rpm package
suse/kernel-source-azure&distro=SUSE Linux Enterprise Server 12 SP4
pkg:rpm/suse/kernel-source-azure&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP4
Vulnerabilities (213)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2020-12464 | — | < 4.12.14-6.43.1 | 4.12.14-6.43.1 | Apr 29, 2020 | usb_sg_cancel in drivers/usb/core/message.c in the Linux kernel before 5.6.8 has a use-after-free because a transfer occurs without a reference, aka CID-056ad39ee925. | ||
| CVE-2020-11669 | — | < 4.12.14-6.40.1 | 4.12.14-6.40.1 | Apr 10, 2020 | An issue was discovered in the Linux kernel before 5.2 on the powerpc platform. arch/powerpc/kernel/idle_book3s.S does not have save/restore functionality for PNV_POWERSAVE_AMR, PNV_POWERSAVE_UAMOR, and PNV_POWERSAVE_AMOR, aka CID-53a712bae5dd. | ||
| CVE-2020-8834 | — | < 4.12.14-6.40.1 | 4.12.14-6.40.1 | Apr 9, 2020 | KVM in the Linux kernel on Power8 processors has a conflicting use of HSTATE_HOST_R1 to store r1 state in kvmppc_hv_entry plus in kvmppc_{save,restore}_tm, leading to a stack corruption. Because of this, an attacker with the ability run code in kernel space of a guest VM can caus | ||
| CVE-2020-2732 | — | < 4.12.14-6.37.1 | 4.12.14-6.37.1 | Apr 8, 2020 | A flaw was discovered in the way that the KVM hypervisor handled instruction emulation for an L2 guest when nested virtualisation is enabled. Under some circumstances, an L2 guest may trick the L0 guest into accessing sensitive L1 resources that should be inaccessible to the L2 g | ||
| CVE-2020-11494 | — | < 4.12.14-6.40.1 | 4.12.14-6.40.1 | Apr 2, 2020 | An issue was discovered in slc_bump in drivers/net/can/slcan.c in the Linux kernel 3.16 through 5.6.2. It allows attackers to read uninitialized can_frame data, potentially containing sensitive information from kernel stack memory, if the configuration lacks CONFIG_INIT_STACK_ALL | ||
| CVE-2020-10942 | — | < 4.12.14-6.40.1 | 4.12.14-6.40.1 | Mar 24, 2020 | In the Linux kernel before 5.5.8, get_raw_socket in drivers/vhost/net.c lacks validation of an sk_family field, which might allow attackers to trigger kernel stack corruption via crafted system calls. | ||
| CVE-2020-9383 | — | < 4.12.14-6.40.1 | 4.12.14-6.40.1 | Feb 25, 2020 | An issue was discovered in the Linux kernel 3.16 through 5.5.6. set_fdc in drivers/block/floppy.c leads to a wait_til_ready out-of-bounds read because the FDC index is not checked for errors before assigning it, aka CID-2e90ca68b0d2. | ||
| CVE-2020-8992 | — | < 4.12.14-6.37.1 | 4.12.14-6.37.1 | Feb 14, 2020 | ext4_protect_reserved_inode in fs/ext4/block_validity.c in the Linux kernel through 5.5.3 allows attackers to cause a denial of service (soft lockup) via a crafted journal size. | ||
| CVE-2020-8647 | — | < 4.12.14-6.40.1 | 4.12.14-6.40.1 | Feb 6, 2020 | There is a use-after-free vulnerability in the Linux kernel through 5.5.2 in the vc_do_resize function in drivers/tty/vt/vt.c. | ||
| CVE-2020-8648 | — | < 4.12.14-6.37.1 | 4.12.14-6.37.1 | Feb 6, 2020 | There is a use-after-free vulnerability in the Linux kernel through 5.5.2 in the n_tty_receive_buf_common function in drivers/tty/n_tty.c. | ||
| CVE-2020-8649 | — | < 4.12.14-6.40.1 | 4.12.14-6.40.1 | Feb 6, 2020 | There is a use-after-free vulnerability in the Linux kernel through 5.5.2 in the vgacon_invert_region function in drivers/video/console/vgacon.c. | ||
| CVE-2020-8428 | — | < 4.12.14-6.37.1 | 4.12.14-6.37.1 | Jan 28, 2020 | fs/namei.c in the Linux kernel before 5.5 has a may_create_in_sticky use-after-free, which allows local users to cause a denial of service (OOPS) or possibly obtain sensitive information from kernel memory, aka CID-d0cb50185ae9. One attack vector may be an open system call for a | ||
| CVE-2019-14615 | — | < 4.12.14-6.37.1 | 4.12.14-6.37.1 | Jan 17, 2020 | Insufficient control flow in certain data structures for some Intel(R) Processors with Intel(R) Processor Graphics may allow an unauthenticated user to potentially enable information disclosure via local access. | ||
