rpm package
opensuse/kernel-source&distro=openSUSE Tumbleweed
pkg:rpm/opensuse/kernel-source&distro=openSUSE%20Tumbleweed
Vulnerabilities (1,435)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2017-16647 | Med | 6.6 | < 5.14.6-1.4 | 5.14.6-1.4 | Nov 7, 2017 | drivers/net/usb/asix_devices.c in the Linux kernel through 4.13.11 allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact via a crafted USB device. | |
| CVE-2017-16646 | Med | 6.6 | < 5.14.6-1.4 | 5.14.6-1.4 | Nov 7, 2017 | drivers/media/usb/dvb-usb/dib0700_devices.c in the Linux kernel through 4.13.11 allows local users to cause a denial of service (BUG and system crash) or possibly have unspecified other impact via a crafted USB device. | |
| CVE-2017-16645 | Med | 6.6 | < 5.14.6-1.4 | 5.14.6-1.4 | Nov 7, 2017 | The ims_pcu_get_cdc_union_desc function in drivers/input/misc/ims-pcu.c in the Linux kernel through 4.13.11 allows local users to cause a denial of service (ims_pcu_parse_cdc_data out-of-bounds read and system crash) or possibly have unspecified other impact via a crafted USB dev | |
| CVE-2017-16537 | Med | 6.6 | < 5.14.6-1.4 | 5.14.6-1.4 | Nov 4, 2017 | The imon_probe function in drivers/media/rc/imon.c in the Linux kernel through 4.13.11 allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact via a crafted USB device. | |
| CVE-2017-16536 | Med | 6.6 | < 5.14.6-1.4 | 5.14.6-1.4 | Nov 4, 2017 | The cx231xx_usb_probe function in drivers/media/usb/cx231xx/cx231xx-cards.c in the Linux kernel through 4.13.11 allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact via a crafted USB device. | |
| CVE-2014-0691 | Hig | 7.3 | < 4.8.13-1.1 | 4.8.13-1.1 | Oct 24, 2017 | Cisco WebEx Meetings Server before 1.1 uses meeting IDs with insufficient entropy, which makes it easier for remote attackers to bypass authentication and join arbitrary meetings without a password, aka Bug ID CSCuc79643. | |
| CVE-2017-13080 | Med | 5.3 | < 5.14.6-1.4 | 5.14.6-1.4 | Oct 17, 2017 | Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Group Temporal Key (GTK) during the group key handshake, allowing an attacker within radio range to replay frames from access points to clients. | |
| CVE-2017-15265 | Hig | 7.0 | < 5.14.6-1.4 | 5.14.6-1.4 | Oct 16, 2017 | Race condition in the ALSA subsystem in the Linux kernel before 4.13.8 allows local users to cause a denial of service (use-after-free) or possibly have unspecified other impact via crafted /dev/snd/seq ioctl calls, related to sound/core/seq/seq_clientmgr.c and sound/core/seq/seq | |
| CVE-2017-12153 | Med | 4.4 | < 5.14.6-1.4 | 5.14.6-1.4 | Sep 21, 2017 | A security flaw was discovered in the nl80211_set_rekey_data() function in net/wireless/nl80211.c in the Linux kernel through 4.13.3. This function does not check whether the required attributes are present in a Netlink request. This request can be issued by a user with the CAP_N | |
| CVE-2017-1000251 | Hig | 8.0 | < 5.14.6-1.4 | 5.14.6-1.4 | Sep 12, 2017 | The native Bluetooth stack in the Linux Kernel (BlueZ), starting at the Linux kernel version 2.6.32 and up to and including 4.13.1, are vulnerable to a stack overflow vulnerability in the processing of L2CAP configuration responses resulting in Remote code execution in kernel spa | |
| CVE-2017-14051 | Med | 4.4 | < 5.14.6-1.4 | 5.14.6-1.4 | Aug 31, 2017 | An integer overflow in the qla2x00_sysfs_write_optrom_ctl function in drivers/scsi/qla2xxx/qla_attr.c in the Linux kernel through 4.12.10 allows local users to cause a denial of service (memory corruption and system crash) by leveraging root access. | |
| CVE-2017-7541 | Hig | 7.8 | < 5.14.6-1.4 | 5.14.6-1.4 | Jul 25, 2017 | The brcmf_cfg80211_mgmt_tx function in drivers/net/wireless/broadcom/brcm80211/brcmfmac/cfg80211.c in the Linux kernel before 4.12.3 allows local users to cause a denial of service (buffer overflow and system crash) or possibly gain privileges via a crafted NL80211_CMD_FRAME Netl | |
