rpm package
suse/kernel-default&distro=SUSE Linux Enterprise High Availability Extension 15
pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20High%20Availability%20Extension%2015
Vulnerabilities (611)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2019-15031 | — | < 4.12.14-150.35.1 | 4.12.14-150.35.1 | Sep 13, 2019 | In the Linux kernel through 5.2.14 on the powerpc platform, a local user can read vector registers of other users' processes via an interrupt. To exploit the venerability, a local user starts a transaction (via the hardware transactional memory instruction tbegin) and then access | ||
| CVE-2019-15030 | — | < 4.12.14-150.35.1 | 4.12.14-150.35.1 | Sep 13, 2019 | In the Linux kernel through 5.2.14 on the powerpc platform, a local user can read vector registers of other users' processes via a Facility Unavailable exception. To exploit the venerability, a local user starts a transaction (via the hardware transactional memory instruction tbe | ||
| CVE-2019-16231 | — | < 4.12.14-150.47.1 | 4.12.14-150.47.1 | Sep 11, 2019 | drivers/net/fjes/fjes_main.c in the Linux kernel 5.2.14 does not check the alloc_workqueue return value, leading to a NULL pointer dereference. | ||
| CVE-2019-16232 | — | < 4.12.14-150.41.1 | 4.12.14-150.41.1 | Sep 11, 2019 | drivers/net/wireless/marvell/libertas/if_sdio.c in the Linux kernel 5.2.14 does not check the alloc_workqueue return value, leading to a NULL pointer dereference. | ||
| CVE-2019-16233 | — | < 4.12.14-150.41.1 | 4.12.14-150.41.1 | Sep 11, 2019 | drivers/scsi/qla2xxx/qla_os.c in the Linux kernel 5.2.14 does not check the alloc_workqueue return value, leading to a NULL pointer dereference. | ||
| CVE-2019-16234 | — | < 4.12.14-150.41.1 | 4.12.14-150.41.1 | Sep 11, 2019 | drivers/net/wireless/intel/iwlwifi/pcie/trans.c in the Linux kernel 5.2.14 does not check the alloc_workqueue return value, leading to a NULL pointer dereference. | ||
| CVE-2019-9455 | — | < 4.12.14-150.52.1 | 4.12.14-150.52.1 | Sep 6, 2019 | In the Android kernel in the video driver there is a kernel pointer leak due to a WARN_ON statement. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. | ||
| CVE-2019-9458 | — | < 4.12.14-150.52.1 | 4.12.14-150.52.1 | Sep 6, 2019 | In the Android kernel in the video driver there is a use after free due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. | ||
| CVE-2019-9456 | — | < 4.12.14-150.35.1 | 4.12.14-150.35.1 | Sep 6, 2019 | In the Android kernel in Pixel C USB monitor driver there is a possible OOB write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. | ||
| CVE-2017-18595 | — | < 4.12.14-150.38.1 | 4.12.14-150.38.1 | Sep 4, 2019 | An issue was discovered in the Linux kernel before 4.14.11. A double free may be caused by the function allocate_trace_buffer in the file kernel/trace/trace.c. | ||
| CVE-2019-15926 | — | < 4.12.14-150.35.1 | 4.12.14-150.35.1 | Sep 4, 2019 | An issue was discovered in the Linux kernel before 5.2.3. Out of bounds access exists in the functions ath6kl_wmi_pstream_timeout_event_rx and ath6kl_wmi_cac_event_rx in the file drivers/net/wireless/ath/ath6kl/wmi.c. | ||
| CVE-2018-21008 | — | < 4.12.14-150.35.1 | 4.12.14-150.35.1 | Sep 4, 2019 | An issue was discovered in the Linux kernel before 4.16.7. A use-after-free can be caused by the function rsi_mac80211_detach in the file drivers/net/wireless/rsi/rsi_91x_mac80211.c. | ||
| CVE-2019-15927 | — | < 4.12.14-150.35.1 | 4.12.14-150.35.1 | Sep 4, 2019 | An issue was discovered in the Linux kernel before 4.20.2. An out-of-bounds access exists in the function build_audio_procunit in the file sound/usb/mixer.c. | ||
