kernel-livepatch-SLE15_Update_18 (SUSE:Linux Enterprise Live Patching 15) — known CVEs & security advisories
Known CVE vulnerabilities and GitHub Security Advisories affecting the SUSE:Linux Enterprise Live Patching 15 package kernel-livepatch-SLE15_Update_18, with affected version ranges, CVSS severity, EPSS exploit prediction, and CISA KEV status.
CVEs (93)
CVE-2019-16746 — CVSS 9.8 (critical): An issue was discovered in net/wireless/nl80211.c in the Linux kernel through 5.2.17. It does not check the length of variable elements in…
CVE-2019-14896 — CVSS 9.8 (critical): A heap-based buffer overflow vulnerability was found in the Linux kernel, version kernel-2.6.32, in Marvell WiFi chip driver. A remote…
CVE-2019-14897 — CVSS 9.8 (critical): A stack-based buffer overflow was found in the Linux kernel, version kernel-2.6.32, in Marvell WiFi chip driver. An attacker is able to…
CVE-2020-12351 — CVSS 8.8 (high): Improper input validation in BlueZ may allow an unauthenticated user to potentially enable escalation of privilege via adjacent access.
CVE-2020-36158 — CVSS 8.8 (high): mwifiex_cmd_802_11_ad_hoc_start in drivers/net/wireless/marvell/mwifiex/join.c in the Linux kernel through 5.10.4 might allow remote…
CVE-2020-29569 — CVSS 8.8 (high): An issue was discovered in the Linux kernel through 5.10.1, as used with Xen through 4.14.x. The Linux kernel PV block backend expects the…
CVE-2019-19770 — CVSS 8.2 (high): In the Linux kernel 4.19.83, there is a use-after-free (read) in the debugfs_remove function in fs/debugfs/inode.c (which is used to remove…
CVE-2020-28374 — CVSS 8.1 (high): In drivers/target/target_core_xcopy.c in the Linux kernel before 5.10.7, insufficient identifier checking in the LIO SCSI target code can…
CVE-2021-29154 — CVSS 7.8 (high): BPF JIT compilers in the Linux kernel through 5.11.12 have incorrect computation of branch displacements, allowing them to execute…
CVE-2020-12657 — CVSS 7.8 (high): An issue was discovered in the Linux kernel before 5.6.5. There is a use-after-free in block/bfq-iosched.c related to…
CVE-2020-14381 — CVSS 7.8 (high): A flaw was found in the Linux kernel’s futex implementation. This flaw allows a local attacker to corrupt system memory or escalate their…
CVE-2019-19447 — CVSS 7.8 (high): In the Linux kernel 5.0.21, mounting a crafted ext4 filesystem image, performing some operations, and unmounting can lead to a…
CVE-2021-27365 — CVSS 7.8 (high): An issue was discovered in the Linux kernel through 5.11.3. Certain iSCSI data structures do not have appropriate length constraints or…
CVE-2021-33034 — CVSS 7.8 (high): In the Linux kernel before 5.12.4, net/bluetooth/hci_event.c has a use-after-free when destroying an hci_chan, aka CID-5c4c8c954409. This…
CVE-2020-0433 — CVSS 7.8 (high): In blk_mq_queue_tag_busy_iter of blk-mq-tag.c, there is a possible use after free due to improper locking. This could lead to local…
CVE-2020-0430 — CVSS 7.8 (high): In skb_headlen of /include/linux/skbuff.h, there is a possible out of bounds read due to memory corruption. This could lead to local…
CVE-2020-12653 — CVSS 7.8 (high): An issue was found in Linux kernel before 5.5.4. The mwifiex_cmd_append_vsie_tlv() function in drivers/net/wireless/marvell/mwifiex/scan.c…
CVE-2021-3444 — CVSS 7.8 (high): The bpf verifier in the Linux kernel did not properly handle mod32 destination register truncation when the source register was known to be…
CVE-2021-26930 — CVSS 7.8 (high): An issue was discovered in the Linux kernel 3.11 through 5.10.16, as used by Xen. To service requests to the PV backend, the driver maps…
CVE-2021-3347 — CVSS 7.8 (high): An issue was discovered in the Linux kernel through 5.10.11. PI futexes have a kernel stack use-after-free during fault handling, allowing…
CVE-2020-27786 — CVSS 7.8 (high): A flaw was found in the Linux kernel’s implementation of MIDI, where an attacker with a local account and the permissions to issue ioctl…
CVE-2020-0466 — CVSS 7.8 (high): In do_epoll_ctl and ep_loop_check_proc of eventpoll.c, there is a possible use after free due to a logic error. This could lead to local…
