VYPR

rpm package

suse/kgraft-patch-SLE12-SP2_Update_33&distro=SUSE OpenStack Cloud 7

pkg:rpm/suse/kgraft-patch-SLE12-SP2_Update_33&distro=SUSE%20OpenStack%20Cloud%207

Vulnerabilities (48)

  • CVE-2019-10220HigNov 27, 2019
    affected < 1-3.5.1fixed 1-3.5.1

    Linux kernel CIFS implementation, version 4.9.0 is vulnerable to a relative paths injection in directory entry lists.

  • CVE-2019-14815HigNov 25, 2019
    affected < 1-3.5.1fixed 1-3.5.1

    A vulnerability was found in Linux Kernel, where a Heap Overflow was found in mwifiex_set_wmm_params() function of Marvell Wifi Driver.

  • CVE-2018-12207MedNov 14, 2019
    affected < 1-3.5.1fixed 1-3.5.1

    Improper invalidation for page table updates by a virtual guest operating system for multiple Intel(R) Processors may allow an authenticated user to potentially enable denial of service of the host system via local access.

  • CVE-2019-11135MedNov 14, 2019
    affected < 1-3.5.1fixed 1-3.5.1

    TSX Asynchronous Abort condition on some CPUs utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access.

  • CVE-2019-0155HigNov 14, 2019
    affected < 1-3.5.1fixed 1-3.5.1

    Insufficient access control in a subsystem for Intel (R) processor graphics in 6th, 7th, 8th and 9th Generation Intel(R) Core(TM) Processor Families; Intel(R) Pentium(R) Processor J, N, Silver and Gold Series; Intel(R) Celeron(R) Processor J, N, G3900 and G4900 Series; Intel(R) A

  • CVE-2019-0154MedNov 14, 2019
    affected < 1-3.5.1fixed 1-3.5.1

    Insufficient access control in subsystem for Intel (R) processor graphics in 6th, 7th, 8th and 9th Generation Intel(R) Core(TM) Processor Families; Intel(R) Pentium(R) Processor J, N, Silver and Gold Series; Intel(R) Celeron(R) Processor J, N, G3900 and G4900 Series; Intel(R) Ato

  • CVE-2019-18805CriNov 7, 2019
    affected < 1-3.5.1fixed 1-3.5.1

    An issue was discovered in net/ipv4/sysctl_net_ipv4.c in the Linux kernel before 5.0.11. There is a net/ipv4/tcp_input.c signed integer overflow in tcp_ack_update_rtt() when userspace writes a very large integer to /proc/sys/net/ipv4/tcp_min_rtt_wlen, leading to a denial of servi

  • CVE-2019-18680HigNov 4, 2019
    affected < 1-3.5.1fixed 1-3.5.1

    An issue was discovered in the Linux kernel 4.4.x before 4.4.195. There is a NULL pointer dereference in rds_tcp_kill_sock() in net/rds/tcp.c that will cause denial of service, aka CID-91573ae4aed0.

  • CVE-2019-17666HigOct 17, 2019
    affected < 1-3.5.1fixed 1-3.5.1

    rtl_p2p_noa_ie in drivers/net/wireless/realtek/rtlwifi/ps.c in the Linux kernel through 5.3.6 lacks a certain upper-bound check, leading to a buffer overflow.

  • CVE-2019-17133CriOct 4, 2019
    affected < 1-3.5.1fixed 1-3.5.1

    In the Linux kernel through 5.3.2, cfg80211_mgd_wext_giwessid in net/wireless/wext-sme.c does not reject a long SSID IE, leading to a Buffer Overflow.

  • CVE-2019-17056LowOct 1, 2019
    affected < 1-3.5.1fixed 1-3.5.1

    llcp_sock_create in net/nfc/llcp_sock.c in the AF_NFC network module in the Linux kernel through 5.3.2 does not enforce CAP_NET_RAW, which means that unprivileged users can create a raw socket, aka CID-3a359798b176.

  • CVE-2019-17055LowOct 1, 2019
    affected < 1-3.5.1fixed 1-3.5.1

    base_sock_create in drivers/isdn/mISDN/socket.c in the AF_ISDN network module in the Linux kernel through 5.3.2 does not enforce CAP_NET_RAW, which means that unprivileged users can create a raw socket, aka CID-b91ee4aa2a21.

  • CVE-2019-16995HigSep 30, 2019
    affected < 1-3.5.1fixed 1-3.5.1

    In the Linux kernel before 5.0.3, a memory leak exits in hsr_dev_finalize() in net/hsr/hsr_device.c if hsr_add_port fails to add a port, which may cause denial of service, aka CID-6caabe7f197d.

  • CVE-2019-14816HigSep 20, 2019
    affected < 1-3.5.1fixed 1-3.5.1

    There is heap-based buffer overflow in kernel, all versions up to, excluding 5.3, in the marvell wifi chip driver in Linux kernel, that allows local users to cause a denial of service(system crash) or possibly execute arbitrary code.

  • CVE-2019-14814HigSep 20, 2019
    affected < 1-3.5.1fixed 1-3.5.1

    There is heap-based buffer overflow in Linux kernel, all versions up to, excluding 5.3, in the marvell wifi chip driver in Linux kernel, that allows local users to cause a denial of service(system crash) or possibly execute arbitrary code.

  • CVE-2019-14821HigSep 19, 2019
    affected < 1-3.5.1fixed 1-3.5.1

    An out-of-bounds access issue was found in the Linux kernel, all versions through 5.3, in the way Linux kernel's KVM hypervisor implements the Coalesced MMIO write operation. It operates on an MMIO ring buffer 'struct kvm_coalesced_mmio' object, wherein write indices 'ring->first

  • CVE-2019-16413HigSep 19, 2019
    affected < 1-3.5.1fixed 1-3.5.1

    An issue was discovered in the Linux kernel before 5.0.4. The 9p filesystem did not protect i_size_write() properly, which causes an i_size_read() infinite loop and denial of service on SMP systems.

  • CVE-2019-14835HigSep 17, 2019
    affected < 1-3.5.1fixed 1-3.5.1

    A buffer overflow flaw was found, in versions from 2.6.34 to 5.2.x, in the way Linux kernel's vhost functionality that translates virtqueue buffers to IOVs, logged the buffer descriptors during migration. A privileged guest user able to pass descriptors with invalid length to the

  • CVE-2019-16234MedSep 11, 2019
    affected < 1-3.5.1fixed 1-3.5.1

    drivers/net/wireless/intel/iwlwifi/pcie/trans.c in the Linux kernel 5.2.14 does not check the alloc_workqueue return value, leading to a NULL pointer dereference.

  • CVE-2019-16233MedSep 11, 2019
    affected < 1-3.5.1fixed 1-3.5.1

    drivers/scsi/qla2xxx/qla_os.c in the Linux kernel 5.2.14 does not check the alloc_workqueue return value, leading to a NULL pointer dereference.

Page 1 of 3