rpm package

suse/kernel-syms&distro=SUSE Linux Enterprise Server 12 SP3-LTSS

pkg:rpm/suse/kernel-syms&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP3-LTSS

Vulnerabilities (358)

CVE	Sev	CVSS	Affected versions	Fixed in	Published	Description
CVE-2019-12380		—	< 4.4.180-94.100.1	4.4.180-94.100.1	May 28, 2019	DISPUTED An issue was discovered in the efi subsystem in the Linux kernel through 5.1.5. phys_efi_set_virtual_address_map in arch/x86/platform/efi/efi.c and efi_call_phys_prolog in arch/x86/platform/efi/efi_64.c mishandle memory allocation failures. NOTE: This id is disputed
CVE-2018-20836		—	< 4.4.180-94.100.1	4.4.180-94.100.1	May 7, 2019	An issue was discovered in the Linux kernel before 4.20. There is a race condition in smp_task_timedout() and smp_task_done() in drivers/scsi/libsas/sas_expander.c, leading to a use-after-free.
CVE-2019-11810		—	< 4.4.180-94.103.1	4.4.180-94.103.1	May 7, 2019	An issue was discovered in the Linux kernel before 5.0.7. A NULL pointer dereference can occur when megasas_create_frame_pool() fails in megasas_alloc_cmds() in drivers/scsi/megaraid/megaraid_sas_base.c. This causes a Denial of Service, related to a use-after-free.
CVE-2019-11599		—	< 4.4.180-94.100.1	4.4.180-94.100.1	Apr 29, 2019	The coredump implementation in the Linux kernel before 5.0.10 does not use locking or other mechanisms to prevent vma layout or vma flags changes while it runs, which allows local users to obtain sensitive information, cause a denial of service, or possibly have unspecified other
CVE-2019-11487		—	< 4.4.180-94.100.1	4.4.180-94.100.1	Apr 23, 2019	The Linux kernel before 5.1-rc5 allows page->_refcount reference count overflow, with resultant use-after-free issues, if about 140 GiB of RAM exists. This is related to fs/fuse/dev.c, fs/pipe.c, fs/splice.c, include/linux/mm.h, include/linux/pipe_fs_i.h, kernel/trace/trace.c, mm
CVE-2018-20784		—	< 4.4.180-94.164.2	4.4.180-94.164.2	Feb 22, 2019	In the Linux kernel before 4.20.2, kernel/sched/fair.c mishandles leaf cfs_rq's, which allows attackers to cause a denial of service (infinite loop in update_blocked_averages) or possibly have unspecified other impact by inducing a high load.
CVE-2019-3819		—	< 4.4.180-94.103.1	4.4.180-94.103.1	Jan 25, 2019	A flaw was found in the Linux kernel in the function hid_debug_events_read() in drivers/hid/hid-debug.c file which may enter an infinite loop with certain parameters passed from a userspace. A local privileged user ("root") can cause a system lock up and a denial of service. Vers
CVE-2019-6133		—	< 4.4.180-94.135.1	4.4.180-94.135.1	Jan 11, 2019	In PolicyKit (aka polkit) 0.115, the "start time" protection mechanism can be bypassed because fork() is not atomic, and therefore authorization decisions are improperly cached. This is related to lack of uid checking in polkitbackend/polkitbackendinteractiveauthority.c.
CVE-2019-3701		—	< 4.4.180-94.116.1	4.4.180-94.116.1	Jan 3, 2019	An issue was discovered in can_can_gw_rcv in net/can/gw.c in the Linux kernel through 4.19.13. The CAN frame modification rules allow bitwise logical operations that can be also applied to the can_dlc field. The privileged user "root" with CAP_NET_ADMIN can create a CAN frame mod
