rpm package
suse/kernel-source-rt&distro=SUSE Real Time Module 15 SP1
pkg:rpm/suse/kernel-source-rt&distro=SUSE%20Real%20Time%20Module%2015%20SP1
Vulnerabilities (274)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2019-15920 | — | < 4.12.14-14.11.1 | 4.12.14-14.11.1 | Sep 4, 2019 | An issue was discovered in the Linux kernel before 5.0.10. SMB2_read in fs/cifs/smb2pdu.c has a use-after-free. NOTE: this was not fixed correctly in 5.0.10; see the 5.0.11 ChangeLog, which documents a memory leak. | ||
| CVE-2019-15921 | — | < 4.12.14-14.11.1 | 4.12.14-14.11.1 | Sep 4, 2019 | An issue was discovered in the Linux kernel before 5.0.6. There is a memory leak issue when idr_alloc() fails in genl_register_family() in net/netlink/genetlink.c. | ||
| CVE-2019-15924 | — | < 4.12.14-14.11.1 | 4.12.14-14.11.1 | Sep 4, 2019 | An issue was discovered in the Linux kernel before 5.0.11. fm10k_init_module in drivers/net/ethernet/intel/fm10k/fm10k_main.c has a NULL pointer dereference because there is no -ENOMEM upon an alloc_workqueue failure. | ||
| CVE-2019-15916 | — | < 4.12.14-14.14.2 | 4.12.14-14.14.2 | Sep 4, 2019 | An issue was discovered in the Linux kernel before 5.0.1. There is a memory leak in register_queue_kobjects() in net/core/net-sysfs.c, which will cause denial of service. | ||
| CVE-2019-15902 | — | < 4.12.14-14.11.1 | 4.12.14-14.11.1 | Sep 4, 2019 | A backporting error was discovered in the Linux stable/longterm kernel 4.4.x through 4.4.190, 4.9.x through 4.9.190, 4.14.x through 4.14.141, 4.19.x through 4.19.69, and 5.2.x through 5.2.11. Misuse of the upstream "x86/ptrace: Fix possible spectre-v1 in ptrace_get_debugreg()" co | ||
| CVE-2019-1125 | — | < 4.12.14-14.8.1 | 4.12.14-14.8.1 | Sep 3, 2019 | An information disclosure vulnerability exists when certain central processing units (CPU) speculatively access memory. An attacker who successfully exploited the vulnerability could read privileged data across trust boundaries. To exploit this vulnerability, an attacker would ha | ||
| CVE-2019-15666 | — | < 4.12.14-14.11.1 | 4.12.14-14.11.1 | Aug 27, 2019 | An issue was discovered in the Linux kernel before 5.0.19. There is an out-of-bounds array access in __xfrm_policy_unlink, which will cause denial of service, because verify_newpolicy_info in net/xfrm/xfrm_user.c mishandles directory validation. | ||
| CVE-2019-15538 | — | < 4.12.14-14.11.1 | 4.12.14-14.11.1 | Aug 25, 2019 | An issue was discovered in xfs_setattr_nonsize in fs/xfs/xfs_iops.c in the Linux kernel through 5.2.9. XFS partially wedges when a chgrp fails on account of being out of disk quota. xfs_setattr_nonsize is failing to unlock the ILOCK after the xfs_qm_vop_chown_reserve call fails. | ||
| CVE-2019-15292 | — | < 4.12.14-14.11.1 | 4.12.14-14.11.1 | Aug 21, 2019 | An issue was discovered in the Linux kernel before 5.0.9. There is a use-after-free in atalk_proc_exit, related to net/appletalk/atalk_proc.c, net/appletalk/ddp.c, and net/appletalk/sysctl_net_atalk.c. | ||
| CVE-2019-15291 | — | < 4.12.14-14.14.2 | 4.12.14-14.14.2 | Aug 20, 2019 | An issue was discovered in the Linux kernel through 5.2.9. There is a NULL pointer dereference caused by a malicious USB device in the flexcop_usb_probe function in the drivers/media/usb/b2c2/flexcop-usb.c driver. | ||
| CVE-2019-15239 | — | < 4.12.14-14.11.1 | 4.12.14-14.11.1 | Aug 20, 2019 | In the Linux kernel, a certain net/ipv4/tcp_output.c change, which was properly incorporated into 4.16.12, was incorrectly backported to the earlier longterm kernels, introducing a new vulnerability that was potentially more severe than the issue that was intended to be fixed by | ||
| CVE-2019-15211 | — | < 4.12.14-14.11.1 | 4.12.14-14.11.1 | Aug 19, 2019 | An issue was discovered in the Linux kernel before 5.2.6. There is a use-after-free caused by a malicious USB device in the drivers/media/v4l2-core/v4l2-dev.c driver because drivers/media/radio/radio-raremono.c does not properly allocate memory. | ||