| CVE-2017-7542 | Med | 5.5 | < 5.14.6-1.4 | 5.14.6-1.4 | Jul 21, 2017 | The ip6_find_1stfragopt function in net/ipv6/output_core.c in the Linux kernel through 4.12.3 allows local users to cause a denial of service (integer overflow and infinite loop) by leveraging the ability to open a raw socket. | |
| CVE-2017-8831 | Med | 6.4 | < 5.14.6-1.4 | 5.14.6-1.4 | May 8, 2017 | The saa7164_bus_get function in drivers/media/pci/saa7164/saa7164-bus.c in the Linux kernel through 4.11.5 allows local users to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact by changing a certain sequence-number value, aka a "do | |
| CVE-2016-9576 | Hig | 7.8 | < 4.8.13-1.1 | 4.8.13-1.1 | Dec 28, 2016 | The blk_rq_map_user_iov function in block/blk-map.c in the Linux kernel before 4.8.14 does not properly restrict the type of iterator, which allows local users to read or write to arbitrary kernel memory locations or cause a denial of service (use-after-free) by leveraging access | |
| CVE-2016-9555 | Cri | 9.8 | < 4.8.13-1.1 | 4.8.13-1.1 | Nov 28, 2016 | The sctp_sf_ootb function in net/sctp/sm_statefuns.c in the Linux kernel before 4.8.8 lacks chunk-length checking for the first chunk, which allows remote attackers to cause a denial of service (out-of-bounds slab access) or possibly have unspecified other impact via crafted SCTP | |
| CVE-2016-7913 | Hig | 7.8 | < 4.8.13-1.1 | 4.8.13-1.1 | Nov 16, 2016 | The xc2028_set_config function in drivers/media/tuners/tuner-xc2028.c in the Linux kernel before 4.6 allows local users to gain privileges or cause a denial of service (use-after-free) via vectors involving omission of the firmware name from a certain data structure. | |
| CVE-2016-5195 | Hig | 7.0 | KEV | < 4.8.13-1.1 | 4.8.13-1.1 | Nov 10, 2016 | Race condition in mm/gup.c in the Linux kernel 2.x through 4.x before 4.8.3 allows local users to gain privileges by leveraging incorrect handling of a copy-on-write (COW) feature to write to a read-only memory mapping, as exploited in the wild in October 2016, aka "Dirty COW." |
| CVE-2016-7425 | Hig | 7.8 | < 4.8.13-1.1 | 4.8.13-1.1 | Oct 16, 2016 | The arcmsr_iop_message_xfer function in drivers/scsi/arcmsr/arcmsr_hba.c in the Linux kernel through 4.8.2 does not restrict a certain length field, which allows local users to gain privileges or cause a denial of service (heap-based buffer overflow) via an ARCMSR_MESSAGE_WRITE_W | |
| CVE-2016-7042 | Med | 6.2 | < 4.8.13-1.1 | 4.8.13-1.1 | Oct 16, 2016 | The proc_keys_show function in security/keys/proc.c in the Linux kernel through 4.8.2, when the GNU Compiler Collection (gcc) stack protector is enabled, uses an incorrect buffer size for certain timeout data, which allows local users to cause a denial of service (stack memory co |
- affected < 5.14.6-1.4fixed 5.14.6-1.4
drivers/net/usb/asix_devices.c in the Linux kernel through 4.13.11 allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact via a crafted USB device.
- affected < 5.14.6-1.4fixed 5.14.6-1.4
drivers/media/usb/dvb-usb/dib0700_devices.c in the Linux kernel through 4.13.11 allows local users to cause a denial of service (BUG and system crash) or possibly have unspecified other impact via a crafted USB device.
- affected < 5.14.6-1.4fixed 5.14.6-1.4
The ims_pcu_get_cdc_union_desc function in drivers/input/misc/ims-pcu.c in the Linux kernel through 4.13.11 allows local users to cause a denial of service (ims_pcu_parse_cdc_data out-of-bounds read and system crash) or possibly have unspecified other impact via a crafted USB dev
- affected < 5.14.6-1.4fixed 5.14.6-1.4
The imon_probe function in drivers/media/rc/imon.c in the Linux kernel through 4.13.11 allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact via a crafted USB device.
- affected < 5.14.6-1.4fixed 5.14.6-1.4
The cx231xx_usb_probe function in drivers/media/usb/cx231xx/cx231xx-cards.c in the Linux kernel through 4.13.11 allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact via a crafted USB device.
- affected < 4.8.13-1.1fixed 4.8.13-1.1
Cisco WebEx Meetings Server before 1.1 uses meeting IDs with insufficient entropy, which makes it easier for remote attackers to bypass authentication and join arbitrary meetings without a password, aka Bug ID CSCuc79643.
