rpm package
suse/kernel-default&distro=SUSE Linux Enterprise Workstation Extension 15
pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Workstation%20Extension%2015
Vulnerabilities (225)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2018-19824 | — | < 4.12.14-25.28.1 | 4.12.14-25.28.1 | Dec 3, 2018 | In the Linux kernel through 4.19.6, a local user could exploit a use-after-free in the ALSA driver by supplying a malicious USB Sound device (with zero interfaces) that is mishandled in usb_audio_probe in sound/usb/card.c. | ||
| CVE-2018-16862 | — | < 4.12.14-25.28.1 | 4.12.14-25.28.1 | Nov 26, 2018 | A security flaw was found in the Linux kernel in a way that the cleancache subsystem clears an inode after the final file truncation (removal). The new file created with the same inode may contain leftover pages from cleancache and the old file data instead of the new one. | ||
| CVE-2018-19407 | — | < 4.12.14-25.28.1 | 4.12.14-25.28.1 | Nov 21, 2018 | The vcpu_scan_ioapic function in arch/x86/kvm/x86.c in the Linux kernel through 4.19.2 allows local users to cause a denial of service (NULL pointer dereference and BUG) via crafted system calls that reach a situation where ioapic is uninitialized. | ||
| CVE-2018-9385 | — | < 4.12.14-25.3.1 | 4.12.14-25.3.1 | Nov 6, 2018 | In driver_override_store of bus.c, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Andro | ||
| CVE-2018-9363 | — | < 4.12.14-25.16.1 | 4.12.14-25.16.1 | Nov 6, 2018 | In the hidp_process_report in bluetooth, there is an integer overflow. This could lead to an out of bounds write with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android kernel Android ID: A-65853588 Refer | ||
| CVE-2018-18281 | — | < 4.12.14-25.28.1 | 4.12.14-25.28.1 | Oct 30, 2018 | Since Linux kernel version 3.2, the mremap() syscall performs TLB flushes after dropping pagetable locks. If a syscall such as ftruncate() removes entries from the pagetables of a task that is in the middle of mremap(), a stale TLB entry can remain for a short time that permits a | ||
| CVE-2018-18710 | — | < 4.12.14-25.28.1 | 4.12.14-25.28.1 | Oct 27, 2018 | An issue was discovered in the Linux kernel through 4.19. An information leak in cdrom_ioctl_select_disc in drivers/cdrom/cdrom.c could be used by local attackers to read kernel memory because a cast from unsigned long to int interferes with bounds checking. This is similar to CV | ||
| CVE-2018-18386 | — | < 4.12.14-25.25.1 | 4.12.14-25.25.1 | Oct 17, 2018 | drivers/tty/n_tty.c in the Linux kernel before 4.14.11 allows local attackers (who are able to access pseudo terminals) to hang/block further usage of any pseudo terminal devices due to an EXTPROC versus ICANON confusion in TIOCINQ. | ||
| CVE-2018-18445 | — | < 4.12.14-25.25.1 | 4.12.14-25.25.1 | Oct 17, 2018 | In the Linux kernel 4.14.x, 4.15.x, 4.16.x, 4.17.x, and 4.18.x before 4.18.13, faulty computation of numeric bounds in the BPF verifier permits out-of-bounds memory accesses because adjust_scalar_min_max_vals in kernel/bpf/verifier.c mishandles 32-bit right shifts. | ||
| CVE-2018-14633 | — | < 4.12.14-25.22.1 | 4.12.14-25.22.1 | Sep 25, 2018 | A security flaw was found in the chap_server_compute_md5() function in the ISCSI target code in the Linux kernel in a way an authentication request from an ISCSI initiator is processed. An unauthenticated remote attacker can cause a stack buffer overflow and smash up to 17 bytes | ||
| CVE-2018-17182 | — | < 4.12.14-25.22.1 | 4.12.14-25.22.1 | Sep 19, 2018 | An issue was discovered in the Linux kernel through 4.18.8. The vmacache_flush_all function in mm/vmacache.c mishandles sequence number overflows. An attacker can trigger a use-after-free (and possibly gain privileges) via certain thread creation, map, unmap, invalidation, and de | ||
| CVE-2018-10853 | — | < 4.12.14-25.16.1 | 4.12.14-25.16.1 | Sep 11, 2018 | A flaw was found in the way Linux kernel KVM hypervisor before 4.18 emulated instructions such as sgdt/sidt/fxsave/fxrstor. It did not check current privilege(CPL) level while emulating unprivileged instructions. An unprivileged guest user/process could use this flaw to potential | ||
| CVE-2018-14625 | — | < 4.12.14-25.28.1 | 4.12.14-25.28.1 | Sep 10, 2018 | A flaw was found in the Linux Kernel where an attacker may be able to have an uncontrolled read to kernel-memory from within a vm guest. A race condition between connect() and close() function may allow an attacker using the AF_VSOCK protocol to gather a 4 byte information leak o | ||
| CVE-2018-16658 | — | < 4.12.14-25.19.1 | 4.12.14-25.19.1 | Sep 7, 2018 | An issue was discovered in the Linux kernel before 4.18.6. An information leak in cdrom_ioctl_drive_status in drivers/cdrom/cdrom.c could be used by local attackers to read kernel memory because a cast from unsigned long to int interferes with bounds checking. This is similar to | ||
