilla-5.3.18-lp152.72.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-syms-5.3.18-lp152.72.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
4 (Medium)
Affected products
Recommended
19 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 15.2:kernel-debug-5.3.18-lp152.72.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-debug-devel-5.3.18-lp152.72.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-default-5.3.18-lp152.72.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-default-base-5.3.18-lp152.72.1.lp152.8.30.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-default-base-rebuild-5.3.18-lp152.72.1.lp152.8.30.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-default-devel-5.3.18-lp152.72.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-devel-5.3.18-lp152.72.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-docs-5.3.18-lp152.72.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-docs-html-5.3.18-lp152.72.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-kvmsmall-5.3.18-lp152.72.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-kvmsmall-devel-5.3.18-lp152.72.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-macros-5.3.18-lp152.72.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-obs-build-5.3.18-lp152.72.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-obs-qa-5.3.18-lp152.72.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-preempt-5.3.18-lp152.72.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-preempt-devel-5.3.18-lp152.72.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-source-5.3.18-lp152.72.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-source-vanilla-5.3.18-lp152.72.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-syms-5.3.18-lp152.72.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
Affected products
Recommended
19 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 15.2:kernel-debug-5.3.18-lp152.72.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-debug-devel-5.3.18-lp152.72.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-default-5.3.18-lp152.72.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-default-base-5.3.18-lp152.72.1.lp152.8.30.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-default-base-rebuild-5.3.18-lp152.72.1.lp152.8.30.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-default-devel-5.3.18-lp152.72.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-devel-5.3.18-lp152.72.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-docs-5.3.18-lp152.72.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-docs-html-5.3.18-lp152.72.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-kvmsmall-5.3.18-lp152.72.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-kvmsmall-devel-5.3.18-lp152.72.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-macros-5.3.18-lp152.72.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-obs-build-5.3.18-lp152.72.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-obs-qa-5.3.18-lp152.72.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-preempt-5.3.18-lp152.72.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-preempt-devel-5.3.18-lp152.72.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-source-5.3.18-lp152.72.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-source-vanilla-5.3.18-lp152.72.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-syms-5.3.18-lp152.72.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
low
7.7 (High)
Affected products
Recommended
19 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 15.2:kernel-debug-5.3.18-lp152.72.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-debug-devel-5.3.18-lp152.72.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-default-5.3.18-lp152.72.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-default-base-5.3.18-lp152.72.1.lp152.8.30.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-default-base-rebuild-5.3.18-lp152.72.1.lp152.8.30.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-default-devel-5.3.18-lp152.72.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-devel-5.3.18-lp152.72.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-docs-5.3.18-lp152.72.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-docs-html-5.3.18-lp152.72.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-kvmsmall-5.3.18-lp152.72.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-kvmsmall-devel-5.3.18-lp152.72.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-macros-5.3.18-lp152.72.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-obs-build-5.3.18-lp152.72.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-obs-qa-5.3.18-lp152.72.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-preempt-5.3.18-lp152.72.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-preempt-devel-5.3.18-lp152.72.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-source-5.3.18-lp152.72.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-source-vanilla-5.3.18-lp152.72.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-syms-5.3.18-lp152.72.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
6.2 (Medium)
Affected products
Recommended
19 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 15.2:kernel-debug-5.3.18-lp152.72.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-debug-devel-5.3.18-lp152.72.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-default-5.3.18-lp152.72.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-default-base-5.3.18-lp152.72.1.lp152.8.30.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-default-base-rebuild-5.3.18-lp152.72.1.lp152.8.30.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-default-devel-5.3.18-lp152.72.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-devel-5.3.18-lp152.72.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-docs-5.3.18-lp152.72.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-docs-html-5.3.18-lp152.72.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-kvmsmall-5.3.18-lp152.72.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-kvmsmall-devel-5.3.18-lp152.72.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-macros-5.3.18-lp152.72.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-obs-build-5.3.18-lp152.72.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-obs-qa-5.3.18-lp152.72.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-preempt-5.3.18-lp152.72.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-preempt-devel-5.3.18-lp152.72.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-source-5.3.18-lp152.72.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-source-vanilla-5.3.18-lp152.72.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-syms-5.3.18-lp152.72.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
Affected products
Recommended
19 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 15.2:kernel-debug-5.3.18-lp152.72.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-debug-devel-5.3.18-lp152.72.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-default-5.3.18-lp152.72.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-default-base-5.3.18-lp152.72.1.lp152.8.30.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-default-base-rebuild-5.3.18-lp152.72.1.lp152.8.30.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-default-devel-5.3.18-lp152.72.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-devel-5.3.18-lp152.72.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-docs-5.3.18-lp152.72.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-docs-html-5.3.18-lp152.72.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-kvmsmall-5.3.18-lp152.72.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-kvmsmall-devel-5.3.18-lp152.72.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-macros-5.3.18-lp152.72.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-obs-build-5.3.18-lp152.72.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-obs-qa-5.3.18-lp152.72.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-preempt-5.3.18-lp152.72.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-preempt-devel-5.3.18-lp152.72.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-source-5.3.18-lp152.72.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-source-vanilla-5.3.18-lp152.72.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-syms-5.3.18-lp152.72.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
6.2 (Medium)
Affected products
Recommended
19 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 15.2:kernel-debug-5.3.18-lp152.72.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-debug-devel-5.3.18-lp152.72.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-default-5.3.18-lp152.72.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-default-base-5.3.18-lp152.72.1.lp152.8.30.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-default-base-rebuild-5.3.18-lp152.72.1.lp152.8.30.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-default-devel-5.3.18-lp152.72.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-devel-5.3.18-lp152.72.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-docs-5.3.18-lp152.72.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-docs-html-5.3.18-lp152.72.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-kvmsmall-5.3.18-lp152.72.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-kvmsmall-devel-5.3.18-lp152.72.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-macros-5.3.18-lp152.72.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-obs-build-5.3.18-lp152.72.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-obs-qa-5.3.18-lp152.72.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-preempt-5.3.18-lp152.72.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-preempt-devel-5.3.18-lp152.72.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-source-5.3.18-lp152.72.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-source-vanilla-5.3.18-lp152.72.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-syms-5.3.18-lp152.72.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
6.5 (Medium)
Affected products
Recommended
19 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 15.2:kernel-debug-5.3.18-lp152.72.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-debug-devel-5.3.18-lp152.72.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-default-5.3.18-lp152.72.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-default-base-5.3.18-lp152.72.1.lp152.8.30.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-default-base-rebuild-5.3.18-lp152.72.1.lp152.8.30.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-default-devel-5.3.18-lp152.72.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-devel-5.3.18-lp152.72.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-docs-5.3.18-lp152.72.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-docs-html-5.3.18-lp152.72.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-kvmsmall-5.3.18-lp152.72.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-kvmsmall-devel-5.3.18-lp152.72.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-macros-5.3.18-lp152.72.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-obs-build-5.3.18-lp152.72.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-obs-qa-5.3.18-lp152.72.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-preempt-5.3.18-lp152.72.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-preempt-devel-5.3.18-lp152.72.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-source-5.3.18-lp152.72.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-source-vanilla-5.3.18-lp152.72.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:kernel-syms-5.3.18-lp152.72.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
