QID 671051

The kernel package contains the linux kernel (vmlinuz), the core of any linux operating system.
the kernel handles the basic functions of the operating system: memory allocation, process allocation, device input and output, etc.
security fix(es): in the nl80211_policy policy of nl80211.c, there is a possible out of bounds read due to a missing bounds check.
This could lead to local information disclosure with system execution privileges needed.
User interaction is not required for exploitation.(cve-2020-27068) a flaw was found in the linux kernels nfc implementation, a null pointer dereference and bug leading to a denial of service can be triggered by a local unprivileged user causing a kernel panic.(cve-2021-38208) a flaw was discovered in processing setsockopt ipt_so_set_replace (or ip6t_so_set_replace) for 32 bit processes on 64 bit systems.
This flaw will allow local user to gain privileges or cause a dos through user name space.
This action is usually restricted to root-privileged users but can also be leveraged if the kernel is compiled with config_user_ns and config_net_ns and the user is granted elevated privileges.(cve-2021-22555) a flaw was found in the "routing decision" classifier in the linux kernels traffic control networking subsystem in the way it handled changing of classification filters, leading to a use-after-free condition.
This flaw allows unprivileged local users to escalate their privileges on the system.
An access point (ap) forwards eapol frames to other clients even though the sender has not yet successfully authenticated to the ap.
The wep, wpa, wpa2, and wpa3 implementations treat fragmented frames as full frames.

Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.

An arbitrary attacker may exploit this vulnerability to compromise the system.