VYPR

rpm package

suse/kernel-livepatch-SLE15-SP1_Update_7&distro=SUSE Linux Enterprise Live Patching 15 SP1

pkg:rpm/suse/kernel-livepatch-SLE15-SP1_Update_7&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2015%20SP1

Vulnerabilities (33)

  • CVE-2018-12207Nov 14, 2019
    affected < 1-3.5.1fixed 1-3.5.1

    Improper invalidation for page table updates by a virtual guest operating system for multiple Intel(R) Processors may allow an authenticated user to potentially enable denial of service of the host system via local access.

  • CVE-2019-0155Nov 14, 2019
    affected < 6-2.2fixed 6-2.2

    Insufficient access control in a subsystem for Intel (R) processor graphics in 6th, 7th, 8th and 9th Generation Intel(R) Core(TM) Processor Families; Intel(R) Pentium(R) Processor J, N, Silver and Gold Series; Intel(R) Celeron(R) Processor J, N, G3900 and G4900 Series; Intel(R) A

  • CVE-2019-17666Oct 17, 2019
    affected < 1-3.5.1fixed 1-3.5.1

    rtl_p2p_noa_ie in drivers/net/wireless/realtek/rtlwifi/ps.c in the Linux kernel through 5.3.6 lacks a certain upper-bound check, leading to a buffer overflow.

  • CVE-2019-17133Oct 4, 2019
    affected < 1-3.5.1fixed 1-3.5.1

    In the Linux kernel through 5.3.2, cfg80211_mgd_wext_giwessid in net/wireless/wext-sme.c does not reject a long SSID IE, leading to a Buffer Overflow.

  • CVE-2019-17056Oct 1, 2019
    affected < 1-3.5.1fixed 1-3.5.1

    llcp_sock_create in net/nfc/llcp_sock.c in the AF_NFC network module in the Linux kernel through 5.3.2 does not enforce CAP_NET_RAW, which means that unprivileged users can create a raw socket, aka CID-3a359798b176.

  • CVE-2019-16995Sep 30, 2019
    affected < 1-3.5.1fixed 1-3.5.1

    In the Linux kernel before 5.0.3, a memory leak exits in hsr_dev_finalize() in net/hsr/hsr_device.c if hsr_add_port fails to add a port, which may cause denial of service, aka CID-6caabe7f197d.

  • CVE-2019-16746Sep 24, 2019
    affected < 6-2.2fixed 6-2.2

    An issue was discovered in net/wireless/nl80211.c in the Linux kernel through 5.2.17. It does not check the length of variable elements in a beacon head, leading to a buffer overflow.

  • CVE-2019-16232Sep 11, 2019
    affected < 1-3.5.1fixed 1-3.5.1

    drivers/net/wireless/marvell/libertas/if_sdio.c in the Linux kernel 5.2.14 does not check the alloc_workqueue return value, leading to a NULL pointer dereference.

  • CVE-2019-16233Sep 11, 2019
    affected < 1-3.5.1fixed 1-3.5.1

    drivers/scsi/qla2xxx/qla_os.c in the Linux kernel 5.2.14 does not check the alloc_workqueue return value, leading to a NULL pointer dereference.

  • CVE-2019-16234Sep 11, 2019
    affected < 1-3.5.1fixed 1-3.5.1

    drivers/net/wireless/intel/iwlwifi/pcie/trans.c in the Linux kernel 5.2.14 does not check the alloc_workqueue return value, leading to a NULL pointer dereference.

  • CVE-2019-9458Sep 6, 2019
    affected < 6-2.2fixed 6-2.2

    In the Android kernel in the video driver there is a use after free due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

  • CVE-2018-1000199MedMay 24, 2018
    affected < 5-2.1fixed 5-2.1

    The Linux Kernel version 3.18 contains a dangerous feature vulnerability in modify_user_hw_breakpoint() that can result in crash and possibly memory corruption. This attack appear to be exploitable via local code execution and the ability to use ptrace. This vulnerability appears

  • CVE-2017-1000405HigNov 30, 2017
    affected < 8-2.2fixed 8-2.2

    The Linux Kernel versions 2.6.38 through 4.14 have a problematic use of pmd_mkdirty() in the touch_pmd() function inside the THP implementation. touch_pmd() can be reached by get_user_pages(). In such case, the pmd will become dirty. This scenario breaks the new can_follow_write_

Page 2 of 2