rpm package
suse/kgraft-patch-SLE12-SP3_Update_29&distro=SUSE OpenStack Cloud Crowbar 8
pkg:rpm/suse/kgraft-patch-SLE12-SP3_Update_29&distro=SUSE%20OpenStack%20Cloud%20Crowbar%208
Vulnerabilities (48)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2017-18595 | — | < 1-4.3.1 | 1-4.3.1 | Sep 4, 2019 | An issue was discovered in the Linux kernel before 4.14.11. A double free may be caused by the function allocate_trace_buffer in the file kernel/trace/trace.c. | ||
| CVE-2019-15926 | — | < 1-4.3.1 | 1-4.3.1 | Sep 4, 2019 | An issue was discovered in the Linux kernel before 5.2.3. Out of bounds access exists in the functions ath6kl_wmi_pstream_timeout_event_rx and ath6kl_wmi_cac_event_rx in the file drivers/net/wireless/ath/ath6kl/wmi.c. | ||
| CVE-2019-15927 | — | < 1-4.3.1 | 1-4.3.1 | Sep 4, 2019 | An issue was discovered in the Linux kernel before 4.20.2. An out-of-bounds access exists in the function build_audio_procunit in the file sound/usb/mixer.c. | ||
| CVE-2019-15924 | — | < 1-4.3.1 | 1-4.3.1 | Sep 4, 2019 | An issue was discovered in the Linux kernel before 5.0.11. fm10k_init_module in drivers/net/ethernet/intel/fm10k/fm10k_main.c has a NULL pointer dereference because there is no -ENOMEM upon an alloc_workqueue failure. | ||
| CVE-2019-15902 | — | < 1-4.3.1 | 1-4.3.1 | Sep 4, 2019 | A backporting error was discovered in the Linux stable/longterm kernel 4.4.x through 4.4.190, 4.9.x through 4.9.190, 4.14.x through 4.14.141, 4.19.x through 4.19.69, and 5.2.x through 5.2.11. Misuse of the upstream "x86/ptrace: Fix possible spectre-v1 in ptrace_get_debugreg()" co | ||
| CVE-2019-15807 | — | < 1-4.3.1 | 1-4.3.1 | Aug 29, 2019 | In the Linux kernel before 5.1.13, there is a memory leak in drivers/scsi/libsas/sas_expander.c when SAS expander discovery fails. This will cause a BUG and denial of service. | ||
| CVE-2019-15666 | — | < 1-4.3.1 | 1-4.3.1 | Aug 27, 2019 | An issue was discovered in the Linux kernel before 5.0.19. There is an out-of-bounds array access in __xfrm_policy_unlink, which will cause denial of service, because verify_newpolicy_info in net/xfrm/xfrm_user.c mishandles directory validation. | ||
| CVE-2019-15505 | — | < 1-4.3.1 | 1-4.3.1 | Aug 23, 2019 | drivers/media/usb/dvb-usb/technisat-usb2.c in the Linux kernel through 5.2.9 has an out-of-bounds read via crafted USB device traffic (which may be remote via usbip or usbredir). | ||
| CVE-2019-15291 | — | < 1-4.3.1 | 1-4.3.1 | Aug 20, 2019 | An issue was discovered in the Linux kernel through 5.2.9. There is a NULL pointer dereference caused by a malicious USB device in the flexcop_usb_probe function in the drivers/media/usb/b2c2/flexcop-usb.c driver. | ||
| CVE-2019-15239 | — | < 1-4.3.1 | 1-4.3.1 | Aug 20, 2019 | In the Linux kernel, a certain net/ipv4/tcp_output.c change, which was properly incorporated into 4.16.12, was incorrectly backported to the earlier longterm kernels, introducing a new vulnerability that was potentially more severe than the issue that was intended to be fixed by | ||
| CVE-2019-15211 | — | < 1-4.3.1 | 1-4.3.1 | Aug 19, 2019 | An issue was discovered in the Linux kernel before 5.2.6. There is a use-after-free caused by a malicious USB device in the drivers/media/v4l2-core/v4l2-dev.c driver because drivers/media/radio/radio-raremono.c does not properly allocate memory. | ||
| CVE-2019-15212 | — | < 1-4.3.1 | 1-4.3.1 | Aug 19, 2019 | An issue was discovered in the Linux kernel before 5.1.8. There is a double-free caused by a malicious USB device in the drivers/usb/misc/rio500.c driver. | ||
