rpm package
suse/kernel-default&distro=SUSE Linux Enterprise High Availability Extension 15
pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20High%20Availability%20Extension%2015
Vulnerabilities (611)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2019-15031 | Med | 4.4 | < 4.12.14-150.35.1 | 4.12.14-150.35.1 | Sep 13, 2019 | In the Linux kernel through 5.2.14 on the powerpc platform, a local user can read vector registers of other users' processes via an interrupt. To exploit the venerability, a local user starts a transaction (via the hardware transactional memory instruction tbegin) and then access | |
| CVE-2019-15030 | Med | 4.4 | < 4.12.14-150.35.1 | 4.12.14-150.35.1 | Sep 13, 2019 | In the Linux kernel through 5.2.14 on the powerpc platform, a local user can read vector registers of other users' processes via a Facility Unavailable exception. To exploit the venerability, a local user starts a transaction (via the hardware transactional memory instruction tbe | |
| CVE-2019-16234 | Med | 4.7 | < 4.12.14-150.41.1 | 4.12.14-150.41.1 | Sep 11, 2019 | drivers/net/wireless/intel/iwlwifi/pcie/trans.c in the Linux kernel 5.2.14 does not check the alloc_workqueue return value, leading to a NULL pointer dereference. | |
| CVE-2019-16233 | Med | 4.1 | < 4.12.14-150.41.1 | 4.12.14-150.41.1 | Sep 11, 2019 | drivers/scsi/qla2xxx/qla_os.c in the Linux kernel 5.2.14 does not check the alloc_workqueue return value, leading to a NULL pointer dereference. | |
| CVE-2019-16232 | Med | 4.1 | < 4.12.14-150.41.1 | 4.12.14-150.41.1 | Sep 11, 2019 | drivers/net/wireless/marvell/libertas/if_sdio.c in the Linux kernel 5.2.14 does not check the alloc_workqueue return value, leading to a NULL pointer dereference. | |
| CVE-2019-16231 | Med | 4.1 | < 4.12.14-150.47.1 | 4.12.14-150.47.1 | Sep 11, 2019 | drivers/net/fjes/fjes_main.c in the Linux kernel 5.2.14 does not check the alloc_workqueue return value, leading to a NULL pointer dereference. | |
| CVE-2019-9458 | Hig | 7.0 | < 4.12.14-150.52.1 | 4.12.14-150.52.1 | Sep 6, 2019 | In the Android kernel in the video driver there is a use after free due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. | |
| CVE-2019-9456 | Med | 6.7 | < 4.12.14-150.35.1 | 4.12.14-150.35.1 | Sep 6, 2019 | In the Android kernel in Pixel C USB monitor driver there is a possible OOB write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. | |
| CVE-2019-9455 | Low | 2.3 | < 4.12.14-150.52.1 | 4.12.14-150.52.1 | Sep 6, 2019 | In the Android kernel in the video driver there is a kernel pointer leak due to a WARN_ON statement. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. | |
| CVE-2019-15927 | Hig | 7.8 | < 4.12.14-150.35.1 | 4.12.14-150.35.1 | Sep 4, 2019 | An issue was discovered in the Linux kernel before 4.20.2. An out-of-bounds access exists in the function build_audio_procunit in the file sound/usb/mixer.c. | |
| CVE-2019-15926 | Cri | 9.1 | < 4.12.14-150.35.1 | 4.12.14-150.35.1 | Sep 4, 2019 | An issue was discovered in the Linux kernel before 5.2.3. Out of bounds access exists in the functions ath6kl_wmi_pstream_timeout_event_rx and ath6kl_wmi_cac_event_rx in the file drivers/net/wireless/ath/ath6kl/wmi.c. | |
| CVE-2018-21008 | Med | 5.5 | < 4.12.14-150.35.1 | 4.12.14-150.35.1 | Sep 4, 2019 | An issue was discovered in the Linux kernel before 4.16.7. A use-after-free can be caused by the function rsi_mac80211_detach in the file drivers/net/wireless/rsi/rsi_91x_mac80211.c. | |
