rpm package
opensuse/kernel-source&distro=openSUSE Tumbleweed
pkg:rpm/opensuse/kernel-source&distro=openSUSE%20Tumbleweed
Vulnerabilities (1,435)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2019-10207 | — | < 5.14.6-1.4 | 5.14.6-1.4 | Nov 25, 2019 | A flaw was found in the Linux kernel's Bluetooth implementation of UART, all versions kernel 3.x.x before 4.18.0 and kernel 5.x.x. An attacker with local access and write permissions to the Bluetooth hardware could use this flaw to issue a specially crafted ioctl function call an | ||
| CVE-2019-18808 | — | < 5.14.6-1.4 | 5.14.6-1.4 | Nov 7, 2019 | A memory leak in the ccp_run_sha_cmd() function in drivers/crypto/ccp/ccp-ops.c in the Linux kernel through 5.3.9 allows attackers to cause a denial of service (memory consumption), aka CID-128c66429247. | ||
| CVE-2019-18812 | — | < 5.14.6-1.4 | 5.14.6-1.4 | Nov 7, 2019 | A memory leak in the sof_dfsentry_write() function in sound/soc/sof/debug.c in the Linux kernel through 5.3.9 allows attackers to cause a denial of service (memory consumption), aka CID-c0a333d842ef. | ||
| CVE-2019-18813 | — | < 5.14.6-1.4 | 5.14.6-1.4 | Nov 7, 2019 | A memory leak in the dwc3_pci_probe() function in drivers/usb/dwc3/dwc3-pci.c in the Linux kernel through 5.3.9 allows attackers to cause a denial of service (memory consumption) by triggering platform_device_add_properties() failures, aka CID-9bbfceea12a8. | ||
| CVE-2019-17666 | — | < 5.14.6-1.4 | 5.14.6-1.4 | Oct 17, 2019 | rtl_p2p_noa_ie in drivers/net/wireless/realtek/rtlwifi/ps.c in the Linux kernel through 5.3.6 lacks a certain upper-bound check, leading to a buffer overflow. | ||
| CVE-2019-17133 | — | < 5.14.6-1.4 | 5.14.6-1.4 | Oct 4, 2019 | In the Linux kernel through 5.3.2, cfg80211_mgd_wext_giwessid in net/wireless/wext-sme.c does not reject a long SSID IE, leading to a Buffer Overflow. | ||
| CVE-2019-14814 | — | < 5.14.6-1.4 | 5.14.6-1.4 | Sep 20, 2019 | There is heap-based buffer overflow in Linux kernel, all versions up to, excluding 5.3, in the marvell wifi chip driver in Linux kernel, that allows local users to cause a denial of service(system crash) or possibly execute arbitrary code. | ||
| CVE-2019-15031 | — | < 5.14.6-1.4 | 5.14.6-1.4 | Sep 13, 2019 | In the Linux kernel through 5.2.14 on the powerpc platform, a local user can read vector registers of other users' processes via an interrupt. To exploit the venerability, a local user starts a transaction (via the hardware transactional memory instruction tbegin) and then access | ||
| CVE-2019-15030 | — | < 5.14.6-1.4 | 5.14.6-1.4 | Sep 13, 2019 | In the Linux kernel through 5.2.14 on the powerpc platform, a local user can read vector registers of other users' processes via a Facility Unavailable exception. To exploit the venerability, a local user starts a transaction (via the hardware transactional memory instruction tbe | ||
| CVE-2019-16231 | — | < 5.14.6-1.4 | 5.14.6-1.4 | Sep 11, 2019 | drivers/net/fjes/fjes_main.c in the Linux kernel 5.2.14 does not check the alloc_workqueue return value, leading to a NULL pointer dereference. | ||
| CVE-2019-16232 | — | < 5.14.6-1.4 | 5.14.6-1.4 | Sep 11, 2019 | drivers/net/wireless/marvell/libertas/if_sdio.c in the Linux kernel 5.2.14 does not check the alloc_workqueue return value, leading to a NULL pointer dereference. | ||
| CVE-2019-16234 | — | < 5.14.6-1.4 | 5.14.6-1.4 | Sep 11, 2019 | drivers/net/wireless/intel/iwlwifi/pcie/trans.c in the Linux kernel 5.2.14 does not check the alloc_workqueue return value, leading to a NULL pointer dereference. | ||
| CVE-2019-15902 | — | < 5.14.6-1.4 | 5.14.6-1.4 | Sep 4, 2019 | A backporting error was discovered in the Linux stable/longterm kernel 4.4.x through 4.4.190, 4.9.x through 4.9.190, 4.14.x through 4.14.141, 4.19.x through 4.19.69, and 5.2.x through 5.2.11. Misuse of the upstream "x86/ptrace: Fix possible spectre-v1 in ptrace_get_debugreg()" co | ||
