rpm package
suse/kernel-xen&distro=SUSE Linux Enterprise Server for SAP Applications 12 SP1
pkg:rpm/suse/kernel-xen&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP1
Vulnerabilities (364)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2019-15927 | — | < 3.12.74-60.64.124.1 | 3.12.74-60.64.124.1 | Sep 4, 2019 | An issue was discovered in the Linux kernel before 4.20.2. An out-of-bounds access exists in the function build_audio_procunit in the file sound/usb/mixer.c. | ||
| CVE-2019-15902 | — | < 3.12.74-60.64.124.1 | 3.12.74-60.64.124.1 | Sep 4, 2019 | A backporting error was discovered in the Linux stable/longterm kernel 4.4.x through 4.4.190, 4.9.x through 4.9.190, 4.14.x through 4.14.141, 4.19.x through 4.19.69, and 5.2.x through 5.2.11. Misuse of the upstream "x86/ptrace: Fix possible spectre-v1 in ptrace_get_debugreg()" co | ||
| CVE-2019-1125 | — | < 3.12.74-60.64.121.1 | 3.12.74-60.64.121.1 | Sep 3, 2019 | An information disclosure vulnerability exists when certain central processing units (CPU) speculatively access memory. An attacker who successfully exploited the vulnerability could read privileged data across trust boundaries. To exploit this vulnerability, an attacker would ha | ||
| CVE-2019-15807 | — | < 3.12.74-60.64.124.1 | 3.12.74-60.64.124.1 | Aug 29, 2019 | In the Linux kernel before 5.1.13, there is a memory leak in drivers/scsi/libsas/sas_expander.c when SAS expander discovery fails. This will cause a BUG and denial of service. | ||
| CVE-2019-15505 | — | < 3.12.74-60.64.124.1 | 3.12.74-60.64.124.1 | Aug 23, 2019 | drivers/media/usb/dvb-usb/technisat-usb2.c in the Linux kernel through 5.2.9 has an out-of-bounds read via crafted USB device traffic (which may be remote via usbip or usbredir). | ||
| CVE-2019-15291 | — | < 3.12.74-60.64.124.1 | 3.12.74-60.64.124.1 | Aug 20, 2019 | An issue was discovered in the Linux kernel through 5.2.9. There is a NULL pointer dereference caused by a malicious USB device in the flexcop_usb_probe function in the drivers/media/usb/b2c2/flexcop-usb.c driver. | ||
| CVE-2019-15212 | — | < 3.12.74-60.64.124.1 | 3.12.74-60.64.124.1 | Aug 19, 2019 | An issue was discovered in the Linux kernel before 5.1.8. There is a double-free caused by a malicious USB device in the drivers/usb/misc/rio500.c driver. | ||
| CVE-2019-15215 | — | < 3.12.74-60.64.124.1 | 3.12.74-60.64.124.1 | Aug 19, 2019 | An issue was discovered in the Linux kernel before 5.2.6. There is a use-after-free caused by a malicious USB device in the drivers/media/usb/cpia2/cpia2_usb.c driver. | ||
| CVE-2019-15216 | — | < 3.12.74-60.64.124.1 | 3.12.74-60.64.124.1 | Aug 19, 2019 | An issue was discovered in the Linux kernel before 5.0.14. There is a NULL pointer dereference caused by a malicious USB device in the drivers/usb/misc/yurex.c driver. | ||
| CVE-2019-15217 | — | < 3.12.74-60.64.124.1 | 3.12.74-60.64.124.1 | Aug 19, 2019 | An issue was discovered in the Linux kernel before 5.2.3. There is a NULL pointer dereference caused by a malicious USB device in the drivers/media/usb/zr364xx/zr364xx.c driver. | ||
| CVE-2019-15218 | — | < 3.12.74-60.64.124.1 | 3.12.74-60.64.124.1 | Aug 19, 2019 | An issue was discovered in the Linux kernel before 5.1.8. There is a NULL pointer dereference caused by a malicious USB device in the drivers/media/usb/siano/smsusb.c driver. | ||
| CVE-2019-15219 | — | < 3.12.74-60.64.124.1 | 3.12.74-60.64.124.1 | Aug 19, 2019 | An issue was discovered in the Linux kernel before 5.1.8. There is a NULL pointer dereference caused by a malicious USB device in the drivers/usb/misc/sisusbvga/sisusb.c driver. | ||
| CVE-2019-15220 | — | < 3.12.74-60.64.124.1 | 3.12.74-60.64.124.1 | Aug 19, 2019 | An issue was discovered in the Linux kernel before 5.2.1. There is a use-after-free caused by a malicious USB device in the drivers/net/wireless/intersil/p54/p54usb.c driver. | ||
