VYPR

rpm package

suse/kernel-syms&distro=SUSE Linux Enterprise Server for SAP Applications 12 SP2

pkg:rpm/suse/kernel-syms&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP2

Vulnerabilities (431)

  • CVE-2019-15214Aug 19, 2019
    affected < 4.4.121-92.125.1fixed 4.4.121-92.125.1

    An issue was discovered in the Linux kernel before 5.0.10. There is a use-after-free in the sound subsystem because card disconnection causes certain data structures to be deleted too early. This is related to sound/core/init.c and sound/core/info.c.

  • CVE-2019-15215Aug 19, 2019
    affected < 4.4.121-92.125.1fixed 4.4.121-92.125.1

    An issue was discovered in the Linux kernel before 5.2.6. There is a use-after-free caused by a malicious USB device in the drivers/media/usb/cpia2/cpia2_usb.c driver.

  • CVE-2019-15216Aug 19, 2019
    affected < 4.4.121-92.125.1fixed 4.4.121-92.125.1

    An issue was discovered in the Linux kernel before 5.0.14. There is a NULL pointer dereference caused by a malicious USB device in the drivers/usb/misc/yurex.c driver.

  • CVE-2019-15217Aug 19, 2019
    affected < 4.4.121-92.125.1fixed 4.4.121-92.125.1

    An issue was discovered in the Linux kernel before 5.2.3. There is a NULL pointer dereference caused by a malicious USB device in the drivers/media/usb/zr364xx/zr364xx.c driver.

  • CVE-2019-15218Aug 19, 2019
    affected < 4.4.121-92.125.1fixed 4.4.121-92.125.1

    An issue was discovered in the Linux kernel before 5.1.8. There is a NULL pointer dereference caused by a malicious USB device in the drivers/media/usb/siano/smsusb.c driver.

  • CVE-2019-15219Aug 19, 2019
    affected < 4.4.121-92.125.1fixed 4.4.121-92.125.1

    An issue was discovered in the Linux kernel before 5.1.8. There is a NULL pointer dereference caused by a malicious USB device in the drivers/usb/misc/sisusbvga/sisusb.c driver.

  • CVE-2019-15220Aug 19, 2019
    affected < 4.4.121-92.125.1fixed 4.4.121-92.125.1

    An issue was discovered in the Linux kernel before 5.2.1. There is a use-after-free caused by a malicious USB device in the drivers/net/wireless/intersil/p54/p54usb.c driver.

  • CVE-2019-15221Aug 19, 2019
    affected < 4.4.121-92.125.1fixed 4.4.121-92.125.1

    An issue was discovered in the Linux kernel before 5.1.17. There is a NULL pointer dereference caused by a malicious USB device in the sound/usb/line6/pcm.c driver.

  • CVE-2018-20976Aug 19, 2019
    affected < 4.4.121-92.125.1fixed 4.4.121-92.125.1

    An issue was discovered in fs/xfs/xfs_super.c in the Linux kernel before 4.18. A use after free exists, related to xfs_fs_fill_super failure.

  • CVE-2016-10906Aug 19, 2019
    affected < 4.4.121-92.125.1fixed 4.4.121-92.125.1

    An issue was discovered in drivers/net/ethernet/arc/emac_main.c in the Linux kernel before 4.5. A use-after-free is caused by a race condition between the functions arc_emac_tx and arc_emac_tx_clean.

  • CVE-2017-18551Aug 19, 2019
    affected < 4.4.121-92.120.1fixed 4.4.121-92.120.1

    An issue was discovered in drivers/i2c/i2c-core-smbus.c in the Linux kernel before 4.14.15. There is an out of bounds write in the function i2c_smbus_xfer_emulated.

  • CVE-2019-15117Aug 16, 2019
    affected < 4.4.121-92.120.1fixed 4.4.121-92.120.1

    parse_audio_mixer_unit in sound/usb/mixer.c in the Linux kernel through 5.2.9 mishandles a short descriptor, leading to out-of-bounds memory access.

  • CVE-2019-15118Aug 16, 2019
    affected < 4.4.121-92.120.1fixed 4.4.121-92.120.1

    check_input_term in sound/usb/mixer.c in the Linux kernel through 5.2.9 mishandles recursion, leading to kernel stack exhaustion.

  • CVE-2019-15098Aug 16, 2019
    affected < 4.4.121-92.125.1fixed 4.4.121-92.125.1

    drivers/net/wireless/ath/ath6kl/usb.c in the Linux kernel through 5.2.9 has a NULL pointer dereference via an incomplete address in an endpoint descriptor.

  • CVE-2019-9506Aug 14, 2019
    affected < 4.4.121-92.125.1fixed 4.4.121-92.125.1

    The Bluetooth BR/EDR specification up to and including version 5.1 permits sufficiently low encryption key length and does not prevent an attacker from influencing the key length negotiation. This allows practical brute-force attacks (aka "KNOB") that can decrypt traffic and inje

  • CVE-2017-18509Aug 13, 2019
    affected < 4.4.121-92.125.1fixed 4.4.121-92.125.1

    An issue was discovered in net/ipv6/ip6mr.c in the Linux kernel before 4.11. By setting a specific socket option, an attacker can control a pointer in kernel land and cause an inet_csk_listen_stop general protection fault, or potentially execute arbitrary code under certain circu

  • CVE-2019-14284Jul 26, 2019
    affected < 4.4.121-92.120.1fixed 4.4.121-92.120.1

    In the Linux kernel before 5.2.3, drivers/block/floppy.c allows a denial of service by setup_format_params division-by-zero. Two consecutive ioctls can trigger the bug: the first one should set the drive geometry with .sect and .rate values that make F_SECT_PER_TRACK be zero. Nex

  • CVE-2019-14283Jul 26, 2019
    affected < 4.4.121-92.120.1fixed 4.4.121-92.120.1

    In the Linux kernel before 5.2.3, set_geometry in drivers/block/floppy.c does not validate the sect and head fields, as demonstrated by an integer overflow and out-of-bounds read. It can be triggered by an unprivileged local user when a floppy disk has been inserted. NOTE: QEMU c

  • CVE-2018-20856Jul 26, 2019
    affected < 4.4.121-92.120.1fixed 4.4.121-92.120.1

    An issue was discovered in the Linux kernel before 4.18.7. In block/blk-core.c, there is an __blk_drain_queue() use-after-free because a certain error case is mishandled.

  • CVE-2018-20855Jul 26, 2019
    affected < 4.4.121-92.120.1fixed 4.4.121-92.120.1

    An issue was discovered in the Linux kernel before 4.18.7. In create_qp_common in drivers/infiniband/hw/mlx5/qp.c, mlx5_ib_create_qp_resp was never initialized, resulting in a leak of stack memory to userspace.

Page 9 of 22