rpm package

suse/kernel-syms&distro=SUSE Linux Enterprise Server for SAP Applications 12 SP4

pkg:rpm/suse/kernel-syms&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP4

Vulnerabilities (572)

CVE	CVSS	Affected versions	Fixed in	Published	Description
CVE-2019-15211	—	< 4.12.14-95.32.1	4.12.14-95.32.1	Aug 19, 2019	An issue was discovered in the Linux kernel before 5.2.6. There is a use-after-free caused by a malicious USB device in the drivers/media/v4l2-core/v4l2-dev.c driver because drivers/media/radio/radio-raremono.c does not properly allocate memory.
CVE-2019-15212	—	< 4.12.14-95.32.1	4.12.14-95.32.1	Aug 19, 2019	An issue was discovered in the Linux kernel before 5.1.8. There is a double-free caused by a malicious USB device in the drivers/usb/misc/rio500.c driver.
CVE-2019-15213	—	< 4.12.14-95.48.1	4.12.14-95.48.1	Aug 19, 2019	An issue was discovered in the Linux kernel before 5.2.3. There is a use-after-free caused by a malicious USB device in the drivers/media/usb/dvb-usb/dvb-usb-init.c driver.
CVE-2019-15214	—	< 4.12.14-95.32.1	4.12.14-95.32.1	Aug 19, 2019	An issue was discovered in the Linux kernel before 5.0.10. There is a use-after-free in the sound subsystem because card disconnection causes certain data structures to be deleted too early. This is related to sound/core/init.c and sound/core/info.c.
CVE-2019-15215	—	< 4.12.14-95.32.1	4.12.14-95.32.1	Aug 19, 2019	An issue was discovered in the Linux kernel before 5.2.6. There is a use-after-free caused by a malicious USB device in the drivers/media/usb/cpia2/cpia2_usb.c driver.
CVE-2019-15216	—	< 4.12.14-95.32.1	4.12.14-95.32.1	Aug 19, 2019	An issue was discovered in the Linux kernel before 5.0.14. There is a NULL pointer dereference caused by a malicious USB device in the drivers/usb/misc/yurex.c driver.
CVE-2019-15217	—	< 4.12.14-95.32.1	4.12.14-95.32.1	Aug 19, 2019	An issue was discovered in the Linux kernel before 5.2.3. There is a NULL pointer dereference caused by a malicious USB device in the drivers/media/usb/zr364xx/zr364xx.c driver.
CVE-2019-15218	—	< 4.12.14-95.32.1	4.12.14-95.32.1	Aug 19, 2019	An issue was discovered in the Linux kernel before 5.1.8. There is a NULL pointer dereference caused by a malicious USB device in the drivers/media/usb/siano/smsusb.c driver.
CVE-2019-15219	—	< 4.12.14-95.32.1	4.12.14-95.32.1	Aug 19, 2019	An issue was discovered in the Linux kernel before 5.1.8. There is a NULL pointer dereference caused by a malicious USB device in the drivers/usb/misc/sisusbvga/sisusb.c driver.
