rpm package
suse/kernel-xen&distro=SUSE Linux Enterprise Server 11 SP4-LTSS
pkg:rpm/suse/kernel-xen&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP4-LTSS
Vulnerabilities (177)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2020-25643 | — | < 3.0.101-108.120.1 | 3.0.101-108.120.1 | Oct 6, 2020 | A flaw was found in the HDLC_PPP module of the Linux kernel in versions before 5.9-rc7. Memory corruption and a read overflow is caused by improper input validation in the ppp_cp_parse_cr function which can cause the system to crash or cause a denial of service. The highest threa | ||
| CVE-2020-14390 | — | < 3.0.101-108.120.1 | 3.0.101-108.120.1 | Sep 18, 2020 | A flaw was found in the Linux kernel in versions before 5.9-rc6. When changing screen size, an out-of-bounds memory write can occur leading to memory corruption or a denial of service. Due to the nature of the flaw, privilege escalation cannot be fully ruled out. | ||
| CVE-2020-0431 | — | < 3.0.101-108.120.1 | 3.0.101-108.120.1 | Sep 17, 2020 | In kbd_keycode of keyboard.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android | ||
| CVE-2020-0404 | — | < 3.0.101-108.120.1 | 3.0.101-108.120.1 | Sep 17, 2020 | In uvc_scan_chain_forward of uvc_driver.c, there is a possible linked list corruption due to an unusual root cause. This could lead to local escalation of privilege in the kernel with no additional execution privileges needed. User interaction is not needed for exploitation.Produ | ||
| CVE-2020-14331 | — | < 3.0.101-108.120.1 | 3.0.101-108.120.1 | Sep 15, 2020 | A flaw was found in the Linux kernel’s implementation of the invert video code on VGA consoles when a local attacker attempts to resize the console, calling an ioctl VT_RESIZE, which causes an out-of-bounds write to occur. This flaw allows a local user with access to the VGA cons | ||
| CVE-2020-25284 | — | < 3.0.101-108.120.1 | 3.0.101-108.120.1 | Sep 13, 2020 | The rbd block device driver in drivers/block/rbd.c in the Linux kernel through 5.8.9 used incomplete permission checking for access to rbd devices, which could be leveraged by local attackers to map or unmap rbd block devices, aka CID-f44d04e696fe. | ||
| CVE-2020-25285 | — | < 3.0.101-108.120.1 | 3.0.101-108.120.1 | Sep 13, 2020 | A race condition between hugetlb sysctl handlers in mm/hugetlb.c in the Linux kernel before 5.8.8 could be used by local attackers to corrupt memory, cause a NULL pointer dereference, or possibly have unspecified other impact, aka CID-17743798d812. | ||
| CVE-2020-10773 | — | < 3.0.101-108.117.1 | 3.0.101-108.117.1 | Sep 10, 2020 | A stack information leak flaw was found in s390/s390x in the Linux kernel’s memory manager functionality, where it incorrectly writes to the /proc/sys/vm/cmm_timeout file. This flaw allows a local user to see the kernel data. | ||
| CVE-2020-25211 | — | < 3.0.101-108.120.1 | 3.0.101-108.120.1 | Sep 9, 2020 | In the Linux kernel through 5.8.7, local attackers able to inject conntrack netlink configuration could overflow a local buffer, causing crashes or triggering use of incorrect protocol numbers in ctnetlink_parse_tuple_filter in net/netfilter/nf_conntrack_netlink.c, aka CID-1cc5ef | ||
| CVE-2020-0305 | — | < 3.0.101-108.117.1 | 3.0.101-108.117.1 | Jul 17, 2020 | In cdev_get of char_dev.c, there is a possible use-after-free due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-15346 | ||
| CVE-2020-10769 | — | < 3.0.101-108.117.1 | 3.0.101-108.117.1 | Jun 26, 2020 | A buffer over-read flaw was found in RH kernel versions before 5.0 in crypto_authenc_extractkeys in crypto/authenc.c in the IPsec Cryptographic algorithm's module, authenc. When a payload longer than 4 bytes, and is not following 4-byte alignment boundary guidelines, it causes a | ||
| CVE-2020-14416 | — | < 3.0.101-108.117.1 | 3.0.101-108.117.1 | Jun 18, 2020 | In the Linux kernel before 5.4.16, a race condition in tty->disc_data handling in the slip and slcan line discipline could lead to a use-after-free, aka CID-0ace17d56824. This affects drivers/net/slip/slip.c and drivers/net/can/slcan.c. | ||
| CVE-2020-0543 | — | < 3.0.101-108.114.1 | 3.0.101-108.114.1 | Jun 15, 2020 | Incomplete cleanup from specific special register read operations in some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access. | ||