CVE-2020-7053 — CVSS 7.8 (high): In the Linux kernel 4.14 longterm through 4.14.165 and 4.19 longterm through 4.19.96 (and 5.x before 5.2), there is a use-after-free…
CVE-2020-10757 — CVSS 7.8 (high): A flaw was found in the Linux Kernel in versions after 4.5-rc1 in the way mremap handled DAX Huge Pages. This flaw allows a local attacker…
CVE-2020-29661 — CVSS 7.8 (high): A locking issue was discovered in the tty subsystem of the Linux kernel through 5.9.13. drivers/tty/tty_jobctrl.c allows a use-after-free…
CVE-2019-19768 — CVSS 7.5 (high): In the Linux kernel 5.4.0-rc2, there is a use-after-free (read) in the __blk_add_trace function in kernel/trace/blktrace.c (which is used…
CVE-2020-1749 — CVSS 7.5 (high): A flaw was found in the Linux kernel's implementation of some networking protocols in IPsec, such as VXLAN and GENEVE tunnels over IPv6…
CVE-2020-25645 — CVSS 7.5 (high): A flaw was found in the Linux kernel in versions before 5.9-rc7. Traffic between two Geneve endpoints may be unencrypted when IPsec is…
CVE-2020-25705 — CVSS 7.4 (high): A flaw in ICMP packets in the Linux kernel may allow an attacker to quickly scan open UDP ports. This flaw allows an off-path remote…
CVE-2020-8428 — CVSS 7.1 (high): fs/namei.c in the Linux kernel before 5.5 has a may_create_in_sticky use-after-free, which allows local users to cause a denial of service…
CVE-2020-8648 — CVSS 7.1 (high): There is a use-after-free vulnerability in the Linux kernel through 5.5.2 in the n_tty_receive_buf_common function in drivers/tty/n_tty.c.
CVE-2020-12654 — CVSS 7.1 (high): An issue was found in Linux kernel before 5.5.4. mwifiex_ret_wmm_get_status() in drivers/net/wireless/marvell/mwifiex/wmm.c allows a remote…
CVE-2020-9383 — CVSS 7.1 (high): An issue was discovered in the Linux kernel 3.16 through 5.5.6. set_fdc in drivers/block/floppy.c leads to a wait_til_ready out-of-bounds…
CVE-2021-27364 — CVSS 7.1 (high): An issue was discovered in the Linux kernel through 5.11.3. drivers/scsi/scsi_transport_iscsi.c is adversely affected by the ability of an…
CVE-2020-24394 — CVSS 7.1 (high): In the Linux kernel before 5.7.8, fs/nfsd/vfs.c (in the NFS server) can set incorrect permissions on new filesystem objects when the…
CVE-2020-11668 — CVSS 7.1 (high): In the Linux kernel before 5.6.1, drivers/media/usb/gspca/xirlink_cit.c (aka the Xirlink camera USB driver) mishandles invalid descriptors…
CVE-2020-25212 — CVSS 7.0 (high): A TOCTOU mismatch in the NFS client code in the Linux kernel before 5.8.3 could be used by local attackers to corrupt memory or possibly…
CVE-2021-32399 — CVSS 7.0 (high): net/bluetooth/hci_request.c in the Linux kernel through 5.12.2 has a race condition for removal of the HCI controller.
CVE-2019-9458 — CVSS 7.0 (high): In the Android kernel in the video driver there is a use after free due to a race condition. This could lead to local escalation of…
CVE-2020-29368 — CVSS 7.0 (high): An issue was discovered in __split_huge_pmd in mm/huge_memory.c in the Linux kernel before 5.7.5. The copy-on-write implementation can…
CVE-2020-25668 — CVSS 7.0 (high): A flaw was found in Linux Kernel because access to the global variable fg_console is not properly synchronized leading to a use after free…
CVE-2020-0465 — CVSS 6.8 (medium): In various methods of hid-multitouch.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local…
CVE-2020-0431 — CVSS 6.7 (medium): In kbd_keycode of keyboard.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of…
CVE-2020-15780 — CVSS 6.7 (medium): An issue was discovered in drivers/acpi/acpi_configfs.c in the Linux kernel before 5.7.7. Injection of malicious ACPI tables via configfs…
CVE-2020-12464 — CVSS 6.7 (medium): usb_sg_cancel in drivers/usb/core/message.c in the Linux kernel before 5.6.8 has a use-after-free because a transfer occurs without a…
CVE-2020-14386 — CVSS 6.7 (medium): A flaw was found in the Linux kernel before 5.9-rc4. Memory corruption can be exploited to gain root privileges from unprivileged…
