rpm package
almalinux/kernel-tools-libs-devel
pkg:rpm/almalinux/kernel-tools-libs-devel
Vulnerabilities (1,303)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2019-19524 | — | < 4.18.0-240.el8 | 4.18.0-240.el8 | Dec 3, 2019 | In the Linux kernel before 5.3.12, there is a use-after-free bug that can be caused by a malicious USB device in the drivers/input/ff-memless.c driver, aka CID-fa3a5a1880c9. | ||
| CVE-2019-19528 | — | < 4.18.0-305.el8 | 4.18.0-305.el8 | Dec 3, 2019 | In the Linux kernel before 5.3.7, there is a use-after-free bug that can be caused by a malicious USB device in the drivers/usb/misc/iowarrior.c driver, aka CID-edc4746f253d. | ||
| CVE-2019-19533 | — | < 4.18.0-240.el8 | 4.18.0-240.el8 | Dec 3, 2019 | In the Linux kernel before 5.3.4, there is an info-leak bug that can be caused by a malicious USB device in the drivers/media/usb/ttusb-dec/ttusb_dec.c driver, aka CID-a10feaf8c464. | ||
| CVE-2019-19537 | — | < 4.18.0-240.el8 | 4.18.0-240.el8 | Dec 3, 2019 | In the Linux kernel before 5.2.10, there is a race condition bug that can be caused by a malicious USB device in the USB character device driver layer, aka CID-303911cfc5b9. This affects drivers/usb/core/file.c. | ||
| CVE-2019-19319 | — | < 4.18.0-240.el8 | 4.18.0-240.el8 | Nov 27, 2019 | In the Linux kernel before 5.2, a setxattr operation, after a mount of a crafted ext4 image, can cause a slab-out-of-bounds write access because of an ext4_xattr_set_entry use-after-free in fs/ext4/xattr.c when a large old_size value is used in a memset call, aka CID-345c0dbf3a30 | ||
| CVE-2019-19072 | — | < 4.18.0-240.el8 | 4.18.0-240.el8 | Nov 18, 2019 | A memory leak in the predicate_parse() function in kernel/trace/trace_events_filter.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption), aka CID-96c5c6e6a5b6. | ||
| CVE-2019-19068 | — | < 4.18.0-240.el8 | 4.18.0-240.el8 | Nov 18, 2019 | A memory leak in the rtl8xxxu_submit_int_urb() function in drivers/net/wireless/realtek/rtl8xxxu/rtl8xxxu_core.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering usb_submit_urb() failures, aka CID-a2cdd07488e6. | ||
| CVE-2019-19063 | — | < 4.18.0-240.el8 | 4.18.0-240.el8 | Nov 18, 2019 | Two memory leaks in the rtl_usb_probe() function in drivers/net/wireless/realtek/rtlwifi/usb.c in the Linux kernel through 5.3.11 allow attackers to cause a denial of service (memory consumption), aka CID-3f9361695113. | ||
| CVE-2019-19062 | — | < 4.18.0-240.el8 | 4.18.0-240.el8 | Nov 18, 2019 | A memory leak in the crypto_report() function in crypto/crypto_user_base.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering crypto_report_alg() failures, aka CID-ffdde5932042. | ||
| CVE-2019-19056 | — | < 4.18.0-240.el8 | 4.18.0-240.el8 | Nov 18, 2019 | A memory leak in the mwifiex_pcie_alloc_cmdrsp_buf() function in drivers/net/wireless/marvell/mwifiex/pcie.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering mwifiex_map_pci_memory() failures, aka CID-db8fd2cde932 | ||
| CVE-2019-19046 | — | < 4.18.0-240.el8 | 4.18.0-240.el8 | Nov 18, 2019 | A memory leak in the __ipmi_bmc_register() function in drivers/char/ipmi/ipmi_msghandler.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering ida_simple_get() failure, aka CID-4aa7afb0ee20. NOTE: third parties dispu | ||
| CVE-2019-18808 | — | < 4.18.0-240.el8 | 4.18.0-240.el8 | Nov 7, 2019 | A memory leak in the ccp_run_sha_cmd() function in drivers/crypto/ccp/ccp-ops.c in the Linux kernel through 5.3.9 allows attackers to cause a denial of service (memory consumption), aka CID-128c66429247. | ||