| CVE-2019-15917 | — | < 4.12.14-150.35.1 | 4.12.14-150.35.1 | Sep 4, 2019 | An issue was discovered in the Linux kernel before 5.0.5. There is a use-after-free issue when hci_uart_register_dev() fails in hci_uart_set_proto() in drivers/bluetooth/hci_ldisc.c. | ||
| CVE-2019-15919 | — | < 4.12.14-150.35.1 | 4.12.14-150.35.1 | Sep 4, 2019 | An issue was discovered in the Linux kernel before 5.0.10. SMB2_write in fs/cifs/smb2pdu.c has a use-after-free. | ||
| CVE-2019-15920 | — | < 4.12.14-150.35.1 | 4.12.14-150.35.1 | Sep 4, 2019 | An issue was discovered in the Linux kernel before 5.0.10. SMB2_read in fs/cifs/smb2pdu.c has a use-after-free. NOTE: this was not fixed correctly in 5.0.10; see the 5.0.11 ChangeLog, which documents a memory leak. | ||
| CVE-2019-15921 | — | < 4.12.14-150.35.1 | 4.12.14-150.35.1 | Sep 4, 2019 | An issue was discovered in the Linux kernel before 5.0.6. There is a memory leak issue when idr_alloc() fails in genl_register_family() in net/netlink/genetlink.c. | ||
| CVE-2019-15924 | — | < 4.12.14-150.35.1 | 4.12.14-150.35.1 | Sep 4, 2019 | An issue was discovered in the Linux kernel before 5.0.11. fm10k_init_module in drivers/net/ethernet/intel/fm10k/fm10k_main.c has a NULL pointer dereference because there is no -ENOMEM upon an alloc_workqueue failure. | ||
| CVE-2019-15916 | — | < 4.12.14-150.47.1 | 4.12.14-150.47.1 | Sep 4, 2019 | An issue was discovered in the Linux kernel before 5.0.1. There is a memory leak in register_queue_kobjects() in net/core/net-sysfs.c, which will cause denial of service. | ||
| CVE-2019-15902 | — | < 4.12.14-150.35.1 | 4.12.14-150.35.1 | Sep 4, 2019 | A backporting error was discovered in the Linux stable/longterm kernel 4.4.x through 4.4.190, 4.9.x through 4.9.190, 4.14.x through 4.14.141, 4.19.x through 4.19.69, and 5.2.x through 5.2.11. Misuse of the upstream "x86/ptrace: Fix possible spectre-v1 in ptrace_get_debugreg()" co |
- CVE-2019-15031Sep 13, 2019affected < 4.12.14-150.35.1fixed 4.12.14-150.35.1
In the Linux kernel through 5.2.14 on the powerpc platform, a local user can read vector registers of other users' processes via an interrupt. To exploit the venerability, a local user starts a transaction (via the hardware transactional memory instruction tbegin) and then access
- CVE-2019-15030Sep 13, 2019affected < 4.12.14-150.35.1fixed 4.12.14-150.35.1
In the Linux kernel through 5.2.14 on the powerpc platform, a local user can read vector registers of other users' processes via a Facility Unavailable exception. To exploit the venerability, a local user starts a transaction (via the hardware transactional memory instruction tbe
- CVE-2019-16231Sep 11, 2019affected < 4.12.14-150.47.1fixed 4.12.14-150.47.1
drivers/net/fjes/fjes_main.c in the Linux kernel 5.2.14 does not check the alloc_workqueue return value, leading to a NULL pointer dereference.
- CVE-2019-16232Sep 11, 2019affected < 4.12.14-150.41.1fixed 4.12.14-150.41.1
drivers/net/wireless/marvell/libertas/if_sdio.c in the Linux kernel 5.2.14 does not check the alloc_workqueue return value, leading to a NULL pointer dereference.
- CVE-2019-16233Sep 11, 2019affected < 4.12.14-150.41.1fixed 4.12.14-150.41.1
drivers/scsi/qla2xxx/qla_os.c in the Linux kernel 5.2.14 does not check the alloc_workqueue return value, leading to a NULL pointer dereference.
- CVE-2019-16234Sep 11, 2019affected < 4.12.14-150.41.1fixed 4.12.14-150.41.1
drivers/net/wireless/intel/iwlwifi/pcie/trans.c in the Linux kernel 5.2.14 does not check the alloc_workqueue return value, leading to a NULL pointer dereference.
