rpm package

suse/kernel-xen&distro=SUSE Linux Enterprise Server for SAP Applications 12 SP1

pkg:rpm/suse/kernel-xen&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP1

Vulnerabilities (364)

CVE	CVSS	Affected versions	Fixed in	Published	Description
CVE-2017-18509	—	< 3.12.74-60.64.124.1	3.12.74-60.64.124.1	Aug 13, 2019	An issue was discovered in net/ipv6/ip6mr.c in the Linux kernel before 4.11. By setting a specific socket option, an attacker can control a pointer in kernel land and cause an inet_csk_listen_stop general protection fault, or potentially execute arbitrary code under certain circu
CVE-2019-14284	—	< 3.12.74-60.64.121.1	3.12.74-60.64.121.1	Jul 26, 2019	In the Linux kernel before 5.2.3, drivers/block/floppy.c allows a denial of service by setup_format_params division-by-zero. Two consecutive ioctls can trigger the bug: the first one should set the drive geometry with .sect and .rate values that make F_SECT_PER_TRACK be zero. Nex
CVE-2019-14283	—	< 3.12.74-60.64.121.1	3.12.74-60.64.121.1	Jul 26, 2019	In the Linux kernel before 5.2.3, set_geometry in drivers/block/floppy.c does not validate the sect and head fields, as demonstrated by an integer overflow and out-of-bounds read. It can be triggered by an unprivileged local user when a floppy disk has been inserted. NOTE: QEMU c
CVE-2018-20855	—	< 3.12.74-60.64.121.1	3.12.74-60.64.121.1	Jul 26, 2019	An issue was discovered in the Linux kernel before 4.18.7. In create_qp_common in drivers/infiniband/hw/mlx5/qp.c, mlx5_ib_create_qp_resp was never initialized, resulting in a leak of stack memory to userspace.
CVE-2019-13648	—	< 3.12.74-60.64.121.1	3.12.74-60.64.121.1	Jul 19, 2019	In the Linux kernel through 5.2.1 on the powerpc platform, when hardware transactional memory is disabled, a local user can cause a denial of service (TM Bad Thing exception and system crash) via a sigreturn() system call that sends a crafted signal frame. This affects arch/power
CVE-2019-13631	—	< 3.12.74-60.64.121.1	3.12.74-60.64.121.1	Jul 17, 2019	In parse_hid_report_descriptor in drivers/input/tablet/gtco.c in the Linux kernel through 5.2.1, a malicious USB device can send an HID report that triggers an out-of-bounds write during generation of debugging messages.
CVE-2019-11479	—	< 3.12.74-60.64.115.1	3.12.74-60.64.115.1	Jun 18, 2019	Jonathan Looney discovered that the Linux kernel default MSS is hard-coded to 48 bytes. This allows a remote peer to fragment TCP resend queues significantly more than if a larger MSS were enforced. A remote attacker could use this to cause a denial of service. This has been fixe
CVE-2019-11478	—	< 3.12.74-60.64.115.1	3.12.74-60.64.115.1	Jun 18, 2019	Jonathan Looney discovered that the TCP retransmission queue implementation in tcp_fragment in the Linux kernel could be fragmented when handling certain TCP Selective Acknowledgment (SACK) sequences. A remote attacker could use this to cause a denial of service. This has been fi
CVE-2019-11477	—	< 3.12.74-60.64.115.1	3.12.74-60.64.115.1	Jun 18, 2019	Jonathan Looney discovered that the TCP_SKB_CB(skb)->tcp_gso_segs value was subject to an integer overflow in the Linux kernel when handling TCP Selective Acknowledgments (SACKs). A remote attacker could use this to cause a denial of service. This has been fixed in stable kernel