| CVE-2020-10732 | — | < 3.0.101-108.117.1 | 3.0.101-108.117.1 | Jun 12, 2020 | A flaw was found in the Linux kernel's implementation of Userspace core dumps. This flaw allows an attacker with a local account to crash a trivial program and exfiltrate private kernel data. | ||
| CVE-2020-13974 | — | < 3.0.101-108.117.1 | 3.0.101-108.117.1 | Jun 9, 2020 | An issue was discovered in the Linux kernel 4.4 through 5.7.1. drivers/tty/vt/keyboard.c has an integer overflow if k_ascii is called several times in a row, aka CID-b86dab054059. NOTE: Members in the community argue that the integer overflow does not lead to a security issue in | ||
| CVE-2020-12770 | — | < 3.0.101-108.135.1 | 3.0.101-108.135.1 | May 9, 2020 | An issue was discovered in the Linux kernel through 5.6.11. sg_write lacks an sg_remove_request call in a certain failure case, aka CID-83c6f2390040. | ||
| CVE-2020-10690 | — | < 3.0.101-108.114.1 | 3.0.101-108.114.1 | May 8, 2020 | There is a use-after-free in kernel versions before 5.5 due to a race condition between the release of ptp_clock and cdev while resource deallocation. When a (high privileged) process allocates a ptp device file (like /dev/ptpX) and voluntarily goes to sleep. During this time if | ||
| CVE-2020-12656 | — | < 3.0.101-108.117.1 | 3.0.101-108.117.1 | May 5, 2020 | gss_mech_free in net/sunrpc/auth_gss/gss_mech_switch.c in the rpcsec_gss_krb5 implementation in the Linux kernel through 5.6.10 lacks certain domain_release calls, leading to a memory leak. Note: This was disputed with the assertion that the issue does not grant any access not al | ||
| CVE-2020-12654 | — | < 3.0.101-108.114.1 | 3.0.101-108.114.1 | May 5, 2020 | An issue was found in Linux kernel before 5.5.4. mwifiex_ret_wmm_get_status() in drivers/net/wireless/marvell/mwifiex/wmm.c allows a remote AP to trigger a heap-based buffer overflow because of an incorrect memcpy, aka CID-3a9b153c5591. | ||
| CVE-2020-12653 | — | < 3.0.101-108.114.1 | 3.0.101-108.114.1 | May 5, 2020 | An issue was found in Linux kernel before 5.5.4. The mwifiex_cmd_append_vsie_tlv() function in drivers/net/wireless/marvell/mwifiex/scan.c allows local users to gain privileges or cause a denial of service because of an incorrect memcpy and buffer overflow, aka CID-b70261a288ea. |
- CVE-2020-25643Oct 6, 2020affected < 3.0.101-108.120.1fixed 3.0.101-108.120.1
A flaw was found in the HDLC_PPP module of the Linux kernel in versions before 5.9-rc7. Memory corruption and a read overflow is caused by improper input validation in the ppp_cp_parse_cr function which can cause the system to crash or cause a denial of service. The highest threa
- CVE-2020-14390Sep 18, 2020affected < 3.0.101-108.120.1fixed 3.0.101-108.120.1
A flaw was found in the Linux kernel in versions before 5.9-rc6. When changing screen size, an out-of-bounds memory write can occur leading to memory corruption or a denial of service. Due to the nature of the flaw, privilege escalation cannot be fully ruled out.
- CVE-2020-0431Sep 17, 2020affected < 3.0.101-108.120.1fixed 3.0.101-108.120.1
In kbd_keycode of keyboard.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android
- CVE-2020-0404Sep 17, 2020affected < 3.0.101-108.120.1fixed 3.0.101-108.120.1
In uvc_scan_chain_forward of uvc_driver.c, there is a possible linked list corruption due to an unusual root cause. This could lead to local escalation of privilege in the kernel with no additional execution privileges needed. User interaction is not needed for exploitation.Produ
- CVE-2020-14331Sep 15, 2020affected < 3.0.101-108.120.1fixed 3.0.101-108.120.1
A flaw was found in the Linux kernel’s implementation of the invert video code on VGA consoles when a local attacker attempts to resize the console, calling an ioctl VT_RESIZE, which causes an out-of-bounds write to occur. This flaw allows a local user with access to the VGA cons
- CVE-2020-25284Sep 13, 2020affected < 3.0.101-108.120.1fixed 3.0.101-108.120.1
The rbd block device driver in drivers/block/rbd.c in the Linux kernel through 5.8.9 used incomplete permission checking for access to rbd devices, which could be leveraged by local attackers to map or unmap rbd block devices, aka CID-f44d04e696fe.
