rpm package
suse/kernel-livepatch-SLE15_Update_16&distro=SUSE Linux Enterprise Live Patching 15
pkg:rpm/suse/kernel-livepatch-SLE15_Update_16&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2015
Vulnerabilities (35)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2018-12207 | Med | 6.5 | < 1-1.3.1 | 1-1.3.1 | Nov 14, 2019 | Improper invalidation for page table updates by a virtual guest operating system for multiple Intel(R) Processors may allow an authenticated user to potentially enable denial of service of the host system via local access. | |
| CVE-2019-11135 | Med | 6.5 | < 1-1.3.1 | 1-1.3.1 | Nov 14, 2019 | TSX Asynchronous Abort condition on some CPUs utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access. | |
| CVE-2019-0155 | Hig | 7.8 | < 1-1.3.1 | 1-1.3.1 | Nov 14, 2019 | Insufficient access control in a subsystem for Intel (R) processor graphics in 6th, 7th, 8th and 9th Generation Intel(R) Core(TM) Processor Families; Intel(R) Pentium(R) Processor J, N, Silver and Gold Series; Intel(R) Celeron(R) Processor J, N, G3900 and G4900 Series; Intel(R) A | |
| CVE-2019-0154 | Med | 5.5 | < 1-1.3.1 | 1-1.3.1 | Nov 14, 2019 | Insufficient access control in subsystem for Intel (R) processor graphics in 6th, 7th, 8th and 9th Generation Intel(R) Core(TM) Processor Families; Intel(R) Pentium(R) Processor J, N, Silver and Gold Series; Intel(R) Celeron(R) Processor J, N, G3900 and G4900 Series; Intel(R) Ato | |
| CVE-2019-17666 | Hig | 8.8 | < 1-1.3.1 | 1-1.3.1 | Oct 17, 2019 | rtl_p2p_noa_ie in drivers/net/wireless/realtek/rtlwifi/ps.c in the Linux kernel through 5.3.6 lacks a certain upper-bound check, leading to a buffer overflow. | |
| CVE-2019-17133 | Cri | 9.8 | < 1-1.3.1 | 1-1.3.1 | Oct 4, 2019 | In the Linux kernel through 5.3.2, cfg80211_mgd_wext_giwessid in net/wireless/wext-sme.c does not reject a long SSID IE, leading to a Buffer Overflow. | |
| CVE-2019-17056 | Low | 3.3 | < 1-1.3.1 | 1-1.3.1 | Oct 1, 2019 | llcp_sock_create in net/nfc/llcp_sock.c in the AF_NFC network module in the Linux kernel through 5.3.2 does not enforce CAP_NET_RAW, which means that unprivileged users can create a raw socket, aka CID-3a359798b176. | |
| CVE-2019-16995 | Hig | 7.5 | < 1-1.3.1 | 1-1.3.1 | Sep 30, 2019 | In the Linux kernel before 5.0.3, a memory leak exits in hsr_dev_finalize() in net/hsr/hsr_device.c if hsr_add_port fails to add a port, which may cause denial of service, aka CID-6caabe7f197d. | |
| CVE-2019-16746 | Cri | 9.8 | < 6-2.2 | 6-2.2 | Sep 24, 2019 | An issue was discovered in net/wireless/nl80211.c in the Linux kernel through 5.2.17. It does not check the length of variable elements in a beacon head, leading to a buffer overflow. | |
| CVE-2019-16234 | Med | 4.7 | < 1-1.3.1 | 1-1.3.1 | Sep 11, 2019 | drivers/net/wireless/intel/iwlwifi/pcie/trans.c in the Linux kernel 5.2.14 does not check the alloc_workqueue return value, leading to a NULL pointer dereference. | |
| CVE-2019-16233 | Med | 4.1 | < 1-1.3.1 | 1-1.3.1 | Sep 11, 2019 | drivers/scsi/qla2xxx/qla_os.c in the Linux kernel 5.2.14 does not check the alloc_workqueue return value, leading to a NULL pointer dereference. | |
| CVE-2019-16232 | Med | 4.1 | < 1-1.3.1 | 1-1.3.1 | Sep 11, 2019 | drivers/net/wireless/marvell/libertas/if_sdio.c in the Linux kernel 5.2.14 does not check the alloc_workqueue return value, leading to a NULL pointer dereference. | |
| CVE-2019-9458 | Hig | 7.0 | < 6-2.2 | 6-2.2 | Sep 6, 2019 | In the Android kernel in the video driver there is a use after free due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. | |
| CVE-2018-1000199 | Med | 5.5 | < 5-2.1 | 5-2.1 | May 24, 2018 | The Linux Kernel version 3.18 contains a dangerous feature vulnerability in modify_user_hw_breakpoint() that can result in crash and possibly memory corruption. This attack appear to be exploitable via local code execution and the ability to use ptrace. This vulnerability appears | |
| CVE-2017-1000405 | Hig | 7.0 | < 8-2.2 | 8-2.2 | Nov 30, 2017 | The Linux Kernel versions 2.6.38 through 4.14 have a problematic use of pmd_mkdirty() in the touch_pmd() function inside the THP implementation. touch_pmd() can be reached by get_user_pages(). In such case, the pmd will become dirty. This scenario breaks the new can_follow_write_ |
- affected < 1-1.3.1fixed 1-1.3.1
Improper invalidation for page table updates by a virtual guest operating system for multiple Intel(R) Processors may allow an authenticated user to potentially enable denial of service of the host system via local access.