| CVE-2018-5391 | — | < 4.12.14-25.13.1 | 4.12.14-25.13.1 | Sep 6, 2018 | The Linux kernel, versions 3.9+, is vulnerable to a denial of service attack with low rates of specially modified packets targeting IP fragment re-assembly. An attacker may cause a denial of service condition by sending specially crafted IP fragments. Various vulnerabilities in I | ||
| CVE-2018-6555 | — | < 4.12.14-25.19.1 | 4.12.14-25.19.1 | Sep 4, 2018 | The irda_setsockopt function in net/irda/af_irda.c and later in drivers/staging/irda/net/af_irda.c in the Linux kernel before 4.17 allows local users to cause a denial of service (ias_object use-after-free and system crash) or possibly have unspecified other impact via an AF_IRDA | ||
| CVE-2018-6554 | — | < 4.12.14-25.19.1 | 4.12.14-25.19.1 | Sep 4, 2018 | Memory leak in the irda_bind function in net/irda/af_irda.c and later in drivers/staging/irda/net/af_irda.c in the Linux kernel before 4.17 allows local users to cause a denial of service (memory consumption) by repeatedly binding an AF_IRDA socket. | ||
| CVE-2018-10938 | — | < 4.12.14-25.19.1 | 4.12.14-25.19.1 | Aug 27, 2018 | A flaw was found in the Linux kernel present since v4.0-rc1 and through v4.13-rc4. A crafted network packet sent remotely by an attacker may force the kernel to enter an infinite loop in the cipso_v4_optptr() function in net/ipv4/cipso_ipv4.c leading to a denial-of-service. A cer | ||
| CVE-2018-10902 | — | < 4.12.14-25.16.1 | 4.12.14-25.16.1 | Aug 21, 2018 | It was found that the raw midi kernel driver does not protect against concurrent access which leads to a double realloc (double free) in snd_rawmidi_input_params() and snd_rawmidi_output_status() which are part of snd_rawmidi_ioctl() handler in rawmidi.c file. A malicious local a | ||
| CVE-2018-15572 | — | < 4.12.14-25.16.1 | 4.12.14-25.16.1 | Aug 20, 2018 | The spectre_v2_select_mitigation function in arch/x86/kernel/cpu/bugs.c in the Linux kernel before 4.18.1 does not always fill RSB upon a context switch, which makes it easier for attackers to conduct userspace-userspace spectreRSB attacks. |
- CVE-2018-19824Dec 3, 2018affected < 4.12.14-25.28.1fixed 4.12.14-25.28.1
In the Linux kernel through 4.19.6, a local user could exploit a use-after-free in the ALSA driver by supplying a malicious USB Sound device (with zero interfaces) that is mishandled in usb_audio_probe in sound/usb/card.c.
- CVE-2018-16862Nov 26, 2018affected < 4.12.14-25.28.1fixed 4.12.14-25.28.1
A security flaw was found in the Linux kernel in a way that the cleancache subsystem clears an inode after the final file truncation (removal). The new file created with the same inode may contain leftover pages from cleancache and the old file data instead of the new one.
- CVE-2018-19407Nov 21, 2018affected < 4.12.14-25.28.1fixed 4.12.14-25.28.1
The vcpu_scan_ioapic function in arch/x86/kvm/x86.c in the Linux kernel through 4.19.2 allows local users to cause a denial of service (NULL pointer dereference and BUG) via crafted system calls that reach a situation where ioapic is uninitialized.
- CVE-2018-9385Nov 6, 2018affected < 4.12.14-25.3.1fixed 4.12.14-25.3.1
In driver_override_store of bus.c, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Andro
- CVE-2018-9363Nov 6, 2018affected < 4.12.14-25.16.1fixed 4.12.14-25.16.1
In the hidp_process_report in bluetooth, there is an integer overflow. This could lead to an out of bounds write with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android kernel Android ID: A-65853588 Refer
- CVE-2018-18281Oct 30, 2018affected < 4.12.14-25.28.1fixed 4.12.14-25.28.1
Since Linux kernel version 3.2, the mremap() syscall performs TLB flushes after dropping pagetable locks. If a syscall such as ftruncate() removes entries from the pagetables of a task that is in the middle of mremap(), a stale TLB entry can remain for a short time that permits a
- CVE-2018-18710Oct 27, 2018affected < 4.12.14-25.28.1fixed 4.12.14-25.28.1
An issue was discovered in the Linux kernel through 4.19. An information leak in cdrom_ioctl_select_disc in drivers/cdrom/cdrom.c could be used by local attackers to read kernel memory because a cast from unsigned long to int interferes with bounds checking. This is similar to CV
- CVE-2018-18386Oct 17, 2018affected < 4.12.14-25.25.1fixed 4.12.14-25.25.1
drivers/tty/n_tty.c in the Linux kernel before 4.14.11 allows local attackers (who are able to access pseudo terminals) to hang/block further usage of any pseudo terminal devices due to an EXTPROC versus ICANON confusion in TIOCINQ.
