VYPR

rpm package

suse/kernel-syms-azure&distro=SUSE Linux Enterprise Server 12 SP5

pkg:rpm/suse/kernel-syms-azure&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP5

Vulnerabilities (1,481)

  • CVE-2019-19526MedDec 3, 2019
    affected < 4.12.14-16.7.1fixed 4.12.14-16.7.1

    In the Linux kernel before 5.3.9, there is a use-after-free bug that can be caused by a malicious USB device in the drivers/nfc/pn533/usb.c driver, aka CID-6af3aa57a098.

  • CVE-2019-19525MedDec 3, 2019
    affected < 4.12.14-16.7.1fixed 4.12.14-16.7.1

    In the Linux kernel before 5.3.6, there is a use-after-free bug that can be caused by a malicious USB device in the drivers/net/ieee802154/atusb.c driver, aka CID-7fd25e6fc035.

  • CVE-2019-19524MedDec 3, 2019
    affected < 4.12.14-16.7.1fixed 4.12.14-16.7.1

    In the Linux kernel before 5.3.12, there is a use-after-free bug that can be caused by a malicious USB device in the drivers/input/ff-memless.c driver, aka CID-fa3a5a1880c9.

  • CVE-2019-19523MedDec 3, 2019
    affected < 4.12.14-16.7.1fixed 4.12.14-16.7.1

    In the Linux kernel before 5.3.7, there is a use-after-free bug that can be caused by a malicious USB device in the drivers/usb/misc/adutux.c driver, aka CID-44efc269db79.

  • CVE-2019-19462MedNov 30, 2019
    affected < 4.12.14-16.16.1fixed 4.12.14-16.16.1

    relay_open in kernel/relay.c in the Linux kernel through 5.4.1 allows local users to cause a denial of service (such as relay blockage) by triggering a NULL alloc_percpu result.

  • CVE-2019-19377HigNov 29, 2019
    affected < 4.12.14-16.100.1fixed 4.12.14-16.100.1

    In the Linux kernel 5.0.21, mounting a crafted btrfs filesystem image, performing some operations, and unmounting can lead to a use-after-free in btrfs_queue_work in fs/btrfs/async-thread.c.

  • CVE-2019-14901CriNov 29, 2019
    affected < 4.12.14-16.7.1fixed 4.12.14-16.7.1

    A heap overflow flaw was found in the Linux kernel, all versions 3.x.x and 4.x.x before 4.18.0, in Marvell WiFi chip driver. The vulnerability allows a remote attacker to cause a system crash, resulting in a denial of service, or execute arbitrary code. The highest threat with th

  • CVE-2019-14897CriNov 29, 2019
    affected < 4.12.14-16.10.1fixed 4.12.14-16.10.1

    A stack-based buffer overflow was found in the Linux kernel, version kernel-2.6.32, in Marvell WiFi chip driver. An attacker is able to cause a denial of service (system crash) or, possibly execute arbitrary code, when a STA works in IBSS mode (allows connecting stations together

  • CVE-2019-14895CriNov 29, 2019
    affected < 4.12.14-16.7.1fixed 4.12.14-16.7.1

    A heap-based buffer overflow was discovered in the Linux kernel, all versions 3.x.x and 4.x.x before 4.18.0, in Marvell WiFi chip driver. The flaw could occur when the station attempts a connection negotiation during the handling of the remote devices country settings. This could

  • CVE-2019-19318MedNov 28, 2019
    affected < 4.12.14-16.10.1fixed 4.12.14-16.10.1

    In the Linux kernel 5.3.11, mounting a crafted btrfs image twice can cause an rwsem_down_write_slowpath use-after-free because (in rwsem_can_spin_on_owner in kernel/locking/rwsem.c) rwsem_owner_flags returns an already freed pointer,

  • CVE-2019-19319MedNov 27, 2019
    affected < 4.12.14-16.7.1fixed 4.12.14-16.7.1

    In the Linux kernel before 5.2, a setxattr operation, after a mount of a crafted ext4 image, can cause a slab-out-of-bounds write access because of an ext4_xattr_set_entry use-after-free in fs/ext4/xattr.c when a large old_size value is used in a memset call, aka CID-345c0dbf3a30

  • CVE-2019-18660MedNov 27, 2019
    affected < 4.12.14-16.7.1fixed 4.12.14-16.7.1

    The Linux kernel before 5.4.1 on powerpc allows Information Exposure because the Spectre-RSB mitigation is not in place for all applicable CPUs, aka CID-39e72bf96f58. This is related to arch/powerpc/kernel/entry_64.S and arch/powerpc/kernel/security.c.

  • CVE-2019-10220HigNov 27, 2019
    affected < 4.12.14-16.7.1fixed 4.12.14-16.7.1

    Linux kernel CIFS implementation, version 4.9.0 is vulnerable to a relative paths injection in directory entry lists.

  • CVE-2019-14896CriNov 27, 2019
    affected < 4.12.14-16.10.1fixed 4.12.14-16.10.1

    A heap-based buffer overflow vulnerability was found in the Linux kernel, version kernel-2.6.32, in Marvell WiFi chip driver. A remote attacker could cause a denial of service (system crash) or, possibly execute arbitrary code, when the lbs_ibss_join_existing function is called a

  • CVE-2019-19227MedNov 22, 2019
    affected < 4.12.14-16.7.1fixed 4.12.14-16.7.1

    In the AppleTalk subsystem in the Linux kernel before 5.1, there is a potential NULL pointer dereference because register_snap_client may return NULL. This will lead to denial of service in net/appletalk/aarp.c and net/appletalk/ddp.c, as demonstrated by unregister_snap_client, a

  • CVE-2019-19036MedNov 21, 2019
    affected < 4.12.14-16.10.1fixed 4.12.14-16.10.1

    btrfs_root_node in fs/btrfs/ctree.c in the Linux kernel through 5.3.12 allows a NULL pointer dereference because rcu_dereference(root->node) can be zero.

  • CVE-2019-19083MedNov 18, 2019
    affected < 4.12.14-16.7.1fixed 4.12.14-16.7.1

    Memory leaks in *clock_source_create() functions under drivers/gpu/drm/amd/display/dc in the Linux kernel before 5.3.8 allow attackers to cause a denial of service (memory consumption). This affects the dce112_clock_source_create() function in drivers/gpu/drm/amd/display/dc/dce11

  • CVE-2019-19082MedNov 18, 2019
    affected < 4.12.14-16.7.1fixed 4.12.14-16.7.1

    Memory leaks in *create_resource_pool() functions under drivers/gpu/drm/amd/display/dc in the Linux kernel through 5.3.11 allow attackers to cause a denial of service (memory consumption). This affects the dce120_create_resource_pool() function in drivers/gpu/drm/amd/display/dc/d

  • CVE-2019-19081MedNov 18, 2019
    affected < 4.12.14-16.7.1fixed 4.12.14-16.7.1

    A memory leak in the nfp_flower_spawn_vnic_reprs() function in drivers/net/ethernet/netronome/nfp/flower/main.c in the Linux kernel before 5.3.4 allows attackers to cause a denial of service (memory consumption), aka CID-8ce39eb5a67a.

  • CVE-2019-19080MedNov 18, 2019
    affected < 4.12.14-16.7.1fixed 4.12.14-16.7.1

    Four memory leaks in the nfp_flower_spawn_phy_reprs() function in drivers/net/ethernet/netronome/nfp/flower/main.c in the Linux kernel before 5.3.4 allow attackers to cause a denial of service (memory consumption), aka CID-8572cea1461a.

Page 71 of 75