rpm package
suse/kernel-default&distro=SUSE Linux Enterprise Server 11 SP4-LTSS
pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP4-LTSS
Vulnerabilities (177)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2017-18509 | — | < 3.0.101-108.108.1 | 3.0.101-108.108.1 | Aug 13, 2019 | An issue was discovered in net/ipv6/ip6mr.c in the Linux kernel before 4.11. By setting a specific socket option, an attacker can control a pointer in kernel land and cause an inet_csk_listen_stop general protection fault, or potentially execute arbitrary code under certain circu | ||
| CVE-2015-9289 | — | < 3.0.101-108.101.1 | 3.0.101-108.101.1 | Jul 27, 2019 | In the Linux kernel before 4.1.4, a buffer overflow occurs when checking userspace params in drivers/media/dvb-frontends/cx24116.c. The maximum size for a DiSEqC command is 6, according to the userspace API. However, the code allows larger values such as 23. | ||
| CVE-2019-14284 | — | < 3.0.101-108.101.1 | 3.0.101-108.101.1 | Jul 26, 2019 | In the Linux kernel before 5.2.3, drivers/block/floppy.c allows a denial of service by setup_format_params division-by-zero. Two consecutive ioctls can trigger the bug: the first one should set the drive geometry with .sect and .rate values that make F_SECT_PER_TRACK be zero. Nex | ||
| CVE-2019-14283 | — | < 3.0.101-108.101.1 | 3.0.101-108.101.1 | Jul 26, 2019 | In the Linux kernel before 5.2.3, set_geometry in drivers/block/floppy.c does not validate the sect and head fields, as demonstrated by an integer overflow and out-of-bounds read. It can be triggered by an unprivileged local user when a floppy disk has been inserted. NOTE: QEMU c | ||
| CVE-2018-20855 | — | < 3.0.101-108.101.1 | 3.0.101-108.101.1 | Jul 26, 2019 | An issue was discovered in the Linux kernel before 4.18.7. In create_qp_common in drivers/infiniband/hw/mlx5/qp.c, mlx5_ib_create_qp_resp was never initialized, resulting in a leak of stack memory to userspace. | ||
| CVE-2019-13631 | — | < 3.0.101-108.101.1 | 3.0.101-108.101.1 | Jul 17, 2019 | In parse_hid_report_descriptor in drivers/input/tablet/gtco.c in the Linux kernel through 5.2.1, a malicious USB device can send an HID report that triggers an out-of-bounds write during generation of debugging messages. | ||
| CVE-2019-3896 | — | < 3.0.101-108.98.1 | 3.0.101-108.98.1 | Jun 18, 2019 | A double-free can happen in idr_remove_all() in lib/idr.c in the Linux kernel 2.6 branch. An unprivileged local attacker can use this flaw for a privilege escalation or for a system crash and a denial of service (DoS). | ||
| CVE-2019-11479 | — | < 3.0.101-108.95.2 | 3.0.101-108.95.2 | Jun 18, 2019 | Jonathan Looney discovered that the Linux kernel default MSS is hard-coded to 48 bytes. This allows a remote peer to fragment TCP resend queues significantly more than if a larger MSS were enforced. A remote attacker could use this to cause a denial of service. This has been fixe | ||
| CVE-2019-11478 | — | < 3.0.101-108.95.2 | 3.0.101-108.95.2 | Jun 18, 2019 | Jonathan Looney discovered that the TCP retransmission queue implementation in tcp_fragment in the Linux kernel could be fragmented when handling certain TCP Selective Acknowledgment (SACK) sequences. A remote attacker could use this to cause a denial of service. This has been fi | ||
| CVE-2019-11477 | — | < 3.0.101-108.95.2 | 3.0.101-108.95.2 | Jun 18, 2019 | Jonathan Looney discovered that the TCP_SKB_CB(skb)->tcp_gso_segs value was subject to an integer overflow in the Linux kernel when handling TCP Selective Acknowledgments (SACKs). A remote attacker could use this to cause a denial of service. This has been fixed in stable kernel | ||
| CVE-2019-0136 | — | < 3.0.101-108.135.1 | 3.0.101-108.135.1 | Jun 13, 2019 | Insufficient access control in the Intel(R) PROSet/Wireless WiFi Software driver before version 21.10 may allow an unauthenticated user to potentially enable denial of service via adjacent access. | ||
| CVE-2019-12614 | — | < 3.0.101-108.98.1 | 3.0.101-108.98.1 | Jun 3, 2019 | An issue was discovered in dlpar_parse_cc_property in arch/powerpc/platforms/pseries/dlpar.c in the Linux kernel through 5.1.6. There is an unchecked kstrdup of prop->name, which might allow an attacker to cause a denial of service (NULL pointer dereference and system crash). | ||