- affected < 1-1.3.1fixed 1-1.3.1
TSX Asynchronous Abort condition on some CPUs utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access.
- affected < 1-1.3.1fixed 1-1.3.1
Insufficient access control in a subsystem for Intel (R) processor graphics in 6th, 7th, 8th and 9th Generation Intel(R) Core(TM) Processor Families; Intel(R) Pentium(R) Processor J, N, Silver and Gold Series; Intel(R) Celeron(R) Processor J, N, G3900 and G4900 Series; Intel(R) A
- affected < 1-1.3.1fixed 1-1.3.1
Insufficient access control in subsystem for Intel (R) processor graphics in 6th, 7th, 8th and 9th Generation Intel(R) Core(TM) Processor Families; Intel(R) Pentium(R) Processor J, N, Silver and Gold Series; Intel(R) Celeron(R) Processor J, N, G3900 and G4900 Series; Intel(R) Ato
- affected < 1-1.3.1fixed 1-1.3.1
rtl_p2p_noa_ie in drivers/net/wireless/realtek/rtlwifi/ps.c in the Linux kernel through 5.3.6 lacks a certain upper-bound check, leading to a buffer overflow.
- affected < 1-1.3.1fixed 1-1.3.1
In the Linux kernel through 5.3.2, cfg80211_mgd_wext_giwessid in net/wireless/wext-sme.c does not reject a long SSID IE, leading to a Buffer Overflow.
- affected < 1-1.3.1fixed 1-1.3.1
llcp_sock_create in net/nfc/llcp_sock.c in the AF_NFC network module in the Linux kernel through 5.3.2 does not enforce CAP_NET_RAW, which means that unprivileged users can create a raw socket, aka CID-3a359798b176.
- affected < 1-1.3.1fixed 1-1.3.1
In the Linux kernel before 5.0.3, a memory leak exits in hsr_dev_finalize() in net/hsr/hsr_device.c if hsr_add_port fails to add a port, which may cause denial of service, aka CID-6caabe7f197d.
- affected < 6-2.2fixed 6-2.2
An issue was discovered in net/wireless/nl80211.c in the Linux kernel through 5.2.17. It does not check the length of variable elements in a beacon head, leading to a buffer overflow.
- affected < 1-1.3.1fixed 1-1.3.1
drivers/net/wireless/intel/iwlwifi/pcie/trans.c in the Linux kernel 5.2.14 does not check the alloc_workqueue return value, leading to a NULL pointer dereference.
- affected < 1-1.3.1fixed 1-1.3.1
drivers/scsi/qla2xxx/qla_os.c in the Linux kernel 5.2.14 does not check the alloc_workqueue return value, leading to a NULL pointer dereference.
- affected < 1-1.3.1fixed 1-1.3.1
drivers/net/wireless/marvell/libertas/if_sdio.c in the Linux kernel 5.2.14 does not check the alloc_workqueue return value, leading to a NULL pointer dereference.
- affected < 6-2.2fixed 6-2.2
In the Android kernel in the video driver there is a use after free due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
- affected < 5-2.1fixed 5-2.1
The Linux Kernel version 3.18 contains a dangerous feature vulnerability in modify_user_hw_breakpoint() that can result in crash and possibly memory corruption. This attack appear to be exploitable via local code execution and the ability to use ptrace. This vulnerability appears
- affected < 8-2.2fixed 8-2.2
The Linux Kernel versions 2.6.38 through 4.14 have a problematic use of pmd_mkdirty() in the touch_pmd() function inside the THP implementation. touch_pmd() can be reached by get_user_pages(). In such case, the pmd will become dirty. This scenario breaks the new can_follow_write_
Page 2 of 2