| CVE-2019-15214 | — | < 1-4.3.1 | 1-4.3.1 | Aug 19, 2019 | An issue was discovered in the Linux kernel before 5.0.10. There is a use-after-free in the sound subsystem because card disconnection causes certain data structures to be deleted too early. This is related to sound/core/init.c and sound/core/info.c. | ||
| CVE-2019-15215 | — | < 1-4.3.1 | 1-4.3.1 | Aug 19, 2019 | An issue was discovered in the Linux kernel before 5.2.6. There is a use-after-free caused by a malicious USB device in the drivers/media/usb/cpia2/cpia2_usb.c driver. | ||
| CVE-2019-15216 | — | < 1-4.3.1 | 1-4.3.1 | Aug 19, 2019 | An issue was discovered in the Linux kernel before 5.0.14. There is a NULL pointer dereference caused by a malicious USB device in the drivers/usb/misc/yurex.c driver. | ||
| CVE-2019-15217 | — | < 1-4.3.1 | 1-4.3.1 | Aug 19, 2019 | An issue was discovered in the Linux kernel before 5.2.3. There is a NULL pointer dereference caused by a malicious USB device in the drivers/media/usb/zr364xx/zr364xx.c driver. | ||
| CVE-2019-15218 | — | < 1-4.3.1 | 1-4.3.1 | Aug 19, 2019 | An issue was discovered in the Linux kernel before 5.1.8. There is a NULL pointer dereference caused by a malicious USB device in the drivers/media/usb/siano/smsusb.c driver. | ||
| CVE-2019-15219 | — | < 1-4.3.1 | 1-4.3.1 | Aug 19, 2019 | An issue was discovered in the Linux kernel before 5.1.8. There is a NULL pointer dereference caused by a malicious USB device in the drivers/usb/misc/sisusbvga/sisusb.c driver. | ||
| CVE-2019-15220 | — | < 1-4.3.1 | 1-4.3.1 | Aug 19, 2019 | An issue was discovered in the Linux kernel before 5.2.1. There is a use-after-free caused by a malicious USB device in the drivers/net/wireless/intersil/p54/p54usb.c driver. | ||
| CVE-2019-15221 | — | < 1-4.3.1 | 1-4.3.1 | Aug 19, 2019 | An issue was discovered in the Linux kernel before 5.1.17. There is a NULL pointer dereference caused by a malicious USB device in the sound/usb/line6/pcm.c driver. |
- CVE-2017-18595Sep 4, 2019affected < 1-4.3.1fixed 1-4.3.1
An issue was discovered in the Linux kernel before 4.14.11. A double free may be caused by the function allocate_trace_buffer in the file kernel/trace/trace.c.
- CVE-2019-15926Sep 4, 2019affected < 1-4.3.1fixed 1-4.3.1
An issue was discovered in the Linux kernel before 5.2.3. Out of bounds access exists in the functions ath6kl_wmi_pstream_timeout_event_rx and ath6kl_wmi_cac_event_rx in the file drivers/net/wireless/ath/ath6kl/wmi.c.
- CVE-2019-15927Sep 4, 2019affected < 1-4.3.1fixed 1-4.3.1
An issue was discovered in the Linux kernel before 4.20.2. An out-of-bounds access exists in the function build_audio_procunit in the file sound/usb/mixer.c.
- CVE-2019-15924Sep 4, 2019affected < 1-4.3.1fixed 1-4.3.1
An issue was discovered in the Linux kernel before 5.0.11. fm10k_init_module in drivers/net/ethernet/intel/fm10k/fm10k_main.c has a NULL pointer dereference because there is no -ENOMEM upon an alloc_workqueue failure.
- CVE-2019-15902Sep 4, 2019affected < 1-4.3.1fixed 1-4.3.1
A backporting error was discovered in the Linux stable/longterm kernel 4.4.x through 4.4.190, 4.9.x through 4.9.190, 4.14.x through 4.14.141, 4.19.x through 4.19.69, and 5.2.x through 5.2.11. Misuse of the upstream "x86/ptrace: Fix possible spectre-v1 in ptrace_get_debugreg()" co
- CVE-2019-15807Aug 29, 2019affected < 1-4.3.1fixed 1-4.3.1
In the Linux kernel before 5.1.13, there is a memory leak in drivers/scsi/libsas/sas_expander.c when SAS expander discovery fails. This will cause a BUG and denial of service.
