rpm package
suse/kernel-source&distro=SUSE Linux Enterprise Server 12 SP3-BCL
pkg:rpm/suse/kernel-source&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP3-BCL
Vulnerabilities (414)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2019-15117 | Hig | 7.8 | < 4.4.180-94.103.1 | 4.4.180-94.103.1 | Aug 16, 2019 | parse_audio_mixer_unit in sound/usb/mixer.c in the Linux kernel through 5.2.9 mishandles a short descriptor, leading to out-of-bounds memory access. | |
| CVE-2019-15098 | Med | 4.6 | < 4.4.180-94.107.1 | 4.4.180-94.107.1 | Aug 16, 2019 | drivers/net/wireless/ath/ath6kl/usb.c in the Linux kernel through 5.2.9 has a NULL pointer dereference via an incomplete address in an endpoint descriptor. | |
| CVE-2019-9506 | Hig | 8.1 | < 4.4.180-94.107.1 | 4.4.180-94.107.1 | Aug 14, 2019 | The Bluetooth BR/EDR specification up to and including version 5.1 permits sufficiently low encryption key length and does not prevent an attacker from influencing the key length negotiation. This allows practical brute-force attacks (aka "KNOB") that can decrypt traffic and inje | |
| CVE-2017-18509 | Hig | 7.8 | < 4.4.180-94.107.1 | 4.4.180-94.107.1 | Aug 13, 2019 | An issue was discovered in net/ipv6/ip6mr.c in the Linux kernel before 4.11. By setting a specific socket option, an attacker can control a pointer in kernel land and cause an inet_csk_listen_stop general protection fault, or potentially execute arbitrary code under certain circu | |
| CVE-2017-18379 | Cri | 9.8 | < 4.4.180-94.107.1 | 4.4.180-94.107.1 | Jul 27, 2019 | In the Linux kernel before 4.14, an out of boundary access happened in drivers/nvme/target/fc.c. | |
| CVE-2019-14284 | Med | 6.2 | < 4.4.180-94.103.1 | 4.4.180-94.103.1 | Jul 26, 2019 | In the Linux kernel before 5.2.3, drivers/block/floppy.c allows a denial of service by setup_format_params division-by-zero. Two consecutive ioctls can trigger the bug: the first one should set the drive geometry with .sect and .rate values that make F_SECT_PER_TRACK be zero. Nex | |
| CVE-2019-14283 | Med | 6.8 | < 4.4.180-94.103.1 | 4.4.180-94.103.1 | Jul 26, 2019 | In the Linux kernel before 5.2.3, set_geometry in drivers/block/floppy.c does not validate the sect and head fields, as demonstrated by an integer overflow and out-of-bounds read. It can be triggered by an unprivileged local user when a floppy disk has been inserted. NOTE: QEMU c | |
| CVE-2018-20856 | Hig | 7.8 | < 4.4.180-94.103.1 | 4.4.180-94.103.1 | Jul 26, 2019 | An issue was discovered in the Linux kernel before 4.18.7. In block/blk-core.c, there is an __blk_drain_queue() use-after-free because a certain error case is mishandled. | |
| CVE-2018-20855 | Low | 3.3 | < 4.4.180-94.103.1 | 4.4.180-94.103.1 | Jul 26, 2019 | An issue was discovered in the Linux kernel before 4.18.7. In create_qp_common in drivers/infiniband/hw/mlx5/qp.c, mlx5_ib_create_qp_resp was never initialized, resulting in a leak of stack memory to userspace. | |
| CVE-2019-13648 | Med | 5.5 | < 4.4.180-94.103.1 | 4.4.180-94.103.1 | Jul 19, 2019 | In the Linux kernel through 5.2.1 on the powerpc platform, when hardware transactional memory is disabled, a local user can cause a denial of service (TM Bad Thing exception and system crash) via a sigreturn() system call that sends a crafted signal frame. This affects arch/power | |
| CVE-2019-13631 | Med | 6.8 | < 4.4.180-94.103.1 | 4.4.180-94.103.1 | Jul 17, 2019 | In parse_hid_report_descriptor in drivers/input/tablet/gtco.c in the Linux kernel through 5.2.1, a malicious USB device can send an HID report that triggers an out-of-bounds write during generation of debugging messages. | |
| CVE-2019-13272 | Hig | 7.8 | KEV | < 4.4.180-94.107.1 | 4.4.180-94.107.1 | Jul 17, 2019 | In the Linux kernel before 5.1.17, ptrace_link in kernel/ptrace.c mishandles the recording of the credentials of a process that wants to create a ptrace relationship, which allows local users to obtain root access by leveraging certain scenarios with a parent-child process relati |