CVE-2019-12818	—	< 3.12.74-60.64.118.1	3.12.74-60.64.118.1	Jun 14, 2019	An issue was discovered in the Linux kernel before 4.20.15. The nfc_llcp_build_tlv function in net/nfc/llcp_commands.c may return NULL. If the caller does not check for this, it will trigger a NULL pointer dereference. This will cause denial of service. This affects nfc_llcp_buil
CVE-2019-12614	—	< 3.12.74-60.64.118.1	3.12.74-60.64.118.1	Jun 3, 2019	An issue was discovered in dlpar_parse_cc_property in arch/powerpc/platforms/pseries/dlpar.c in the Linux kernel through 5.1.6. There is an unchecked kstrdup of prop->name, which might allow an attacker to cause a denial of service (NULL pointer dereference and system crash).
CVE-2019-3846	—	< 3.12.74-60.64.115.1	3.12.74-60.64.115.1	Jun 3, 2019	A flaw that allowed an attacker to corrupt memory and possibly escalate privileges was found in the mwifiex kernel module while connecting to a malicious wireless network.
CVE-2018-12130	—	< 3.12.74-60.64.110.1	3.12.74-60.64.110.1	May 30, 2019	Microarchitectural Fill Buffer Data Sampling (MFBDS): Fill buffers on some microprocessors utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access. A list of impacted products can be found h
CVE-2018-12127	—	< 3.12.74-60.64.110.1	3.12.74-60.64.110.1	May 30, 2019	Microarchitectural Load Port Data Sampling (MLPDS): Load ports on some microprocessors utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access. A list of impacted products can be found here:
CVE-2018-12126	—	< 3.12.74-60.64.110.1	3.12.74-60.64.110.1	May 30, 2019	Microarchitectural Store Buffer Data Sampling (MSBDS): Store buffers on some microprocessors utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access. A list of impacted products can be found
CVE-2019-11091	—	< 3.12.74-60.64.110.1	3.12.74-60.64.110.1	May 30, 2019	Microarchitectural Data Sampling Uncacheable Memory (MDSUM): Uncacheable memory on some microprocessors utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access. A list of impacted products c
CVE-2019-12456	—	< 3.12.74-60.64.118.1	3.12.74-60.64.118.1	May 30, 2019	An issue was discovered in the MPT3COMMAND case in _ctl_ioctl_main in drivers/scsi/mpt3sas/mpt3sas_ctl.c in the Linux kernel through 5.1.5. It allows local users to cause a denial of service or possibly have unspecified other impact by changing the value of ioc_number between two
CVE-2018-7191	—	< 3.12.74-60.64.118.1	3.12.74-60.64.118.1	May 17, 2019	In the tun subsystem in the Linux kernel before 4.13.14, dev_get_valid_name is not called before register_netdevice. This allows local users to cause a denial of service (NULL pointer dereference and panic) via an ioctl(TUNSETIFF) call with a dev name containing a / character. Th
CVE-2019-11833	—	< 3.12.74-60.64.115.1	3.12.74-60.64.115.1	May 15, 2019	fs/ext4/extents.c in the Linux kernel through 5.1.2 does not zero out the unused memory region in the extent tree block, which might allow local users to obtain sensitive information by reading uninitialized data in the filesystem.
CVE-2019-11884	—	< 3.12.74-60.64.115.1	3.12.74-60.64.115.1	May 10, 2019	The do_hidp_sock_ioctl function in net/bluetooth/hidp/sock.c in the Linux kernel before 5.0.15 allows a local user to obtain potentially sensitive information from kernel stack memory via a HIDPCONNADD command, because a name field may not end with a '\0' character.

