Vulnerabilities (CVE)

Vendor filter

Novell Subscribe

Product filter

Suse Linux Enterprise Live Patching Subscribe

Filter

25 total CVE
CVE Vendors Products Updated CVSS
CVE-2016-4578 6 Linux, Canonical, Novell and 3 more 19 Ubuntu Linux, Suse Linux Enterprise Live Patching, Linux Kernel and 16 more 2019-03-25 2.1
sound/core/timer.c in the Linux kernel through 4.6 does not initialize certain r1 data structures, which allows local users to obtain sensitive information from kernel stack memory via crafted use of the ALSA timer interface, related to the (1)...
CVE-2016-4486 3 Linux, Canonical, Novell 10 Ubuntu Linux, Suse Linux Enterprise Live Patching, Linux Kernel and 7 more 2018-12-20 2.1
The rtnl_fill_link_ifmap function in net/core/rtnetlink.c in the Linux kernel before 4.5.5 does not initialize a certain data structure, which allows local users to obtain sensitive information from kernel stack memory by reading a Netlink message.
CVE-2016-1583 3 Linux, Canonical, Novell 9 Ubuntu Linux, Suse Linux Enterprise Live Patching, Suse Linux Enterprise Software Development Kit and 6 more 2018-12-06 7.2
The ecryptfs_privileged_open function in fs/ecryptfs/kthread.c in the Linux kernel before 4.6.3 allows local users to gain privileges or cause a denial of service (stack memory consumption) via vectors involving crafted mmap calls for /proc...
CVE-2016-3672 3 Linux, Canonical, Novell 9 Ubuntu Linux, Suse Linux Enterprise Live Patching, Linux Kernel and 6 more 2018-10-09 4.6
The arch_pick_mmap_layout function in arch/x86/mm/mmap.c in the Linux kernel through 4.5.2 does not properly randomize the legacy base address, which makes it easier for local users to defeat the intended restrictions on the ADDR_NO_RANDOMIZE...
CVE-2016-4997 4 Linux, Oracle, Canonical and 1 more 10 Ubuntu Linux, Suse Linux Enterprise Live Patching, Linux Kernel and 7 more 2018-01-05 7.2
The compat IPT_SO_SET_REPLACE and IP6T_SO_SET_REPLACE setsockopt implementations in the netfilter subsystem in the Linux kernel before 4.6.3 allow local users to gain privileges or cause a denial of service (memory corruption) by leveraging...
CVE-2016-4569 3 Linux, Canonical, Novell 10 Ubuntu Linux, Suse Linux Enterprise Live Patching, Linux Kernel and 7 more 2018-01-05 2.1
The snd_timer_user_params function in sound/core/timer.c in the Linux kernel through 4.6 does not initialize a certain data structure, which allows local users to obtain sensitive information from kernel stack memory via crafted use of the ALSA...
CVE-2016-3156 3 Linux, Canonical, Novell 10 Ubuntu Linux, Suse Linux Enterprise Live Patching, Suse Linux Enterprise Software Development Kit and 7 more 2018-01-05 2.1
The IPv4 implementation in the Linux kernel before 4.5.2 mishandles destruction of device objects, which allows guest OS users to cause a denial of service (host OS networking outage) by arranging for a large number of IP addresses.
CVE-2016-3134 2 Linux, Novell 9 Suse Linux Enterprise Live Patching, Suse Linux Enterprise Software Development Kit, Suse Linux Enterprise Real Time Extension and 6 more 2018-01-05 7.2
The netfilter subsystem in the Linux kernel through 4.5.2 does not validate certain offset fields, which allows local users to gain privileges or cause a denial of service (heap memory corruption) via an IPT_SO_SET_REPLACE setsockopt call.
CVE-2016-2847 2 Linux, Novell 9 Suse Linux Enterprise Live Patching, Linux Kernel, Suse Linux Enterprise Real Time Extension and 6 more 2018-01-05 4.9
fs/pipe.c in the Linux kernel before 4.5 does not limit the amount of unread data in pipes, which allows local users to cause a denial of service (memory consumption) by creating many pipes with non-default sizes.
CVE-2015-8845 3 Suse, Linux, Novell 8 Linux Kernel, Suse Linux Enterprise Real Time Extension, Suse Linux Enterprise Workstation Extension and 5 more 2018-01-05 4.9
The tm_reclaim_thread function in arch/powerpc/kernel/process.c in the Linux kernel before 4.4.1 on powerpc platforms does not ensure that TM suspend mode exists before proceeding with a tm_reclaim call, which allows local users to cause a denial...
