kernel-livepatch-SLE15_Update_17 (SUSE:Linux Enterprise Live Patching 15) — known CVEs & security advisories
Known CVE vulnerabilities and GitHub Security Advisories affecting the SUSE:Linux Enterprise Live Patching 15 package kernel-livepatch-SLE15_Update_17, with affected version ranges, CVSS severity, EPSS exploit prediction, and CISA KEV status.
CVEs (73)
CVE-2019-14897 — CVSS 9.8 (critical): A stack-based buffer overflow was found in the Linux kernel, version kernel-2.6.32, in Marvell WiFi chip driver. An attacker is able to…
CVE-2019-14896 — CVSS 9.8 (critical): A heap-based buffer overflow vulnerability was found in the Linux kernel, version kernel-2.6.32, in Marvell WiFi chip driver. A remote…
CVE-2019-16746 — CVSS 9.8 (critical): An issue was discovered in net/wireless/nl80211.c in the Linux kernel through 5.2.17. It does not check the length of variable elements in…
CVE-2019-14895 — CVSS 9.8 (critical): A heap-based buffer overflow was discovered in the Linux kernel, all versions 3.x.x and 4.x.x before 4.18.0, in Marvell WiFi chip driver…
CVE-2019-14901 — CVSS 9.8 (critical): A heap overflow flaw was found in the Linux kernel, all versions 3.x.x and 4.x.x before 4.18.0, in Marvell WiFi chip driver. The…
CVE-2019-18805 — CVSS 9.8 (critical): An issue was discovered in net/ipv4/sysctl_net_ipv4.c in the Linux kernel before 5.0.11. There is a net/ipv4/tcp_input.c signed integer…
CVE-2020-12351 — CVSS 8.8 (high): Improper input validation in BlueZ may allow an unauthenticated user to potentially enable escalation of privilege via adjacent access.
CVE-2020-14381 — CVSS 7.8 (high): A flaw was found in the Linux kernel’s futex implementation. This flaw allows a local attacker to corrupt system memory or escalate their…
CVE-2020-10757 — CVSS 7.8 (high): A flaw was found in the Linux Kernel in versions after 4.5-rc1 in the way mremap handled DAX Huge Pages. This flaw allows a local attacker…
CVE-2020-0430 — CVSS 7.8 (high): In skb_headlen of /include/linux/skbuff.h, there is a possible out of bounds read due to memory corruption. This could lead to local…
CVE-2019-19447 — CVSS 7.8 (high): In the Linux kernel 5.0.21, mounting a crafted ext4 filesystem image, performing some operations, and unmounting can lead to a…
CVE-2020-12653 — CVSS 7.8 (high): An issue was found in Linux kernel before 5.5.4. The mwifiex_cmd_append_vsie_tlv() function in drivers/net/wireless/marvell/mwifiex/scan.c…
CVE-2019-19543 — CVSS 7.8 (high): In the Linux kernel before 5.1.6, there is a use-after-free in serial_ir_init_module() in drivers/media/rc/serial_ir.c.
CVE-2019-19075 — CVSS 7.5 (high): A memory leak in the ca8210_probe() function in drivers/net/ieee802154/ca8210.c in the Linux kernel before 5.3.8 allows attackers to cause…
CVE-2019-15916 — CVSS 7.5 (high): An issue was discovered in the Linux kernel before 5.0.1. There is a memory leak in register_queue_kobjects() in net/core/net-sysfs.c…
CVE-2020-25645 — CVSS 7.5 (high): A flaw was found in the Linux kernel in versions before 5.9-rc7. Traffic between two Geneve endpoints may be unencrypted when IPsec is…
CVE-2019-19049 — CVSS 7.5 (high): A memory leak in the unittest_data_add() function in drivers/of/unittest.c in the Linux kernel before 5.3.10 allows attackers to cause a…
CVE-2019-19052 — CVSS 7.5 (high): A memory leak in the gs_can_open() function in drivers/net/can/usb/gs_usb.c in the Linux kernel before 5.3.11 allows attackers to cause a…
CVE-2019-19060 — CVSS 7.5 (high): A memory leak in the adis_update_scan_mode() function in drivers/iio/imu/adis_buffer.c in the Linux kernel before 5.3.9 allows attackers to…
CVE-2020-1749 — CVSS 7.5 (high): A flaw was found in the Linux kernel's implementation of some networking protocols in IPsec, such as VXLAN and GENEVE tunnels over IPv6…
CVE-2019-19074 — CVSS 7.5 (high): A memory leak in the ath9k_wmi_cmd() function in drivers/net/wireless/ath/ath9k/wmi.c in the Linux kernel through 5.3.11 allows attackers…
CVE-2020-25705 — CVSS 7.4 (high): A flaw in ICMP packets in the Linux kernel may allow an attacker to quickly scan open UDP ports. This flaw allows an off-path remote…
CVE-2020-11668 — CVSS 7.1 (high): In the Linux kernel before 5.6.1, drivers/media/usb/gspca/xirlink_cit.c (aka the Xirlink camera USB driver) mishandles invalid descriptors…
