rpm package
suse/kernel-syms&distro=HPE Helion OpenStack 8
pkg:rpm/suse/kernel-syms&distro=HPE%20Helion%20OpenStack%208
Vulnerabilities (347)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2019-20812 | — | < 4.4.180-94.127.1 | 4.4.180-94.127.1 | Jun 3, 2020 | An issue was discovered in the Linux kernel before 5.4.7. The prb_calc_retire_blk_tmo() function in net/packet/af_packet.c can result in a denial of service (CPU consumption and soft lockup) in a certain failure case involving TPACKET_V3, aka CID-b43d1f9f7067. | ||
| CVE-2019-20810 | — | < 4.4.180-94.127.1 | 4.4.180-94.127.1 | Jun 2, 2020 | go7007_snd_init in drivers/media/usb/go7007/snd-go7007.c in the Linux kernel before 5.6 does not call snd_card_free for a failure path, which causes a memory leak, aka CID-9453264ef586. | ||
| CVE-2020-10751 | — | < 4.4.180-94.127.1 | 4.4.180-94.127.1 | May 26, 2020 | A flaw was found in the Linux kernels SELinux LSM hook implementation before version 5.7, where it incorrectly assumed that an skb would only contain a single netlink message. The hook would incorrectly only validate the first netlink message in the skb and allow or deny the rest | ||
| CVE-2020-10711 | — | < 4.4.180-94.127.1 | 4.4.180-94.127.1 | May 22, 2020 | A NULL pointer dereference flaw was found in the Linux kernel's SELinux subsystem in versions before 5.7. This flaw occurs while importing the Commercial IP Security Option (CIPSO) protocol's category bitmap into the SELinux extensible bitmap via the' ebitmap_netlbl_import' routi | ||
| CVE-2020-10135 | — | < 4.4.180-94.127.1 | 4.4.180-94.127.1 | May 19, 2020 | Legacy pairing and secure-connections pairing authentication in Bluetooth BR/EDR Core Specification v5.2 and earlier may allow an unauthenticated user to complete authentication without pairing credentials via adjacent access. An unauthenticated, adjacent attacker could impersona | ||
| CVE-2020-12771 | — | < 4.4.180-94.127.1 | 4.4.180-94.127.1 | May 9, 2020 | An issue was discovered in the Linux kernel through 5.6.11. btree_gc_coalesce in drivers/md/bcache/btree.c has a deadlock if a coalescing operation fails. | ||
| CVE-2020-10690 | — | < 4.4.180-94.116.1 | 4.4.180-94.116.1 | May 8, 2020 | There is a use-after-free in kernel versions before 5.5 due to a race condition between the release of ptp_clock and cdev while resource deallocation. When a (high privileged) process allocates a ptp device file (like /dev/ptpX) and voluntarily goes to sleep. During this time if | ||
| CVE-2020-12656 | — | < 4.4.180-94.121.1 | 4.4.180-94.121.1 | May 5, 2020 | gss_mech_free in net/sunrpc/auth_gss/gss_mech_switch.c in the rpcsec_gss_krb5 implementation in the Linux kernel through 5.6.10 lacks certain domain_release calls, leading to a memory leak. Note: This was disputed with the assertion that the issue does not grant any access not al | ||
| CVE-2020-12655 | — | < 4.4.180-94.150.1 | 4.4.180-94.150.1 | May 5, 2020 | An issue was discovered in xfs_agf_verify in fs/xfs/libxfs/xfs_alloc.c in the Linux kernel through 5.6.10. Attackers may trigger a sync of excessive duration via an XFS v5 image with crafted metadata, aka CID-d0c7feaf8767. | ||
| CVE-2020-12654 | — | < 4.4.180-94.121.1 | 4.4.180-94.121.1 | May 5, 2020 | An issue was found in Linux kernel before 5.5.4. mwifiex_ret_wmm_get_status() in drivers/net/wireless/marvell/mwifiex/wmm.c allows a remote AP to trigger a heap-based buffer overflow because of an incorrect memcpy, aka CID-3a9b153c5591. | ||
