Suse linux enterprise high availability

This hub aggregates every CVE we track for Suse linux enterprise high availability, a product in the operating systems space. Use it to gauge the current risk picture and drill into individual advisories.

Severity distribution

Monthly trend

The 15 most recently published vulnerabilities affecting Suse linux enterprise high availability.

• CVE-2022-2031A flaw was found in Samba. The security vulnerability occurs when KDC and the kpasswd service share a single account and set of keys, allowing them to decrypt each other's tickets. A user who has b...8.8Aug 25, 2022
• CVE-2022-1158A flaw was found in KVM. When updating a guest's page table entry, vm_pgoff was improperly used as the offset to get the page's pfn. As vaddr and vm_pgoff are controllable by user-mode processes, t...7.8Aug 5, 2022
• CVE-2022-29900Mis-trained branch predictions for return instructions may allow arbitrary speculative code execution under certain microarchitecture-dependent conditions.6.5Jul 12, 2022
• CVE-2022-29901Arbitrary Memory Disclosure through CPU Side-Channel Attacks (Retbleed)5.6Jul 12, 2022
• CVE-2022-0847A flaw was found in the way the "flags" member of the new pipe buffer structure was lacking proper initialization in copy_page_to_iter_pipe and push_pipe functions in the Linux kernel and could thu...KEV7.8Mar 7, 2022
• CVE-2021-3738In DCE/RPC it is possible to share the handles (cookies for resource state) between multiple connections via a mechanism called 'association groups'. These handles can reference connections to our ...8.8Mar 2, 2022
• CVE-2021-29154BPF JIT compilers in the Linux kernel through 5.11.12 have incorrect computation of branch displacements, allowing them to execute arbitrary code within the kernel context. This affects arch/x86/ne...7.8Apr 8, 2021
• CVE-2020-27786A flaw was found in the Linux kernel’s implementation of MIDI, where an attacker with a local account and the permissions to issue ioctl commands to midi devices could trigger a use-after-free is...7.8Dec 11, 2020
• CVE-2020-14381A flaw was found in the Linux kernel’s futex implementation. This flaw allows a local attacker to corrupt system memory or escalate their privileges when creating a futex on a filesystem that is ...7.8Dec 3, 2020
• CVE-2020-25641A flaw was found in the Linux kernel's implementation of biovecs in versions before 5.9-rc7. A zero-length biovec request issued by the block subsystem could cause the kernel to enter an infinite l...5.5Oct 6, 2020
• CVE-2020-26088A missing CAP_NET_RAW check in NFC socket creation in net/nfc/rawsock.c in the Linux kernel before 5.8.2 could be used by local attackers to create raw sockets, bypassing security mechanisms, aka C...5.5Sep 24, 2020
• CVE-2020-0432In skb_to_mamac of networking.c, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with no additional execution privileges needed....7.8Sep 17, 2020
• CVE-2020-0431In kbd_keycode of keyboard.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed....6.7Sep 17, 2020
• CVE-2020-0404In uvc_scan_chain_forward of uvc_driver.c, there is a possible linked list corruption due to an unusual root cause. This could lead to local escalation of privilege in the kernel with no additional...5.5Sep 17, 2020
• CVE-2020-0427In create_pinctrl of core.c, there is a possible out of bounds read due to a use after free. This could lead to local information disclosure with no additional execution privileges needed. User int...5.5Sep 17, 2020