rpm package
suse/kernel-source&distro=SUSE Linux Enterprise Desktop 12 SP4
pkg:rpm/suse/kernel-source&distro=SUSE%20Linux%20Enterprise%20Desktop%2012%20SP4
Vulnerabilities (147)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2019-9503 | — | < 4.12.14-95.16.1 | 4.12.14-95.16.1 | Jan 16, 2020 | The Broadcom brcmfmac WiFi driver prior to commit a4176ec356c73a46c07c181c6d04039fafa34a9f is vulnerable to a frame validation bypass. If the brcmfmac driver receives a firmware event frame from a remote source, the is_wlc_event_frame function will cause this frame to be discarde | ||
| CVE-2019-9500 | — | < 4.12.14-95.16.1 | 4.12.14-95.16.1 | Jan 16, 2020 | The Broadcom brcmfmac WiFi driver prior to commit 1b5e2423164b3670e8bc9174e4762d297990deff is vulnerable to a heap buffer overflow. If the Wake-up on Wireless LAN functionality is configured, a malicious event frame can be constructed to trigger an heap buffer overflow in the brc | ||
| CVE-2019-14895 | — | < 4.12.14-95.45.1 | 4.12.14-95.45.1 | Nov 29, 2019 | A heap-based buffer overflow was discovered in the Linux kernel, all versions 3.x.x and 4.x.x before 4.18.0, in Marvell WiFi chip driver. The flaw could occur when the station attempts a connection negotiation during the handling of the remote devices country settings. This could | ||
| CVE-2019-18660 | — | < 4.12.14-95.45.1 | 4.12.14-95.45.1 | Nov 27, 2019 | The Linux kernel before 5.4.1 on powerpc allows Information Exposure because the Spectre-RSB mitigation is not in place for all applicable CPUs, aka CID-39e72bf96f58. This is related to arch/powerpc/kernel/entry_64.S and arch/powerpc/kernel/security.c. | ||
| CVE-2019-10220 | — | < 4.12.14-95.40.1 | 4.12.14-95.40.1 | Nov 27, 2019 | Linux kernel CIFS implementation, version 4.9.0 is vulnerable to a relative paths injection in directory entry lists. | ||
| CVE-2019-10207 | — | < 4.12.14-95.32.1 | 4.12.14-95.32.1 | Nov 25, 2019 | A flaw was found in the Linux kernel's Bluetooth implementation of UART, all versions kernel 3.x.x before 4.18.0 and kernel 5.x.x. An attacker with local access and write permissions to the Bluetooth hardware could use this flaw to issue a specially crafted ioctl function call an | ||
| CVE-2019-14815 | — | < 4.12.14-95.32.1 | 4.12.14-95.32.1 | Nov 25, 2019 | A vulnerability was found in Linux Kernel, where a Heap Overflow was found in mwifiex_set_wmm_params() function of Marvell Wifi Driver. | ||
| CVE-2019-19227 | — | < 4.12.14-95.45.1 | 4.12.14-95.45.1 | Nov 22, 2019 | In the AppleTalk subsystem in the Linux kernel before 5.1, there is a potential NULL pointer dereference because register_snap_client may return NULL. This will lead to denial of service in net/appletalk/aarp.c and net/appletalk/ddp.c, as demonstrated by unregister_snap_client, a | ||
| CVE-2019-19077 | — | < 4.12.14-95.45.1 | 4.12.14-95.45.1 | Nov 18, 2019 | A memory leak in the bnxt_re_create_srq() function in drivers/infiniband/hw/bnxt_re/ib_verbs.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering copy to udata failures, aka CID-4a9d46a9fe14. | ||
| CVE-2019-19075 | — | < 4.12.14-95.45.1 | 4.12.14-95.45.1 | Nov 18, 2019 | A memory leak in the ca8210_probe() function in drivers/net/ieee802154/ca8210.c in the Linux kernel before 5.3.8 allows attackers to cause a denial of service (memory consumption) by triggering ca8210_get_platform_data() failures, aka CID-6402939ec86e. | ||
| CVE-2019-19074 | — | < 4.12.14-95.45.1 | 4.12.14-95.45.1 | Nov 18, 2019 | A memory leak in the ath9k_wmi_cmd() function in drivers/net/wireless/ath/ath9k/wmi.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption), aka CID-728c1e2a05e4. | ||
| CVE-2019-19073 | — | < 4.12.14-95.45.1 | 4.12.14-95.45.1 | Nov 18, 2019 | Memory leaks in drivers/net/wireless/ath/ath9k/htc_hst.c in the Linux kernel through 5.3.11 allow attackers to cause a denial of service (memory consumption) by triggering wait_for_completion_timeout() failures. This affects the htc_config_pipe_credits() function, the htc_setup_c | ||
| CVE-2019-19068 | — | < 4.12.14-95.45.1 | 4.12.14-95.45.1 | Nov 18, 2019 | A memory leak in the rtl8xxxu_submit_int_urb() function in drivers/net/wireless/realtek/rtl8xxxu/rtl8xxxu_core.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering usb_submit_urb() failures, aka CID-a2cdd07488e6. | ||