| CVE-2020-12653 | — | < 4.4.180-94.121.1 | 4.4.180-94.121.1 | May 5, 2020 | An issue was found in Linux kernel before 5.5.4. The mwifiex_cmd_append_vsie_tlv() function in drivers/net/wireless/marvell/mwifiex/scan.c allows local users to gain privileges or cause a denial of service because of an incorrect memcpy and buffer overflow, aka CID-b70261a288ea. | ||
| CVE-2020-12652 | — | < 4.4.180-94.121.1 | 4.4.180-94.121.1 | May 5, 2020 | The __mptctl_ioctl function in drivers/message/fusion/mptctl.c in the Linux kernel before 5.4.14 allows local users to hold an incorrect lock during the ioctl operation and trigger a race condition, i.e., a "double fetch" vulnerability, aka CID-28d76df18f0a. NOTE: the vendor stat | ||
| CVE-2020-12114 | — | < 4.4.180-94.121.1 | 4.4.180-94.121.1 | May 4, 2020 | A pivot_root race condition in fs/namespace.c in the Linux kernel 4.4.x before 4.4.221, 4.9.x before 4.9.221, 4.14.x before 4.14.178, 4.19.x before 4.19.119, and 5.x before 5.3 allows local users to cause a denial of service (panic) by corrupting a mountpoint reference counter. | ||
| CVE-2020-11668 | — | < 4.4.180-94.138.1 | 4.4.180-94.138.1 | Apr 9, 2020 | In the Linux kernel before 5.6.1, drivers/media/usb/gspca/xirlink_cit.c (aka the Xirlink camera USB driver) mishandles invalid descriptors, aka CID-a246b4d54770. | ||
| CVE-2020-2732 | — | < 4.4.180-94.116.1 | 4.4.180-94.116.1 | Apr 8, 2020 | A flaw was discovered in the way that the KVM hypervisor handled instruction emulation for an L2 guest when nested virtualisation is enabled. Under some circumstances, an L2 guest may trick the L0 guest into accessing sensitive L1 resources that should be inaccessible to the L2 g | ||
| CVE-2020-11609 | — | < 4.4.180-94.116.1 | 4.4.180-94.116.1 | Apr 7, 2020 | An issue was discovered in the stv06xx subsystem in the Linux kernel before 5.6.1. drivers/media/usb/gspca/stv06xx/stv06xx.c and drivers/media/usb/gspca/stv06xx/stv06xx_pb0100.c mishandle invalid descriptors, as demonstrated by a NULL pointer dereference, aka CID-485b06aadb93. | ||
| CVE-2020-11608 | — | < 4.4.180-94.116.1 | 4.4.180-94.116.1 | Apr 7, 2020 | An issue was discovered in the Linux kernel before 5.6.1. drivers/media/usb/gspca/ov519.c allows NULL pointer dereferences in ov511_mode_init_regs and ov518_mode_init_regs when there are zero endpoints, aka CID-998912346c0d. | ||
| CVE-2020-11494 | — | < 4.4.180-94.116.1 | 4.4.180-94.116.1 | Apr 2, 2020 | An issue was discovered in slc_bump in drivers/net/can/slcan.c in the Linux kernel 3.16 through 5.6.2. It allows attackers to read uninitialized can_frame data, potentially containing sensitive information from kernel stack memory, if the configuration lacks CONFIG_INIT_STACK_ALL | ||
| CVE-2020-10942 | — | < 4.4.180-94.116.1 | 4.4.180-94.116.1 | Mar 24, 2020 | In the Linux kernel before 5.5.8, get_raw_socket in drivers/vhost/net.c lacks validation of an sk_family field, which might allow attackers to trigger kernel stack corruption via crafted system calls. | ||
| CVE-2020-9383 | — | < 4.4.180-94.116.1 | 4.4.180-94.116.1 | Feb 25, 2020 | An issue was discovered in the Linux kernel 3.16 through 5.5.6. set_fdc in drivers/block/floppy.c leads to a wait_til_ready out-of-bounds read because the FDC index is not checked for errors before assigning it, aka CID-2e90ca68b0d2. |
- CVE-2019-20812Jun 3, 2020affected < 4.4.180-94.127.1fixed 4.4.180-94.127.1
An issue was discovered in the Linux kernel before 5.4.7. The prb_calc_retire_blk_tmo() function in net/packet/af_packet.c can result in a denial of service (CPU consumption and soft lockup) in a certain failure case involving TPACKET_V3, aka CID-b43d1f9f7067.
