kernel-source (SUSE:Enterprise Storage 4) — known CVEs & security advisories
Known CVE vulnerabilities and GitHub Security Advisories affecting the SUSE:Enterprise Storage 4 package kernel-source, with affected version ranges, CVSS severity, EPSS exploit prediction, and CISA KEV status.
CVEs (133)
CVE-2017-18174 — CVSS 9.8 (critical): In the Linux kernel before 4.7, the amd_gpio_remove function in drivers/pinctrl/pinctrl-amd.c calls the pinctrl_unregister function…
CVE-2019-10126 — CVSS 9.8 (critical): A flaw was found in the Linux kernel. A heap based buffer overflow in mwifiex_uap_parse_tail_ies function in drivers/net/wireless/marvell/mw…
CVE-2019-3846 — CVSS 8.8 (high): A flaw that allowed an attacker to corrupt memory and possibly escalate privileges was found in the mwifiex kernel module while connecting…
CVE-2018-9363 — CVSS 8.4 (high): In the hidp_process_report in bluetooth, there is an integer overflow. This could lead to an out of bounds write with no additional…
CVE-2019-6974 — CVSS 8.1 (high): In the Linux kernel before 4.20.8, kvm_ioctl_create_device in virt/kvm/kvm_main.c mishandles reference counting because of a race…
CVE-2019-11815 — CVSS 8.1 (high): An issue was discovered in rds_tcp_kill_sock in net/rds/tcp.c in the Linux kernel before 5.0.8. There is a race condition leading to a…
CVE-2018-20836 — CVSS 8.1 (high): An issue was discovered in the Linux kernel before 4.20. There is a race condition in smp_task_timedout() and smp_task_done() in…
CVE-2018-1087 — CVSS 8.0 (high): kernel KVM before versions kernel 4.16, kernel 4.16-rc7, kernel 4.17-rc1, kernel 4.17-rc2 and kernel 4.17-rc3 is vulnerable to a flaw in…
CVE-2018-16884 — CVSS 8.0 (high): A flaw was found in the Linux kernel's NFS41+ subsystem. NFS41+ shares mounted in different network namespaces at the same time can make…
CVE-2019-9503 — CVSS 7.9 (high): The Broadcom brcmfmac WiFi driver prior to commit a4176ec356c73a46c07c181c6d04039fafa34a9f is vulnerable to a frame validation bypass. If…
CVE-2018-18281 — CVSS 7.8 (high): Since Linux kernel version 3.2, the mremap() syscall performs TLB flushes after dropping pagetable locks. If a syscall such as ftruncate()…
CVE-2018-19824 — CVSS 7.8 (high): In the Linux kernel through 4.19.6, a local user could exploit a use-after-free in the ALSA driver by supplying a malicious USB Sound…
CVE-2018-10878 — CVSS 7.8 (high): A flaw was found in the Linux kernel's ext4 filesystem. A local user can cause an out-of-bounds write and a denial of service or…
CVE-2018-14734 — CVSS 7.8 (high): drivers/infiniband/core/ucma.c in the Linux kernel through 4.17.11 allows ucma_leave_multicast to access a certain data structure after a…
CVE-2019-11487 — CVSS 7.8 (high): The Linux kernel before 5.1-rc5 allows page->_refcount reference count overflow, with resultant use-after-free issues, if about 140 GiB of…
CVE-2018-14678 — CVSS 7.8 (high): An issue was discovered in the Linux kernel through 4.17.11, as used in Xen through 4.11.x. The xen_failsafe_callback entry point in…
CVE-2018-17182 — CVSS 7.8 (high): An issue was discovered in the Linux kernel through 4.18.8. The vmacache_flush_all function in mm/vmacache.c mishandles sequence number…
CVE-2018-10902 — CVSS 7.8 (high): It was found that the raw midi kernel driver does not protect against concurrent access which leads to a double realloc (double free) in…
CVE-2018-16276 — CVSS 7.8 (high): An issue was discovered in yurex_read in drivers/usb/misc/yurex.c in the Linux kernel before 4.17.7. Local attackers could use user access…
CVE-2018-9568 — CVSS 7.8 (high): In sk_clone_lock of sock.c, there is a possible memory corruption due to type confusion. This could lead to local escalation of privilege…
CVE-2018-9516 — CVSS 7.8 (high): In hid_debug_events_read of drivers/hid/hid-debug.c, there is a possible out of bounds write due to a missing bounds check. This could lead…
CVE-2018-9385 — CVSS 7.8 (high): In driver_override_store of bus.c, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local…
CVE-2018-8897 — CVSS 7.8 (high): A statement in the System Programming Guide of the Intel 64 and IA-32 Architectures Software Developer's Manual (SDM) was mishandled in the…