References
73 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for the Linux Kernel",
"title": "Title of the patch"
},
{
"category": "description",
"text": "The openSUSE Linux Leap 15.2 kernel was updated to receive various security and bugfixes.\n\nThe following security bugs were fixed:\n\n- CVE-2021-3483: Fixed a use-after-free in nosy.c (bsc#1184393).\n- CVE-2021-30002: Fixed a memory leak for large arguments in video_usercopy (bsc#1184120).\n- CVE-2021-29154: Fixed incorrect computation of branch displacements, allowing arbitrary code execution (bsc#1184391).\n- CVE-2021-28950: Fixed an issue in fs/fuse/fuse_i.h due to a retry loop continually was finding the same bad inode (bsc#1184194).\n- CVE-2020-36312: Fixed a memory leak upon a kmalloc failure (bsc#1184509 ).\n- CVE-2020-36311: Fixed a denial of service (soft lockup) by triggering destruction of a large SEV VM (bsc#1184511).\n- CVE-2020-36310: Fixed infinite loop for certain nested page faults (bsc#1184512).\n- CVE-2020-25670, CVE-2020-25671, CVE-2020-25672, CVE-2020-25673: Fixed multiple bugs in NFC subsytem (bsc#1178181).\n- CVE-2020-36322: Fixed an issue was discovered in FUSE filesystem implementation which could have caused a system crash (bsc#1184211).\n\nThe following non-security bugs were fixed:\n\n- ALSA: aloop: Fix initialization of controls (git-fixes).\n- ALSA: hda/realtek: Fix speaker amp setup on Acer Aspire E1 (git-fixes).\n- appletalk: Fix skb allocation size in loopback case (git-fixes).\n- ASoC: cygnus: fix for_each_child.cocci warnings (git-fixes).\n- ASoC: fsl_esai: Fix TDM slot setup for I2S mode (git-fixes).\n- ASoC: intel: atom: Remove 44100 sample-rate from the media and deep-buffer DAI descriptions (git-fixes).\n- ASoC: intel: atom: Stop advertising non working S24LE support (git-fixes).\n- ASoC: max98373: Added 30ms turn on/off time delay (git-fixes).\n- ASoC: sunxi: sun4i-codec: fill ASoC card owner (git-fixes).\n- ASoC: wm8960: Fix wrong bclk and lrclk with pll enabled for some chips (git-fixes).\n- ath10k: hold RCU lock when calling ieee80211_find_sta_by_ifaddr() (git-fixes).\n- atl1c: fix error return code in atl1c_probe() (git-fixes).\n- atl1e: fix error return code in atl1e_probe() (git-fixes).\n- batman-adv: initialize \u0027struct batadv_tvlv_tt_vlan_data\u0027-\u003ereserved field (git-fixes).\n- bpf: Fix verifier jsgt branch analysis on max bound (bsc#1155518).\n- bpf: Remove MTU check in __bpf_skb_max_len (bsc#1155518).\n- bpf, sockmap: Fix sk-\u003eprot unhash op reset (bsc#1155518).\n- brcmfmac: clear EAP/association status bits on linkdown events (git-fixes).\n- bus: ti-sysc: Fix warning on unbind if reset is not deasserted (git-fixes).\n- cifs: change noisy error message to FYI (bsc#1181507).\n- cifs_debug: use %pd instead of messing with -\u003ed_name (bsc#1181507).\n- cifs: do not send close in compound create+close requests (bsc#1181507).\n- cifs: New optype for session operations (bsc#1181507).\n- cifs: print MIDs in decimal notation (bsc#1181507).\n- cifs: return proper error code in statfs(2) (bsc#1181507).\n- cifs: Tracepoints and logs for tracing credit changes (bsc#1181507).\n- clk: fix invalid usage of list cursor in register (git-fixes).\n- clk: fix invalid usage of list cursor in unregister (git-fixes).\n- clk: socfpga: fix iomem pointer cast on 64-bit (git-fixes).\n- dm mpath: switch paths in dm_blk_ioctl() code path (bsc#1167574, bsc#1175995, bsc#1184485).\n- drivers: video: fbcon: fix NULL dereference in fbcon_cursor() (git-fixes).\n- drm/amdgpu: check alignment on CPU page for bo map (git-fixes).\n- drm/amdgpu: fix offset calculation in amdgpu_vm_bo_clear_mappings() (git-fixes).\n- drm/i915: Fix invalid access to ACPI _DSM objects (bsc#1184074).\n- drm/msm/adreno: a5xx_power: Do not apply A540 lm_setup to other GPUs (git-fixes).\n- drm/msm: Ratelimit invalid-fence message (git-fixes).\n- drm/msm: Set drvdata to NULL when msm_drm_init() fails (git-fixes).\n- enetc: Fix reporting of h/w packet counters (git-fixes).\n- fix Patch-mainline: patches.suse/cifs_debug-use-pd-instead-of-messing-with-d_name.patch\n- fix patch metadata\n- fuse: fix bad inode (bsc#1184211).\n- fuse: fix live lock in fuse_iget() (bsc#1184211).\n- gianfar: Handle error code at MAC address change (git-fixes).\n- i40e: Fix parameters in aq_get_phy_register() (jsc#SLE-8025).\n- i40e: Fix sparse error: \u0027vsi-\u003enetdev\u0027 could be null (jsc#SLE-8025).\n- ice: remove DCBNL_DEVRESET bit from PF state (jsc#SLE-7926).\n- iommu/vt-d: Use device numa domain if RHSA is missing (bsc#1184585).\n- kABI: powerpc/pmem: Include pmem prototypes (bsc#1113295 git-fixes).\n- libbpf: Fix INSTALL flag order (bsc#1155518).\n- libbpf: Only create rx and tx XDP rings when necessary (bsc#1155518).\n- locking/mutex: Fix non debug version of mutex_lock_io_nested() (git-fixes).\n- mac80211: choose first enabled channel for monitor (git-fixes).\n- mac80211: fix TXQ AC confusion (git-fixes).\n- mISDN: fix crash in fritzpci (git-fixes).\n- net: atheros: switch from \u0027pci_\u0027 to \u0027dma_\u0027 API (git-fixes).\n- net: b44: fix error return code in b44_init_one() (git-fixes).\n- net: ethernet: ti: cpsw: fix error return code in cpsw_probe() (git-fixes).\n- net: hns3: Remove the left over redundant check \u0026 assignment (bsc#1154353).\n- net: lantiq: Wait for the GPHY firmware to be ready (git-fixes).\n- net/mlx5: Fix PPLM register mapping (jsc#SLE-8464).\n- net: pasemi: fix error return code in pasemi_mac_open() (git-fixes).\n- net: phy: broadcom: Only advertise EEE for supported modes (git-fixes).\n- net: qualcomm: rmnet: Fix incorrect receive packet handling during cleanup (git-fixes).\n- net: sched: disable TCQ_F_NOLOCK for pfifo_fast (bsc#1183405)\n- net: wan/lmc: unregister device when no matching device is found (git-fixes).\n- platform/x86: intel-hid: Support Lenovo ThinkPad X1 Tablet Gen 2 (git-fixes).\n- platform/x86: thinkpad_acpi: Allow the FnLock LED to change state (git-fixes).\n- PM: runtime: Fix ordering in pm_runtime_get_suppliers() (git-fixes).\n- post.sh: Return an error when module update fails (bsc#1047233 bsc#1184388).\n- powerpc/64s: Fix instruction encoding for lis in ppc_function_entry() (bsc#1065729).\n- powerpc/pmem: Include pmem prototypes (bsc#1113295 git-fixes).\n- powerpc/pseries/ras: Remove unused variable \u0027status\u0027 (bsc#1065729).\n- powerpc/sstep: Check instruction validity against ISA version before emulation (bsc#1156395).\n- powerpc/sstep: Fix darn emulation (bsc#1156395).\n- powerpc/sstep: Fix incorrect return from analyze_instr() (bsc#1156395).\n- powerpc/sstep: Fix load-store and update emulation (bsc#1156395).\n- qlcnic: fix error return code in qlcnic_83xx_restart_hw() (git-fixes).\n- RAS/CEC: Correct ce_add_elem()\u0027s returned values (bsc#1152489).\n- regulator: bd9571mwv: Fix AVS and DVFS voltage range (git-fixes).\n- rpm/check-for-config-changes: Also ignore AS_VERSION added in 5.12.\n- rpm/kernel-binary.spec.in: Fix dependency of kernel-*-devel package (bsc#1184514) The devel package requires the kernel binary package itself for building modules externally.\n- samples/bpf: Fix possible hang in xdpsock with multiple threads (bsc#1155518).\n- scsi: ibmvfc: Fix invalid state machine BUG_ON() (bsc#1184647 ltc#191231).\n- smb3: add dynamic trace point to trace when credits obtained (bsc#1181507).\n- smb3: fix crediting for compounding when only one request in flight (bsc#1181507).\n- soc/fsl: qbman: fix conflicting alignment attributes (git-fixes).\n- staging: comedi: cb_pcidas64: fix request_irq() warn (git-fixes).\n- staging: comedi: cb_pcidas: fix request_irq() warn (git-fixes).\n- thermal/core: Add NULL pointer check before using cooling device stats (git-fixes).\n- USB: cdc-acm: downgrade message to debug (git-fixes).\n- USB: cdc-acm: untangle a circular dependency between callback and softint (git-fixes).\n- usbip: vhci_hcd fix shift out-of-bounds in vhci_hub_control() (git-fixes).\n- USB: quirks: ignore remote wake-up on Fibocom L850-GL LTE modem (git-fixes).\n- x86: Introduce TS_COMPAT_RESTART to fix get_nr_restart_syscall() (bsc#1152489).\n- x86/ioapic: Ignore IRQ2 again (bsc#1152489).\n- x86/mem_encrypt: Correct physical address calculation in __set_clr_pte_enc() (bsc#1152489).\n- xen/events: fix setting irq affinity (bsc#1184583).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "openSUSE-2021-579",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2021_0579-1.json"
},
{
"category": "self",
"summary": "URL for openSUSE-SU-2021:0579-1",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/6PH44XSVUZTRLJSGALUUATIQLKQWL4C5/"
},
{
"category": "self",
"summary": "E-Mail link for openSUSE-SU-2021:0579-1",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/6PH44XSVUZTRLJSGALUUATIQLKQWL4C5/"
},
{
"category": "self",
"summary": "SUSE Bug 1047233",
"url": "https://bugzilla.suse.com/1047233"
},
{
"category": "self",
"summary": "SUSE Bug 1065729",
"url": "https://bugzilla.suse.com/1065729"
},
{
"category": "self",
"summary": "SUSE Bug 1113295",
"url": "https://bugzilla.suse.com/1113295"
},
{
"category": "self",
"summary": "SUSE Bug 1152489",
"url": "https://bugzilla.suse.com/1152489"
},
{
"category": "self",
"summary": "SUSE Bug 1154353",
"url": "https://bugzilla.suse.com/1154353"
},
{
"category": "self",
"summary": "SUSE Bug 1155518",
"url": "https://bugzilla.suse.com/1155518"
},
{
"category": "self",
"summary": "SUSE Bug 1156395",
"url": "https://bugzilla.suse.com/1156395"
},
{
"category": "self",
"summary": "SUSE Bug 1167574",
"url": "https://bugzilla.suse.com/1167574"
},
{
"category": "self",
"summary": "SUSE Bug 1175995",
"url": "https://bugzilla.suse.com/1175995"
},
{
"category": "self",
"summary": "SUSE Bug 1178181",
"url": "https://bugzilla.suse.com/1178181"
},
{
"category": "self",
"summary": "SUSE Bug 1181507",
"url": "https://bugzilla.suse.com/1181507"
},
{
"category": "self",
"summary": "SUSE Bug 1183405",
"url": "https://bugzilla.suse.com/1183405"
},
{
"category": "self",
"summary": "SUSE Bug 1184074",
"url": "https://bugzilla.suse.com/1184074"
},
{
"category": "self",
"summary": "SUSE Bug 1184120",
"url": "https://bugzilla.suse.com/1184120"
},
{
"category": "self",
"summary": "SUSE Bug 1184194",
"url": "https://bugzilla.suse.com/1184194"
},
{
"category": "self",
"summary": "SUSE Bug 1184211",
"url": "https://bugzilla.suse.com/1184211"
},
{
"category": "self",
"summary": "SUSE Bug 1184388",
"url": "https://bugzilla.suse.com/1184388"
},
{
"category": "self",
"summary": "SUSE Bug 1184391",
"url": "https://bugzilla.suse.com/1184391"
},
{
"category": "self",
"summary": "SUSE Bug 1184393",
"url": "https://bugzilla.suse.com/1184393"
},
{
"category": "self",
