VYPR

rpm package

opensuse/kernel-source&distro=openSUSE Tumbleweed

pkg:rpm/opensuse/kernel-source&distro=openSUSE%20Tumbleweed

Vulnerabilities (1,435)

  • CVE-2019-10207Nov 25, 2019
    affected < 5.14.6-1.4fixed 5.14.6-1.4

    A flaw was found in the Linux kernel's Bluetooth implementation of UART, all versions kernel 3.x.x before 4.18.0 and kernel 5.x.x. An attacker with local access and write permissions to the Bluetooth hardware could use this flaw to issue a specially crafted ioctl function call an

  • CVE-2019-18808Nov 7, 2019
    affected < 5.14.6-1.4fixed 5.14.6-1.4

    A memory leak in the ccp_run_sha_cmd() function in drivers/crypto/ccp/ccp-ops.c in the Linux kernel through 5.3.9 allows attackers to cause a denial of service (memory consumption), aka CID-128c66429247.

  • CVE-2019-18812Nov 7, 2019
    affected < 5.14.6-1.4fixed 5.14.6-1.4

    A memory leak in the sof_dfsentry_write() function in sound/soc/sof/debug.c in the Linux kernel through 5.3.9 allows attackers to cause a denial of service (memory consumption), aka CID-c0a333d842ef.

  • CVE-2019-18813Nov 7, 2019
    affected < 5.14.6-1.4fixed 5.14.6-1.4

    A memory leak in the dwc3_pci_probe() function in drivers/usb/dwc3/dwc3-pci.c in the Linux kernel through 5.3.9 allows attackers to cause a denial of service (memory consumption) by triggering platform_device_add_properties() failures, aka CID-9bbfceea12a8.

  • CVE-2019-17666Oct 17, 2019
    affected < 5.14.6-1.4fixed 5.14.6-1.4

    rtl_p2p_noa_ie in drivers/net/wireless/realtek/rtlwifi/ps.c in the Linux kernel through 5.3.6 lacks a certain upper-bound check, leading to a buffer overflow.

  • CVE-2019-17133Oct 4, 2019
    affected < 5.14.6-1.4fixed 5.14.6-1.4

    In the Linux kernel through 5.3.2, cfg80211_mgd_wext_giwessid in net/wireless/wext-sme.c does not reject a long SSID IE, leading to a Buffer Overflow.

  • CVE-2019-14814Sep 20, 2019
    affected < 5.14.6-1.4fixed 5.14.6-1.4

    There is heap-based buffer overflow in Linux kernel, all versions up to, excluding 5.3, in the marvell wifi chip driver in Linux kernel, that allows local users to cause a denial of service(system crash) or possibly execute arbitrary code.

  • CVE-2019-15031Sep 13, 2019
    affected < 5.14.6-1.4fixed 5.14.6-1.4

    In the Linux kernel through 5.2.14 on the powerpc platform, a local user can read vector registers of other users' processes via an interrupt. To exploit the venerability, a local user starts a transaction (via the hardware transactional memory instruction tbegin) and then access

  • CVE-2019-15030Sep 13, 2019
    affected < 5.14.6-1.4fixed 5.14.6-1.4

    In the Linux kernel through 5.2.14 on the powerpc platform, a local user can read vector registers of other users' processes via a Facility Unavailable exception. To exploit the venerability, a local user starts a transaction (via the hardware transactional memory instruction tbe

  • CVE-2019-16231Sep 11, 2019
    affected < 5.14.6-1.4fixed 5.14.6-1.4

    drivers/net/fjes/fjes_main.c in the Linux kernel 5.2.14 does not check the alloc_workqueue return value, leading to a NULL pointer dereference.

  • CVE-2019-16232Sep 11, 2019
    affected < 5.14.6-1.4fixed 5.14.6-1.4

    drivers/net/wireless/marvell/libertas/if_sdio.c in the Linux kernel 5.2.14 does not check the alloc_workqueue return value, leading to a NULL pointer dereference.

  • CVE-2019-16234Sep 11, 2019
    affected < 5.14.6-1.4fixed 5.14.6-1.4

    drivers/net/wireless/intel/iwlwifi/pcie/trans.c in the Linux kernel 5.2.14 does not check the alloc_workqueue return value, leading to a NULL pointer dereference.

  • CVE-2019-15902Sep 4, 2019
    affected < 5.14.6-1.4fixed 5.14.6-1.4

    A backporting error was discovered in the Linux stable/longterm kernel 4.4.x through 4.4.190, 4.9.x through 4.9.190, 4.14.x through 4.14.141, 4.19.x through 4.19.69, and 5.2.x through 5.2.11. Misuse of the upstream "x86/ptrace: Fix possible spectre-v1 in ptrace_get_debugreg()" co

  • CVE-2019-15504Aug 23, 2019
    affected < 5.14.6-1.4fixed 5.14.6-1.4

    drivers/net/wireless/rsi/rsi_91x_usb.c in the Linux kernel through 5.2.9 has a Double Free via crafted USB device traffic (which may be remote via usbip or usbredir).

  • CVE-2019-15098Aug 16, 2019
    affected < 5.14.6-1.4fixed 5.14.6-1.4

    drivers/net/wireless/ath/ath6kl/usb.c in the Linux kernel through 5.2.9 has a NULL pointer dereference via an incomplete address in an endpoint descriptor.

  • CVE-2019-15099Aug 16, 2019
    affected < 5.14.6-1.4fixed 5.14.6-1.4

    drivers/net/wireless/ath/ath10k/usb.c in the Linux kernel through 5.2.8 has a NULL pointer dereference via an incomplete address in an endpoint descriptor.

  • CVE-2019-11479Jun 18, 2019
    affected < 5.14.6-1.4fixed 5.14.6-1.4

    Jonathan Looney discovered that the Linux kernel default MSS is hard-coded to 48 bytes. This allows a remote peer to fragment TCP resend queues significantly more than if a larger MSS were enforced. A remote attacker could use this to cause a denial of service. This has been fixe

  • CVE-2019-11478Jun 18, 2019
    affected < 5.14.6-1.4fixed 5.14.6-1.4

    Jonathan Looney discovered that the TCP retransmission queue implementation in tcp_fragment in the Linux kernel could be fragmented when handling certain TCP Selective Acknowledgment (SACK) sequences. A remote attacker could use this to cause a denial of service. This has been fi

  • CVE-2019-11477Jun 18, 2019
    affected < 5.14.6-1.4fixed 5.14.6-1.4

    Jonathan Looney discovered that the TCP_SKB_CB(skb)->tcp_gso_segs value was subject to an integer overflow in the Linux kernel when handling TCP Selective Acknowledgments (SACKs). A remote attacker could use this to cause a denial of service. This has been fixed in stable kernel

  • CVE-2019-3846Jun 3, 2019
    affected < 5.14.6-1.4fixed 5.14.6-1.4

    A flaw that allowed an attacker to corrupt memory and possibly escalate privileges was found in the mwifiex kernel module while connecting to a malicious wireless network.

Page 65 of 72