| CVE-2019-15221 | — | < 3.12.74-60.64.124.1 | 3.12.74-60.64.124.1 | Aug 19, 2019 | An issue was discovered in the Linux kernel before 5.1.17. There is a NULL pointer dereference caused by a malicious USB device in the sound/usb/line6/pcm.c driver. | ||
| CVE-2018-20976 | — | < 3.12.74-60.64.124.1 | 3.12.74-60.64.124.1 | Aug 19, 2019 | An issue was discovered in fs/xfs/xfs_super.c in the Linux kernel before 4.18. A use after free exists, related to xfs_fs_fill_super failure. | ||
| CVE-2016-10906 | — | < 3.12.74-60.64.124.1 | 3.12.74-60.64.124.1 | Aug 19, 2019 | An issue was discovered in drivers/net/ethernet/arc/emac_main.c in the Linux kernel before 4.5. A use-after-free is caused by a race condition between the functions arc_emac_tx and arc_emac_tx_clean. | ||
| CVE-2017-18551 | — | < 3.12.74-60.64.124.1 | 3.12.74-60.64.124.1 | Aug 19, 2019 | An issue was discovered in drivers/i2c/i2c-core-smbus.c in the Linux kernel before 4.14.15. There is an out of bounds write in the function i2c_smbus_xfer_emulated. | ||
| CVE-2019-15118 | — | < 3.12.74-60.64.124.1 | 3.12.74-60.64.124.1 | Aug 16, 2019 | check_input_term in sound/usb/mixer.c in the Linux kernel through 5.2.9 mishandles recursion, leading to kernel stack exhaustion. | ||
| CVE-2019-15098 | — | < 3.12.74-60.64.124.1 | 3.12.74-60.64.124.1 | Aug 16, 2019 | drivers/net/wireless/ath/ath6kl/usb.c in the Linux kernel through 5.2.9 has a NULL pointer dereference via an incomplete address in an endpoint descriptor. | ||
| CVE-2019-9506 | — | < 3.12.74-60.64.124.1 | 3.12.74-60.64.124.1 | Aug 14, 2019 | The Bluetooth BR/EDR specification up to and including version 5.1 permits sufficiently low encryption key length and does not prevent an attacker from influencing the key length negotiation. This allows practical brute-force attacks (aka "KNOB") that can decrypt traffic and inje |
- CVE-2019-15927Sep 4, 2019affected < 3.12.74-60.64.124.1fixed 3.12.74-60.64.124.1
An issue was discovered in the Linux kernel before 4.20.2. An out-of-bounds access exists in the function build_audio_procunit in the file sound/usb/mixer.c.
- CVE-2019-15902Sep 4, 2019affected < 3.12.74-60.64.124.1fixed 3.12.74-60.64.124.1
A backporting error was discovered in the Linux stable/longterm kernel 4.4.x through 4.4.190, 4.9.x through 4.9.190, 4.14.x through 4.14.141, 4.19.x through 4.19.69, and 5.2.x through 5.2.11. Misuse of the upstream "x86/ptrace: Fix possible spectre-v1 in ptrace_get_debugreg()" co
- CVE-2019-1125Sep 3, 2019affected < 3.12.74-60.64.121.1fixed 3.12.74-60.64.121.1
An information disclosure vulnerability exists when certain central processing units (CPU) speculatively access memory. An attacker who successfully exploited the vulnerability could read privileged data across trust boundaries. To exploit this vulnerability, an attacker would ha
- CVE-2019-15807Aug 29, 2019affected < 3.12.74-60.64.124.1fixed 3.12.74-60.64.124.1
In the Linux kernel before 5.1.13, there is a memory leak in drivers/scsi/libsas/sas_expander.c when SAS expander discovery fails. This will cause a BUG and denial of service.
- CVE-2019-15505Aug 23, 2019affected < 3.12.74-60.64.124.1fixed 3.12.74-60.64.124.1
drivers/media/usb/dvb-usb/technisat-usb2.c in the Linux kernel through 5.2.9 has an out-of-bounds read via crafted USB device traffic (which may be remote via usbip or usbredir).
- CVE-2019-15291Aug 20, 2019affected < 3.12.74-60.64.124.1fixed 3.12.74-60.64.124.1
An issue was discovered in the Linux kernel through 5.2.9. There is a NULL pointer dereference caused by a malicious USB device in the flexcop_usb_probe function in the drivers/media/usb/b2c2/flexcop-usb.c driver.