CVE-2016-3140 3 Linux, Canonical, Novell 10 Ubuntu Linux, Suse Linux Enterprise Live Patching, Suse Linux Enterprise Software Development Kit and 7 more 2017-09-08 4.9
The digi_port_init function in drivers/usb/serial/digi_acceleport.c in the Linux kernel before 4.5.1 allows physically proximate attackers to cause a denial of service (NULL pointer dereference and system crash) via a crafted endpoints value in a...
CVE-2016-3139 2 Linux, Novell 9 Suse Linux Enterprise Live Patching, Suse Linux Enterprise Software Development Kit, Suse Linux Enterprise Real Time Extension and 6 more 2017-09-08 4.9
The wacom_probe function in drivers/input/tablet/wacom_sys.c in the Linux kernel before 3.17 allows physically proximate attackers to cause a denial of service (NULL pointer dereference and system crash) via a crafted endpoints value in a USB...
CVE-2016-3136 3 Linux, Canonical, Novell 9 Ubuntu Linux, Suse Linux Enterprise Live Patching, Suse Linux Enterprise Software Development Kit and 6 more 2017-09-08 4.9
The mct_u232_msr_to_state function in drivers/usb/serial/mct_u232.c in the Linux kernel before 4.5.1 allows physically proximate attackers to cause a denial of service (NULL pointer dereference and system crash) via a crafted USB device without...
CVE-2016-2782 2 Linux, Novell 9 Suse Linux Enterprise Live Patching, Suse Linux Enterprise Software Development Kit, Suse Linux Enterprise Real Time Extension and 6 more 2017-09-08 4.9
The treo_attach function in drivers/usb/serial/visor.c in the Linux kernel before 4.5 allows physically proximate attackers to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact by...
CVE-2016-2188 3 Linux, Canonical, Novell 10 Ubuntu Linux, Suse Linux Enterprise Live Patching, Suse Linux Enterprise Software Development Kit and 7 more 2017-09-08 4.9
The iowarrior_probe function in drivers/usb/misc/iowarrior.c in the Linux kernel before 4.5.1 allows physically proximate attackers to cause a denial of service (NULL pointer dereference and system crash) via a crafted endpoints value in a USB...
CVE-2016-2184 3 Linux, Canonical, Novell 10 Ubuntu Linux, Suse Linux Enterprise Live Patching, Suse Linux Enterprise Software Development Kit and 7 more 2017-09-08 4.9
The create_fixed_stream_quirk function in sound/usb/quirks.c in the snd-usb-audio driver in the Linux kernel before 4.5.1 allows physically proximate attackers to cause a denial of service (NULL pointer dereference or double free, and system...
CVE-2016-3689 3 Linux, Novell, Canonical 9 Ubuntu Linux, Suse Linux Enterprise Live Patching, Suse Linux Enterprise Software Development Kit and 6 more 2017-09-03 4.9
The ims_pcu_parse_cdc_data function in drivers/input/misc/ims-pcu.c in the Linux kernel before 4.5.1 allows physically proximate attackers to cause a denial of service (system crash) via a USB device without both a master and a slave interface.
CVE-2016-4805 5 Canonical, Linux, Oracle and 2 more 12 Ubuntu Linux, Suse Linux Enterprise Live Patching, Suse Linux Enterprise Software Development Kit and 9 more 2017-08-13 7.2
Use-after-free vulnerability in drivers/net/ppp/ppp_generic.c in the Linux kernel before 4.5.2 allows local users to cause a denial of service (memory corruption and system crash, or spinlock) or possibly have unspecified other impact by removing...
CVE-2016-3951 4 Suse, Linux, Novell and 1 more 10 Ubuntu Linux, Suse Linux Enterprise Live Patching, Suse Linux Enterprise Software Development Kit and 7 more 2017-08-13 4.9
Double free vulnerability in drivers/net/usb/cdc_ncm.c in the Linux kernel before 4.5 allows physically proximate attackers to cause a denial of service (system crash) or possibly have unspecified other impact by inserting a USB device with an...
CVE-2015-8816 2 Linux, Novell 9 Suse Linux Enterprise Live Patching, Suse Linux Enterprise Software Development Kit, Suse Linux Enterprise Real Time Extension and 6 more 2016-12-03 7.2
The hub_activate function in drivers/usb/core/hub.c in the Linux kernel before 4.3.5 does not properly maintain a hub-interface data structure, which allows physically proximate attackers to cause a denial of service (invalid memory access and...