rpm package
suse/kernel-bigmem&distro=SUSE Linux Enterprise Server 11 SP4-LTSS
pkg:rpm/suse/kernel-bigmem&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP4-LTSS
Vulnerabilities (177)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2019-16234 | Med | 4.7 | < 3.0.101-108.108.1 | 3.0.101-108.108.1 | Sep 11, 2019 | drivers/net/wireless/intel/iwlwifi/pcie/trans.c in the Linux kernel 5.2.14 does not check the alloc_workqueue return value, leading to a NULL pointer dereference. | |
| CVE-2019-16233 | Med | 4.1 | < 3.0.101-108.108.1 | 3.0.101-108.108.1 | Sep 11, 2019 | drivers/scsi/qla2xxx/qla_os.c in the Linux kernel 5.2.14 does not check the alloc_workqueue return value, leading to a NULL pointer dereference. | |
| CVE-2019-16232 | Med | 4.1 | < 3.0.101-108.108.1 | 3.0.101-108.108.1 | Sep 11, 2019 | drivers/net/wireless/marvell/libertas/if_sdio.c in the Linux kernel 5.2.14 does not check the alloc_workqueue return value, leading to a NULL pointer dereference. | |
| CVE-2019-9456 | Med | 6.7 | < 3.0.101-108.108.1 | 3.0.101-108.108.1 | Sep 6, 2019 | In the Android kernel in Pixel C USB monitor driver there is a possible OOB write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. | |
| CVE-2019-15927 | Hig | 7.8 | < 3.0.101-108.108.1 | 3.0.101-108.108.1 | Sep 4, 2019 | An issue was discovered in the Linux kernel before 4.20.2. An out-of-bounds access exists in the function build_audio_procunit in the file sound/usb/mixer.c. | |
| CVE-2019-15916 | Hig | 7.5 | < 3.0.101-108.111.1 | 3.0.101-108.111.1 | Sep 4, 2019 | An issue was discovered in the Linux kernel before 5.0.1. There is a memory leak in register_queue_kobjects() in net/core/net-sysfs.c, which will cause denial of service. | |
| CVE-2019-15902 | Med | 5.6 | < 3.0.101-108.108.1 | 3.0.101-108.108.1 | Sep 4, 2019 | A backporting error was discovered in the Linux stable/longterm kernel 4.4.x through 4.4.190, 4.9.x through 4.9.190, 4.14.x through 4.14.141, 4.19.x through 4.19.69, and 5.2.x through 5.2.11. Misuse of the upstream "x86/ptrace: Fix possible spectre-v1 in ptrace_get_debugreg()" co | |
| CVE-2019-1125 | Med | 5.6 | < 3.0.101-108.101.1 | 3.0.101-108.101.1 | Sep 3, 2019 | An information disclosure vulnerability exists when certain central processing units (CPU) speculatively access memory. An attacker who successfully exploited the vulnerability could read privileged data across trust boundaries. To exploit this vulnerability, an attacker would ha | |
| CVE-2019-15807 | Med | 4.7 | < 3.0.101-108.108.1 | 3.0.101-108.108.1 | Aug 29, 2019 | In the Linux kernel before 5.1.13, there is a memory leak in drivers/scsi/libsas/sas_expander.c when SAS expander discovery fails. This will cause a BUG and denial of service. | |
| CVE-2019-15505 | Cri | 9.8 | < 3.0.101-108.108.1 | 3.0.101-108.108.1 | Aug 23, 2019 | drivers/media/usb/dvb-usb/technisat-usb2.c in the Linux kernel through 5.2.9 has an out-of-bounds read via crafted USB device traffic (which may be remote via usbip or usbredir). | |
| CVE-2019-15292 | Med | 4.7 | < 3.0.101-108.108.1 | 3.0.101-108.108.1 | Aug 21, 2019 | An issue was discovered in the Linux kernel before 5.0.9. There is a use-after-free in atalk_proc_exit, related to net/appletalk/atalk_proc.c, net/appletalk/ddp.c, and net/appletalk/sysctl_net_atalk.c. | |
