VYPR

rpm package

suse/kgraft-patch-SLE12-SP1_Update_37&distro=SUSE Linux Enterprise Server for SAP Applications 12 SP1

pkg:rpm/suse/kgraft-patch-SLE12-SP1_Update_37&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP1

Vulnerabilities (47)

  • CVE-2020-1749HigSep 9, 2020
    affected < 4-2.1fixed 4-2.1

    A flaw was found in the Linux kernel's implementation of some networking protocols in IPsec, such as VXLAN and GENEVE tunnels over IPv6. When an encrypted tunnel is created between two hosts, the kernel isn't correctly routing tunneled data over the encrypted link; rather sending

  • CVE-2020-12653HigMay 5, 2020
    affected < 5-2.1fixed 5-2.1

    An issue was found in Linux kernel before 5.5.4. The mwifiex_cmd_append_vsie_tlv() function in drivers/net/wireless/marvell/mwifiex/scan.c allows local users to gain privileges or cause a denial of service because of an incorrect memcpy and buffer overflow, aka CID-b70261a288ea.

  • CVE-2020-12654HigMay 5, 2020
    affected < 5-2.1fixed 5-2.1

    An issue was found in Linux kernel before 5.5.4. mwifiex_ret_wmm_get_status() in drivers/net/wireless/marvell/mwifiex/wmm.c allows a remote AP to trigger a heap-based buffer overflow because of an incorrect memcpy, aka CID-3a9b153c5591.

  • CVE-2019-5108MedDec 23, 2019
    affected < 4-2.1fixed 4-2.1

    An exploitable denial-of-service vulnerability exists in the Linux kernel prior to mainline 5.3. An attacker could exploit this vulnerability by triggering AP to send IAPP location updates for stations before the required authentication process has completed. This could lead to d

  • CVE-2019-14897CriNov 29, 2019
    affected < 3-2.1fixed 3-2.1

    A stack-based buffer overflow was found in the Linux kernel, version kernel-2.6.32, in Marvell WiFi chip driver. An attacker is able to cause a denial of service (system crash) or, possibly execute arbitrary code, when a STA works in IBSS mode (allows connecting stations together

  • CVE-2019-10220HigNov 27, 2019
    affected < 1-2.3.1fixed 1-2.3.1

    Linux kernel CIFS implementation, version 4.9.0 is vulnerable to a relative paths injection in directory entry lists.

  • CVE-2019-14896CriNov 27, 2019
    affected < 3-2.1fixed 3-2.1

    A heap-based buffer overflow vulnerability was found in the Linux kernel, version kernel-2.6.32, in Marvell WiFi chip driver. A remote attacker could cause a denial of service (system crash) or, possibly execute arbitrary code, when the lbs_ibss_join_existing function is called a

  • CVE-2019-10207MedNov 25, 2019
    affected < 1-2.3.1fixed 1-2.3.1

    A flaw was found in the Linux kernel's Bluetooth implementation of UART, all versions kernel 3.x.x before 4.18.0 and kernel 5.x.x. An attacker with local access and write permissions to the Bluetooth hardware could use this flaw to issue a specially crafted ioctl function call an

  • CVE-2019-14815HigNov 25, 2019
    affected < 1-2.3.1fixed 1-2.3.1

    A vulnerability was found in Linux Kernel, where a Heap Overflow was found in mwifiex_set_wmm_params() function of Marvell Wifi Driver.

  • CVE-2018-12207MedNov 14, 2019
    affected < 1-2.3.1fixed 1-2.3.1

    Improper invalidation for page table updates by a virtual guest operating system for multiple Intel(R) Processors may allow an authenticated user to potentially enable denial of service of the host system via local access.

  • CVE-2019-11135MedNov 14, 2019
    affected < 1-2.3.1fixed 1-2.3.1

    TSX Asynchronous Abort condition on some CPUs utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access.

  • CVE-2019-17133CriOct 4, 2019
    affected < 2-2.3fixed 2-2.3

    In the Linux kernel through 5.3.2, cfg80211_mgd_wext_giwessid in net/wireless/wext-sme.c does not reject a long SSID IE, leading to a Buffer Overflow.

  • CVE-2019-17056LowOct 1, 2019
    affected < 1-2.3.1fixed 1-2.3.1

    llcp_sock_create in net/nfc/llcp_sock.c in the AF_NFC network module in the Linux kernel through 5.3.2 does not enforce CAP_NET_RAW, which means that unprivileged users can create a raw socket, aka CID-3a359798b176.

  • CVE-2019-17055LowOct 1, 2019
    affected < 1-2.3.1fixed 1-2.3.1

    base_sock_create in drivers/isdn/mISDN/socket.c in the AF_ISDN network module in the Linux kernel through 5.3.2 does not enforce CAP_NET_RAW, which means that unprivileged users can create a raw socket, aka CID-b91ee4aa2a21.

  • CVE-2019-14816HigSep 20, 2019
    affected < 1-2.3.1fixed 1-2.3.1

    There is heap-based buffer overflow in kernel, all versions up to, excluding 5.3, in the marvell wifi chip driver in Linux kernel, that allows local users to cause a denial of service(system crash) or possibly execute arbitrary code.

  • CVE-2019-14814HigSep 20, 2019
    affected < 1-2.3.1fixed 1-2.3.1

    There is heap-based buffer overflow in Linux kernel, all versions up to, excluding 5.3, in the marvell wifi chip driver in Linux kernel, that allows local users to cause a denial of service(system crash) or possibly execute arbitrary code.

  • CVE-2019-14821HigSep 19, 2019
    affected < 1-2.3.1fixed 1-2.3.1

    An out-of-bounds access issue was found in the Linux kernel, all versions through 5.3, in the way Linux kernel's KVM hypervisor implements the Coalesced MMIO write operation. It operates on an MMIO ring buffer 'struct kvm_coalesced_mmio' object, wherein write indices 'ring->first

  • CVE-2019-16413HigSep 19, 2019
    affected < 1-2.3.1fixed 1-2.3.1

    An issue was discovered in the Linux kernel before 5.0.4. The 9p filesystem did not protect i_size_write() properly, which causes an i_size_read() infinite loop and denial of service on SMP systems.

  • CVE-2019-14835HigSep 17, 2019
    affected < 1-2.3.1fixed 1-2.3.1

    A buffer overflow flaw was found, in versions from 2.6.34 to 5.2.x, in the way Linux kernel's vhost functionality that translates virtqueue buffers to IOVs, logged the buffer descriptors during migration. A privileged guest user able to pass descriptors with invalid length to the

  • CVE-2019-16234MedSep 11, 2019
    affected < 1-2.3.1fixed 1-2.3.1

    drivers/net/wireless/intel/iwlwifi/pcie/trans.c in the Linux kernel 5.2.14 does not check the alloc_workqueue return value, leading to a NULL pointer dereference.

Page 1 of 3

VYPR — Vulnerability Intelligence