rpm package
suse/kernel-source&distro=SUSE Linux Enterprise Desktop 12 SP4
pkg:rpm/suse/kernel-source&distro=SUSE%20Linux%20Enterprise%20Desktop%2012%20SP4
Vulnerabilities (147)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2019-16231 | — | < 4.12.14-95.45.1 | 4.12.14-95.45.1 | Sep 11, 2019 | drivers/net/fjes/fjes_main.c in the Linux kernel 5.2.14 does not check the alloc_workqueue return value, leading to a NULL pointer dereference. | ||
| CVE-2019-16232 | — | < 4.12.14-95.37.1 | 4.12.14-95.37.1 | Sep 11, 2019 | drivers/net/wireless/marvell/libertas/if_sdio.c in the Linux kernel 5.2.14 does not check the alloc_workqueue return value, leading to a NULL pointer dereference. | ||
| CVE-2019-16233 | — | < 4.12.14-95.40.1 | 4.12.14-95.40.1 | Sep 11, 2019 | drivers/scsi/qla2xxx/qla_os.c in the Linux kernel 5.2.14 does not check the alloc_workqueue return value, leading to a NULL pointer dereference. | ||
| CVE-2019-16234 | — | < 4.12.14-95.37.1 | 4.12.14-95.37.1 | Sep 11, 2019 | drivers/net/wireless/intel/iwlwifi/pcie/trans.c in the Linux kernel 5.2.14 does not check the alloc_workqueue return value, leading to a NULL pointer dereference. | ||
| CVE-2019-9456 | — | < 4.12.14-95.32.1 | 4.12.14-95.32.1 | Sep 6, 2019 | In the Android kernel in Pixel C USB monitor driver there is a possible OOB write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. | ||
| CVE-2017-18595 | — | < 4.12.14-95.37.1 | 4.12.14-95.37.1 | Sep 4, 2019 | An issue was discovered in the Linux kernel before 4.14.11. A double free may be caused by the function allocate_trace_buffer in the file kernel/trace/trace.c. | ||
| CVE-2019-15926 | — | < 4.12.14-95.32.1 | 4.12.14-95.32.1 | Sep 4, 2019 | An issue was discovered in the Linux kernel before 5.2.3. Out of bounds access exists in the functions ath6kl_wmi_pstream_timeout_event_rx and ath6kl_wmi_cac_event_rx in the file drivers/net/wireless/ath/ath6kl/wmi.c. | ||
| CVE-2018-21008 | — | < 4.12.14-95.32.1 | 4.12.14-95.32.1 | Sep 4, 2019 | An issue was discovered in the Linux kernel before 4.16.7. A use-after-free can be caused by the function rsi_mac80211_detach in the file drivers/net/wireless/rsi/rsi_91x_mac80211.c. | ||
| CVE-2019-15927 | — | < 4.12.14-95.32.1 | 4.12.14-95.32.1 | Sep 4, 2019 | An issue was discovered in the Linux kernel before 4.20.2. An out-of-bounds access exists in the function build_audio_procunit in the file sound/usb/mixer.c. | ||
| CVE-2019-15917 | — | < 4.12.14-95.32.1 | 4.12.14-95.32.1 | Sep 4, 2019 | An issue was discovered in the Linux kernel before 5.0.5. There is a use-after-free issue when hci_uart_register_dev() fails in hci_uart_set_proto() in drivers/bluetooth/hci_ldisc.c. | ||
| CVE-2019-15919 | — | < 4.12.14-95.32.1 | 4.12.14-95.32.1 | Sep 4, 2019 | An issue was discovered in the Linux kernel before 5.0.10. SMB2_write in fs/cifs/smb2pdu.c has a use-after-free. | ||
| CVE-2019-15920 | — | < 4.12.14-95.32.1 | 4.12.14-95.32.1 | Sep 4, 2019 | An issue was discovered in the Linux kernel before 5.0.10. SMB2_read in fs/cifs/smb2pdu.c has a use-after-free. NOTE: this was not fixed correctly in 5.0.10; see the 5.0.11 ChangeLog, which documents a memory leak. | ||
| CVE-2019-15921 | — | < 4.12.14-95.32.1 | 4.12.14-95.32.1 | Sep 4, 2019 | An issue was discovered in the Linux kernel before 5.0.6. There is a memory leak issue when idr_alloc() fails in genl_register_family() in net/netlink/genetlink.c. | ||
| CVE-2019-15924 | — | < 4.12.14-95.32.1 | 4.12.14-95.32.1 | Sep 4, 2019 | An issue was discovered in the Linux kernel before 5.0.11. fm10k_init_module in drivers/net/ethernet/intel/fm10k/fm10k_main.c has a NULL pointer dereference because there is no -ENOMEM upon an alloc_workqueue failure. | ||
