rpm package
opensuse/kernel-source&distro=openSUSE Tumbleweed
pkg:rpm/opensuse/kernel-source&distro=openSUSE%20Tumbleweed
Vulnerabilities (1,435)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2020-25656 | — | < 5.14.6-1.4 | 5.14.6-1.4 | Dec 2, 2020 | A flaw was found in the Linux kernel. A use-after-free was found in the way the console subsystem was using ioctls KDGKBSENT and KDSKBSENT. A local user could use this flaw to get read memory access out of bounds. The highest threat from this vulnerability is to data confidential | ||
| CVE-2020-12352 | — | < 5.14.6-1.4 | 5.14.6-1.4 | Nov 23, 2020 | Improper access control in BlueZ may allow an unauthenticated user to potentially enable information disclosure via adjacent access. | ||
| CVE-2020-12351 | — | < 5.14.6-1.4 | 5.14.6-1.4 | Nov 23, 2020 | Improper input validation in BlueZ may allow an unauthenticated user to potentially enable escalation of privilege via adjacent access. | ||
| CVE-2020-8694 | — | < 5.14.6-1.4 | 5.14.6-1.4 | Nov 12, 2020 | Insufficient access control in the Linux kernel driver for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access. | ||
| CVE-2019-8564 | — | < 5.14.6-1.4 | 5.14.6-1.4 | Oct 27, 2020 | A logic issue was addressed with improved validation. This issue is fixed in macOS Mojave 10.14.4, Security Update 2019-002 High Sierra, Security Update 2019-002 Sierra. An attacker in a privileged network position can modify driver state. | ||
| CVE-2020-14386 | — | < 5.14.6-1.4 | 5.14.6-1.4 | Sep 16, 2020 | A flaw was found in the Linux kernel before 5.9-rc4. Memory corruption can be exploited to gain root privileges from unprivileged processes. The highest threat from this vulnerability is to data confidentiality and integrity. | ||
| CVE-2020-10768 | — | < 5.14.6-1.4 | 5.14.6-1.4 | Sep 15, 2020 | A flaw was found in the Linux Kernel before 5.8-rc1 in the prctl() function, where it can be used to enable indirect branch speculation after it has been disabled. This call incorrectly reports it as being 'force disabled' when it is not and opens the system to Spectre v2 attacks | ||
| CVE-2020-10767 | — | < 5.14.6-1.4 | 5.14.6-1.4 | Sep 15, 2020 | A flaw was found in the Linux kernel before 5.8-rc1 in the implementation of the Enhanced IBPB (Indirect Branch Prediction Barrier). The IBPB mitigation will be disabled when STIBP is not available or when the Enhanced Indirect Branch Restricted Speculation (IBRS) is available. T | ||
| CVE-2020-10766 | — | < 5.14.6-1.4 | 5.14.6-1.4 | Sep 15, 2020 | A logic bug flaw was found in Linux kernel before 5.8-rc1 in the implementation of SSBD. A bug in the logic handling allows an attacker with a local account to disable SSBD protection during a context switch when additional speculative execution mitigations are in place. This iss | ||
| CVE-2020-14331 | — | < 5.14.6-1.4 | 5.14.6-1.4 | Sep 15, 2020 | A flaw was found in the Linux kernel’s implementation of the invert video code on VGA consoles when a local attacker attempts to resize the console, calling an ioctl VT_RESIZE, which causes an out-of-bounds write to occur. This flaw allows a local user with access to the VGA cons | ||
| CVE-2019-19338 | — | < 5.14.6-1.4 | 5.14.6-1.4 | Jul 13, 2020 | A flaw was found in the fix for CVE-2019-11135, in the Linux upstream kernel versions before 5.5 where, the way Intel CPUs handle speculative execution of instructions when a TSX Asynchronous Abort (TAA) error occurs. When a guest is running on a host CPU affected by the TAA flaw | ||
| CVE-2020-10135 | — | < 5.14.6-1.4 | 5.14.6-1.4 | May 19, 2020 | Legacy pairing and secure-connections pairing authentication in Bluetooth BR/EDR Core Specification v5.2 and earlier may allow an unauthenticated user to complete authentication without pairing credentials via adjacent access. An unauthenticated, adjacent attacker could impersona | ||
