VYPR

rpm package

suse/kgraft-patch-SLE12-SP4_Update_9&distro=SUSE Linux Enterprise Live Patching 12 SP4

pkg:rpm/suse/kgraft-patch-SLE12-SP4_Update_9&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2012%20SP4

Vulnerabilities (30)

  • CVE-2019-17056Oct 1, 2019
    affected < 1-6.5.1fixed 1-6.5.1

    llcp_sock_create in net/nfc/llcp_sock.c in the AF_NFC network module in the Linux kernel through 5.3.2 does not enforce CAP_NET_RAW, which means that unprivileged users can create a raw socket, aka CID-3a359798b176.

  • CVE-2019-16746Sep 24, 2019
    affected < 7-2.2fixed 7-2.2

    An issue was discovered in net/wireless/nl80211.c in the Linux kernel through 5.2.17. It does not check the length of variable elements in a beacon head, leading to a buffer overflow.

  • CVE-2019-14821Sep 19, 2019
    affected < 1-6.5.1fixed 1-6.5.1

    An out-of-bounds access issue was found in the Linux kernel, all versions through 5.3, in the way Linux kernel's KVM hypervisor implements the Coalesced MMIO write operation. It operates on an MMIO ring buffer 'struct kvm_coalesced_mmio' object, wherein write indices 'ring->first

  • CVE-2019-16232Sep 11, 2019
    affected < 1-6.5.1fixed 1-6.5.1

    drivers/net/wireless/marvell/libertas/if_sdio.c in the Linux kernel 5.2.14 does not check the alloc_workqueue return value, leading to a NULL pointer dereference.

  • CVE-2019-16234Sep 11, 2019
    affected < 1-6.5.1fixed 1-6.5.1

    drivers/net/wireless/intel/iwlwifi/pcie/trans.c in the Linux kernel 5.2.14 does not check the alloc_workqueue return value, leading to a NULL pointer dereference.

  • CVE-2019-9458Sep 6, 2019
    affected < 7-2.2fixed 7-2.2

    In the Android kernel in the video driver there is a use after free due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

  • CVE-2017-18595Sep 4, 2019
    affected < 1-6.5.1fixed 1-6.5.1

    An issue was discovered in the Linux kernel before 4.14.11. A double free may be caused by the function allocate_trace_buffer in the file kernel/trace/trace.c.

  • CVE-2019-15291Aug 20, 2019
    affected < 1-6.5.1fixed 1-6.5.1

    An issue was discovered in the Linux kernel through 5.2.9. There is a NULL pointer dereference caused by a malicious USB device in the flexcop_usb_probe function in the drivers/media/usb/b2c2/flexcop-usb.c driver.

  • CVE-2019-9506Aug 14, 2019
    affected < 1-6.5.1fixed 1-6.5.1

    The Bluetooth BR/EDR specification up to and including version 5.1 permits sufficiently low encryption key length and does not prevent an attacker from influencing the key length negotiation. This allows practical brute-force attacks (aka "KNOB") that can decrypt traffic and inje

  • CVE-2018-1000199MedMay 24, 2018
    affected < 6-2.1fixed 6-2.1

    The Linux Kernel version 3.18 contains a dangerous feature vulnerability in modify_user_hw_breakpoint() that can result in crash and possibly memory corruption. This attack appear to be exploitable via local code execution and the ability to use ptrace. This vulnerability appears

Page 2 of 2