rpm package
suse/kernel-syms&distro=SUSE Linux Enterprise Server for SAP Applications 12 SP1
pkg:rpm/suse/kernel-syms&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP1
Vulnerabilities (364)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2017-18595 | Hig | 7.8 | < 3.12.74-60.64.124.1 | 3.12.74-60.64.124.1 | Sep 4, 2019 | An issue was discovered in the Linux kernel before 4.14.11. A double free may be caused by the function allocate_trace_buffer in the file kernel/trace/trace.c. | |
| CVE-2019-15902 | Med | 5.6 | < 3.12.74-60.64.124.1 | 3.12.74-60.64.124.1 | Sep 4, 2019 | A backporting error was discovered in the Linux stable/longterm kernel 4.4.x through 4.4.190, 4.9.x through 4.9.190, 4.14.x through 4.14.141, 4.19.x through 4.19.69, and 5.2.x through 5.2.11. Misuse of the upstream "x86/ptrace: Fix possible spectre-v1 in ptrace_get_debugreg()" co | |
| CVE-2019-1125 | Med | 5.6 | < 3.12.74-60.64.121.1 | 3.12.74-60.64.121.1 | Sep 3, 2019 | An information disclosure vulnerability exists when certain central processing units (CPU) speculatively access memory. An attacker who successfully exploited the vulnerability could read privileged data across trust boundaries. To exploit this vulnerability, an attacker would ha | |
| CVE-2019-15807 | Med | 4.7 | < 3.12.74-60.64.124.1 | 3.12.74-60.64.124.1 | Aug 29, 2019 | In the Linux kernel before 5.1.13, there is a memory leak in drivers/scsi/libsas/sas_expander.c when SAS expander discovery fails. This will cause a BUG and denial of service. | |
| CVE-2019-15505 | Cri | 9.8 | < 3.12.74-60.64.124.1 | 3.12.74-60.64.124.1 | Aug 23, 2019 | drivers/media/usb/dvb-usb/technisat-usb2.c in the Linux kernel through 5.2.9 has an out-of-bounds read via crafted USB device traffic (which may be remote via usbip or usbredir). | |
| CVE-2019-15291 | Med | 4.6 | < 3.12.74-60.64.124.1 | 3.12.74-60.64.124.1 | Aug 20, 2019 | An issue was discovered in the Linux kernel through 5.2.9. There is a NULL pointer dereference caused by a malicious USB device in the flexcop_usb_probe function in the drivers/media/usb/b2c2/flexcop-usb.c driver. | |
| CVE-2019-15221 | Med | 4.6 | < 3.12.74-60.64.124.1 | 3.12.74-60.64.124.1 | Aug 19, 2019 | An issue was discovered in the Linux kernel before 5.1.17. There is a NULL pointer dereference caused by a malicious USB device in the sound/usb/line6/pcm.c driver. | |
| CVE-2019-15220 | Med | 4.6 | < 3.12.74-60.64.124.1 | 3.12.74-60.64.124.1 | Aug 19, 2019 | An issue was discovered in the Linux kernel before 5.2.1. There is a use-after-free caused by a malicious USB device in the drivers/net/wireless/intersil/p54/p54usb.c driver. | |
| CVE-2019-15219 | Med | 4.6 | < 3.12.74-60.64.124.1 | 3.12.74-60.64.124.1 | Aug 19, 2019 | An issue was discovered in the Linux kernel before 5.1.8. There is a NULL pointer dereference caused by a malicious USB device in the drivers/usb/misc/sisusbvga/sisusb.c driver. | |
| CVE-2019-15218 | Med | 4.6 | < 3.12.74-60.64.124.1 | 3.12.74-60.64.124.1 | Aug 19, 2019 | An issue was discovered in the Linux kernel before 5.1.8. There is a NULL pointer dereference caused by a malicious USB device in the drivers/media/usb/siano/smsusb.c driver. | |
| CVE-2019-15217 | Med | 4.6 | < 3.12.74-60.64.124.1 | 3.12.74-60.64.124.1 | Aug 19, 2019 | An issue was discovered in the Linux kernel before 5.2.3. There is a NULL pointer dereference caused by a malicious USB device in the drivers/media/usb/zr364xx/zr364xx.c driver. | |