| CVE-2019-15504 | — | < 5.14.6-1.4 | 5.14.6-1.4 | Aug 23, 2019 | drivers/net/wireless/rsi/rsi_91x_usb.c in the Linux kernel through 5.2.9 has a Double Free via crafted USB device traffic (which may be remote via usbip or usbredir). | ||
| CVE-2019-15098 | — | < 5.14.6-1.4 | 5.14.6-1.4 | Aug 16, 2019 | drivers/net/wireless/ath/ath6kl/usb.c in the Linux kernel through 5.2.9 has a NULL pointer dereference via an incomplete address in an endpoint descriptor. | ||
| CVE-2019-15099 | — | < 5.14.6-1.4 | 5.14.6-1.4 | Aug 16, 2019 | drivers/net/wireless/ath/ath10k/usb.c in the Linux kernel through 5.2.8 has a NULL pointer dereference via an incomplete address in an endpoint descriptor. | ||
| CVE-2019-11479 | — | < 5.14.6-1.4 | 5.14.6-1.4 | Jun 18, 2019 | Jonathan Looney discovered that the Linux kernel default MSS is hard-coded to 48 bytes. This allows a remote peer to fragment TCP resend queues significantly more than if a larger MSS were enforced. A remote attacker could use this to cause a denial of service. This has been fixe | ||
| CVE-2019-11478 | — | < 5.14.6-1.4 | 5.14.6-1.4 | Jun 18, 2019 | Jonathan Looney discovered that the TCP retransmission queue implementation in tcp_fragment in the Linux kernel could be fragmented when handling certain TCP Selective Acknowledgment (SACK) sequences. A remote attacker could use this to cause a denial of service. This has been fi | ||
| CVE-2019-11477 | — | < 5.14.6-1.4 | 5.14.6-1.4 | Jun 18, 2019 | Jonathan Looney discovered that the TCP_SKB_CB(skb)->tcp_gso_segs value was subject to an integer overflow in the Linux kernel when handling TCP Selective Acknowledgments (SACKs). A remote attacker could use this to cause a denial of service. This has been fixed in stable kernel | ||
| CVE-2019-3846 | — | < 5.14.6-1.4 | 5.14.6-1.4 | Jun 3, 2019 | A flaw that allowed an attacker to corrupt memory and possibly escalate privileges was found in the mwifiex kernel module while connecting to a malicious wireless network. |
- CVE-2019-10207Nov 25, 2019affected < 5.14.6-1.4fixed 5.14.6-1.4
A flaw was found in the Linux kernel's Bluetooth implementation of UART, all versions kernel 3.x.x before 4.18.0 and kernel 5.x.x. An attacker with local access and write permissions to the Bluetooth hardware could use this flaw to issue a specially crafted ioctl function call an
- CVE-2019-18808Nov 7, 2019affected < 5.14.6-1.4fixed 5.14.6-1.4
A memory leak in the ccp_run_sha_cmd() function in drivers/crypto/ccp/ccp-ops.c in the Linux kernel through 5.3.9 allows attackers to cause a denial of service (memory consumption), aka CID-128c66429247.
- CVE-2019-18812Nov 7, 2019affected < 5.14.6-1.4fixed 5.14.6-1.4
A memory leak in the sof_dfsentry_write() function in sound/soc/sof/debug.c in the Linux kernel through 5.3.9 allows attackers to cause a denial of service (memory consumption), aka CID-c0a333d842ef.
- CVE-2019-18813Nov 7, 2019affected < 5.14.6-1.4fixed 5.14.6-1.4
A memory leak in the dwc3_pci_probe() function in drivers/usb/dwc3/dwc3-pci.c in the Linux kernel through 5.3.9 allows attackers to cause a denial of service (memory consumption) by triggering platform_device_add_properties() failures, aka CID-9bbfceea12a8.
- CVE-2019-17666Oct 17, 2019affected < 5.14.6-1.4fixed 5.14.6-1.4
rtl_p2p_noa_ie in drivers/net/wireless/realtek/rtlwifi/ps.c in the Linux kernel through 5.3.6 lacks a certain upper-bound check, leading to a buffer overflow.
- CVE-2019-17133Oct 4, 2019affected < 5.14.6-1.4fixed 5.14.6-1.4
In the Linux kernel through 5.3.2, cfg80211_mgd_wext_giwessid in net/wireless/wext-sme.c does not reject a long SSID IE, leading to a Buffer Overflow.