| CVE-2019-15916 | — | < 4.12.14-95.45.1 | 4.12.14-95.45.1 | Sep 4, 2019 | An issue was discovered in the Linux kernel before 5.0.1. There is a memory leak in register_queue_kobjects() in net/core/net-sysfs.c, which will cause denial of service. | ||
| CVE-2019-15902 | — | < 4.12.14-95.32.1 | 4.12.14-95.32.1 | Sep 4, 2019 | A backporting error was discovered in the Linux stable/longterm kernel 4.4.x through 4.4.190, 4.9.x through 4.9.190, 4.14.x through 4.14.141, 4.19.x through 4.19.69, and 5.2.x through 5.2.11. Misuse of the upstream "x86/ptrace: Fix possible spectre-v1 in ptrace_get_debugreg()" co | ||
| CVE-2019-1125 | — | < 4.12.14-95.29.1 | 4.12.14-95.29.1 | Sep 3, 2019 | An information disclosure vulnerability exists when certain central processing units (CPU) speculatively access memory. An attacker who successfully exploited the vulnerability could read privileged data across trust boundaries. To exploit this vulnerability, an attacker would ha | ||
| CVE-2019-15666 | — | < 4.12.14-95.32.1 | 4.12.14-95.32.1 | Aug 27, 2019 | An issue was discovered in the Linux kernel before 5.0.19. There is an out-of-bounds array access in __xfrm_policy_unlink, which will cause denial of service, because verify_newpolicy_info in net/xfrm/xfrm_user.c mishandles directory validation. | ||
| CVE-2019-15538 | — | < 4.12.14-95.32.1 | 4.12.14-95.32.1 | Aug 25, 2019 | An issue was discovered in xfs_setattr_nonsize in fs/xfs/xfs_iops.c in the Linux kernel through 5.2.9. XFS partially wedges when a chgrp fails on account of being out of disk quota. xfs_setattr_nonsize is failing to unlock the ILOCK after the xfs_qm_vop_chown_reserve call fails. | ||
| CVE-2019-15292 | — | < 4.12.14-95.32.1 | 4.12.14-95.32.1 | Aug 21, 2019 | An issue was discovered in the Linux kernel before 5.0.9. There is a use-after-free in atalk_proc_exit, related to net/appletalk/atalk_proc.c, net/appletalk/ddp.c, and net/appletalk/sysctl_net_atalk.c. |
- CVE-2019-16231Sep 11, 2019affected < 4.12.14-95.45.1fixed 4.12.14-95.45.1
drivers/net/fjes/fjes_main.c in the Linux kernel 5.2.14 does not check the alloc_workqueue return value, leading to a NULL pointer dereference.
- CVE-2019-16232Sep 11, 2019affected < 4.12.14-95.37.1fixed 4.12.14-95.37.1
drivers/net/wireless/marvell/libertas/if_sdio.c in the Linux kernel 5.2.14 does not check the alloc_workqueue return value, leading to a NULL pointer dereference.
- CVE-2019-16233Sep 11, 2019affected < 4.12.14-95.40.1fixed 4.12.14-95.40.1
drivers/scsi/qla2xxx/qla_os.c in the Linux kernel 5.2.14 does not check the alloc_workqueue return value, leading to a NULL pointer dereference.
- CVE-2019-16234Sep 11, 2019affected < 4.12.14-95.37.1fixed 4.12.14-95.37.1
drivers/net/wireless/intel/iwlwifi/pcie/trans.c in the Linux kernel 5.2.14 does not check the alloc_workqueue return value, leading to a NULL pointer dereference.
- CVE-2019-9456Sep 6, 2019affected < 4.12.14-95.32.1fixed 4.12.14-95.32.1
In the Android kernel in Pixel C USB monitor driver there is a possible OOB write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.
- CVE-2017-18595Sep 4, 2019affected < 4.12.14-95.37.1fixed 4.12.14-95.37.1
An issue was discovered in the Linux kernel before 4.14.11. A double free may be caused by the function allocate_trace_buffer in the file kernel/trace/trace.c.
- CVE-2019-15926Sep 4, 2019affected < 4.12.14-95.32.1fixed 4.12.14-95.32.1
An issue was discovered in the Linux kernel before 5.2.3. Out of bounds access exists in the functions ath6kl_wmi_pstream_timeout_event_rx and ath6kl_wmi_cac_event_rx in the file drivers/net/wireless/ath/ath6kl/wmi.c.
