kgraft-patch-SLE12-SP2_Update_34 (SUSE:OpenStack Cloud 7) — known CVEs & security advisories
Known CVE vulnerabilities and GitHub Security Advisories affecting the SUSE:OpenStack Cloud 7 package kgraft-patch-SLE12-SP2_Update_34, with affected version ranges, CVSS severity, EPSS exploit prediction, and CISA KEV status.
CVEs (57)
CVE-2019-14901 — CVSS 9.8 (critical): A heap overflow flaw was found in the Linux kernel, all versions 3.x.x and 4.x.x before 4.18.0, in Marvell WiFi chip driver. The…
CVE-2019-14895 — CVSS 9.8 (critical): A heap-based buffer overflow was discovered in the Linux kernel, all versions 3.x.x and 4.x.x before 4.18.0, in Marvell WiFi chip driver…
CVE-2019-14897 — CVSS 9.8 (critical): A stack-based buffer overflow was found in the Linux kernel, version kernel-2.6.32, in Marvell WiFi chip driver. An attacker is able to…
CVE-2019-14896 — CVSS 9.8 (critical): A heap-based buffer overflow vulnerability was found in the Linux kernel, version kernel-2.6.32, in Marvell WiFi chip driver. A remote…
CVE-2019-19447 — CVSS 7.8 (high): In the Linux kernel 5.0.21, mounting a crafted ext4 filesystem image, performing some operations, and unmounting can lead to a…
CVE-2017-18255 — CVSS 7.8 (high): The perf_cpu_time_max_percent_handler function in kernel/events/core.c in the Linux kernel before 4.11 allows local users to cause a denial…
CVE-2019-18675 — CVSS 7.8 (high): The Linux kernel through 5.3.13 has a start_offset+size Integer Overflow in cpia2_remap_buffer in drivers/media/usb/cpia2/cpia2_core.c…
CVE-2019-19074 — CVSS 7.5 (high): A memory leak in the ath9k_wmi_cmd() function in drivers/net/wireless/ath/ath9k/wmi.c in the Linux kernel through 5.3.11 allows attackers…
CVE-2019-19052 — CVSS 7.5 (high): A memory leak in the gs_can_open() function in drivers/net/can/usb/gs_usb.c in the Linux kernel before 5.3.11 allows attackers to cause a…
CVE-2019-19768 — CVSS 7.5 (high): In the Linux kernel 5.4.0-rc2, there is a use-after-free (read) in the __blk_add_trace function in kernel/trace/blktrace.c (which is used…
CVE-2020-9383 — CVSS 7.1 (high): An issue was discovered in the Linux kernel 3.16 through 5.5.6. set_fdc in drivers/block/floppy.c leads to a wait_til_ready out-of-bounds…
CVE-2020-8648 — CVSS 7.1 (high): There is a use-after-free vulnerability in the Linux kernel through 5.5.2 in the n_tty_receive_buf_common function in drivers/tty/n_tty.c.
CVE-2019-18683 — CVSS 7.0 (high): An issue was discovered in drivers/media/platform/vivid in the Linux kernel through 5.3.8. It is exploitable for privilege escalation on…
CVE-2019-9458 — CVSS 7.0 (high): In the Android kernel in the video driver there is a use after free due to a race condition. This could lead to local escalation of…
CVE-2019-19532 — CVSS 6.8 (medium): In the Linux kernel before 5.3.9, there are multiple out-of-bounds write bugs that can be caused by a malicious USB device in the Linux…
CVE-2019-19531 — CVSS 6.8 (medium): In the Linux kernel before 5.2.9, there is a use-after-free bug that can be caused by a malicious USB device in the drivers/usb/misc/yurex.c…
CVE-2019-19527 — CVSS 6.8 (medium): In the Linux kernel before 5.2.10, there is a use-after-free bug that can be caused by a malicious USB device in the drivers/hid/usbhid/hidd…
CVE-2019-5108 — CVSS 6.5 (medium): An exploitable denial-of-service vulnerability exists in the Linux kernel prior to mainline 5.3. An attacker could exploit this…
CVE-2019-19319 — CVSS 6.5 (medium): In the Linux kernel before 5.2, a setxattr operation, after a mount of a crafted ext4 image, can cause a slab-out-of-bounds write access…
CVE-2020-10690 — CVSS 6.5 (medium): There is a use-after-free in kernel versions before 5.5 due to a race condition between the release of ptp_clock and cdev while resource…
CVE-2019-19332 — CVSS 6.1 (medium): An out-of-bounds memory write issue was found in the Linux Kernel, version 3.13 through 5.4, in the way the Linux kernel's KVM hypervisor…
CVE-2020-8647 — CVSS 6.1 (medium): There is a use-after-free vulnerability in the Linux kernel through 5.5.2 in the vc_do_resize function in drivers/tty/vt/vt.c.
