rpm package
suse/kernel-livepatch-SLE15-SP1_Update_6&distro=SUSE Linux Enterprise Live Patching 15 SP1
pkg:rpm/suse/kernel-livepatch-SLE15-SP1_Update_6&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2015%20SP1
Vulnerabilities (21)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2020-14331 | — | < 8-2.2 | 8-2.2 | Sep 15, 2020 | A flaw was found in the Linux kernel’s implementation of the invert video code on VGA consoles when a local attacker attempts to resize the console, calling an ioctl VT_RESIZE, which causes an out-of-bounds write to occur. This flaw allows a local user with access to the VGA cons | ||
| CVE-2020-1749 | — | < 5-2.1 | 5-2.1 | Sep 9, 2020 | A flaw was found in the Linux kernel's implementation of some networking protocols in IPsec, such as VXLAN and GENEVE tunnels over IPv6. When an encrypted tunnel is created between two hosts, the kernel isn't correctly routing tunneled data over the encrypted link; rather sending | ||
| CVE-2020-15780 | — | < 8-2.2 | 8-2.2 | Jul 15, 2020 | An issue was discovered in drivers/acpi/acpi_configfs.c in the Linux kernel before 5.7.7. Injection of malicious ACPI tables via configfs could be used by attackers to bypass lockdown and secure boot restrictions, aka CID-75b0cea7bf30. | ||
| CVE-2020-10757 | — | < 7-2.1 | 7-2.1 | Jun 9, 2020 | A flaw was found in the Linux Kernel in versions after 4.5-rc1 in the way mremap handled DAX Huge Pages. This flaw allows a local attacker with access to a DAX enabled storage to escalate their privileges on the system. | ||
| CVE-2020-12654 | — | < 6-2.1 | 6-2.1 | May 5, 2020 | An issue was found in Linux kernel before 5.5.4. mwifiex_ret_wmm_get_status() in drivers/net/wireless/marvell/mwifiex/wmm.c allows a remote AP to trigger a heap-based buffer overflow because of an incorrect memcpy, aka CID-3a9b153c5591. | ||
| CVE-2020-12653 | — | < 6-2.1 | 6-2.1 | May 5, 2020 | An issue was found in Linux kernel before 5.5.4. The mwifiex_cmd_append_vsie_tlv() function in drivers/net/wireless/marvell/mwifiex/scan.c allows local users to gain privileges or cause a denial of service because of an incorrect memcpy and buffer overflow, aka CID-b70261a288ea. | ||
| CVE-2020-11668 | — | < 8-2.2 | 8-2.2 | Apr 9, 2020 | In the Linux kernel before 5.6.1, drivers/media/usb/gspca/xirlink_cit.c (aka the Xirlink camera USB driver) mishandles invalid descriptors, aka CID-a246b4d54770. | ||
| CVE-2019-5108 | — | < 5-2.1 | 5-2.1 | Dec 23, 2019 | An exploitable denial-of-service vulnerability exists in the Linux kernel prior to mainline 5.3. An attacker could exploit this vulnerability by triggering AP to send IAPP location updates for stations before the required authentication process has completed. This could lead to d | ||
| CVE-2019-19447 | — | < 8-2.2 | 8-2.2 | Dec 8, 2019 | In the Linux kernel 5.0.21, mounting a crafted ext4 filesystem image, performing some operations, and unmounting can lead to a use-after-free in ext4_put_super in fs/ext4/super.c, related to dump_orphan_list in fs/ext4/super.c. | ||
| CVE-2019-14901 | — | < 8-2.2 | 8-2.2 | Nov 29, 2019 | A heap overflow flaw was found in the Linux kernel, all versions 3.x.x and 4.x.x before 4.18.0, in Marvell WiFi chip driver. The vulnerability allows a remote attacker to cause a system crash, resulting in a denial of service, or execute arbitrary code. The highest threat with th | ||
| CVE-2019-14895 | — | < 8-2.2 | 8-2.2 | Nov 29, 2019 | A heap-based buffer overflow was discovered in the Linux kernel, all versions 3.x.x and 4.x.x before 4.18.0, in Marvell WiFi chip driver. The flaw could occur when the station attempts a connection negotiation during the handling of the remote devices country settings. This could | ||
| CVE-2019-10220 | — | < 2-2.1 | 2-2.1 | Nov 27, 2019 | Linux kernel CIFS implementation, version 4.9.0 is vulnerable to a relative paths injection in directory entry lists. | ||
