rpm package
suse/kernel-xen&distro=SUSE Linux Enterprise Server for SAP Applications 12 SP1
pkg:rpm/suse/kernel-xen&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP1
Vulnerabilities (364)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2019-8564 | — | < 3.12.74-60.64.110.1 | 3.12.74-60.64.110.1 | Oct 27, 2020 | A logic issue was addressed with improved validation. This issue is fixed in macOS Mojave 10.14.4, Security Update 2019-002 High Sierra, Security Update 2019-002 Sierra. An attacker in a privileged network position can modify driver state. | ||
| CVE-2019-9503 | — | < 3.12.74-60.64.110.1 | 3.12.74-60.64.110.1 | Jan 16, 2020 | The Broadcom brcmfmac WiFi driver prior to commit a4176ec356c73a46c07c181c6d04039fafa34a9f is vulnerable to a frame validation bypass. If the brcmfmac driver receives a firmware event frame from a remote source, the is_wlc_event_frame function will cause this frame to be discarde | ||
| CVE-2019-10220 | — | < 3.12.74-60.64.124.1 | 3.12.74-60.64.124.1 | Nov 27, 2019 | Linux kernel CIFS implementation, version 4.9.0 is vulnerable to a relative paths injection in directory entry lists. | ||
| CVE-2019-10207 | — | < 3.12.74-60.64.124.1 | 3.12.74-60.64.124.1 | Nov 25, 2019 | A flaw was found in the Linux kernel's Bluetooth implementation of UART, all versions kernel 3.x.x before 4.18.0 and kernel 5.x.x. An attacker with local access and write permissions to the Bluetooth hardware could use this flaw to issue a specially crafted ioctl function call an | ||
| CVE-2019-14815 | — | < 3.12.74-60.64.124.1 | 3.12.74-60.64.124.1 | Nov 25, 2019 | A vulnerability was found in Linux Kernel, where a Heap Overflow was found in mwifiex_set_wmm_params() function of Marvell Wifi Driver. | ||
| CVE-2018-12207 | — | < 3.12.74-60.64.124.1 | 3.12.74-60.64.124.1 | Nov 14, 2019 | Improper invalidation for page table updates by a virtual guest operating system for multiple Intel(R) Processors may allow an authenticated user to potentially enable denial of service of the host system via local access. | ||
| CVE-2019-11135 | — | < 3.12.74-60.64.124.1 | 3.12.74-60.64.124.1 | Nov 14, 2019 | TSX Asynchronous Abort condition on some CPUs utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access. | ||
| CVE-2019-17055 | — | < 3.12.74-60.64.124.1 | 3.12.74-60.64.124.1 | Oct 1, 2019 | base_sock_create in drivers/isdn/mISDN/socket.c in the AF_ISDN network module in the Linux kernel through 5.3.2 does not enforce CAP_NET_RAW, which means that unprivileged users can create a raw socket, aka CID-b91ee4aa2a21. | ||
| CVE-2019-17056 | — | < 3.12.74-60.64.124.1 | 3.12.74-60.64.124.1 | Oct 1, 2019 | llcp_sock_create in net/nfc/llcp_sock.c in the AF_NFC network module in the Linux kernel through 5.3.2 does not enforce CAP_NET_RAW, which means that unprivileged users can create a raw socket, aka CID-3a359798b176. | ||
| CVE-2019-14814 | — | < 3.12.74-60.64.124.1 | 3.12.74-60.64.124.1 | Sep 20, 2019 | There is heap-based buffer overflow in Linux kernel, all versions up to, excluding 5.3, in the marvell wifi chip driver in Linux kernel, that allows local users to cause a denial of service(system crash) or possibly execute arbitrary code. | ||
| CVE-2019-14816 | — | < 3.12.74-60.64.124.1 | 3.12.74-60.64.124.1 | Sep 20, 2019 | There is heap-based buffer overflow in kernel, all versions up to, excluding 5.3, in the marvell wifi chip driver in Linux kernel, that allows local users to cause a denial of service(system crash) or possibly execute arbitrary code. | ||
| CVE-2019-14821 | — | < 3.12.74-60.64.124.1 | 3.12.74-60.64.124.1 | Sep 19, 2019 | An out-of-bounds access issue was found in the Linux kernel, all versions through 5.3, in the way Linux kernel's KVM hypervisor implements the Coalesced MMIO write operation. It operates on an MMIO ring buffer 'struct kvm_coalesced_mmio' object, wherein write indices 'ring->first | ||