CVE-2018-12130 — CVSS 5.9 (medium): Microarchitectural Fill Buffer Data Sampling (MFBDS): Fill buffers on some microprocessors utilizing speculative execution may allow an…
CVE-2020-8649 — CVSS 5.9 (medium): There is a use-after-free vulnerability in the Linux kernel through 5.5.2 in the vgacon_invert_region function in drivers/video/console/vgac…
CVE-2020-2732 — CVSS 5.8 (medium): A flaw was discovered in the way that the KVM hypervisor handled instruction emulation for an L2 guest when nested virtualisation is…
CVE-2019-11091 — CVSS 5.6 (medium): Microarchitectural Data Sampling Uncacheable Memory (MDSUM): Uncacheable memory on some microprocessors utilizing speculative execution may…
CVE-2018-12127 — CVSS 5.6 (medium): Microarchitectural Load Port Data Sampling (MLPDS): Load ports on some microprocessors utilizing speculative execution may allow an…
CVE-2018-12126 — CVSS 5.6 (medium): Microarchitectural Store Buffer Data Sampling (MSBDS): Store buffers on some microprocessors utilizing speculative execution may allow an…
CVE-2019-20054 — CVSS 5.5 (medium): In the Linux kernel before 5.0.6, there is a NULL pointer dereference in drop_sysctl_table() in fs/proc/proc_sysctl.c, related to…
CVE-2019-14615 — CVSS 5.5 (medium): Insufficient control flow in certain data structures for some Intel(R) Processors with Intel(R) Processor Graphics may allow an…
CVE-2019-20096 — CVSS 5.5 (medium): In the Linux kernel before 5.1, there is a memory leak in __feat_register_sp() in net/dccp/feat.c, which may cause denial of service, aka…
CVE-2020-10720 — CVSS 5.5 (medium): A flaw was found in the Linux kernel's implementation of GRO in versions before 5.2. This flaw allows an attacker with local access to…
CVE-2019-19767 — CVSS 5.5 (medium): The Linux kernel before 5.4.2 mishandles ext4_expand_extra_isize, as demonstrated by use-after-free errors in __ext4_expand_extra_isize and…
CVE-2020-8992 — CVSS 5.5 (medium): ext4_protect_reserved_inode in fs/ext4/block_validity.c in the Linux kernel through 5.5.3 allows attackers to cause a denial of service…
CVE-2018-21008 — CVSS 5.5 (medium): An issue was discovered in the Linux kernel before 4.16.7. A use-after-free can be caused by the function rsi_mac80211_detach in the file…
CVE-2020-10942 — CVSS 5.3 (medium): In the Linux kernel before 5.5.8, get_raw_socket in drivers/vhost/net.c lacks validation of an sk_family field, which might allow attackers…
CVE-2019-19066 — CVSS 4.7 (medium): A memory leak in the bfad_im_get_stats() function in drivers/scsi/bfa/bfad_attr.c in the Linux kernel through 5.3.11 allows attackers to…
CVE-2019-19062 — CVSS 4.7 (medium): A memory leak in the crypto_report() function in crypto/crypto_user_base.c in the Linux kernel through 5.3.11 allows attackers to cause a…
CVE-2019-18660 — CVSS 4.7 (medium): The Linux kernel before 5.4.1 on powerpc allows Information Exposure because the Spectre-RSB mitigation is not in place for all applicable…
