rpm package
suse/kernel-obs-build&distro=SUSE Linux Enterprise Software Development Kit 12 SP3
pkg:rpm/suse/kernel-obs-build&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012%20SP3
Vulnerabilities (163)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2018-19985 | — | < 4.4.175-94.79.1 | 4.4.175-94.79.1 | Mar 17, 2019 | The function hso_get_config_data in drivers/net/usb/hso.c in the Linux kernel through 4.19.8 reads if_num from the USB device (as a u8) and uses it to index a small array, resulting in an object out-of-bounds (OOB) read that potentially allows arbitrary read in the kernel address | ||
| CVE-2019-7222 | — | < 4.4.175-94.79.1 | 4.4.175-94.79.1 | Mar 17, 2019 | The KVM implementation in the Linux kernel through 4.20.5 has an Information Leak. | ||
| CVE-2019-7221 | — | < 4.4.175-94.79.1 | 4.4.175-94.79.1 | Mar 17, 2019 | The KVM implementation in the Linux kernel through 4.20.5 has a Use-after-Free. | ||
| CVE-2019-9213 | — | < 4.4.176-94.88.1 | 4.4.176-94.88.1 | Mar 5, 2019 | In the Linux kernel before 4.20.14, expand_downwards in mm/mmap.c lacks a check for the mmap minimum address, which makes it easier for attackers to exploit kernel NULL pointer dereferences on non-SMAP platforms. This is related to a capability check for the wrong task. | ||
| CVE-2019-6974 | — | < 4.4.175-94.79.1 | 4.4.175-94.79.1 | Feb 15, 2019 | In the Linux kernel before 4.20.8, kvm_ioctl_create_device in virt/kvm/kvm_main.c mishandles reference counting because of a race condition, leading to a use-after-free. | ||
| CVE-2019-5489 | — | < 4.4.180-94.97.1 | 4.4.180-94.97.1 | Jan 7, 2019 | The mincore() implementation in mm/mincore.c in the Linux kernel through 4.19.13 allowed local attackers to observe page cache access patterns of other processes on the same system, potentially allowing sniffing of secret information. (Fixing this affects the output of the fincor | ||
| CVE-2018-16884 | — | < 4.4.175-94.79.1 | 4.4.175-94.79.1 | Dec 18, 2018 | A flaw was found in the Linux kernel's NFS41+ subsystem. NFS41+ shares mounted in different network namespaces at the same time can make bc_svc_process() use wrong back-channel IDs and cause a use-after-free vulnerability. Thus a malicious container user can cause a host kernel m | ||
| CVE-2018-20169 | — | < 4.4.175-94.79.1 | 4.4.175-94.79.1 | Dec 17, 2018 | An issue was discovered in the Linux kernel before 4.19.9. The USB subsystem mishandles size checks during the reading of an extra descriptor, related to __usb_get_extra_descriptor in drivers/usb/core/usb.c. | ||
| CVE-2018-9568 | — | < 4.4.175-94.79.1 | 4.4.175-94.79.1 | Dec 6, 2018 | In sk_clone_lock of sock.c, there is a possible memory corruption due to type confusion. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: Android kernel. A | ||
| CVE-2018-19824 | — | < 4.4.175-94.79.1 | 4.4.175-94.79.1 | Dec 3, 2018 | In the Linux kernel through 4.19.6, a local user could exploit a use-after-free in the ALSA driver by supplying a malicious USB Sound device (with zero interfaces) that is mishandled in usb_audio_probe in sound/usb/card.c. | ||
| CVE-2018-16862 | — | < 4.4.175-94.79.1 | 4.4.175-94.79.1 | Nov 26, 2018 | A security flaw was found in the Linux kernel in a way that the cleancache subsystem clears an inode after the final file truncation (removal). The new file created with the same inode may contain leftover pages from cleancache and the old file data instead of the new one. | ||
| CVE-2018-19407 | — | < 4.4.175-94.79.1 | 4.4.175-94.79.1 | Nov 21, 2018 | The vcpu_scan_ioapic function in arch/x86/kvm/x86.c in the Linux kernel through 4.19.2 allows local users to cause a denial of service (NULL pointer dereference and BUG) via crafted system calls that reach a situation where ioapic is uninitialized. | ||