| CVE-2019-15212 | — | < 4.12.14-14.11.1 | 4.12.14-14.11.1 | Aug 19, 2019 | An issue was discovered in the Linux kernel before 5.1.8. There is a double-free caused by a malicious USB device in the drivers/usb/misc/rio500.c driver. | ||
| CVE-2019-15213 | — | < 4.12.14-14.17.1 | 4.12.14-14.17.1 | Aug 19, 2019 | An issue was discovered in the Linux kernel before 5.2.3. There is a use-after-free caused by a malicious USB device in the drivers/media/usb/dvb-usb/dvb-usb-init.c driver. | ||
| CVE-2019-15214 | — | < 4.12.14-14.11.1 | 4.12.14-14.11.1 | Aug 19, 2019 | An issue was discovered in the Linux kernel before 5.0.10. There is a use-after-free in the sound subsystem because card disconnection causes certain data structures to be deleted too early. This is related to sound/core/init.c and sound/core/info.c. | ||
| CVE-2019-15215 | — | < 4.12.14-14.11.1 | 4.12.14-14.11.1 | Aug 19, 2019 | An issue was discovered in the Linux kernel before 5.2.6. There is a use-after-free caused by a malicious USB device in the drivers/media/usb/cpia2/cpia2_usb.c driver. | ||
| CVE-2019-15216 | — | < 4.12.14-14.11.1 | 4.12.14-14.11.1 | Aug 19, 2019 | An issue was discovered in the Linux kernel before 5.0.14. There is a NULL pointer dereference caused by a malicious USB device in the drivers/usb/misc/yurex.c driver. | ||
| CVE-2019-15217 | — | < 4.12.14-14.11.1 | 4.12.14-14.11.1 | Aug 19, 2019 | An issue was discovered in the Linux kernel before 5.2.3. There is a NULL pointer dereference caused by a malicious USB device in the drivers/media/usb/zr364xx/zr364xx.c driver. | ||
| CVE-2019-15218 | — | < 4.12.14-14.11.1 | 4.12.14-14.11.1 | Aug 19, 2019 | An issue was discovered in the Linux kernel before 5.1.8. There is a NULL pointer dereference caused by a malicious USB device in the drivers/media/usb/siano/smsusb.c driver. | ||
| CVE-2019-15219 | — | < 4.12.14-14.11.1 | 4.12.14-14.11.1 | Aug 19, 2019 | An issue was discovered in the Linux kernel before 5.1.8. There is a NULL pointer dereference caused by a malicious USB device in the drivers/usb/misc/sisusbvga/sisusb.c driver. |
- CVE-2019-15920Sep 4, 2019affected < 4.12.14-14.11.1fixed 4.12.14-14.11.1
An issue was discovered in the Linux kernel before 5.0.10. SMB2_read in fs/cifs/smb2pdu.c has a use-after-free. NOTE: this was not fixed correctly in 5.0.10; see the 5.0.11 ChangeLog, which documents a memory leak.
- CVE-2019-15921Sep 4, 2019affected < 4.12.14-14.11.1fixed 4.12.14-14.11.1
An issue was discovered in the Linux kernel before 5.0.6. There is a memory leak issue when idr_alloc() fails in genl_register_family() in net/netlink/genetlink.c.
- CVE-2019-15924Sep 4, 2019affected < 4.12.14-14.11.1fixed 4.12.14-14.11.1
An issue was discovered in the Linux kernel before 5.0.11. fm10k_init_module in drivers/net/ethernet/intel/fm10k/fm10k_main.c has a NULL pointer dereference because there is no -ENOMEM upon an alloc_workqueue failure.
- CVE-2019-15916Sep 4, 2019affected < 4.12.14-14.14.2fixed 4.12.14-14.14.2
An issue was discovered in the Linux kernel before 5.0.1. There is a memory leak in register_queue_kobjects() in net/core/net-sysfs.c, which will cause denial of service.
- CVE-2019-15902Sep 4, 2019affected < 4.12.14-14.11.1fixed 4.12.14-14.11.1
A backporting error was discovered in the Linux stable/longterm kernel 4.4.x through 4.4.190, 4.9.x through 4.9.190, 4.14.x through 4.14.141, 4.19.x through 4.19.69, and 5.2.x through 5.2.11. Misuse of the upstream "x86/ptrace: Fix possible spectre-v1 in ptrace_get_debugreg()" co
- CVE-2019-1125Sep 3, 2019affected < 4.12.14-14.8.1fixed 4.12.14-14.8.1
An information disclosure vulnerability exists when certain central processing units (CPU) speculatively access memory. An attacker who successfully exploited the vulnerability could read privileged data across trust boundaries. To exploit this vulnerability, an attacker would ha
- CVE-2019-15666Aug 27, 2019affected < 4.12.14-14.11.1fixed 4.12.14-14.11.1
An issue was discovered in the Linux kernel before 5.0.19. There is an out-of-bounds array access in __xfrm_policy_unlink, which will cause denial of service, because verify_newpolicy_info in net/xfrm/xfrm_user.c mishandles directory validation.