| CVE-2019-3846 | — | < 3.0.101-108.98.1 | 3.0.101-108.98.1 | Jun 3, 2019 | A flaw that allowed an attacker to corrupt memory and possibly escalate privileges was found in the mwifiex kernel module while connecting to a malicious wireless network. | ||
| CVE-2018-12130 | — | < 3.0.101-108.90.1 | 3.0.101-108.90.1 | May 30, 2019 | Microarchitectural Fill Buffer Data Sampling (MFBDS): Fill buffers on some microprocessors utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access. A list of impacted products can be found h | ||
| CVE-2018-12127 | — | < 3.0.101-108.90.1 | 3.0.101-108.90.1 | May 30, 2019 | Microarchitectural Load Port Data Sampling (MLPDS): Load ports on some microprocessors utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access. A list of impacted products can be found here: | ||
| CVE-2018-12126 | — | < 3.0.101-108.90.1 | 3.0.101-108.90.1 | May 30, 2019 | Microarchitectural Store Buffer Data Sampling (MSBDS): Store buffers on some microprocessors utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access. A list of impacted products can be found | ||
| CVE-2019-11091 | — | < 3.0.101-108.90.1 | 3.0.101-108.90.1 | May 30, 2019 | Microarchitectural Data Sampling Uncacheable Memory (MDSUM): Uncacheable memory on some microprocessors utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access. A list of impacted products c | ||
| CVE-2019-12456 | — | < 3.0.101-108.111.1 | 3.0.101-108.111.1 | May 30, 2019 | An issue was discovered in the MPT3COMMAND case in _ctl_ioctl_main in drivers/scsi/mpt3sas/mpt3sas_ctl.c in the Linux kernel through 5.1.5. It allows local users to cause a denial of service or possibly have unspecified other impact by changing the value of ioc_number between two | ||
| CVE-2019-11884 | — | < 3.0.101-108.95.2 | 3.0.101-108.95.2 | May 10, 2019 | The do_hidp_sock_ioctl function in net/bluetooth/hidp/sock.c in the Linux kernel before 5.0.15 allows a local user to obtain potentially sensitive information from kernel stack memory via a HIDPCONNADD command, because a name field may not end with a '\0' character. | ||
| CVE-2018-20836 | — | < 3.0.101-108.98.1 | 3.0.101-108.98.1 | May 7, 2019 | An issue was discovered in the Linux kernel before 4.20. There is a race condition in smp_task_timedout() and smp_task_done() in drivers/scsi/libsas/sas_expander.c, leading to a use-after-free. |
- CVE-2017-18509Aug 13, 2019affected < 3.0.101-108.108.1fixed 3.0.101-108.108.1
An issue was discovered in net/ipv6/ip6mr.c in the Linux kernel before 4.11. By setting a specific socket option, an attacker can control a pointer in kernel land and cause an inet_csk_listen_stop general protection fault, or potentially execute arbitrary code under certain circu
- CVE-2015-9289Jul 27, 2019affected < 3.0.101-108.101.1fixed 3.0.101-108.101.1
In the Linux kernel before 4.1.4, a buffer overflow occurs when checking userspace params in drivers/media/dvb-frontends/cx24116.c. The maximum size for a DiSEqC command is 6, according to the userspace API. However, the code allows larger values such as 23.
- CVE-2019-14284Jul 26, 2019affected < 3.0.101-108.101.1fixed 3.0.101-108.101.1
In the Linux kernel before 5.2.3, drivers/block/floppy.c allows a denial of service by setup_format_params division-by-zero. Two consecutive ioctls can trigger the bug: the first one should set the drive geometry with .sect and .rate values that make F_SECT_PER_TRACK be zero. Nex
- CVE-2019-14283Jul 26, 2019affected < 3.0.101-108.101.1fixed 3.0.101-108.101.1
In the Linux kernel before 5.2.3, set_geometry in drivers/block/floppy.c does not validate the sect and head fields, as demonstrated by an integer overflow and out-of-bounds read. It can be triggered by an unprivileged local user when a floppy disk has been inserted. NOTE: QEMU c
- CVE-2018-20855Jul 26, 2019affected < 3.0.101-108.101.1fixed 3.0.101-108.101.1
An issue was discovered in the Linux kernel before 4.18.7. In create_qp_common in drivers/infiniband/hw/mlx5/qp.c, mlx5_ib_create_qp_resp was never initialized, resulting in a leak of stack memory to userspace.
- CVE-2019-13631Jul 17, 2019affected < 3.0.101-108.101.1fixed 3.0.101-108.101.1
In parse_hid_report_descriptor in drivers/input/tablet/gtco.c in the Linux kernel through 5.2.1, a malicious USB device can send an HID report that triggers an out-of-bounds write during generation of debugging messages.