| CVE-2019-9503 | — | < 4.12.14-6.12.1 | 4.12.14-6.12.1 | Jan 16, 2020 | The Broadcom brcmfmac WiFi driver prior to commit a4176ec356c73a46c07c181c6d04039fafa34a9f is vulnerable to a frame validation bypass. If the brcmfmac driver receives a firmware event frame from a remote source, the is_wlc_event_frame function will cause this frame to be discarde | ||
| CVE-2019-9500 | — | < 4.12.14-6.12.1 | 4.12.14-6.12.1 | Jan 16, 2020 | The Broadcom brcmfmac WiFi driver prior to commit 1b5e2423164b3670e8bc9174e4762d297990deff is vulnerable to a heap buffer overflow. If the Wake-up on Wireless LAN functionality is configured, a malicious event frame can be constructed to trigger an heap buffer overflow in the brc | ||
| CVE-2020-7053 | — | < 4.12.14-6.37.1 | 4.12.14-6.37.1 | Jan 14, 2020 | In the Linux kernel 4.14 longterm through 4.14.165 and 4.19 longterm through 4.19.96 (and 5.x before 5.2), there is a use-after-free (write) in the i915_ppgtt_close function in drivers/gpu/drm/i915/i915_gem_gtt.c, aka CID-7dc40713618c. This is related to i915_gem_context_destroy_ | ||
| CVE-2019-19332 | — | < 4.12.14-6.34.1 | 4.12.14-6.34.1 | Jan 9, 2020 | An out-of-bounds memory write issue was found in the Linux Kernel, version 3.13 through 5.4, in the way the Linux kernel's KVM hypervisor handled the 'KVM_GET_EMULATED_CPUID' ioctl(2) request to get CPUID features emulated by the KVM hypervisor. A user or process able to access t | ||
| CVE-2019-20095 | — | < 4.12.14-6.37.1 | 4.12.14-6.37.1 | Dec 30, 2019 | mwifiex_tm_cmd in drivers/net/wireless/marvell/mwifiex/cfg80211.c in the Linux kernel before 5.1.6 has some error-handling cases that did not free allocated hostcmd memory, aka CID-003b686ace82. This will cause a memory leak and denial of service. | ||
| CVE-2019-20096 | — | < 4.12.14-6.37.1 | 4.12.14-6.37.1 | Dec 30, 2019 | In the Linux kernel before 5.1, there is a memory leak in __feat_register_sp() in net/dccp/feat.c, which may cause denial of service, aka CID-1d3ff0950e2b. | ||
| CVE-2019-20054 | — | < 4.12.14-6.37.1 | 4.12.14-6.37.1 | Dec 28, 2019 | In the Linux kernel before 5.0.6, there is a NULL pointer dereference in drop_sysctl_table() in fs/proc/proc_sysctl.c, related to put_links, aka CID-23da9588037e. |
- CVE-2020-12464Apr 29, 2020affected < 4.12.14-6.43.1fixed 4.12.14-6.43.1
usb_sg_cancel in drivers/usb/core/message.c in the Linux kernel before 5.6.8 has a use-after-free because a transfer occurs without a reference, aka CID-056ad39ee925.
- CVE-2020-11669Apr 10, 2020affected < 4.12.14-6.40.1fixed 4.12.14-6.40.1
An issue was discovered in the Linux kernel before 5.2 on the powerpc platform. arch/powerpc/kernel/idle_book3s.S does not have save/restore functionality for PNV_POWERSAVE_AMR, PNV_POWERSAVE_UAMOR, and PNV_POWERSAVE_AMOR, aka CID-53a712bae5dd.
- CVE-2020-8834Apr 9, 2020affected < 4.12.14-6.40.1fixed 4.12.14-6.40.1
KVM in the Linux kernel on Power8 processors has a conflicting use of HSTATE_HOST_R1 to store r1 state in kvmppc_hv_entry plus in kvmppc_{save,restore}_tm, leading to a stack corruption. Because of this, an attacker with the ability run code in kernel space of a guest VM can caus
- CVE-2020-2732Apr 8, 2020affected < 4.12.14-6.37.1fixed 4.12.14-6.37.1
A flaw was discovered in the way that the KVM hypervisor handled instruction emulation for an L2 guest when nested virtualisation is enabled. Under some circumstances, an L2 guest may trick the L0 guest into accessing sensitive L1 resources that should be inaccessible to the L2 g
- CVE-2020-11494Apr 2, 2020affected < 4.12.14-6.40.1fixed 4.12.14-6.40.1
An issue was discovered in slc_bump in drivers/net/can/slcan.c in the Linux kernel 3.16 through 5.6.2. It allows attackers to read uninitialized can_frame data, potentially containing sensitive information from kernel stack memory, if the configuration lacks CONFIG_INIT_STACK_ALL
- CVE-2020-10942Mar 24, 2020affected < 4.12.14-6.40.1fixed 4.12.14-6.40.1
In the Linux kernel before 5.5.8, get_raw_socket in drivers/vhost/net.c lacks validation of an sk_family field, which might allow attackers to trigger kernel stack corruption via crafted system calls.