"summary": "SUSE Bug 1184485",
"url": "https://bugzilla.suse.com/1184485"
},
{
"category": "self",
"summary": "SUSE Bug 1184509",
"url": "https://bugzilla.suse.com/1184509"
},
{
"category": "self",
"summary": "SUSE Bug 1184511",
"url": "https://bugzilla.suse.com/1184511"
},
{
"category": "self",
"summary": "SUSE Bug 1184512",
"url": "https://bugzilla.suse.com/1184512"
},
{
"category": "self",
"summary": "SUSE Bug 1184514",
"url": "https://bugzilla.suse.com/1184514"
},
{
"category": "self",
"summary": "SUSE Bug 1184583",
"url": "https://bugzilla.suse.com/1184583"
},
{
"category": "self",
"summary": "SUSE Bug 1184585",
"url": "https://bugzilla.suse.com/1184585"
},
{
"category": "self",
"summary": "SUSE Bug 1184647",
"url": "https://bugzilla.suse.com/1184647"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-25670 page",
"url": "https://www.suse.com/security/cve/CVE-2020-25670/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-25671 page",
"url": "https://www.suse.com/security/cve/CVE-2020-25671/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-25672 page",
"url": "https://www.suse.com/security/cve/CVE-2020-25672/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-25673 page",
"url": "https://www.suse.com/security/cve/CVE-2020-25673/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-36310 page",
"url": "https://www.suse.com/security/cve/CVE-2020-36310/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-36311 page",
"url": "https://www.suse.com/security/cve/CVE-2020-36311/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-36312 page",
"url": "https://www.suse.com/security/cve/CVE-2020-36312/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-36322 page",
"url": "https://www.suse.com/security/cve/CVE-2020-36322/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-28950 page",
"url": "https://www.suse.com/security/cve/CVE-2021-28950/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-29154 page",
"url": "https://www.suse.com/security/cve/CVE-2021-29154/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-30002 page",
"url": "https://www.suse.com/security/cve/CVE-2021-30002/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-3483 page",
"url": "https://www.suse.com/security/cve/CVE-2021-3483/"
}
],
"title": "Security update for the Linux Kernel",
"tracking": {
"current_release_date": "2021-04-19T12:09:04Z",
"generator": {
"date": "2021-04-19T12:09:04Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "openSUSE-SU-2021:0579-1",
"initial_release_date": "2021-04-19T12:09:04Z",
"revision_history": [
{
"date": "2021-04-19T12:09:04Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "kernel-devel-5.3.18-lp152.72.1.noarch",
"product": {
"name": "kernel-devel-5.3.18-lp152.72.1.noarch",
"product_id": "kernel-devel-5.3.18-lp152.72.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-docs-5.3.18-lp152.72.1.noarch",
"product": {
"name": "kernel-docs-5.3.18-lp152.72.1.noarch",
"product_id": "kernel-docs-5.3.18-lp152.72.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-docs-html-5.3.18-lp152.72.1.noarch",
"product": {
"name": "kernel-docs-html-5.3.18-lp152.72.1.noarch",
"product_id": "kernel-docs-html-5.3.18-lp152.72.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-macros-5.3.18-lp152.72.1.noarch",
"product": {
"name": "kernel-macros-5.3.18-lp152.72.1.noarch",
"product_id": "kernel-macros-5.3.18-lp152.72.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-source-5.3.18-lp152.72.1.noarch",
"product": {
"name": "kernel-source-5.3.18-lp152.72.1.noarch",
"product_id": "kernel-source-5.3.18-lp152.72.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-source-vanilla-5.3.18-lp152.72.1.noarch",
"product": {
"name": "kernel-source-vanilla-5.3.18-lp152.72.1.noarch",
"product_id": "kernel-source-vanilla-5.3.18-lp152.72.1.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-debug-5.3.18-lp152.72.1.x86_64",
"product": {
"name": "kernel-debug-5.3.18-lp152.72.1.x86_64",
"product_id": "kernel-debug-5.3.18-lp152.72.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-debug-devel-5.3.18-lp152.72.1.x86_64",
"product": {
"name": "kernel-debug-devel-5.3.18-lp152.72.1.x86_64",
"product_id": "kernel-debug-devel-5.3.18-lp152.72.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-5.3.18-lp152.72.1.x86_64",
"product": {
"name": "kernel-default-5.3.18-lp152.72.1.x86_64",
"product_id": "kernel-default-5.3.18-lp152.72.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-base-5.3.18-lp152.72.1.lp152.8.30.1.x86_64",
"product": {
"name": "kernel-default-base-5.3.18-lp152.72.1.lp152.8.30.1.x86_64",
"product_id": "kernel-default-base-5.3.18-lp152.72.1.lp152.8.30.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-base-rebuild-5.3.18-lp152.72.1.lp152.8.30.1.x86_64",
"product": {
"name": "kernel-default-base-rebuild-5.3.18-lp152.72.1.lp152.8.30.1.x86_64",
"product_id": "kernel-default-base-rebuild-5.3.18-lp152.72.1.lp152.8.30.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-devel-5.3.18-lp152.72.1.x86_64",
"product": {
"name": "kernel-default-devel-5.3.18-lp152.72.1.x86_64",
"product_id": "kernel-default-devel-5.3.18-lp152.72.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-kvmsmall-5.3.18-lp152.72.1.x86_64",
"product": {
"name": "kernel-kvmsmall-5.3.18-lp152.72.1.x86_64",
"product_id": "kernel-kvmsmall-5.3.18-lp152.72.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-kvmsmall-devel-5.3.18-lp152.72.1.x86_64",
"product": {
"name": "kernel-kvmsmall-devel-5.3.18-lp152.72.1.x86_64",
"product_id": "kernel-kvmsmall-devel-5.3.18-lp152.72.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-obs-build-5.3.18-lp152.72.1.x86_64",
"product": {
"name": "kernel-obs-build-5.3.18-lp152.72.1.x86_64",
"product_id": "kernel-obs-build-5.3.18-lp152.72.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-obs-qa-5.3.18-lp152.72.1.x86_64",
"product": {
"name": "kernel-obs-qa-5.3.18-lp152.72.1.x86_64",
"product_id": "kernel-obs-qa-5.3.18-lp152.72.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-preempt-5.3.18-lp152.72.1.x86_64",
"product": {
"name": "kernel-preempt-5.3.18-lp152.72.1.x86_64",
"product_id": "kernel-preempt-5.3.18-lp152.72.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-preempt-devel-5.3.18-lp152.72.1.x86_64",
"product": {
"name": "kernel-preempt-devel-5.3.18-lp152.72.1.x86_64",
"product_id": "kernel-preempt-devel-5.3.18-lp152.72.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-syms-5.3.18-lp152.72.1.x86_64",
"product": {
"name": "kernel-syms-5.3.18-lp152.72.1.x86_64",
"product_id": "kernel-syms-5.3.18-lp152.72.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "openSUSE Leap 15.2",
"product": {
"name": "openSUSE Leap 15.2",
"product_id": "openSUSE Leap 15.2",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:leap:15.2"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debug-5.3.18-lp152.72.1.x86_64 as component of openSUSE Leap 15.2",
"product_id": "openSUSE Leap 15.2:kernel-debug-5.3.18-lp152.72.1.x86_64"
},
"product_reference": "kernel-debug-5.3.18-lp152.72.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debug-devel-5.3.18-lp152.72.1.x86_64 as component of openSUSE Leap 15.2",
"product_id": "openSUSE Leap 15.2:kernel-debug-devel-5.3.18-lp152.72.1.x86_64"
},
"product_reference": "kernel-debug-devel-5.3.18-lp152.72.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-5.3.18-lp152.72.1.x86_64 as component of openSUSE Leap 15.2",
"product_id": "openSUSE Leap 15.2:kernel-default-5.3.18-lp152.72.1.x86_64"
},
"product_reference": "kernel-default-5.3.18-lp152.72.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-base-5.3.18-lp152.72.1.lp152.8.30.1.x86_64 as component of openSUSE Leap 15.2",
"product_id": "openSUSE Leap 15.2:kernel-default-base-5.3.18-lp152.72.1.lp152.8.30.1.x86_64"
},
"product_reference": "kernel-default-base-5.3.18-lp152.72.1.lp152.8.30.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-base-rebuild-5.3.18-lp152.72.1.lp152.8.30.1.x86_64 as component of openSUSE Leap 15.2",
"product_id": "openSUSE Leap 15.2:kernel-default-base-rebuild-5.3.18-lp152.72.1.lp152.8.30.1.x86_64"
},
"product_reference": "kernel-default-base-rebuild-5.3.18-lp152.72.1.lp152.8.30.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-5.3.18-lp152.72.1.x86_64 as component of openSUSE Leap 15.2",
"product_id": "openSUSE Leap 15.2:kernel-default-devel-5.3.18-lp152.72.1.x86_64"
},
"product_reference": "kernel-default-devel-5.3.18-lp152.72.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-devel-5.3.18-lp152.72.1.noarch as component of openSUSE Leap 15.2",
"product_id": "openSUSE Leap 15.2:kernel-devel-5.3.18-lp152.72.1.noarch"
},
"product_reference": "kernel-devel-5.3.18-lp152.72.1.noarch",
"relates_to_product_reference": "openSUSE Leap 15.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-docs-5.3.18-lp152.72.1.noarch as component of openSUSE Leap 15.2",
"product_id": "openSUSE Leap 15.2:kernel-docs-5.3.18-lp152.72.1.noarch"
},
"product_reference": "kernel-docs-5.3.18-lp152.72.1.noarch",
"relates_to_product_reference": "openSUSE Leap 15.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-docs-html-5.3.18-lp152.72.1.noarch as component of openSUSE Leap 15.2",
"product_id": "openSUSE Leap 15.2:kernel-docs-html-5.3.18-lp152.72.1.noarch"
},
"product_reference": "kernel-docs-html-5.3.18-lp152.72.1.noarch",
"relates_to_product_reference": "openSUSE Leap 15.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-kvmsmall-5.3.18-lp152.72.1.x86_64 as component of openSUSE Leap 15.2",
"product_id": "openSUSE Leap 15.2:kernel-kvmsmall-5.3.18-lp152.72.1.x86_64"
},
"product_reference": "kernel-kvmsmall-5.3.18-lp152.72.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-kvmsmall-devel-5.3.18-lp152.72.1.x86_64 as component of openSUSE Leap 15.2",
"product_id": "openSUSE Leap 15.2:kernel-kvmsmall-devel-5.3.18-lp152.72.1.x86_64"
},
"product_reference": "kernel-kvmsmall-devel-5.3.18-lp152.72.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-macros-5.3.18-lp152.72.1.noarch as component of openSUSE Leap 15.2",
"product_id": "openSUSE Leap 15.2:kernel-macros-5.3.18-lp152.72.1.noarch"
},
"product_reference": "kernel-macros-5.3.18-lp152.72.1.noarch",
"relates_to_product_reference": "openSUSE Leap 15.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-obs-build-5.3.18-lp152.72.1.x86_64 as component of openSUSE Leap 15.2",
"product_id": "openSUSE Leap 15.2:kernel-obs-build-5.3.18-lp152.72.1.x86_64"
},
"product_reference": "kernel-obs-build-5.3.18-lp152.72.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-obs-qa-5.3.18-lp152.72.1.x86_64 as component of openSUSE Leap 15.2",
"product_id": "openSUSE Leap 15.2:kernel-obs-qa-5.3.18-lp152.72.1.x86_64"
},
"product_reference": "kernel-obs-qa-5.3.18-lp152.72.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-preempt-5.3.18-lp152.72.1.x86_64 as component of openSUSE Leap 15.2",
"product_id": "openSUSE Leap 15.2:kernel-preempt-5.3.18-lp152.72.1.x86_64"
},
"product_reference": "kernel-preempt-5.3.18-lp152.72.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-preempt-devel-5.3.18-lp152.72.1.x86_64 as component of openSUSE Leap 15.2",
"product_id": "openSUSE Leap 15.2:kernel-preempt-devel-5.3.18-lp152.72.1.x86_64"
},