- CVE-2019-3896Jun 18, 2019affected < 3.0.101-108.98.1fixed 3.0.101-108.98.1
A double-free can happen in idr_remove_all() in lib/idr.c in the Linux kernel 2.6 branch. An unprivileged local attacker can use this flaw for a privilege escalation or for a system crash and a denial of service (DoS).
- CVE-2019-11479Jun 18, 2019affected < 3.0.101-108.95.2fixed 3.0.101-108.95.2
Jonathan Looney discovered that the Linux kernel default MSS is hard-coded to 48 bytes. This allows a remote peer to fragment TCP resend queues significantly more than if a larger MSS were enforced. A remote attacker could use this to cause a denial of service. This has been fixe
- CVE-2019-11478Jun 18, 2019affected < 3.0.101-108.95.2fixed 3.0.101-108.95.2
Jonathan Looney discovered that the TCP retransmission queue implementation in tcp_fragment in the Linux kernel could be fragmented when handling certain TCP Selective Acknowledgment (SACK) sequences. A remote attacker could use this to cause a denial of service. This has been fi
- CVE-2019-11477Jun 18, 2019affected < 3.0.101-108.95.2fixed 3.0.101-108.95.2
Jonathan Looney discovered that the TCP_SKB_CB(skb)->tcp_gso_segs value was subject to an integer overflow in the Linux kernel when handling TCP Selective Acknowledgments (SACKs). A remote attacker could use this to cause a denial of service. This has been fixed in stable kernel
- CVE-2019-0136Jun 13, 2019affected < 3.0.101-108.135.1fixed 3.0.101-108.135.1
Insufficient access control in the Intel(R) PROSet/Wireless WiFi Software driver before version 21.10 may allow an unauthenticated user to potentially enable denial of service via adjacent access.
- CVE-2019-12614Jun 3, 2019affected < 3.0.101-108.98.1fixed 3.0.101-108.98.1
An issue was discovered in dlpar_parse_cc_property in arch/powerpc/platforms/pseries/dlpar.c in the Linux kernel through 5.1.6. There is an unchecked kstrdup of prop->name, which might allow an attacker to cause a denial of service (NULL pointer dereference and system crash).
- CVE-2019-3846Jun 3, 2019affected < 3.0.101-108.98.1fixed 3.0.101-108.98.1
A flaw that allowed an attacker to corrupt memory and possibly escalate privileges was found in the mwifiex kernel module while connecting to a malicious wireless network.
- CVE-2018-12130May 30, 2019affected < 3.0.101-108.90.1fixed 3.0.101-108.90.1
Microarchitectural Fill Buffer Data Sampling (MFBDS): Fill buffers on some microprocessors utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access. A list of impacted products can be found h
- CVE-2018-12127May 30, 2019affected < 3.0.101-108.90.1fixed 3.0.101-108.90.1
Microarchitectural Load Port Data Sampling (MLPDS): Load ports on some microprocessors utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access. A list of impacted products can be found here:
- CVE-2018-12126May 30, 2019affected < 3.0.101-108.90.1fixed 3.0.101-108.90.1
Microarchitectural Store Buffer Data Sampling (MSBDS): Store buffers on some microprocessors utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access. A list of impacted products can be found
- CVE-2019-11091May 30, 2019affected < 3.0.101-108.90.1fixed 3.0.101-108.90.1
Microarchitectural Data Sampling Uncacheable Memory (MDSUM): Uncacheable memory on some microprocessors utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access. A list of impacted products c
- CVE-2019-12456May 30, 2019affected < 3.0.101-108.111.1fixed 3.0.101-108.111.1
An issue was discovered in the MPT3COMMAND case in _ctl_ioctl_main in drivers/scsi/mpt3sas/mpt3sas_ctl.c in the Linux kernel through 5.1.5. It allows local users to cause a denial of service or possibly have unspecified other impact by changing the value of ioc_number between two
- CVE-2019-11884May 10, 2019affected < 3.0.101-108.95.2fixed 3.0.101-108.95.2
The do_hidp_sock_ioctl function in net/bluetooth/hidp/sock.c in the Linux kernel before 5.0.15 allows a local user to obtain potentially sensitive information from kernel stack memory via a HIDPCONNADD command, because a name field may not end with a '\0' character.
- CVE-2018-20836May 7, 2019affected < 3.0.101-108.98.1fixed 3.0.101-108.98.1
An issue was discovered in the Linux kernel before 4.20. There is a race condition in smp_task_timedout() and smp_task_done() in drivers/scsi/libsas/sas_expander.c, leading to a use-after-free.
Page 8 of 9