| CVE-2019-18809 | — | < 4.18.0-240.el8 | 4.18.0-240.el8 | Nov 7, 2019 | A memory leak in the af9005_identify_state() function in drivers/media/usb/dvb-usb/af9005.c in the Linux kernel through 5.3.9 allows attackers to cause a denial of service (memory consumption), aka CID-2289adbfa559. | ||
| CVE-2019-18811 | — | < 4.18.0-305.el8 | 4.18.0-305.el8 | Nov 7, 2019 | A memory leak in the sof_set_get_large_ctrl_data() function in sound/soc/sof/ipc.c in the Linux kernel through 5.3.9 allows attackers to cause a denial of service (memory consumption) by triggering sof_get_ctrl_copy_params() failures, aka CID-45c1380358b1. | ||
| CVE-2019-16231 | — | < 4.18.0-240.el8 | 4.18.0-240.el8 | Sep 11, 2019 | drivers/net/fjes/fjes_main.c in the Linux kernel 5.2.14 does not check the alloc_workqueue return value, leading to a NULL pointer dereference. | ||
| CVE-2019-16233 | — | < 4.18.0-240.el8 | 4.18.0-240.el8 | Sep 11, 2019 | drivers/scsi/qla2xxx/qla_os.c in the Linux kernel 5.2.14 does not check the alloc_workqueue return value, leading to a NULL pointer dereference. | ||
| CVE-2019-9455 | — | < 4.18.0-240.el8 | 4.18.0-240.el8 | Sep 6, 2019 | In the Android kernel in the video driver there is a kernel pointer leak due to a WARN_ON statement. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. | ||
| CVE-2019-9458 | — | < 4.18.0-240.el8 | 4.18.0-240.el8 | Sep 6, 2019 | In the Android kernel in the video driver there is a use after free due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. | ||
| CVE-2019-15925 | — | < 4.18.0-240.el8 | 4.18.0-240.el8 | Sep 4, 2019 | An issue was discovered in the Linux kernel before 5.2.3. An out of bounds access exists in the function hclge_tm_schd_mode_vnet_base_cfg in the file drivers/net/ethernet/hisilicon/hns3/hns3pf/hclge_tm.c. | ||
| CVE-2019-15917 | — | < 4.18.0-240.el8 | 4.18.0-240.el8 | Sep 4, 2019 | An issue was discovered in the Linux kernel before 5.0.5. There is a use-after-free issue when hci_uart_register_dev() fails in hci_uart_set_proto() in drivers/bluetooth/hci_ldisc.c. |
- CVE-2019-19524Dec 3, 2019affected < 4.18.0-240.el8fixed 4.18.0-240.el8
In the Linux kernel before 5.3.12, there is a use-after-free bug that can be caused by a malicious USB device in the drivers/input/ff-memless.c driver, aka CID-fa3a5a1880c9.
- CVE-2019-19528Dec 3, 2019affected < 4.18.0-305.el8fixed 4.18.0-305.el8
In the Linux kernel before 5.3.7, there is a use-after-free bug that can be caused by a malicious USB device in the drivers/usb/misc/iowarrior.c driver, aka CID-edc4746f253d.
- CVE-2019-19533Dec 3, 2019affected < 4.18.0-240.el8fixed 4.18.0-240.el8
In the Linux kernel before 5.3.4, there is an info-leak bug that can be caused by a malicious USB device in the drivers/media/usb/ttusb-dec/ttusb_dec.c driver, aka CID-a10feaf8c464.
- CVE-2019-19537Dec 3, 2019affected < 4.18.0-240.el8fixed 4.18.0-240.el8
In the Linux kernel before 5.2.10, there is a race condition bug that can be caused by a malicious USB device in the USB character device driver layer, aka CID-303911cfc5b9. This affects drivers/usb/core/file.c.
- CVE-2019-19319Nov 27, 2019affected < 4.18.0-240.el8fixed 4.18.0-240.el8
In the Linux kernel before 5.2, a setxattr operation, after a mount of a crafted ext4 image, can cause a slab-out-of-bounds write access because of an ext4_xattr_set_entry use-after-free in fs/ext4/xattr.c when a large old_size value is used in a memset call, aka CID-345c0dbf3a30
- CVE-2019-19072Nov 18, 2019affected < 4.18.0-240.el8fixed 4.18.0-240.el8
A memory leak in the predicate_parse() function in kernel/trace/trace_events_filter.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption), aka CID-96c5c6e6a5b6.
