rpm package
suse/kernel-source-azure&distro=SUSE Linux Enterprise Server for SAP Applications 12 SP3
pkg:rpm/suse/kernel-source-azure&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP3
Vulnerabilities (73)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2018-16884 | — | < 4.4.170-4.22.1 | 4.4.170-4.22.1 | Dec 18, 2018 | A flaw was found in the Linux kernel's NFS41+ subsystem. NFS41+ shares mounted in different network namespaces at the same time can make bc_svc_process() use wrong back-channel IDs and cause a use-after-free vulnerability. Thus a malicious container user can cause a host kernel m | ||
| CVE-2018-20169 | — | < 4.4.170-4.22.1 | 4.4.170-4.22.1 | Dec 17, 2018 | An issue was discovered in the Linux kernel before 4.19.9. The USB subsystem mishandles size checks during the reading of an extra descriptor, related to __usb_get_extra_descriptor in drivers/usb/core/usb.c. | ||
| CVE-2018-9568 | — | < 4.4.170-4.22.1 | 4.4.170-4.22.1 | Dec 6, 2018 | In sk_clone_lock of sock.c, there is a possible memory corruption due to type confusion. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: Android kernel. A | ||
| CVE-2018-19824 | — | < 4.4.170-4.22.1 | 4.4.170-4.22.1 | Dec 3, 2018 | In the Linux kernel through 4.19.6, a local user could exploit a use-after-free in the ALSA driver by supplying a malicious USB Sound device (with zero interfaces) that is mishandled in usb_audio_probe in sound/usb/card.c. | ||
| CVE-2018-16862 | — | < 4.4.170-4.22.1 | 4.4.170-4.22.1 | Nov 26, 2018 | A security flaw was found in the Linux kernel in a way that the cleancache subsystem clears an inode after the final file truncation (removal). The new file created with the same inode may contain leftover pages from cleancache and the old file data instead of the new one. | ||
| CVE-2018-19407 | — | < 4.4.170-4.22.1 | 4.4.170-4.22.1 | Nov 21, 2018 | The vcpu_scan_ioapic function in arch/x86/kvm/x86.c in the Linux kernel through 4.19.2 allows local users to cause a denial of service (NULL pointer dereference and BUG) via crafted system calls that reach a situation where ioapic is uninitialized. | ||
| CVE-2018-9516 | — | < 4.4.162-4.19.1 | 4.4.162-4.19.1 | Nov 6, 2018 | In hid_debug_events_read of drivers/hid/hid-debug.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Product: Android | ||
| CVE-2018-9363 | — | < 4.4.155-4.16.1 | 4.4.155-4.16.1 | Nov 6, 2018 | In the hidp_process_report in bluetooth, there is an integer overflow. This could lead to an out of bounds write with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android kernel Android ID: A-65853588 Refer | ||
| CVE-2018-18281 | — | < 4.4.162-4.19.1 | 4.4.162-4.19.1 | Oct 30, 2018 | Since Linux kernel version 3.2, the mremap() syscall performs TLB flushes after dropping pagetable locks. If a syscall such as ftruncate() removes entries from the pagetables of a task that is in the middle of mremap(), a stale TLB entry can remain for a short time that permits a | ||
| CVE-2018-18710 | — | < 4.4.162-4.19.1 | 4.4.162-4.19.1 | Oct 27, 2018 | An issue was discovered in the Linux kernel through 4.19. An information leak in cdrom_ioctl_select_disc in drivers/cdrom/cdrom.c could be used by local attackers to read kernel memory because a cast from unsigned long to int interferes with bounds checking. This is similar to CV | ||
| CVE-2018-18690 | — | < 4.4.162-4.19.1 | 4.4.162-4.19.1 | Oct 26, 2018 | In the Linux kernel before 4.17, a local attacker able to set attributes on an xfs filesystem could make this filesystem non-operational until the next mount by triggering an unchecked error condition during an xfs attribute change, because xfs_attr_shortform_addname in fs/xfs/li | ||
| CVE-2018-18386 | — | < 4.4.162-4.19.1 | 4.4.162-4.19.1 | Oct 17, 2018 | drivers/tty/n_tty.c in the Linux kernel before 4.14.11 allows local attackers (who are able to access pseudo terminals) to hang/block further usage of any pseudo terminal devices due to an EXTPROC versus ICANON confusion in TIOCINQ. | ||
| CVE-2018-17972 | — | < 4.4.180-4.31.1 | 4.4.180-4.31.1 | Oct 3, 2018 | An issue was discovered in the proc_pid_stack function in fs/proc/base.c in the Linux kernel through 4.18.11. It does not ensure that only root may inspect the kernel stack of an arbitrary task, allowing a local attacker to exploit racy stack unwinding and leak kernel task stack | ||
