rpm package
suse/kernel-azure&distro=SUSE Linux Enterprise Module for Public Cloud 15
pkg:rpm/suse/kernel-azure&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Public%20Cloud%2015
Vulnerabilities (193)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2018-16884 | — | < 4.12.14-5.19.1 | 4.12.14-5.19.1 | Dec 18, 2018 | A flaw was found in the Linux kernel's NFS41+ subsystem. NFS41+ shares mounted in different network namespaces at the same time can make bc_svc_process() use wrong back-channel IDs and cause a use-after-free vulnerability. Thus a malicious container user can cause a host kernel m | ||
| CVE-2018-20169 | — | < 4.12.14-5.19.1 | 4.12.14-5.19.1 | Dec 17, 2018 | An issue was discovered in the Linux kernel before 4.19.9. The USB subsystem mishandles size checks during the reading of an extra descriptor, related to __usb_get_extra_descriptor in drivers/usb/core/usb.c. | ||
| CVE-2018-18397 | — | < 4.12.14-5.19.1 | 4.12.14-5.19.1 | Dec 12, 2018 | The userfaultfd implementation in the Linux kernel before 4.19.7 mishandles access control for certain UFFDIO_ ioctl calls, as demonstrated by allowing local users to write data into holes in a tmpfs file (if the user has read-only access to that file, and that file contains hole | ||
| CVE-2018-9568 | — | < 4.12.14-5.19.1 | 4.12.14-5.19.1 | Dec 6, 2018 | In sk_clone_lock of sock.c, there is a possible memory corruption due to type confusion. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: Android kernel. A | ||
| CVE-2018-19854 | — | < 4.12.14-5.19.1 | 4.12.14-5.19.1 | Dec 4, 2018 | An issue was discovered in the Linux kernel before 4.19.3. crypto_report_one() and related functions in crypto/crypto_user.c (the crypto user configuration API) do not fully initialize structures that are copied to userspace, potentially leaking sensitive memory to user programs. | ||
| CVE-2018-19824 | — | < 4.12.14-5.19.1 | 4.12.14-5.19.1 | Dec 3, 2018 | In the Linux kernel through 4.19.6, a local user could exploit a use-after-free in the ALSA driver by supplying a malicious USB Sound device (with zero interfaces) that is mishandled in usb_audio_probe in sound/usb/card.c. | ||
| CVE-2018-16862 | — | < 4.12.14-5.19.1 | 4.12.14-5.19.1 | Nov 26, 2018 | A security flaw was found in the Linux kernel in a way that the cleancache subsystem clears an inode after the final file truncation (removal). The new file created with the same inode may contain leftover pages from cleancache and the old file data instead of the new one. | ||
| CVE-2018-19407 | — | < 4.12.14-5.19.1 | 4.12.14-5.19.1 | Nov 21, 2018 | The vcpu_scan_ioapic function in arch/x86/kvm/x86.c in the Linux kernel through 4.19.2 allows local users to cause a denial of service (NULL pointer dereference and BUG) via crafted system calls that reach a situation where ioapic is uninitialized. | ||
| CVE-2018-9385 | — | < 4.12.14-5.8.1 | 4.12.14-5.8.1 | Nov 6, 2018 | In driver_override_store of bus.c, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Andro | ||
| CVE-2018-9363 | — | < 4.12.14-5.16.1 | 4.12.14-5.16.1 | Nov 6, 2018 | In the hidp_process_report in bluetooth, there is an integer overflow. This could lead to an out of bounds write with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android kernel Android ID: A-65853588 Refer | ||
| CVE-2018-18281 | — | < 4.12.14-5.19.1 | 4.12.14-5.19.1 | Oct 30, 2018 | Since Linux kernel version 3.2, the mremap() syscall performs TLB flushes after dropping pagetable locks. If a syscall such as ftruncate() removes entries from the pagetables of a task that is in the middle of mremap(), a stale TLB entry can remain for a short time that permits a | ||
| CVE-2018-18710 | — | < 4.12.14-5.16.1 | 4.12.14-5.16.1 | Oct 27, 2018 | An issue was discovered in the Linux kernel through 4.19. An information leak in cdrom_ioctl_select_disc in drivers/cdrom/cdrom.c could be used by local attackers to read kernel memory because a cast from unsigned long to int interferes with bounds checking. This is similar to CV | ||
| CVE-2018-18386 | — | < 4.12.14-5.16.1 | 4.12.14-5.16.1 | Oct 17, 2018 | drivers/tty/n_tty.c in the Linux kernel before 4.14.11 allows local attackers (who are able to access pseudo terminals) to hang/block further usage of any pseudo terminal devices due to an EXTPROC versus ICANON confusion in TIOCINQ. | ||
