VYPR

rpm package

suse/kernel-source-azure&distro=SUSE Linux Enterprise Module for Public Cloud 15 SP1

pkg:rpm/suse/kernel-source-azure&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Public%20Cloud%2015%20SP1

Vulnerabilities (249)

  • CVE-2019-12819MedJun 14, 2019
    affected < 4.12.14-8.13.1fixed 4.12.14-8.13.1

    An issue was discovered in the Linux kernel before 5.0. The function __mdiobus_register() in drivers/net/phy/mdio_bus.c calls put_device(), which will trigger a fixed_mdio_bus_init use-after-free. This will cause a denial of service.

  • CVE-2019-12818HigJun 14, 2019
    affected < 4.12.14-8.13.1fixed 4.12.14-8.13.1

    An issue was discovered in the Linux kernel before 4.20.15. The nfc_llcp_build_tlv function in net/nfc/llcp_commands.c may return NULL. If the caller does not check for this, it will trigger a NULL pointer dereference. This will cause denial of service. This affects nfc_llcp_buil

  • CVE-2019-12614MedJun 3, 2019
    affected < 4.12.14-8.13.1fixed 4.12.14-8.13.1

    An issue was discovered in dlpar_parse_cc_property in arch/powerpc/platforms/pseries/dlpar.c in the Linux kernel through 5.1.6. There is an unchecked kstrdup of prop->name, which might allow an attacker to cause a denial of service (NULL pointer dereference and system crash).

  • CVE-2019-11810HigMay 7, 2019
    affected < 4.12.14-8.13.1fixed 4.12.14-8.13.1

    An issue was discovered in the Linux kernel before 5.0.7. A NULL pointer dereference can occur when megasas_create_frame_pool() fails in megasas_alloc_cmds() in drivers/scsi/megaraid/megaraid_sas_base.c. This causes a Denial of Service, related to a use-after-free.

  • CVE-2018-20836HigMay 7, 2019
    affected < 4.12.14-8.13.1fixed 4.12.14-8.13.1

    An issue was discovered in the Linux kernel before 4.20. There is a race condition in smp_task_timedout() and smp_task_done() in drivers/scsi/libsas/sas_expander.c, leading to a use-after-free.

  • CVE-2019-11599HigApr 29, 2019
    affected < 4.12.14-8.13.1fixed 4.12.14-8.13.1

    The coredump implementation in the Linux kernel before 5.0.10 does not use locking or other mechanisms to prevent vma layout or vma flags changes while it runs, which allows local users to obtain sensitive information, cause a denial of service, or possibly have unspecified other

  • CVE-2018-20669HigMar 21, 2019
    affected < 4.12.14-8.58.1fixed 4.12.14-8.58.1

    An issue where a provided address with access_ok() is not checked was discovered in i915_gem_execbuffer2_ioctl in drivers/gpu/drm/i915/i915_gem_execbuffer.c in the Linux kernel through 4.19.13. A local attacker can craft a malicious IOCTL function call to overwrite arbitrary kern

  • CVE-2019-3701MedJan 3, 2019
    affected < 4.12.14-8.30.1fixed 4.12.14-8.30.1

    An issue was discovered in can_can_gw_rcv in net/can/gw.c in the Linux kernel through 4.19.13. The CAN frame modification rules allow bitwise logical operations that can be also applied to the can_dlc field. The privileged user "root" with CAP_NET_ADMIN can create a CAN frame mod

  • CVE-2018-1000199MedMay 24, 2018
    affected < 4.12.14-8.33.1fixed 4.12.14-8.33.1

    The Linux Kernel version 3.18 contains a dangerous feature vulnerability in modify_user_hw_breakpoint() that can result in crash and possibly memory corruption. This attack appear to be exploitable via local code execution and the ability to use ptrace. This vulnerability appears

Page 13 of 13