| CVE-2019-19067 | — | < 4.12.14-95.45.1 | 4.12.14-95.45.1 | Nov 18, 2019 | Four memory leaks in the acp_hw_init() function in drivers/gpu/drm/amd/amdgpu/amdgpu_acp.c in the Linux kernel before 5.3.8 allow attackers to cause a denial of service (memory consumption) by triggering mfd_add_hotplug_devices() or pm_genpd_add_device() failures, aka CID-57be09c | ||
| CVE-2019-19065 | — | < 4.12.14-95.45.1 | 4.12.14-95.45.1 | Nov 18, 2019 | A memory leak in the sdma_init() function in drivers/infiniband/hw/hfi1/sdma.c in the Linux kernel before 5.3.9 allows attackers to cause a denial of service (memory consumption) by triggering rhashtable_init() failures, aka CID-34b3be18a04e. NOTE: This has been disputed as not a | ||
| CVE-2019-19063 | — | < 4.12.14-95.45.1 | 4.12.14-95.45.1 | Nov 18, 2019 | Two memory leaks in the rtl_usb_probe() function in drivers/net/wireless/realtek/rtlwifi/usb.c in the Linux kernel through 5.3.11 allow attackers to cause a denial of service (memory consumption), aka CID-3f9361695113. | ||
| CVE-2019-19062 | — | < 4.12.14-95.45.1 | 4.12.14-95.45.1 | Nov 18, 2019 | A memory leak in the crypto_report() function in crypto/crypto_user_base.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering crypto_report_alg() failures, aka CID-ffdde5932042. | ||
| CVE-2019-19060 | — | < 4.12.14-95.45.1 | 4.12.14-95.45.1 | Nov 18, 2019 | A memory leak in the adis_update_scan_mode() function in drivers/iio/imu/adis_buffer.c in the Linux kernel before 5.3.9 allows attackers to cause a denial of service (memory consumption), aka CID-ab612b1daf41. | ||
| CVE-2019-19058 | — | < 4.12.14-95.45.1 | 4.12.14-95.45.1 | Nov 18, 2019 | A memory leak in the alloc_sgtable() function in drivers/net/wireless/intel/iwlwifi/fw/dbg.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering alloc_page() failures, aka CID-b4b814fec1a5. | ||
| CVE-2019-19057 | — | < 4.12.14-95.45.1 | 4.12.14-95.45.1 | Nov 18, 2019 | Two memory leaks in the mwifiex_pcie_init_evt_ring() function in drivers/net/wireless/marvell/mwifiex/pcie.c in the Linux kernel through 5.3.11 allow attackers to cause a denial of service (memory consumption) by triggering mwifiex_map_pci_memory() failures, aka CID-d10dcb615c8e. |
- CVE-2019-9503Jan 16, 2020affected < 4.12.14-95.16.1fixed 4.12.14-95.16.1
The Broadcom brcmfmac WiFi driver prior to commit a4176ec356c73a46c07c181c6d04039fafa34a9f is vulnerable to a frame validation bypass. If the brcmfmac driver receives a firmware event frame from a remote source, the is_wlc_event_frame function will cause this frame to be discarde
- CVE-2019-9500Jan 16, 2020affected < 4.12.14-95.16.1fixed 4.12.14-95.16.1
The Broadcom brcmfmac WiFi driver prior to commit 1b5e2423164b3670e8bc9174e4762d297990deff is vulnerable to a heap buffer overflow. If the Wake-up on Wireless LAN functionality is configured, a malicious event frame can be constructed to trigger an heap buffer overflow in the brc
- CVE-2019-14895Nov 29, 2019affected < 4.12.14-95.45.1fixed 4.12.14-95.45.1
A heap-based buffer overflow was discovered in the Linux kernel, all versions 3.x.x and 4.x.x before 4.18.0, in Marvell WiFi chip driver. The flaw could occur when the station attempts a connection negotiation during the handling of the remote devices country settings. This could
- CVE-2019-18660Nov 27, 2019affected < 4.12.14-95.45.1fixed 4.12.14-95.45.1
The Linux kernel before 5.4.1 on powerpc allows Information Exposure because the Spectre-RSB mitigation is not in place for all applicable CPUs, aka CID-39e72bf96f58. This is related to arch/powerpc/kernel/entry_64.S and arch/powerpc/kernel/security.c.
- CVE-2019-10220Nov 27, 2019affected < 4.12.14-95.40.1fixed 4.12.14-95.40.1
Linux kernel CIFS implementation, version 4.9.0 is vulnerable to a relative paths injection in directory entry lists.
- CVE-2019-10207Nov 25, 2019affected < 4.12.14-95.32.1fixed 4.12.14-95.32.1
A flaw was found in the Linux kernel's Bluetooth implementation of UART, all versions kernel 3.x.x before 4.18.0 and kernel 5.x.x. An attacker with local access and write permissions to the Bluetooth hardware could use this flaw to issue a specially crafted ioctl function call an
- CVE-2019-14815Nov 25, 2019affected < 4.12.14-95.32.1fixed 4.12.14-95.32.1
A vulnerability was found in Linux Kernel, where a Heap Overflow was found in mwifiex_set_wmm_params() function of Marvell Wifi Driver.