| CVE-2018-9516 | — | < 4.4.162-94.69.2 | 4.4.162-94.69.2 | Nov 6, 2018 | In hid_debug_events_read of drivers/hid/hid-debug.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Product: Android | ||
| CVE-2018-9385 | — | < 4.4.140-94.42.1 | 4.4.140-94.42.1 | Nov 6, 2018 | In driver_override_store of bus.c, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Andro | ||
| CVE-2018-9363 | — | < 4.4.155-94.50.1 | 4.4.155-94.50.1 | Nov 6, 2018 | In the hidp_process_report in bluetooth, there is an integer overflow. This could lead to an out of bounds write with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android kernel Android ID: A-65853588 Refer | ||
| CVE-2018-18281 | — | < 4.4.162-94.69.2 | 4.4.162-94.69.2 | Oct 30, 2018 | Since Linux kernel version 3.2, the mremap() syscall performs TLB flushes after dropping pagetable locks. If a syscall such as ftruncate() removes entries from the pagetables of a task that is in the middle of mremap(), a stale TLB entry can remain for a short time that permits a | ||
| CVE-2018-18710 | — | < 4.4.162-94.69.2 | 4.4.162-94.69.2 | Oct 27, 2018 | An issue was discovered in the Linux kernel through 4.19. An information leak in cdrom_ioctl_select_disc in drivers/cdrom/cdrom.c could be used by local attackers to read kernel memory because a cast from unsigned long to int interferes with bounds checking. This is similar to CV | ||
| CVE-2018-18690 | — | < 4.4.162-94.69.2 | 4.4.162-94.69.2 | Oct 26, 2018 | In the Linux kernel before 4.17, a local attacker able to set attributes on an xfs filesystem could make this filesystem non-operational until the next mount by triggering an unchecked error condition during an xfs attribute change, because xfs_attr_shortform_addname in fs/xfs/li | ||
| CVE-2018-18386 | — | < 4.4.162-94.69.2 | 4.4.162-94.69.2 | Oct 17, 2018 | drivers/tty/n_tty.c in the Linux kernel before 4.14.11 allows local attackers (who are able to access pseudo terminals) to hang/block further usage of any pseudo terminal devices due to an EXTPROC versus ICANON confusion in TIOCINQ. | ||
| CVE-2018-17972 | — | < 4.4.180-94.97.1 | 4.4.180-94.97.1 | Oct 3, 2018 | An issue was discovered in the proc_pid_stack function in fs/proc/base.c in the Linux kernel through 4.18.11. It does not ensure that only root may inspect the kernel stack of an arbitrary task, allowing a local attacker to exploit racy stack unwinding and leak kernel task stack |
- CVE-2018-19985Mar 17, 2019affected < 4.4.175-94.79.1fixed 4.4.175-94.79.1
The function hso_get_config_data in drivers/net/usb/hso.c in the Linux kernel through 4.19.8 reads if_num from the USB device (as a u8) and uses it to index a small array, resulting in an object out-of-bounds (OOB) read that potentially allows arbitrary read in the kernel address
- CVE-2019-7222Mar 17, 2019affected < 4.4.175-94.79.1fixed 4.4.175-94.79.1
The KVM implementation in the Linux kernel through 4.20.5 has an Information Leak.
- CVE-2019-7221Mar 17, 2019affected < 4.4.175-94.79.1fixed 4.4.175-94.79.1
The KVM implementation in the Linux kernel through 4.20.5 has a Use-after-Free.
- CVE-2019-9213Mar 5, 2019affected < 4.4.176-94.88.1fixed 4.4.176-94.88.1
In the Linux kernel before 4.20.14, expand_downwards in mm/mmap.c lacks a check for the mmap minimum address, which makes it easier for attackers to exploit kernel NULL pointer dereferences on non-SMAP platforms. This is related to a capability check for the wrong task.
- CVE-2019-6974Feb 15, 2019affected < 4.4.175-94.79.1fixed 4.4.175-94.79.1
In the Linux kernel before 4.20.8, kvm_ioctl_create_device in virt/kvm/kvm_main.c mishandles reference counting because of a race condition, leading to a use-after-free.