- affected < 5.14.6-1.4fixed 5.14.6-1.4
Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Group Temporal Key (GTK) during the group key handshake, allowing an attacker within radio range to replay frames from access points to clients.
- affected < 5.14.6-1.4fixed 5.14.6-1.4
Race condition in the ALSA subsystem in the Linux kernel before 4.13.8 allows local users to cause a denial of service (use-after-free) or possibly have unspecified other impact via crafted /dev/snd/seq ioctl calls, related to sound/core/seq/seq_clientmgr.c and sound/core/seq/seq
- affected < 5.14.6-1.4fixed 5.14.6-1.4
A security flaw was discovered in the nl80211_set_rekey_data() function in net/wireless/nl80211.c in the Linux kernel through 4.13.3. This function does not check whether the required attributes are present in a Netlink request. This request can be issued by a user with the CAP_N
- affected < 5.14.6-1.4fixed 5.14.6-1.4
The native Bluetooth stack in the Linux Kernel (BlueZ), starting at the Linux kernel version 2.6.32 and up to and including 4.13.1, are vulnerable to a stack overflow vulnerability in the processing of L2CAP configuration responses resulting in Remote code execution in kernel spa
- affected < 5.14.6-1.4fixed 5.14.6-1.4
An integer overflow in the qla2x00_sysfs_write_optrom_ctl function in drivers/scsi/qla2xxx/qla_attr.c in the Linux kernel through 4.12.10 allows local users to cause a denial of service (memory corruption and system crash) by leveraging root access.
- affected < 5.14.6-1.4fixed 5.14.6-1.4
The brcmf_cfg80211_mgmt_tx function in drivers/net/wireless/broadcom/brcm80211/brcmfmac/cfg80211.c in the Linux kernel before 4.12.3 allows local users to cause a denial of service (buffer overflow and system crash) or possibly gain privileges via a crafted NL80211_CMD_FRAME Netl
- affected < 5.14.6-1.4fixed 5.14.6-1.4
The ip6_find_1stfragopt function in net/ipv6/output_core.c in the Linux kernel through 4.12.3 allows local users to cause a denial of service (integer overflow and infinite loop) by leveraging the ability to open a raw socket.
- affected < 5.14.6-1.4fixed 5.14.6-1.4
The saa7164_bus_get function in drivers/media/pci/saa7164/saa7164-bus.c in the Linux kernel through 4.11.5 allows local users to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact by changing a certain sequence-number value, aka a "do
- affected < 4.8.13-1.1fixed 4.8.13-1.1
The blk_rq_map_user_iov function in block/blk-map.c in the Linux kernel before 4.8.14 does not properly restrict the type of iterator, which allows local users to read or write to arbitrary kernel memory locations or cause a denial of service (use-after-free) by leveraging access
- affected < 4.8.13-1.1fixed 4.8.13-1.1
The sctp_sf_ootb function in net/sctp/sm_statefuns.c in the Linux kernel before 4.8.8 lacks chunk-length checking for the first chunk, which allows remote attackers to cause a denial of service (out-of-bounds slab access) or possibly have unspecified other impact via crafted SCTP
- affected < 4.8.13-1.1fixed 4.8.13-1.1
The xc2028_set_config function in drivers/media/tuners/tuner-xc2028.c in the Linux kernel before 4.6 allows local users to gain privileges or cause a denial of service (use-after-free) via vectors involving omission of the firmware name from a certain data structure.
- affected < 4.8.13-1.1fixed 4.8.13-1.1
Race condition in mm/gup.c in the Linux kernel 2.x through 4.x before 4.8.3 allows local users to gain privileges by leveraging incorrect handling of a copy-on-write (COW) feature to write to a read-only memory mapping, as exploited in the wild in October 2016, aka "Dirty COW."
- affected < 4.8.13-1.1fixed 4.8.13-1.1
The arcmsr_iop_message_xfer function in drivers/scsi/arcmsr/arcmsr_hba.c in the Linux kernel through 4.8.2 does not restrict a certain length field, which allows local users to gain privileges or cause a denial of service (heap-based buffer overflow) via an ARCMSR_MESSAGE_WRITE_W
- affected < 4.8.13-1.1fixed 4.8.13-1.1
The proc_keys_show function in security/keys/proc.c in the Linux kernel through 4.8.2, when the GNU Compiler Collection (gcc) stack protector is enabled, uses an incorrect buffer size for certain timeout data, which allows local users to cause a denial of service (stack memory co
Page 68 of 72