CVE-2020-14331 — CVSS 6.6 (medium): A flaw was found in the Linux kernel’s implementation of the invert video code on VGA consoles when a local attacker attempts to resize…
CVE-2021-28688 — CVSS 6.5 (medium): The fix for XSA-365 includes initialization of pointers such that subsequent cleanup code wouldn't use uninitialized or stale values. This…
CVE-2020-10690 — CVSS 6.5 (medium): There is a use-after-free in kernel versions before 5.5 due to a race condition between the release of ptp_clock and cdev while resource…
CVE-2020-8834 — CVSS 6.5 (medium): KVM in the Linux kernel on Power8 processors has a conflicting use of HSTATE_HOST_R1 to store r1 state in kvmppc_hv_entry plus in…
CVE-2019-19319 — CVSS 6.5 (medium): In the Linux kernel before 5.2, a setxattr operation, after a mount of a crafted ext4 image, can cause a slab-out-of-bounds write access…
CVE-2020-13143 — CVSS 6.5 (medium): gadget_dev_desc_UDC_store in drivers/usb/gadget/configfs.c in the Linux kernel 3.16 through 5.6.13 relies on kstrdup without considering…
CVE-2020-10751 — CVSS 6.1 (medium): A flaw was found in the Linux kernels SELinux LSM hook implementation before version 5.7, where it incorrectly assumed that an skb would…
CVE-2020-8647 — CVSS 6.1 (medium): There is a use-after-free vulnerability in the Linux kernel through 5.5.2 in the vc_do_resize function in drivers/tty/vt/vt.c.
CVE-2020-10711 — CVSS 5.9 (medium): A NULL pointer dereference flaw was found in the Linux kernel's SELinux subsystem in versions before 5.7. This flaw occurs while importing…
CVE-2020-8649 — CVSS 5.9 (medium): There is a use-after-free vulnerability in the Linux kernel through 5.5.2 in the vgacon_invert_region function in drivers/video/console/vgac…
CVE-2020-2732 — CVSS 5.8 (medium): A flaw was discovered in the way that the KVM hypervisor handled instruction emulation for an L2 guest when nested virtualisation is…
CVE-2020-12769 — CVSS 5.5 (medium): An issue was discovered in the Linux kernel before 5.4.17. drivers/spi/spi-dw.c allows attackers to cause a panic via concurrent calls to…
CVE-2020-12655 — CVSS 5.5 (medium): An issue was discovered in xfs_agf_verify in fs/xfs/libxfs/xfs_alloc.c in the Linux kernel through 5.6.10. Attackers may trigger a sync of…
CVE-2020-11669 — CVSS 5.5 (medium): An issue was discovered in the Linux kernel before 5.2 on the powerpc platform. arch/powerpc/kernel/idle_book3s.S does not have…
CVE-2018-1000199 — CVSS 5.5 (medium): The Linux Kernel version 3.18 contains a dangerous feature vulnerability in modify_user_hw_breakpoint() that can result in crash and…
CVE-2020-10720 — CVSS 5.5 (medium): A flaw was found in the Linux kernel's implementation of GRO in versions before 5.2. This flaw allows an attacker with local access to…
CVE-2020-0543 — CVSS 5.5 (medium): Incomplete cleanup from specific special register read operations in some Intel(R) Processors may allow an authenticated user to…
CVE-2020-36322 — CVSS 5.5 (medium): An issue was discovered in the FUSE filesystem implementation in the Linux kernel before 5.10.6, aka CID-5d069dbe8aaf. fuse_do_getattr()…
CVE-2019-20812 — CVSS 5.5 (medium): An issue was discovered in the Linux kernel before 5.4.7. The prb_calc_retire_blk_tmo() function in net/packet/af_packet.c can result in a…
CVE-2019-20810 — CVSS 5.5 (medium): go7007_snd_init in drivers/media/usb/go7007/snd-go7007.c in the Linux kernel before 5.6 does not call snd_card_free for a failure path…
CVE-2019-14615 — CVSS 5.5 (medium): Insufficient control flow in certain data structures for some Intel(R) Processors with Intel(R) Processor Graphics may allow an…
CVE-2019-20096 — CVSS 5.5 (medium): In the Linux kernel before 5.1, there is a memory leak in __feat_register_sp() in net/dccp/feat.c, which may cause denial of service, aka…
CVE-2020-8694 — CVSS 5.5 (medium): Insufficient access control in the Linux kernel driver for some Intel(R) Processors may allow an authenticated user to potentially enable…