| CVE-2019-15291 | Med | 4.6 | < 3.0.101-108.108.1 | 3.0.101-108.108.1 | Aug 20, 2019 | An issue was discovered in the Linux kernel through 5.2.9. There is a NULL pointer dereference caused by a malicious USB device in the flexcop_usb_probe function in the drivers/media/usb/b2c2/flexcop-usb.c driver. | |
| CVE-2019-15219 | Med | 4.6 | < 3.0.101-108.108.1 | 3.0.101-108.108.1 | Aug 19, 2019 | An issue was discovered in the Linux kernel before 5.1.8. There is a NULL pointer dereference caused by a malicious USB device in the drivers/usb/misc/sisusbvga/sisusb.c driver. | |
| CVE-2019-15217 | Med | 4.6 | < 3.0.101-108.108.1 | 3.0.101-108.108.1 | Aug 19, 2019 | An issue was discovered in the Linux kernel before 5.2.3. There is a NULL pointer dereference caused by a malicious USB device in the drivers/media/usb/zr364xx/zr364xx.c driver. | |
| CVE-2019-15216 | Med | 4.6 | < 3.0.101-108.108.1 | 3.0.101-108.108.1 | Aug 19, 2019 | An issue was discovered in the Linux kernel before 5.0.14. There is a NULL pointer dereference caused by a malicious USB device in the drivers/usb/misc/yurex.c driver. | |
| CVE-2019-15213 | Med | 4.6 | < 3.0.101-108.111.1 | 3.0.101-108.111.1 | Aug 19, 2019 | An issue was discovered in the Linux kernel before 5.2.3. There is a use-after-free caused by a malicious USB device in the drivers/media/usb/dvb-usb/dvb-usb-init.c driver. | |
| CVE-2019-15212 | Med | 4.6 | < 3.0.101-108.108.1 | 3.0.101-108.108.1 | Aug 19, 2019 | An issue was discovered in the Linux kernel before 5.1.8. There is a double-free caused by a malicious USB device in the drivers/usb/misc/rio500.c driver. | |
| CVE-2018-20976 | Hig | 7.8 | < 3.0.101-108.108.1 | 3.0.101-108.108.1 | Aug 19, 2019 | An issue was discovered in fs/xfs/xfs_super.c in the Linux kernel before 4.18. A use after free exists, related to xfs_fs_fill_super failure. | |
| CVE-2017-18551 | Med | 6.7 | < 3.0.101-108.108.1 | 3.0.101-108.108.1 | Aug 19, 2019 | An issue was discovered in drivers/i2c/i2c-core-smbus.c in the Linux kernel before 4.14.15. There is an out of bounds write in the function i2c_smbus_xfer_emulated. | |
| CVE-2019-15118 | Med | 5.5 | < 3.0.101-108.108.1 | 3.0.101-108.108.1 | Aug 16, 2019 | check_input_term in sound/usb/mixer.c in the Linux kernel through 5.2.9 mishandles recursion, leading to kernel stack exhaustion. |
- affected < 3.0.101-108.108.1fixed 3.0.101-108.108.1
drivers/net/wireless/intel/iwlwifi/pcie/trans.c in the Linux kernel 5.2.14 does not check the alloc_workqueue return value, leading to a NULL pointer dereference.
- affected < 3.0.101-108.108.1fixed 3.0.101-108.108.1
drivers/scsi/qla2xxx/qla_os.c in the Linux kernel 5.2.14 does not check the alloc_workqueue return value, leading to a NULL pointer dereference.
- affected < 3.0.101-108.108.1fixed 3.0.101-108.108.1
drivers/net/wireless/marvell/libertas/if_sdio.c in the Linux kernel 5.2.14 does not check the alloc_workqueue return value, leading to a NULL pointer dereference.
- affected < 3.0.101-108.108.1fixed 3.0.101-108.108.1
In the Android kernel in Pixel C USB monitor driver there is a possible OOB write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.
- affected < 3.0.101-108.108.1fixed 3.0.101-108.108.1
An issue was discovered in the Linux kernel before 4.20.2. An out-of-bounds access exists in the function build_audio_procunit in the file sound/usb/mixer.c.