| CVE-2018-18445 | — | < 4.12.14-5.16.1 | 4.12.14-5.16.1 | Oct 17, 2018 | In the Linux kernel 4.14.x, 4.15.x, 4.16.x, 4.17.x, and 4.18.x before 4.18.13, faulty computation of numeric bounds in the BPF verifier permits out-of-bounds memory accesses because adjust_scalar_min_max_vals in kernel/bpf/verifier.c mishandles 32-bit right shifts. | ||
| CVE-2018-14633 | — | < 4.12.14-5.16.1 | 4.12.14-5.16.1 | Sep 25, 2018 | A security flaw was found in the chap_server_compute_md5() function in the ISCSI target code in the Linux kernel in a way an authentication request from an ISCSI initiator is processed. An unauthenticated remote attacker can cause a stack buffer overflow and smash up to 17 bytes | ||
| CVE-2018-17182 | — | < 4.12.14-5.16.1 | 4.12.14-5.16.1 | Sep 19, 2018 | An issue was discovered in the Linux kernel through 4.18.8. The vmacache_flush_all function in mm/vmacache.c mishandles sequence number overflows. An attacker can trigger a use-after-free (and possibly gain privileges) via certain thread creation, map, unmap, invalidation, and de | ||
| CVE-2018-10853 | — | < 4.12.14-5.13.1 | 4.12.14-5.13.1 | Sep 11, 2018 | A flaw was found in the way Linux kernel KVM hypervisor before 4.18 emulated instructions such as sgdt/sidt/fxsave/fxrstor. It did not check current privilege(CPL) level while emulating unprivileged instructions. An unprivileged guest user/process could use this flaw to potential | ||
| CVE-2018-14625 | — | < 4.12.14-5.19.1 | 4.12.14-5.19.1 | Sep 10, 2018 | A flaw was found in the Linux Kernel where an attacker may be able to have an uncontrolled read to kernel-memory from within a vm guest. A race condition between connect() and close() function may allow an attacker using the AF_VSOCK protocol to gather a 4 byte information leak o | ||
| CVE-2018-16658 | — | < 4.12.14-5.16.1 | 4.12.14-5.16.1 | Sep 7, 2018 | An issue was discovered in the Linux kernel before 4.18.6. An information leak in cdrom_ioctl_drive_status in drivers/cdrom/cdrom.c could be used by local attackers to read kernel memory because a cast from unsigned long to int interferes with bounds checking. This is similar to | ||
| CVE-2018-5391 | — | < 4.12.14-5.13.1 | 4.12.14-5.13.1 | Sep 6, 2018 | The Linux kernel, versions 3.9+, is vulnerable to a denial of service attack with low rates of specially modified packets targeting IP fragment re-assembly. An attacker may cause a denial of service condition by sending specially crafted IP fragments. Various vulnerabilities in I |
- CVE-2018-16884Dec 18, 2018affected < 4.12.14-5.19.1fixed 4.12.14-5.19.1
A flaw was found in the Linux kernel's NFS41+ subsystem. NFS41+ shares mounted in different network namespaces at the same time can make bc_svc_process() use wrong back-channel IDs and cause a use-after-free vulnerability. Thus a malicious container user can cause a host kernel m
- CVE-2018-20169Dec 17, 2018affected < 4.12.14-5.19.1fixed 4.12.14-5.19.1
An issue was discovered in the Linux kernel before 4.19.9. The USB subsystem mishandles size checks during the reading of an extra descriptor, related to __usb_get_extra_descriptor in drivers/usb/core/usb.c.
- CVE-2018-18397Dec 12, 2018affected < 4.12.14-5.19.1fixed 4.12.14-5.19.1
The userfaultfd implementation in the Linux kernel before 4.19.7 mishandles access control for certain UFFDIO_ ioctl calls, as demonstrated by allowing local users to write data into holes in a tmpfs file (if the user has read-only access to that file, and that file contains hole
- CVE-2018-9568Dec 6, 2018affected < 4.12.14-5.19.1fixed 4.12.14-5.19.1
In sk_clone_lock of sock.c, there is a possible memory corruption due to type confusion. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: Android kernel. A
- CVE-2018-19854Dec 4, 2018affected < 4.12.14-5.19.1fixed 4.12.14-5.19.1
An issue was discovered in the Linux kernel before 4.19.3. crypto_report_one() and related functions in crypto/crypto_user.c (the crypto user configuration API) do not fully initialize structures that are copied to userspace, potentially leaking sensitive memory to user programs.
- CVE-2018-19824Dec 3, 2018affected < 4.12.14-5.19.1fixed 4.12.14-5.19.1
In the Linux kernel through 4.19.6, a local user could exploit a use-after-free in the ALSA driver by supplying a malicious USB Sound device (with zero interfaces) that is mishandled in usb_audio_probe in sound/usb/card.c.