- CVE-2020-9383Feb 25, 2020affected < 4.12.14-6.40.1fixed 4.12.14-6.40.1
An issue was discovered in the Linux kernel 3.16 through 5.5.6. set_fdc in drivers/block/floppy.c leads to a wait_til_ready out-of-bounds read because the FDC index is not checked for errors before assigning it, aka CID-2e90ca68b0d2.
- CVE-2020-8992Feb 14, 2020affected < 4.12.14-6.37.1fixed 4.12.14-6.37.1
ext4_protect_reserved_inode in fs/ext4/block_validity.c in the Linux kernel through 5.5.3 allows attackers to cause a denial of service (soft lockup) via a crafted journal size.
- CVE-2020-8647Feb 6, 2020affected < 4.12.14-6.40.1fixed 4.12.14-6.40.1
There is a use-after-free vulnerability in the Linux kernel through 5.5.2 in the vc_do_resize function in drivers/tty/vt/vt.c.
- CVE-2020-8648Feb 6, 2020affected < 4.12.14-6.37.1fixed 4.12.14-6.37.1
There is a use-after-free vulnerability in the Linux kernel through 5.5.2 in the n_tty_receive_buf_common function in drivers/tty/n_tty.c.
- CVE-2020-8649Feb 6, 2020affected < 4.12.14-6.40.1fixed 4.12.14-6.40.1
There is a use-after-free vulnerability in the Linux kernel through 5.5.2 in the vgacon_invert_region function in drivers/video/console/vgacon.c.
- CVE-2020-8428Jan 28, 2020affected < 4.12.14-6.37.1fixed 4.12.14-6.37.1
fs/namei.c in the Linux kernel before 5.5 has a may_create_in_sticky use-after-free, which allows local users to cause a denial of service (OOPS) or possibly obtain sensitive information from kernel memory, aka CID-d0cb50185ae9. One attack vector may be an open system call for a
- CVE-2019-14615Jan 17, 2020affected < 4.12.14-6.37.1fixed 4.12.14-6.37.1
Insufficient control flow in certain data structures for some Intel(R) Processors with Intel(R) Processor Graphics may allow an unauthenticated user to potentially enable information disclosure via local access.
- CVE-2019-9503Jan 16, 2020affected < 4.12.14-6.12.1fixed 4.12.14-6.12.1
The Broadcom brcmfmac WiFi driver prior to commit a4176ec356c73a46c07c181c6d04039fafa34a9f is vulnerable to a frame validation bypass. If the brcmfmac driver receives a firmware event frame from a remote source, the is_wlc_event_frame function will cause this frame to be discarde
- CVE-2019-9500Jan 16, 2020affected < 4.12.14-6.12.1fixed 4.12.14-6.12.1
The Broadcom brcmfmac WiFi driver prior to commit 1b5e2423164b3670e8bc9174e4762d297990deff is vulnerable to a heap buffer overflow. If the Wake-up on Wireless LAN functionality is configured, a malicious event frame can be constructed to trigger an heap buffer overflow in the brc
- CVE-2020-7053Jan 14, 2020affected < 4.12.14-6.37.1fixed 4.12.14-6.37.1
In the Linux kernel 4.14 longterm through 4.14.165 and 4.19 longterm through 4.19.96 (and 5.x before 5.2), there is a use-after-free (write) in the i915_ppgtt_close function in drivers/gpu/drm/i915/i915_gem_gtt.c, aka CID-7dc40713618c. This is related to i915_gem_context_destroy_
- CVE-2019-19332Jan 9, 2020affected < 4.12.14-6.34.1fixed 4.12.14-6.34.1
An out-of-bounds memory write issue was found in the Linux Kernel, version 3.13 through 5.4, in the way the Linux kernel's KVM hypervisor handled the 'KVM_GET_EMULATED_CPUID' ioctl(2) request to get CPUID features emulated by the KVM hypervisor. A user or process able to access t
- CVE-2019-20095Dec 30, 2019affected < 4.12.14-6.37.1fixed 4.12.14-6.37.1
mwifiex_tm_cmd in drivers/net/wireless/marvell/mwifiex/cfg80211.c in the Linux kernel before 5.1.6 has some error-handling cases that did not free allocated hostcmd memory, aka CID-003b686ace82. This will cause a memory leak and denial of service.
- CVE-2019-20096Dec 30, 2019affected < 4.12.14-6.37.1fixed 4.12.14-6.37.1
In the Linux kernel before 5.1, there is a memory leak in __feat_register_sp() in net/dccp/feat.c, which may cause denial of service, aka CID-1d3ff0950e2b.
- CVE-2019-20054Dec 28, 2019affected < 4.12.14-6.37.1fixed 4.12.14-6.37.1
In the Linux kernel before 5.0.6, there is a NULL pointer dereference in drop_sysctl_table() in fs/proc/proc_sysctl.c, related to put_links, aka CID-23da9588037e.
Page 2 of 11