rpm package
suse/kernel-rt&distro=SUSE Linux Enterprise Real Time 12 SP4
pkg:rpm/suse/kernel-rt&distro=SUSE%20Linux%20Enterprise%20Real%20Time%2012%20SP4
Vulnerabilities (187)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2019-12456 | Hig | 7.8 | < 4.12.14-8.3.1 | 4.12.14-8.3.1 | May 30, 2019 | An issue was discovered in the MPT3COMMAND case in _ctl_ioctl_main in drivers/scsi/mpt3sas/mpt3sas_ctl.c in the Linux kernel through 5.1.5. It allows local users to cause a denial of service or possibly have unspecified other impact by changing the value of ioc_number between two | |
| CVE-2019-12380 | Med | 5.5 | < 4.12.14-8.3.1 | 4.12.14-8.3.1 | May 28, 2019 | **DISPUTED** An issue was discovered in the efi subsystem in the Linux kernel through 5.1.5. phys_efi_set_virtual_address_map in arch/x86/platform/efi/efi.c and efi_call_phys_prolog in arch/x86/platform/efi/efi_64.c mishandle memory allocation failures. NOTE: This id is disputed | |
| CVE-2019-11810 | Hig | 7.5 | < 4.12.14-8.3.1 | 4.12.14-8.3.1 | May 7, 2019 | An issue was discovered in the Linux kernel before 5.0.7. A NULL pointer dereference can occur when megasas_create_frame_pool() fails in megasas_alloc_cmds() in drivers/scsi/megaraid/megaraid_sas_base.c. This causes a Denial of Service, related to a use-after-free. | |
| CVE-2018-20836 | Hig | 8.1 | < 4.12.14-8.3.1 | 4.12.14-8.3.1 | May 7, 2019 | An issue was discovered in the Linux kernel before 4.20. There is a race condition in smp_task_timedout() and smp_task_done() in drivers/scsi/libsas/sas_expander.c, leading to a use-after-free. | |
| CVE-2019-11599 | Hig | 7.0 | < 4.12.14-8.3.1 | 4.12.14-8.3.1 | Apr 29, 2019 | The coredump implementation in the Linux kernel before 5.0.10 does not use locking or other mechanisms to prevent vma layout or vma flags changes while it runs, which allows local users to obtain sensitive information, cause a denial of service, or possibly have unspecified other | |
| CVE-2019-3701 | Med | 4.4 | < 4.12.14-8.18.1 | 4.12.14-8.18.1 | Jan 3, 2019 | An issue was discovered in can_can_gw_rcv in net/can/gw.c in the Linux kernel through 4.19.13. The CAN frame modification rules allow bitwise logical operations that can be also applied to the can_dlc field. The privileged user "root" with CAP_NET_ADMIN can create a CAN frame mod | |
| CVE-2018-1000199 | Med | 5.5 | < 4.12.14-8.23.1 | 4.12.14-8.23.1 | May 24, 2018 | The Linux Kernel version 3.18 contains a dangerous feature vulnerability in modify_user_hw_breakpoint() that can result in crash and possibly memory corruption. This attack appear to be exploitable via local code execution and the ability to use ptrace. This vulnerability appears |
- affected < 4.12.14-8.3.1fixed 4.12.14-8.3.1
An issue was discovered in the MPT3COMMAND case in _ctl_ioctl_main in drivers/scsi/mpt3sas/mpt3sas_ctl.c in the Linux kernel through 5.1.5. It allows local users to cause a denial of service or possibly have unspecified other impact by changing the value of ioc_number between two
- affected < 4.12.14-8.3.1fixed 4.12.14-8.3.1
**DISPUTED** An issue was discovered in the efi subsystem in the Linux kernel through 5.1.5. phys_efi_set_virtual_address_map in arch/x86/platform/efi/efi.c and efi_call_phys_prolog in arch/x86/platform/efi/efi_64.c mishandle memory allocation failures. NOTE: This id is disputed
- affected < 4.12.14-8.3.1fixed 4.12.14-8.3.1
An issue was discovered in the Linux kernel before 5.0.7. A NULL pointer dereference can occur when megasas_create_frame_pool() fails in megasas_alloc_cmds() in drivers/scsi/megaraid/megaraid_sas_base.c. This causes a Denial of Service, related to a use-after-free.
- affected < 4.12.14-8.3.1fixed 4.12.14-8.3.1
An issue was discovered in the Linux kernel before 4.20. There is a race condition in smp_task_timedout() and smp_task_done() in drivers/scsi/libsas/sas_expander.c, leading to a use-after-free.
- affected < 4.12.14-8.3.1fixed 4.12.14-8.3.1
The coredump implementation in the Linux kernel before 5.0.10 does not use locking or other mechanisms to prevent vma layout or vma flags changes while it runs, which allows local users to obtain sensitive information, cause a denial of service, or possibly have unspecified other
- affected < 4.12.14-8.18.1fixed 4.12.14-8.18.1
An issue was discovered in can_can_gw_rcv in net/can/gw.c in the Linux kernel through 4.19.13. The CAN frame modification rules allow bitwise logical operations that can be also applied to the can_dlc field. The privileged user "root" with CAP_NET_ADMIN can create a CAN frame mod
- affected < 4.12.14-8.23.1fixed 4.12.14-8.23.1
The Linux Kernel version 3.18 contains a dangerous feature vulnerability in modify_user_hw_breakpoint() that can result in crash and possibly memory corruption. This attack appear to be exploitable via local code execution and the ability to use ptrace. This vulnerability appears
Page 10 of 10