CVE-2018-8822 — CVSS 7.8 (high): Incorrect buffer length handling in the ncp_read_kernel function in fs/ncpfs/ncplib_kernel.c in the Linux kernel through 4.15.11, and in…
CVE-2018-7480 — CVSS 7.8 (high): The blkcg_init_queue function in block/blk-cgroup.c in the Linux kernel before 4.11 allows local users to cause a denial of service (double…
CVE-2018-8781 — CVSS 7.8 (high): The udl_fb_mmap function in drivers/gpu/drm/udl/udl_fb.c at the Linux kernel version 3.4 and up to and including 4.15 has an…
CVE-2018-6555 — CVSS 7.8 (high): The irda_setsockopt function in net/irda/af_irda.c and later in drivers/staging/irda/net/af_irda.c in the Linux kernel before 4.17 allows…
CVE-2018-5848 — CVSS 7.8 (high): In the function wmi_set_ie(), the length validation code does not handle unsigned integer overflow properly. As a result, a large value of…
CVE-2018-20856 — CVSS 7.8 (high): An issue was discovered in the Linux kernel before 4.18.7. In block/blk-core.c, there is an __blk_drain_queue() use-after-free because a…
CVE-2018-13405 — CVSS 7.8 (high): The inode_init_owner function in fs/inode.c in the Linux kernel through 3.16 allows local users to create files with an unintended group…
CVE-2018-13406 — CVSS 7.8 (high): An integer overflow in the uvesafb_setcmap function in drivers/video/fbdev/uvesafb.c in the Linux kernel before 4.17.4 could result in…
CVE-2019-2024 — CVSS 7.8 (high): In em28xx_unregister_dvb of em28xx-dvb.c, there is a possible use after free issue. This could lead to local escalation of privilege with…
CVE-2019-15117 — CVSS 7.8 (high): parse_audio_mixer_unit in sound/usb/mixer.c in the Linux kernel through 5.2.9 mishandles a short descriptor, leading to out-of-bounds…
CVE-2016-8636 — CVSS 7.8 (high): Integer overflow in the mem_check_range function in drivers/infiniband/sw/rxe/rxe_mr.c in the Linux kernel before 4.9.10 allows local users…
CVE-2019-12456 — CVSS 7.8 (high): An issue was discovered in the MPT3COMMAND case in _ctl_ioctl_main in drivers/scsi/mpt3sas/mpt3sas_ctl.c in the Linux kernel through 5.1.5…
CVE-2018-5391 — CVSS 7.5 (high): The Linux kernel, versions 3.9+, is vulnerable to a denial of service attack with low rates of specially modified packets targeting IP…
CVE-2019-8564 — CVSS 7.5 (high): A logic issue was addressed with improved validation. This issue is fixed in macOS Mojave 10.14.4, Security Update 2019-002 High Sierra…
CVE-2019-12818 — CVSS 7.5 (high): An issue was discovered in the Linux kernel before 4.20.15. The nfc_llcp_build_tlv function in net/nfc/llcp_commands.c may return NULL. If…
CVE-2019-11810 — CVSS 7.5 (high): An issue was discovered in the Linux kernel before 5.0.7. A NULL pointer dereference can occur when megasas_create_frame_pool() fails in…
CVE-2019-11479 — CVSS 7.5 (high): Jonathan Looney discovered that the Linux kernel default MSS is hard-coded to 48 bytes. This allows a remote peer to fragment TCP resend…
CVE-2019-11477 — CVSS 7.5 (high): Jonathan Looney discovered that the TCP_SKB_CB(skb)->tcp_gso_segs value was subject to an integer overflow in the Linux kernel when…
CVE-2019-10639 — CVSS 7.5 (high): The Linux kernel 4.x (starting from 4.1) and 5.x before 5.0.8 allows Information Exposure (partial kernel address disclosure), leading to a…
CVE-2018-1128 — CVSS 7.5 (high): It was found that cephx authentication protocol did not verify ceph clients correctly and was vulnerable to replay attack. Any attacker…
CVE-2018-5390 — CVSS 7.5 (high): Linux kernel versions 4.9+ can be forced to make very expensive calls to tcp_collapse_ofo_queue() and tcp_prune_ofo_queue() for every…
CVE-2018-10877 — CVSS 7.3 (high): Linux kernel ext4 filesystem is vulnerable to an out-of-bound access in the ext4_ext_drop_refs() function when operating on a crafted ext4…
CVE-2017-13305 — CVSS 7.1 (high): A information disclosure vulnerability in the Upstream kernel encrypted-keys. Product: Android. Versions: Android kernel. Android ID…
CVE-2019-11486 — CVSS 7.0 (high): The Siemens R3964 line discipline driver in drivers/tty/n_r3964.c in the Linux kernel before 5.0.8 has multiple race conditions.