- CVE-2019-15666Aug 27, 2019affected < 1-4.3.1fixed 1-4.3.1
An issue was discovered in the Linux kernel before 5.0.19. There is an out-of-bounds array access in __xfrm_policy_unlink, which will cause denial of service, because verify_newpolicy_info in net/xfrm/xfrm_user.c mishandles directory validation.
- CVE-2019-15505Aug 23, 2019affected < 1-4.3.1fixed 1-4.3.1
drivers/media/usb/dvb-usb/technisat-usb2.c in the Linux kernel through 5.2.9 has an out-of-bounds read via crafted USB device traffic (which may be remote via usbip or usbredir).
- CVE-2019-15291Aug 20, 2019affected < 1-4.3.1fixed 1-4.3.1
An issue was discovered in the Linux kernel through 5.2.9. There is a NULL pointer dereference caused by a malicious USB device in the flexcop_usb_probe function in the drivers/media/usb/b2c2/flexcop-usb.c driver.
- CVE-2019-15239Aug 20, 2019affected < 1-4.3.1fixed 1-4.3.1
In the Linux kernel, a certain net/ipv4/tcp_output.c change, which was properly incorporated into 4.16.12, was incorrectly backported to the earlier longterm kernels, introducing a new vulnerability that was potentially more severe than the issue that was intended to be fixed by
- CVE-2019-15211Aug 19, 2019affected < 1-4.3.1fixed 1-4.3.1
An issue was discovered in the Linux kernel before 5.2.6. There is a use-after-free caused by a malicious USB device in the drivers/media/v4l2-core/v4l2-dev.c driver because drivers/media/radio/radio-raremono.c does not properly allocate memory.
- CVE-2019-15212Aug 19, 2019affected < 1-4.3.1fixed 1-4.3.1
An issue was discovered in the Linux kernel before 5.1.8. There is a double-free caused by a malicious USB device in the drivers/usb/misc/rio500.c driver.
- CVE-2019-15214Aug 19, 2019affected < 1-4.3.1fixed 1-4.3.1
An issue was discovered in the Linux kernel before 5.0.10. There is a use-after-free in the sound subsystem because card disconnection causes certain data structures to be deleted too early. This is related to sound/core/init.c and sound/core/info.c.
- CVE-2019-15215Aug 19, 2019affected < 1-4.3.1fixed 1-4.3.1
An issue was discovered in the Linux kernel before 5.2.6. There is a use-after-free caused by a malicious USB device in the drivers/media/usb/cpia2/cpia2_usb.c driver.
- CVE-2019-15216Aug 19, 2019affected < 1-4.3.1fixed 1-4.3.1
An issue was discovered in the Linux kernel before 5.0.14. There is a NULL pointer dereference caused by a malicious USB device in the drivers/usb/misc/yurex.c driver.
- CVE-2019-15217Aug 19, 2019affected < 1-4.3.1fixed 1-4.3.1
An issue was discovered in the Linux kernel before 5.2.3. There is a NULL pointer dereference caused by a malicious USB device in the drivers/media/usb/zr364xx/zr364xx.c driver.
- CVE-2019-15218Aug 19, 2019affected < 1-4.3.1fixed 1-4.3.1
An issue was discovered in the Linux kernel before 5.1.8. There is a NULL pointer dereference caused by a malicious USB device in the drivers/media/usb/siano/smsusb.c driver.
- CVE-2019-15219Aug 19, 2019affected < 1-4.3.1fixed 1-4.3.1
An issue was discovered in the Linux kernel before 5.1.8. There is a NULL pointer dereference caused by a malicious USB device in the drivers/usb/misc/sisusbvga/sisusb.c driver.
- CVE-2019-15220Aug 19, 2019affected < 1-4.3.1fixed 1-4.3.1
An issue was discovered in the Linux kernel before 5.2.1. There is a use-after-free caused by a malicious USB device in the drivers/net/wireless/intersil/p54/p54usb.c driver.
- CVE-2019-15221Aug 19, 2019affected < 1-4.3.1fixed 1-4.3.1
An issue was discovered in the Linux kernel before 5.1.17. There is a NULL pointer dereference caused by a malicious USB device in the sound/usb/line6/pcm.c driver.
Page 2 of 3