CVE-2019-20095 — CVSS 5.5 (medium): mwifiex_tm_cmd in drivers/net/wireless/marvell/mwifiex/cfg80211.c in the Linux kernel before 5.1.6 has some error-handling cases that did…
CVE-2020-8992 — CVSS 5.5 (medium): ext4_protect_reserved_inode in fs/ext4/block_validity.c in the Linux kernel through 5.5.3 allows attackers to cause a denial of service…
CVE-2019-20054 — CVSS 5.5 (medium): In the Linux kernel before 5.0.6, there is a NULL pointer dereference in drop_sysctl_table() in fs/proc/proc_sysctl.c, related to…
CVE-2021-26931 — CVSS 5.5 (medium): An issue was discovered in the Linux kernel 2.6.39 through 5.10.16, as used in Xen. Block, net, and SCSI backends consider certain errors a…
CVE-2019-19462 — CVSS 5.5 (medium): relay_open in kernel/relay.c in the Linux kernel through 5.4.1 allows local users to cause a denial of service (such as relay blockage) by…
CVE-2019-19036 — CVSS 5.5 (medium): btrfs_root_node in fs/btrfs/ctree.c in the Linux kernel through 5.3.12 allows a NULL pointer dereference because rcu_dereference(root->node)…
CVE-2020-12656 — CVSS 5.5 (medium): gss_mech_free in net/sunrpc/auth_gss/gss_mech_switch.c in the rpcsec_gss_krb5 implementation in the Linux kernel through 5.6.10 lacks…
CVE-2020-10942 — CVSS 5.3 (medium): In the Linux kernel before 5.5.8, get_raw_socket in drivers/vhost/net.c lacks validation of an sk_family field, which might allow attackers…
CVE-2020-12114 — CVSS 4.7 (medium): A pivot_root race condition in fs/namespace.c in the Linux kernel 4.4.x before 4.4.221, 4.9.x before 4.9.221, 4.14.x before 4.14.178…
CVE-2019-19965 — CVSS 4.7 (medium): In the Linux kernel through 5.4.6, there is a NULL pointer dereference in drivers/scsi/libsas/sas_discover.c because of mishandling of port…
CVE-2019-19054 — CVSS 4.7 (medium): A memory leak in the cx23888_ir_probe() function in drivers/media/pci/cx23885/cx23888-ir.c in the Linux kernel through 5.3.11 allows…
CVE-2019-16994 — CVSS 4.7 (medium): In the Linux kernel before 5.0, a memory leak exists in sit_init_net() in net/ipv6/sit.c when register_netdev() fails to register…
CVE-2019-19966 — CVSS 4.6 (medium): In the Linux kernel before 5.1.6, there is a use-after-free in cpia2_exit() in drivers/media/usb/cpia2/cpia2_v4l.c that will cause denial…
CVE-2019-19045 — CVSS 4.4 (medium): A memory leak in the mlx5_fpga_conn_create_cq() function in drivers/net/ethernet/mellanox/mlx5/core/fpga/conn.c in the Linux kernel before…
CVE-2020-11494 — CVSS 4.4 (medium): An issue was discovered in slc_bump in drivers/net/can/slcan.c in the Linux kernel 3.16 through 5.6.2. It allows attackers to read…
CVE-2020-29660 — CVSS 4.4 (medium): A locking inconsistency issue was discovered in the tty subsystem of the Linux kernel through 5.9.13. drivers/tty/tty_io.c and…
CVE-2019-3701 — CVSS 4.4 (medium): An issue was discovered in can_can_gw_rcv in net/can/gw.c in the Linux kernel through 4.19.13. The CAN frame modification rules allow…
CVE-2019-19318 — CVSS 4.4 (medium): In the Linux kernel 5.3.11, mounting a crafted btrfs image twice can cause an rwsem_down_write_slowpath use-after-free because (in…
CVE-2021-27363 — CVSS 4.4 (medium): An issue was discovered in the Linux kernel through 5.11.3. A kernel pointer leak can be used to determine the address of the…
CVE-2020-11609 — CVSS 4.3 (medium): An issue was discovered in the stv06xx subsystem in the Linux kernel before 5.6.1. drivers/media/usb/gspca/stv06xx/stv06xx.c and…
CVE-2020-11608 — CVSS 4.3 (medium): An issue was discovered in the Linux kernel before 5.6.1. drivers/media/usb/gspca/ov519.c allows NULL pointer dereferences in…
CVE-2020-12652 — CVSS 4.1 (medium): The __mptctl_ioctl function in drivers/message/fusion/mptctl.c in the Linux kernel before 5.4.14 allows local users to hold an incorrect…
CVE-2020-10732 — CVSS 3.3 (low): A flaw was found in the Linux kernel's implementation of Userspace core dumps. This flaw allows an attacker with a local account to crash a…
CVE-2019-9455 — CVSS 2.3 (low): In the Android kernel in the video driver there is a kernel pointer leak due to a WARN_ON statement. This could lead to local information…