- CVE-2019-19068Nov 18, 2019affected < 4.18.0-240.el8fixed 4.18.0-240.el8
A memory leak in the rtl8xxxu_submit_int_urb() function in drivers/net/wireless/realtek/rtl8xxxu/rtl8xxxu_core.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering usb_submit_urb() failures, aka CID-a2cdd07488e6.
- CVE-2019-19063Nov 18, 2019affected < 4.18.0-240.el8fixed 4.18.0-240.el8
Two memory leaks in the rtl_usb_probe() function in drivers/net/wireless/realtek/rtlwifi/usb.c in the Linux kernel through 5.3.11 allow attackers to cause a denial of service (memory consumption), aka CID-3f9361695113.
- CVE-2019-19062Nov 18, 2019affected < 4.18.0-240.el8fixed 4.18.0-240.el8
A memory leak in the crypto_report() function in crypto/crypto_user_base.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering crypto_report_alg() failures, aka CID-ffdde5932042.
- CVE-2019-19056Nov 18, 2019affected < 4.18.0-240.el8fixed 4.18.0-240.el8
A memory leak in the mwifiex_pcie_alloc_cmdrsp_buf() function in drivers/net/wireless/marvell/mwifiex/pcie.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering mwifiex_map_pci_memory() failures, aka CID-db8fd2cde932
- CVE-2019-19046Nov 18, 2019affected < 4.18.0-240.el8fixed 4.18.0-240.el8
A memory leak in the __ipmi_bmc_register() function in drivers/char/ipmi/ipmi_msghandler.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering ida_simple_get() failure, aka CID-4aa7afb0ee20. NOTE: third parties dispu
- CVE-2019-18808Nov 7, 2019affected < 4.18.0-240.el8fixed 4.18.0-240.el8
A memory leak in the ccp_run_sha_cmd() function in drivers/crypto/ccp/ccp-ops.c in the Linux kernel through 5.3.9 allows attackers to cause a denial of service (memory consumption), aka CID-128c66429247.
- CVE-2019-18809Nov 7, 2019affected < 4.18.0-240.el8fixed 4.18.0-240.el8
A memory leak in the af9005_identify_state() function in drivers/media/usb/dvb-usb/af9005.c in the Linux kernel through 5.3.9 allows attackers to cause a denial of service (memory consumption), aka CID-2289adbfa559.
- CVE-2019-18811Nov 7, 2019affected < 4.18.0-305.el8fixed 4.18.0-305.el8
A memory leak in the sof_set_get_large_ctrl_data() function in sound/soc/sof/ipc.c in the Linux kernel through 5.3.9 allows attackers to cause a denial of service (memory consumption) by triggering sof_get_ctrl_copy_params() failures, aka CID-45c1380358b1.
- CVE-2019-16231Sep 11, 2019affected < 4.18.0-240.el8fixed 4.18.0-240.el8
drivers/net/fjes/fjes_main.c in the Linux kernel 5.2.14 does not check the alloc_workqueue return value, leading to a NULL pointer dereference.
- CVE-2019-16233Sep 11, 2019affected < 4.18.0-240.el8fixed 4.18.0-240.el8
drivers/scsi/qla2xxx/qla_os.c in the Linux kernel 5.2.14 does not check the alloc_workqueue return value, leading to a NULL pointer dereference.
- CVE-2019-9455Sep 6, 2019affected < 4.18.0-240.el8fixed 4.18.0-240.el8
In the Android kernel in the video driver there is a kernel pointer leak due to a WARN_ON statement. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.
- CVE-2019-9458Sep 6, 2019affected < 4.18.0-240.el8fixed 4.18.0-240.el8
In the Android kernel in the video driver there is a use after free due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
- CVE-2019-15925Sep 4, 2019affected < 4.18.0-240.el8fixed 4.18.0-240.el8
An issue was discovered in the Linux kernel before 5.2.3. An out of bounds access exists in the function hclge_tm_schd_mode_vnet_base_cfg in the file drivers/net/ethernet/hisilicon/hns3/hns3pf/hclge_tm.c.
- CVE-2019-15917Sep 4, 2019affected < 4.18.0-240.el8fixed 4.18.0-240.el8
An issue was discovered in the Linux kernel before 5.0.5. There is a use-after-free issue when hci_uart_register_dev() fails in hci_uart_set_proto() in drivers/bluetooth/hci_ldisc.c.
Page 65 of 66