rpm package
suse/kernel-default&distro=SUSE Linux Enterprise Live Patching 12 SP5
pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2012%20SP5
Vulnerabilities (3,221)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2019-15030 | — | < 4.12.14-122.7.1 | 4.12.14-122.7.1 | Sep 13, 2019 | In the Linux kernel through 5.2.14 on the powerpc platform, a local user can read vector registers of other users' processes via a Facility Unavailable exception. To exploit the venerability, a local user starts a transaction (via the hardware transactional memory instruction tbe | ||
| CVE-2019-16231 | — | < 4.12.14-122.7.1 | 4.12.14-122.7.1 | Sep 11, 2019 | drivers/net/fjes/fjes_main.c in the Linux kernel 5.2.14 does not check the alloc_workqueue return value, leading to a NULL pointer dereference. | ||
| CVE-2019-16233 | — | < 4.12.14-122.7.1 | 4.12.14-122.7.1 | Sep 11, 2019 | drivers/scsi/qla2xxx/qla_os.c in the Linux kernel 5.2.14 does not check the alloc_workqueue return value, leading to a NULL pointer dereference. | ||
| CVE-2019-9455 | — | < 4.12.14-122.23.1 | 4.12.14-122.23.1 | Sep 6, 2019 | In the Android kernel in the video driver there is a kernel pointer leak due to a WARN_ON statement. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. | ||
| CVE-2019-9458 | — | < 4.12.14-122.20.1 | 4.12.14-122.20.1 | Sep 6, 2019 | In the Android kernel in the video driver there is a use after free due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. | ||
| CVE-2019-9456 | — | < 4.12.14-122.7.1 | 4.12.14-122.7.1 | Sep 6, 2019 | In the Android kernel in Pixel C USB monitor driver there is a possible OOB write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. | ||
| CVE-2017-18595 | — | < 4.12.14-122.7.1 | 4.12.14-122.7.1 | Sep 4, 2019 | An issue was discovered in the Linux kernel before 4.14.11. A double free may be caused by the function allocate_trace_buffer in the file kernel/trace/trace.c. | ||
| CVE-2019-15916 | — | < 4.12.14-122.7.1 | 4.12.14-122.7.1 | Sep 4, 2019 | An issue was discovered in the Linux kernel before 5.0.1. There is a memory leak in register_queue_kobjects() in net/core/net-sysfs.c, which will cause denial of service. | ||
| CVE-2019-15213 | — | < 4.12.14-122.12.1 | 4.12.14-122.12.1 | Aug 19, 2019 | An issue was discovered in the Linux kernel before 5.2.3. There is a use-after-free caused by a malicious USB device in the drivers/media/usb/dvb-usb/dvb-usb-init.c driver. | ||
| CVE-2019-9506 | — | < 4.12.14-122.7.1 | 4.12.14-122.7.1 | Aug 14, 2019 | The Bluetooth BR/EDR specification up to and including version 5.1 permits sufficiently low encryption key length and does not prevent an attacker from influencing the key length negotiation. This allows practical brute-force attacks (aka "KNOB") that can decrypt traffic and inje | ||
| CVE-2018-20836 | — | < 4.12.14-122.20.1 | 4.12.14-122.20.1 | May 7, 2019 | An issue was discovered in the Linux kernel before 4.20. There is a race condition in smp_task_timedout() and smp_task_done() in drivers/scsi/libsas/sas_expander.c, leading to a use-after-free. | ||
| CVE-2019-3900 | — | < 4.12.14-122.88.1 | 4.12.14-122.88.1 | Apr 25, 2019 | An infinite loop issue was found in the vhost_net kernel module in Linux Kernel up to and including v5.1-rc6, while handling incoming packets in handle_rx(). It could occur if one end sends packets faster than the other end can process them. A guest user, maybe remote one, could | ||
| CVE-2019-3874 | — | < 4.12.14-122.88.1 | 4.12.14-122.88.1 | Mar 25, 2019 | The SCTP socket buffer used by a userspace application is not accounted by the cgroups subsystem. An attacker can use this flaw to cause a denial of service attack. Kernel 3.10.x and 4.18.x branches are believed to be vulnerable. | ||