"product_reference": "kernel-preempt-devel-5.3.18-lp152.72.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-source-5.3.18-lp152.72.1.noarch as component of openSUSE Leap 15.2",
"product_id": "openSUSE Leap 15.2:kernel-source-5.3.18-lp152.72.1.noarch"
},
"product_reference": "kernel-source-5.3.18-lp152.72.1.noarch",
"relates_to_product_reference": "openSUSE Leap 15.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-source-vanilla-5.3.18-lp152.72.1.noarch as component of openSUSE Leap 15.2",
"product_id": "openSUSE Leap 15.2:kernel-source-vanilla-5.3.18-lp152.72.1.noarch"
},
"product_reference": "kernel-source-vanilla-5.3.18-lp152.72.1.noarch",
"relates_to_product_reference": "openSUSE Leap 15.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-5.3.18-lp152.72.1.x86_64 as component of openSUSE Leap 15.2",
"product_id": "openSUSE Leap 15.2:kernel-syms-5.3.18-lp152.72.1.x86_64"
},
"product_reference": "kernel-syms-5.3.18-lp152.72.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.2"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2020-25670",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-25670"
}
],
"notes": [
{
"category": "general",
"text": "A vulnerability was found in Linux Kernel where refcount leak in llcp_sock_bind() causing use-after-free which might lead to privilege escalations.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.2:kernel-debug-5.3.18-lp152.72.1.x86_64",
"openSUSE Leap 15.2:kernel-debug-devel-5.3.18-lp152.72.1.x86_64",
"openSUSE Leap 15.2:kernel-default-5.3.18-lp152.72.1.x86_64",
"openSUSE Leap 15.2:kernel-default-base-5.3.18-lp152.72.1.lp152.8.30.1.x86_64",
"openSUSE Leap 15.2:kernel-default-base-rebuild-5.3.18-lp152.72.1.lp152.8.30.1.x86_64",
"openSUSE Leap 15.2:kernel-default-devel-5.3.18-lp152.72.1.x86_64",
"openSUSE Leap 15.2:kernel-devel-5.3.18-lp152.72.1.noarch",
"openSUSE Leap 15.2:kernel-docs-5.3.18-lp152.72.1.noarch",
"openSUSE Leap 15.2:kernel-docs-html-5.3.18-lp152.72.1.noarch",
"openSUSE Leap 15.2:kernel-kvmsmall-5.3.18-lp152.72.1.x86_64",
"openSUSE Leap 15.2:kernel-kvmsmall-devel-5.3.18-lp152.72.1.x86_64",
"openSUSE Leap 15.2:kernel-macros-5.3.18-lp152.72.1.noarch",
"openSUSE Leap 15.2:kernel-obs-build-5.3.18-lp152.72.1.x86_64",
"openSUSE Leap 15.2:kernel-obs-qa-5.3.18-lp152.72.1.x86_64",
"openSUSE Leap 15.2:kernel-preempt-5.3.18-lp152.72.1.x86_64",
"openSUSE Leap 15.2:kernel-preempt-devel-5.3.18-lp152.72.1.x86_64",
"openSUSE Leap 15.2:kernel-source-5.3.18-lp152.72.1.noarch",
"openSUSE Leap 15.2:kernel-source-vanilla-5.3.18-lp152.72.1.noarch",
"openSUSE Leap 15.2:kernel-syms-5.3.18-lp152.72.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-25670",
"url": "https://www.suse.com/security/cve/CVE-2020-25670"
},
{
"category": "external",
"summary": "SUSE Bug 1178181 for CVE-2020-25670",
"url": "https://bugzilla.suse.com/1178181"
},
{
"category": "external",
"summary": "SUSE Bug 1194680 for CVE-2020-25670",
"url": "https://bugzilla.suse.com/1194680"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.2:kernel-debug-5.3.18-lp152.72.1.x86_64",
"openSUSE Leap 15.2:kernel-debug-devel-5.3.18-lp152.72.1.x86_64",
"openSUSE Leap 15.2:kernel-default-5.3.18-lp152.72.1.x86_64",
"openSUSE Leap 15.2:kernel-default-base-5.3.18-lp152.72.1.lp152.8.30.1.x86_64",
"openSUSE Leap 15.2:kernel-default-base-rebuild-5.3.18-lp152.72.1.lp152.8.30.1.x86_64",
"openSUSE Leap 15.2:kernel-default-devel-5.3.18-lp152.72.1.x86_64",
"openSUSE Leap 15.2:kernel-devel-5.3.18-lp152.72.1.noarch",
"openSUSE Leap 15.2:kernel-docs-5.3.18-lp152.72.1.noarch",
"openSUSE Leap 15.2:kernel-docs-html-5.3.18-lp152.72.1.noarch",
"openSUSE Leap 15.2:kernel-kvmsmall-5.3.18-lp152.72.1.x86_64",
"openSUSE Leap 15.2:kernel-kvmsmall-devel-5.3.18-lp152.72.1.x86_64",
"openSUSE Leap 15.2:kernel-macros-5.3.18-lp152.72.1.noarch",
"openSUSE Leap 15.2:kernel-obs-build-5.3.18-lp152.72.1.x86_64",
"openSUSE Leap 15.2:kernel-obs-qa-5.3.18-lp152.72.1.x86_64",
"openSUSE Leap 15.2:kernel-preempt-5.3.18-lp152.72.1.x86_64",
"openSUSE Leap 15.2:kernel-preempt-devel-5.3.18-lp152.72.1.x86_64",
"openSUSE Leap 15.2:kernel-source-5.3.18-lp152.72.1.noarch",
"openSUSE Leap 15.2:kernel-source-vanilla-5.3.18-lp152.72.1.noarch",
"openSUSE Leap 15.2:kernel-syms-5.3.18-lp152.72.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.2:kernel-debug-5.3.18-lp152.72.1.x86_64",
"openSUSE Leap 15.2:kernel-debug-devel-5.3.18-lp152.72.1.x86_64",
"openSUSE Leap 15.2:kernel-default-5.3.18-lp152.72.1.x86_64",
"openSUSE Leap 15.2:kernel-default-base-5.3.18-lp152.72.1.lp152.8.30.1.x86_64",
"openSUSE Leap 15.2:kernel-default-base-rebuild-5.3.18-lp152.72.1.lp152.8.30.1.x86_64",
"openSUSE Leap 15.2:kernel-default-devel-5.3.18-lp152.72.1.x86_64",
"openSUSE Leap 15.2:kernel-devel-5.3.18-lp152.72.1.noarch",
"openSUSE Leap 15.2:kernel-docs-5.3.18-lp152.72.1.noarch",
"openSUSE Leap 15.2:kernel-docs-html-5.3.18-lp152.72.1.noarch",
"openSUSE Leap 15.2:kernel-kvmsmall-5.3.18-lp152.72.1.x86_64",
"openSUSE Leap 15.2:kernel-kvmsmall-devel-5.3.18-lp152.72.1.x86_64",
"openSUSE Leap 15.2:kernel-macros-5.3.18-lp152.72.1.noarch",
"openSUSE Leap 15.2:kernel-obs-build-5.3.18-lp152.72.1.x86_64",
"openSUSE Leap 15.2:kernel-obs-qa-5.3.18-lp152.72.1.x86_64",
"openSUSE Leap 15.2:kernel-preempt-5.3.18-lp152.72.1.x86_64",
"openSUSE Leap 15.2:kernel-preempt-devel-5.3.18-lp152.72.1.x86_64",
"openSUSE Leap 15.2:kernel-source-5.3.18-lp152.72.1.noarch",
"openSUSE Leap 15.2:kernel-source-vanilla-5.3.18-lp152.72.1.noarch",
"openSUSE Leap 15.2:kernel-syms-5.3.18-lp152.72.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2021-04-19T12:09:04Z",
"details": "important"
}
],
"title": "CVE-2020-25670"
},
{
"cve": "CVE-2020-25671",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-25671"
}
],
"notes": [
{
"category": "general",
"text": "A vulnerability was found in Linux Kernel, where a refcount leak in llcp_sock_connect() causing use-after-free which might lead to privilege escalations.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.2:kernel-debug-5.3.18-lp152.72.1.x86_64",
"openSUSE Leap 15.2:kernel-debug-devel-5.3.18-lp152.72.1.x86_64",
"openSUSE Leap 15.2:kernel-default-5.3.18-lp152.72.1.x86_64",
"openSUSE Leap 15.2:kernel-default-base-5.3.18-lp152.72.1.lp152.8.30.1.x86_64",
"openSUSE Leap 15.2:kernel-default-base-rebuild-5.3.18-lp152.72.1.lp152.8.30.1.x86_64",
"openSUSE Leap 15.2:kernel-default-devel-5.3.18-lp152.72.1.x86_64",
"openSUSE Leap 15.2:kernel-devel-5.3.18-lp152.72.1.noarch",
"openSUSE Leap 15.2:kernel-docs-5.3.18-lp152.72.1.noarch",
"openSUSE Leap 15.2:kernel-docs-html-5.3.18-lp152.72.1.noarch",
"openSUSE Leap 15.2:kernel-kvmsmall-5.3.18-lp152.72.1.x86_64",
"openSUSE Leap 15.2:kernel-kvmsmall-devel-5.3.18-lp152.72.1.x86_64",
"openSUSE Leap 15.2:kernel-macros-5.3.18-lp152.72.1.noarch",
"openSUSE Leap 15.2:kernel-obs-build-5.3.18-lp152.72.1.x86_64",
"openSUSE Leap 15.2:kernel-obs-qa-5.3.18-lp152.72.1.x86_64",
"openSUSE Leap 15.2:kernel-preempt-5.3.18-lp152.72.1.x86_64",
"openSUSE Leap 15.2:kernel-preempt-devel-5.3.18-lp152.72.1.x86_64",
"openSUSE Leap 15.2:kernel-source-5.3.18-lp152.72.1.noarch",
"openSUSE Leap 15.2:kernel-source-vanilla-5.3.18-lp152.72.1.noarch",
"openSUSE Leap 15.2:kernel-syms-5.3.18-lp152.72.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-25671",
"url": "https://www.suse.com/security/cve/CVE-2020-25671"
},
{
"category": "external",
"summary": "SUSE Bug 1178181 for CVE-2020-25671",
"url": "https://bugzilla.suse.com/1178181"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.2:kernel-debug-5.3.18-lp152.72.1.x86_64",
"openSUSE Leap 15.2:kernel-debug-devel-5.3.18-lp152.72.1.x86_64",
"openSUSE Leap 15.2:kernel-default-5.3.18-lp152.72.1.x86_64",
"openSUSE Leap 15.2:kernel-default-base-5.3.18-lp152.72.1.lp152.8.30.1.x86_64",
"openSUSE Leap 15.2:kernel-default-base-rebuild-5.3.18-lp152.72.1.lp152.8.30.1.x86_64",
"openSUSE Leap 15.2:kernel-default-devel-5.3.18-lp152.72.1.x86_64",
"openSUSE Leap 15.2:kernel-devel-5.3.18-lp152.72.1.noarch",
"openSUSE Leap 15.2:kernel-docs-5.3.18-lp152.72.1.noarch",
"openSUSE Leap 15.2:kernel-docs-html-5.3.18-lp152.72.1.noarch",
"openSUSE Leap 15.2:kernel-kvmsmall-5.3.18-lp152.72.1.x86_64",
"openSUSE Leap 15.2:kernel-kvmsmall-devel-5.3.18-lp152.72.1.x86_64",
"openSUSE Leap 15.2:kernel-macros-5.3.18-lp152.72.1.noarch",
"openSUSE Leap 15.2:kernel-obs-build-5.3.18-lp152.72.1.x86_64",
"openSUSE Leap 15.2:kernel-obs-qa-5.3.18-lp152.72.1.x86_64",
"openSUSE Leap 15.2:kernel-preempt-5.3.18-lp152.72.1.x86_64",
"openSUSE Leap 15.2:kernel-preempt-devel-5.3.18-lp152.72.1.x86_64",
"openSUSE Leap 15.2:kernel-source-5.3.18-lp152.72.1.noarch",
"openSUSE Leap 15.2:kernel-source-vanilla-5.3.18-lp152.72.1.noarch",
"openSUSE Leap 15.2:kernel-syms-5.3.18-lp152.72.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.2:kernel-debug-5.3.18-lp152.72.1.x86_64",
"openSUSE Leap 15.2:kernel-debug-devel-5.3.18-lp152.72.1.x86_64",
"openSUSE Leap 15.2:kernel-default-5.3.18-lp152.72.1.x86_64",
"openSUSE Leap 15.2:kernel-default-base-5.3.18-lp152.72.1.lp152.8.30.1.x86_64",
"openSUSE Leap 15.2:kernel-default-base-rebuild-5.3.18-lp152.72.1.lp152.8.30.1.x86_64",
"openSUSE Leap 15.2:kernel-default-devel-5.3.18-lp152.72.1.x86_64",
"openSUSE Leap 15.2:kernel-devel-5.3.18-lp152.72.1.noarch",
"openSUSE Leap 15.2:kernel-docs-5.3.18-lp152.72.1.noarch",
"openSUSE Leap 15.2:kernel-docs-html-5.3.18-lp152.72.1.noarch",
"openSUSE Leap 15.2:kernel-kvmsmall-5.3.18-lp152.72.1.x86_64",
"openSUSE Leap 15.2:kernel-kvmsmall-devel-5.3.18-lp152.72.1.x86_64",
"openSUSE Leap 15.2:kernel-macros-5.3.18-lp152.72.1.noarch",
"openSUSE Leap 15.2:kernel-obs-build-5.3.18-lp152.72.1.x86_64",
"openSUSE Leap 15.2:kernel-obs-qa-5.3.18-lp152.72.1.x86_64",
"openSUSE Leap 15.2:kernel-preempt-5.3.18-lp152.72.1.x86_64",
"openSUSE Leap 15.2:kernel-preempt-devel-5.3.18-lp152.72.1.x86_64",
"openSUSE Leap 15.2:kernel-source-5.3.18-lp152.72.1.noarch",
"openSUSE Leap 15.2:kernel-source-vanilla-5.3.18-lp152.72.1.noarch",
"openSUSE Leap 15.2:kernel-syms-5.3.18-lp152.72.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2021-04-19T12:09:04Z",
"details": "important"
}
],
"title": "CVE-2020-25671"
},
{
"cve": "CVE-2020-25672",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-25672"
}
],
"notes": [
{
"category": "general",
"text": "A memory leak vulnerability was found in Linux kernel in llcp_sock_connect",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.2:kernel-debug-5.3.18-lp152.72.1.x86_64",
"openSUSE Leap 15.2:kernel-debug-devel-5.3.18-lp152.72.1.x86_64",
"openSUSE Leap 15.2:kernel-default-5.3.18-lp152.72.1.x86_64",
"openSUSE Leap 15.2:kernel-default-base-5.3.18-lp152.72.1.lp152.8.30.1.x86_64",
"openSUSE Leap 15.2:kernel-default-base-rebuild-5.3.18-lp152.72.1.lp152.8.30.1.x86_64",
"openSUSE Leap 15.2:kernel-default-devel-5.3.18-lp152.72.1.x86_64",
"openSUSE Leap 15.2:kernel-devel-5.3.18-lp152.72.1.noarch",
"openSUSE Leap 15.2:kernel-docs-5.3.18-lp152.72.1.noarch",
"openSUSE Leap 15.2:kernel-docs-html-5.3.18-lp152.72.1.noarch",
"openSUSE Leap 15.2:kernel-kvmsmall-5.3.18-lp152.72.1.x86_64",
"openSUSE Leap 15.2:kernel-kvmsmall-devel-5.3.18-lp152.72.1.x86_64",
"openSUSE Leap 15.2:kernel-macros-5.3.18-lp152.72.1.noarch",
"openSUSE Leap 15.2:kernel-obs-build-5.3.18-lp152.72.1.x86_64",
"openSUSE Leap 15.2:kernel-obs-qa-5.3.18-lp152.72.1.x86_64",