CVE-2018-16882		—	< 4.4.180-94.150.1	4.4.180-94.150.1	Jan 3, 2019	A use-after-free issue was found in the way the Linux kernel's KVM hypervisor processed posted interrupts when nested(=1) virtualization is enabled. In nested_get_vmcs12_pages(), in case of an error while processing posted interrupt address, it unmaps the 'pi_desc_page' without r
CVE-2018-10902		—	< 4.4.180-94.138.1	4.4.180-94.138.1	Aug 21, 2018	It was found that the raw midi kernel driver does not protect against concurrent access which leads to a double realloc (double free) in snd_rawmidi_input_params() and snd_rawmidi_output_status() which are part of snd_rawmidi_ioctl() handler in rawmidi.c file. A malicious local a
CVE-2018-13405		—	< 4.4.180-94.150.1	4.4.180-94.150.1	Jul 6, 2018	The inode_init_owner function in fs/inode.c in the Linux kernel through 3.16 allows local users to create files with an unintended group ownership, in a scenario where a directory is SGID to a certain group and is writable by a user who is not a member of that group. Here, the no
CVE-2017-18255		—	< 4.4.180-94.116.1	4.4.180-94.116.1	Mar 31, 2018	The perf_cpu_time_max_percent_handler function in kernel/events/core.c in the Linux kernel before 4.11 allows local users to cause a denial of service (integer overflow) or possibly have unspecified other impact via a large value, as demonstrated by an incorrect sample-rate calcu
CVE-2018-7755		—	< 4.4.180-94.164.2	4.4.180-94.164.2	Mar 8, 2018	An issue was discovered in the fd_locked_ioctl function in drivers/block/floppy.c in the Linux kernel through 4.15.7. The floppy driver will copy a kernel pointer to user memory in response to the FDGETPRM ioctl. An attacker can send the FDGETPRM ioctl and use the obtained kernel
CVE-2017-18204		—	< 4.4.180-94.135.1	4.4.180-94.135.1	Feb 27, 2018	The ocfs2_setattr function in fs/ocfs2/file.c in the Linux kernel before 4.14.2 allows local users to cause a denial of service (deadlock) via DIO requests.
CVE-2017-17864	Low	3.3	< 4.4.180-94.150.1	4.4.180-94.150.1	Dec 27, 2017	kernel/bpf/verifier.c in the Linux kernel through 4.14.8 mishandles states_equal comparisons between the pointer data type and the UNKNOWN_VALUE data type, which allows local users to obtain potentially sensitive address information, aka a "pointer leak."
CVE-2017-17862	Med	5.5	< 4.4.180-94.150.1	4.4.180-94.150.1	Dec 27, 2017	kernel/bpf/verifier.c in the Linux kernel through 4.14.8 ignores unreachable code, even though it would still be processed by JIT compilers. This behavior, also considered an improper branch-pruning logic issue, could possibly be used by local users for denial of service.
CVE-2017-13695	Med	5.5	< 4.4.180-94.164.2	4.4.180-94.164.2	Aug 25, 2017	The acpi_ns_evaluate() function in drivers/acpi/acpica/nseval.c in the Linux kernel through 4.12.9 does not flush the operand cache and causes a kernel stack dump, which allows local users to obtain sensitive information from kernel memory and bypass the KASLR protection mechanis

