rpm package
suse/ocfs2&distro=SUSE Linux Enterprise High Availability Extension 11 SP4
pkg:rpm/suse/ocfs2&distro=SUSE%20Linux%20Enterprise%20High%20Availability%20Extension%2011%20SP4
Vulnerabilities (67)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2019-10220 | Hig | 8.8 | < 1.6-0.28.11.2 | 1.6-0.28.11.2 | Nov 27, 2019 | Linux kernel CIFS implementation, version 4.9.0 is vulnerable to a relative paths injection in directory entry lists. | |
| CVE-2018-12207 | Med | 6.5 | < 1.6-0.28.11.2 | 1.6-0.28.11.2 | Nov 14, 2019 | Improper invalidation for page table updates by a virtual guest operating system for multiple Intel(R) Processors may allow an authenticated user to potentially enable denial of service of the host system via local access. | |
| CVE-2019-11135 | Med | 6.5 | < 1.6-0.28.11.2 | 1.6-0.28.11.2 | Nov 14, 2019 | TSX Asynchronous Abort condition on some CPUs utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access. | |
| CVE-2019-17133 | Cri | 9.8 | < 1.6-0.28.11.2 | 1.6-0.28.11.2 | Oct 4, 2019 | In the Linux kernel through 5.3.2, cfg80211_mgd_wext_giwessid in net/wireless/wext-sme.c does not reject a long SSID IE, leading to a Buffer Overflow. | |
| CVE-2019-17055 | Low | 3.3 | < 1.6-0.28.11.2 | 1.6-0.28.11.2 | Oct 1, 2019 | base_sock_create in drivers/isdn/mISDN/socket.c in the AF_ISDN network module in the Linux kernel through 5.3.2 does not enforce CAP_NET_RAW, which means that unprivileged users can create a raw socket, aka CID-b91ee4aa2a21. | |
| CVE-2019-17054 | Low | 3.3 | < 1.6-0.28.11.2 | 1.6-0.28.11.2 | Oct 1, 2019 | atalk_create in net/appletalk/ddp.c in the AF_APPLETALK network module in the Linux kernel through 5.3.2 does not enforce CAP_NET_RAW, which means that unprivileged users can create a raw socket, aka CID-6cc03e8aa36c. | |
| CVE-2019-17053 | Low | 3.3 | < 1.6-0.28.11.2 | 1.6-0.28.11.2 | Oct 1, 2019 | ieee802154_create in net/ieee802154/socket.c in the AF_IEEE802154 network module in the Linux kernel through 5.3.2 does not enforce CAP_NET_RAW, which means that unprivileged users can create a raw socket, aka CID-e69dbd4619e7. | |
| CVE-2019-17052 | Low | 3.3 | < 1.6-0.28.11.2 | 1.6-0.28.11.2 | Oct 1, 2019 | ax25_create in net/ax25/af_ax25.c in the AF_AX25 network module in the Linux kernel 3.16 through 5.3.2 does not enforce CAP_NET_RAW, which means that unprivileged users can create a raw socket, aka CID-0614e2b73768. | |
| CVE-2019-14821 | Hig | 8.8 | < 1.6-0.28.11.2 | 1.6-0.28.11.2 | Sep 19, 2019 | An out-of-bounds access issue was found in the Linux kernel, all versions through 5.3, in the way Linux kernel's KVM hypervisor implements the Coalesced MMIO write operation. It operates on an MMIO ring buffer 'struct kvm_coalesced_mmio' object, wherein write indices 'ring->first | |
| CVE-2019-16413 | Hig | 7.5 | < 1.6-0.28.11.2 | 1.6-0.28.11.2 | Sep 19, 2019 | An issue was discovered in the Linux kernel before 5.0.4. The 9p filesystem did not protect i_size_write() properly, which causes an i_size_read() infinite loop and denial of service on SMP systems. | |
| CVE-2019-14835 | Hig | 7.8 | < 1.6-0.28.11.2 | 1.6-0.28.11.2 | Sep 17, 2019 | A buffer overflow flaw was found, in versions from 2.6.34 to 5.2.x, in the way Linux kernel's vhost functionality that translates virtqueue buffers to IOVs, logged the buffer descriptors during migration. A privileged guest user able to pass descriptors with invalid length to the | |
