rpm package

suse/kernel-default&distro=SUSE Linux Enterprise Server 11 SP4-LTSS

pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP4-LTSS

Vulnerabilities (177)

CVE	CVSS	Affected versions	Fixed in	Published	Description
CVE-2019-11810	—	< 3.0.101-108.101.1	3.0.101-108.101.1	May 7, 2019	An issue was discovered in the Linux kernel before 5.0.7. A NULL pointer dereference can occur when megasas_create_frame_pool() fails in megasas_alloc_cmds() in drivers/scsi/megaraid/megaraid_sas_base.c. This causes a Denial of Service, related to a use-after-free.
CVE-2019-11486	—	< 3.0.101-108.95.2	3.0.101-108.95.2	Apr 23, 2019	The Siemens R3964 line discipline driver in drivers/tty/n_r3964.c in the Linux kernel before 5.0.8 has multiple race conditions.
CVE-2019-11190	—	< 3.0.101-108.95.2	3.0.101-108.95.2	Apr 11, 2019	The Linux kernel before 4.8 allows local users to bypass ASLR on setuid programs (such as /bin/su) because install_exec_creds() is called too late in load_elf_binary() in fs/binfmt_elf.c, and thus the ptrace_may_access() check has a race condition when reading /proc/pid/stat.
CVE-2019-3460	—	< 3.0.101-108.98.1	3.0.101-108.98.1	Apr 11, 2019	A heap data infoleak in multiple locations including L2CAP_PARSE_CONF_RSP was found in the Linux kernel before 5.1-rc1.
CVE-2019-3459	—	< 3.0.101-108.98.1	3.0.101-108.98.1	Apr 11, 2019	A heap address information leak while using L2CAP_GET_CONF_OPT was discovered in the Linux kernel before 5.1-rc1.
CVE-2019-9213	—	< 3.0.101-108.90.1	3.0.101-108.90.1	Mar 5, 2019	In the Linux kernel before 4.20.14, expand_downwards in mm/mmap.c lacks a check for the mmap minimum address, which makes it easier for attackers to exploit kernel NULL pointer dereferences on non-SMAP platforms. This is related to a capability check for the wrong task.
CVE-2019-5489	—	< 3.0.101-108.95.2	3.0.101-108.95.2	Jan 7, 2019	The mincore() implementation in mm/mincore.c in the Linux kernel through 4.19.13 allowed local attackers to observe page cache access patterns of other processes on the same system, potentially allowing sniffing of secret information. (Fixing this affects the output of the fincor
CVE-2018-17972	—	< 3.0.101-108.95.2	3.0.101-108.95.2	Oct 3, 2018	An issue was discovered in the proc_pid_stack function in fs/proc/base.c in the Linux kernel through 4.18.11. It does not ensure that only root may inspect the kernel stack of an arbitrary task, allowing a local attacker to exploit racy stack unwinding and leak kernel task stack