"openSUSE Leap 15.2:kernel-preempt-5.3.18-lp152.72.1.x86_64",
"openSUSE Leap 15.2:kernel-preempt-devel-5.3.18-lp152.72.1.x86_64",
"openSUSE Leap 15.2:kernel-source-5.3.18-lp152.72.1.noarch",
"openSUSE Leap 15.2:kernel-source-vanilla-5.3.18-lp152.72.1.noarch",
"openSUSE Leap 15.2:kernel-syms-5.3.18-lp152.72.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-25672",
"url": "https://www.suse.com/security/cve/CVE-2020-25672"
},
{
"category": "external",
"summary": "SUSE Bug 1178181 for CVE-2020-25672",
"url": "https://bugzilla.suse.com/1178181"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.2:kernel-debug-5.3.18-lp152.72.1.x86_64",
"openSUSE Leap 15.2:kernel-debug-devel-5.3.18-lp152.72.1.x86_64",
"openSUSE Leap 15.2:kernel-default-5.3.18-lp152.72.1.x86_64",
"openSUSE Leap 15.2:kernel-default-base-5.3.18-lp152.72.1.lp152.8.30.1.x86_64",
"openSUSE Leap 15.2:kernel-default-base-rebuild-5.3.18-lp152.72.1.lp152.8.30.1.x86_64",
"openSUSE Leap 15.2:kernel-default-devel-5.3.18-lp152.72.1.x86_64",
"openSUSE Leap 15.2:kernel-devel-5.3.18-lp152.72.1.noarch",
"openSUSE Leap 15.2:kernel-docs-5.3.18-lp152.72.1.noarch",
"openSUSE Leap 15.2:kernel-docs-html-5.3.18-lp152.72.1.noarch",
"openSUSE Leap 15.2:kernel-kvmsmall-5.3.18-lp152.72.1.x86_64",
"openSUSE Leap 15.2:kernel-kvmsmall-devel-5.3.18-lp152.72.1.x86_64",
"openSUSE Leap 15.2:kernel-macros-5.3.18-lp152.72.1.noarch",
"openSUSE Leap 15.2:kernel-obs-build-5.3.18-lp152.72.1.x86_64",
"openSUSE Leap 15.2:kernel-obs-qa-5.3.18-lp152.72.1.x86_64",
"openSUSE Leap 15.2:kernel-preempt-5.3.18-lp152.72.1.x86_64",
"openSUSE Leap 15.2:kernel-preempt-devel-5.3.18-lp152.72.1.x86_64",
"openSUSE Leap 15.2:kernel-source-5.3.18-lp152.72.1.noarch",
"openSUSE Leap 15.2:kernel-source-vanilla-5.3.18-lp152.72.1.noarch",
"openSUSE Leap 15.2:kernel-syms-5.3.18-lp152.72.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.2:kernel-debug-5.3.18-lp152.72.1.x86_64",
"openSUSE Leap 15.2:kernel-debug-devel-5.3.18-lp152.72.1.x86_64",
"openSUSE Leap 15.2:kernel-default-5.3.18-lp152.72.1.x86_64",
"openSUSE Leap 15.2:kernel-default-base-5.3.18-lp152.72.1.lp152.8.30.1.x86_64",
"openSUSE Leap 15.2:kernel-default-base-rebuild-5.3.18-lp152.72.1.lp152.8.30.1.x86_64",
"openSUSE Leap 15.2:kernel-default-devel-5.3.18-lp152.72.1.x86_64",
"openSUSE Leap 15.2:kernel-devel-5.3.18-lp152.72.1.noarch",
"openSUSE Leap 15.2:kernel-docs-5.3.18-lp152.72.1.noarch",
"openSUSE Leap 15.2:kernel-docs-html-5.3.18-lp152.72.1.noarch",
"openSUSE Leap 15.2:kernel-kvmsmall-5.3.18-lp152.72.1.x86_64",
"openSUSE Leap 15.2:kernel-kvmsmall-devel-5.3.18-lp152.72.1.x86_64",
"openSUSE Leap 15.2:kernel-macros-5.3.18-lp152.72.1.noarch",
"openSUSE Leap 15.2:kernel-obs-build-5.3.18-lp152.72.1.x86_64",
"openSUSE Leap 15.2:kernel-obs-qa-5.3.18-lp152.72.1.x86_64",
"openSUSE Leap 15.2:kernel-preempt-5.3.18-lp152.72.1.x86_64",
"openSUSE Leap 15.2:kernel-preempt-devel-5.3.18-lp152.72.1.x86_64",
"openSUSE Leap 15.2:kernel-source-5.3.18-lp152.72.1.noarch",
"openSUSE Leap 15.2:kernel-source-vanilla-5.3.18-lp152.72.1.noarch",
"openSUSE Leap 15.2:kernel-syms-5.3.18-lp152.72.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2021-04-19T12:09:04Z",
"details": "important"
}
],
"title": "CVE-2020-25672"
},
{
"cve": "CVE-2020-25673",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-25673"
}
],
"notes": [
{
"category": "general",
"text": "A vulnerability was found in Linux kernel where non-blocking socket in llcp_sock_connect() leads to leak and eventually hanging-up the system.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.2:kernel-debug-5.3.18-lp152.72.1.x86_64",
"openSUSE Leap 15.2:kernel-debug-devel-5.3.18-lp152.72.1.x86_64",
"openSUSE Leap 15.2:kernel-default-5.3.18-lp152.72.1.x86_64",
"openSUSE Leap 15.2:kernel-default-base-5.3.18-lp152.72.1.lp152.8.30.1.x86_64",
"openSUSE Leap 15.2:kernel-default-base-rebuild-5.3.18-lp152.72.1.lp152.8.30.1.x86_64",
"openSUSE Leap 15.2:kernel-default-devel-5.3.18-lp152.72.1.x86_64",
"openSUSE Leap 15.2:kernel-devel-5.3.18-lp152.72.1.noarch",
"openSUSE Leap 15.2:kernel-docs-5.3.18-lp152.72.1.noarch",
"openSUSE Leap 15.2:kernel-docs-html-5.3.18-lp152.72.1.noarch",
"openSUSE Leap 15.2:kernel-kvmsmall-5.3.18-lp152.72.1.x86_64",
"openSUSE Leap 15.2:kernel-kvmsmall-devel-5.3.18-lp152.72.1.x86_64",
"openSUSE Leap 15.2:kernel-macros-5.3.18-lp152.72.1.noarch",
"openSUSE Leap 15.2:kernel-obs-build-5.3.18-lp152.72.1.x86_64",
"openSUSE Leap 15.2:kernel-obs-qa-5.3.18-lp152.72.1.x86_64",
"openSUSE Leap 15.2:kernel-preempt-5.3.18-lp152.72.1.x86_64",
"openSUSE Leap 15.2:kernel-preempt-devel-5.3.18-lp152.72.1.x86_64",
"openSUSE Leap 15.2:kernel-source-5.3.18-lp152.72.1.noarch",
"openSUSE Leap 15.2:kernel-source-vanilla-5.3.18-lp152.72.1.noarch",
"openSUSE Leap 15.2:kernel-syms-5.3.18-lp152.72.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-25673",
"url": "https://www.suse.com/security/cve/CVE-2020-25673"
},
{
"category": "external",
"summary": "SUSE Bug 1178181 for CVE-2020-25673",
"url": "https://bugzilla.suse.com/1178181"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.2:kernel-debug-5.3.18-lp152.72.1.x86_64",
"openSUSE Leap 15.2:kernel-debug-devel-5.3.18-lp152.72.1.x86_64",
"openSUSE Leap 15.2:kernel-default-5.3.18-lp152.72.1.x86_64",
"openSUSE Leap 15.2:kernel-default-base-5.3.18-lp152.72.1.lp152.8.30.1.x86_64",
"openSUSE Leap 15.2:kernel-default-base-rebuild-5.3.18-lp152.72.1.lp152.8.30.1.x86_64",
"openSUSE Leap 15.2:kernel-default-devel-5.3.18-lp152.72.1.x86_64",
"openSUSE Leap 15.2:kernel-devel-5.3.18-lp152.72.1.noarch",
"openSUSE Leap 15.2:kernel-docs-5.3.18-lp152.72.1.noarch",
"openSUSE Leap 15.2:kernel-docs-html-5.3.18-lp152.72.1.noarch",
"openSUSE Leap 15.2:kernel-kvmsmall-5.3.18-lp152.72.1.x86_64",
"openSUSE Leap 15.2:kernel-kvmsmall-devel-5.3.18-lp152.72.1.x86_64",
"openSUSE Leap 15.2:kernel-macros-5.3.18-lp152.72.1.noarch",
"openSUSE Leap 15.2:kernel-obs-build-5.3.18-lp152.72.1.x86_64",
"openSUSE Leap 15.2:kernel-obs-qa-5.3.18-lp152.72.1.x86_64",
"openSUSE Leap 15.2:kernel-preempt-5.3.18-lp152.72.1.x86_64",
"openSUSE Leap 15.2:kernel-preempt-devel-5.3.18-lp152.72.1.x86_64",
"openSUSE Leap 15.2:kernel-source-5.3.18-lp152.72.1.noarch",
"openSUSE Leap 15.2:kernel-source-vanilla-5.3.18-lp152.72.1.noarch",
"openSUSE Leap 15.2:kernel-syms-5.3.18-lp152.72.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.2:kernel-debug-5.3.18-lp152.72.1.x86_64",
"openSUSE Leap 15.2:kernel-debug-devel-5.3.18-lp152.72.1.x86_64",
"openSUSE Leap 15.2:kernel-default-5.3.18-lp152.72.1.x86_64",
"openSUSE Leap 15.2:kernel-default-base-5.3.18-lp152.72.1.lp152.8.30.1.x86_64",
"openSUSE Leap 15.2:kernel-default-base-rebuild-5.3.18-lp152.72.1.lp152.8.30.1.x86_64",
"openSUSE Leap 15.2:kernel-default-devel-5.3.18-lp152.72.1.x86_64",
"openSUSE Leap 15.2:kernel-devel-5.3.18-lp152.72.1.noarch",
"openSUSE Leap 15.2:kernel-docs-5.3.18-lp152.72.1.noarch",
"openSUSE Leap 15.2:kernel-docs-html-5.3.18-lp152.72.1.noarch",
"openSUSE Leap 15.2:kernel-kvmsmall-5.3.18-lp152.72.1.x86_64",
"openSUSE Leap 15.2:kernel-kvmsmall-devel-5.3.18-lp152.72.1.x86_64",
"openSUSE Leap 15.2:kernel-macros-5.3.18-lp152.72.1.noarch",
"openSUSE Leap 15.2:kernel-obs-build-5.3.18-lp152.72.1.x86_64",
"openSUSE Leap 15.2:kernel-obs-qa-5.3.18-lp152.72.1.x86_64",
"openSUSE Leap 15.2:kernel-preempt-5.3.18-lp152.72.1.x86_64",
"openSUSE Leap 15.2:kernel-preempt-devel-5.3.18-lp152.72.1.x86_64",
"openSUSE Leap 15.2:kernel-source-5.3.18-lp152.72.1.noarch",
"openSUSE Leap 15.2:kernel-source-vanilla-5.3.18-lp152.72.1.noarch",
"openSUSE Leap 15.2:kernel-syms-5.3.18-lp152.72.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2021-04-19T12:09:04Z",
"details": "important"
}
],
"title": "CVE-2020-25673"
},
{
"cve": "CVE-2020-36310",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-36310"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in the Linux kernel before 5.8. arch/x86/kvm/svm/svm.c allows a set_memory_region_test infinite loop for certain nested page faults, aka CID-e72436bc3a52.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.2:kernel-debug-5.3.18-lp152.72.1.x86_64",
"openSUSE Leap 15.2:kernel-debug-devel-5.3.18-lp152.72.1.x86_64",
"openSUSE Leap 15.2:kernel-default-5.3.18-lp152.72.1.x86_64",
"openSUSE Leap 15.2:kernel-default-base-5.3.18-lp152.72.1.lp152.8.30.1.x86_64",
"openSUSE Leap 15.2:kernel-default-base-rebuild-5.3.18-lp152.72.1.lp152.8.30.1.x86_64",
"openSUSE Leap 15.2:kernel-default-devel-5.3.18-lp152.72.1.x86_64",
"openSUSE Leap 15.2:kernel-devel-5.3.18-lp152.72.1.noarch",
"openSUSE Leap 15.2:kernel-docs-5.3.18-lp152.72.1.noarch",
"openSUSE Leap 15.2:kernel-docs-html-5.3.18-lp152.72.1.noarch",
"openSUSE Leap 15.2:kernel-kvmsmall-5.3.18-lp152.72.1.x86_64",
"openSUSE Leap 15.2:kernel-kvmsmall-devel-5.3.18-lp152.72.1.x86_64",
"openSUSE Leap 15.2:kernel-macros-5.3.18-lp152.72.1.noarch",
"openSUSE Leap 15.2:kernel-obs-build-5.3.18-lp152.72.1.x86_64",
"openSUSE Leap 15.2:kernel-obs-qa-5.3.18-lp152.72.1.x86_64",
"openSUSE Leap 15.2:kernel-preempt-5.3.18-lp152.72.1.x86_64",
"openSUSE Leap 15.2:kernel-preempt-devel-5.3.18-lp152.72.1.x86_64",
"openSUSE Leap 15.2:kernel-source-5.3.18-lp152.72.1.noarch",
"openSUSE Leap 15.2:kernel-source-vanilla-5.3.18-lp152.72.1.noarch",
"openSUSE Leap 15.2:kernel-syms-5.3.18-lp152.72.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-36310",
"url": "https://www.suse.com/security/cve/CVE-2020-36310"
},
{
"category": "external",
"summary": "SUSE Bug 1184512 for CVE-2020-36310",
"url": "https://bugzilla.suse.com/1184512"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.2:kernel-debug-5.3.18-lp152.72.1.x86_64",
"openSUSE Leap 15.2:kernel-debug-devel-5.3.18-lp152.72.1.x86_64",
"openSUSE Leap 15.2:kernel-default-5.3.18-lp152.72.1.x86_64",
"openSUSE Leap 15.2:kernel-default-base-5.3.18-lp152.72.1.lp152.8.30.1.x86_64",
"openSUSE Leap 15.2:kernel-default-base-rebuild-5.3.18-lp152.72.1.lp152.8.30.1.x86_64",
"openSUSE Leap 15.2:kernel-default-devel-5.3.18-lp152.72.1.x86_64",
"openSUSE Leap 15.2:kernel-devel-5.3.18-lp152.72.1.noarch",
"openSUSE Leap 15.2:kernel-docs-5.3.18-lp152.72.1.noarch",
"openSUSE Leap 15.2:kernel-docs-html-5.3.18-lp152.72.1.noarch",
"openSUSE Leap 15.2:kernel-kvmsmall-5.3.18-lp152.72.1.x86_64",
"openSUSE Leap 15.2:kernel-kvmsmall-devel-5.3.18-lp152.72.1.x86_64",
"openSUSE Leap 15.2:kernel-macros-5.3.18-lp152.72.1.noarch",
"openSUSE Leap 15.2:kernel-obs-build-5.3.18-lp152.72.1.x86_64",
"openSUSE Leap 15.2:kernel-obs-qa-5.3.18-lp152.72.1.x86_64",
"openSUSE Leap 15.2:kernel-preempt-5.3.18-lp152.72.1.x86_64",
"openSUSE Leap 15.2:kernel-preempt-devel-5.3.18-lp152.72.1.x86_64",
"openSUSE Leap 15.2:kernel-source-5.3.18-lp152.72.1.noarch",
"openSUSE Leap 15.2:kernel-source-vanilla-5.3.18-lp152.72.1.noarch",
"openSUSE Leap 15.2:kernel-syms-5.3.18-lp152.72.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.2,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.2:kernel-debug-5.3.18-lp152.72.1.x86_64",
"openSUSE Leap 15.2:kernel-debug-devel-5.3.18-lp152.72.1.x86_64",
"openSUSE Leap 15.2:kernel-default-5.3.18-lp152.72.1.x86_64",
"openSUSE Leap 15.2:kernel-default-base-5.3.18-lp152.72.1.lp152.8.30.1.x86_64",
"openSUSE Leap 15.2:kernel-default-base-rebuild-5.3.18-lp152.72.1.lp152.8.30.1.x86_64",