| CVE-2019-16413 | — | < 3.12.74-60.64.124.1 | 3.12.74-60.64.124.1 | Sep 18, 2019 | An issue was discovered in the Linux kernel before 5.0.4. The 9p filesystem did not protect i_size_write() properly, which causes an i_size_read() infinite loop and denial of service on SMP systems. | ||
| CVE-2019-14835 | — | < 3.12.74-60.64.124.1 | 3.12.74-60.64.124.1 | Sep 17, 2019 | A buffer overflow flaw was found, in versions from 2.6.34 to 5.2.x, in the way Linux kernel's vhost functionality that translates virtqueue buffers to IOVs, logged the buffer descriptors during migration. A privileged guest user able to pass descriptors with invalid length to the | ||
| CVE-2019-16232 | — | < 3.12.74-60.64.124.1 | 3.12.74-60.64.124.1 | Sep 11, 2019 | drivers/net/wireless/marvell/libertas/if_sdio.c in the Linux kernel 5.2.14 does not check the alloc_workqueue return value, leading to a NULL pointer dereference. | ||
| CVE-2019-16233 | — | < 3.12.74-60.64.124.1 | 3.12.74-60.64.124.1 | Sep 11, 2019 | drivers/scsi/qla2xxx/qla_os.c in the Linux kernel 5.2.14 does not check the alloc_workqueue return value, leading to a NULL pointer dereference. | ||
| CVE-2019-16234 | — | < 3.12.74-60.64.124.1 | 3.12.74-60.64.124.1 | Sep 11, 2019 | drivers/net/wireless/intel/iwlwifi/pcie/trans.c in the Linux kernel 5.2.14 does not check the alloc_workqueue return value, leading to a NULL pointer dereference. | ||
| CVE-2019-9456 | — | < 3.12.74-60.64.124.1 | 3.12.74-60.64.124.1 | Sep 6, 2019 | In the Android kernel in Pixel C USB monitor driver there is a possible OOB write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. | ||
| CVE-2017-18595 | — | < 3.12.74-60.64.124.1 | 3.12.74-60.64.124.1 | Sep 4, 2019 | An issue was discovered in the Linux kernel before 4.14.11. A double free may be caused by the function allocate_trace_buffer in the file kernel/trace/trace.c. | ||
| CVE-2019-15926 | — | < 3.12.74-60.64.124.1 | 3.12.74-60.64.124.1 | Sep 4, 2019 | An issue was discovered in the Linux kernel before 5.2.3. Out of bounds access exists in the functions ath6kl_wmi_pstream_timeout_event_rx and ath6kl_wmi_cac_event_rx in the file drivers/net/wireless/ath/ath6kl/wmi.c. |
- CVE-2019-8564Oct 27, 2020affected < 3.12.74-60.64.110.1fixed 3.12.74-60.64.110.1
A logic issue was addressed with improved validation. This issue is fixed in macOS Mojave 10.14.4, Security Update 2019-002 High Sierra, Security Update 2019-002 Sierra. An attacker in a privileged network position can modify driver state.
- CVE-2019-9503Jan 16, 2020affected < 3.12.74-60.64.110.1fixed 3.12.74-60.64.110.1
The Broadcom brcmfmac WiFi driver prior to commit a4176ec356c73a46c07c181c6d04039fafa34a9f is vulnerable to a frame validation bypass. If the brcmfmac driver receives a firmware event frame from a remote source, the is_wlc_event_frame function will cause this frame to be discarde
- CVE-2019-10220Nov 27, 2019affected < 3.12.74-60.64.124.1fixed 3.12.74-60.64.124.1
Linux kernel CIFS implementation, version 4.9.0 is vulnerable to a relative paths injection in directory entry lists.
- CVE-2019-10207Nov 25, 2019affected < 3.12.74-60.64.124.1fixed 3.12.74-60.64.124.1
A flaw was found in the Linux kernel's Bluetooth implementation of UART, all versions kernel 3.x.x before 4.18.0 and kernel 5.x.x. An attacker with local access and write permissions to the Bluetooth hardware could use this flaw to issue a specially crafted ioctl function call an
- CVE-2019-14815Nov 25, 2019affected < 3.12.74-60.64.124.1fixed 3.12.74-60.64.124.1
A vulnerability was found in Linux Kernel, where a Heap Overflow was found in mwifiex_set_wmm_params() function of Marvell Wifi Driver.
- CVE-2018-12207Nov 14, 2019affected < 3.12.74-60.64.124.1fixed 3.12.74-60.64.124.1
Improper invalidation for page table updates by a virtual guest operating system for multiple Intel(R) Processors may allow an authenticated user to potentially enable denial of service of the host system via local access.