- CVE-2019-20810Jun 2, 2020affected < 4.4.180-94.127.1fixed 4.4.180-94.127.1
go7007_snd_init in drivers/media/usb/go7007/snd-go7007.c in the Linux kernel before 5.6 does not call snd_card_free for a failure path, which causes a memory leak, aka CID-9453264ef586.
- CVE-2020-10751May 26, 2020affected < 4.4.180-94.127.1fixed 4.4.180-94.127.1
A flaw was found in the Linux kernels SELinux LSM hook implementation before version 5.7, where it incorrectly assumed that an skb would only contain a single netlink message. The hook would incorrectly only validate the first netlink message in the skb and allow or deny the rest
- CVE-2020-10711May 22, 2020affected < 4.4.180-94.127.1fixed 4.4.180-94.127.1
A NULL pointer dereference flaw was found in the Linux kernel's SELinux subsystem in versions before 5.7. This flaw occurs while importing the Commercial IP Security Option (CIPSO) protocol's category bitmap into the SELinux extensible bitmap via the' ebitmap_netlbl_import' routi
- CVE-2020-10135May 19, 2020affected < 4.4.180-94.127.1fixed 4.4.180-94.127.1
Legacy pairing and secure-connections pairing authentication in Bluetooth BR/EDR Core Specification v5.2 and earlier may allow an unauthenticated user to complete authentication without pairing credentials via adjacent access. An unauthenticated, adjacent attacker could impersona
- CVE-2020-12771May 9, 2020affected < 4.4.180-94.127.1fixed 4.4.180-94.127.1
An issue was discovered in the Linux kernel through 5.6.11. btree_gc_coalesce in drivers/md/bcache/btree.c has a deadlock if a coalescing operation fails.
- CVE-2020-10690May 8, 2020affected < 4.4.180-94.116.1fixed 4.4.180-94.116.1
There is a use-after-free in kernel versions before 5.5 due to a race condition between the release of ptp_clock and cdev while resource deallocation. When a (high privileged) process allocates a ptp device file (like /dev/ptpX) and voluntarily goes to sleep. During this time if
- CVE-2020-12656May 5, 2020affected < 4.4.180-94.121.1fixed 4.4.180-94.121.1
gss_mech_free in net/sunrpc/auth_gss/gss_mech_switch.c in the rpcsec_gss_krb5 implementation in the Linux kernel through 5.6.10 lacks certain domain_release calls, leading to a memory leak. Note: This was disputed with the assertion that the issue does not grant any access not al
- CVE-2020-12655May 5, 2020affected < 4.4.180-94.150.1fixed 4.4.180-94.150.1
An issue was discovered in xfs_agf_verify in fs/xfs/libxfs/xfs_alloc.c in the Linux kernel through 5.6.10. Attackers may trigger a sync of excessive duration via an XFS v5 image with crafted metadata, aka CID-d0c7feaf8767.
- CVE-2020-12654May 5, 2020affected < 4.4.180-94.121.1fixed 4.4.180-94.121.1
An issue was found in Linux kernel before 5.5.4. mwifiex_ret_wmm_get_status() in drivers/net/wireless/marvell/mwifiex/wmm.c allows a remote AP to trigger a heap-based buffer overflow because of an incorrect memcpy, aka CID-3a9b153c5591.