"openSUSE Leap 15.2:kernel-default-devel-5.3.18-lp152.72.1.x86_64",
"openSUSE Leap 15.2:kernel-devel-5.3.18-lp152.72.1.noarch",
"openSUSE Leap 15.2:kernel-docs-5.3.18-lp152.72.1.noarch",
"openSUSE Leap 15.2:kernel-docs-html-5.3.18-lp152.72.1.noarch",
"openSUSE Leap 15.2:kernel-kvmsmall-5.3.18-lp152.72.1.x86_64",
"openSUSE Leap 15.2:kernel-kvmsmall-devel-5.3.18-lp152.72.1.x86_64",
"openSUSE Leap 15.2:kernel-macros-5.3.18-lp152.72.1.noarch",
"openSUSE Leap 15.2:kernel-obs-build-5.3.18-lp152.72.1.x86_64",
"openSUSE Leap 15.2:kernel-obs-qa-5.3.18-lp152.72.1.x86_64",
"openSUSE Leap 15.2:kernel-preempt-5.3.18-lp152.72.1.x86_64",
"openSUSE Leap 15.2:kernel-preempt-devel-5.3.18-lp152.72.1.x86_64",
"openSUSE Leap 15.2:kernel-source-5.3.18-lp152.72.1.noarch",
"openSUSE Leap 15.2:kernel-source-vanilla-5.3.18-lp152.72.1.noarch",
"openSUSE Leap 15.2:kernel-syms-5.3.18-lp152.72.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2021-04-19T12:09:04Z",
"details": "moderate"
}
],
"title": "CVE-2020-36310"
},
{
"cve": "CVE-2020-36311",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-36311"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in the Linux kernel before 5.9. arch/x86/kvm/svm/sev.c allows attackers to cause a denial of service (soft lockup) by triggering destruction of a large SEV VM (which requires unregistering many encrypted regions), aka CID-7be74942f184.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.2:kernel-debug-5.3.18-lp152.72.1.x86_64",
"openSUSE Leap 15.2:kernel-debug-devel-5.3.18-lp152.72.1.x86_64",
"openSUSE Leap 15.2:kernel-default-5.3.18-lp152.72.1.x86_64",
"openSUSE Leap 15.2:kernel-default-base-5.3.18-lp152.72.1.lp152.8.30.1.x86_64",
"openSUSE Leap 15.2:kernel-default-base-rebuild-5.3.18-lp152.72.1.lp152.8.30.1.x86_64",
"openSUSE Leap 15.2:kernel-default-devel-5.3.18-lp152.72.1.x86_64",
"openSUSE Leap 15.2:kernel-devel-5.3.18-lp152.72.1.noarch",
"openSUSE Leap 15.2:kernel-docs-5.3.18-lp152.72.1.noarch",
"openSUSE Leap 15.2:kernel-docs-html-5.3.18-lp152.72.1.noarch",
"openSUSE Leap 15.2:kernel-kvmsmall-5.3.18-lp152.72.1.x86_64",
"openSUSE Leap 15.2:kernel-kvmsmall-devel-5.3.18-lp152.72.1.x86_64",
"openSUSE Leap 15.2:kernel-macros-5.3.18-lp152.72.1.noarch",
"openSUSE Leap 15.2:kernel-obs-build-5.3.18-lp152.72.1.x86_64",
"openSUSE Leap 15.2:kernel-obs-qa-5.3.18-lp152.72.1.x86_64",
"openSUSE Leap 15.2:kernel-preempt-5.3.18-lp152.72.1.x86_64",
"openSUSE Leap 15.2:kernel-preempt-devel-5.3.18-lp152.72.1.x86_64",
"openSUSE Leap 15.2:kernel-source-5.3.18-lp152.72.1.noarch",
"openSUSE Leap 15.2:kernel-source-vanilla-5.3.18-lp152.72.1.noarch",
"openSUSE Leap 15.2:kernel-syms-5.3.18-lp152.72.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-36311",
"url": "https://www.suse.com/security/cve/CVE-2020-36311"
},
{
"category": "external",
"summary": "SUSE Bug 1184511 for CVE-2020-36311",
"url": "https://bugzilla.suse.com/1184511"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.2:kernel-debug-5.3.18-lp152.72.1.x86_64",
"openSUSE Leap 15.2:kernel-debug-devel-5.3.18-lp152.72.1.x86_64",
"openSUSE Leap 15.2:kernel-default-5.3.18-lp152.72.1.x86_64",
"openSUSE Leap 15.2:kernel-default-base-5.3.18-lp152.72.1.lp152.8.30.1.x86_64",
"openSUSE Leap 15.2:kernel-default-base-rebuild-5.3.18-lp152.72.1.lp152.8.30.1.x86_64",
"openSUSE Leap 15.2:kernel-default-devel-5.3.18-lp152.72.1.x86_64",
"openSUSE Leap 15.2:kernel-devel-5.3.18-lp152.72.1.noarch",
"openSUSE Leap 15.2:kernel-docs-5.3.18-lp152.72.1.noarch",
"openSUSE Leap 15.2:kernel-docs-html-5.3.18-lp152.72.1.noarch",
"openSUSE Leap 15.2:kernel-kvmsmall-5.3.18-lp152.72.1.x86_64",
"openSUSE Leap 15.2:kernel-kvmsmall-devel-5.3.18-lp152.72.1.x86_64",
"openSUSE Leap 15.2:kernel-macros-5.3.18-lp152.72.1.noarch",
"openSUSE Leap 15.2:kernel-obs-build-5.3.18-lp152.72.1.x86_64",
"openSUSE Leap 15.2:kernel-obs-qa-5.3.18-lp152.72.1.x86_64",
"openSUSE Leap 15.2:kernel-preempt-5.3.18-lp152.72.1.x86_64",
"openSUSE Leap 15.2:kernel-preempt-devel-5.3.18-lp152.72.1.x86_64",
"openSUSE Leap 15.2:kernel-source-5.3.18-lp152.72.1.noarch",
"openSUSE Leap 15.2:kernel-source-vanilla-5.3.18-lp152.72.1.noarch",
"openSUSE Leap 15.2:kernel-syms-5.3.18-lp152.72.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.2:kernel-debug-5.3.18-lp152.72.1.x86_64",
"openSUSE Leap 15.2:kernel-debug-devel-5.3.18-lp152.72.1.x86_64",
"openSUSE Leap 15.2:kernel-default-5.3.18-lp152.72.1.x86_64",
"openSUSE Leap 15.2:kernel-default-base-5.3.18-lp152.72.1.lp152.8.30.1.x86_64",
"openSUSE Leap 15.2:kernel-default-base-rebuild-5.3.18-lp152.72.1.lp152.8.30.1.x86_64",
"openSUSE Leap 15.2:kernel-default-devel-5.3.18-lp152.72.1.x86_64",
"openSUSE Leap 15.2:kernel-devel-5.3.18-lp152.72.1.noarch",
"openSUSE Leap 15.2:kernel-docs-5.3.18-lp152.72.1.noarch",
"openSUSE Leap 15.2:kernel-docs-html-5.3.18-lp152.72.1.noarch",
"openSUSE Leap 15.2:kernel-kvmsmall-5.3.18-lp152.72.1.x86_64",
"openSUSE Leap 15.2:kernel-kvmsmall-devel-5.3.18-lp152.72.1.x86_64",
"openSUSE Leap 15.2:kernel-macros-5.3.18-lp152.72.1.noarch",
"openSUSE Leap 15.2:kernel-obs-build-5.3.18-lp152.72.1.x86_64",
"openSUSE Leap 15.2:kernel-obs-qa-5.3.18-lp152.72.1.x86_64",
"openSUSE Leap 15.2:kernel-preempt-5.3.18-lp152.72.1.x86_64",
"openSUSE Leap 15.2:kernel-preempt-devel-5.3.18-lp152.72.1.x86_64",
"openSUSE Leap 15.2:kernel-source-5.3.18-lp152.72.1.noarch",
"openSUSE Leap 15.2:kernel-source-vanilla-5.3.18-lp152.72.1.noarch",
"openSUSE Leap 15.2:kernel-syms-5.3.18-lp152.72.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2021-04-19T12:09:04Z",
"details": "moderate"
}
],
"title": "CVE-2020-36311"
},
{
"cve": "CVE-2020-36312",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-36312"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in the Linux kernel before 5.8.10. virt/kvm/kvm_main.c has a kvm_io_bus_unregister_dev memory leak upon a kmalloc failure, aka CID-f65886606c2d.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.2:kernel-debug-5.3.18-lp152.72.1.x86_64",
"openSUSE Leap 15.2:kernel-debug-devel-5.3.18-lp152.72.1.x86_64",
"openSUSE Leap 15.2:kernel-default-5.3.18-lp152.72.1.x86_64",
"openSUSE Leap 15.2:kernel-default-base-5.3.18-lp152.72.1.lp152.8.30.1.x86_64",
"openSUSE Leap 15.2:kernel-default-base-rebuild-5.3.18-lp152.72.1.lp152.8.30.1.x86_64",
"openSUSE Leap 15.2:kernel-default-devel-5.3.18-lp152.72.1.x86_64",
"openSUSE Leap 15.2:kernel-devel-5.3.18-lp152.72.1.noarch",
"openSUSE Leap 15.2:kernel-docs-5.3.18-lp152.72.1.noarch",
"openSUSE Leap 15.2:kernel-docs-html-5.3.18-lp152.72.1.noarch",
"openSUSE Leap 15.2:kernel-kvmsmall-5.3.18-lp152.72.1.x86_64",
"openSUSE Leap 15.2:kernel-kvmsmall-devel-5.3.18-lp152.72.1.x86_64",
"openSUSE Leap 15.2:kernel-macros-5.3.18-lp152.72.1.noarch",
"openSUSE Leap 15.2:kernel-obs-build-5.3.18-lp152.72.1.x86_64",
"openSUSE Leap 15.2:kernel-obs-qa-5.3.18-lp152.72.1.x86_64",
"openSUSE Leap 15.2:kernel-preempt-5.3.18-lp152.72.1.x86_64",
"openSUSE Leap 15.2:kernel-preempt-devel-5.3.18-lp152.72.1.x86_64",
"openSUSE Leap 15.2:kernel-source-5.3.18-lp152.72.1.noarch",
"openSUSE Leap 15.2:kernel-source-vanilla-5.3.18-lp152.72.1.noarch",
"openSUSE Leap 15.2:kernel-syms-5.3.18-lp152.72.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-36312",
"url": "https://www.suse.com/security/cve/CVE-2020-36312"
},
{
"category": "external",
"summary": "SUSE Bug 1184509 for CVE-2020-36312",
"url": "https://bugzilla.suse.com/1184509"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.2:kernel-debug-5.3.18-lp152.72.1.x86_64",
"openSUSE Leap 15.2:kernel-debug-devel-5.3.18-lp152.72.1.x86_64",
"openSUSE Leap 15.2:kernel-default-5.3.18-lp152.72.1.x86_64",
"openSUSE Leap 15.2:kernel-default-base-5.3.18-lp152.72.1.lp152.8.30.1.x86_64",
"openSUSE Leap 15.2:kernel-default-base-rebuild-5.3.18-lp152.72.1.lp152.8.30.1.x86_64",
"openSUSE Leap 15.2:kernel-default-devel-5.3.18-lp152.72.1.x86_64",
"openSUSE Leap 15.2:kernel-devel-5.3.18-lp152.72.1.noarch",
"openSUSE Leap 15.2:kernel-docs-5.3.18-lp152.72.1.noarch",
"openSUSE Leap 15.2:kernel-docs-html-5.3.18-lp152.72.1.noarch",
"openSUSE Leap 15.2:kernel-kvmsmall-5.3.18-lp152.72.1.x86_64",
"openSUSE Leap 15.2:kernel-kvmsmall-devel-5.3.18-lp152.72.1.x86_64",
"openSUSE Leap 15.2:kernel-macros-5.3.18-lp152.72.1.noarch",
"openSUSE Leap 15.2:kernel-obs-build-5.3.18-lp152.72.1.x86_64",
"openSUSE Leap 15.2:kernel-obs-qa-5.3.18-lp152.72.1.x86_64",
"openSUSE Leap 15.2:kernel-preempt-5.3.18-lp152.72.1.x86_64",
"openSUSE Leap 15.2:kernel-preempt-devel-5.3.18-lp152.72.1.x86_64",
"openSUSE Leap 15.2:kernel-source-5.3.18-lp152.72.1.noarch",
"openSUSE Leap 15.2:kernel-source-vanilla-5.3.18-lp152.72.1.noarch",
"openSUSE Leap 15.2:kernel-syms-5.3.18-lp152.72.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.2:kernel-debug-5.3.18-lp152.72.1.x86_64",
"openSUSE Leap 15.2:kernel-debug-devel-5.3.18-lp152.72.1.x86_64",
"openSUSE Leap 15.2:kernel-default-5.3.18-lp152.72.1.x86_64",
"openSUSE Leap 15.2:kernel-default-base-5.3.18-lp152.72.1.lp152.8.30.1.x86_64",
"openSUSE Leap 15.2:kernel-default-base-rebuild-5.3.18-lp152.72.1.lp152.8.30.1.x86_64",
"openSUSE Leap 15.2:kernel-default-devel-5.3.18-lp152.72.1.x86_64",
"openSUSE Leap 15.2:kernel-devel-5.3.18-lp152.72.1.noarch",
"openSUSE Leap 15.2:kernel-docs-5.3.18-lp152.72.1.noarch",
"openSUSE Leap 15.2:kernel-docs-html-5.3.18-lp152.72.1.noarch",
"openSUSE Leap 15.2:kernel-kvmsmall-5.3.18-lp152.72.1.x86_64",
"openSUSE Leap 15.2:kernel-kvmsmall-devel-5.3.18-lp152.72.1.x86_64",
"openSUSE Leap 15.2:kernel-macros-5.3.18-lp152.72.1.noarch",
"openSUSE Leap 15.2:kernel-obs-build-5.3.18-lp152.72.1.x86_64",
"openSUSE Leap 15.2:kernel-obs-qa-5.3.18-lp152.72.1.x86_64",
"openSUSE Leap 15.2:kernel-preempt-5.3.18-lp152.72.1.x86_64",
"openSUSE Leap 15.2:kernel-preempt-devel-5.3.18-lp152.72.1.x86_64",
"openSUSE Leap 15.2:kernel-source-5.3.18-lp152.72.1.noarch",
"openSUSE Leap 15.2:kernel-source-vanilla-5.3.18-lp152.72.1.noarch",
"openSUSE Leap 15.2:kernel-syms-5.3.18-lp152.72.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2021-04-19T12:09:04Z",
"details": "low"
}
],
"title": "CVE-2020-36312"
},
{
"cve": "CVE-2020-36322",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-36322"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in the FUSE filesystem implementation in the Linux kernel before 5.10.6, aka CID-5d069dbe8aaf. fuse_do_getattr() calls make_bad_inode() in inappropriate situations, causing a system crash. NOTE: the original fix for this vulnerability was incomplete, and its incompleteness is tracked as CVE-2021-28950.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.2:kernel-debug-5.3.18-lp152.72.1.x86_64",
"openSUSE Leap 15.2:kernel-debug-devel-5.3.18-lp152.72.1.x86_64",
"openSUSE Leap 15.2:kernel-default-5.3.18-lp152.72.1.x86_64",
"openSUSE Leap 15.2:kernel-default-base-5.3.18-lp152.72.1.lp152.8.30.1.x86_64",
"openSUSE Leap 15.2:kernel-default-base-rebuild-5.3.18-lp152.72.1.lp152.8.30.1.x86_64",
"openSUSE Leap 15.2:kernel-default-devel-5.3.18-lp152.72.1.x86_64",
"openSUSE Leap 15.2:kernel-devel-5.3.18-lp152.72.1.noarch",
"openSUSE Leap 15.2:kernel-docs-5.3.18-lp152.72.1.noarch",
"openSUSE Leap 15.2:kernel-docs-html-5.3.18-lp152.72.1.noarch",
"openSUSE Leap 15.2:kernel-kvmsmall-5.3.18-lp152.72.1.x86_64",
"openSUSE Leap 15.2:kernel-kvmsmall-devel-5.3.18-lp152.72.1.x86_64",