| CVE-2017-18595 | Hig | 7.8 | < 4.12.14-150.38.1 | 4.12.14-150.38.1 | Sep 4, 2019 | An issue was discovered in the Linux kernel before 4.14.11. A double free may be caused by the function allocate_trace_buffer in the file kernel/trace/trace.c. | |
| CVE-2019-15924 | Med | 5.5 | < 4.12.14-150.35.1 | 4.12.14-150.35.1 | Sep 4, 2019 | An issue was discovered in the Linux kernel before 5.0.11. fm10k_init_module in drivers/net/ethernet/intel/fm10k/fm10k_main.c has a NULL pointer dereference because there is no -ENOMEM upon an alloc_workqueue failure. | |
| CVE-2019-15921 | Med | 4.7 | < 4.12.14-150.35.1 | 4.12.14-150.35.1 | Sep 4, 2019 | An issue was discovered in the Linux kernel before 5.0.6. There is a memory leak issue when idr_alloc() fails in genl_register_family() in net/netlink/genetlink.c. | |
| CVE-2019-15920 | Med | 4.3 | < 4.12.14-150.35.1 | 4.12.14-150.35.1 | Sep 4, 2019 | An issue was discovered in the Linux kernel before 5.0.10. SMB2_read in fs/cifs/smb2pdu.c has a use-after-free. NOTE: this was not fixed correctly in 5.0.10; see the 5.0.11 ChangeLog, which documents a memory leak. | |
| CVE-2019-15919 | Low | 3.3 | < 4.12.14-150.35.1 | 4.12.14-150.35.1 | Sep 4, 2019 | An issue was discovered in the Linux kernel before 5.0.10. SMB2_write in fs/cifs/smb2pdu.c has a use-after-free. | |
| CVE-2019-15917 | Hig | 7.0 | < 4.12.14-150.35.1 | 4.12.14-150.35.1 | Sep 4, 2019 | An issue was discovered in the Linux kernel before 5.0.5. There is a use-after-free issue when hci_uart_register_dev() fails in hci_uart_set_proto() in drivers/bluetooth/hci_ldisc.c. | |
| CVE-2019-15916 | Hig | 7.5 | < 4.12.14-150.47.1 | 4.12.14-150.47.1 | Sep 4, 2019 | An issue was discovered in the Linux kernel before 5.0.1. There is a memory leak in register_queue_kobjects() in net/core/net-sysfs.c, which will cause denial of service. | |
| CVE-2019-15902 | Med | 5.6 | < 4.12.14-150.35.1 | 4.12.14-150.35.1 | Sep 4, 2019 | A backporting error was discovered in the Linux stable/longterm kernel 4.4.x through 4.4.190, 4.9.x through 4.9.190, 4.14.x through 4.14.141, 4.19.x through 4.19.69, and 5.2.x through 5.2.11. Misuse of the upstream "x86/ptrace: Fix possible spectre-v1 in ptrace_get_debugreg()" co |
- affected < 4.12.14-150.35.1fixed 4.12.14-150.35.1
In the Linux kernel through 5.2.14 on the powerpc platform, a local user can read vector registers of other users' processes via an interrupt. To exploit the venerability, a local user starts a transaction (via the hardware transactional memory instruction tbegin) and then access
- affected < 4.12.14-150.35.1fixed 4.12.14-150.35.1
In the Linux kernel through 5.2.14 on the powerpc platform, a local user can read vector registers of other users' processes via a Facility Unavailable exception. To exploit the venerability, a local user starts a transaction (via the hardware transactional memory instruction tbe
- affected < 4.12.14-150.41.1fixed 4.12.14-150.41.1
drivers/net/wireless/intel/iwlwifi/pcie/trans.c in the Linux kernel 5.2.14 does not check the alloc_workqueue return value, leading to a NULL pointer dereference.
- affected < 4.12.14-150.41.1fixed 4.12.14-150.41.1
drivers/scsi/qla2xxx/qla_os.c in the Linux kernel 5.2.14 does not check the alloc_workqueue return value, leading to a NULL pointer dereference.