| CVE-2019-16234 | Med | 4.7 | < 1.6-0.28.11.2 | 1.6-0.28.11.2 | Sep 11, 2019 | drivers/net/wireless/intel/iwlwifi/pcie/trans.c in the Linux kernel 5.2.14 does not check the alloc_workqueue return value, leading to a NULL pointer dereference. | |
| CVE-2019-16233 | Med | 4.1 | < 1.6-0.28.11.2 | 1.6-0.28.11.2 | Sep 11, 2019 | drivers/scsi/qla2xxx/qla_os.c in the Linux kernel 5.2.14 does not check the alloc_workqueue return value, leading to a NULL pointer dereference. | |
| CVE-2019-16232 | Med | 4.1 | < 1.6-0.28.11.2 | 1.6-0.28.11.2 | Sep 11, 2019 | drivers/net/wireless/marvell/libertas/if_sdio.c in the Linux kernel 5.2.14 does not check the alloc_workqueue return value, leading to a NULL pointer dereference. | |
| CVE-2019-9456 | Med | 6.7 | < 1.6-0.28.11.2 | 1.6-0.28.11.2 | Sep 6, 2019 | In the Android kernel in Pixel C USB monitor driver there is a possible OOB write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. | |
| CVE-2019-15927 | Hig | 7.8 | < 1.6-0.28.11.2 | 1.6-0.28.11.2 | Sep 4, 2019 | An issue was discovered in the Linux kernel before 4.20.2. An out-of-bounds access exists in the function build_audio_procunit in the file sound/usb/mixer.c. | |
| CVE-2019-15902 | Med | 5.6 | < 1.6-0.28.11.2 | 1.6-0.28.11.2 | Sep 4, 2019 | A backporting error was discovered in the Linux stable/longterm kernel 4.4.x through 4.4.190, 4.9.x through 4.9.190, 4.14.x through 4.14.141, 4.19.x through 4.19.69, and 5.2.x through 5.2.11. Misuse of the upstream "x86/ptrace: Fix possible spectre-v1 in ptrace_get_debugreg()" co | |
| CVE-2019-15807 | Med | 4.7 | < 1.6-0.28.11.2 | 1.6-0.28.11.2 | Aug 29, 2019 | In the Linux kernel before 5.1.13, there is a memory leak in drivers/scsi/libsas/sas_expander.c when SAS expander discovery fails. This will cause a BUG and denial of service. | |
| CVE-2019-15505 | Cri | 9.8 | < 1.6-0.28.11.2 | 1.6-0.28.11.2 | Aug 23, 2019 | drivers/media/usb/dvb-usb/technisat-usb2.c in the Linux kernel through 5.2.9 has an out-of-bounds read via crafted USB device traffic (which may be remote via usbip or usbredir). | |
| CVE-2019-15292 | Med | 4.7 | < 1.6-0.28.11.2 | 1.6-0.28.11.2 | Aug 21, 2019 | An issue was discovered in the Linux kernel before 5.0.9. There is a use-after-free in atalk_proc_exit, related to net/appletalk/atalk_proc.c, net/appletalk/ddp.c, and net/appletalk/sysctl_net_atalk.c. |
- affected < 1.6-0.28.11.2fixed 1.6-0.28.11.2
Linux kernel CIFS implementation, version 4.9.0 is vulnerable to a relative paths injection in directory entry lists.
- affected < 1.6-0.28.11.2fixed 1.6-0.28.11.2
Improper invalidation for page table updates by a virtual guest operating system for multiple Intel(R) Processors may allow an authenticated user to potentially enable denial of service of the host system via local access.
- affected < 1.6-0.28.11.2fixed 1.6-0.28.11.2
TSX Asynchronous Abort condition on some CPUs utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access.
- affected < 1.6-0.28.11.2fixed 1.6-0.28.11.2
In the Linux kernel through 5.3.2, cfg80211_mgd_wext_giwessid in net/wireless/wext-sme.c does not reject a long SSID IE, leading to a Buffer Overflow.
- affected < 1.6-0.28.11.2fixed 1.6-0.28.11.2
base_sock_create in drivers/isdn/mISDN/socket.c in the AF_ISDN network module in the Linux kernel through 5.3.2 does not enforce CAP_NET_RAW, which means that unprivileged users can create a raw socket, aka CID-b91ee4aa2a21.
