rpm package

suse/ocfs2&distro=SUSE Linux Enterprise Real Time 11 SP4

pkg:rpm/suse/ocfs2&distro=SUSE%20Linux%20Enterprise%20Real%20Time%2011%20SP4

Vulnerabilities (38)

CVE	Sev	CVSS	Affected versions	Fixed in	Published	Description
CVE-2018-19985		—	< 1.6-0.28.7.1	1.6-0.28.7.1	Mar 17, 2019	The function hso_get_config_data in drivers/net/usb/hso.c in the Linux kernel through 4.19.8 reads if_num from the USB device (as a u8) and uses it to index a small array, resulting in an object out-of-bounds (OOB) read that potentially allows arbitrary read in the kernel address
CVE-2019-7222		—	< 1.6-0.28.7.1	1.6-0.28.7.1	Mar 17, 2019	The KVM implementation in the Linux kernel through 4.20.5 has an Information Leak.
CVE-2016-10741		—	< 1.6-0.28.7.1	1.6-0.28.7.1	Feb 1, 2019	In the Linux kernel before 4.9.3, fs/xfs/xfs_aops.c allows local users to cause a denial of service (system crash) because there is a race condition between direct and memory-mapped I/O (associated with a hole) that is handled with BUG_ON instead of an I/O failure.
CVE-2017-18360		—	< 1.6-0.28.7.1	1.6-0.28.7.1	Jan 31, 2019	In change_port_settings in drivers/usb/serial/io_ti.c in the Linux kernel before 4.11.3, local users could cause a denial of service by division-by-zero in the serial device layer by trying to set very high baud rates.
CVE-2018-20169		—	< 1.6-0.28.7.1	1.6-0.28.7.1	Dec 17, 2018	An issue was discovered in the Linux kernel before 4.19.9. The USB subsystem mishandles size checks during the reading of an extra descriptor, related to __usb_get_extra_descriptor in drivers/usb/core/usb.c.
CVE-2018-9568		—	< 1.6-0.28.7.1	1.6-0.28.7.1	Dec 6, 2018	In sk_clone_lock of sock.c, there is a possible memory corruption due to type confusion. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: Android kernel. A
CVE-2018-19824		—	< 1.6-0.28.7.1	1.6-0.28.7.1	Dec 3, 2018	In the Linux kernel through 4.19.6, a local user could exploit a use-after-free in the ALSA driver by supplying a malicious USB Sound device (with zero interfaces) that is mishandled in usb_audio_probe in sound/usb/card.c.
CVE-2018-19407		—	< 1.6-0.28.7.1	1.6-0.28.7.1	Nov 21, 2018	The vcpu_scan_ioapic function in arch/x86/kvm/x86.c in the Linux kernel through 4.19.2 allows local users to cause a denial of service (NULL pointer dereference and BUG) via crafted system calls that reach a situation where ioapic is uninitialized.
CVE-2017-7482		—	< 1.6-0.28.3.4	1.6-0.28.3.4	Jul 30, 2018	In the Linux kernel before version 4.12, Kerberos 5 tickets decoded when using the RXRPC keys incorrectly assumes the size of a field. This could lead to the size-remaining variable wrapping and the data pointer going over the end of the buffer. This could possibly lead to memory
CVE-2017-18079		—	< 1.6-0.28.5.6	1.6-0.28.5.6	Jan 29, 2018	drivers/input/serio/i8042.c in the Linux kernel before 4.12.4 allows attackers to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact because the port->exists value can change after it is validated.