CVE-2019-15220	—	< 4.12.14-95.32.1	4.12.14-95.32.1	Aug 19, 2019	An issue was discovered in the Linux kernel before 5.2.1. There is a use-after-free caused by a malicious USB device in the drivers/net/wireless/intersil/p54/p54usb.c driver.
CVE-2019-15221	—	< 4.12.14-95.32.1	4.12.14-95.32.1	Aug 19, 2019	An issue was discovered in the Linux kernel before 5.1.17. There is a NULL pointer dereference caused by a malicious USB device in the sound/usb/line6/pcm.c driver.
CVE-2019-15222	—	< 4.12.14-95.32.1	4.12.14-95.32.1	Aug 19, 2019	An issue was discovered in the Linux kernel before 5.2.8. There is a NULL pointer dereference caused by a malicious USB device in the sound/usb/helper.c (motu_microbookii) driver.
CVE-2018-20976	—	< 4.12.14-95.32.1	4.12.14-95.32.1	Aug 19, 2019	An issue was discovered in fs/xfs/xfs_super.c in the Linux kernel before 4.18. A use after free exists, related to xfs_fs_fill_super failure.
CVE-2017-18551	—	< 4.12.14-95.32.1	4.12.14-95.32.1	Aug 19, 2019	An issue was discovered in drivers/i2c/i2c-core-smbus.c in the Linux kernel before 4.14.15. There is an out of bounds write in the function i2c_smbus_xfer_emulated.
CVE-2019-15117	—	< 4.12.14-95.32.1	4.12.14-95.32.1	Aug 16, 2019	parse_audio_mixer_unit in sound/usb/mixer.c in the Linux kernel through 5.2.9 mishandles a short descriptor, leading to out-of-bounds memory access.
CVE-2019-15118	—	< 4.12.14-95.32.1	4.12.14-95.32.1	Aug 16, 2019	check_input_term in sound/usb/mixer.c in the Linux kernel through 5.2.9 mishandles recursion, leading to kernel stack exhaustion.
CVE-2019-15098	—	< 4.12.14-95.32.1	4.12.14-95.32.1	Aug 16, 2019	drivers/net/wireless/ath/ath6kl/usb.c in the Linux kernel through 5.2.9 has a NULL pointer dereference via an incomplete address in an endpoint descriptor.
CVE-2019-15099	—	< 4.12.14-95.32.1	4.12.14-95.32.1	Aug 16, 2019	drivers/net/wireless/ath/ath10k/usb.c in the Linux kernel through 5.2.8 has a NULL pointer dereference via an incomplete address in an endpoint descriptor.
CVE-2019-15090	—	< 4.12.14-95.32.1	4.12.14-95.32.1	Aug 15, 2019	An issue was discovered in drivers/scsi/qedi/qedi_dbg.c in the Linux kernel before 5.1.12. In the qedi_dbg_* family of functions, there is an out-of-bounds read.
CVE-2019-9506	—	< 4.12.14-95.37.1	4.12.14-95.37.1	Aug 14, 2019	The Bluetooth BR/EDR specification up to and including version 5.1 permits sufficiently low encryption key length and does not prevent an attacker from influencing the key length negotiation. This allows practical brute-force attacks (aka "KNOB") that can decrypt traffic and inje