- affected < 3.0.101-108.111.1fixed 3.0.101-108.111.1
An issue was discovered in the Linux kernel before 5.0.1. There is a memory leak in register_queue_kobjects() in net/core/net-sysfs.c, which will cause denial of service.
- affected < 3.0.101-108.108.1fixed 3.0.101-108.108.1
A backporting error was discovered in the Linux stable/longterm kernel 4.4.x through 4.4.190, 4.9.x through 4.9.190, 4.14.x through 4.14.141, 4.19.x through 4.19.69, and 5.2.x through 5.2.11. Misuse of the upstream "x86/ptrace: Fix possible spectre-v1 in ptrace_get_debugreg()" co
- affected < 3.0.101-108.101.1fixed 3.0.101-108.101.1
An information disclosure vulnerability exists when certain central processing units (CPU) speculatively access memory. An attacker who successfully exploited the vulnerability could read privileged data across trust boundaries. To exploit this vulnerability, an attacker would ha
- affected < 3.0.101-108.108.1fixed 3.0.101-108.108.1
In the Linux kernel before 5.1.13, there is a memory leak in drivers/scsi/libsas/sas_expander.c when SAS expander discovery fails. This will cause a BUG and denial of service.
- affected < 3.0.101-108.108.1fixed 3.0.101-108.108.1
drivers/media/usb/dvb-usb/technisat-usb2.c in the Linux kernel through 5.2.9 has an out-of-bounds read via crafted USB device traffic (which may be remote via usbip or usbredir).
- affected < 3.0.101-108.108.1fixed 3.0.101-108.108.1
An issue was discovered in the Linux kernel before 5.0.9. There is a use-after-free in atalk_proc_exit, related to net/appletalk/atalk_proc.c, net/appletalk/ddp.c, and net/appletalk/sysctl_net_atalk.c.
- affected < 3.0.101-108.108.1fixed 3.0.101-108.108.1
An issue was discovered in the Linux kernel through 5.2.9. There is a NULL pointer dereference caused by a malicious USB device in the flexcop_usb_probe function in the drivers/media/usb/b2c2/flexcop-usb.c driver.
- affected < 3.0.101-108.108.1fixed 3.0.101-108.108.1
An issue was discovered in the Linux kernel before 5.1.8. There is a NULL pointer dereference caused by a malicious USB device in the drivers/usb/misc/sisusbvga/sisusb.c driver.
- affected < 3.0.101-108.108.1fixed 3.0.101-108.108.1
An issue was discovered in the Linux kernel before 5.2.3. There is a NULL pointer dereference caused by a malicious USB device in the drivers/media/usb/zr364xx/zr364xx.c driver.
- affected < 3.0.101-108.108.1fixed 3.0.101-108.108.1
An issue was discovered in the Linux kernel before 5.0.14. There is a NULL pointer dereference caused by a malicious USB device in the drivers/usb/misc/yurex.c driver.
- affected < 3.0.101-108.111.1fixed 3.0.101-108.111.1
An issue was discovered in the Linux kernel before 5.2.3. There is a use-after-free caused by a malicious USB device in the drivers/media/usb/dvb-usb/dvb-usb-init.c driver.
- affected < 3.0.101-108.108.1fixed 3.0.101-108.108.1
An issue was discovered in the Linux kernel before 5.1.8. There is a double-free caused by a malicious USB device in the drivers/usb/misc/rio500.c driver.
- affected < 3.0.101-108.108.1fixed 3.0.101-108.108.1
An issue was discovered in fs/xfs/xfs_super.c in the Linux kernel before 4.18. A use after free exists, related to xfs_fs_fill_super failure.
- affected < 3.0.101-108.108.1fixed 3.0.101-108.108.1
An issue was discovered in drivers/i2c/i2c-core-smbus.c in the Linux kernel before 4.14.15. There is an out of bounds write in the function i2c_smbus_xfer_emulated.
- affected < 3.0.101-108.108.1fixed 3.0.101-108.108.1
check_input_term in sound/usb/mixer.c in the Linux kernel through 5.2.9 mishandles recursion, leading to kernel stack exhaustion.
Page 7 of 9