| CVE-2018-20669 | — | < 4.12.14-122.57.1 | 4.12.14-122.57.1 | Mar 18, 2019 | An issue where a provided address with access_ok() is not checked was discovered in i915_gem_execbuffer2_ioctl in drivers/gpu/drm/i915/i915_gem_execbuffer.c in the Linux kernel through 4.19.13. A local attacker can craft a malicious IOCTL function call to overwrite arbitrary kern | ||
| CVE-2019-3701 | — | < 4.12.14-122.20.1 | 4.12.14-122.20.1 | Jan 3, 2019 | An issue was discovered in can_can_gw_rcv in net/can/gw.c in the Linux kernel through 4.19.13. The CAN frame modification rules allow bitwise logical operations that can be also applied to the can_dlc field. The privileged user "root" with CAP_NET_ADMIN can create a CAN frame mod | ||
| CVE-2018-9517 | — | < 4.12.14-122.88.1 | 4.12.14-122.88.1 | Dec 7, 2018 | In pppol2tp_connect, there is possible memory corruption due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: Android kernel. Android ID: A-3 | ||
| CVE-2018-13405 | — | < 4.12.14-122.98.1 | 4.12.14-122.98.1 | Jul 6, 2018 | The inode_init_owner function in fs/inode.c in the Linux kernel through 3.16 allows local users to create files with an unintended group ownership, in a scenario where a directory is SGID to a certain group and is writable by a user who is not a member of that group. Here, the no | ||
| CVE-2018-1000199 | — | < 4.12.14-122.23.1 | 4.12.14-122.23.1 | May 24, 2018 | The Linux Kernel version 3.18 contains a dangerous feature vulnerability in modify_user_hw_breakpoint() that can result in crash and possibly memory corruption. This attack appear to be exploitable via local code execution and the ability to use ptrace. This vulnerability appears | ||
| CVE-2018-7755 | — | < 4.12.14-122.121.2 | 4.12.14-122.121.2 | Mar 8, 2018 | An issue was discovered in the fd_locked_ioctl function in drivers/block/floppy.c in the Linux kernel through 4.15.7. The floppy driver will copy a kernel pointer to user memory in response to the FDGETPRM ioctl. An attacker can send the FDGETPRM ioctl and use the obtained kernel | ||
| CVE-2017-5754 | — | < 4.12.14-122.150.1 | 4.12.14-122.150.1 | Jan 4, 2018 | Systems with microprocessors utilizing speculative execution and indirect branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis of the data cache. |
- CVE-2019-15030Sep 13, 2019affected < 4.12.14-122.7.1fixed 4.12.14-122.7.1
In the Linux kernel through 5.2.14 on the powerpc platform, a local user can read vector registers of other users' processes via a Facility Unavailable exception. To exploit the venerability, a local user starts a transaction (via the hardware transactional memory instruction tbe
- CVE-2019-16231Sep 11, 2019affected < 4.12.14-122.7.1fixed 4.12.14-122.7.1
drivers/net/fjes/fjes_main.c in the Linux kernel 5.2.14 does not check the alloc_workqueue return value, leading to a NULL pointer dereference.
- CVE-2019-16233Sep 11, 2019affected < 4.12.14-122.7.1fixed 4.12.14-122.7.1
drivers/scsi/qla2xxx/qla_os.c in the Linux kernel 5.2.14 does not check the alloc_workqueue return value, leading to a NULL pointer dereference.
- CVE-2019-9455Sep 6, 2019affected < 4.12.14-122.23.1fixed 4.12.14-122.23.1
In the Android kernel in the video driver there is a kernel pointer leak due to a WARN_ON statement. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.
- CVE-2019-9458Sep 6, 2019affected < 4.12.14-122.20.1fixed 4.12.14-122.20.1
In the Android kernel in the video driver there is a use after free due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
- CVE-2019-9456Sep 6, 2019affected < 4.12.14-122.7.1fixed 4.12.14-122.7.1
In the Android kernel in Pixel C USB monitor driver there is a possible OOB write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.
- CVE-2017-18595Sep 4, 2019affected < 4.12.14-122.7.1fixed 4.12.14-122.7.1
An issue was discovered in the Linux kernel before 4.14.11. A double free may be caused by the function allocate_trace_buffer in the file kernel/trace/trace.c.