| CVE-2019-0136 | Hig | 7.4 | < 4.4.180-94.153.1 | 4.4.180-94.153.1 | Jun 13, 2019 | Insufficient access control in the Intel(R) PROSet/Wireless WiFi Software driver before version 21.10 may allow an unauthenticated user to potentially enable denial of service via adjacent access. | |
| CVE-2019-11091 | Med | 5.6 | < 4.4.180-94.116.1 | 4.4.180-94.116.1 | May 30, 2019 | Microarchitectural Data Sampling Uncacheable Memory (MDSUM): Uncacheable memory on some microprocessors utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access. A list of impacted products c | |
| CVE-2018-12130 | Med | 5.9 | < 4.4.180-94.116.1 | 4.4.180-94.116.1 | May 30, 2019 | Microarchitectural Fill Buffer Data Sampling (MFBDS): Fill buffers on some microprocessors utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access. A list of impacted products can be found h | |
| CVE-2018-12127 | Med | 5.6 | < 4.4.180-94.116.1 | 4.4.180-94.116.1 | May 30, 2019 | Microarchitectural Load Port Data Sampling (MLPDS): Load ports on some microprocessors utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access. A list of impacted products can be found here: | |
| CVE-2018-12126 | Med | 5.6 | < 4.4.180-94.116.1 | 4.4.180-94.116.1 | May 30, 2019 | Microarchitectural Store Buffer Data Sampling (MSBDS): Store buffers on some microprocessors utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access. A list of impacted products can be found | |
| CVE-2019-11810 | Hig | 7.5 | < 4.4.180-94.103.1 | 4.4.180-94.103.1 | May 7, 2019 | An issue was discovered in the Linux kernel before 5.0.7. A NULL pointer dereference can occur when megasas_create_frame_pool() fails in megasas_alloc_cmds() in drivers/scsi/megaraid/megaraid_sas_base.c. This causes a Denial of Service, related to a use-after-free. | |
| CVE-2019-3900 | Hig | 7.7 | < 4.4.180-94.174.1 | 4.4.180-94.174.1 | Apr 25, 2019 | An infinite loop issue was found in the vhost_net kernel module in Linux Kernel up to and including v5.1-rc6, while handling incoming packets in handle_rx(). It could occur if one end sends packets faster than the other end can process them. A guest user, maybe remote one, could | |
| CVE-2019-3874 | Med | 6.5 | < 4.4.180-94.182.1 | 4.4.180-94.182.1 | Mar 25, 2019 | The SCTP socket buffer used by a userspace application is not accounted by the cgroups subsystem. An attacker can use this flaw to cause a denial of service attack. Kernel 3.10.x and 4.18.x branches are believed to be vulnerable. |
- affected < 4.4.180-94.103.1fixed 4.4.180-94.103.1
parse_audio_mixer_unit in sound/usb/mixer.c in the Linux kernel through 5.2.9 mishandles a short descriptor, leading to out-of-bounds memory access.
- affected < 4.4.180-94.107.1fixed 4.4.180-94.107.1
drivers/net/wireless/ath/ath6kl/usb.c in the Linux kernel through 5.2.9 has a NULL pointer dereference via an incomplete address in an endpoint descriptor.
- affected < 4.4.180-94.107.1fixed 4.4.180-94.107.1
The Bluetooth BR/EDR specification up to and including version 5.1 permits sufficiently low encryption key length and does not prevent an attacker from influencing the key length negotiation. This allows practical brute-force attacks (aka "KNOB") that can decrypt traffic and inje
- affected < 4.4.180-94.107.1fixed 4.4.180-94.107.1
An issue was discovered in net/ipv6/ip6mr.c in the Linux kernel before 4.11. By setting a specific socket option, an attacker can control a pointer in kernel land and cause an inet_csk_listen_stop general protection fault, or potentially execute arbitrary code under certain circu
- affected < 4.4.180-94.107.1fixed 4.4.180-94.107.1
In the Linux kernel before 4.14, an out of boundary access happened in drivers/nvme/target/fc.c.