- CVE-2019-9455Sep 6, 2019affected < 4.12.14-150.52.1fixed 4.12.14-150.52.1
In the Android kernel in the video driver there is a kernel pointer leak due to a WARN_ON statement. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.
- CVE-2019-9458Sep 6, 2019affected < 4.12.14-150.52.1fixed 4.12.14-150.52.1
In the Android kernel in the video driver there is a use after free due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
- CVE-2019-9456Sep 6, 2019affected < 4.12.14-150.35.1fixed 4.12.14-150.35.1
In the Android kernel in Pixel C USB monitor driver there is a possible OOB write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.
- CVE-2017-18595Sep 4, 2019affected < 4.12.14-150.38.1fixed 4.12.14-150.38.1
An issue was discovered in the Linux kernel before 4.14.11. A double free may be caused by the function allocate_trace_buffer in the file kernel/trace/trace.c.
- CVE-2019-15926Sep 4, 2019affected < 4.12.14-150.35.1fixed 4.12.14-150.35.1
An issue was discovered in the Linux kernel before 5.2.3. Out of bounds access exists in the functions ath6kl_wmi_pstream_timeout_event_rx and ath6kl_wmi_cac_event_rx in the file drivers/net/wireless/ath/ath6kl/wmi.c.
- CVE-2018-21008Sep 4, 2019affected < 4.12.14-150.35.1fixed 4.12.14-150.35.1
An issue was discovered in the Linux kernel before 4.16.7. A use-after-free can be caused by the function rsi_mac80211_detach in the file drivers/net/wireless/rsi/rsi_91x_mac80211.c.
- CVE-2019-15927Sep 4, 2019affected < 4.12.14-150.35.1fixed 4.12.14-150.35.1
An issue was discovered in the Linux kernel before 4.20.2. An out-of-bounds access exists in the function build_audio_procunit in the file sound/usb/mixer.c.
- CVE-2019-15917Sep 4, 2019affected < 4.12.14-150.35.1fixed 4.12.14-150.35.1
An issue was discovered in the Linux kernel before 5.0.5. There is a use-after-free issue when hci_uart_register_dev() fails in hci_uart_set_proto() in drivers/bluetooth/hci_ldisc.c.
- CVE-2019-15919Sep 4, 2019affected < 4.12.14-150.35.1fixed 4.12.14-150.35.1
An issue was discovered in the Linux kernel before 5.0.10. SMB2_write in fs/cifs/smb2pdu.c has a use-after-free.
- CVE-2019-15920Sep 4, 2019affected < 4.12.14-150.35.1fixed 4.12.14-150.35.1
An issue was discovered in the Linux kernel before 5.0.10. SMB2_read in fs/cifs/smb2pdu.c has a use-after-free. NOTE: this was not fixed correctly in 5.0.10; see the 5.0.11 ChangeLog, which documents a memory leak.
- CVE-2019-15921Sep 4, 2019affected < 4.12.14-150.35.1fixed 4.12.14-150.35.1
An issue was discovered in the Linux kernel before 5.0.6. There is a memory leak issue when idr_alloc() fails in genl_register_family() in net/netlink/genetlink.c.
- CVE-2019-15924Sep 4, 2019affected < 4.12.14-150.35.1fixed 4.12.14-150.35.1
An issue was discovered in the Linux kernel before 5.0.11. fm10k_init_module in drivers/net/ethernet/intel/fm10k/fm10k_main.c has a NULL pointer dereference because there is no -ENOMEM upon an alloc_workqueue failure.
- CVE-2019-15916Sep 4, 2019affected < 4.12.14-150.47.1fixed 4.12.14-150.47.1
An issue was discovered in the Linux kernel before 5.0.1. There is a memory leak in register_queue_kobjects() in net/core/net-sysfs.c, which will cause denial of service.
- CVE-2019-15902Sep 4, 2019affected < 4.12.14-150.35.1fixed 4.12.14-150.35.1
A backporting error was discovered in the Linux stable/longterm kernel 4.4.x through 4.4.190, 4.9.x through 4.9.190, 4.14.x through 4.14.141, 4.19.x through 4.19.69, and 5.2.x through 5.2.11. Misuse of the upstream "x86/ptrace: Fix possible spectre-v1 in ptrace_get_debugreg()" co
Page 23 of 31