- CVE-2019-11135Nov 14, 2019affected < 3.12.74-60.64.124.1fixed 3.12.74-60.64.124.1
TSX Asynchronous Abort condition on some CPUs utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access.
- CVE-2019-17055Oct 1, 2019affected < 3.12.74-60.64.124.1fixed 3.12.74-60.64.124.1
base_sock_create in drivers/isdn/mISDN/socket.c in the AF_ISDN network module in the Linux kernel through 5.3.2 does not enforce CAP_NET_RAW, which means that unprivileged users can create a raw socket, aka CID-b91ee4aa2a21.
- CVE-2019-17056Oct 1, 2019affected < 3.12.74-60.64.124.1fixed 3.12.74-60.64.124.1
llcp_sock_create in net/nfc/llcp_sock.c in the AF_NFC network module in the Linux kernel through 5.3.2 does not enforce CAP_NET_RAW, which means that unprivileged users can create a raw socket, aka CID-3a359798b176.
- CVE-2019-14814Sep 20, 2019affected < 3.12.74-60.64.124.1fixed 3.12.74-60.64.124.1
There is heap-based buffer overflow in Linux kernel, all versions up to, excluding 5.3, in the marvell wifi chip driver in Linux kernel, that allows local users to cause a denial of service(system crash) or possibly execute arbitrary code.
- CVE-2019-14816Sep 20, 2019affected < 3.12.74-60.64.124.1fixed 3.12.74-60.64.124.1
There is heap-based buffer overflow in kernel, all versions up to, excluding 5.3, in the marvell wifi chip driver in Linux kernel, that allows local users to cause a denial of service(system crash) or possibly execute arbitrary code.
- CVE-2019-14821Sep 19, 2019affected < 3.12.74-60.64.124.1fixed 3.12.74-60.64.124.1
An out-of-bounds access issue was found in the Linux kernel, all versions through 5.3, in the way Linux kernel's KVM hypervisor implements the Coalesced MMIO write operation. It operates on an MMIO ring buffer 'struct kvm_coalesced_mmio' object, wherein write indices 'ring->first
- CVE-2019-16413Sep 18, 2019affected < 3.12.74-60.64.124.1fixed 3.12.74-60.64.124.1
An issue was discovered in the Linux kernel before 5.0.4. The 9p filesystem did not protect i_size_write() properly, which causes an i_size_read() infinite loop and denial of service on SMP systems.
- CVE-2019-14835Sep 17, 2019affected < 3.12.74-60.64.124.1fixed 3.12.74-60.64.124.1
A buffer overflow flaw was found, in versions from 2.6.34 to 5.2.x, in the way Linux kernel's vhost functionality that translates virtqueue buffers to IOVs, logged the buffer descriptors during migration. A privileged guest user able to pass descriptors with invalid length to the
- CVE-2019-16232Sep 11, 2019affected < 3.12.74-60.64.124.1fixed 3.12.74-60.64.124.1
drivers/net/wireless/marvell/libertas/if_sdio.c in the Linux kernel 5.2.14 does not check the alloc_workqueue return value, leading to a NULL pointer dereference.
- CVE-2019-16233Sep 11, 2019affected < 3.12.74-60.64.124.1fixed 3.12.74-60.64.124.1
drivers/scsi/qla2xxx/qla_os.c in the Linux kernel 5.2.14 does not check the alloc_workqueue return value, leading to a NULL pointer dereference.
- CVE-2019-16234Sep 11, 2019affected < 3.12.74-60.64.124.1fixed 3.12.74-60.64.124.1
drivers/net/wireless/intel/iwlwifi/pcie/trans.c in the Linux kernel 5.2.14 does not check the alloc_workqueue return value, leading to a NULL pointer dereference.
- CVE-2019-9456Sep 6, 2019affected < 3.12.74-60.64.124.1fixed 3.12.74-60.64.124.1
In the Android kernel in Pixel C USB monitor driver there is a possible OOB write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.
- CVE-2017-18595Sep 4, 2019affected < 3.12.74-60.64.124.1fixed 3.12.74-60.64.124.1
An issue was discovered in the Linux kernel before 4.14.11. A double free may be caused by the function allocate_trace_buffer in the file kernel/trace/trace.c.
- CVE-2019-15926Sep 4, 2019affected < 3.12.74-60.64.124.1fixed 3.12.74-60.64.124.1
An issue was discovered in the Linux kernel before 5.2.3. Out of bounds access exists in the functions ath6kl_wmi_pstream_timeout_event_rx and ath6kl_wmi_cac_event_rx in the file drivers/net/wireless/ath/ath6kl/wmi.c.
Page 1 of 19