| CVE-2019-15216 | Med | 4.6 | < 3.12.74-60.64.124.1 | 3.12.74-60.64.124.1 | Aug 19, 2019 | An issue was discovered in the Linux kernel before 5.0.14. There is a NULL pointer dereference caused by a malicious USB device in the drivers/usb/misc/yurex.c driver. | |
| CVE-2019-15215 | Med | 4.6 | < 3.12.74-60.64.124.1 | 3.12.74-60.64.124.1 | Aug 19, 2019 | An issue was discovered in the Linux kernel before 5.2.6. There is a use-after-free caused by a malicious USB device in the drivers/media/usb/cpia2/cpia2_usb.c driver. | |
| CVE-2019-15212 | Med | 4.6 | < 3.12.74-60.64.124.1 | 3.12.74-60.64.124.1 | Aug 19, 2019 | An issue was discovered in the Linux kernel before 5.1.8. There is a double-free caused by a malicious USB device in the drivers/usb/misc/rio500.c driver. | |
| CVE-2018-20976 | Hig | 7.8 | < 3.12.74-60.64.124.1 | 3.12.74-60.64.124.1 | Aug 19, 2019 | An issue was discovered in fs/xfs/xfs_super.c in the Linux kernel before 4.18. A use after free exists, related to xfs_fs_fill_super failure. | |
| CVE-2017-18551 | Med | 6.7 | < 3.12.74-60.64.124.1 | 3.12.74-60.64.124.1 | Aug 19, 2019 | An issue was discovered in drivers/i2c/i2c-core-smbus.c in the Linux kernel before 4.14.15. There is an out of bounds write in the function i2c_smbus_xfer_emulated. | |
| CVE-2016-10906 | Hig | 7.0 | < 3.12.74-60.64.124.1 | 3.12.74-60.64.124.1 | Aug 19, 2019 | An issue was discovered in drivers/net/ethernet/arc/emac_main.c in the Linux kernel before 4.5. A use-after-free is caused by a race condition between the functions arc_emac_tx and arc_emac_tx_clean. | |
| CVE-2019-15118 | Med | 5.5 | < 3.12.74-60.64.124.1 | 3.12.74-60.64.124.1 | Aug 16, 2019 | check_input_term in sound/usb/mixer.c in the Linux kernel through 5.2.9 mishandles recursion, leading to kernel stack exhaustion. | |
| CVE-2019-15098 | Med | 4.6 | < 3.12.74-60.64.124.1 | 3.12.74-60.64.124.1 | Aug 16, 2019 | drivers/net/wireless/ath/ath6kl/usb.c in the Linux kernel through 5.2.9 has a NULL pointer dereference via an incomplete address in an endpoint descriptor. | |
| CVE-2019-9506 | Hig | 8.1 | < 3.12.74-60.64.124.1 | 3.12.74-60.64.124.1 | Aug 14, 2019 | The Bluetooth BR/EDR specification up to and including version 5.1 permits sufficiently low encryption key length and does not prevent an attacker from influencing the key length negotiation. This allows practical brute-force attacks (aka "KNOB") that can decrypt traffic and inje |
- affected < 3.12.74-60.64.124.1fixed 3.12.74-60.64.124.1
An issue was discovered in the Linux kernel before 4.14.11. A double free may be caused by the function allocate_trace_buffer in the file kernel/trace/trace.c.
- affected < 3.12.74-60.64.124.1fixed 3.12.74-60.64.124.1
A backporting error was discovered in the Linux stable/longterm kernel 4.4.x through 4.4.190, 4.9.x through 4.9.190, 4.14.x through 4.14.141, 4.19.x through 4.19.69, and 5.2.x through 5.2.11. Misuse of the upstream "x86/ptrace: Fix possible spectre-v1 in ptrace_get_debugreg()" co
- affected < 3.12.74-60.64.121.1fixed 3.12.74-60.64.121.1
An information disclosure vulnerability exists when certain central processing units (CPU) speculatively access memory. An attacker who successfully exploited the vulnerability could read privileged data across trust boundaries. To exploit this vulnerability, an attacker would ha
- affected < 3.12.74-60.64.124.1fixed 3.12.74-60.64.124.1
In the Linux kernel before 5.1.13, there is a memory leak in drivers/scsi/libsas/sas_expander.c when SAS expander discovery fails. This will cause a BUG and denial of service.
