rpm package
suse/kernel-source&distro=SUSE OpenStack Cloud Crowbar 9
pkg:rpm/suse/kernel-source&distro=SUSE%20OpenStack%20Cloud%20Crowbar%209
Vulnerabilities (380)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2019-20908 | — | < 4.12.14-95.57.1 | 4.12.14-95.57.1 | Jul 15, 2020 | An issue was discovered in drivers/firmware/efi/efi.c in the Linux kernel before 5.4. Incorrect access permissions for the efivar_ssdt ACPI variable could be used by attackers to bypass lockdown or secure boot restrictions, aka CID-1957a85b0032. | ||
| CVE-2020-15780 | — | < 4.12.14-95.57.1 | 4.12.14-95.57.1 | Jul 15, 2020 | An issue was discovered in drivers/acpi/acpi_configfs.c in the Linux kernel before 5.7.7. Injection of malicious ACPI tables via configfs could be used by attackers to bypass lockdown and secure boot restrictions, aka CID-75b0cea7bf30. | ||
| CVE-2020-15393 | — | < 4.12.14-95.57.1 | 4.12.14-95.57.1 | Jun 29, 2020 | In the Linux kernel 4.4 through 5.7.6, usbtest_disconnect in drivers/usb/misc/usbtest.c has a memory leak, aka CID-28ebeb8db770. | ||
| CVE-2020-10769 | — | < 4.12.14-95.57.1 | 4.12.14-95.57.1 | Jun 26, 2020 | A buffer over-read flaw was found in RH kernel versions before 5.0 in crypto_authenc_extractkeys in crypto/authenc.c in the IPsec Cryptographic algorithm's module, authenc. When a payload longer than 4 bytes, and is not following 4-byte alignment boundary guidelines, it causes a | ||
| CVE-2020-14416 | — | < 4.12.14-95.57.1 | 4.12.14-95.57.1 | Jun 18, 2020 | In the Linux kernel before 5.4.16, a race condition in tty->disc_data handling in the slip and slcan line discipline could lead to a use-after-free, aka CID-0ace17d56824. This affects drivers/net/slip/slip.c and drivers/net/can/slcan.c. | ||
| CVE-2020-13974 | — | < 4.12.14-95.57.1 | 4.12.14-95.57.1 | Jun 9, 2020 | An issue was discovered in the Linux kernel 4.4 through 5.7.1. drivers/tty/vt/keyboard.c has an integer overflow if k_ascii is called several times in a row, aka CID-b86dab054059. NOTE: Members in the community argue that the integer overflow does not lead to a security issue in | ||
| CVE-2019-20811 | — | < 4.12.14-95.99.2 | 4.12.14-95.99.2 | Jun 3, 2020 | An issue was discovered in the Linux kernel before 5.0.6. In rx_queue_add_kobject() and netdev_queue_add_kobject() in net/core/net-sysfs.c, a reference count is mishandled, aka CID-a3e23f719f5c. | ||
| CVE-2019-20810 | — | < 4.12.14-95.57.1 | 4.12.14-95.57.1 | Jun 2, 2020 | go7007_snd_init in drivers/media/usb/go7007/snd-go7007.c in the Linux kernel before 5.6 does not call snd_card_free for a failure path, which causes a memory leak, aka CID-9453264ef586. | ||
| CVE-2020-10135 | — | < 4.12.14-95.60.1 | 4.12.14-95.60.1 | May 19, 2020 | Legacy pairing and secure-connections pairing authentication in Bluetooth BR/EDR Core Specification v5.2 and earlier may allow an unauthenticated user to complete authentication without pairing credentials via adjacent access. An unauthenticated, adjacent attacker could impersona | ||
| CVE-2020-12888 | — | < 4.12.14-95.57.1 | 4.12.14-95.57.1 | May 15, 2020 | The VFIO PCI driver in the Linux kernel through 5.6.13 mishandles attempts to access disabled memory space. | ||
| CVE-2020-12770 | — | < 4.12.14-95.83.2 | 4.12.14-95.83.2 | May 9, 2020 | An issue was discovered in the Linux kernel through 5.6.11. sg_write lacks an sg_remove_request call in a certain failure case, aka CID-83c6f2390040. | ||
| CVE-2020-12771 | — | < 4.12.14-95.57.1 | 4.12.14-95.57.1 | May 9, 2020 | An issue was discovered in the Linux kernel through 5.6.11. btree_gc_coalesce in drivers/md/bcache/btree.c has a deadlock if a coalescing operation fails. | ||