CVE-2020-12654 — CVSS 7.1 (high): An issue was found in Linux kernel before 5.5.4. mwifiex_ret_wmm_get_status() in drivers/net/wireless/marvell/mwifiex/wmm.c allows a remote…
CVE-2020-24394 — CVSS 7.1 (high): In the Linux kernel before 5.7.8, fs/nfsd/vfs.c (in the NFS server) can set incorrect permissions on new filesystem objects when the…
CVE-2019-9458 — CVSS 7.0 (high): In the Android kernel in the video driver there is a use after free due to a race condition. This could lead to local escalation of…
CVE-2020-25212 — CVSS 7.0 (high): A TOCTOU mismatch in the NFS client code in the Linux kernel before 5.8.3 could be used by local attackers to corrupt memory or possibly…
CVE-2019-18683 — CVSS 7.0 (high): An issue was discovered in drivers/media/platform/vivid in the Linux kernel through 5.3.8. It is exploitable for privilege escalation on…
CVE-2020-25668 — CVSS 7.0 (high): A flaw was found in Linux Kernel because access to the global variable fg_console is not properly synchronized leading to a use after free…
CVE-2019-19532 — CVSS 6.8 (medium): In the Linux kernel before 5.3.9, there are multiple out-of-bounds write bugs that can be caused by a malicious USB device in the Linux…
CVE-2019-19531 — CVSS 6.8 (medium): In the Linux kernel before 5.2.9, there is a use-after-free bug that can be caused by a malicious USB device in the drivers/usb/misc/yurex.c…
CVE-2019-19527 — CVSS 6.8 (medium): In the Linux kernel before 5.2.10, there is a use-after-free bug that can be caused by a malicious USB device in the drivers/hid/usbhid/hidd…
CVE-2020-0431 — CVSS 6.7 (medium): In kbd_keycode of keyboard.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of…
CVE-2020-15780 — CVSS 6.7 (medium): An issue was discovered in drivers/acpi/acpi_configfs.c in the Linux kernel before 5.7.7. Injection of malicious ACPI tables via configfs…
CVE-2020-14386 — CVSS 6.7 (medium): A flaw was found in the Linux kernel before 5.9-rc4. Memory corruption can be exploited to gain root privileges from unprivileged…
CVE-2020-14331 — CVSS 6.6 (medium): A flaw was found in the Linux kernel’s implementation of the invert video code on VGA consoles when a local attacker attempts to resize…
CVE-2019-5108 — CVSS 6.5 (medium): An exploitable denial-of-service vulnerability exists in the Linux kernel prior to mainline 5.3. An attacker could exploit this…
CVE-2019-19529 — CVSS 6.3 (medium): In the Linux kernel before 5.3.11, there is a use-after-free bug that can be caused by a malicious USB device in the drivers/net/can/usb/mcb…
CVE-2019-19332 — CVSS 6.1 (medium): An out-of-bounds memory write issue was found in the Linux Kernel, version 3.13 through 5.4, in the way the Linux kernel's KVM hypervisor…
CVE-2019-19528 — CVSS 6.1 (medium): In the Linux kernel before 5.3.7, there is a use-after-free bug that can be caused by a malicious USB device in the drivers/usb/misc/iowarri…
CVE-2019-19051 — CVSS 5.5 (medium): A memory leak in the i2400m_op_rfkill_sw_toggle() function in drivers/net/wimax/i2400m/op-rfkill.c in the Linux kernel before 5.3.11 allows…
CVE-2019-18808 — CVSS 5.5 (medium): A memory leak in the ccp_run_sha_cmd() function in drivers/crypto/ccp/ccp-ops.c in the Linux kernel through 5.3.9 allows attackers to cause…
CVE-2020-8694 — CVSS 5.5 (medium): Insufficient access control in the Linux kernel driver for some Intel(R) Processors may allow an authenticated user to potentially enable…
CVE-2019-19077 — CVSS 5.5 (medium): A memory leak in the bnxt_re_create_srq() function in drivers/infiniband/hw/bnxt_re/ib_verbs.c in the Linux kernel through 5.3.11 allows…
CVE-2019-19227 — CVSS 5.5 (medium): In the AppleTalk subsystem in the Linux kernel before 5.1, there is a potential NULL pointer dereference because register_snap_client may…
CVE-2019-19338 — CVSS 5.5 (medium): A flaw was found in the fix for CVE-2019-11135, in the Linux upstream kernel versions before 5.5 where, the way Intel CPUs handle…
CVE-2019-19767 — CVSS 5.5 (medium): The Linux kernel before 5.4.2 mishandles ext4_expand_extra_isize, as demonstrated by use-after-free errors in __ext4_expand_extra_isize and…
CVE-2018-1000199 — CVSS 5.5 (medium): The Linux Kernel version 3.18 contains a dangerous feature vulnerability in modify_user_hw_breakpoint() that can result in crash and…