- CVE-2019-15538Aug 25, 2019affected < 4.12.14-14.11.1fixed 4.12.14-14.11.1
An issue was discovered in xfs_setattr_nonsize in fs/xfs/xfs_iops.c in the Linux kernel through 5.2.9. XFS partially wedges when a chgrp fails on account of being out of disk quota. xfs_setattr_nonsize is failing to unlock the ILOCK after the xfs_qm_vop_chown_reserve call fails.
- CVE-2019-15292Aug 21, 2019affected < 4.12.14-14.11.1fixed 4.12.14-14.11.1
An issue was discovered in the Linux kernel before 5.0.9. There is a use-after-free in atalk_proc_exit, related to net/appletalk/atalk_proc.c, net/appletalk/ddp.c, and net/appletalk/sysctl_net_atalk.c.
- CVE-2019-15291Aug 20, 2019affected < 4.12.14-14.14.2fixed 4.12.14-14.14.2
An issue was discovered in the Linux kernel through 5.2.9. There is a NULL pointer dereference caused by a malicious USB device in the flexcop_usb_probe function in the drivers/media/usb/b2c2/flexcop-usb.c driver.
- CVE-2019-15239Aug 20, 2019affected < 4.12.14-14.11.1fixed 4.12.14-14.11.1
In the Linux kernel, a certain net/ipv4/tcp_output.c change, which was properly incorporated into 4.16.12, was incorrectly backported to the earlier longterm kernels, introducing a new vulnerability that was potentially more severe than the issue that was intended to be fixed by
- CVE-2019-15211Aug 19, 2019affected < 4.12.14-14.11.1fixed 4.12.14-14.11.1
An issue was discovered in the Linux kernel before 5.2.6. There is a use-after-free caused by a malicious USB device in the drivers/media/v4l2-core/v4l2-dev.c driver because drivers/media/radio/radio-raremono.c does not properly allocate memory.
- CVE-2019-15212Aug 19, 2019affected < 4.12.14-14.11.1fixed 4.12.14-14.11.1
An issue was discovered in the Linux kernel before 5.1.8. There is a double-free caused by a malicious USB device in the drivers/usb/misc/rio500.c driver.
- CVE-2019-15213Aug 19, 2019affected < 4.12.14-14.17.1fixed 4.12.14-14.17.1
An issue was discovered in the Linux kernel before 5.2.3. There is a use-after-free caused by a malicious USB device in the drivers/media/usb/dvb-usb/dvb-usb-init.c driver.
- CVE-2019-15214Aug 19, 2019affected < 4.12.14-14.11.1fixed 4.12.14-14.11.1
An issue was discovered in the Linux kernel before 5.0.10. There is a use-after-free in the sound subsystem because card disconnection causes certain data structures to be deleted too early. This is related to sound/core/init.c and sound/core/info.c.
- CVE-2019-15215Aug 19, 2019affected < 4.12.14-14.11.1fixed 4.12.14-14.11.1
An issue was discovered in the Linux kernel before 5.2.6. There is a use-after-free caused by a malicious USB device in the drivers/media/usb/cpia2/cpia2_usb.c driver.
- CVE-2019-15216Aug 19, 2019affected < 4.12.14-14.11.1fixed 4.12.14-14.11.1
An issue was discovered in the Linux kernel before 5.0.14. There is a NULL pointer dereference caused by a malicious USB device in the drivers/usb/misc/yurex.c driver.
- CVE-2019-15217Aug 19, 2019affected < 4.12.14-14.11.1fixed 4.12.14-14.11.1
An issue was discovered in the Linux kernel before 5.2.3. There is a NULL pointer dereference caused by a malicious USB device in the drivers/media/usb/zr364xx/zr364xx.c driver.
- CVE-2019-15218Aug 19, 2019affected < 4.12.14-14.11.1fixed 4.12.14-14.11.1
An issue was discovered in the Linux kernel before 5.1.8. There is a NULL pointer dereference caused by a malicious USB device in the drivers/media/usb/siano/smsusb.c driver.
- CVE-2019-15219Aug 19, 2019affected < 4.12.14-14.11.1fixed 4.12.14-14.11.1
An issue was discovered in the Linux kernel before 5.1.8. There is a NULL pointer dereference caused by a malicious USB device in the drivers/usb/misc/sisusbvga/sisusb.c driver.
Page 11 of 14