rpm package
suse/kernel-syms&distro=SUSE Linux Enterprise Server 12 SP3-BCL
pkg:rpm/suse/kernel-syms&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP3-BCL
Vulnerabilities (414)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2019-14814 | — | < 4.4.180-94.107.1 | 4.4.180-94.107.1 | Sep 20, 2019 | There is heap-based buffer overflow in Linux kernel, all versions up to, excluding 5.3, in the marvell wifi chip driver in Linux kernel, that allows local users to cause a denial of service(system crash) or possibly execute arbitrary code. | ||
| CVE-2019-14816 | — | < 4.4.180-94.107.1 | 4.4.180-94.107.1 | Sep 20, 2019 | There is heap-based buffer overflow in kernel, all versions up to, excluding 5.3, in the marvell wifi chip driver in Linux kernel, that allows local users to cause a denial of service(system crash) or possibly execute arbitrary code. | ||
| CVE-2019-14821 | — | < 4.4.180-94.107.1 | 4.4.180-94.107.1 | Sep 19, 2019 | An out-of-bounds access issue was found in the Linux kernel, all versions through 5.3, in the way Linux kernel's KVM hypervisor implements the Coalesced MMIO write operation. It operates on an MMIO ring buffer 'struct kvm_coalesced_mmio' object, wherein write indices 'ring->first | ||
| CVE-2019-16413 | — | < 4.4.180-94.107.1 | 4.4.180-94.107.1 | Sep 18, 2019 | An issue was discovered in the Linux kernel before 5.0.4. The 9p filesystem did not protect i_size_write() properly, which causes an i_size_read() infinite loop and denial of service on SMP systems. | ||
| CVE-2019-14835 | — | < 4.4.180-94.107.1 | 4.4.180-94.107.1 | Sep 17, 2019 | A buffer overflow flaw was found, in versions from 2.6.34 to 5.2.x, in the way Linux kernel's vhost functionality that translates virtqueue buffers to IOVs, logged the buffer descriptors during migration. A privileged guest user able to pass descriptors with invalid length to the | ||
| CVE-2019-16231 | — | < 4.4.180-94.113.1 | 4.4.180-94.113.1 | Sep 11, 2019 | drivers/net/fjes/fjes_main.c in the Linux kernel 5.2.14 does not check the alloc_workqueue return value, leading to a NULL pointer dereference. | ||
| CVE-2019-16232 | — | < 4.4.180-94.107.1 | 4.4.180-94.107.1 | Sep 11, 2019 | drivers/net/wireless/marvell/libertas/if_sdio.c in the Linux kernel 5.2.14 does not check the alloc_workqueue return value, leading to a NULL pointer dereference. | ||
| CVE-2019-16233 | — | < 4.4.180-94.107.1 | 4.4.180-94.107.1 | Sep 11, 2019 | drivers/scsi/qla2xxx/qla_os.c in the Linux kernel 5.2.14 does not check the alloc_workqueue return value, leading to a NULL pointer dereference. | ||
| CVE-2019-16234 | — | < 4.4.180-94.107.1 | 4.4.180-94.107.1 | Sep 11, 2019 | drivers/net/wireless/intel/iwlwifi/pcie/trans.c in the Linux kernel 5.2.14 does not check the alloc_workqueue return value, leading to a NULL pointer dereference. | ||
| CVE-2019-9455 | — | < 4.4.180-94.116.1 | 4.4.180-94.116.1 | Sep 6, 2019 | In the Android kernel in the video driver there is a kernel pointer leak due to a WARN_ON statement. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. | ||
| CVE-2019-9458 | — | < 4.4.180-94.116.1 | 4.4.180-94.116.1 | Sep 6, 2019 | In the Android kernel in the video driver there is a use after free due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. | ||
| CVE-2019-9456 | — | < 4.4.180-94.107.1 | 4.4.180-94.107.1 | Sep 6, 2019 | In the Android kernel in Pixel C USB monitor driver there is a possible OOB write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. | ||
| CVE-2017-18595 | — | < 4.4.180-94.107.1 | 4.4.180-94.107.1 | Sep 4, 2019 | An issue was discovered in the Linux kernel before 4.14.11. A double free may be caused by the function allocate_trace_buffer in the file kernel/trace/trace.c. | ||