"openSUSE Leap 15.2:kernel-macros-5.3.18-lp152.72.1.noarch",
"openSUSE Leap 15.2:kernel-obs-build-5.3.18-lp152.72.1.x86_64",
"openSUSE Leap 15.2:kernel-obs-qa-5.3.18-lp152.72.1.x86_64",
"openSUSE Leap 15.2:kernel-preempt-5.3.18-lp152.72.1.x86_64",
"openSUSE Leap 15.2:kernel-preempt-devel-5.3.18-lp152.72.1.x86_64",
"openSUSE Leap 15.2:kernel-source-5.3.18-lp152.72.1.noarch",
"openSUSE Leap 15.2:kernel-source-vanilla-5.3.18-lp152.72.1.noarch",
"openSUSE Leap 15.2:kernel-syms-5.3.18-lp152.72.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-36322",
"url": "https://www.suse.com/security/cve/CVE-2020-36322"
},
{
"category": "external",
"summary": "SUSE Bug 1184211 for CVE-2020-36322",
"url": "https://bugzilla.suse.com/1184211"
},
{
"category": "external",
"summary": "SUSE Bug 1184952 for CVE-2020-36322",
"url": "https://bugzilla.suse.com/1184952"
},
{
"category": "external",
"summary": "SUSE Bug 1189302 for CVE-2020-36322",
"url": "https://bugzilla.suse.com/1189302"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.2:kernel-debug-5.3.18-lp152.72.1.x86_64",
"openSUSE Leap 15.2:kernel-debug-devel-5.3.18-lp152.72.1.x86_64",
"openSUSE Leap 15.2:kernel-default-5.3.18-lp152.72.1.x86_64",
"openSUSE Leap 15.2:kernel-default-base-5.3.18-lp152.72.1.lp152.8.30.1.x86_64",
"openSUSE Leap 15.2:kernel-default-base-rebuild-5.3.18-lp152.72.1.lp152.8.30.1.x86_64",
"openSUSE Leap 15.2:kernel-default-devel-5.3.18-lp152.72.1.x86_64",
"openSUSE Leap 15.2:kernel-devel-5.3.18-lp152.72.1.noarch",
"openSUSE Leap 15.2:kernel-docs-5.3.18-lp152.72.1.noarch",
"openSUSE Leap 15.2:kernel-docs-html-5.3.18-lp152.72.1.noarch",
"openSUSE Leap 15.2:kernel-kvmsmall-5.3.18-lp152.72.1.x86_64",
"openSUSE Leap 15.2:kernel-kvmsmall-devel-5.3.18-lp152.72.1.x86_64",
"openSUSE Leap 15.2:kernel-macros-5.3.18-lp152.72.1.noarch",
"openSUSE Leap 15.2:kernel-obs-build-5.3.18-lp152.72.1.x86_64",
"openSUSE Leap 15.2:kernel-obs-qa-5.3.18-lp152.72.1.x86_64",
"openSUSE Leap 15.2:kernel-preempt-5.3.18-lp152.72.1.x86_64",
"openSUSE Leap 15.2:kernel-preempt-devel-5.3.18-lp152.72.1.x86_64",
"openSUSE Leap 15.2:kernel-source-5.3.18-lp152.72.1.noarch",
"openSUSE Leap 15.2:kernel-source-vanilla-5.3.18-lp152.72.1.noarch",
"openSUSE Leap 15.2:kernel-syms-5.3.18-lp152.72.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.2:kernel-debug-5.3.18-lp152.72.1.x86_64",
"openSUSE Leap 15.2:kernel-debug-devel-5.3.18-lp152.72.1.x86_64",
"openSUSE Leap 15.2:kernel-default-5.3.18-lp152.72.1.x86_64",
"openSUSE Leap 15.2:kernel-default-base-5.3.18-lp152.72.1.lp152.8.30.1.x86_64",
"openSUSE Leap 15.2:kernel-default-base-rebuild-5.3.18-lp152.72.1.lp152.8.30.1.x86_64",
"openSUSE Leap 15.2:kernel-default-devel-5.3.18-lp152.72.1.x86_64",
"openSUSE Leap 15.2:kernel-devel-5.3.18-lp152.72.1.noarch",
"openSUSE Leap 15.2:kernel-docs-5.3.18-lp152.72.1.noarch",
"openSUSE Leap 15.2:kernel-docs-html-5.3.18-lp152.72.1.noarch",
"openSUSE Leap 15.2:kernel-kvmsmall-5.3.18-lp152.72.1.x86_64",
"openSUSE Leap 15.2:kernel-kvmsmall-devel-5.3.18-lp152.72.1.x86_64",
"openSUSE Leap 15.2:kernel-macros-5.3.18-lp152.72.1.noarch",
"openSUSE Leap 15.2:kernel-obs-build-5.3.18-lp152.72.1.x86_64",
"openSUSE Leap 15.2:kernel-obs-qa-5.3.18-lp152.72.1.x86_64",
"openSUSE Leap 15.2:kernel-preempt-5.3.18-lp152.72.1.x86_64",
"openSUSE Leap 15.2:kernel-preempt-devel-5.3.18-lp152.72.1.x86_64",
"openSUSE Leap 15.2:kernel-source-5.3.18-lp152.72.1.noarch",
"openSUSE Leap 15.2:kernel-source-vanilla-5.3.18-lp152.72.1.noarch",
"openSUSE Leap 15.2:kernel-syms-5.3.18-lp152.72.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2021-04-19T12:09:04Z",
"details": "important"
}
],
"title": "CVE-2020-36322"
},
{
"cve": "CVE-2021-28950",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-28950"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in fs/fuse/fuse_i.h in the Linux kernel before 5.11.8. A \"stall on CPU\" can occur because a retry loop continually finds the same bad inode, aka CID-775c5033a0d1.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.2:kernel-debug-5.3.18-lp152.72.1.x86_64",
"openSUSE Leap 15.2:kernel-debug-devel-5.3.18-lp152.72.1.x86_64",
"openSUSE Leap 15.2:kernel-default-5.3.18-lp152.72.1.x86_64",
"openSUSE Leap 15.2:kernel-default-base-5.3.18-lp152.72.1.lp152.8.30.1.x86_64",
"openSUSE Leap 15.2:kernel-default-base-rebuild-5.3.18-lp152.72.1.lp152.8.30.1.x86_64",
"openSUSE Leap 15.2:kernel-default-devel-5.3.18-lp152.72.1.x86_64",
"openSUSE Leap 15.2:kernel-devel-5.3.18-lp152.72.1.noarch",
"openSUSE Leap 15.2:kernel-docs-5.3.18-lp152.72.1.noarch",
"openSUSE Leap 15.2:kernel-docs-html-5.3.18-lp152.72.1.noarch",
"openSUSE Leap 15.2:kernel-kvmsmall-5.3.18-lp152.72.1.x86_64",
"openSUSE Leap 15.2:kernel-kvmsmall-devel-5.3.18-lp152.72.1.x86_64",
"openSUSE Leap 15.2:kernel-macros-5.3.18-lp152.72.1.noarch",
"openSUSE Leap 15.2:kernel-obs-build-5.3.18-lp152.72.1.x86_64",
"openSUSE Leap 15.2:kernel-obs-qa-5.3.18-lp152.72.1.x86_64",
"openSUSE Leap 15.2:kernel-preempt-5.3.18-lp152.72.1.x86_64",
"openSUSE Leap 15.2:kernel-preempt-devel-5.3.18-lp152.72.1.x86_64",
"openSUSE Leap 15.2:kernel-source-5.3.18-lp152.72.1.noarch",
"openSUSE Leap 15.2:kernel-source-vanilla-5.3.18-lp152.72.1.noarch",
"openSUSE Leap 15.2:kernel-syms-5.3.18-lp152.72.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-28950",
"url": "https://www.suse.com/security/cve/CVE-2021-28950"
},
{
"category": "external",
"summary": "SUSE Bug 1184194 for CVE-2021-28950",
"url": "https://bugzilla.suse.com/1184194"
},
{
"category": "external",
"summary": "SUSE Bug 1184211 for CVE-2021-28950",
"url": "https://bugzilla.suse.com/1184211"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.2:kernel-debug-5.3.18-lp152.72.1.x86_64",
"openSUSE Leap 15.2:kernel-debug-devel-5.3.18-lp152.72.1.x86_64",
"openSUSE Leap 15.2:kernel-default-5.3.18-lp152.72.1.x86_64",
"openSUSE Leap 15.2:kernel-default-base-5.3.18-lp152.72.1.lp152.8.30.1.x86_64",
"openSUSE Leap 15.2:kernel-default-base-rebuild-5.3.18-lp152.72.1.lp152.8.30.1.x86_64",
"openSUSE Leap 15.2:kernel-default-devel-5.3.18-lp152.72.1.x86_64",
"openSUSE Leap 15.2:kernel-devel-5.3.18-lp152.72.1.noarch",
"openSUSE Leap 15.2:kernel-docs-5.3.18-lp152.72.1.noarch",
"openSUSE Leap 15.2:kernel-docs-html-5.3.18-lp152.72.1.noarch",
"openSUSE Leap 15.2:kernel-kvmsmall-5.3.18-lp152.72.1.x86_64",
"openSUSE Leap 15.2:kernel-kvmsmall-devel-5.3.18-lp152.72.1.x86_64",
"openSUSE Leap 15.2:kernel-macros-5.3.18-lp152.72.1.noarch",
"openSUSE Leap 15.2:kernel-obs-build-5.3.18-lp152.72.1.x86_64",
"openSUSE Leap 15.2:kernel-obs-qa-5.3.18-lp152.72.1.x86_64",
"openSUSE Leap 15.2:kernel-preempt-5.3.18-lp152.72.1.x86_64",
"openSUSE Leap 15.2:kernel-preempt-devel-5.3.18-lp152.72.1.x86_64",
"openSUSE Leap 15.2:kernel-source-5.3.18-lp152.72.1.noarch",
"openSUSE Leap 15.2:kernel-source-vanilla-5.3.18-lp152.72.1.noarch",
"openSUSE Leap 15.2:kernel-syms-5.3.18-lp152.72.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.2,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.2:kernel-debug-5.3.18-lp152.72.1.x86_64",
"openSUSE Leap 15.2:kernel-debug-devel-5.3.18-lp152.72.1.x86_64",
"openSUSE Leap 15.2:kernel-default-5.3.18-lp152.72.1.x86_64",
"openSUSE Leap 15.2:kernel-default-base-5.3.18-lp152.72.1.lp152.8.30.1.x86_64",
"openSUSE Leap 15.2:kernel-default-base-rebuild-5.3.18-lp152.72.1.lp152.8.30.1.x86_64",
"openSUSE Leap 15.2:kernel-default-devel-5.3.18-lp152.72.1.x86_64",
"openSUSE Leap 15.2:kernel-devel-5.3.18-lp152.72.1.noarch",
"openSUSE Leap 15.2:kernel-docs-5.3.18-lp152.72.1.noarch",
"openSUSE Leap 15.2:kernel-docs-html-5.3.18-lp152.72.1.noarch",
"openSUSE Leap 15.2:kernel-kvmsmall-5.3.18-lp152.72.1.x86_64",
"openSUSE Leap 15.2:kernel-kvmsmall-devel-5.3.18-lp152.72.1.x86_64",
"openSUSE Leap 15.2:kernel-macros-5.3.18-lp152.72.1.noarch",
"openSUSE Leap 15.2:kernel-obs-build-5.3.18-lp152.72.1.x86_64",
"openSUSE Leap 15.2:kernel-obs-qa-5.3.18-lp152.72.1.x86_64",
"openSUSE Leap 15.2:kernel-preempt-5.3.18-lp152.72.1.x86_64",
"openSUSE Leap 15.2:kernel-preempt-devel-5.3.18-lp152.72.1.x86_64",
"openSUSE Leap 15.2:kernel-source-5.3.18-lp152.72.1.noarch",
"openSUSE Leap 15.2:kernel-source-vanilla-5.3.18-lp152.72.1.noarch",
"openSUSE Leap 15.2:kernel-syms-5.3.18-lp152.72.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2021-04-19T12:09:04Z",
"details": "moderate"
}
],
"title": "CVE-2021-28950"
},
{
"cve": "CVE-2021-29154",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-29154"
}
],
"notes": [
{
"category": "general",
"text": "BPF JIT compilers in the Linux kernel through 5.11.12 have incorrect computation of branch displacements, allowing them to execute arbitrary code within the kernel context. This affects arch/x86/net/bpf_jit_comp.c and arch/x86/net/bpf_jit_comp32.c.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.2:kernel-debug-5.3.18-lp152.72.1.x86_64",
"openSUSE Leap 15.2:kernel-debug-devel-5.3.18-lp152.72.1.x86_64",
"openSUSE Leap 15.2:kernel-default-5.3.18-lp152.72.1.x86_64",
"openSUSE Leap 15.2:kernel-default-base-5.3.18-lp152.72.1.lp152.8.30.1.x86_64",
"openSUSE Leap 15.2:kernel-default-base-rebuild-5.3.18-lp152.72.1.lp152.8.30.1.x86_64",
"openSUSE Leap 15.2:kernel-default-devel-5.3.18-lp152.72.1.x86_64",
"openSUSE Leap 15.2:kernel-devel-5.3.18-lp152.72.1.noarch",
"openSUSE Leap 15.2:kernel-docs-5.3.18-lp152.72.1.noarch",
"openSUSE Leap 15.2:kernel-docs-html-5.3.18-lp152.72.1.noarch",
"openSUSE Leap 15.2:kernel-kvmsmall-5.3.18-lp152.72.1.x86_64",
"openSUSE Leap 15.2:kernel-kvmsmall-devel-5.3.18-lp152.72.1.x86_64",
"openSUSE Leap 15.2:kernel-macros-5.3.18-lp152.72.1.noarch",
"openSUSE Leap 15.2:kernel-obs-build-5.3.18-lp152.72.1.x86_64",
"openSUSE Leap 15.2:kernel-obs-qa-5.3.18-lp152.72.1.x86_64",
"openSUSE Leap 15.2:kernel-preempt-5.3.18-lp152.72.1.x86_64",
"openSUSE Leap 15.2:kernel-preempt-devel-5.3.18-lp152.72.1.x86_64",
"openSUSE Leap 15.2:kernel-source-5.3.18-lp152.72.1.noarch",
"openSUSE Leap 15.2:kernel-source-vanilla-5.3.18-lp152.72.1.noarch",
"openSUSE Leap 15.2:kernel-syms-5.3.18-lp152.72.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-29154",
"url": "https://www.suse.com/security/cve/CVE-2021-29154"
},
{
"category": "external",
"summary": "SUSE Bug 1184391 for CVE-2021-29154",
"url": "https://bugzilla.suse.com/1184391"
},
{
"category": "external",
"summary": "SUSE Bug 1184710 for CVE-2021-29154",
"url": "https://bugzilla.suse.com/1184710"
},
{
"category": "external",
"summary": "SUSE Bug 1186408 for CVE-2021-29154",
"url": "https://bugzilla.suse.com/1186408"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.2:kernel-debug-5.3.18-lp152.72.1.x86_64",
"openSUSE Leap 15.2:kernel-debug-devel-5.3.18-lp152.72.1.x86_64",
"openSUSE Leap 15.2:kernel-default-5.3.18-lp152.72.1.x86_64",
"openSUSE Leap 15.2:kernel-default-base-5.3.18-lp152.72.1.lp152.8.30.1.x86_64",
"openSUSE Leap 15.2:kernel-default-base-rebuild-5.3.18-lp152.72.1.lp152.8.30.1.x86_64",
"openSUSE Leap 15.2:kernel-default-devel-5.3.18-lp152.72.1.x86_64",
"openSUSE Leap 15.2:kernel-devel-5.3.18-lp152.72.1.noarch",
"openSUSE Leap 15.2:kernel-docs-5.3.18-lp152.72.1.noarch",
"openSUSE Leap 15.2:kernel-docs-html-5.3.18-lp152.72.1.noarch",
"openSUSE Leap 15.2:kernel-kvmsmall-5.3.18-lp152.72.1.x86_64",
"openSUSE Leap 15.2:kernel-kvmsmall-devel-5.3.18-lp152.72.1.x86_64",