| CVE-2020-2732 | — | < 5.14.6-1.4 | 5.14.6-1.4 | Apr 8, 2020 | A flaw was discovered in the way that the KVM hypervisor handled instruction emulation for an L2 guest when nested virtualisation is enabled. Under some circumstances, an L2 guest may trick the L0 guest into accessing sensitive L1 resources that should be inaccessible to the L2 g | ||
| CVE-2020-8648 | — | < 5.14.6-1.4 | 5.14.6-1.4 | Feb 6, 2020 | There is a use-after-free vulnerability in the Linux kernel through 5.5.2 in the n_tty_receive_buf_common function in drivers/tty/n_tty.c. | ||
| CVE-2019-3016 | — | < 5.14.6-1.4 | 5.14.6-1.4 | Jan 31, 2020 | In a Linux KVM guest that has PV TLB enabled, a process in the guest kernel may be able to read memory locations from another process in the same guest. This problem is limit to the host running linux kernel 4.10 with a guest running linux kernel 4.16 or later. The problem mainly | ||
| CVE-2019-14615 | — | < 5.14.6-1.4 | 5.14.6-1.4 | Jan 17, 2020 | Insufficient control flow in certain data structures for some Intel(R) Processors with Intel(R) Processor Graphics may allow an unauthenticated user to potentially enable information disclosure via local access. | ||
| CVE-2019-9500 | — | < 5.14.6-1.4 | 5.14.6-1.4 | Jan 16, 2020 | The Broadcom brcmfmac WiFi driver prior to commit 1b5e2423164b3670e8bc9174e4762d297990deff is vulnerable to a heap buffer overflow. If the Wake-up on Wireless LAN functionality is configured, a malicious event frame can be constructed to trigger an heap buffer overflow in the brc | ||
| CVE-2019-19332 | — | < 5.14.6-1.4 | 5.14.6-1.4 | Jan 9, 2020 | An out-of-bounds memory write issue was found in the Linux Kernel, version 3.13 through 5.4, in the way the Linux kernel's KVM hypervisor handled the 'KVM_GET_EMULATED_CPUID' ioctl(2) request to get CPUID features emulated by the KVM hypervisor. A user or process able to access t | ||
| CVE-2019-14896 | — | < 5.14.6-1.4 | 5.14.6-1.4 | Nov 27, 2019 | A heap-based buffer overflow vulnerability was found in the Linux kernel, version kernel-2.6.32, in Marvell WiFi chip driver. A remote attacker could cause a denial of service (system crash) or, possibly execute arbitrary code, when the lbs_ibss_join_existing function is called a | ||
| CVE-2019-19252 | — | < 5.14.6-1.4 | 5.14.6-1.4 | Nov 25, 2019 | vcs_write in drivers/tty/vt/vc_screen.c in the Linux kernel through 5.3.13 does not prevent write access to vcsu devices, aka CID-0c9acb1af77a. |
- CVE-2020-25656Dec 2, 2020affected < 5.14.6-1.4fixed 5.14.6-1.4
A flaw was found in the Linux kernel. A use-after-free was found in the way the console subsystem was using ioctls KDGKBSENT and KDSKBSENT. A local user could use this flaw to get read memory access out of bounds. The highest threat from this vulnerability is to data confidential
- CVE-2020-12352Nov 23, 2020affected < 5.14.6-1.4fixed 5.14.6-1.4
Improper access control in BlueZ may allow an unauthenticated user to potentially enable information disclosure via adjacent access.
- CVE-2020-12351Nov 23, 2020affected < 5.14.6-1.4fixed 5.14.6-1.4
Improper input validation in BlueZ may allow an unauthenticated user to potentially enable escalation of privilege via adjacent access.
- CVE-2020-8694Nov 12, 2020affected < 5.14.6-1.4fixed 5.14.6-1.4
Insufficient access control in the Linux kernel driver for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.
- CVE-2019-8564Oct 27, 2020affected < 5.14.6-1.4fixed 5.14.6-1.4
A logic issue was addressed with improved validation. This issue is fixed in macOS Mojave 10.14.4, Security Update 2019-002 High Sierra, Security Update 2019-002 Sierra. An attacker in a privileged network position can modify driver state.
- CVE-2020-14386Sep 16, 2020affected < 5.14.6-1.4fixed 5.14.6-1.4
A flaw was found in the Linux kernel before 5.9-rc4. Memory corruption can be exploited to gain root privileges from unprivileged processes. The highest threat from this vulnerability is to data confidentiality and integrity.