| CVE-2019-0155 | — | < 8-2.2 | 8-2.2 | Nov 14, 2019 | Insufficient access control in a subsystem for Intel (R) processor graphics in 6th, 7th, 8th and 9th Generation Intel(R) Core(TM) Processor Families; Intel(R) Pentium(R) Processor J, N, Silver and Gold Series; Intel(R) Celeron(R) Processor J, N, G3900 and G4900 Series; Intel(R) A | ||
| CVE-2019-17133 | — | < 2-2.1 | 2-2.1 | Oct 4, 2019 | In the Linux kernel through 5.3.2, cfg80211_mgd_wext_giwessid in net/wireless/wext-sme.c does not reject a long SSID IE, leading to a Buffer Overflow. | ||
| CVE-2019-16746 | — | < 8-2.2 | 8-2.2 | Sep 24, 2019 | An issue was discovered in net/wireless/nl80211.c in the Linux kernel through 5.2.17. It does not check the length of variable elements in a beacon head, leading to a buffer overflow. | ||
| CVE-2019-14821 | — | < 1-3.3.1 | 1-3.3.1 | Sep 19, 2019 | An out-of-bounds access issue was found in the Linux kernel, all versions through 5.3, in the way Linux kernel's KVM hypervisor implements the Coalesced MMIO write operation. It operates on an MMIO ring buffer 'struct kvm_coalesced_mmio' object, wherein write indices 'ring->first | ||
| CVE-2019-9458 | — | < 8-2.2 | 8-2.2 | Sep 6, 2019 | In the Android kernel in the video driver there is a use after free due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. | ||
| CVE-2017-18595 | — | < 1-3.3.1 | 1-3.3.1 | Sep 4, 2019 | An issue was discovered in the Linux kernel before 4.14.11. A double free may be caused by the function allocate_trace_buffer in the file kernel/trace/trace.c. | ||
| CVE-2019-15291 | — | < 1-3.3.1 | 1-3.3.1 | Aug 20, 2019 | An issue was discovered in the Linux kernel through 5.2.9. There is a NULL pointer dereference caused by a malicious USB device in the flexcop_usb_probe function in the drivers/media/usb/b2c2/flexcop-usb.c driver. | ||
| CVE-2019-9506 | — | < 1-3.3.1 | 1-3.3.1 | Aug 14, 2019 | The Bluetooth BR/EDR specification up to and including version 5.1 permits sufficiently low encryption key length and does not prevent an attacker from influencing the key length negotiation. This allows practical brute-force attacks (aka "KNOB") that can decrypt traffic and inje |
- CVE-2020-14331Sep 15, 2020affected < 8-2.2fixed 8-2.2
A flaw was found in the Linux kernel’s implementation of the invert video code on VGA consoles when a local attacker attempts to resize the console, calling an ioctl VT_RESIZE, which causes an out-of-bounds write to occur. This flaw allows a local user with access to the VGA cons
- CVE-2020-1749Sep 9, 2020affected < 5-2.1fixed 5-2.1
A flaw was found in the Linux kernel's implementation of some networking protocols in IPsec, such as VXLAN and GENEVE tunnels over IPv6. When an encrypted tunnel is created between two hosts, the kernel isn't correctly routing tunneled data over the encrypted link; rather sending
- CVE-2020-15780Jul 15, 2020affected < 8-2.2fixed 8-2.2
An issue was discovered in drivers/acpi/acpi_configfs.c in the Linux kernel before 5.7.7. Injection of malicious ACPI tables via configfs could be used by attackers to bypass lockdown and secure boot restrictions, aka CID-75b0cea7bf30.
- CVE-2020-10757Jun 9, 2020affected < 7-2.1fixed 7-2.1
A flaw was found in the Linux Kernel in versions after 4.5-rc1 in the way mremap handled DAX Huge Pages. This flaw allows a local attacker with access to a DAX enabled storage to escalate their privileges on the system.
- CVE-2020-12654May 5, 2020affected < 6-2.1fixed 6-2.1
An issue was found in Linux kernel before 5.5.4. mwifiex_ret_wmm_get_status() in drivers/net/wireless/marvell/mwifiex/wmm.c allows a remote AP to trigger a heap-based buffer overflow because of an incorrect memcpy, aka CID-3a9b153c5591.
- CVE-2020-12653May 5, 2020affected < 6-2.1fixed 6-2.1
An issue was found in Linux kernel before 5.5.4. The mwifiex_cmd_append_vsie_tlv() function in drivers/net/wireless/marvell/mwifiex/scan.c allows local users to gain privileges or cause a denial of service because of an incorrect memcpy and buffer overflow, aka CID-b70261a288ea.