- CVE-2018-16862Nov 26, 2018affected < 4.12.14-5.19.1fixed 4.12.14-5.19.1
A security flaw was found in the Linux kernel in a way that the cleancache subsystem clears an inode after the final file truncation (removal). The new file created with the same inode may contain leftover pages from cleancache and the old file data instead of the new one.
- CVE-2018-19407Nov 21, 2018affected < 4.12.14-5.19.1fixed 4.12.14-5.19.1
The vcpu_scan_ioapic function in arch/x86/kvm/x86.c in the Linux kernel through 4.19.2 allows local users to cause a denial of service (NULL pointer dereference and BUG) via crafted system calls that reach a situation where ioapic is uninitialized.
- CVE-2018-9385Nov 6, 2018affected < 4.12.14-5.8.1fixed 4.12.14-5.8.1
In driver_override_store of bus.c, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Andro
- CVE-2018-9363Nov 6, 2018affected < 4.12.14-5.16.1fixed 4.12.14-5.16.1
In the hidp_process_report in bluetooth, there is an integer overflow. This could lead to an out of bounds write with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android kernel Android ID: A-65853588 Refer
- CVE-2018-18281Oct 30, 2018affected < 4.12.14-5.19.1fixed 4.12.14-5.19.1
Since Linux kernel version 3.2, the mremap() syscall performs TLB flushes after dropping pagetable locks. If a syscall such as ftruncate() removes entries from the pagetables of a task that is in the middle of mremap(), a stale TLB entry can remain for a short time that permits a
- CVE-2018-18710Oct 27, 2018affected < 4.12.14-5.16.1fixed 4.12.14-5.16.1
An issue was discovered in the Linux kernel through 4.19. An information leak in cdrom_ioctl_select_disc in drivers/cdrom/cdrom.c could be used by local attackers to read kernel memory because a cast from unsigned long to int interferes with bounds checking. This is similar to CV
- CVE-2018-18386Oct 17, 2018affected < 4.12.14-5.16.1fixed 4.12.14-5.16.1
drivers/tty/n_tty.c in the Linux kernel before 4.14.11 allows local attackers (who are able to access pseudo terminals) to hang/block further usage of any pseudo terminal devices due to an EXTPROC versus ICANON confusion in TIOCINQ.
- CVE-2018-18445Oct 17, 2018affected < 4.12.14-5.16.1fixed 4.12.14-5.16.1
In the Linux kernel 4.14.x, 4.15.x, 4.16.x, 4.17.x, and 4.18.x before 4.18.13, faulty computation of numeric bounds in the BPF verifier permits out-of-bounds memory accesses because adjust_scalar_min_max_vals in kernel/bpf/verifier.c mishandles 32-bit right shifts.
- CVE-2018-14633Sep 25, 2018affected < 4.12.14-5.16.1fixed 4.12.14-5.16.1
A security flaw was found in the chap_server_compute_md5() function in the ISCSI target code in the Linux kernel in a way an authentication request from an ISCSI initiator is processed. An unauthenticated remote attacker can cause a stack buffer overflow and smash up to 17 bytes
- CVE-2018-17182Sep 19, 2018affected < 4.12.14-5.16.1fixed 4.12.14-5.16.1
An issue was discovered in the Linux kernel through 4.18.8. The vmacache_flush_all function in mm/vmacache.c mishandles sequence number overflows. An attacker can trigger a use-after-free (and possibly gain privileges) via certain thread creation, map, unmap, invalidation, and de
- CVE-2018-10853Sep 11, 2018affected < 4.12.14-5.13.1fixed 4.12.14-5.13.1
A flaw was found in the way Linux kernel KVM hypervisor before 4.18 emulated instructions such as sgdt/sidt/fxsave/fxrstor. It did not check current privilege(CPL) level while emulating unprivileged instructions. An unprivileged guest user/process could use this flaw to potential
- CVE-2018-14625Sep 10, 2018affected < 4.12.14-5.19.1fixed 4.12.14-5.19.1
A flaw was found in the Linux Kernel where an attacker may be able to have an uncontrolled read to kernel-memory from within a vm guest. A race condition between connect() and close() function may allow an attacker using the AF_VSOCK protocol to gather a 4 byte information leak o
- CVE-2018-16658Sep 7, 2018affected < 4.12.14-5.16.1fixed 4.12.14-5.16.1
An issue was discovered in the Linux kernel before 4.18.6. An information leak in cdrom_ioctl_drive_status in drivers/cdrom/cdrom.c could be used by local attackers to read kernel memory because a cast from unsigned long to int interferes with bounds checking. This is similar to
- CVE-2018-5391Sep 6, 2018affected < 4.12.14-5.13.1fixed 4.12.14-5.13.1
The Linux kernel, versions 3.9+, is vulnerable to a denial of service attack with low rates of specially modified packets targeting IP fragment re-assembly. An attacker may cause a denial of service condition by sending specially crafted IP fragments. Various vulnerabilities in I
Page 8 of 10