rpm package
suse/kgraft-patch-SLE12-SP5_Update_0&distro=SUSE Linux Enterprise Live Patching 12 SP5
pkg:rpm/suse/kgraft-patch-SLE12-SP5_Update_0&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2012%20SP5
Vulnerabilities (31)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2019-14897 | — | < 2-3.1 | 2-3.1 | Nov 29, 2019 | A stack-based buffer overflow was found in the Linux kernel, version kernel-2.6.32, in Marvell WiFi chip driver. An attacker is able to cause a denial of service (system crash) or, possibly execute arbitrary code, when a STA works in IBSS mode (allows connecting stations together | ||
| CVE-2019-14895 | — | < 6-15.2 | 6-15.2 | Nov 29, 2019 | A heap-based buffer overflow was discovered in the Linux kernel, all versions 3.x.x and 4.x.x before 4.18.0, in Marvell WiFi chip driver. The flaw could occur when the station attempts a connection negotiation during the handling of the remote devices country settings. This could | ||
| CVE-2019-10220 | — | < 2-3.1 | 2-3.1 | Nov 27, 2019 | Linux kernel CIFS implementation, version 4.9.0 is vulnerable to a relative paths injection in directory entry lists. | ||
| CVE-2019-14896 | — | < 2-3.1 | 2-3.1 | Nov 27, 2019 | A heap-based buffer overflow vulnerability was found in the Linux kernel, version kernel-2.6.32, in Marvell WiFi chip driver. A remote attacker could cause a denial of service (system crash) or, possibly execute arbitrary code, when the lbs_ibss_join_existing function is called a | ||
| CVE-2019-0155 | — | < 6-15.2 | 6-15.2 | Nov 14, 2019 | Insufficient access control in a subsystem for Intel (R) processor graphics in 6th, 7th, 8th and 9th Generation Intel(R) Core(TM) Processor Families; Intel(R) Pentium(R) Processor J, N, Silver and Gold Series; Intel(R) Celeron(R) Processor J, N, G3900 and G4900 Series; Intel(R) A | ||
| CVE-2019-17133 | — | < 2-3.1 | 2-3.1 | Oct 4, 2019 | In the Linux kernel through 5.3.2, cfg80211_mgd_wext_giwessid in net/wireless/wext-sme.c does not reject a long SSID IE, leading to a Buffer Overflow. | ||
| CVE-2019-16746 | — | < 6-15.2 | 6-15.2 | Sep 24, 2019 | An issue was discovered in net/wireless/nl80211.c in the Linux kernel through 5.2.17. It does not check the length of variable elements in a beacon head, leading to a buffer overflow. | ||
| CVE-2019-14835 | — | < 2-3.1 | 2-3.1 | Sep 17, 2019 | A buffer overflow flaw was found, in versions from 2.6.34 to 5.2.x, in the way Linux kernel's vhost functionality that translates virtqueue buffers to IOVs, logged the buffer descriptors during migration. A privileged guest user able to pass descriptors with invalid length to the | ||
| CVE-2019-9458 | — | < 6-15.2 | 6-15.2 | Sep 6, 2019 | In the Android kernel in the video driver there is a use after free due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. | ||
| CVE-2018-1000199 | — | < 5-12.2 | 5-12.2 | May 24, 2018 | The Linux Kernel version 3.18 contains a dangerous feature vulnerability in modify_user_hw_breakpoint() that can result in crash and possibly memory corruption. This attack appear to be exploitable via local code execution and the ability to use ptrace. This vulnerability appears | ||
| CVE-2017-1000405 | Hig | 7.0 | < 8-21.2 | 8-21.2 | Nov 30, 2017 | The Linux Kernel versions 2.6.38 through 4.14 have a problematic use of pmd_mkdirty() in the touch_pmd() function inside the THP implementation. touch_pmd() can be reached by get_user_pages(). In such case, the pmd will become dirty. This scenario breaks the new can_follow_write_ |
- CVE-2019-14897Nov 29, 2019affected < 2-3.1fixed 2-3.1
A stack-based buffer overflow was found in the Linux kernel, version kernel-2.6.32, in Marvell WiFi chip driver. An attacker is able to cause a denial of service (system crash) or, possibly execute arbitrary code, when a STA works in IBSS mode (allows connecting stations together
- CVE-2019-14895Nov 29, 2019affected < 6-15.2fixed 6-15.2
A heap-based buffer overflow was discovered in the Linux kernel, all versions 3.x.x and 4.x.x before 4.18.0, in Marvell WiFi chip driver. The flaw could occur when the station attempts a connection negotiation during the handling of the remote devices country settings. This could
- CVE-2019-10220Nov 27, 2019affected < 2-3.1fixed 2-3.1
Linux kernel CIFS implementation, version 4.9.0 is vulnerable to a relative paths injection in directory entry lists.
- CVE-2019-14896Nov 27, 2019affected < 2-3.1fixed 2-3.1
A heap-based buffer overflow vulnerability was found in the Linux kernel, version kernel-2.6.32, in Marvell WiFi chip driver. A remote attacker could cause a denial of service (system crash) or, possibly execute arbitrary code, when the lbs_ibss_join_existing function is called a
- CVE-2019-0155Nov 14, 2019affected < 6-15.2fixed 6-15.2
Insufficient access control in a subsystem for Intel (R) processor graphics in 6th, 7th, 8th and 9th Generation Intel(R) Core(TM) Processor Families; Intel(R) Pentium(R) Processor J, N, Silver and Gold Series; Intel(R) Celeron(R) Processor J, N, G3900 and G4900 Series; Intel(R) A
- CVE-2019-17133Oct 4, 2019affected < 2-3.1fixed 2-3.1
In the Linux kernel through 5.3.2, cfg80211_mgd_wext_giwessid in net/wireless/wext-sme.c does not reject a long SSID IE, leading to a Buffer Overflow.
- CVE-2019-16746Sep 24, 2019affected < 6-15.2fixed 6-15.2
An issue was discovered in net/wireless/nl80211.c in the Linux kernel through 5.2.17. It does not check the length of variable elements in a beacon head, leading to a buffer overflow.
- CVE-2019-14835Sep 17, 2019affected < 2-3.1fixed 2-3.1
A buffer overflow flaw was found, in versions from 2.6.34 to 5.2.x, in the way Linux kernel's vhost functionality that translates virtqueue buffers to IOVs, logged the buffer descriptors during migration. A privileged guest user able to pass descriptors with invalid length to the
- CVE-2019-9458Sep 6, 2019affected < 6-15.2fixed 6-15.2
In the Android kernel in the video driver there is a use after free due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
- CVE-2018-1000199May 24, 2018affected < 5-12.2fixed 5-12.2
The Linux Kernel version 3.18 contains a dangerous feature vulnerability in modify_user_hw_breakpoint() that can result in crash and possibly memory corruption. This attack appear to be exploitable via local code execution and the ability to use ptrace. This vulnerability appears
- affected < 8-21.2fixed 8-21.2
The Linux Kernel versions 2.6.38 through 4.14 have a problematic use of pmd_mkdirty() in the touch_pmd() function inside the THP implementation. touch_pmd() can be reached by get_user_pages(). In such case, the pmd will become dirty. This scenario breaks the new can_follow_write_
Page 2 of 2