rpm package
suse/kernel-source-azure&distro=SUSE Linux Enterprise Module for Public Cloud 15
pkg:rpm/suse/kernel-source-azure&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Public%20Cloud%2015
Vulnerabilities (193)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2019-9503 | — | < 4.12.14-5.27.1 | 4.12.14-5.27.1 | Jan 16, 2020 | The Broadcom brcmfmac WiFi driver prior to commit a4176ec356c73a46c07c181c6d04039fafa34a9f is vulnerable to a frame validation bypass. If the brcmfmac driver receives a firmware event frame from a remote source, the is_wlc_event_frame function will cause this frame to be discarde | ||
| CVE-2019-9500 | — | < 4.12.14-5.27.1 | 4.12.14-5.27.1 | Jan 16, 2020 | The Broadcom brcmfmac WiFi driver prior to commit 1b5e2423164b3670e8bc9174e4762d297990deff is vulnerable to a heap buffer overflow. If the Wake-up on Wireless LAN functionality is configured, a malicious event frame can be constructed to trigger an heap buffer overflow in the brc | ||
| CVE-2019-19543 | — | < 4.12.14-5.47.1 | 4.12.14-5.47.1 | Dec 3, 2019 | In the Linux kernel before 5.1.6, there is a use-after-free in serial_ir_init_module() in drivers/media/rc/serial_ir.c. | ||
| CVE-2019-19524 | — | < 4.12.14-5.47.1 | 4.12.14-5.47.1 | Dec 3, 2019 | In the Linux kernel before 5.3.12, there is a use-after-free bug that can be caused by a malicious USB device in the drivers/input/ff-memless.c driver, aka CID-fa3a5a1880c9. | ||
| CVE-2019-19525 | — | < 4.12.14-5.47.1 | 4.12.14-5.47.1 | Dec 3, 2019 | In the Linux kernel before 5.3.6, there is a use-after-free bug that can be caused by a malicious USB device in the drivers/net/ieee802154/atusb.c driver, aka CID-7fd25e6fc035. | ||
| CVE-2019-19528 | — | < 4.12.14-5.47.1 | 4.12.14-5.47.1 | Dec 3, 2019 | In the Linux kernel before 5.3.7, there is a use-after-free bug that can be caused by a malicious USB device in the drivers/usb/misc/iowarrior.c driver, aka CID-edc4746f253d. | ||
| CVE-2019-19529 | — | < 4.12.14-5.47.1 | 4.12.14-5.47.1 | Dec 3, 2019 | In the Linux kernel before 5.3.11, there is a use-after-free bug that can be caused by a malicious USB device in the drivers/net/can/usb/mcba_usb.c driver, aka CID-4d6636498c41. | ||
| CVE-2019-19530 | — | < 4.12.14-5.47.1 | 4.12.14-5.47.1 | Dec 3, 2019 | In the Linux kernel before 5.2.10, there is a use-after-free bug that can be caused by a malicious USB device in the drivers/usb/class/cdc-acm.c driver, aka CID-c52873e5a1ef. | ||
| CVE-2019-19531 | — | < 4.12.14-5.47.1 | 4.12.14-5.47.1 | Dec 3, 2019 | In the Linux kernel before 5.2.9, there is a use-after-free bug that can be caused by a malicious USB device in the drivers/usb/misc/yurex.c driver, aka CID-fc05481b2fca. | ||
| CVE-2019-19534 | — | < 4.12.14-5.47.1 | 4.12.14-5.47.1 | Dec 3, 2019 | In the Linux kernel before 5.3.11, there is an info-leak bug that can be caused by a malicious USB device in the drivers/net/can/usb/peak_usb/pcan_usb_core.c driver, aka CID-f7a1337f0d29. | ||
| CVE-2019-19536 | — | < 4.12.14-5.47.1 | 4.12.14-5.47.1 | Dec 3, 2019 | In the Linux kernel before 5.2.9, there is an info-leak bug that can be caused by a malicious USB device in the drivers/net/can/usb/peak_usb/pcan_usb_pro.c driver, aka CID-ead16e53c2f0. | ||
| CVE-2019-14901 | — | < 4.12.14-5.47.1 | 4.12.14-5.47.1 | Nov 29, 2019 | A heap overflow flaw was found in the Linux kernel, all versions 3.x.x and 4.x.x before 4.18.0, in Marvell WiFi chip driver. The vulnerability allows a remote attacker to cause a system crash, resulting in a denial of service, or execute arbitrary code. The highest threat with th | ||
| CVE-2019-14895 | — | < 4.12.14-5.47.1 | 4.12.14-5.47.1 | Nov 29, 2019 | A heap-based buffer overflow was discovered in the Linux kernel, all versions 3.x.x and 4.x.x before 4.18.0, in Marvell WiFi chip driver. The flaw could occur when the station attempts a connection negotiation during the handling of the remote devices country settings. This could | ||