CVE-2018-5390	—	< 3.0.101-108.98.1	3.0.101-108.98.1	Aug 6, 2018	Linux kernel versions 4.9+ can be forced to make very expensive calls to tcp_collapse_ofo_queue() and tcp_prune_ofo_queue() for every incoming packet which can lead to a denial of service.
CVE-2014-9710	—	< 3.0.101-108.95.2	3.0.101-108.95.2	May 27, 2015	The Btrfs implementation in the Linux kernel before 3.19 does not ensure that the visible xattr state is consistent with a requested replacement, which allows local users to bypass intended ACL settings and gain privileges via standard filesystem operations (1) during an xattr-re
CVE-2014-7841	—	< 3.0.101-108.132.1	3.0.101-108.132.1	Nov 30, 2014	The sctp_process_param function in net/sctp/sm_make_chunk.c in the SCTP implementation in the Linux kernel before 3.17.4, when ASCONF is used, allows remote attackers to cause a denial of service (NULL pointer dereference and system crash) via a malformed INIT chunk.
CVE-2013-1979	—	< 3.0.101-108.90.1	3.0.101-108.90.1	May 3, 2013	The scm_set_cred function in include/net/scm.h in the Linux kernel before 3.8.11 uses incorrect uid and gid values during credentials passing, which allows local users to gain privileges via a crafted application.
CVE-2013-0216	—	< 3.0.101-108.90.1	3.0.101-108.90.1	Feb 18, 2013	The Xen netback functionality in the Linux kernel before 3.7.8 allows guest OS users to cause a denial of service (loop) by triggering ring pointer corruption.
CVE-2013-0160	—	< 3.0.101-108.90.1	3.0.101-108.90.1	Feb 18, 2013	The Linux kernel through 3.7.9 allows local users to obtain sensitive information about keystroke timing by using the inotify API on the /dev/ptmx device.
CVE-2013-0231	—	< 3.0.101-108.90.1	3.0.101-108.90.1	Feb 13, 2013	The pciback_enable_msi function in the PCI backend driver (drivers/xen/pciback/conf_space_capability_msi.c) in Xen for the Linux kernel 2.6.18 and 3.8 allows guest OS users with PCI device access to cause a denial of service via a large number of kernel log messages. NOTE: some o
CVE-2012-3430	—	< 3.0.101-108.90.1	3.0.101-108.90.1	Oct 3, 2012	The rds_recvmsg function in net/rds/recv.c in the Linux kernel before 3.0.44 does not initialize a certain structure member, which allows local users to obtain potentially sensitive information from kernel stack memory via a (1) recvfrom or (2) recvmsg system call on an RDS socke
CVE-2012-3412	—	< 3.0.101-108.90.1	3.0.101-108.90.1	Oct 3, 2012	The sfc (aka Solarflare Solarstorm) driver in the Linux kernel before 3.2.30 allows remote attackers to cause a denial of service (DMA descriptor consumption and network-controller outage) via crafted TCP packets that trigger a small MSS value.