| CVE-2018-14633 | — | < 4.4.162-4.19.1 | 4.4.162-4.19.1 | Sep 25, 2018 | A security flaw was found in the chap_server_compute_md5() function in the ISCSI target code in the Linux kernel in a way an authentication request from an ISCSI initiator is processed. An unauthenticated remote attacker can cause a stack buffer overflow and smash up to 17 bytes | ||
| CVE-2018-16597 | — | < 4.4.162-4.19.1 | 4.4.162-4.19.1 | Sep 21, 2018 | An issue was discovered in the Linux kernel before 4.8. Incorrect access checking in overlayfs mounts could be used by local attackers to modify or truncate files in the underlying filesystem. | ||
| CVE-2018-17182 | — | < 4.4.162-4.19.1 | 4.4.162-4.19.1 | Sep 19, 2018 | An issue was discovered in the Linux kernel through 4.18.8. The vmacache_flush_all function in mm/vmacache.c mishandles sequence number overflows. An attacker can trigger a use-after-free (and possibly gain privileges) via certain thread creation, map, unmap, invalidation, and de | ||
| CVE-2018-16658 | — | < 4.4.155-4.16.1 | 4.4.155-4.16.1 | Sep 7, 2018 | An issue was discovered in the Linux kernel before 4.18.6. An information leak in cdrom_ioctl_drive_status in drivers/cdrom/cdrom.c could be used by local attackers to read kernel memory because a cast from unsigned long to int interferes with bounds checking. This is similar to | ||
| CVE-2018-5391 | — | < 4.4.143-4.13.1 | 4.4.143-4.13.1 | Sep 6, 2018 | The Linux kernel, versions 3.9+, is vulnerable to a denial of service attack with low rates of specially modified packets targeting IP fragment re-assembly. An attacker may cause a denial of service condition by sending specially crafted IP fragments. Various vulnerabilities in I | ||
| CVE-2018-6555 | — | < 4.4.155-4.16.1 | 4.4.155-4.16.1 | Sep 4, 2018 | The irda_setsockopt function in net/irda/af_irda.c and later in drivers/staging/irda/net/af_irda.c in the Linux kernel before 4.17 allows local users to cause a denial of service (ias_object use-after-free and system crash) or possibly have unspecified other impact via an AF_IRDA | ||
| CVE-2018-6554 | — | < 4.4.155-4.16.1 | 4.4.155-4.16.1 | Sep 4, 2018 | Memory leak in the irda_bind function in net/irda/af_irda.c and later in drivers/staging/irda/net/af_irda.c in the Linux kernel before 4.17 allows local users to cause a denial of service (memory consumption) by repeatedly binding an AF_IRDA socket. |
- CVE-2018-16884Dec 18, 2018affected < 4.4.170-4.22.1fixed 4.4.170-4.22.1
A flaw was found in the Linux kernel's NFS41+ subsystem. NFS41+ shares mounted in different network namespaces at the same time can make bc_svc_process() use wrong back-channel IDs and cause a use-after-free vulnerability. Thus a malicious container user can cause a host kernel m
- CVE-2018-20169Dec 17, 2018affected < 4.4.170-4.22.1fixed 4.4.170-4.22.1
An issue was discovered in the Linux kernel before 4.19.9. The USB subsystem mishandles size checks during the reading of an extra descriptor, related to __usb_get_extra_descriptor in drivers/usb/core/usb.c.
- CVE-2018-9568Dec 6, 2018affected < 4.4.170-4.22.1fixed 4.4.170-4.22.1
In sk_clone_lock of sock.c, there is a possible memory corruption due to type confusion. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: Android kernel. A
- CVE-2018-19824Dec 3, 2018affected < 4.4.170-4.22.1fixed 4.4.170-4.22.1
In the Linux kernel through 4.19.6, a local user could exploit a use-after-free in the ALSA driver by supplying a malicious USB Sound device (with zero interfaces) that is mishandled in usb_audio_probe in sound/usb/card.c.
- CVE-2018-16862Nov 26, 2018affected < 4.4.170-4.22.1fixed 4.4.170-4.22.1
A security flaw was found in the Linux kernel in a way that the cleancache subsystem clears an inode after the final file truncation (removal). The new file created with the same inode may contain leftover pages from cleancache and the old file data instead of the new one.
- CVE-2018-19407Nov 21, 2018affected < 4.4.170-4.22.1fixed 4.4.170-4.22.1
The vcpu_scan_ioapic function in arch/x86/kvm/x86.c in the Linux kernel through 4.19.2 allows local users to cause a denial of service (NULL pointer dereference and BUG) via crafted system calls that reach a situation where ioapic is uninitialized.