CVE-2019-12380May 28, 2019
affected < 4.4.180-94.100.1fixed 4.4.180-94.100.1
**DISPUTED** An issue was discovered in the efi subsystem in the Linux kernel through 5.1.5. phys_efi_set_virtual_address_map in arch/x86/platform/efi/efi.c and efi_call_phys_prolog in arch/x86/platform/efi/efi_64.c mishandle memory allocation failures. NOTE: This id is disputed
CVE-2018-20836May 7, 2019
affected < 4.4.180-94.100.1fixed 4.4.180-94.100.1
An issue was discovered in the Linux kernel before 4.20. There is a race condition in smp_task_timedout() and smp_task_done() in drivers/scsi/libsas/sas_expander.c, leading to a use-after-free.
CVE-2019-11810May 7, 2019
affected < 4.4.180-94.103.1fixed 4.4.180-94.103.1
An issue was discovered in the Linux kernel before 5.0.7. A NULL pointer dereference can occur when megasas_create_frame_pool() fails in megasas_alloc_cmds() in drivers/scsi/megaraid/megaraid_sas_base.c. This causes a Denial of Service, related to a use-after-free.
CVE-2019-11599Apr 29, 2019
affected < 4.4.180-94.100.1fixed 4.4.180-94.100.1
The coredump implementation in the Linux kernel before 5.0.10 does not use locking or other mechanisms to prevent vma layout or vma flags changes while it runs, which allows local users to obtain sensitive information, cause a denial of service, or possibly have unspecified other
CVE-2019-11487Apr 23, 2019
affected < 4.4.180-94.100.1fixed 4.4.180-94.100.1
The Linux kernel before 5.1-rc5 allows page->_refcount reference count overflow, with resultant use-after-free issues, if about 140 GiB of RAM exists. This is related to fs/fuse/dev.c, fs/pipe.c, fs/splice.c, include/linux/mm.h, include/linux/pipe_fs_i.h, kernel/trace/trace.c, mm
CVE-2018-20784Feb 22, 2019
affected < 4.4.180-94.164.2fixed 4.4.180-94.164.2
In the Linux kernel before 4.20.2, kernel/sched/fair.c mishandles leaf cfs_rq's, which allows attackers to cause a denial of service (infinite loop in update_blocked_averages) or possibly have unspecified other impact by inducing a high load.
CVE-2019-3819Jan 25, 2019
affected < 4.4.180-94.103.1fixed 4.4.180-94.103.1
A flaw was found in the Linux kernel in the function hid_debug_events_read() in drivers/hid/hid-debug.c file which may enter an infinite loop with certain parameters passed from a userspace. A local privileged user ("root") can cause a system lock up and a denial of service. Vers
CVE-2019-6133Jan 11, 2019
affected < 4.4.180-94.135.1fixed 4.4.180-94.135.1
In PolicyKit (aka polkit) 0.115, the "start time" protection mechanism can be bypassed because fork() is not atomic, and therefore authorization decisions are improperly cached. This is related to lack of uid checking in polkitbackend/polkitbackendinteractiveauthority.c.
CVE-2019-3701Jan 3, 2019
affected < 4.4.180-94.116.1fixed 4.4.180-94.116.1
An issue was discovered in can_can_gw_rcv in net/can/gw.c in the Linux kernel through 4.19.13. The CAN frame modification rules allow bitwise logical operations that can be also applied to the can_dlc field. The privileged user "root" with CAP_NET_ADMIN can create a CAN frame mod
CVE-2018-16882Jan 3, 2019
affected < 4.4.180-94.150.1fixed 4.4.180-94.150.1
A use-after-free issue was found in the way the Linux kernel's KVM hypervisor processed posted interrupts when nested(=1) virtualization is enabled. In nested_get_vmcs12_pages(), in case of an error while processing posted interrupt address, it unmaps the 'pi_desc_page' without r
CVE-2018-10902Aug 21, 2018
affected < 4.4.180-94.138.1fixed 4.4.180-94.138.1
It was found that the raw midi kernel driver does not protect against concurrent access which leads to a double realloc (double free) in snd_rawmidi_input_params() and snd_rawmidi_output_status() which are part of snd_rawmidi_ioctl() handler in rawmidi.c file. A malicious local a
CVE-2018-13405Jul 6, 2018
affected < 4.4.180-94.150.1fixed 4.4.180-94.150.1
The inode_init_owner function in fs/inode.c in the Linux kernel through 3.16 allows local users to create files with an unintended group ownership, in a scenario where a directory is SGID to a certain group and is writable by a user who is not a member of that group. Here, the no
CVE-2017-18255Mar 31, 2018
affected < 4.4.180-94.116.1fixed 4.4.180-94.116.1
The perf_cpu_time_max_percent_handler function in kernel/events/core.c in the Linux kernel before 4.11 allows local users to cause a denial of service (integer overflow) or possibly have unspecified other impact via a large value, as demonstrated by an incorrect sample-rate calcu
CVE-2018-7755Mar 8, 2018
affected < 4.4.180-94.164.2fixed 4.4.180-94.164.2
An issue was discovered in the fd_locked_ioctl function in drivers/block/floppy.c in the Linux kernel through 4.15.7. The floppy driver will copy a kernel pointer to user memory in response to the FDGETPRM ioctl. An attacker can send the FDGETPRM ioctl and use the obtained kernel
CVE-2017-18204Feb 27, 2018
affected < 4.4.180-94.135.1fixed 4.4.180-94.135.1
The ocfs2_setattr function in fs/ocfs2/file.c in the Linux kernel before 4.14.2 allows local users to cause a denial of service (deadlock) via DIO requests.
CVE-2017-17864LowDec 27, 2017
affected < 4.4.180-94.150.1fixed 4.4.180-94.150.1
kernel/bpf/verifier.c in the Linux kernel through 4.14.8 mishandles states_equal comparisons between the pointer data type and the UNKNOWN_VALUE data type, which allows local users to obtain potentially sensitive address information, aka a "pointer leak."
CVE-2017-17862MedDec 27, 2017
affected < 4.4.180-94.150.1fixed 4.4.180-94.150.1
kernel/bpf/verifier.c in the Linux kernel through 4.14.8 ignores unreachable code, even though it would still be processed by JIT compilers. This behavior, also considered an improper branch-pruning logic issue, could possibly be used by local users for denial of service.
CVE-2017-13695MedAug 25, 2017
affected < 4.4.180-94.164.2fixed 4.4.180-94.164.2
The acpi_ns_evaluate() function in drivers/acpi/acpica/nseval.c in the Linux kernel through 4.12.9 does not flush the operand cache and causes a kernel stack dump, which allows local users to obtain sensitive information from kernel memory and bypass the KASLR protection mechanis

Page 18 of 18