CVE-2015-1142857		—	< 1.6-0.28.5.6	1.6-0.28.5.6	Jan 23, 2018	On multiple SR-IOV cars it is possible for VF's assigned to guests to send ethernet flow control pause frames via the PF. This includes Linux kernel ixgbe driver before commit f079fa005aae08ee0e1bc32699874ff4f02e11c1, the Linux Kernel i40e/i40evf driver before e7358f54a3954df16d4
CVE-2018-1000004		—	< 1.6-0.28.5.6	1.6-0.28.5.6	Jan 16, 2018	In the Linux kernel 4.12, 3.10, 2.6 and possibly earlier versions a race condition vulnerability exists in the sound system, this can lead to a deadlock and denial of service condition.
CVE-2017-13215		—	< 1.6-0.28.5.6	1.6-0.28.5.6	Jan 12, 2018	A elevation of privilege vulnerability in the Upstream kernel skcipher. Product: Android. Versions: Android kernel. Android ID: A-64386293. References: Upstream kernel.
CVE-2018-5333		—	< 1.6-0.28.5.6	1.6-0.28.5.6	Jan 11, 2018	In the Linux kernel through 4.14.13, the rds_cmsg_atomic function in net/rds/rdma.c mishandles cases where page pinning fails or an invalid address is supplied, leading to an rds_atomic_free_op NULL pointer dereference.
CVE-2018-5332		—	< 1.6-0.28.5.6	1.6-0.28.5.6	Jan 11, 2018	In the Linux kernel through 3.2, the rds_message_alloc_sgs() function does not validate a value that is used during DMA page allocation, leading to a heap-based out-of-bounds write (related to the rds_rdma_extra_size function in net/rds/rdma.c).
CVE-2017-5715		—	< 1.6-0.28.5.6	1.6-0.28.5.6	Jan 4, 2018	Systems with microprocessors utilizing speculative execution and indirect branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis.
CVE-2017-18017		—	< 1.6-0.28.5.6	1.6-0.28.5.6	Jan 3, 2018	The tcpmss_mangle_packet function in net/netfilter/xt_TCPMSS.c in the Linux kernel before 4.11, and 4.9.x before 4.9.36, allows remote attackers to cause a denial of service (use-after-free and memory corruption) or possibly have unspecified other impact by leveraging the presenc
CVE-2017-17741	Med	6.5	< 1.6-0.28.5.6	1.6-0.28.5.6	Dec 18, 2017	The KVM implementation in the Linux kernel through 4.14.7 allows attackers to obtain potentially sensitive information from kernel memory, aka a write_mmio stack-based out-of-bounds read, related to arch/x86/kvm/x86.c and include/trace/events/kvm.h.
CVE-2017-7533	Hig	7.0	< 1.6-0.28.3.4	1.6-0.28.3.4	Aug 5, 2017	Race condition in the fsnotify implementation in the Linux kernel through 4.12.4 allows local users to gain privileges or cause a denial of service (memory corruption) via a crafted application that leverages simultaneous execution of the inotify_handle_event and vfs_rename funct
CVE-2017-7542	Med	5.5	< 1.6-0.28.3.4	1.6-0.28.3.4	Jul 21, 2017	The ip6_find_1stfragopt function in net/ipv6/output_core.c in the Linux kernel through 4.12.3 allows local users to cause a denial of service (integer overflow and infinite loop) by leveraging the ability to open a raw socket.

