VYPR

rpm package

suse/kernel-source-azure&distro=SUSE Linux Enterprise Module for Public Cloud 15 SP1

pkg:rpm/suse/kernel-source-azure&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Public%20Cloud%2015%20SP1

Vulnerabilities (249)

  • CVE-2019-19051MedNov 18, 2019
    affected < 4.12.14-8.27.1fixed 4.12.14-8.27.1

    A memory leak in the i2400m_op_rfkill_sw_toggle() function in drivers/net/wimax/i2400m/op-rfkill.c in the Linux kernel before 5.3.11 allows attackers to cause a denial of service (memory consumption), aka CID-6f3ef5c25cc7.

  • CVE-2019-19049HigNov 18, 2019
    affected < 4.12.14-8.22.1fixed 4.12.14-8.22.1

    A memory leak in the unittest_data_add() function in drivers/of/unittest.c in the Linux kernel before 5.3.10 allows attackers to cause a denial of service (memory consumption) by triggering of_fdt_unflatten_tree() failures, aka CID-e13de8fe0d6a. NOTE: third parties dispute the re

  • CVE-2019-19046MedNov 18, 2019
    affected < 4.12.14-8.22.1fixed 4.12.14-8.22.1

    A memory leak in the __ipmi_bmc_register() function in drivers/char/ipmi/ipmi_msghandler.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering ida_simple_get() failure, aka CID-4aa7afb0ee20. NOTE: third parties dispu

  • CVE-2019-19045MedNov 18, 2019
    affected < 4.12.14-8.27.1fixed 4.12.14-8.27.1

    A memory leak in the mlx5_fpga_conn_create_cq() function in drivers/net/ethernet/mellanox/mlx5/core/fpga/conn.c in the Linux kernel before 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering mlx5_vector2eqn() failures, aka CID-c8c2a057fdc7.

  • CVE-2018-12207MedNov 14, 2019
    affected < 4.12.14-8.19.1fixed 4.12.14-8.19.1

    Improper invalidation for page table updates by a virtual guest operating system for multiple Intel(R) Processors may allow an authenticated user to potentially enable denial of service of the host system via local access.

  • CVE-2019-11135MedNov 14, 2019
    affected < 4.12.14-8.19.1fixed 4.12.14-8.19.1

    TSX Asynchronous Abort condition on some CPUs utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access.

  • CVE-2019-0154MedNov 14, 2019
    affected < 4.12.14-8.22.1fixed 4.12.14-8.22.1

    Insufficient access control in subsystem for Intel (R) processor graphics in 6th, 7th, 8th and 9th Generation Intel(R) Core(TM) Processor Families; Intel(R) Pentium(R) Processor J, N, Silver and Gold Series; Intel(R) Celeron(R) Processor J, N, G3900 and G4900 Series; Intel(R) Ato

  • CVE-2019-18809MedNov 7, 2019
    affected < 4.12.14-8.22.1fixed 4.12.14-8.22.1

    A memory leak in the af9005_identify_state() function in drivers/media/usb/dvb-usb/af9005.c in the Linux kernel through 5.3.9 allows attackers to cause a denial of service (memory consumption), aka CID-2289adbfa559.

  • CVE-2019-18808MedNov 7, 2019
    affected < 4.12.14-8.27.1fixed 4.12.14-8.27.1

    A memory leak in the ccp_run_sha_cmd() function in drivers/crypto/ccp/ccp-ops.c in the Linux kernel through 5.3.9 allows attackers to cause a denial of service (memory consumption), aka CID-128c66429247.

  • CVE-2019-18805CriNov 7, 2019
    affected < 4.12.14-8.22.1fixed 4.12.14-8.22.1

    An issue was discovered in net/ipv4/sysctl_net_ipv4.c in the Linux kernel before 5.0.11. There is a net/ipv4/tcp_input.c signed integer overflow in tcp_ack_update_rtt() when userspace writes a very large integer to /proc/sys/net/ipv4/tcp_min_rtt_wlen, leading to a denial of servi

  • CVE-2019-18683HigNov 4, 2019
    affected < 4.12.14-8.22.1fixed 4.12.14-8.22.1

    An issue was discovered in drivers/media/platform/vivid in the Linux kernel through 5.3.8. It is exploitable for privilege escalation on some Linux distributions where local users have /dev/video0 access, but only if the driver happens to be loaded. There are multiple race condit

  • CVE-2019-17666HigOct 17, 2019
    affected < 4.12.14-8.19.1fixed 4.12.14-8.19.1

    rtl_p2p_noa_ie in drivers/net/wireless/realtek/rtlwifi/ps.c in the Linux kernel through 5.3.6 lacks a certain upper-bound check, leading to a buffer overflow.

  • CVE-2019-17133CriOct 4, 2019
    affected < 4.12.14-8.19.1fixed 4.12.14-8.19.1

    In the Linux kernel through 5.3.2, cfg80211_mgd_wext_giwessid in net/wireless/wext-sme.c does not reject a long SSID IE, leading to a Buffer Overflow.

  • CVE-2019-17056LowOct 1, 2019
    affected < 4.12.14-8.19.1fixed 4.12.14-8.19.1

    llcp_sock_create in net/nfc/llcp_sock.c in the AF_NFC network module in the Linux kernel through 5.3.2 does not enforce CAP_NET_RAW, which means that unprivileged users can create a raw socket, aka CID-3a359798b176.

  • CVE-2019-17055LowOct 1, 2019
    affected < 4.12.14-8.22.1fixed 4.12.14-8.22.1

    base_sock_create in drivers/isdn/mISDN/socket.c in the AF_ISDN network module in the Linux kernel through 5.3.2 does not enforce CAP_NET_RAW, which means that unprivileged users can create a raw socket, aka CID-b91ee4aa2a21.

  • CVE-2019-16995HigSep 30, 2019
    affected < 4.12.14-8.19.1fixed 4.12.14-8.19.1

    In the Linux kernel before 5.0.3, a memory leak exits in hsr_dev_finalize() in net/hsr/hsr_device.c if hsr_add_port fails to add a port, which may cause denial of service, aka CID-6caabe7f197d.

  • CVE-2019-16994MedSep 30, 2019
    affected < 4.12.14-8.27.1fixed 4.12.14-8.27.1

    In the Linux kernel before 5.0, a memory leak exists in sit_init_net() in net/ipv6/sit.c when register_netdev() fails to register sitn->fb_tunnel_dev, which may cause denial of service, aka CID-07f12b26e21a.

  • CVE-2019-16746CriSep 24, 2019
    affected < 4.12.14-8.27.1fixed 4.12.14-8.27.1

    An issue was discovered in net/wireless/nl80211.c in the Linux kernel through 5.2.17. It does not check the length of variable elements in a beacon head, leading to a buffer overflow.

  • CVE-2019-14816HigSep 20, 2019
    affected < 4.12.14-8.16.1fixed 4.12.14-8.16.1

    There is heap-based buffer overflow in kernel, all versions up to, excluding 5.3, in the marvell wifi chip driver in Linux kernel, that allows local users to cause a denial of service(system crash) or possibly execute arbitrary code.

  • CVE-2019-14814HigSep 20, 2019
    affected < 4.12.14-8.16.1fixed 4.12.14-8.16.1

    There is heap-based buffer overflow in Linux kernel, all versions up to, excluding 5.3, in the marvell wifi chip driver in Linux kernel, that allows local users to cause a denial of service(system crash) or possibly execute arbitrary code.

Page 9 of 13