CVE-2019-11599 — CVSS 7.0 (high): The coredump implementation in the Linux kernel before 5.0.10 does not use locking or other mechanisms to prevent vma layout or vma flags…
CVE-2018-14633 — CVSS 7.0 (high): A security flaw was found in the chap_server_compute_md5() function in the ISCSI target code in the Linux kernel in a way an authentication…
CVE-2018-10853 — CVSS 7.0 (high): A flaw was found in the way Linux kernel KVM hypervisor before 4.18 emulated instructions such as sgdt/sidt/fxsave/fxrstor. It did not…
CVE-2017-18249 — CVSS 7.0 (high): The add_free_nid function in fs/f2fs/node.c in the Linux kernel before 4.12 does not properly track an allocated nid, which allows local…
CVE-2018-5814 — CVSS 7.0 (high): In the Linux Kernel before version 4.16.11, 4.14.43, 4.9.102, and 4.4.133, multiple race condition errors when handling probe, disconnect…
CVE-2019-14283 — CVSS 6.8 (medium): In the Linux kernel before 5.2.3, set_geometry in drivers/block/floppy.c does not validate the sect and head fields, as demonstrated by an…
CVE-2018-20169 — CVSS 6.8 (medium): An issue was discovered in the Linux kernel before 4.19.9. The USB subsystem mishandles size checks during the reading of an extra…
CVE-2019-13631 — CVSS 6.8 (medium): In parse_hid_report_descriptor in drivers/input/tablet/gtco.c in the Linux kernel through 5.2.1, a malicious USB device can send an HID…
CVE-2017-18551 — CVSS 6.7 (medium): An issue was discovered in drivers/i2c/i2c-core-smbus.c in the Linux kernel before 4.14.15. There is an out of bounds write in the function…
CVE-2019-3460 — CVSS 6.5 (medium): A heap data infoleak in multiple locations including L2CAP_PARSE_CONF_RSP was found in the Linux kernel before 5.1-rc1.
CVE-2017-17741 — CVSS 6.5 (medium): The KVM implementation in the Linux kernel through 4.14.7 allows attackers to obtain potentially sensitive information from kernel memory…
CVE-2019-3459 — CVSS 6.5 (medium): A heap address information leak while using L2CAP_GET_CONF_OPT was discovered in the Linux kernel before 5.1-rc1.