- CVE-2018-18445Oct 17, 2018affected < 4.12.14-25.25.1fixed 4.12.14-25.25.1
In the Linux kernel 4.14.x, 4.15.x, 4.16.x, 4.17.x, and 4.18.x before 4.18.13, faulty computation of numeric bounds in the BPF verifier permits out-of-bounds memory accesses because adjust_scalar_min_max_vals in kernel/bpf/verifier.c mishandles 32-bit right shifts.
- CVE-2018-14633Sep 25, 2018affected < 4.12.14-25.22.1fixed 4.12.14-25.22.1
A security flaw was found in the chap_server_compute_md5() function in the ISCSI target code in the Linux kernel in a way an authentication request from an ISCSI initiator is processed. An unauthenticated remote attacker can cause a stack buffer overflow and smash up to 17 bytes
- CVE-2018-17182Sep 19, 2018affected < 4.12.14-25.22.1fixed 4.12.14-25.22.1
An issue was discovered in the Linux kernel through 4.18.8. The vmacache_flush_all function in mm/vmacache.c mishandles sequence number overflows. An attacker can trigger a use-after-free (and possibly gain privileges) via certain thread creation, map, unmap, invalidation, and de
- CVE-2018-10853Sep 11, 2018affected < 4.12.14-25.16.1fixed 4.12.14-25.16.1
A flaw was found in the way Linux kernel KVM hypervisor before 4.18 emulated instructions such as sgdt/sidt/fxsave/fxrstor. It did not check current privilege(CPL) level while emulating unprivileged instructions. An unprivileged guest user/process could use this flaw to potential
- CVE-2018-14625Sep 10, 2018affected < 4.12.14-25.28.1fixed 4.12.14-25.28.1
A flaw was found in the Linux Kernel where an attacker may be able to have an uncontrolled read to kernel-memory from within a vm guest. A race condition between connect() and close() function may allow an attacker using the AF_VSOCK protocol to gather a 4 byte information leak o
- CVE-2018-16658Sep 7, 2018affected < 4.12.14-25.19.1fixed 4.12.14-25.19.1
An issue was discovered in the Linux kernel before 4.18.6. An information leak in cdrom_ioctl_drive_status in drivers/cdrom/cdrom.c could be used by local attackers to read kernel memory because a cast from unsigned long to int interferes with bounds checking. This is similar to
- CVE-2018-5391Sep 6, 2018affected < 4.12.14-25.13.1fixed 4.12.14-25.13.1
The Linux kernel, versions 3.9+, is vulnerable to a denial of service attack with low rates of specially modified packets targeting IP fragment re-assembly. An attacker may cause a denial of service condition by sending specially crafted IP fragments. Various vulnerabilities in I
- CVE-2018-6555Sep 4, 2018affected < 4.12.14-25.19.1fixed 4.12.14-25.19.1
The irda_setsockopt function in net/irda/af_irda.c and later in drivers/staging/irda/net/af_irda.c in the Linux kernel before 4.17 allows local users to cause a denial of service (ias_object use-after-free and system crash) or possibly have unspecified other impact via an AF_IRDA
- CVE-2018-6554Sep 4, 2018affected < 4.12.14-25.19.1fixed 4.12.14-25.19.1
Memory leak in the irda_bind function in net/irda/af_irda.c and later in drivers/staging/irda/net/af_irda.c in the Linux kernel before 4.17 allows local users to cause a denial of service (memory consumption) by repeatedly binding an AF_IRDA socket.
- CVE-2018-10938Aug 27, 2018affected < 4.12.14-25.19.1fixed 4.12.14-25.19.1
A flaw was found in the Linux kernel present since v4.0-rc1 and through v4.13-rc4. A crafted network packet sent remotely by an attacker may force the kernel to enter an infinite loop in the cipso_v4_optptr() function in net/ipv4/cipso_ipv4.c leading to a denial-of-service. A cer
- CVE-2018-10902Aug 21, 2018affected < 4.12.14-25.16.1fixed 4.12.14-25.16.1
It was found that the raw midi kernel driver does not protect against concurrent access which leads to a double realloc (double free) in snd_rawmidi_input_params() and snd_rawmidi_output_status() which are part of snd_rawmidi_ioctl() handler in rawmidi.c file. A malicious local a
- CVE-2018-15572Aug 20, 2018affected < 4.12.14-25.16.1fixed 4.12.14-25.16.1
The spectre_v2_select_mitigation function in arch/x86/kernel/cpu/bugs.c in the Linux kernel before 4.18.1 does not always fill RSB upon a context switch, which makes it easier for attackers to conduct userspace-userspace spectreRSB attacks.
Page 9 of 12