CVE-2018-19985Mar 17, 2019
affected < 1.6-0.28.7.1fixed 1.6-0.28.7.1
The function hso_get_config_data in drivers/net/usb/hso.c in the Linux kernel through 4.19.8 reads if_num from the USB device (as a u8) and uses it to index a small array, resulting in an object out-of-bounds (OOB) read that potentially allows arbitrary read in the kernel address
CVE-2019-7222Mar 17, 2019
affected < 1.6-0.28.7.1fixed 1.6-0.28.7.1
The KVM implementation in the Linux kernel through 4.20.5 has an Information Leak.
CVE-2016-10741Feb 1, 2019
affected < 1.6-0.28.7.1fixed 1.6-0.28.7.1
In the Linux kernel before 4.9.3, fs/xfs/xfs_aops.c allows local users to cause a denial of service (system crash) because there is a race condition between direct and memory-mapped I/O (associated with a hole) that is handled with BUG_ON instead of an I/O failure.
CVE-2017-18360Jan 31, 2019
affected < 1.6-0.28.7.1fixed 1.6-0.28.7.1
In change_port_settings in drivers/usb/serial/io_ti.c in the Linux kernel before 4.11.3, local users could cause a denial of service by division-by-zero in the serial device layer by trying to set very high baud rates.
CVE-2018-20169Dec 17, 2018
affected < 1.6-0.28.7.1fixed 1.6-0.28.7.1
An issue was discovered in the Linux kernel before 4.19.9. The USB subsystem mishandles size checks during the reading of an extra descriptor, related to __usb_get_extra_descriptor in drivers/usb/core/usb.c.
CVE-2018-9568Dec 6, 2018
affected < 1.6-0.28.7.1fixed 1.6-0.28.7.1
In sk_clone_lock of sock.c, there is a possible memory corruption due to type confusion. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: Android kernel. A
CVE-2018-19824Dec 3, 2018
affected < 1.6-0.28.7.1fixed 1.6-0.28.7.1
In the Linux kernel through 4.19.6, a local user could exploit a use-after-free in the ALSA driver by supplying a malicious USB Sound device (with zero interfaces) that is mishandled in usb_audio_probe in sound/usb/card.c.
CVE-2018-19407Nov 21, 2018
affected < 1.6-0.28.7.1fixed 1.6-0.28.7.1
The vcpu_scan_ioapic function in arch/x86/kvm/x86.c in the Linux kernel through 4.19.2 allows local users to cause a denial of service (NULL pointer dereference and BUG) via crafted system calls that reach a situation where ioapic is uninitialized.
CVE-2017-7482Jul 30, 2018
affected < 1.6-0.28.3.4fixed 1.6-0.28.3.4
In the Linux kernel before version 4.12, Kerberos 5 tickets decoded when using the RXRPC keys incorrectly assumes the size of a field. This could lead to the size-remaining variable wrapping and the data pointer going over the end of the buffer. This could possibly lead to memory
CVE-2017-18079Jan 29, 2018
affected < 1.6-0.28.5.6fixed 1.6-0.28.5.6
drivers/input/serio/i8042.c in the Linux kernel before 4.12.4 allows attackers to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact because the port->exists value can change after it is validated.
CVE-2015-1142857Jan 23, 2018
affected < 1.6-0.28.5.6fixed 1.6-0.28.5.6
On multiple SR-IOV cars it is possible for VF's assigned to guests to send ethernet flow control pause frames via the PF. This includes Linux kernel ixgbe driver before commit f079fa005aae08ee0e1bc32699874ff4f02e11c1, the Linux Kernel i40e/i40evf driver before e7358f54a3954df16d4
CVE-2018-1000004Jan 16, 2018
affected < 1.6-0.28.5.6fixed 1.6-0.28.5.6
In the Linux kernel 4.12, 3.10, 2.6 and possibly earlier versions a race condition vulnerability exists in the sound system, this can lead to a deadlock and denial of service condition.
CVE-2017-13215Jan 12, 2018
affected < 1.6-0.28.5.6fixed 1.6-0.28.5.6
A elevation of privilege vulnerability in the Upstream kernel skcipher. Product: Android. Versions: Android kernel. Android ID: A-64386293. References: Upstream kernel.
CVE-2018-5333Jan 11, 2018
affected < 1.6-0.28.5.6fixed 1.6-0.28.5.6
In the Linux kernel through 4.14.13, the rds_cmsg_atomic function in net/rds/rdma.c mishandles cases where page pinning fails or an invalid address is supplied, leading to an rds_atomic_free_op NULL pointer dereference.
CVE-2018-5332Jan 11, 2018
affected < 1.6-0.28.5.6fixed 1.6-0.28.5.6
In the Linux kernel through 3.2, the rds_message_alloc_sgs() function does not validate a value that is used during DMA page allocation, leading to a heap-based out-of-bounds write (related to the rds_rdma_extra_size function in net/rds/rdma.c).
CVE-2017-5715Jan 4, 2018
affected < 1.6-0.28.5.6fixed 1.6-0.28.5.6
Systems with microprocessors utilizing speculative execution and indirect branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis.
CVE-2017-18017Jan 3, 2018
affected < 1.6-0.28.5.6fixed 1.6-0.28.5.6
The tcpmss_mangle_packet function in net/netfilter/xt_TCPMSS.c in the Linux kernel before 4.11, and 4.9.x before 4.9.36, allows remote attackers to cause a denial of service (use-after-free and memory corruption) or possibly have unspecified other impact by leveraging the presenc
CVE-2017-17741MedDec 18, 2017
affected < 1.6-0.28.5.6fixed 1.6-0.28.5.6
The KVM implementation in the Linux kernel through 4.14.7 allows attackers to obtain potentially sensitive information from kernel memory, aka a write_mmio stack-based out-of-bounds read, related to arch/x86/kvm/x86.c and include/trace/events/kvm.h.
CVE-2017-7533HigAug 5, 2017
affected < 1.6-0.28.3.4fixed 1.6-0.28.3.4
Race condition in the fsnotify implementation in the Linux kernel through 4.12.4 allows local users to gain privileges or cause a denial of service (memory corruption) via a crafted application that leverages simultaneous execution of the inotify_handle_event and vfs_rename funct
CVE-2017-7542MedJul 21, 2017
affected < 1.6-0.28.3.4fixed 1.6-0.28.3.4
The ip6_find_1stfragopt function in net/ipv6/output_core.c in the Linux kernel through 4.12.3 allows local users to cause a denial of service (integer overflow and infinite loop) by leveraging the ability to open a raw socket.

Page 1 of 2