| CVE-2019-15126 | — | < 4.12.14-95.88.1 | 4.12.14-95.88.1 | Feb 5, 2020 | An issue was discovered on Broadcom Wi-Fi client devices. Specifically timed and handcrafted traffic can cause internal errors (related to state transitions) in a WLAN device that lead to improper layer 2 Wi-Fi encryption with a consequent possibility of information disclosure ov | ||
| CVE-2019-19377 | — | < 4.12.14-95.102.1 | 4.12.14-95.102.1 | Nov 29, 2019 | In the Linux kernel 5.0.21, mounting a crafted btrfs filesystem image, performing some operations, and unmounting can lead to a use-after-free in btrfs_queue_work in fs/btrfs/async-thread.c. | ||
| CVE-2019-16746 | — | < 4.12.14-95.57.1 | 4.12.14-95.57.1 | Sep 24, 2019 | An issue was discovered in net/wireless/nl80211.c in the Linux kernel through 5.2.17. It does not check the length of variable elements in a beacon head, leading to a buffer overflow. | ||
| CVE-2019-3900 | — | < 4.12.14-95.83.2 | 4.12.14-95.83.2 | Apr 25, 2019 | An infinite loop issue was found in the vhost_net kernel module in Linux Kernel up to and including v5.1-rc6, while handling incoming packets in handle_rx(). It could occur if one end sends packets faster than the other end can process them. A guest user, maybe remote one, could | ||
| CVE-2019-3874 | — | < 4.12.14-95.83.2 | 4.12.14-95.83.2 | Mar 25, 2019 | The SCTP socket buffer used by a userspace application is not accounted by the cgroups subsystem. An attacker can use this flaw to cause a denial of service attack. Kernel 3.10.x and 4.18.x branches are believed to be vulnerable. | ||
| CVE-2018-9517 | — | < 4.12.14-95.83.2 | 4.12.14-95.83.2 | Dec 7, 2018 | In pppol2tp_connect, there is possible memory corruption due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: Android kernel. Android ID: A-3 | ||
| CVE-2018-13405 | — | < 4.12.14-95.83.2 | 4.12.14-95.83.2 | Jul 6, 2018 | The inode_init_owner function in fs/inode.c in the Linux kernel through 3.16 allows local users to create files with an unintended group ownership, in a scenario where a directory is SGID to a certain group and is writable by a user who is not a member of that group. Here, the no | ||
| CVE-2017-5753 | — | < 4.12.14-95.125.1 | 4.12.14-95.125.1 | Jan 4, 2018 | Systems with microprocessors utilizing speculative execution and branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis. |
- CVE-2019-20908Jul 15, 2020affected < 4.12.14-95.57.1fixed 4.12.14-95.57.1
An issue was discovered in drivers/firmware/efi/efi.c in the Linux kernel before 5.4. Incorrect access permissions for the efivar_ssdt ACPI variable could be used by attackers to bypass lockdown or secure boot restrictions, aka CID-1957a85b0032.
- CVE-2020-15780Jul 15, 2020affected < 4.12.14-95.57.1fixed 4.12.14-95.57.1
An issue was discovered in drivers/acpi/acpi_configfs.c in the Linux kernel before 5.7.7. Injection of malicious ACPI tables via configfs could be used by attackers to bypass lockdown and secure boot restrictions, aka CID-75b0cea7bf30.
- CVE-2020-15393Jun 29, 2020affected < 4.12.14-95.57.1fixed 4.12.14-95.57.1
In the Linux kernel 4.4 through 5.7.6, usbtest_disconnect in drivers/usb/misc/usbtest.c has a memory leak, aka CID-28ebeb8db770.
- CVE-2020-10769Jun 26, 2020affected < 4.12.14-95.57.1fixed 4.12.14-95.57.1
A buffer over-read flaw was found in RH kernel versions before 5.0 in crypto_authenc_extractkeys in crypto/authenc.c in the IPsec Cryptographic algorithm's module, authenc. When a payload longer than 4 bytes, and is not following 4-byte alignment boundary guidelines, it causes a
- CVE-2020-14416Jun 18, 2020affected < 4.12.14-95.57.1fixed 4.12.14-95.57.1
In the Linux kernel before 5.4.16, a race condition in tty->disc_data handling in the slip and slcan line discipline could lead to a use-after-free, aka CID-0ace17d56824. This affects drivers/net/slip/slip.c and drivers/net/can/slcan.c.