- affected < 3.12.74-60.64.124.1fixed 3.12.74-60.64.124.1
drivers/media/usb/dvb-usb/technisat-usb2.c in the Linux kernel through 5.2.9 has an out-of-bounds read via crafted USB device traffic (which may be remote via usbip or usbredir).
- affected < 3.12.74-60.64.124.1fixed 3.12.74-60.64.124.1
An issue was discovered in the Linux kernel through 5.2.9. There is a NULL pointer dereference caused by a malicious USB device in the flexcop_usb_probe function in the drivers/media/usb/b2c2/flexcop-usb.c driver.
- affected < 3.12.74-60.64.124.1fixed 3.12.74-60.64.124.1
An issue was discovered in the Linux kernel before 5.1.17. There is a NULL pointer dereference caused by a malicious USB device in the sound/usb/line6/pcm.c driver.
- affected < 3.12.74-60.64.124.1fixed 3.12.74-60.64.124.1
An issue was discovered in the Linux kernel before 5.2.1. There is a use-after-free caused by a malicious USB device in the drivers/net/wireless/intersil/p54/p54usb.c driver.
- affected < 3.12.74-60.64.124.1fixed 3.12.74-60.64.124.1
An issue was discovered in the Linux kernel before 5.1.8. There is a NULL pointer dereference caused by a malicious USB device in the drivers/usb/misc/sisusbvga/sisusb.c driver.
- affected < 3.12.74-60.64.124.1fixed 3.12.74-60.64.124.1
An issue was discovered in the Linux kernel before 5.1.8. There is a NULL pointer dereference caused by a malicious USB device in the drivers/media/usb/siano/smsusb.c driver.
- affected < 3.12.74-60.64.124.1fixed 3.12.74-60.64.124.1
An issue was discovered in the Linux kernel before 5.2.3. There is a NULL pointer dereference caused by a malicious USB device in the drivers/media/usb/zr364xx/zr364xx.c driver.
- affected < 3.12.74-60.64.124.1fixed 3.12.74-60.64.124.1
An issue was discovered in the Linux kernel before 5.0.14. There is a NULL pointer dereference caused by a malicious USB device in the drivers/usb/misc/yurex.c driver.
- affected < 3.12.74-60.64.124.1fixed 3.12.74-60.64.124.1
An issue was discovered in the Linux kernel before 5.2.6. There is a use-after-free caused by a malicious USB device in the drivers/media/usb/cpia2/cpia2_usb.c driver.
- affected < 3.12.74-60.64.124.1fixed 3.12.74-60.64.124.1
An issue was discovered in the Linux kernel before 5.1.8. There is a double-free caused by a malicious USB device in the drivers/usb/misc/rio500.c driver.
- affected < 3.12.74-60.64.124.1fixed 3.12.74-60.64.124.1
An issue was discovered in fs/xfs/xfs_super.c in the Linux kernel before 4.18. A use after free exists, related to xfs_fs_fill_super failure.
- affected < 3.12.74-60.64.124.1fixed 3.12.74-60.64.124.1
An issue was discovered in drivers/i2c/i2c-core-smbus.c in the Linux kernel before 4.14.15. There is an out of bounds write in the function i2c_smbus_xfer_emulated.
- affected < 3.12.74-60.64.124.1fixed 3.12.74-60.64.124.1
An issue was discovered in drivers/net/ethernet/arc/emac_main.c in the Linux kernel before 4.5. A use-after-free is caused by a race condition between the functions arc_emac_tx and arc_emac_tx_clean.
- affected < 3.12.74-60.64.124.1fixed 3.12.74-60.64.124.1
check_input_term in sound/usb/mixer.c in the Linux kernel through 5.2.9 mishandles recursion, leading to kernel stack exhaustion.
- affected < 3.12.74-60.64.124.1fixed 3.12.74-60.64.124.1
drivers/net/wireless/ath/ath6kl/usb.c in the Linux kernel through 5.2.9 has a NULL pointer dereference via an incomplete address in an endpoint descriptor.
- affected < 3.12.74-60.64.124.1fixed 3.12.74-60.64.124.1
The Bluetooth BR/EDR specification up to and including version 5.1 permits sufficiently low encryption key length and does not prevent an attacker from influencing the key length negotiation. This allows practical brute-force attacks (aka "KNOB") that can decrypt traffic and inje
Page 2 of 19