| CVE-2019-15926 | — | < 4.4.180-94.107.1 | 4.4.180-94.107.1 | Sep 4, 2019 | An issue was discovered in the Linux kernel before 5.2.3. Out of bounds access exists in the functions ath6kl_wmi_pstream_timeout_event_rx and ath6kl_wmi_cac_event_rx in the file drivers/net/wireless/ath/ath6kl/wmi.c. | ||
| CVE-2018-21008 | — | < 4.4.180-94.116.1 | 4.4.180-94.116.1 | Sep 4, 2019 | An issue was discovered in the Linux kernel before 4.16.7. A use-after-free can be caused by the function rsi_mac80211_detach in the file drivers/net/wireless/rsi/rsi_91x_mac80211.c. | ||
| CVE-2019-15927 | — | < 4.4.180-94.107.1 | 4.4.180-94.107.1 | Sep 4, 2019 | An issue was discovered in the Linux kernel before 4.20.2. An out-of-bounds access exists in the function build_audio_procunit in the file sound/usb/mixer.c. | ||
| CVE-2019-15924 | — | < 4.4.180-94.107.1 | 4.4.180-94.107.1 | Sep 4, 2019 | An issue was discovered in the Linux kernel before 5.0.11. fm10k_init_module in drivers/net/ethernet/intel/fm10k/fm10k_main.c has a NULL pointer dereference because there is no -ENOMEM upon an alloc_workqueue failure. | ||
| CVE-2019-15902 | — | < 4.4.180-94.107.1 | 4.4.180-94.107.1 | Sep 4, 2019 | A backporting error was discovered in the Linux stable/longterm kernel 4.4.x through 4.4.190, 4.9.x through 4.9.190, 4.14.x through 4.14.141, 4.19.x through 4.19.69, and 5.2.x through 5.2.11. Misuse of the upstream "x86/ptrace: Fix possible spectre-v1 in ptrace_get_debugreg()" co | ||
| CVE-2019-1125 | — | < 4.4.180-94.103.1 | 4.4.180-94.103.1 | Sep 3, 2019 | An information disclosure vulnerability exists when certain central processing units (CPU) speculatively access memory. An attacker who successfully exploited the vulnerability could read privileged data across trust boundaries. To exploit this vulnerability, an attacker would ha | ||
| CVE-2019-15807 | — | < 4.4.180-94.107.1 | 4.4.180-94.107.1 | Aug 29, 2019 | In the Linux kernel before 5.1.13, there is a memory leak in drivers/scsi/libsas/sas_expander.c when SAS expander discovery fails. This will cause a BUG and denial of service. |
- CVE-2019-14814Sep 20, 2019affected < 4.4.180-94.107.1fixed 4.4.180-94.107.1
There is heap-based buffer overflow in Linux kernel, all versions up to, excluding 5.3, in the marvell wifi chip driver in Linux kernel, that allows local users to cause a denial of service(system crash) or possibly execute arbitrary code.
- CVE-2019-14816Sep 20, 2019affected < 4.4.180-94.107.1fixed 4.4.180-94.107.1
There is heap-based buffer overflow in kernel, all versions up to, excluding 5.3, in the marvell wifi chip driver in Linux kernel, that allows local users to cause a denial of service(system crash) or possibly execute arbitrary code.
- CVE-2019-14821Sep 19, 2019affected < 4.4.180-94.107.1fixed 4.4.180-94.107.1
An out-of-bounds access issue was found in the Linux kernel, all versions through 5.3, in the way Linux kernel's KVM hypervisor implements the Coalesced MMIO write operation. It operates on an MMIO ring buffer 'struct kvm_coalesced_mmio' object, wherein write indices 'ring->first
- CVE-2019-16413Sep 18, 2019affected < 4.4.180-94.107.1fixed 4.4.180-94.107.1
An issue was discovered in the Linux kernel before 5.0.4. The 9p filesystem did not protect i_size_write() properly, which causes an i_size_read() infinite loop and denial of service on SMP systems.
- CVE-2019-14835Sep 17, 2019affected < 4.4.180-94.107.1fixed 4.4.180-94.107.1
A buffer overflow flaw was found, in versions from 2.6.34 to 5.2.x, in the way Linux kernel's vhost functionality that translates virtqueue buffers to IOVs, logged the buffer descriptors during migration. A privileged guest user able to pass descriptors with invalid length to the
- CVE-2019-16231Sep 11, 2019affected < 4.4.180-94.113.1fixed 4.4.180-94.113.1
drivers/net/fjes/fjes_main.c in the Linux kernel 5.2.14 does not check the alloc_workqueue return value, leading to a NULL pointer dereference.