CVE-2018-1129 — CVSS 6.5 (medium): A flaw was found in the way signature calculation was handled by cephx authentication protocol. An attacker having access to ceph cluster…
CVE-2018-15572 — CVSS 6.5 (medium): The spectre_v2_select_mitigation function in arch/x86/kernel/cpu/bugs.c in the Linux kernel before 4.18.1 does not always fill RSB upon a…
CVE-2019-10638 — CVSS 6.5 (medium): In the Linux kernel before 5.1.7, a device can be tracked by an attacker using the IP ID values the kernel produces for connection-less…
CVE-2019-14284 — CVSS 6.2 (medium): In the Linux kernel before 5.2.3, drivers/block/floppy.c allows a denial of service by setup_format_params division-by-zero. Two…
CVE-2018-16658 — CVSS 6.1 (medium): An issue was discovered in the Linux kernel before 4.18.6. An information leak in cdrom_ioctl_drive_status in drivers/cdrom/cdrom.c could…
CVE-2018-10938 — CVSS 5.9 (medium): A flaw was found in the Linux kernel present since v4.0-rc1 and through v4.13-rc4. A crafted network packet sent remotely by an attacker…
CVE-2018-12130 — CVSS 5.9 (medium): Microarchitectural Fill Buffer Data Sampling (MFBDS): Fill buffers on some microprocessors utilizing speculative execution may allow an…
CVE-2018-3646 — CVSS 5.6 (medium): Systems with microprocessors utilizing speculative execution and address translations may allow unauthorized disclosure of information…
CVE-2018-3620 — CVSS 5.6 (medium): Systems with microprocessors utilizing speculative execution and address translations may allow unauthorized disclosure of information…
CVE-2018-12127 — CVSS 5.6 (medium): Microarchitectural Load Port Data Sampling (MLPDS): Load ports on some microprocessors utilizing speculative execution may allow an…
CVE-2019-11091 — CVSS 5.6 (medium): Microarchitectural Data Sampling Uncacheable Memory (MDSUM): Uncacheable memory on some microprocessors utilizing speculative execution may…
CVE-2018-12126 — CVSS 5.6 (medium): Microarchitectural Store Buffer Data Sampling (MSBDS): Store buffers on some microprocessors utilizing speculative execution may allow an…
CVE-2019-1125 — CVSS 5.6 (medium): An information disclosure vulnerability exists when certain central processing units (CPU) speculatively access memory. An attacker who…
CVE-2018-3665 — CVSS 5.6 (medium): System software utilizing Lazy FP state restore technique on systems using Intel Core-based microprocessors may potentially allow a local…
CVE-2018-8043 — CVSS 5.5 (medium): The unimac_mdio_probe function in drivers/net/phy/mdio-bcm-unimac.c in the Linux kernel through 4.15.8 does not validate certain resource…
CVE-2018-1130 — CVSS 5.5 (medium): Linux kernel before version 4.16-rc7 is vulnerable to a null pointer dereference in dccp_write_xmit() function in net/dccp/output.c in that…
CVE-2018-10940 — CVSS 5.5 (medium): The cdrom_ioctl_media_changed function in drivers/cdrom/cdrom.c in the Linux kernel before 4.16.6 allows local attackers to use a incorrect…
CVE-2018-1094 — CVSS 5.5 (medium): The ext4_fill_super function in fs/ext4/super.c in the Linux kernel through 4.15.15 does not always initialize the crc32c checksum driver…
CVE-2018-1093 — CVSS 5.5 (medium): The ext4_valid_block_bitmap function in fs/ext4/balloc.c in the Linux kernel through 4.15.15 allows attackers to cause a denial of service…
CVE-2019-10207 — CVSS 5.5 (medium): A flaw was found in the Linux kernel's Bluetooth implementation of UART, all versions kernel 3.x.x before 4.18.0 and kernel 5.x.x. An…
CVE-2018-1092 — CVSS 5.5 (medium): The ext4_iget function in fs/ext4/inode.c in the Linux kernel through 4.15.15 mishandles the case of a root directory with a zero…
CVE-2018-1091 — CVSS 5.5 (medium): In the flush_tmregs_to_thread function in arch/powerpc/kernel/ptrace.c in the Linux kernel before 4.13.5, a guest kernel crash can be…
CVE-2019-12819 — CVSS 5.5 (medium): An issue was discovered in the Linux kernel before 5.0. The function __mdiobus_register() in drivers/net/phy/mdio_bus.c calls put_device()…
CVE-2018-15594 — CVSS 5.5 (medium): arch/x86/kernel/paravirt.c in the Linux kernel before 4.18.1 mishandles certain indirect calls, which makes it easier for attackers to…