- CVE-2020-12653May 5, 2020affected < 4.4.180-94.121.1fixed 4.4.180-94.121.1
An issue was found in Linux kernel before 5.5.4. The mwifiex_cmd_append_vsie_tlv() function in drivers/net/wireless/marvell/mwifiex/scan.c allows local users to gain privileges or cause a denial of service because of an incorrect memcpy and buffer overflow, aka CID-b70261a288ea.
- CVE-2020-12652May 5, 2020affected < 4.4.180-94.121.1fixed 4.4.180-94.121.1
The __mptctl_ioctl function in drivers/message/fusion/mptctl.c in the Linux kernel before 5.4.14 allows local users to hold an incorrect lock during the ioctl operation and trigger a race condition, i.e., a "double fetch" vulnerability, aka CID-28d76df18f0a. NOTE: the vendor stat
- CVE-2020-12114May 4, 2020affected < 4.4.180-94.121.1fixed 4.4.180-94.121.1
A pivot_root race condition in fs/namespace.c in the Linux kernel 4.4.x before 4.4.221, 4.9.x before 4.9.221, 4.14.x before 4.14.178, 4.19.x before 4.19.119, and 5.x before 5.3 allows local users to cause a denial of service (panic) by corrupting a mountpoint reference counter.
- CVE-2020-11668Apr 9, 2020affected < 4.4.180-94.138.1fixed 4.4.180-94.138.1
In the Linux kernel before 5.6.1, drivers/media/usb/gspca/xirlink_cit.c (aka the Xirlink camera USB driver) mishandles invalid descriptors, aka CID-a246b4d54770.
- CVE-2020-2732Apr 8, 2020affected < 4.4.180-94.116.1fixed 4.4.180-94.116.1
A flaw was discovered in the way that the KVM hypervisor handled instruction emulation for an L2 guest when nested virtualisation is enabled. Under some circumstances, an L2 guest may trick the L0 guest into accessing sensitive L1 resources that should be inaccessible to the L2 g
- CVE-2020-11609Apr 7, 2020affected < 4.4.180-94.116.1fixed 4.4.180-94.116.1
An issue was discovered in the stv06xx subsystem in the Linux kernel before 5.6.1. drivers/media/usb/gspca/stv06xx/stv06xx.c and drivers/media/usb/gspca/stv06xx/stv06xx_pb0100.c mishandle invalid descriptors, as demonstrated by a NULL pointer dereference, aka CID-485b06aadb93.
- CVE-2020-11608Apr 7, 2020affected < 4.4.180-94.116.1fixed 4.4.180-94.116.1
An issue was discovered in the Linux kernel before 5.6.1. drivers/media/usb/gspca/ov519.c allows NULL pointer dereferences in ov511_mode_init_regs and ov518_mode_init_regs when there are zero endpoints, aka CID-998912346c0d.
- CVE-2020-11494Apr 2, 2020affected < 4.4.180-94.116.1fixed 4.4.180-94.116.1
An issue was discovered in slc_bump in drivers/net/can/slcan.c in the Linux kernel 3.16 through 5.6.2. It allows attackers to read uninitialized can_frame data, potentially containing sensitive information from kernel stack memory, if the configuration lacks CONFIG_INIT_STACK_ALL
- CVE-2020-10942Mar 24, 2020affected < 4.4.180-94.116.1fixed 4.4.180-94.116.1
In the Linux kernel before 5.5.8, get_raw_socket in drivers/vhost/net.c lacks validation of an sk_family field, which might allow attackers to trigger kernel stack corruption via crafted system calls.
- CVE-2020-9383Feb 25, 2020affected < 4.4.180-94.116.1fixed 4.4.180-94.116.1
An issue was discovered in the Linux kernel 3.16 through 5.5.6. set_fdc in drivers/block/floppy.c leads to a wait_til_ready out-of-bounds read because the FDC index is not checked for errors before assigning it, aka CID-2e90ca68b0d2.
Page 11 of 18