- CVE-2019-5489Jan 7, 2019affected < 4.4.180-94.97.1fixed 4.4.180-94.97.1
The mincore() implementation in mm/mincore.c in the Linux kernel through 4.19.13 allowed local attackers to observe page cache access patterns of other processes on the same system, potentially allowing sniffing of secret information. (Fixing this affects the output of the fincor
- CVE-2018-16884Dec 18, 2018affected < 4.4.175-94.79.1fixed 4.4.175-94.79.1
A flaw was found in the Linux kernel's NFS41+ subsystem. NFS41+ shares mounted in different network namespaces at the same time can make bc_svc_process() use wrong back-channel IDs and cause a use-after-free vulnerability. Thus a malicious container user can cause a host kernel m
- CVE-2018-20169Dec 17, 2018affected < 4.4.175-94.79.1fixed 4.4.175-94.79.1
An issue was discovered in the Linux kernel before 4.19.9. The USB subsystem mishandles size checks during the reading of an extra descriptor, related to __usb_get_extra_descriptor in drivers/usb/core/usb.c.
- CVE-2018-9568Dec 6, 2018affected < 4.4.175-94.79.1fixed 4.4.175-94.79.1
In sk_clone_lock of sock.c, there is a possible memory corruption due to type confusion. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: Android kernel. A
- CVE-2018-19824Dec 3, 2018affected < 4.4.175-94.79.1fixed 4.4.175-94.79.1
In the Linux kernel through 4.19.6, a local user could exploit a use-after-free in the ALSA driver by supplying a malicious USB Sound device (with zero interfaces) that is mishandled in usb_audio_probe in sound/usb/card.c.
- CVE-2018-16862Nov 26, 2018affected < 4.4.175-94.79.1fixed 4.4.175-94.79.1
A security flaw was found in the Linux kernel in a way that the cleancache subsystem clears an inode after the final file truncation (removal). The new file created with the same inode may contain leftover pages from cleancache and the old file data instead of the new one.
- CVE-2018-19407Nov 21, 2018affected < 4.4.175-94.79.1fixed 4.4.175-94.79.1
The vcpu_scan_ioapic function in arch/x86/kvm/x86.c in the Linux kernel through 4.19.2 allows local users to cause a denial of service (NULL pointer dereference and BUG) via crafted system calls that reach a situation where ioapic is uninitialized.
- CVE-2018-9516Nov 6, 2018affected < 4.4.162-94.69.2fixed 4.4.162-94.69.2
In hid_debug_events_read of drivers/hid/hid-debug.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Product: Android
- CVE-2018-9385Nov 6, 2018affected < 4.4.140-94.42.1fixed 4.4.140-94.42.1
In driver_override_store of bus.c, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Andro
- CVE-2018-9363Nov 6, 2018affected < 4.4.155-94.50.1fixed 4.4.155-94.50.1
In the hidp_process_report in bluetooth, there is an integer overflow. This could lead to an out of bounds write with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android kernel Android ID: A-65853588 Refer
- CVE-2018-18281Oct 30, 2018affected < 4.4.162-94.69.2fixed 4.4.162-94.69.2
Since Linux kernel version 3.2, the mremap() syscall performs TLB flushes after dropping pagetable locks. If a syscall such as ftruncate() removes entries from the pagetables of a task that is in the middle of mremap(), a stale TLB entry can remain for a short time that permits a
- CVE-2018-18710Oct 27, 2018affected < 4.4.162-94.69.2fixed 4.4.162-94.69.2
An issue was discovered in the Linux kernel through 4.19. An information leak in cdrom_ioctl_select_disc in drivers/cdrom/cdrom.c could be used by local attackers to read kernel memory because a cast from unsigned long to int interferes with bounds checking. This is similar to CV
- CVE-2018-18690Oct 26, 2018affected < 4.4.162-94.69.2fixed 4.4.162-94.69.2
In the Linux kernel before 4.17, a local attacker able to set attributes on an xfs filesystem could make this filesystem non-operational until the next mount by triggering an unchecked error condition during an xfs attribute change, because xfs_attr_shortform_addname in fs/xfs/li
- CVE-2018-18386Oct 17, 2018affected < 4.4.162-94.69.2fixed 4.4.162-94.69.2
drivers/tty/n_tty.c in the Linux kernel before 4.14.11 allows local attackers (who are able to access pseudo terminals) to hang/block further usage of any pseudo terminal devices due to an EXTPROC versus ICANON confusion in TIOCINQ.
- CVE-2018-17972Oct 3, 2018affected < 4.4.180-94.97.1fixed 4.4.180-94.97.1
An issue was discovered in the proc_pid_stack function in fs/proc/base.c in the Linux kernel through 4.18.11. It does not ensure that only root may inspect the kernel stack of an arbitrary task, allowing a local attacker to exploit racy stack unwinding and leak kernel task stack
Page 2 of 9