- CVE-2019-15916Sep 4, 2019affected < 4.12.14-122.7.1fixed 4.12.14-122.7.1
An issue was discovered in the Linux kernel before 5.0.1. There is a memory leak in register_queue_kobjects() in net/core/net-sysfs.c, which will cause denial of service.
- CVE-2019-15213Aug 19, 2019affected < 4.12.14-122.12.1fixed 4.12.14-122.12.1
An issue was discovered in the Linux kernel before 5.2.3. There is a use-after-free caused by a malicious USB device in the drivers/media/usb/dvb-usb/dvb-usb-init.c driver.
- CVE-2019-9506Aug 14, 2019affected < 4.12.14-122.7.1fixed 4.12.14-122.7.1
The Bluetooth BR/EDR specification up to and including version 5.1 permits sufficiently low encryption key length and does not prevent an attacker from influencing the key length negotiation. This allows practical brute-force attacks (aka "KNOB") that can decrypt traffic and inje
- CVE-2018-20836May 7, 2019affected < 4.12.14-122.20.1fixed 4.12.14-122.20.1
An issue was discovered in the Linux kernel before 4.20. There is a race condition in smp_task_timedout() and smp_task_done() in drivers/scsi/libsas/sas_expander.c, leading to a use-after-free.
- CVE-2019-3900Apr 25, 2019affected < 4.12.14-122.88.1fixed 4.12.14-122.88.1
An infinite loop issue was found in the vhost_net kernel module in Linux Kernel up to and including v5.1-rc6, while handling incoming packets in handle_rx(). It could occur if one end sends packets faster than the other end can process them. A guest user, maybe remote one, could
- CVE-2019-3874Mar 25, 2019affected < 4.12.14-122.88.1fixed 4.12.14-122.88.1
The SCTP socket buffer used by a userspace application is not accounted by the cgroups subsystem. An attacker can use this flaw to cause a denial of service attack. Kernel 3.10.x and 4.18.x branches are believed to be vulnerable.
- CVE-2018-20669Mar 18, 2019affected < 4.12.14-122.57.1fixed 4.12.14-122.57.1
An issue where a provided address with access_ok() is not checked was discovered in i915_gem_execbuffer2_ioctl in drivers/gpu/drm/i915/i915_gem_execbuffer.c in the Linux kernel through 4.19.13. A local attacker can craft a malicious IOCTL function call to overwrite arbitrary kern
- CVE-2019-3701Jan 3, 2019affected < 4.12.14-122.20.1fixed 4.12.14-122.20.1
An issue was discovered in can_can_gw_rcv in net/can/gw.c in the Linux kernel through 4.19.13. The CAN frame modification rules allow bitwise logical operations that can be also applied to the can_dlc field. The privileged user "root" with CAP_NET_ADMIN can create a CAN frame mod
- CVE-2018-9517Dec 7, 2018affected < 4.12.14-122.88.1fixed 4.12.14-122.88.1
In pppol2tp_connect, there is possible memory corruption due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: Android kernel. Android ID: A-3
- CVE-2018-13405Jul 6, 2018affected < 4.12.14-122.98.1fixed 4.12.14-122.98.1
The inode_init_owner function in fs/inode.c in the Linux kernel through 3.16 allows local users to create files with an unintended group ownership, in a scenario where a directory is SGID to a certain group and is writable by a user who is not a member of that group. Here, the no
- CVE-2018-1000199May 24, 2018affected < 4.12.14-122.23.1fixed 4.12.14-122.23.1
The Linux Kernel version 3.18 contains a dangerous feature vulnerability in modify_user_hw_breakpoint() that can result in crash and possibly memory corruption. This attack appear to be exploitable via local code execution and the ability to use ptrace. This vulnerability appears
- CVE-2018-7755Mar 8, 2018affected < 4.12.14-122.121.2fixed 4.12.14-122.121.2
An issue was discovered in the fd_locked_ioctl function in drivers/block/floppy.c in the Linux kernel through 4.15.7. The floppy driver will copy a kernel pointer to user memory in response to the FDGETPRM ioctl. An attacker can send the FDGETPRM ioctl and use the obtained kernel
- CVE-2017-5754Jan 4, 2018affected < 4.12.14-122.150.1fixed 4.12.14-122.150.1
Systems with microprocessors utilizing speculative execution and indirect branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis of the data cache.
Page 161 of 162