CVE-2018-18690 — CVSS 5.5 (medium): In the Linux kernel before 4.17, a local attacker able to set attributes on an xfs filesystem could make this filesystem non-operational…
CVE-2018-18710 — CVSS 5.5 (medium): An issue was discovered in the Linux kernel through 4.19. An information leak in cdrom_ioctl_select_disc in drivers/cdrom/cdrom.c could be…
CVE-2018-19407 — CVSS 5.5 (medium): The vcpu_scan_ioapic function in arch/x86/kvm/x86.c in the Linux kernel through 4.19.2 allows local users to cause a denial of service…
CVE-2019-9213 — CVSS 5.5 (medium): In the Linux kernel before 4.20.14, expand_downwards in mm/mmap.c lacks a check for the mmap minimum address, which makes it easier for…
CVE-2018-14617 — CVSS 5.5 (medium): An issue was discovered in the Linux kernel through 4.17.10. There is a NULL pointer dereference and panic in hfsplus_lookup() in…
CVE-2018-13095 — CVSS 5.5 (medium): An issue was discovered in fs/xfs/libxfs/xfs_inode_buf.c in the Linux kernel through 4.17.3. A denial of service (memory corruption and…
CVE-2018-3639 — CVSS 5.5 (medium): Systems with microprocessors utilizing speculative execution and speculative execution of memory reads before the addresses of all prior…
CVE-2018-13094 — CVSS 5.5 (medium): An issue was discovered in fs/xfs/libxfs/xfs_attr_leaf.c in the Linux kernel through 4.17.3. An OOPS may occur for a corrupted xfs image…
CVE-2018-13093 — CVSS 5.5 (medium): An issue was discovered in fs/xfs/xfs_icache.c in the Linux kernel through 4.17.3. There is a NULL pointer dereference and panic in…
CVE-2018-5803 — CVSS 5.5 (medium): In the Linux Kernel before version 4.15.8, 4.14.25, 4.9.87, 4.4.121, 4.1.51, and 3.2.102, an error in the "_sctp_make_chunk()" function…
CVE-2018-12896 — CVSS 5.5 (medium): An issue was discovered in the Linux kernel through 4.17.3. An Integer Overflow in kernel/time/posix-timers.c in the POSIX timer code is…
CVE-2018-6554 — CVSS 5.5 (medium): Memory leak in the irda_bind function in net/irda/af_irda.c and later in drivers/staging/irda/net/af_irda.c in the Linux kernel before 4.17…
CVE-2018-7191 — CVSS 5.5 (medium): In the tun subsystem in the Linux kernel before 4.13.14, dev_get_valid_name is not called before register_netdevice. This allows local…
CVE-2018-7492 — CVSS 5.5 (medium): A NULL pointer dereference was found in the net/rds/rdma.c __rds_rdma_map() function in the Linux kernel before 4.14.7 allowing local…
CVE-2018-7740 — CVSS 5.5 (medium): The resv_map_release function in mm/hugetlb.c in the Linux kernel through 4.15.7 allows local users to cause a denial of service (BUG) via…
CVE-2018-7757 — CVSS 5.5 (medium): Memory leak in the sas_smp_get_phy_events function in drivers/scsi/libsas/sas_expander.c in the Linux kernel through 4.15.7 allows local…
CVE-2018-10880 — CVSS 5.5 (medium): Linux kernel is vulnerable to a stack-out-of-bounds write in the ext4 filesystem code when mounting and writing to a crafted ext4 image in…
CVE-2019-11833 — CVSS 5.5 (medium): fs/ext4/extents.c in the Linux kernel through 5.1.2 does not zero out the unused memory region in the extent tree block, which might allow…
CVE-2019-12380 — CVSS 5.5 (medium): **DISPUTED** An issue was discovered in the efi subsystem in the Linux kernel through 5.1.5. phys_efi_set_virtual_address_map in…
CVE-2019-12382 — CVSS 5.5 (medium): An issue was discovered in drm_load_edid_firmware in drivers/gpu/drm/drm_edid_load.c in the Linux kernel through 5.1.5. There is an…
CVE-2018-10124 — CVSS 5.5 (medium): The kill_something_info function in kernel/signal.c in the Linux kernel before 4.13, when an unspecified architecture and compiler is used…
CVE-2018-17972 — CVSS 5.5 (medium): An issue was discovered in the proc_pid_stack function in fs/proc/base.c in the Linux kernel through 4.18.11. It does not ensure that only…
CVE-2018-10087 — CVSS 5.5 (medium): The kernel_wait4 function in kernel/exit.c in the Linux kernel before 4.13, when an unspecified architecture and compiler is used, might…
CVE-2019-15118 — CVSS 5.5 (medium): check_input_term in sound/usb/mixer.c in the Linux kernel through 5.2.9 mishandles recursion, leading to kernel stack exhaustion.