CVE-2019-19965 — CVSS 4.7 (medium): In the Linux kernel through 5.4.6, there is a NULL pointer dereference in drivers/scsi/libsas/sas_discover.c because of mishandling of port…
CVE-2019-19966 — CVSS 4.6 (medium): In the Linux kernel before 5.1.6, there is a use-after-free in cpia2_exit() in drivers/media/usb/cpia2/cpia2_v4l.c that will cause denial…
CVE-2019-19536 — CVSS 4.6 (medium): In the Linux kernel before 5.2.9, there is an info-leak bug that can be caused by a malicious USB device in the drivers/net/can/usb/peak_usb…
CVE-2019-19535 — CVSS 4.6 (medium): In the Linux kernel before 5.2.9, there is an info-leak bug that can be caused by a malicious USB device in the drivers/net/can/usb/peak_usb…
CVE-2019-15213 — CVSS 4.6 (medium): An issue was discovered in the Linux kernel before 5.2.3. There is a use-after-free caused by a malicious USB device in the…
CVE-2019-19530 — CVSS 4.6 (medium): In the Linux kernel before 5.2.10, there is a use-after-free bug that can be caused by a malicious USB device in the drivers/usb/class/cdc-a…
CVE-2019-19525 — CVSS 4.6 (medium): In the Linux kernel before 5.3.6, there is a use-after-free bug that can be caused by a malicious USB device in the drivers/net/ieee802154/a…
CVE-2019-19524 — CVSS 4.6 (medium): In the Linux kernel before 5.3.12, there is a use-after-free bug that can be caused by a malicious USB device in the drivers/input/ff-memles…
CVE-2019-19523 — CVSS 4.6 (medium): In the Linux kernel before 5.3.7, there is a use-after-free bug that can be caused by a malicious USB device in the drivers/usb/misc/adutux…
CVE-2019-3701 — CVSS 4.4 (medium): An issue was discovered in can_can_gw_rcv in net/can/gw.c in the Linux kernel through 4.19.13. The CAN frame modification rules allow…
CVE-2020-11494 — CVSS 4.4 (medium): An issue was discovered in slc_bump in drivers/net/can/slcan.c in the Linux kernel 3.16 through 5.6.2. It allows attackers to read…
CVE-2020-11608 — CVSS 4.3 (medium): An issue was discovered in the Linux kernel before 5.6.1. drivers/media/usb/gspca/ov519.c allows NULL pointer dereferences in…
CVE-2020-11609 — CVSS 4.3 (medium): An issue was discovered in the stv06xx subsystem in the Linux kernel before 5.6.1. drivers/media/usb/gspca/stv06xx/stv06xx.c and…
CVE-2019-19537 — CVSS 4.2 (medium): In the Linux kernel before 5.2.10, there is a race condition bug that can be caused by a malicious USB device in the USB character device…
CVE-2019-19073 — CVSS 4.0 (medium): Memory leaks in drivers/net/wireless/ath/ath9k/htc_hst.c in the Linux kernel through 5.3.11 allow attackers to cause a denial of service…
CVE-2019-19533 — CVSS 2.4 (low): In the Linux kernel before 5.3.4, there is an info-leak bug that can be caused by a malicious USB device in the drivers/media/usb/ttusb-dec/…
CVE-2019-19534 — CVSS 2.4 (low): In the Linux kernel before 5.3.11, there is an info-leak bug that can be caused by a malicious USB device in the drivers/net/can/usb/peak_us…
CVE-2019-9455 — CVSS 2.3 (low): In the Android kernel in the video driver there is a kernel pointer leak due to a WARN_ON statement. This could lead to local information…