- CVE-2018-21008Sep 4, 2019affected < 4.12.14-95.32.1fixed 4.12.14-95.32.1
An issue was discovered in the Linux kernel before 4.16.7. A use-after-free can be caused by the function rsi_mac80211_detach in the file drivers/net/wireless/rsi/rsi_91x_mac80211.c.
- CVE-2019-15927Sep 4, 2019affected < 4.12.14-95.32.1fixed 4.12.14-95.32.1
An issue was discovered in the Linux kernel before 4.20.2. An out-of-bounds access exists in the function build_audio_procunit in the file sound/usb/mixer.c.
- CVE-2019-15917Sep 4, 2019affected < 4.12.14-95.32.1fixed 4.12.14-95.32.1
An issue was discovered in the Linux kernel before 5.0.5. There is a use-after-free issue when hci_uart_register_dev() fails in hci_uart_set_proto() in drivers/bluetooth/hci_ldisc.c.
- CVE-2019-15919Sep 4, 2019affected < 4.12.14-95.32.1fixed 4.12.14-95.32.1
An issue was discovered in the Linux kernel before 5.0.10. SMB2_write in fs/cifs/smb2pdu.c has a use-after-free.
- CVE-2019-15920Sep 4, 2019affected < 4.12.14-95.32.1fixed 4.12.14-95.32.1
An issue was discovered in the Linux kernel before 5.0.10. SMB2_read in fs/cifs/smb2pdu.c has a use-after-free. NOTE: this was not fixed correctly in 5.0.10; see the 5.0.11 ChangeLog, which documents a memory leak.
- CVE-2019-15921Sep 4, 2019affected < 4.12.14-95.32.1fixed 4.12.14-95.32.1
An issue was discovered in the Linux kernel before 5.0.6. There is a memory leak issue when idr_alloc() fails in genl_register_family() in net/netlink/genetlink.c.
- CVE-2019-15924Sep 4, 2019affected < 4.12.14-95.32.1fixed 4.12.14-95.32.1
An issue was discovered in the Linux kernel before 5.0.11. fm10k_init_module in drivers/net/ethernet/intel/fm10k/fm10k_main.c has a NULL pointer dereference because there is no -ENOMEM upon an alloc_workqueue failure.
- CVE-2019-15916Sep 4, 2019affected < 4.12.14-95.45.1fixed 4.12.14-95.45.1
An issue was discovered in the Linux kernel before 5.0.1. There is a memory leak in register_queue_kobjects() in net/core/net-sysfs.c, which will cause denial of service.
- CVE-2019-15902Sep 4, 2019affected < 4.12.14-95.32.1fixed 4.12.14-95.32.1
A backporting error was discovered in the Linux stable/longterm kernel 4.4.x through 4.4.190, 4.9.x through 4.9.190, 4.14.x through 4.14.141, 4.19.x through 4.19.69, and 5.2.x through 5.2.11. Misuse of the upstream "x86/ptrace: Fix possible spectre-v1 in ptrace_get_debugreg()" co
- CVE-2019-1125Sep 3, 2019affected < 4.12.14-95.29.1fixed 4.12.14-95.29.1
An information disclosure vulnerability exists when certain central processing units (CPU) speculatively access memory. An attacker who successfully exploited the vulnerability could read privileged data across trust boundaries. To exploit this vulnerability, an attacker would ha
- CVE-2019-15666Aug 27, 2019affected < 4.12.14-95.32.1fixed 4.12.14-95.32.1
An issue was discovered in the Linux kernel before 5.0.19. There is an out-of-bounds array access in __xfrm_policy_unlink, which will cause denial of service, because verify_newpolicy_info in net/xfrm/xfrm_user.c mishandles directory validation.
- CVE-2019-15538Aug 25, 2019affected < 4.12.14-95.32.1fixed 4.12.14-95.32.1
An issue was discovered in xfs_setattr_nonsize in fs/xfs/xfs_iops.c in the Linux kernel through 5.2.9. XFS partially wedges when a chgrp fails on account of being out of disk quota. xfs_setattr_nonsize is failing to unlock the ILOCK after the xfs_qm_vop_chown_reserve call fails.
- CVE-2019-15292Aug 21, 2019affected < 4.12.14-95.32.1fixed 4.12.14-95.32.1
An issue was discovered in the Linux kernel before 5.0.9. There is a use-after-free in atalk_proc_exit, related to net/appletalk/atalk_proc.c, net/appletalk/ddp.c, and net/appletalk/sysctl_net_atalk.c.
Page 3 of 8