rpm package
suse/kgraft-patch-SLE12-SP4_Update_11&distro=SUSE Linux Enterprise Live Patching 12 SP4
pkg:rpm/suse/kgraft-patch-SLE12-SP4_Update_11&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2012%20SP4
Vulnerabilities (50)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2019-19049 | — | < 1-6.5.1 | 1-6.5.1 | Nov 18, 2019 | A memory leak in the unittest_data_add() function in drivers/of/unittest.c in the Linux kernel before 5.3.10 allows attackers to cause a denial of service (memory consumption) by triggering of_fdt_unflatten_tree() failures, aka CID-e13de8fe0d6a. NOTE: third parties dispute the re | ||
| CVE-2019-18809 | — | < 1-6.5.1 | 1-6.5.1 | Nov 7, 2019 | A memory leak in the af9005_identify_state() function in drivers/media/usb/dvb-usb/af9005.c in the Linux kernel through 5.3.9 allows attackers to cause a denial of service (memory consumption), aka CID-2289adbfa559. | ||
| CVE-2019-18805 | — | < 1-6.5.1 | 1-6.5.1 | Nov 7, 2019 | An issue was discovered in net/ipv4/sysctl_net_ipv4.c in the Linux kernel before 5.0.11. There is a net/ipv4/tcp_input.c signed integer overflow in tcp_ack_update_rtt() when userspace writes a very large integer to /proc/sys/net/ipv4/tcp_min_rtt_wlen, leading to a denial of servi | ||
| CVE-2019-18683 | — | < 1-6.5.1 | 1-6.5.1 | Nov 4, 2019 | An issue was discovered in drivers/media/platform/vivid in the Linux kernel through 5.3.8. It is exploitable for privilege escalation on some Linux distributions where local users have /dev/video0 access, but only if the driver happens to be loaded. There are multiple race condit | ||
| CVE-2019-17055 | — | < 1-6.5.1 | 1-6.5.1 | Oct 1, 2019 | base_sock_create in drivers/isdn/mISDN/socket.c in the AF_ISDN network module in the Linux kernel through 5.3.2 does not enforce CAP_NET_RAW, which means that unprivileged users can create a raw socket, aka CID-b91ee4aa2a21. | ||
| CVE-2019-16746 | — | < 6-2.2 | 6-2.2 | Sep 24, 2019 | An issue was discovered in net/wireless/nl80211.c in the Linux kernel through 5.2.17. It does not check the length of variable elements in a beacon head, leading to a buffer overflow. | ||
| CVE-2019-16231 | — | < 1-6.5.1 | 1-6.5.1 | Sep 11, 2019 | drivers/net/fjes/fjes_main.c in the Linux kernel 5.2.14 does not check the alloc_workqueue return value, leading to a NULL pointer dereference. | ||
| CVE-2019-9458 | — | < 6-2.2 | 6-2.2 | Sep 6, 2019 | In the Android kernel in the video driver there is a use after free due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. | ||
| CVE-2019-15916 | — | < 1-6.5.1 | 1-6.5.1 | Sep 4, 2019 | An issue was discovered in the Linux kernel before 5.0.1. There is a memory leak in register_queue_kobjects() in net/core/net-sysfs.c, which will cause denial of service. | ||
| CVE-2018-1000199 | — | < 5-2.1 | 5-2.1 | May 24, 2018 | The Linux Kernel version 3.18 contains a dangerous feature vulnerability in modify_user_hw_breakpoint() that can result in crash and possibly memory corruption. This attack appear to be exploitable via local code execution and the ability to use ptrace. This vulnerability appears |
- CVE-2019-19049Nov 18, 2019affected < 1-6.5.1fixed 1-6.5.1
A memory leak in the unittest_data_add() function in drivers/of/unittest.c in the Linux kernel before 5.3.10 allows attackers to cause a denial of service (memory consumption) by triggering of_fdt_unflatten_tree() failures, aka CID-e13de8fe0d6a. NOTE: third parties dispute the re
- CVE-2019-18809Nov 7, 2019affected < 1-6.5.1fixed 1-6.5.1
A memory leak in the af9005_identify_state() function in drivers/media/usb/dvb-usb/af9005.c in the Linux kernel through 5.3.9 allows attackers to cause a denial of service (memory consumption), aka CID-2289adbfa559.
- CVE-2019-18805Nov 7, 2019affected < 1-6.5.1fixed 1-6.5.1
An issue was discovered in net/ipv4/sysctl_net_ipv4.c in the Linux kernel before 5.0.11. There is a net/ipv4/tcp_input.c signed integer overflow in tcp_ack_update_rtt() when userspace writes a very large integer to /proc/sys/net/ipv4/tcp_min_rtt_wlen, leading to a denial of servi
- CVE-2019-18683Nov 4, 2019affected < 1-6.5.1fixed 1-6.5.1
An issue was discovered in drivers/media/platform/vivid in the Linux kernel through 5.3.8. It is exploitable for privilege escalation on some Linux distributions where local users have /dev/video0 access, but only if the driver happens to be loaded. There are multiple race condit
- CVE-2019-17055Oct 1, 2019affected < 1-6.5.1fixed 1-6.5.1
base_sock_create in drivers/isdn/mISDN/socket.c in the AF_ISDN network module in the Linux kernel through 5.3.2 does not enforce CAP_NET_RAW, which means that unprivileged users can create a raw socket, aka CID-b91ee4aa2a21.
- CVE-2019-16746Sep 24, 2019affected < 6-2.2fixed 6-2.2
An issue was discovered in net/wireless/nl80211.c in the Linux kernel through 5.2.17. It does not check the length of variable elements in a beacon head, leading to a buffer overflow.
- CVE-2019-16231Sep 11, 2019affected < 1-6.5.1fixed 1-6.5.1
drivers/net/fjes/fjes_main.c in the Linux kernel 5.2.14 does not check the alloc_workqueue return value, leading to a NULL pointer dereference.
- CVE-2019-9458Sep 6, 2019affected < 6-2.2fixed 6-2.2
In the Android kernel in the video driver there is a use after free due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
- CVE-2019-15916Sep 4, 2019affected < 1-6.5.1fixed 1-6.5.1
An issue was discovered in the Linux kernel before 5.0.1. There is a memory leak in register_queue_kobjects() in net/core/net-sysfs.c, which will cause denial of service.
- CVE-2018-1000199May 24, 2018affected < 5-2.1fixed 5-2.1
The Linux Kernel version 3.18 contains a dangerous feature vulnerability in modify_user_hw_breakpoint() that can result in crash and possibly memory corruption. This attack appear to be exploitable via local code execution and the ability to use ptrace. This vulnerability appears
Page 3 of 3