- CVE-2018-9516Nov 6, 2018affected < 4.4.162-4.19.1fixed 4.4.162-4.19.1
In hid_debug_events_read of drivers/hid/hid-debug.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Product: Android
- CVE-2018-9363Nov 6, 2018affected < 4.4.155-4.16.1fixed 4.4.155-4.16.1
In the hidp_process_report in bluetooth, there is an integer overflow. This could lead to an out of bounds write with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android kernel Android ID: A-65853588 Refer
- CVE-2018-18281Oct 30, 2018affected < 4.4.162-4.19.1fixed 4.4.162-4.19.1
Since Linux kernel version 3.2, the mremap() syscall performs TLB flushes after dropping pagetable locks. If a syscall such as ftruncate() removes entries from the pagetables of a task that is in the middle of mremap(), a stale TLB entry can remain for a short time that permits a
- CVE-2018-18710Oct 27, 2018affected < 4.4.162-4.19.1fixed 4.4.162-4.19.1
An issue was discovered in the Linux kernel through 4.19. An information leak in cdrom_ioctl_select_disc in drivers/cdrom/cdrom.c could be used by local attackers to read kernel memory because a cast from unsigned long to int interferes with bounds checking. This is similar to CV
- CVE-2018-18690Oct 26, 2018affected < 4.4.162-4.19.1fixed 4.4.162-4.19.1
In the Linux kernel before 4.17, a local attacker able to set attributes on an xfs filesystem could make this filesystem non-operational until the next mount by triggering an unchecked error condition during an xfs attribute change, because xfs_attr_shortform_addname in fs/xfs/li
- CVE-2018-18386Oct 17, 2018affected < 4.4.162-4.19.1fixed 4.4.162-4.19.1
drivers/tty/n_tty.c in the Linux kernel before 4.14.11 allows local attackers (who are able to access pseudo terminals) to hang/block further usage of any pseudo terminal devices due to an EXTPROC versus ICANON confusion in TIOCINQ.
- CVE-2018-17972Oct 3, 2018affected < 4.4.180-4.31.1fixed 4.4.180-4.31.1
An issue was discovered in the proc_pid_stack function in fs/proc/base.c in the Linux kernel through 4.18.11. It does not ensure that only root may inspect the kernel stack of an arbitrary task, allowing a local attacker to exploit racy stack unwinding and leak kernel task stack
- CVE-2018-14633Sep 25, 2018affected < 4.4.162-4.19.1fixed 4.4.162-4.19.1
A security flaw was found in the chap_server_compute_md5() function in the ISCSI target code in the Linux kernel in a way an authentication request from an ISCSI initiator is processed. An unauthenticated remote attacker can cause a stack buffer overflow and smash up to 17 bytes
- CVE-2018-16597Sep 21, 2018affected < 4.4.162-4.19.1fixed 4.4.162-4.19.1
An issue was discovered in the Linux kernel before 4.8. Incorrect access checking in overlayfs mounts could be used by local attackers to modify or truncate files in the underlying filesystem.
- CVE-2018-17182Sep 19, 2018affected < 4.4.162-4.19.1fixed 4.4.162-4.19.1
An issue was discovered in the Linux kernel through 4.18.8. The vmacache_flush_all function in mm/vmacache.c mishandles sequence number overflows. An attacker can trigger a use-after-free (and possibly gain privileges) via certain thread creation, map, unmap, invalidation, and de
- CVE-2018-16658Sep 7, 2018affected < 4.4.155-4.16.1fixed 4.4.155-4.16.1
An issue was discovered in the Linux kernel before 4.18.6. An information leak in cdrom_ioctl_drive_status in drivers/cdrom/cdrom.c could be used by local attackers to read kernel memory because a cast from unsigned long to int interferes with bounds checking. This is similar to
- CVE-2018-5391Sep 6, 2018affected < 4.4.143-4.13.1fixed 4.4.143-4.13.1
The Linux kernel, versions 3.9+, is vulnerable to a denial of service attack with low rates of specially modified packets targeting IP fragment re-assembly. An attacker may cause a denial of service condition by sending specially crafted IP fragments. Various vulnerabilities in I
- CVE-2018-6555Sep 4, 2018affected < 4.4.155-4.16.1fixed 4.4.155-4.16.1
The irda_setsockopt function in net/irda/af_irda.c and later in drivers/staging/irda/net/af_irda.c in the Linux kernel before 4.17 allows local users to cause a denial of service (ias_object use-after-free and system crash) or possibly have unspecified other impact via an AF_IRDA
- CVE-2018-6554Sep 4, 2018affected < 4.4.155-4.16.1fixed 4.4.155-4.16.1
Memory leak in the irda_bind function in net/irda/af_irda.c and later in drivers/staging/irda/net/af_irda.c in the Linux kernel before 4.17 allows local users to cause a denial of service (memory consumption) by repeatedly binding an AF_IRDA socket.
Page 2 of 4