- CVE-2020-11668Apr 9, 2020affected < 8-2.2fixed 8-2.2
In the Linux kernel before 5.6.1, drivers/media/usb/gspca/xirlink_cit.c (aka the Xirlink camera USB driver) mishandles invalid descriptors, aka CID-a246b4d54770.
- CVE-2019-5108Dec 23, 2019affected < 5-2.1fixed 5-2.1
An exploitable denial-of-service vulnerability exists in the Linux kernel prior to mainline 5.3. An attacker could exploit this vulnerability by triggering AP to send IAPP location updates for stations before the required authentication process has completed. This could lead to d
- CVE-2019-19447Dec 8, 2019affected < 8-2.2fixed 8-2.2
In the Linux kernel 5.0.21, mounting a crafted ext4 filesystem image, performing some operations, and unmounting can lead to a use-after-free in ext4_put_super in fs/ext4/super.c, related to dump_orphan_list in fs/ext4/super.c.
- CVE-2019-14901Nov 29, 2019affected < 8-2.2fixed 8-2.2
A heap overflow flaw was found in the Linux kernel, all versions 3.x.x and 4.x.x before 4.18.0, in Marvell WiFi chip driver. The vulnerability allows a remote attacker to cause a system crash, resulting in a denial of service, or execute arbitrary code. The highest threat with th
- CVE-2019-14895Nov 29, 2019affected < 8-2.2fixed 8-2.2
A heap-based buffer overflow was discovered in the Linux kernel, all versions 3.x.x and 4.x.x before 4.18.0, in Marvell WiFi chip driver. The flaw could occur when the station attempts a connection negotiation during the handling of the remote devices country settings. This could
- CVE-2019-10220Nov 27, 2019affected < 2-2.1fixed 2-2.1
Linux kernel CIFS implementation, version 4.9.0 is vulnerable to a relative paths injection in directory entry lists.
- CVE-2019-0155Nov 14, 2019affected < 8-2.2fixed 8-2.2
Insufficient access control in a subsystem for Intel (R) processor graphics in 6th, 7th, 8th and 9th Generation Intel(R) Core(TM) Processor Families; Intel(R) Pentium(R) Processor J, N, Silver and Gold Series; Intel(R) Celeron(R) Processor J, N, G3900 and G4900 Series; Intel(R) A
- CVE-2019-17133Oct 4, 2019affected < 2-2.1fixed 2-2.1
In the Linux kernel through 5.3.2, cfg80211_mgd_wext_giwessid in net/wireless/wext-sme.c does not reject a long SSID IE, leading to a Buffer Overflow.
- CVE-2019-16746Sep 24, 2019affected < 8-2.2fixed 8-2.2
An issue was discovered in net/wireless/nl80211.c in the Linux kernel through 5.2.17. It does not check the length of variable elements in a beacon head, leading to a buffer overflow.
- CVE-2019-14821Sep 19, 2019affected < 1-3.3.1fixed 1-3.3.1
An out-of-bounds access issue was found in the Linux kernel, all versions through 5.3, in the way Linux kernel's KVM hypervisor implements the Coalesced MMIO write operation. It operates on an MMIO ring buffer 'struct kvm_coalesced_mmio' object, wherein write indices 'ring->first
- CVE-2019-9458Sep 6, 2019affected < 8-2.2fixed 8-2.2
In the Android kernel in the video driver there is a use after free due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
- CVE-2017-18595Sep 4, 2019affected < 1-3.3.1fixed 1-3.3.1
An issue was discovered in the Linux kernel before 4.14.11. A double free may be caused by the function allocate_trace_buffer in the file kernel/trace/trace.c.
- CVE-2019-15291Aug 20, 2019affected < 1-3.3.1fixed 1-3.3.1
An issue was discovered in the Linux kernel through 5.2.9. There is a NULL pointer dereference caused by a malicious USB device in the flexcop_usb_probe function in the drivers/media/usb/b2c2/flexcop-usb.c driver.
- CVE-2019-9506Aug 14, 2019affected < 1-3.3.1fixed 1-3.3.1
The Bluetooth BR/EDR specification up to and including version 5.1 permits sufficiently low encryption key length and does not prevent an attacker from influencing the key length negotiation. This allows practical brute-force attacks (aka "KNOB") that can decrypt traffic and inje
Page 1 of 2