CVE-2019-15211Aug 19, 2019
affected < 4.12.14-95.32.1fixed 4.12.14-95.32.1
An issue was discovered in the Linux kernel before 5.2.6. There is a use-after-free caused by a malicious USB device in the drivers/media/v4l2-core/v4l2-dev.c driver because drivers/media/radio/radio-raremono.c does not properly allocate memory.
CVE-2019-15212Aug 19, 2019
affected < 4.12.14-95.32.1fixed 4.12.14-95.32.1
An issue was discovered in the Linux kernel before 5.1.8. There is a double-free caused by a malicious USB device in the drivers/usb/misc/rio500.c driver.
CVE-2019-15213Aug 19, 2019
affected < 4.12.14-95.48.1fixed 4.12.14-95.48.1
An issue was discovered in the Linux kernel before 5.2.3. There is a use-after-free caused by a malicious USB device in the drivers/media/usb/dvb-usb/dvb-usb-init.c driver.
CVE-2019-15214Aug 19, 2019
affected < 4.12.14-95.32.1fixed 4.12.14-95.32.1
An issue was discovered in the Linux kernel before 5.0.10. There is a use-after-free in the sound subsystem because card disconnection causes certain data structures to be deleted too early. This is related to sound/core/init.c and sound/core/info.c.
CVE-2019-15215Aug 19, 2019
affected < 4.12.14-95.32.1fixed 4.12.14-95.32.1
An issue was discovered in the Linux kernel before 5.2.6. There is a use-after-free caused by a malicious USB device in the drivers/media/usb/cpia2/cpia2_usb.c driver.
CVE-2019-15216Aug 19, 2019
affected < 4.12.14-95.32.1fixed 4.12.14-95.32.1
An issue was discovered in the Linux kernel before 5.0.14. There is a NULL pointer dereference caused by a malicious USB device in the drivers/usb/misc/yurex.c driver.
CVE-2019-15217Aug 19, 2019
affected < 4.12.14-95.32.1fixed 4.12.14-95.32.1
An issue was discovered in the Linux kernel before 5.2.3. There is a NULL pointer dereference caused by a malicious USB device in the drivers/media/usb/zr364xx/zr364xx.c driver.
CVE-2019-15218Aug 19, 2019
affected < 4.12.14-95.32.1fixed 4.12.14-95.32.1
An issue was discovered in the Linux kernel before 5.1.8. There is a NULL pointer dereference caused by a malicious USB device in the drivers/media/usb/siano/smsusb.c driver.
CVE-2019-15219Aug 19, 2019
affected < 4.12.14-95.32.1fixed 4.12.14-95.32.1
An issue was discovered in the Linux kernel before 5.1.8. There is a NULL pointer dereference caused by a malicious USB device in the drivers/usb/misc/sisusbvga/sisusb.c driver.
CVE-2019-15220Aug 19, 2019
affected < 4.12.14-95.32.1fixed 4.12.14-95.32.1
An issue was discovered in the Linux kernel before 5.2.1. There is a use-after-free caused by a malicious USB device in the drivers/net/wireless/intersil/p54/p54usb.c driver.
CVE-2019-15221Aug 19, 2019
affected < 4.12.14-95.32.1fixed 4.12.14-95.32.1
An issue was discovered in the Linux kernel before 5.1.17. There is a NULL pointer dereference caused by a malicious USB device in the sound/usb/line6/pcm.c driver.
CVE-2019-15222Aug 19, 2019
affected < 4.12.14-95.32.1fixed 4.12.14-95.32.1
An issue was discovered in the Linux kernel before 5.2.8. There is a NULL pointer dereference caused by a malicious USB device in the sound/usb/helper.c (motu_microbookii) driver.
CVE-2018-20976Aug 19, 2019
affected < 4.12.14-95.32.1fixed 4.12.14-95.32.1
An issue was discovered in fs/xfs/xfs_super.c in the Linux kernel before 4.18. A use after free exists, related to xfs_fs_fill_super failure.
CVE-2017-18551Aug 19, 2019
affected < 4.12.14-95.32.1fixed 4.12.14-95.32.1
An issue was discovered in drivers/i2c/i2c-core-smbus.c in the Linux kernel before 4.14.15. There is an out of bounds write in the function i2c_smbus_xfer_emulated.
CVE-2019-15117Aug 16, 2019
affected < 4.12.14-95.32.1fixed 4.12.14-95.32.1
parse_audio_mixer_unit in sound/usb/mixer.c in the Linux kernel through 5.2.9 mishandles a short descriptor, leading to out-of-bounds memory access.
CVE-2019-15118Aug 16, 2019
affected < 4.12.14-95.32.1fixed 4.12.14-95.32.1
check_input_term in sound/usb/mixer.c in the Linux kernel through 5.2.9 mishandles recursion, leading to kernel stack exhaustion.
CVE-2019-15098Aug 16, 2019
affected < 4.12.14-95.32.1fixed 4.12.14-95.32.1
drivers/net/wireless/ath/ath6kl/usb.c in the Linux kernel through 5.2.9 has a NULL pointer dereference via an incomplete address in an endpoint descriptor.
CVE-2019-15099Aug 16, 2019
affected < 4.12.14-95.32.1fixed 4.12.14-95.32.1
drivers/net/wireless/ath/ath10k/usb.c in the Linux kernel through 5.2.8 has a NULL pointer dereference via an incomplete address in an endpoint descriptor.
CVE-2019-15090Aug 15, 2019
affected < 4.12.14-95.32.1fixed 4.12.14-95.32.1
An issue was discovered in drivers/scsi/qedi/qedi_dbg.c in the Linux kernel before 5.1.12. In the qedi_dbg_* family of functions, there is an out-of-bounds read.
CVE-2019-9506Aug 14, 2019
affected < 4.12.14-95.37.1fixed 4.12.14-95.37.1
The Bluetooth BR/EDR specification up to and including version 5.1 permits sufficiently low encryption key length and does not prevent an attacker from influencing the key length negotiation. This allows practical brute-force attacks (aka "KNOB") that can decrypt traffic and inje

Page 25 of 29