CVE-2017-18509Aug 13, 2019
affected < 3.12.74-60.64.124.1fixed 3.12.74-60.64.124.1
An issue was discovered in net/ipv6/ip6mr.c in the Linux kernel before 4.11. By setting a specific socket option, an attacker can control a pointer in kernel land and cause an inet_csk_listen_stop general protection fault, or potentially execute arbitrary code under certain circu
CVE-2019-14284Jul 26, 2019
affected < 3.12.74-60.64.121.1fixed 3.12.74-60.64.121.1
In the Linux kernel before 5.2.3, drivers/block/floppy.c allows a denial of service by setup_format_params division-by-zero. Two consecutive ioctls can trigger the bug: the first one should set the drive geometry with .sect and .rate values that make F_SECT_PER_TRACK be zero. Nex
CVE-2019-14283Jul 26, 2019
affected < 3.12.74-60.64.121.1fixed 3.12.74-60.64.121.1
In the Linux kernel before 5.2.3, set_geometry in drivers/block/floppy.c does not validate the sect and head fields, as demonstrated by an integer overflow and out-of-bounds read. It can be triggered by an unprivileged local user when a floppy disk has been inserted. NOTE: QEMU c
CVE-2018-20855Jul 26, 2019
affected < 3.12.74-60.64.121.1fixed 3.12.74-60.64.121.1
An issue was discovered in the Linux kernel before 4.18.7. In create_qp_common in drivers/infiniband/hw/mlx5/qp.c, mlx5_ib_create_qp_resp was never initialized, resulting in a leak of stack memory to userspace.
CVE-2019-13648Jul 19, 2019
affected < 3.12.74-60.64.121.1fixed 3.12.74-60.64.121.1
In the Linux kernel through 5.2.1 on the powerpc platform, when hardware transactional memory is disabled, a local user can cause a denial of service (TM Bad Thing exception and system crash) via a sigreturn() system call that sends a crafted signal frame. This affects arch/power
CVE-2019-13631Jul 17, 2019
affected < 3.12.74-60.64.121.1fixed 3.12.74-60.64.121.1
In parse_hid_report_descriptor in drivers/input/tablet/gtco.c in the Linux kernel through 5.2.1, a malicious USB device can send an HID report that triggers an out-of-bounds write during generation of debugging messages.
CVE-2019-11479Jun 18, 2019
affected < 3.12.74-60.64.115.1fixed 3.12.74-60.64.115.1
Jonathan Looney discovered that the Linux kernel default MSS is hard-coded to 48 bytes. This allows a remote peer to fragment TCP resend queues significantly more than if a larger MSS were enforced. A remote attacker could use this to cause a denial of service. This has been fixe
CVE-2019-11478Jun 18, 2019
affected < 3.12.74-60.64.115.1fixed 3.12.74-60.64.115.1
Jonathan Looney discovered that the TCP retransmission queue implementation in tcp_fragment in the Linux kernel could be fragmented when handling certain TCP Selective Acknowledgment (SACK) sequences. A remote attacker could use this to cause a denial of service. This has been fi
CVE-2019-11477Jun 18, 2019
affected < 3.12.74-60.64.115.1fixed 3.12.74-60.64.115.1
Jonathan Looney discovered that the TCP_SKB_CB(skb)->tcp_gso_segs value was subject to an integer overflow in the Linux kernel when handling TCP Selective Acknowledgments (SACKs). A remote attacker could use this to cause a denial of service. This has been fixed in stable kernel
CVE-2019-12818Jun 14, 2019
affected < 3.12.74-60.64.118.1fixed 3.12.74-60.64.118.1
An issue was discovered in the Linux kernel before 4.20.15. The nfc_llcp_build_tlv function in net/nfc/llcp_commands.c may return NULL. If the caller does not check for this, it will trigger a NULL pointer dereference. This will cause denial of service. This affects nfc_llcp_buil
CVE-2019-12614Jun 3, 2019
affected < 3.12.74-60.64.118.1fixed 3.12.74-60.64.118.1
An issue was discovered in dlpar_parse_cc_property in arch/powerpc/platforms/pseries/dlpar.c in the Linux kernel through 5.1.6. There is an unchecked kstrdup of prop->name, which might allow an attacker to cause a denial of service (NULL pointer dereference and system crash).
CVE-2019-3846Jun 3, 2019
affected < 3.12.74-60.64.115.1fixed 3.12.74-60.64.115.1
A flaw that allowed an attacker to corrupt memory and possibly escalate privileges was found in the mwifiex kernel module while connecting to a malicious wireless network.
CVE-2018-12130May 30, 2019
affected < 3.12.74-60.64.110.1fixed 3.12.74-60.64.110.1
Microarchitectural Fill Buffer Data Sampling (MFBDS): Fill buffers on some microprocessors utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access. A list of impacted products can be found h
CVE-2018-12127May 30, 2019
affected < 3.12.74-60.64.110.1fixed 3.12.74-60.64.110.1
Microarchitectural Load Port Data Sampling (MLPDS): Load ports on some microprocessors utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access. A list of impacted products can be found here:
CVE-2018-12126May 30, 2019
affected < 3.12.74-60.64.110.1fixed 3.12.74-60.64.110.1
Microarchitectural Store Buffer Data Sampling (MSBDS): Store buffers on some microprocessors utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access. A list of impacted products can be found
CVE-2019-11091May 30, 2019
affected < 3.12.74-60.64.110.1fixed 3.12.74-60.64.110.1
Microarchitectural Data Sampling Uncacheable Memory (MDSUM): Uncacheable memory on some microprocessors utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access. A list of impacted products c
CVE-2019-12456May 30, 2019
affected < 3.12.74-60.64.118.1fixed 3.12.74-60.64.118.1
An issue was discovered in the MPT3COMMAND case in _ctl_ioctl_main in drivers/scsi/mpt3sas/mpt3sas_ctl.c in the Linux kernel through 5.1.5. It allows local users to cause a denial of service or possibly have unspecified other impact by changing the value of ioc_number between two
CVE-2018-7191May 17, 2019
affected < 3.12.74-60.64.118.1fixed 3.12.74-60.64.118.1
In the tun subsystem in the Linux kernel before 4.13.14, dev_get_valid_name is not called before register_netdevice. This allows local users to cause a denial of service (NULL pointer dereference and panic) via an ioctl(TUNSETIFF) call with a dev name containing a / character. Th
CVE-2019-11833May 15, 2019
affected < 3.12.74-60.64.115.1fixed 3.12.74-60.64.115.1
fs/ext4/extents.c in the Linux kernel through 5.1.2 does not zero out the unused memory region in the extent tree block, which might allow local users to obtain sensitive information by reading uninitialized data in the filesystem.
CVE-2019-11884May 10, 2019
affected < 3.12.74-60.64.115.1fixed 3.12.74-60.64.115.1
The do_hidp_sock_ioctl function in net/bluetooth/hidp/sock.c in the Linux kernel before 5.0.15 allows a local user to obtain potentially sensitive information from kernel stack memory via a HIDPCONNADD command, because a name field may not end with a '\0' character.

Page 3 of 19