- CVE-2019-15212Aug 19, 2019affected < 3.12.74-60.64.124.1fixed 3.12.74-60.64.124.1
An issue was discovered in the Linux kernel before 5.1.8. There is a double-free caused by a malicious USB device in the drivers/usb/misc/rio500.c driver.
- CVE-2019-15215Aug 19, 2019affected < 3.12.74-60.64.124.1fixed 3.12.74-60.64.124.1
An issue was discovered in the Linux kernel before 5.2.6. There is a use-after-free caused by a malicious USB device in the drivers/media/usb/cpia2/cpia2_usb.c driver.
- CVE-2019-15216Aug 19, 2019affected < 3.12.74-60.64.124.1fixed 3.12.74-60.64.124.1
An issue was discovered in the Linux kernel before 5.0.14. There is a NULL pointer dereference caused by a malicious USB device in the drivers/usb/misc/yurex.c driver.
- CVE-2019-15217Aug 19, 2019affected < 3.12.74-60.64.124.1fixed 3.12.74-60.64.124.1
An issue was discovered in the Linux kernel before 5.2.3. There is a NULL pointer dereference caused by a malicious USB device in the drivers/media/usb/zr364xx/zr364xx.c driver.
- CVE-2019-15218Aug 19, 2019affected < 3.12.74-60.64.124.1fixed 3.12.74-60.64.124.1
An issue was discovered in the Linux kernel before 5.1.8. There is a NULL pointer dereference caused by a malicious USB device in the drivers/media/usb/siano/smsusb.c driver.
- CVE-2019-15219Aug 19, 2019affected < 3.12.74-60.64.124.1fixed 3.12.74-60.64.124.1
An issue was discovered in the Linux kernel before 5.1.8. There is a NULL pointer dereference caused by a malicious USB device in the drivers/usb/misc/sisusbvga/sisusb.c driver.
- CVE-2019-15220Aug 19, 2019affected < 3.12.74-60.64.124.1fixed 3.12.74-60.64.124.1
An issue was discovered in the Linux kernel before 5.2.1. There is a use-after-free caused by a malicious USB device in the drivers/net/wireless/intersil/p54/p54usb.c driver.
- CVE-2019-15221Aug 19, 2019affected < 3.12.74-60.64.124.1fixed 3.12.74-60.64.124.1
An issue was discovered in the Linux kernel before 5.1.17. There is a NULL pointer dereference caused by a malicious USB device in the sound/usb/line6/pcm.c driver.
- CVE-2018-20976Aug 19, 2019affected < 3.12.74-60.64.124.1fixed 3.12.74-60.64.124.1
An issue was discovered in fs/xfs/xfs_super.c in the Linux kernel before 4.18. A use after free exists, related to xfs_fs_fill_super failure.
- CVE-2016-10906Aug 19, 2019affected < 3.12.74-60.64.124.1fixed 3.12.74-60.64.124.1
An issue was discovered in drivers/net/ethernet/arc/emac_main.c in the Linux kernel before 4.5. A use-after-free is caused by a race condition between the functions arc_emac_tx and arc_emac_tx_clean.
- CVE-2017-18551Aug 19, 2019affected < 3.12.74-60.64.124.1fixed 3.12.74-60.64.124.1
An issue was discovered in drivers/i2c/i2c-core-smbus.c in the Linux kernel before 4.14.15. There is an out of bounds write in the function i2c_smbus_xfer_emulated.
- CVE-2019-15118Aug 16, 2019affected < 3.12.74-60.64.124.1fixed 3.12.74-60.64.124.1
check_input_term in sound/usb/mixer.c in the Linux kernel through 5.2.9 mishandles recursion, leading to kernel stack exhaustion.
- CVE-2019-15098Aug 16, 2019affected < 3.12.74-60.64.124.1fixed 3.12.74-60.64.124.1
drivers/net/wireless/ath/ath6kl/usb.c in the Linux kernel through 5.2.9 has a NULL pointer dereference via an incomplete address in an endpoint descriptor.
- CVE-2019-9506Aug 14, 2019affected < 3.12.74-60.64.124.1fixed 3.12.74-60.64.124.1
The Bluetooth BR/EDR specification up to and including version 5.1 permits sufficiently low encryption key length and does not prevent an attacker from influencing the key length negotiation. This allows practical brute-force attacks (aka "KNOB") that can decrypt traffic and inje
Page 2 of 19