CVE-2019-19056 — CVSS 4.7 (medium): A memory leak in the mwifiex_pcie_alloc_cmdrsp_buf() function in drivers/net/wireless/marvell/mwifiex/pcie.c in the Linux kernel through…
CVE-2019-18660 — CVSS 4.7 (medium): The Linux kernel before 5.4.1 on powerpc allows Information Exposure because the Spectre-RSB mitigation is not in place for all applicable…
CVE-2019-19058 — CVSS 4.7 (medium): A memory leak in the alloc_sgtable() function in drivers/net/wireless/intel/iwlwifi/fw/dbg.c in the Linux kernel through 5.3.11 allows…
CVE-2019-19062 — CVSS 4.7 (medium): A memory leak in the crypto_report() function in crypto/crypto_user_base.c in the Linux kernel through 5.3.11 allows attackers to cause a…
CVE-2019-19065 — CVSS 4.7 (medium): A memory leak in the sdma_init() function in drivers/infiniband/hw/hfi1/sdma.c in the Linux kernel before 5.3.9 allows attackers to cause a…
CVE-2019-19066 — CVSS 4.7 (medium): A memory leak in the bfad_im_get_stats() function in drivers/scsi/bfa/bfad_attr.c in the Linux kernel through 5.3.11 allows attackers to…
CVE-2019-15213 — CVSS 4.6 (medium): An issue was discovered in the Linux kernel before 5.2.3. There is a use-after-free caused by a malicious USB device in the…
CVE-2019-19536 — CVSS 4.6 (medium): In the Linux kernel before 5.2.9, there is an info-leak bug that can be caused by a malicious USB device in the drivers/net/can/usb/peak_usb…
CVE-2019-19535 — CVSS 4.6 (medium): In the Linux kernel before 5.2.9, there is an info-leak bug that can be caused by a malicious USB device in the drivers/net/can/usb/peak_usb…
CVE-2019-19530 — CVSS 4.6 (medium): In the Linux kernel before 5.2.10, there is a use-after-free bug that can be caused by a malicious USB device in the drivers/usb/class/cdc-a…
CVE-2019-19526 — CVSS 4.6 (medium): In the Linux kernel before 5.3.9, there is a use-after-free bug that can be caused by a malicious USB device in the drivers/nfc/pn533/usb.c…
CVE-2019-19525 — CVSS 4.6 (medium): In the Linux kernel before 5.3.6, there is a use-after-free bug that can be caused by a malicious USB device in the drivers/net/ieee802154/a…
CVE-2019-19524 — CVSS 4.6 (medium): In the Linux kernel before 5.3.12, there is a use-after-free bug that can be caused by a malicious USB device in the drivers/input/ff-memles…
CVE-2019-19523 — CVSS 4.6 (medium): In the Linux kernel before 5.3.7, there is a use-after-free bug that can be caused by a malicious USB device in the drivers/usb/misc/adutux…
CVE-2019-19068 — CVSS 4.6 (medium): A memory leak in the rtl8xxxu_submit_int_urb() function in drivers/net/wireless/realtek/rtl8xxxu/rtl8xxxu_core.c in the Linux kernel…
CVE-2019-19063 — CVSS 4.6 (medium): Two memory leaks in the rtl_usb_probe() function in drivers/net/wireless/realtek/rtlwifi/usb.c in the Linux kernel through 5.3.11 allow…
CVE-2019-18809 — CVSS 4.6 (medium): A memory leak in the af9005_identify_state() function in drivers/media/usb/dvb-usb/af9005.c in the Linux kernel through 5.3.9 allows…
CVE-2019-19067 — CVSS 4.4 (medium): Four memory leaks in the acp_hw_init() function in drivers/gpu/drm/amd/amdgpu/amdgpu_acp.c in the Linux kernel before 5.3.8 allow attackers…
CVE-2019-19537 — CVSS 4.2 (medium): In the Linux kernel before 5.2.10, there is a race condition bug that can be caused by a malicious USB device in the USB character device…
CVE-2019-16231 — CVSS 4.1 (medium): drivers/net/fjes/fjes_main.c in the Linux kernel 5.2.14 does not check the alloc_workqueue return value, leading to a NULL pointer…
CVE-2019-19073 — CVSS 4.0 (medium): Memory leaks in drivers/net/wireless/ath/ath9k/htc_hst.c in the Linux kernel through 5.3.11 allow attackers to cause a denial of service…
CVE-2019-17055 — CVSS 3.3 (low): base_sock_create in drivers/isdn/mISDN/socket.c in the AF_ISDN network module in the Linux kernel through 5.3.2 does not enforce…
CVE-2019-19057 — CVSS 3.3 (low): Two memory leaks in the mwifiex_pcie_init_evt_ring() function in drivers/net/wireless/marvell/mwifiex/pcie.c in the Linux kernel through…
CVE-2019-19533 — CVSS 2.4 (low): In the Linux kernel before 5.3.4, there is an info-leak bug that can be caused by a malicious USB device in the drivers/media/usb/ttusb-dec/…
CVE-2019-19534 — CVSS 2.4 (low): In the Linux kernel before 5.3.11, there is an info-leak bug that can be caused by a malicious USB device in the drivers/net/can/usb/peak_us…