- CVE-2020-10768Sep 15, 2020affected < 5.14.6-1.4fixed 5.14.6-1.4
A flaw was found in the Linux Kernel before 5.8-rc1 in the prctl() function, where it can be used to enable indirect branch speculation after it has been disabled. This call incorrectly reports it as being 'force disabled' when it is not and opens the system to Spectre v2 attacks
- CVE-2020-10767Sep 15, 2020affected < 5.14.6-1.4fixed 5.14.6-1.4
A flaw was found in the Linux kernel before 5.8-rc1 in the implementation of the Enhanced IBPB (Indirect Branch Prediction Barrier). The IBPB mitigation will be disabled when STIBP is not available or when the Enhanced Indirect Branch Restricted Speculation (IBRS) is available. T
- CVE-2020-10766Sep 15, 2020affected < 5.14.6-1.4fixed 5.14.6-1.4
A logic bug flaw was found in Linux kernel before 5.8-rc1 in the implementation of SSBD. A bug in the logic handling allows an attacker with a local account to disable SSBD protection during a context switch when additional speculative execution mitigations are in place. This iss
- CVE-2020-14331Sep 15, 2020affected < 5.14.6-1.4fixed 5.14.6-1.4
A flaw was found in the Linux kernel’s implementation of the invert video code on VGA consoles when a local attacker attempts to resize the console, calling an ioctl VT_RESIZE, which causes an out-of-bounds write to occur. This flaw allows a local user with access to the VGA cons
- CVE-2019-19338Jul 13, 2020affected < 5.14.6-1.4fixed 5.14.6-1.4
A flaw was found in the fix for CVE-2019-11135, in the Linux upstream kernel versions before 5.5 where, the way Intel CPUs handle speculative execution of instructions when a TSX Asynchronous Abort (TAA) error occurs. When a guest is running on a host CPU affected by the TAA flaw
- CVE-2020-10135May 19, 2020affected < 5.14.6-1.4fixed 5.14.6-1.4
Legacy pairing and secure-connections pairing authentication in Bluetooth BR/EDR Core Specification v5.2 and earlier may allow an unauthenticated user to complete authentication without pairing credentials via adjacent access. An unauthenticated, adjacent attacker could impersona
- CVE-2020-2732Apr 8, 2020affected < 5.14.6-1.4fixed 5.14.6-1.4
A flaw was discovered in the way that the KVM hypervisor handled instruction emulation for an L2 guest when nested virtualisation is enabled. Under some circumstances, an L2 guest may trick the L0 guest into accessing sensitive L1 resources that should be inaccessible to the L2 g
- CVE-2020-8648Feb 6, 2020affected < 5.14.6-1.4fixed 5.14.6-1.4
There is a use-after-free vulnerability in the Linux kernel through 5.5.2 in the n_tty_receive_buf_common function in drivers/tty/n_tty.c.
- CVE-2019-3016Jan 31, 2020affected < 5.14.6-1.4fixed 5.14.6-1.4
In a Linux KVM guest that has PV TLB enabled, a process in the guest kernel may be able to read memory locations from another process in the same guest. This problem is limit to the host running linux kernel 4.10 with a guest running linux kernel 4.16 or later. The problem mainly
- CVE-2019-14615Jan 17, 2020affected < 5.14.6-1.4fixed 5.14.6-1.4
Insufficient control flow in certain data structures for some Intel(R) Processors with Intel(R) Processor Graphics may allow an unauthenticated user to potentially enable information disclosure via local access.
- CVE-2019-9500Jan 16, 2020affected < 5.14.6-1.4fixed 5.14.6-1.4
The Broadcom brcmfmac WiFi driver prior to commit 1b5e2423164b3670e8bc9174e4762d297990deff is vulnerable to a heap buffer overflow. If the Wake-up on Wireless LAN functionality is configured, a malicious event frame can be constructed to trigger an heap buffer overflow in the brc
- CVE-2019-19332Jan 9, 2020affected < 5.14.6-1.4fixed 5.14.6-1.4
An out-of-bounds memory write issue was found in the Linux Kernel, version 3.13 through 5.4, in the way the Linux kernel's KVM hypervisor handled the 'KVM_GET_EMULATED_CPUID' ioctl(2) request to get CPUID features emulated by the KVM hypervisor. A user or process able to access t
- CVE-2019-14896Nov 27, 2019affected < 5.14.6-1.4fixed 5.14.6-1.4
A heap-based buffer overflow vulnerability was found in the Linux kernel, version kernel-2.6.32, in Marvell WiFi chip driver. A remote attacker could cause a denial of service (system crash) or, possibly execute arbitrary code, when the lbs_ibss_join_existing function is called a
- CVE-2019-19252Nov 25, 2019affected < 5.14.6-1.4fixed 5.14.6-1.4
vcs_write in drivers/tty/vt/vc_screen.c in the Linux kernel through 5.3.13 does not prevent write access to vcsu devices, aka CID-0c9acb1af77a.
Page 64 of 72