- CVE-2020-13974Jun 9, 2020affected < 4.12.14-95.57.1fixed 4.12.14-95.57.1
An issue was discovered in the Linux kernel 4.4 through 5.7.1. drivers/tty/vt/keyboard.c has an integer overflow if k_ascii is called several times in a row, aka CID-b86dab054059. NOTE: Members in the community argue that the integer overflow does not lead to a security issue in
- CVE-2019-20811Jun 3, 2020affected < 4.12.14-95.99.2fixed 4.12.14-95.99.2
An issue was discovered in the Linux kernel before 5.0.6. In rx_queue_add_kobject() and netdev_queue_add_kobject() in net/core/net-sysfs.c, a reference count is mishandled, aka CID-a3e23f719f5c.
- CVE-2019-20810Jun 2, 2020affected < 4.12.14-95.57.1fixed 4.12.14-95.57.1
go7007_snd_init in drivers/media/usb/go7007/snd-go7007.c in the Linux kernel before 5.6 does not call snd_card_free for a failure path, which causes a memory leak, aka CID-9453264ef586.
- CVE-2020-10135May 19, 2020affected < 4.12.14-95.60.1fixed 4.12.14-95.60.1
Legacy pairing and secure-connections pairing authentication in Bluetooth BR/EDR Core Specification v5.2 and earlier may allow an unauthenticated user to complete authentication without pairing credentials via adjacent access. An unauthenticated, adjacent attacker could impersona
- CVE-2020-12888May 15, 2020affected < 4.12.14-95.57.1fixed 4.12.14-95.57.1
The VFIO PCI driver in the Linux kernel through 5.6.13 mishandles attempts to access disabled memory space.
- CVE-2020-12770May 9, 2020affected < 4.12.14-95.83.2fixed 4.12.14-95.83.2
An issue was discovered in the Linux kernel through 5.6.11. sg_write lacks an sg_remove_request call in a certain failure case, aka CID-83c6f2390040.
- CVE-2020-12771May 9, 2020affected < 4.12.14-95.57.1fixed 4.12.14-95.57.1
An issue was discovered in the Linux kernel through 5.6.11. btree_gc_coalesce in drivers/md/bcache/btree.c has a deadlock if a coalescing operation fails.
- CVE-2019-15126Feb 5, 2020affected < 4.12.14-95.88.1fixed 4.12.14-95.88.1
An issue was discovered on Broadcom Wi-Fi client devices. Specifically timed and handcrafted traffic can cause internal errors (related to state transitions) in a WLAN device that lead to improper layer 2 Wi-Fi encryption with a consequent possibility of information disclosure ov
- CVE-2019-19377Nov 29, 2019affected < 4.12.14-95.102.1fixed 4.12.14-95.102.1
In the Linux kernel 5.0.21, mounting a crafted btrfs filesystem image, performing some operations, and unmounting can lead to a use-after-free in btrfs_queue_work in fs/btrfs/async-thread.c.
- CVE-2019-16746Sep 24, 2019affected < 4.12.14-95.57.1fixed 4.12.14-95.57.1
An issue was discovered in net/wireless/nl80211.c in the Linux kernel through 5.2.17. It does not check the length of variable elements in a beacon head, leading to a buffer overflow.
- CVE-2019-3900Apr 25, 2019affected < 4.12.14-95.83.2fixed 4.12.14-95.83.2
An infinite loop issue was found in the vhost_net kernel module in Linux Kernel up to and including v5.1-rc6, while handling incoming packets in handle_rx(). It could occur if one end sends packets faster than the other end can process them. A guest user, maybe remote one, could
- CVE-2019-3874Mar 25, 2019affected < 4.12.14-95.83.2fixed 4.12.14-95.83.2
The SCTP socket buffer used by a userspace application is not accounted by the cgroups subsystem. An attacker can use this flaw to cause a denial of service attack. Kernel 3.10.x and 4.18.x branches are believed to be vulnerable.
- CVE-2018-9517Dec 7, 2018affected < 4.12.14-95.83.2fixed 4.12.14-95.83.2
In pppol2tp_connect, there is possible memory corruption due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: Android kernel. Android ID: A-3
- CVE-2018-13405Jul 6, 2018affected < 4.12.14-95.83.2fixed 4.12.14-95.83.2
The inode_init_owner function in fs/inode.c in the Linux kernel through 3.16 allows local users to create files with an unintended group ownership, in a scenario where a directory is SGID to a certain group and is writable by a user who is not a member of that group. Here, the no
- CVE-2017-5753Jan 4, 2018affected < 4.12.14-95.125.1fixed 4.12.14-95.125.1
Systems with microprocessors utilizing speculative execution and branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis.
Page 19 of 19