| CVE-2019-18660 | — | < 4.12.14-5.47.1 | 4.12.14-5.47.1 | Nov 27, 2019 | The Linux kernel before 5.4.1 on powerpc allows Information Exposure because the Spectre-RSB mitigation is not in place for all applicable CPUs, aka CID-39e72bf96f58. This is related to arch/powerpc/kernel/entry_64.S and arch/powerpc/kernel/security.c. | ||
| CVE-2019-10220 | — | < 4.12.14-5.44.1 | 4.12.14-5.44.1 | Nov 27, 2019 | Linux kernel CIFS implementation, version 4.9.0 is vulnerable to a relative paths injection in directory entry lists. | ||
| CVE-2019-14815 | — | < 4.12.14-5.41.1 | 4.12.14-5.41.1 | Nov 25, 2019 | A vulnerability was found in Linux Kernel, where a Heap Overflow was found in mwifiex_set_wmm_params() function of Marvell Wifi Driver. | ||
| CVE-2019-19227 | — | < 4.12.14-5.47.1 | 4.12.14-5.47.1 | Nov 22, 2019 | In the AppleTalk subsystem in the Linux kernel before 5.1, there is a potential NULL pointer dereference because register_snap_client may return NULL. This will lead to denial of service in net/appletalk/aarp.c and net/appletalk/ddp.c, as demonstrated by unregister_snap_client, a | ||
| CVE-2019-19077 | — | < 4.12.14-5.47.1 | 4.12.14-5.47.1 | Nov 18, 2019 | A memory leak in the bnxt_re_create_srq() function in drivers/infiniband/hw/bnxt_re/ib_verbs.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering copy to udata failures, aka CID-4a9d46a9fe14. | ||
| CVE-2019-19075 | — | < 4.12.14-5.47.1 | 4.12.14-5.47.1 | Nov 18, 2019 | A memory leak in the ca8210_probe() function in drivers/net/ieee802154/ca8210.c in the Linux kernel before 5.3.8 allows attackers to cause a denial of service (memory consumption) by triggering ca8210_get_platform_data() failures, aka CID-6402939ec86e. | ||
| CVE-2019-19074 | — | < 4.12.14-5.47.1 | 4.12.14-5.47.1 | Nov 18, 2019 | A memory leak in the ath9k_wmi_cmd() function in drivers/net/wireless/ath/ath9k/wmi.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption), aka CID-728c1e2a05e4. |
- CVE-2019-9503Jan 16, 2020affected < 4.12.14-5.27.1fixed 4.12.14-5.27.1
The Broadcom brcmfmac WiFi driver prior to commit a4176ec356c73a46c07c181c6d04039fafa34a9f is vulnerable to a frame validation bypass. If the brcmfmac driver receives a firmware event frame from a remote source, the is_wlc_event_frame function will cause this frame to be discarde
- CVE-2019-9500Jan 16, 2020affected < 4.12.14-5.27.1fixed 4.12.14-5.27.1
The Broadcom brcmfmac WiFi driver prior to commit 1b5e2423164b3670e8bc9174e4762d297990deff is vulnerable to a heap buffer overflow. If the Wake-up on Wireless LAN functionality is configured, a malicious event frame can be constructed to trigger an heap buffer overflow in the brc
- CVE-2019-19543Dec 3, 2019affected < 4.12.14-5.47.1fixed 4.12.14-5.47.1
In the Linux kernel before 5.1.6, there is a use-after-free in serial_ir_init_module() in drivers/media/rc/serial_ir.c.
- CVE-2019-19524Dec 3, 2019affected < 4.12.14-5.47.1fixed 4.12.14-5.47.1
In the Linux kernel before 5.3.12, there is a use-after-free bug that can be caused by a malicious USB device in the drivers/input/ff-memless.c driver, aka CID-fa3a5a1880c9.
- CVE-2019-19525Dec 3, 2019affected < 4.12.14-5.47.1fixed 4.12.14-5.47.1
In the Linux kernel before 5.3.6, there is a use-after-free bug that can be caused by a malicious USB device in the drivers/net/ieee802154/atusb.c driver, aka CID-7fd25e6fc035.
- CVE-2019-19528Dec 3, 2019affected < 4.12.14-5.47.1fixed 4.12.14-5.47.1
In the Linux kernel before 5.3.7, there is a use-after-free bug that can be caused by a malicious USB device in the drivers/usb/misc/iowarrior.c driver, aka CID-edc4746f253d.