- affected < 4.12.14-150.41.1fixed 4.12.14-150.41.1
drivers/net/wireless/marvell/libertas/if_sdio.c in the Linux kernel 5.2.14 does not check the alloc_workqueue return value, leading to a NULL pointer dereference.
- affected < 4.12.14-150.47.1fixed 4.12.14-150.47.1
drivers/net/fjes/fjes_main.c in the Linux kernel 5.2.14 does not check the alloc_workqueue return value, leading to a NULL pointer dereference.
- affected < 4.12.14-150.52.1fixed 4.12.14-150.52.1
In the Android kernel in the video driver there is a use after free due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
- affected < 4.12.14-150.35.1fixed 4.12.14-150.35.1
In the Android kernel in Pixel C USB monitor driver there is a possible OOB write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.
- affected < 4.12.14-150.52.1fixed 4.12.14-150.52.1
In the Android kernel in the video driver there is a kernel pointer leak due to a WARN_ON statement. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.
- affected < 4.12.14-150.35.1fixed 4.12.14-150.35.1
An issue was discovered in the Linux kernel before 4.20.2. An out-of-bounds access exists in the function build_audio_procunit in the file sound/usb/mixer.c.
- affected < 4.12.14-150.35.1fixed 4.12.14-150.35.1
An issue was discovered in the Linux kernel before 5.2.3. Out of bounds access exists in the functions ath6kl_wmi_pstream_timeout_event_rx and ath6kl_wmi_cac_event_rx in the file drivers/net/wireless/ath/ath6kl/wmi.c.
- affected < 4.12.14-150.35.1fixed 4.12.14-150.35.1
An issue was discovered in the Linux kernel before 4.16.7. A use-after-free can be caused by the function rsi_mac80211_detach in the file drivers/net/wireless/rsi/rsi_91x_mac80211.c.
- affected < 4.12.14-150.38.1fixed 4.12.14-150.38.1
An issue was discovered in the Linux kernel before 4.14.11. A double free may be caused by the function allocate_trace_buffer in the file kernel/trace/trace.c.
- affected < 4.12.14-150.35.1fixed 4.12.14-150.35.1
An issue was discovered in the Linux kernel before 5.0.11. fm10k_init_module in drivers/net/ethernet/intel/fm10k/fm10k_main.c has a NULL pointer dereference because there is no -ENOMEM upon an alloc_workqueue failure.
- affected < 4.12.14-150.35.1fixed 4.12.14-150.35.1
An issue was discovered in the Linux kernel before 5.0.6. There is a memory leak issue when idr_alloc() fails in genl_register_family() in net/netlink/genetlink.c.
- affected < 4.12.14-150.35.1fixed 4.12.14-150.35.1
An issue was discovered in the Linux kernel before 5.0.10. SMB2_read in fs/cifs/smb2pdu.c has a use-after-free. NOTE: this was not fixed correctly in 5.0.10; see the 5.0.11 ChangeLog, which documents a memory leak.
- affected < 4.12.14-150.35.1fixed 4.12.14-150.35.1
An issue was discovered in the Linux kernel before 5.0.10. SMB2_write in fs/cifs/smb2pdu.c has a use-after-free.
- affected < 4.12.14-150.35.1fixed 4.12.14-150.35.1
An issue was discovered in the Linux kernel before 5.0.5. There is a use-after-free issue when hci_uart_register_dev() fails in hci_uart_set_proto() in drivers/bluetooth/hci_ldisc.c.
- affected < 4.12.14-150.47.1fixed 4.12.14-150.47.1
An issue was discovered in the Linux kernel before 5.0.1. There is a memory leak in register_queue_kobjects() in net/core/net-sysfs.c, which will cause denial of service.
- affected < 4.12.14-150.35.1fixed 4.12.14-150.35.1
A backporting error was discovered in the Linux stable/longterm kernel 4.4.x through 4.4.190, 4.9.x through 4.9.190, 4.14.x through 4.14.141, 4.19.x through 4.19.69, and 5.2.x through 5.2.11. Misuse of the upstream "x86/ptrace: Fix possible spectre-v1 in ptrace_get_debugreg()" co
Page 23 of 31