VYPR

rpm package

suse/kgraft-patch-SLE12-SP5_Update_1&distro=SUSE Linux Enterprise Live Patching 12 SP5

pkg:rpm/suse/kgraft-patch-SLE12-SP5_Update_1&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2012%20SP5

Vulnerabilities (70)

  • CVE-2019-15030Sep 13, 2019
    affected < 1-8.7.1fixed 1-8.7.1

    In the Linux kernel through 5.2.14 on the powerpc platform, a local user can read vector registers of other users' processes via a Facility Unavailable exception. To exploit the venerability, a local user starts a transaction (via the hardware transactional memory instruction tbe

  • CVE-2019-16231Sep 11, 2019
    affected < 1-8.7.1fixed 1-8.7.1

    drivers/net/fjes/fjes_main.c in the Linux kernel 5.2.14 does not check the alloc_workqueue return value, leading to a NULL pointer dereference.

  • CVE-2019-16233Sep 11, 2019
    affected < 1-8.7.1fixed 1-8.7.1

    drivers/scsi/qla2xxx/qla_os.c in the Linux kernel 5.2.14 does not check the alloc_workqueue return value, leading to a NULL pointer dereference.

  • CVE-2019-9458Sep 6, 2019
    affected < 6-2.2fixed 6-2.2

    In the Android kernel in the video driver there is a use after free due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

  • CVE-2019-9456Sep 6, 2019
    affected < 1-8.7.1fixed 1-8.7.1

    In the Android kernel in Pixel C USB monitor driver there is a possible OOB write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.

  • CVE-2017-18595Sep 4, 2019
    affected < 1-8.7.1fixed 1-8.7.1

    An issue was discovered in the Linux kernel before 4.14.11. A double free may be caused by the function allocate_trace_buffer in the file kernel/trace/trace.c.

  • CVE-2019-15916Sep 4, 2019
    affected < 1-8.7.1fixed 1-8.7.1

    An issue was discovered in the Linux kernel before 5.0.1. There is a memory leak in register_queue_kobjects() in net/core/net-sysfs.c, which will cause denial of service.

  • CVE-2019-9506Aug 14, 2019
    affected < 1-8.7.1fixed 1-8.7.1

    The Bluetooth BR/EDR specification up to and including version 5.1 permits sufficiently low encryption key length and does not prevent an attacker from influencing the key length negotiation. This allows practical brute-force attacks (aka "KNOB") that can decrypt traffic and inje

  • CVE-2018-1000199MedMay 24, 2018
    affected < 5-2.1fixed 5-2.1

    The Linux Kernel version 3.18 contains a dangerous feature vulnerability in modify_user_hw_breakpoint() that can result in crash and possibly memory corruption. This attack appear to be exploitable via local code execution and the ability to use ptrace. This vulnerability appears

  • CVE-2017-1000405HigNov 30, 2017
    affected < 8-2.2fixed 8-2.2

    The Linux Kernel versions 2.6.38 through 4.14 have a problematic use of pmd_mkdirty() in the touch_pmd() function inside the THP implementation. touch_pmd() can be reached by get_user_pages(). In such case, the pmd will become dirty. This scenario breaks the new can_follow_write_

Page 4 of 4