"openSUSE Leap 15.2:kernel-macros-5.3.18-lp152.72.1.noarch",
"openSUSE Leap 15.2:kernel-obs-build-5.3.18-lp152.72.1.x86_64",
"openSUSE Leap 15.2:kernel-obs-qa-5.3.18-lp152.72.1.x86_64",
"openSUSE Leap 15.2:kernel-preempt-5.3.18-lp152.72.1.x86_64",
"openSUSE Leap 15.2:kernel-preempt-devel-5.3.18-lp152.72.1.x86_64",
"openSUSE Leap 15.2:kernel-source-5.3.18-lp152.72.1.noarch",
"openSUSE Leap 15.2:kernel-source-vanilla-5.3.18-lp152.72.1.noarch",
"openSUSE Leap 15.2:kernel-syms-5.3.18-lp152.72.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.2:kernel-debug-5.3.18-lp152.72.1.x86_64",
"openSUSE Leap 15.2:kernel-debug-devel-5.3.18-lp152.72.1.x86_64",
"openSUSE Leap 15.2:kernel-default-5.3.18-lp152.72.1.x86_64",
"openSUSE Leap 15.2:kernel-default-base-5.3.18-lp152.72.1.lp152.8.30.1.x86_64",
"openSUSE Leap 15.2:kernel-default-base-rebuild-5.3.18-lp152.72.1.lp152.8.30.1.x86_64",
"openSUSE Leap 15.2:kernel-default-devel-5.3.18-lp152.72.1.x86_64",
"openSUSE Leap 15.2:kernel-devel-5.3.18-lp152.72.1.noarch",
"openSUSE Leap 15.2:kernel-docs-5.3.18-lp152.72.1.noarch",
"openSUSE Leap 15.2:kernel-docs-html-5.3.18-lp152.72.1.noarch",
"openSUSE Leap 15.2:kernel-kvmsmall-5.3.18-lp152.72.1.x86_64",
"openSUSE Leap 15.2:kernel-kvmsmall-devel-5.3.18-lp152.72.1.x86_64",
"openSUSE Leap 15.2:kernel-macros-5.3.18-lp152.72.1.noarch",
"openSUSE Leap 15.2:kernel-obs-build-5.3.18-lp152.72.1.x86_64",
"openSUSE Leap 15.2:kernel-obs-qa-5.3.18-lp152.72.1.x86_64",
"openSUSE Leap 15.2:kernel-preempt-5.3.18-lp152.72.1.x86_64",
"openSUSE Leap 15.2:kernel-preempt-devel-5.3.18-lp152.72.1.x86_64",
"openSUSE Leap 15.2:kernel-source-5.3.18-lp152.72.1.noarch",
"openSUSE Leap 15.2:kernel-source-vanilla-5.3.18-lp152.72.1.noarch",
"openSUSE Leap 15.2:kernel-syms-5.3.18-lp152.72.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2021-04-19T12:09:04Z",
"details": "important"
}
],
"title": "CVE-2021-29154"
},
{
"cve": "CVE-2021-30002",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-30002"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in the Linux kernel before 5.11.3 when a webcam device exists. video_usercopy in drivers/media/v4l2-core/v4l2-ioctl.c has a memory leak for large arguments, aka CID-fb18802a338b.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.2:kernel-debug-5.3.18-lp152.72.1.x86_64",
"openSUSE Leap 15.2:kernel-debug-devel-5.3.18-lp152.72.1.x86_64",
"openSUSE Leap 15.2:kernel-default-5.3.18-lp152.72.1.x86_64",
"openSUSE Leap 15.2:kernel-default-base-5.3.18-lp152.72.1.lp152.8.30.1.x86_64",
"openSUSE Leap 15.2:kernel-default-base-rebuild-5.3.18-lp152.72.1.lp152.8.30.1.x86_64",
"openSUSE Leap 15.2:kernel-default-devel-5.3.18-lp152.72.1.x86_64",
"openSUSE Leap 15.2:kernel-devel-5.3.18-lp152.72.1.noarch",
"openSUSE Leap 15.2:kernel-docs-5.3.18-lp152.72.1.noarch",
"openSUSE Leap 15.2:kernel-docs-html-5.3.18-lp152.72.1.noarch",
"openSUSE Leap 15.2:kernel-kvmsmall-5.3.18-lp152.72.1.x86_64",
"openSUSE Leap 15.2:kernel-kvmsmall-devel-5.3.18-lp152.72.1.x86_64",
"openSUSE Leap 15.2:kernel-macros-5.3.18-lp152.72.1.noarch",
"openSUSE Leap 15.2:kernel-obs-build-5.3.18-lp152.72.1.x86_64",
"openSUSE Leap 15.2:kernel-obs-qa-5.3.18-lp152.72.1.x86_64",
"openSUSE Leap 15.2:kernel-preempt-5.3.18-lp152.72.1.x86_64",
"openSUSE Leap 15.2:kernel-preempt-devel-5.3.18-lp152.72.1.x86_64",
"openSUSE Leap 15.2:kernel-source-5.3.18-lp152.72.1.noarch",
"openSUSE Leap 15.2:kernel-source-vanilla-5.3.18-lp152.72.1.noarch",
"openSUSE Leap 15.2:kernel-syms-5.3.18-lp152.72.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-30002",
"url": "https://www.suse.com/security/cve/CVE-2021-30002"
},
{
"category": "external",
"summary": "SUSE Bug 1184120 for CVE-2021-30002",
"url": "https://bugzilla.suse.com/1184120"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.2:kernel-debug-5.3.18-lp152.72.1.x86_64",
"openSUSE Leap 15.2:kernel-debug-devel-5.3.18-lp152.72.1.x86_64",
"openSUSE Leap 15.2:kernel-default-5.3.18-lp152.72.1.x86_64",
"openSUSE Leap 15.2:kernel-default-base-5.3.18-lp152.72.1.lp152.8.30.1.x86_64",
"openSUSE Leap 15.2:kernel-default-base-rebuild-5.3.18-lp152.72.1.lp152.8.30.1.x86_64",
"openSUSE Leap 15.2:kernel-default-devel-5.3.18-lp152.72.1.x86_64",
"openSUSE Leap 15.2:kernel-devel-5.3.18-lp152.72.1.noarch",
"openSUSE Leap 15.2:kernel-docs-5.3.18-lp152.72.1.noarch",
"openSUSE Leap 15.2:kernel-docs-html-5.3.18-lp152.72.1.noarch",
"openSUSE Leap 15.2:kernel-kvmsmall-5.3.18-lp152.72.1.x86_64",
"openSUSE Leap 15.2:kernel-kvmsmall-devel-5.3.18-lp152.72.1.x86_64",
"openSUSE Leap 15.2:kernel-macros-5.3.18-lp152.72.1.noarch",
"openSUSE Leap 15.2:kernel-obs-build-5.3.18-lp152.72.1.x86_64",
"openSUSE Leap 15.2:kernel-obs-qa-5.3.18-lp152.72.1.x86_64",
"openSUSE Leap 15.2:kernel-preempt-5.3.18-lp152.72.1.x86_64",
"openSUSE Leap 15.2:kernel-preempt-devel-5.3.18-lp152.72.1.x86_64",
"openSUSE Leap 15.2:kernel-source-5.3.18-lp152.72.1.noarch",
"openSUSE Leap 15.2:kernel-source-vanilla-5.3.18-lp152.72.1.noarch",
"openSUSE Leap 15.2:kernel-syms-5.3.18-lp152.72.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.2,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.2:kernel-debug-5.3.18-lp152.72.1.x86_64",
"openSUSE Leap 15.2:kernel-debug-devel-5.3.18-lp152.72.1.x86_64",
"openSUSE Leap 15.2:kernel-default-5.3.18-lp152.72.1.x86_64",
"openSUSE Leap 15.2:kernel-default-base-5.3.18-lp152.72.1.lp152.8.30.1.x86_64",
"openSUSE Leap 15.2:kernel-default-base-rebuild-5.3.18-lp152.72.1.lp152.8.30.1.x86_64",
"openSUSE Leap 15.2:kernel-default-devel-5.3.18-lp152.72.1.x86_64",
"openSUSE Leap 15.2:kernel-devel-5.3.18-lp152.72.1.noarch",
"openSUSE Leap 15.2:kernel-docs-5.3.18-lp152.72.1.noarch",
"openSUSE Leap 15.2:kernel-docs-html-5.3.18-lp152.72.1.noarch",
"openSUSE Leap 15.2:kernel-kvmsmall-5.3.18-lp152.72.1.x86_64",
"openSUSE Leap 15.2:kernel-kvmsmall-devel-5.3.18-lp152.72.1.x86_64",
"openSUSE Leap 15.2:kernel-macros-5.3.18-lp152.72.1.noarch",
"openSUSE Leap 15.2:kernel-obs-build-5.3.18-lp152.72.1.x86_64",
"openSUSE Leap 15.2:kernel-obs-qa-5.3.18-lp152.72.1.x86_64",
"openSUSE Leap 15.2:kernel-preempt-5.3.18-lp152.72.1.x86_64",
"openSUSE Leap 15.2:kernel-preempt-devel-5.3.18-lp152.72.1.x86_64",
"openSUSE Leap 15.2:kernel-source-5.3.18-lp152.72.1.noarch",
"openSUSE Leap 15.2:kernel-source-vanilla-5.3.18-lp152.72.1.noarch",
"openSUSE Leap 15.2:kernel-syms-5.3.18-lp152.72.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2021-04-19T12:09:04Z",
"details": "moderate"
}
],
"title": "CVE-2021-30002"
},
{
"cve": "CVE-2021-3483",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-3483"
}
],
"notes": [
{
"category": "general",
"text": "A flaw was found in the Nosy driver in the Linux kernel. This issue allows a device to be inserted twice into a doubly-linked list, leading to a use-after-free when one of these devices is removed. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability. Versions before kernel 5.12-rc6 are affected",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.2:kernel-debug-5.3.18-lp152.72.1.x86_64",
"openSUSE Leap 15.2:kernel-debug-devel-5.3.18-lp152.72.1.x86_64",
"openSUSE Leap 15.2:kernel-default-5.3.18-lp152.72.1.x86_64",
"openSUSE Leap 15.2:kernel-default-base-5.3.18-lp152.72.1.lp152.8.30.1.x86_64",
"openSUSE Leap 15.2:kernel-default-base-rebuild-5.3.18-lp152.72.1.lp152.8.30.1.x86_64",
"openSUSE Leap 15.2:kernel-default-devel-5.3.18-lp152.72.1.x86_64",
"openSUSE Leap 15.2:kernel-devel-5.3.18-lp152.72.1.noarch",
"openSUSE Leap 15.2:kernel-docs-5.3.18-lp152.72.1.noarch",
"openSUSE Leap 15.2:kernel-docs-html-5.3.18-lp152.72.1.noarch",
"openSUSE Leap 15.2:kernel-kvmsmall-5.3.18-lp152.72.1.x86_64",
"openSUSE Leap 15.2:kernel-kvmsmall-devel-5.3.18-lp152.72.1.x86_64",
"openSUSE Leap 15.2:kernel-macros-5.3.18-lp152.72.1.noarch",
"openSUSE Leap 15.2:kernel-obs-build-5.3.18-lp152.72.1.x86_64",
"openSUSE Leap 15.2:kernel-obs-qa-5.3.18-lp152.72.1.x86_64",
"openSUSE Leap 15.2:kernel-preempt-5.3.18-lp152.72.1.x86_64",
"openSUSE Leap 15.2:kernel-preempt-devel-5.3.18-lp152.72.1.x86_64",
"openSUSE Leap 15.2:kernel-source-5.3.18-lp152.72.1.noarch",
"openSUSE Leap 15.2:kernel-source-vanilla-5.3.18-lp152.72.1.noarch",
"openSUSE Leap 15.2:kernel-syms-5.3.18-lp152.72.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-3483",
"url": "https://www.suse.com/security/cve/CVE-2021-3483"
},
{
"category": "external",
"summary": "SUSE Bug 1184393 for CVE-2021-3483",
"url": "https://bugzilla.suse.com/1184393"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.2:kernel-debug-5.3.18-lp152.72.1.x86_64",
"openSUSE Leap 15.2:kernel-debug-devel-5.3.18-lp152.72.1.x86_64",
"openSUSE Leap 15.2:kernel-default-5.3.18-lp152.72.1.x86_64",
"openSUSE Leap 15.2:kernel-default-base-5.3.18-lp152.72.1.lp152.8.30.1.x86_64",
"openSUSE Leap 15.2:kernel-default-base-rebuild-5.3.18-lp152.72.1.lp152.8.30.1.x86_64",
"openSUSE Leap 15.2:kernel-default-devel-5.3.18-lp152.72.1.x86_64",
"openSUSE Leap 15.2:kernel-devel-5.3.18-lp152.72.1.noarch",
"openSUSE Leap 15.2:kernel-docs-5.3.18-lp152.72.1.noarch",
"openSUSE Leap 15.2:kernel-docs-html-5.3.18-lp152.72.1.noarch",
"openSUSE Leap 15.2:kernel-kvmsmall-5.3.18-lp152.72.1.x86_64",
"openSUSE Leap 15.2:kernel-kvmsmall-devel-5.3.18-lp152.72.1.x86_64",
"openSUSE Leap 15.2:kernel-macros-5.3.18-lp152.72.1.noarch",
"openSUSE Leap 15.2:kernel-obs-build-5.3.18-lp152.72.1.x86_64",
"openSUSE Leap 15.2:kernel-obs-qa-5.3.18-lp152.72.1.x86_64",
"openSUSE Leap 15.2:kernel-preempt-5.3.18-lp152.72.1.x86_64",
"openSUSE Leap 15.2:kernel-preempt-devel-5.3.18-lp152.72.1.x86_64",
"openSUSE Leap 15.2:kernel-source-5.3.18-lp152.72.1.noarch",
"openSUSE Leap 15.2:kernel-source-vanilla-5.3.18-lp152.72.1.noarch",
"openSUSE Leap 15.2:kernel-syms-5.3.18-lp152.72.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.2:kernel-debug-5.3.18-lp152.72.1.x86_64",
"openSUSE Leap 15.2:kernel-debug-devel-5.3.18-lp152.72.1.x86_64",
"openSUSE Leap 15.2:kernel-default-5.3.18-lp152.72.1.x86_64",
"openSUSE Leap 15.2:kernel-default-base-5.3.18-lp152.72.1.lp152.8.30.1.x86_64",
"openSUSE Leap 15.2:kernel-default-base-rebuild-5.3.18-lp152.72.1.lp152.8.30.1.x86_64",
"openSUSE Leap 15.2:kernel-default-devel-5.3.18-lp152.72.1.x86_64",
"openSUSE Leap 15.2:kernel-devel-5.3.18-lp152.72.1.noarch",
"openSUSE Leap 15.2:kernel-docs-5.3.18-lp152.72.1.noarch",
"openSUSE Leap 15.2:kernel-docs-html-5.3.18-lp152.72.1.noarch",
"openSUSE Leap 15.2:kernel-kvmsmall-5.3.18-lp152.72.1.x86_64",
"openSUSE Leap 15.2:kernel-kvmsmall-devel-5.3.18-lp152.72.1.x86_64",
"openSUSE Leap 15.2:kernel-macros-5.3.18-lp152.72.1.noarch",
"openSUSE Leap 15.2:kernel-obs-build-5.3.18-lp152.72.1.x86_64",
"openSUSE Leap 15.2:kernel-obs-qa-5.3.18-lp152.72.1.x86_64",
"openSUSE Leap 15.2:kernel-preempt-5.3.18-lp152.72.1.x86_64",
"openSUSE Leap 15.2:kernel-preempt-devel-5.3.18-lp152.72.1.x86_64",
"openSUSE Leap 15.2:kernel-source-5.3.18-lp152.72.1.noarch",
"openSUSE Leap 15.2:kernel-source-vanilla-5.3.18-lp152.72.1.noarch",
"openSUSE Leap 15.2:kernel-syms-5.3.18-lp152.72.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2021-04-19T12:09:04Z",
"details": "moderate"
}
],
"title": "CVE-2021-3483"
}
]
}
Loading…
Trend slope:
-
(linear fit over daily sighting counts)
Show additional events:
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…