- affected < 4.4.180-94.103.1fixed 4.4.180-94.103.1
In the Linux kernel before 5.2.3, drivers/block/floppy.c allows a denial of service by setup_format_params division-by-zero. Two consecutive ioctls can trigger the bug: the first one should set the drive geometry with .sect and .rate values that make F_SECT_PER_TRACK be zero. Nex
- affected < 4.4.180-94.103.1fixed 4.4.180-94.103.1
In the Linux kernel before 5.2.3, set_geometry in drivers/block/floppy.c does not validate the sect and head fields, as demonstrated by an integer overflow and out-of-bounds read. It can be triggered by an unprivileged local user when a floppy disk has been inserted. NOTE: QEMU c
- affected < 4.4.180-94.103.1fixed 4.4.180-94.103.1
An issue was discovered in the Linux kernel before 4.18.7. In block/blk-core.c, there is an __blk_drain_queue() use-after-free because a certain error case is mishandled.
- affected < 4.4.180-94.103.1fixed 4.4.180-94.103.1
An issue was discovered in the Linux kernel before 4.18.7. In create_qp_common in drivers/infiniband/hw/mlx5/qp.c, mlx5_ib_create_qp_resp was never initialized, resulting in a leak of stack memory to userspace.
- affected < 4.4.180-94.103.1fixed 4.4.180-94.103.1
In the Linux kernel through 5.2.1 on the powerpc platform, when hardware transactional memory is disabled, a local user can cause a denial of service (TM Bad Thing exception and system crash) via a sigreturn() system call that sends a crafted signal frame. This affects arch/power
- affected < 4.4.180-94.103.1fixed 4.4.180-94.103.1
In parse_hid_report_descriptor in drivers/input/tablet/gtco.c in the Linux kernel through 5.2.1, a malicious USB device can send an HID report that triggers an out-of-bounds write during generation of debugging messages.
- affected < 4.4.180-94.107.1fixed 4.4.180-94.107.1
In the Linux kernel before 5.1.17, ptrace_link in kernel/ptrace.c mishandles the recording of the credentials of a process that wants to create a ptrace relationship, which allows local users to obtain root access by leveraging certain scenarios with a parent-child process relati
- affected < 4.4.180-94.153.1fixed 4.4.180-94.153.1
Insufficient access control in the Intel(R) PROSet/Wireless WiFi Software driver before version 21.10 may allow an unauthenticated user to potentially enable denial of service via adjacent access.
- affected < 4.4.180-94.116.1fixed 4.4.180-94.116.1
Microarchitectural Data Sampling Uncacheable Memory (MDSUM): Uncacheable memory on some microprocessors utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access. A list of impacted products c
- affected < 4.4.180-94.116.1fixed 4.4.180-94.116.1
Microarchitectural Fill Buffer Data Sampling (MFBDS): Fill buffers on some microprocessors utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access. A list of impacted products can be found h
- affected < 4.4.180-94.116.1fixed 4.4.180-94.116.1
Microarchitectural Load Port Data Sampling (MLPDS): Load ports on some microprocessors utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access. A list of impacted products can be found here:
- affected < 4.4.180-94.116.1fixed 4.4.180-94.116.1
Microarchitectural Store Buffer Data Sampling (MSBDS): Store buffers on some microprocessors utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access. A list of impacted products can be found
- affected < 4.4.180-94.103.1fixed 4.4.180-94.103.1
An issue was discovered in the Linux kernel before 5.0.7. A NULL pointer dereference can occur when megasas_create_frame_pool() fails in megasas_alloc_cmds() in drivers/scsi/megaraid/megaraid_sas_base.c. This causes a Denial of Service, related to a use-after-free.
- affected < 4.4.180-94.174.1fixed 4.4.180-94.174.1
An infinite loop issue was found in the vhost_net kernel module in Linux Kernel up to and including v5.1-rc6, while handling incoming packets in handle_rx(). It could occur if one end sends packets faster than the other end can process them. A guest user, maybe remote one, could
- affected < 4.4.180-94.182.1fixed 4.4.180-94.182.1
The SCTP socket buffer used by a userspace application is not accounted by the cgroups subsystem. An attacker can use this flaw to cause a denial of service attack. Kernel 3.10.x and 4.18.x branches are believed to be vulnerable.
Page 20 of 21