CVE-2019-11810May 7, 2019
affected < 3.0.101-108.101.1fixed 3.0.101-108.101.1
An issue was discovered in the Linux kernel before 5.0.7. A NULL pointer dereference can occur when megasas_create_frame_pool() fails in megasas_alloc_cmds() in drivers/scsi/megaraid/megaraid_sas_base.c. This causes a Denial of Service, related to a use-after-free.
CVE-2019-11486Apr 23, 2019
affected < 3.0.101-108.95.2fixed 3.0.101-108.95.2
The Siemens R3964 line discipline driver in drivers/tty/n_r3964.c in the Linux kernel before 5.0.8 has multiple race conditions.
CVE-2019-11190Apr 11, 2019
affected < 3.0.101-108.95.2fixed 3.0.101-108.95.2
The Linux kernel before 4.8 allows local users to bypass ASLR on setuid programs (such as /bin/su) because install_exec_creds() is called too late in load_elf_binary() in fs/binfmt_elf.c, and thus the ptrace_may_access() check has a race condition when reading /proc/pid/stat.
CVE-2019-3460Apr 11, 2019
affected < 3.0.101-108.98.1fixed 3.0.101-108.98.1
A heap data infoleak in multiple locations including L2CAP_PARSE_CONF_RSP was found in the Linux kernel before 5.1-rc1.
CVE-2019-3459Apr 11, 2019
affected < 3.0.101-108.98.1fixed 3.0.101-108.98.1
A heap address information leak while using L2CAP_GET_CONF_OPT was discovered in the Linux kernel before 5.1-rc1.
CVE-2019-9213Mar 5, 2019
affected < 3.0.101-108.90.1fixed 3.0.101-108.90.1
In the Linux kernel before 4.20.14, expand_downwards in mm/mmap.c lacks a check for the mmap minimum address, which makes it easier for attackers to exploit kernel NULL pointer dereferences on non-SMAP platforms. This is related to a capability check for the wrong task.
CVE-2019-5489Jan 7, 2019
affected < 3.0.101-108.95.2fixed 3.0.101-108.95.2
The mincore() implementation in mm/mincore.c in the Linux kernel through 4.19.13 allowed local attackers to observe page cache access patterns of other processes on the same system, potentially allowing sniffing of secret information. (Fixing this affects the output of the fincor
CVE-2018-17972Oct 3, 2018
affected < 3.0.101-108.95.2fixed 3.0.101-108.95.2
An issue was discovered in the proc_pid_stack function in fs/proc/base.c in the Linux kernel through 4.18.11. It does not ensure that only root may inspect the kernel stack of an arbitrary task, allowing a local attacker to exploit racy stack unwinding and leak kernel task stack
CVE-2018-5390Aug 6, 2018
affected < 3.0.101-108.98.1fixed 3.0.101-108.98.1
Linux kernel versions 4.9+ can be forced to make very expensive calls to tcp_collapse_ofo_queue() and tcp_prune_ofo_queue() for every incoming packet which can lead to a denial of service.
CVE-2014-9710May 27, 2015
affected < 3.0.101-108.95.2fixed 3.0.101-108.95.2
The Btrfs implementation in the Linux kernel before 3.19 does not ensure that the visible xattr state is consistent with a requested replacement, which allows local users to bypass intended ACL settings and gain privileges via standard filesystem operations (1) during an xattr-re
CVE-2014-7841Nov 30, 2014
affected < 3.0.101-108.132.1fixed 3.0.101-108.132.1
The sctp_process_param function in net/sctp/sm_make_chunk.c in the SCTP implementation in the Linux kernel before 3.17.4, when ASCONF is used, allows remote attackers to cause a denial of service (NULL pointer dereference and system crash) via a malformed INIT chunk.
CVE-2013-1979May 3, 2013
affected < 3.0.101-108.90.1fixed 3.0.101-108.90.1
The scm_set_cred function in include/net/scm.h in the Linux kernel before 3.8.11 uses incorrect uid and gid values during credentials passing, which allows local users to gain privileges via a crafted application.
CVE-2013-0216Feb 18, 2013
affected < 3.0.101-108.90.1fixed 3.0.101-108.90.1
The Xen netback functionality in the Linux kernel before 3.7.8 allows guest OS users to cause a denial of service (loop) by triggering ring pointer corruption.
CVE-2013-0160Feb 18, 2013
affected < 3.0.101-108.90.1fixed 3.0.101-108.90.1
The Linux kernel through 3.7.9 allows local users to obtain sensitive information about keystroke timing by using the inotify API on the /dev/ptmx device.
CVE-2013-0231Feb 13, 2013
affected < 3.0.101-108.90.1fixed 3.0.101-108.90.1
The pciback_enable_msi function in the PCI backend driver (drivers/xen/pciback/conf_space_capability_msi.c) in Xen for the Linux kernel 2.6.18 and 3.8 allows guest OS users with PCI device access to cause a denial of service via a large number of kernel log messages. NOTE: some o
CVE-2012-3430Oct 3, 2012
affected < 3.0.101-108.90.1fixed 3.0.101-108.90.1
The rds_recvmsg function in net/rds/recv.c in the Linux kernel before 3.0.44 does not initialize a certain structure member, which allows local users to obtain potentially sensitive information from kernel stack memory via a (1) recvfrom or (2) recvmsg system call on an RDS socke
CVE-2012-3412Oct 3, 2012
affected < 3.0.101-108.90.1fixed 3.0.101-108.90.1
The sfc (aka Solarflare Solarstorm) driver in the Linux kernel before 3.2.30 allows remote attackers to cause a denial of service (DMA descriptor consumption and network-controller outage) via crafted TCP packets that trigger a small MSS value.

Page 9 of 9