- CVE-2019-19529Dec 3, 2019affected < 4.12.14-5.47.1fixed 4.12.14-5.47.1
In the Linux kernel before 5.3.11, there is a use-after-free bug that can be caused by a malicious USB device in the drivers/net/can/usb/mcba_usb.c driver, aka CID-4d6636498c41.
- CVE-2019-19530Dec 3, 2019affected < 4.12.14-5.47.1fixed 4.12.14-5.47.1
In the Linux kernel before 5.2.10, there is a use-after-free bug that can be caused by a malicious USB device in the drivers/usb/class/cdc-acm.c driver, aka CID-c52873e5a1ef.
- CVE-2019-19531Dec 3, 2019affected < 4.12.14-5.47.1fixed 4.12.14-5.47.1
In the Linux kernel before 5.2.9, there is a use-after-free bug that can be caused by a malicious USB device in the drivers/usb/misc/yurex.c driver, aka CID-fc05481b2fca.
- CVE-2019-19534Dec 3, 2019affected < 4.12.14-5.47.1fixed 4.12.14-5.47.1
In the Linux kernel before 5.3.11, there is an info-leak bug that can be caused by a malicious USB device in the drivers/net/can/usb/peak_usb/pcan_usb_core.c driver, aka CID-f7a1337f0d29.
- CVE-2019-19536Dec 3, 2019affected < 4.12.14-5.47.1fixed 4.12.14-5.47.1
In the Linux kernel before 5.2.9, there is an info-leak bug that can be caused by a malicious USB device in the drivers/net/can/usb/peak_usb/pcan_usb_pro.c driver, aka CID-ead16e53c2f0.
- CVE-2019-14901Nov 29, 2019affected < 4.12.14-5.47.1fixed 4.12.14-5.47.1
A heap overflow flaw was found in the Linux kernel, all versions 3.x.x and 4.x.x before 4.18.0, in Marvell WiFi chip driver. The vulnerability allows a remote attacker to cause a system crash, resulting in a denial of service, or execute arbitrary code. The highest threat with th
- CVE-2019-14895Nov 29, 2019affected < 4.12.14-5.47.1fixed 4.12.14-5.47.1
A heap-based buffer overflow was discovered in the Linux kernel, all versions 3.x.x and 4.x.x before 4.18.0, in Marvell WiFi chip driver. The flaw could occur when the station attempts a connection negotiation during the handling of the remote devices country settings. This could
- CVE-2019-18660Nov 27, 2019affected < 4.12.14-5.47.1fixed 4.12.14-5.47.1
The Linux kernel before 5.4.1 on powerpc allows Information Exposure because the Spectre-RSB mitigation is not in place for all applicable CPUs, aka CID-39e72bf96f58. This is related to arch/powerpc/kernel/entry_64.S and arch/powerpc/kernel/security.c.
- CVE-2019-10220Nov 27, 2019affected < 4.12.14-5.44.1fixed 4.12.14-5.44.1
Linux kernel CIFS implementation, version 4.9.0 is vulnerable to a relative paths injection in directory entry lists.
- CVE-2019-14815Nov 25, 2019affected < 4.12.14-5.41.1fixed 4.12.14-5.41.1
A vulnerability was found in Linux Kernel, where a Heap Overflow was found in mwifiex_set_wmm_params() function of Marvell Wifi Driver.
- CVE-2019-19227Nov 22, 2019affected < 4.12.14-5.47.1fixed 4.12.14-5.47.1
In the AppleTalk subsystem in the Linux kernel before 5.1, there is a potential NULL pointer dereference because register_snap_client may return NULL. This will lead to denial of service in net/appletalk/aarp.c and net/appletalk/ddp.c, as demonstrated by unregister_snap_client, a
- CVE-2019-19077Nov 18, 2019affected < 4.12.14-5.47.1fixed 4.12.14-5.47.1
A memory leak in the bnxt_re_create_srq() function in drivers/infiniband/hw/bnxt_re/ib_verbs.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering copy to udata failures, aka CID-4a9d46a9fe14.
- CVE-2019-19075Nov 18, 2019affected < 4.12.14-5.47.1fixed 4.12.14-5.47.1
A memory leak in the ca8210_probe() function in drivers/net/ieee802154/ca8210.c in the Linux kernel before 5.3.8 allows attackers to cause a denial of service (memory consumption) by triggering ca8210_get_platform_data() failures, aka CID-6402939ec86e.
- CVE-2019-19074Nov 18, 2019affected < 4.12.14-5.47.1fixed 4.12.14-5.47.1
A memory leak in the ath9k_wmi_cmd() function in drivers/net/wireless/ath/ath9k/wmi.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption), aka CID-728c1e2a05e4.
Page 1 of 10