CVE-2018-1000199 — CVSS 5.5 (medium): The Linux Kernel version 3.18 contains a dangerous feature vulnerability in modify_user_hw_breakpoint() that can result in crash and…
CVE-2019-3882 — CVSS 5.5 (medium): A flaw was found in the Linux kernel's vfio interface implementation that permits violation of the user's locked memory limit. If a device…
CVE-2019-5489 — CVSS 5.5 (medium): The mincore() implementation in mm/mincore.c in the Linux kernel through 4.19.13 allowed local attackers to observe page cache access…
CVE-2017-18344 — CVSS 5.5 (medium): The timer_create syscall implementation in kernel/time/posix-timers.c in the Linux kernel before 4.14.8 doesn't properly validate the…
CVE-2017-18257 — CVSS 5.5 (medium): The __get_data_block function in fs/f2fs/data.c in the Linux kernel before 4.11 allows local users to cause a denial of service (integer…
CVE-2017-18241 — CVSS 5.5 (medium): fs/f2fs/segment.c in the Linux kernel before 4.13 allows local users to cause a denial of service (NULL pointer dereference and panic) by…
CVE-2018-1000204 — CVSS 5.3 (medium): Linux Kernel version 3.18 to 4.16 incorrectly handles an SG_IO ioctl on /dev/sg0 with dxfer_direction=SG_DXFER_FROM_DEV and an empty 6-byte…
CVE-2018-16862 — CVSS 5.3 (medium): A security flaw was found in the Linux kernel in a way that the cleancache subsystem clears an inode after the final file truncation…
CVE-2019-11478 — CVSS 5.3 (medium): Jonathan Looney discovered that the TCP retransmission queue implementation in tcp_fragment in the Linux kernel could be fragmented when…
CVE-2018-10876 — CVSS 5.0 (medium): A flaw was found in Linux kernel in the ext4 filesystem code. A use-after-free is possible in ext4_ext_remove_space() function when…
CVE-2018-10883 — CVSS 4.8 (medium): A flaw was found in the Linux kernel's ext4 filesystem. A local user can cause an out-of-bounds write in jbd2_journal_dirty_metadata(), a…
CVE-2018-10882 — CVSS 4.8 (medium): A flaw was found in the Linux kernel's ext4 filesystem. A local user can cause an out-of-bound write in in fs/jbd2/transaction.c code, a…
CVE-2019-11190 — CVSS 4.7 (medium): The Linux kernel before 4.8 allows local users to bypass ASLR on setuid programs (such as /bin/su) because install_exec_creds() is called…
CVE-2018-1065 — CVSS 4.7 (medium): The netfilter subsystem in the Linux kernel through 4.15.7 mishandles the case of a rule blob that contains a jump but lacks a user-defined…
CVE-2018-19985 — CVSS 4.6 (medium): The function hso_get_config_data in drivers/net/usb/hso.c in the Linux kernel through 4.19.8 reads if_num from the USB device (as a u8) and…
CVE-2019-3819 — CVSS 4.4 (medium): A flaw was found in the Linux kernel in the function hid_debug_events_read() in drivers/hid/hid-debug.c file which may enter an infinite…
CVE-2018-10879 — CVSS 4.2 (medium): A flaw was found in the Linux kernel's ext4 filesystem. A local user can cause a use-after-free in ext4_xattr_set_entry function and a…
CVE-2018-10881 — CVSS 4.2 (medium): A flaw was found in the Linux kernel's ext4 filesystem. A local user can cause an out-of-bound access in ext4_get_group_info function, a…
CVE-2019-12614 — CVSS 4.1 (medium): An issue was discovered in dlpar_parse_cc_property in arch/powerpc/platforms/pseries/dlpar.c in the Linux kernel through 5.1.6. There is an…
CVE-2018-18386 — CVSS 3.3 (low): drivers/tty/n_tty.c in the Linux kernel before 4.14.11 allows local attackers (who are able to access pseudo terminals) to hang/block…
CVE-2018-13053 — CVSS 3.3 (low): The alarm_timer_nsleep function in kernel/time/alarmtimer.c in the Linux kernel through 4.17.3 has an integer overflow via a large relative…
CVE-2018-20855 — CVSS 3.3 (low): An issue was discovered in the Linux kernel before 4.18.7. In create_qp_common in drivers/infiniband/hw/mlx5/qp.c, mlx5_ib_create_qp_resp…
CVE-2019-11884 — CVSS 3.3 (low): The do_hidp_sock_ioctl function in net/bluetooth/hidp/sock.c in the Linux kernel before 5.0.15 allows a local user to obtain potentially…
CVE-2018-1120 — CVSS 2.8 (low): A flaw was found affecting the Linux kernel before version 4.17. By mmap()ing a FUSE-backed file onto a process's memory containing command…