- CVE-2019-19227Nov 22, 2019affected < 4.12.14-95.45.1fixed 4.12.14-95.45.1
In the AppleTalk subsystem in the Linux kernel before 5.1, there is a potential NULL pointer dereference because register_snap_client may return NULL. This will lead to denial of service in net/appletalk/aarp.c and net/appletalk/ddp.c, as demonstrated by unregister_snap_client, a
- CVE-2019-19077Nov 18, 2019affected < 4.12.14-95.45.1fixed 4.12.14-95.45.1
A memory leak in the bnxt_re_create_srq() function in drivers/infiniband/hw/bnxt_re/ib_verbs.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering copy to udata failures, aka CID-4a9d46a9fe14.
- CVE-2019-19075Nov 18, 2019affected < 4.12.14-95.45.1fixed 4.12.14-95.45.1
A memory leak in the ca8210_probe() function in drivers/net/ieee802154/ca8210.c in the Linux kernel before 5.3.8 allows attackers to cause a denial of service (memory consumption) by triggering ca8210_get_platform_data() failures, aka CID-6402939ec86e.
- CVE-2019-19074Nov 18, 2019affected < 4.12.14-95.45.1fixed 4.12.14-95.45.1
A memory leak in the ath9k_wmi_cmd() function in drivers/net/wireless/ath/ath9k/wmi.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption), aka CID-728c1e2a05e4.
- CVE-2019-19073Nov 18, 2019affected < 4.12.14-95.45.1fixed 4.12.14-95.45.1
Memory leaks in drivers/net/wireless/ath/ath9k/htc_hst.c in the Linux kernel through 5.3.11 allow attackers to cause a denial of service (memory consumption) by triggering wait_for_completion_timeout() failures. This affects the htc_config_pipe_credits() function, the htc_setup_c
- CVE-2019-19068Nov 18, 2019affected < 4.12.14-95.45.1fixed 4.12.14-95.45.1
A memory leak in the rtl8xxxu_submit_int_urb() function in drivers/net/wireless/realtek/rtl8xxxu/rtl8xxxu_core.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering usb_submit_urb() failures, aka CID-a2cdd07488e6.
- CVE-2019-19067Nov 18, 2019affected < 4.12.14-95.45.1fixed 4.12.14-95.45.1
Four memory leaks in the acp_hw_init() function in drivers/gpu/drm/amd/amdgpu/amdgpu_acp.c in the Linux kernel before 5.3.8 allow attackers to cause a denial of service (memory consumption) by triggering mfd_add_hotplug_devices() or pm_genpd_add_device() failures, aka CID-57be09c
- CVE-2019-19065Nov 18, 2019affected < 4.12.14-95.45.1fixed 4.12.14-95.45.1
A memory leak in the sdma_init() function in drivers/infiniband/hw/hfi1/sdma.c in the Linux kernel before 5.3.9 allows attackers to cause a denial of service (memory consumption) by triggering rhashtable_init() failures, aka CID-34b3be18a04e. NOTE: This has been disputed as not a
- CVE-2019-19063Nov 18, 2019affected < 4.12.14-95.45.1fixed 4.12.14-95.45.1
Two memory leaks in the rtl_usb_probe() function in drivers/net/wireless/realtek/rtlwifi/usb.c in the Linux kernel through 5.3.11 allow attackers to cause a denial of service (memory consumption), aka CID-3f9361695113.
- CVE-2019-19062Nov 18, 2019affected < 4.12.14-95.45.1fixed 4.12.14-95.45.1
A memory leak in the crypto_report() function in crypto/crypto_user_base.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering crypto_report_alg() failures, aka CID-ffdde5932042.
- CVE-2019-19060Nov 18, 2019affected < 4.12.14-95.45.1fixed 4.12.14-95.45.1
A memory leak in the adis_update_scan_mode() function in drivers/iio/imu/adis_buffer.c in the Linux kernel before 5.3.9 allows attackers to cause a denial of service (memory consumption), aka CID-ab612b1daf41.
- CVE-2019-19058Nov 18, 2019affected < 4.12.14-95.45.1fixed 4.12.14-95.45.1
A memory leak in the alloc_sgtable() function in drivers/net/wireless/intel/iwlwifi/fw/dbg.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering alloc_page() failures, aka CID-b4b814fec1a5.
- CVE-2019-19057Nov 18, 2019affected < 4.12.14-95.45.1fixed 4.12.14-95.45.1
Two memory leaks in the mwifiex_pcie_init_evt_ring() function in drivers/net/wireless/marvell/mwifiex/pcie.c in the Linux kernel through 5.3.11 allow attackers to cause a denial of service (memory consumption) by triggering mwifiex_map_pci_memory() failures, aka CID-d10dcb615c8e.
Page 1 of 8