- CVE-2020-25285Sep 13, 2020affected < 3.0.101-108.120.1fixed 3.0.101-108.120.1
A race condition between hugetlb sysctl handlers in mm/hugetlb.c in the Linux kernel before 5.8.8 could be used by local attackers to corrupt memory, cause a NULL pointer dereference, or possibly have unspecified other impact, aka CID-17743798d812.
- CVE-2020-10773Sep 10, 2020affected < 3.0.101-108.117.1fixed 3.0.101-108.117.1
A stack information leak flaw was found in s390/s390x in the Linux kernel’s memory manager functionality, where it incorrectly writes to the /proc/sys/vm/cmm_timeout file. This flaw allows a local user to see the kernel data.
- CVE-2020-25211Sep 9, 2020affected < 3.0.101-108.120.1fixed 3.0.101-108.120.1
In the Linux kernel through 5.8.7, local attackers able to inject conntrack netlink configuration could overflow a local buffer, causing crashes or triggering use of incorrect protocol numbers in ctnetlink_parse_tuple_filter in net/netfilter/nf_conntrack_netlink.c, aka CID-1cc5ef
- CVE-2020-0305Jul 17, 2020affected < 3.0.101-108.117.1fixed 3.0.101-108.117.1
In cdev_get of char_dev.c, there is a possible use-after-free due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-15346
- CVE-2020-10769Jun 26, 2020affected < 3.0.101-108.117.1fixed 3.0.101-108.117.1
A buffer over-read flaw was found in RH kernel versions before 5.0 in crypto_authenc_extractkeys in crypto/authenc.c in the IPsec Cryptographic algorithm's module, authenc. When a payload longer than 4 bytes, and is not following 4-byte alignment boundary guidelines, it causes a
- CVE-2020-14416Jun 18, 2020affected < 3.0.101-108.117.1fixed 3.0.101-108.117.1
In the Linux kernel before 5.4.16, a race condition in tty->disc_data handling in the slip and slcan line discipline could lead to a use-after-free, aka CID-0ace17d56824. This affects drivers/net/slip/slip.c and drivers/net/can/slcan.c.
- CVE-2020-0543Jun 15, 2020affected < 3.0.101-108.114.1fixed 3.0.101-108.114.1
Incomplete cleanup from specific special register read operations in some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.
- CVE-2020-10732Jun 12, 2020affected < 3.0.101-108.117.1fixed 3.0.101-108.117.1
A flaw was found in the Linux kernel's implementation of Userspace core dumps. This flaw allows an attacker with a local account to crash a trivial program and exfiltrate private kernel data.
- CVE-2020-13974Jun 9, 2020affected < 3.0.101-108.117.1fixed 3.0.101-108.117.1
An issue was discovered in the Linux kernel 4.4 through 5.7.1. drivers/tty/vt/keyboard.c has an integer overflow if k_ascii is called several times in a row, aka CID-b86dab054059. NOTE: Members in the community argue that the integer overflow does not lead to a security issue in
- CVE-2020-12770May 9, 2020affected < 3.0.101-108.135.1fixed 3.0.101-108.135.1
An issue was discovered in the Linux kernel through 5.6.11. sg_write lacks an sg_remove_request call in a certain failure case, aka CID-83c6f2390040.
- CVE-2020-10690May 8, 2020affected < 3.0.101-108.114.1fixed 3.0.101-108.114.1
There is a use-after-free in kernel versions before 5.5 due to a race condition between the release of ptp_clock and cdev while resource deallocation. When a (high privileged) process allocates a ptp device file (like /dev/ptpX) and voluntarily goes to sleep. During this time if
- CVE-2020-12656May 5, 2020affected < 3.0.101-108.117.1fixed 3.0.101-108.117.1
gss_mech_free in net/sunrpc/auth_gss/gss_mech_switch.c in the rpcsec_gss_krb5 implementation in the Linux kernel through 5.6.10 lacks certain domain_release calls, leading to a memory leak. Note: This was disputed with the assertion that the issue does not grant any access not al
- CVE-2020-12654May 5, 2020affected < 3.0.101-108.114.1fixed 3.0.101-108.114.1
An issue was found in Linux kernel before 5.5.4. mwifiex_ret_wmm_get_status() in drivers/net/wireless/marvell/mwifiex/wmm.c allows a remote AP to trigger a heap-based buffer overflow because of an incorrect memcpy, aka CID-3a9b153c5591.
- CVE-2020-12653May 5, 2020affected < 3.0.101-108.114.1fixed 3.0.101-108.114.1
An issue was found in Linux kernel before 5.5.4. The mwifiex_cmd_append_vsie_tlv() function in drivers/net/wireless/marvell/mwifiex/scan.c allows local users to gain privileges or cause a denial of service because of an incorrect memcpy and buffer overflow, aka CID-b70261a288ea.
Page 4 of 9