- CVE-2019-16232Sep 11, 2019affected < 4.4.180-94.107.1fixed 4.4.180-94.107.1
drivers/net/wireless/marvell/libertas/if_sdio.c in the Linux kernel 5.2.14 does not check the alloc_workqueue return value, leading to a NULL pointer dereference.
- CVE-2019-16233Sep 11, 2019affected < 4.4.180-94.107.1fixed 4.4.180-94.107.1
drivers/scsi/qla2xxx/qla_os.c in the Linux kernel 5.2.14 does not check the alloc_workqueue return value, leading to a NULL pointer dereference.
- CVE-2019-16234Sep 11, 2019affected < 4.4.180-94.107.1fixed 4.4.180-94.107.1
drivers/net/wireless/intel/iwlwifi/pcie/trans.c in the Linux kernel 5.2.14 does not check the alloc_workqueue return value, leading to a NULL pointer dereference.
- CVE-2019-9455Sep 6, 2019affected < 4.4.180-94.116.1fixed 4.4.180-94.116.1
In the Android kernel in the video driver there is a kernel pointer leak due to a WARN_ON statement. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.
- CVE-2019-9458Sep 6, 2019affected < 4.4.180-94.116.1fixed 4.4.180-94.116.1
In the Android kernel in the video driver there is a use after free due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
- CVE-2019-9456Sep 6, 2019affected < 4.4.180-94.107.1fixed 4.4.180-94.107.1
In the Android kernel in Pixel C USB monitor driver there is a possible OOB write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.
- CVE-2017-18595Sep 4, 2019affected < 4.4.180-94.107.1fixed 4.4.180-94.107.1
An issue was discovered in the Linux kernel before 4.14.11. A double free may be caused by the function allocate_trace_buffer in the file kernel/trace/trace.c.
- CVE-2019-15926Sep 4, 2019affected < 4.4.180-94.107.1fixed 4.4.180-94.107.1
An issue was discovered in the Linux kernel before 5.2.3. Out of bounds access exists in the functions ath6kl_wmi_pstream_timeout_event_rx and ath6kl_wmi_cac_event_rx in the file drivers/net/wireless/ath/ath6kl/wmi.c.
- CVE-2018-21008Sep 4, 2019affected < 4.4.180-94.116.1fixed 4.4.180-94.116.1
An issue was discovered in the Linux kernel before 4.16.7. A use-after-free can be caused by the function rsi_mac80211_detach in the file drivers/net/wireless/rsi/rsi_91x_mac80211.c.
- CVE-2019-15927Sep 4, 2019affected < 4.4.180-94.107.1fixed 4.4.180-94.107.1
An issue was discovered in the Linux kernel before 4.20.2. An out-of-bounds access exists in the function build_audio_procunit in the file sound/usb/mixer.c.
- CVE-2019-15924Sep 4, 2019affected < 4.4.180-94.107.1fixed 4.4.180-94.107.1
An issue was discovered in the Linux kernel before 5.0.11. fm10k_init_module in drivers/net/ethernet/intel/fm10k/fm10k_main.c has a NULL pointer dereference because there is no -ENOMEM upon an alloc_workqueue failure.
- CVE-2019-15902Sep 4, 2019affected < 4.4.180-94.107.1fixed 4.4.180-94.107.1
A backporting error was discovered in the Linux stable/longterm kernel 4.4.x through 4.4.190, 4.9.x through 4.9.190, 4.14.x through 4.14.141, 4.19.x through 4.19.69, and 5.2.x through 5.2.11. Misuse of the upstream "x86/ptrace: Fix possible spectre-v1 in ptrace_get_debugreg()" co
- CVE-2019-1125Sep 3, 2019affected < 4.4.180-94.103.1fixed 4.4.180-94.103.1
An information disclosure vulnerability exists when certain central processing units (CPU) speculatively access memory. An attacker who successfully exploited the vulnerability could read privileged data across trust boundaries. To exploit this vulnerability, an attacker would ha
- CVE-2019-15807Aug 29, 2019affected < 4.4.180-94.107.1fixed 4.4.180-94.107.1
In the Linux kernel before 5.1.13, there is a memory leak in drivers/scsi/libsas/sas_expander.c when SAS expander discovery fails. This will cause a BUG and denial of service.
Page 18 of 21