- affected < 1.6-0.28.11.2fixed 1.6-0.28.11.2
atalk_create in net/appletalk/ddp.c in the AF_APPLETALK network module in the Linux kernel through 5.3.2 does not enforce CAP_NET_RAW, which means that unprivileged users can create a raw socket, aka CID-6cc03e8aa36c.
- affected < 1.6-0.28.11.2fixed 1.6-0.28.11.2
ieee802154_create in net/ieee802154/socket.c in the AF_IEEE802154 network module in the Linux kernel through 5.3.2 does not enforce CAP_NET_RAW, which means that unprivileged users can create a raw socket, aka CID-e69dbd4619e7.
- affected < 1.6-0.28.11.2fixed 1.6-0.28.11.2
ax25_create in net/ax25/af_ax25.c in the AF_AX25 network module in the Linux kernel 3.16 through 5.3.2 does not enforce CAP_NET_RAW, which means that unprivileged users can create a raw socket, aka CID-0614e2b73768.
- affected < 1.6-0.28.11.2fixed 1.6-0.28.11.2
An out-of-bounds access issue was found in the Linux kernel, all versions through 5.3, in the way Linux kernel's KVM hypervisor implements the Coalesced MMIO write operation. It operates on an MMIO ring buffer 'struct kvm_coalesced_mmio' object, wherein write indices 'ring->first
- affected < 1.6-0.28.11.2fixed 1.6-0.28.11.2
An issue was discovered in the Linux kernel before 5.0.4. The 9p filesystem did not protect i_size_write() properly, which causes an i_size_read() infinite loop and denial of service on SMP systems.
- affected < 1.6-0.28.11.2fixed 1.6-0.28.11.2
A buffer overflow flaw was found, in versions from 2.6.34 to 5.2.x, in the way Linux kernel's vhost functionality that translates virtqueue buffers to IOVs, logged the buffer descriptors during migration. A privileged guest user able to pass descriptors with invalid length to the
- affected < 1.6-0.28.11.2fixed 1.6-0.28.11.2
drivers/net/wireless/intel/iwlwifi/pcie/trans.c in the Linux kernel 5.2.14 does not check the alloc_workqueue return value, leading to a NULL pointer dereference.
- affected < 1.6-0.28.11.2fixed 1.6-0.28.11.2
drivers/scsi/qla2xxx/qla_os.c in the Linux kernel 5.2.14 does not check the alloc_workqueue return value, leading to a NULL pointer dereference.
- affected < 1.6-0.28.11.2fixed 1.6-0.28.11.2
drivers/net/wireless/marvell/libertas/if_sdio.c in the Linux kernel 5.2.14 does not check the alloc_workqueue return value, leading to a NULL pointer dereference.
- affected < 1.6-0.28.11.2fixed 1.6-0.28.11.2
In the Android kernel in Pixel C USB monitor driver there is a possible OOB write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.
- affected < 1.6-0.28.11.2fixed 1.6-0.28.11.2
An issue was discovered in the Linux kernel before 4.20.2. An out-of-bounds access exists in the function build_audio_procunit in the file sound/usb/mixer.c.
- affected < 1.6-0.28.11.2fixed 1.6-0.28.11.2
A backporting error was discovered in the Linux stable/longterm kernel 4.4.x through 4.4.190, 4.9.x through 4.9.190, 4.14.x through 4.14.141, 4.19.x through 4.19.69, and 5.2.x through 5.2.11. Misuse of the upstream "x86/ptrace: Fix possible spectre-v1 in ptrace_get_debugreg()" co
- affected < 1.6-0.28.11.2fixed 1.6-0.28.11.2
In the Linux kernel before 5.1.13, there is a memory leak in drivers/scsi/libsas/sas_expander.c when SAS expander discovery fails. This will cause a BUG and denial of service.
- affected < 1.6-0.28.11.2fixed 1.6-0.28.11.2
drivers/media/usb/dvb-usb/technisat-usb2.c in the Linux kernel through 5.2.9 has an out-of-bounds read via crafted USB device traffic (which may be remote via usbip or usbredir).
- affected < 1.6-0.28.11.2fixed 1.6-0.28.11.2
An issue was discovered in the Linux kernel before 5.0.9. There is a use-after-free in atalk_proc_exit, related to net/appletalk/atalk_proc.c, net/appletalk/ddp.c, and net/appletalk/sysctl_net_atalk.c.
Page 1 of 4