- CVE-2019-14814Sep 20, 2019affected < 5.14.6-1.4fixed 5.14.6-1.4
There is heap-based buffer overflow in Linux kernel, all versions up to, excluding 5.3, in the marvell wifi chip driver in Linux kernel, that allows local users to cause a denial of service(system crash) or possibly execute arbitrary code.
- CVE-2019-15031Sep 13, 2019affected < 5.14.6-1.4fixed 5.14.6-1.4
In the Linux kernel through 5.2.14 on the powerpc platform, a local user can read vector registers of other users' processes via an interrupt. To exploit the venerability, a local user starts a transaction (via the hardware transactional memory instruction tbegin) and then access
- CVE-2019-15030Sep 13, 2019affected < 5.14.6-1.4fixed 5.14.6-1.4
In the Linux kernel through 5.2.14 on the powerpc platform, a local user can read vector registers of other users' processes via a Facility Unavailable exception. To exploit the venerability, a local user starts a transaction (via the hardware transactional memory instruction tbe
- CVE-2019-16231Sep 11, 2019affected < 5.14.6-1.4fixed 5.14.6-1.4
drivers/net/fjes/fjes_main.c in the Linux kernel 5.2.14 does not check the alloc_workqueue return value, leading to a NULL pointer dereference.
- CVE-2019-16232Sep 11, 2019affected < 5.14.6-1.4fixed 5.14.6-1.4
drivers/net/wireless/marvell/libertas/if_sdio.c in the Linux kernel 5.2.14 does not check the alloc_workqueue return value, leading to a NULL pointer dereference.
- CVE-2019-16234Sep 11, 2019affected < 5.14.6-1.4fixed 5.14.6-1.4
drivers/net/wireless/intel/iwlwifi/pcie/trans.c in the Linux kernel 5.2.14 does not check the alloc_workqueue return value, leading to a NULL pointer dereference.
- CVE-2019-15902Sep 4, 2019affected < 5.14.6-1.4fixed 5.14.6-1.4
A backporting error was discovered in the Linux stable/longterm kernel 4.4.x through 4.4.190, 4.9.x through 4.9.190, 4.14.x through 4.14.141, 4.19.x through 4.19.69, and 5.2.x through 5.2.11. Misuse of the upstream "x86/ptrace: Fix possible spectre-v1 in ptrace_get_debugreg()" co
- CVE-2019-15504Aug 23, 2019affected < 5.14.6-1.4fixed 5.14.6-1.4
drivers/net/wireless/rsi/rsi_91x_usb.c in the Linux kernel through 5.2.9 has a Double Free via crafted USB device traffic (which may be remote via usbip or usbredir).
- CVE-2019-15098Aug 16, 2019affected < 5.14.6-1.4fixed 5.14.6-1.4
drivers/net/wireless/ath/ath6kl/usb.c in the Linux kernel through 5.2.9 has a NULL pointer dereference via an incomplete address in an endpoint descriptor.
- CVE-2019-15099Aug 16, 2019affected < 5.14.6-1.4fixed 5.14.6-1.4
drivers/net/wireless/ath/ath10k/usb.c in the Linux kernel through 5.2.8 has a NULL pointer dereference via an incomplete address in an endpoint descriptor.
- CVE-2019-11479Jun 18, 2019affected < 5.14.6-1.4fixed 5.14.6-1.4
Jonathan Looney discovered that the Linux kernel default MSS is hard-coded to 48 bytes. This allows a remote peer to fragment TCP resend queues significantly more than if a larger MSS were enforced. A remote attacker could use this to cause a denial of service. This has been fixe
- CVE-2019-11478Jun 18, 2019affected < 5.14.6-1.4fixed 5.14.6-1.4
Jonathan Looney discovered that the TCP retransmission queue implementation in tcp_fragment in the Linux kernel could be fragmented when handling certain TCP Selective Acknowledgment (SACK) sequences. A remote attacker could use this to cause a denial of service. This has been fi
- CVE-2019-11477Jun 18, 2019affected < 5.14.6-1.4fixed 5.14.6-1.4
Jonathan Looney discovered that the TCP_SKB_CB(skb)->tcp_gso_segs value was subject to an integer overflow in the Linux kernel when handling TCP Selective Acknowledgments (SACKs). A remote attacker could use this to cause a denial of service. This has been fixed in stable kernel
- CVE-2019-3846Jun 3, 2019affected < 5.14.6-1.4fixed 5.14.6-1.4
A flaw that allowed an attacker to corrupt memory and possibly escalate privileges was found in the mwifiex kernel module while connecting to a malicious wireless network.
Page 65 of 72