Vulnerabilities (CVE)

Vendor filter

Novell Subscribe

Product filter

Suse Linux Enterprise Real Time Extension Subscribe

Filter

39 total CVE
CVE Vendors Products Updated CVSS
CVE-2016-4805 5 Canonical, Linux, Oracle and 2 more 12 Ubuntu Linux, Suse Linux Enterprise Live Patching, Suse Linux Enterprise Software Development Kit and 9 more 2019-04-22 7.2
Use-after-free vulnerability in drivers/net/ppp/ppp_generic.c in the Linux kernel before 4.5.2 allows local users to cause a denial of service (memory corruption and system crash, or spinlock) or possibly have unspecified other impact by removing...
CVE-2016-4470 4 Linux, Oracle, Novell and 1 more 14 Linux Kernel, Suse Linux Enterprise Real Time Extension, Linux and 11 more 2019-04-22 4.9
The key_reject_and_link function in security/keys/key.c in the Linux kernel through 4.6.3 does not ensure that a certain data structure is initialized, which allows local users to cause a denial of service (system crash) via vectors involving a...
CVE-2016-4578 6 Linux, Canonical, Novell and 3 more 19 Ubuntu Linux, Suse Linux Enterprise Live Patching, Linux Kernel and 16 more 2019-03-25 2.1
sound/core/timer.c in the Linux kernel through 4.6 does not initialize certain r1 data structures, which allows local users to obtain sensitive information from kernel stack memory via crafted use of the ALSA timer interface, related to the (1)...
CVE-2016-4486 3 Linux, Canonical, Novell 10 Ubuntu Linux, Suse Linux Enterprise Live Patching, Linux Kernel and 7 more 2018-12-20 2.1
The rtnl_fill_link_ifmap function in net/core/rtnetlink.c in the Linux kernel before 4.5.5 does not initialize a certain data structure, which allows local users to obtain sensitive information from kernel stack memory by reading a Netlink message.
CVE-2015-8539 2 Linux, Novell 2 Linux Kernel, Suse Linux Enterprise Real Time Extension 2018-10-30 7.2
The KEYS subsystem in the Linux kernel before 4.4 allows local users to gain privileges or cause a denial of service (BUG) via crafted keyctl commands that negatively instantiate a key, related to security/keys/encrypted-keys/encrypted.c,...
CVE-2016-3672 3 Linux, Canonical, Novell 9 Ubuntu Linux, Suse Linux Enterprise Live Patching, Linux Kernel and 6 more 2018-10-09 4.6
The arch_pick_mmap_layout function in arch/x86/mm/mmap.c in the Linux kernel through 4.5.2 does not properly randomize the legacy base address, which makes it easier for local users to defeat the intended restrictions on the ADDR_NO_RANDOMIZE...
CVE-2015-7566 2 Linux, Novell 5 Linux Kernel, Suse Linux Enterprise Real Time Extension, Suse Linux Enterprise Debuginfo and 2 more 2018-10-09 4.9
The clie_5_attach function in drivers/usb/serial/visor.c in the Linux kernel through 4.4.1 allows physically proximate attackers to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact by...
CVE-2016-5829 3 Debian, Linux, Novell 3 Debian Linux, Linux Kernel, Suse Linux Enterprise Real Time Extension 2018-01-05 7.2
Multiple heap-based buffer overflows in the hiddev_ioctl_usage function in drivers/hid/usbhid/hiddev.c in the Linux kernel through 4.6.3 allow local users to cause a denial of service or possibly have unspecified other impact via a crafted (1)...
CVE-2016-5828 3 Debian, Linux, Novell 3 Debian Linux, Linux Kernel, Suse Linux Enterprise Real Time Extension 2018-01-05 7.2
The start_thread function in arch/powerpc/kernel/process.c in the Linux kernel through 4.6.3 on powerpc platforms mishandles transactional state, which allows local users to cause a denial of service (invalid process state or TM Bad Thing...
CVE-2016-4997 4 Linux, Oracle, Canonical and 1 more 10 Ubuntu Linux, Suse Linux Enterprise Live Patching, Linux Kernel and 7 more 2018-01-05 7.2
The compat IPT_SO_SET_REPLACE and IP6T_SO_SET_REPLACE setsockopt implementations in the netfilter subsystem in the Linux kernel before 4.6.3 allow local users to gain privileges or cause a denial of service (memory corruption) by leveraging...
CVE-2016-4569 3 Linux, Canonical, Novell 10 Ubuntu Linux, Suse Linux Enterprise Live Patching, Linux Kernel and 7 more 2018-01-05 2.1
The snd_timer_user_params function in sound/core/timer.c in the Linux kernel through 4.6 does not initialize a certain data structure, which allows local users to obtain sensitive information from kernel stack memory via crafted use of the ALSA...
CVE-2016-3156 3 Linux, Canonical, Novell 10 Ubuntu Linux, Suse Linux Enterprise Live Patching, Suse Linux Enterprise Software Development Kit and 7 more 2018-01-05 2.1
The IPv4 implementation in the Linux kernel before 4.5.2 mishandles destruction of device objects, which allows guest OS users to cause a denial of service (host OS networking outage) by arranging for a large number of IP addresses.
CVE-2016-3134 2 Linux, Novell 9 Suse Linux Enterprise Live Patching, Suse Linux Enterprise Software Development Kit, Suse Linux Enterprise Real Time Extension and 6 more 2018-01-05 7.2
The netfilter subsystem in the Linux kernel through 4.5.2 does not validate certain offset fields, which allows local users to gain privileges or cause a denial of service (heap memory corruption) via an IPT_SO_SET_REPLACE setsockopt call.
CVE-2016-2847 2 Linux, Novell 9 Suse Linux Enterprise Live Patching, Linux Kernel, Suse Linux Enterprise Real Time Extension and 6 more 2018-01-05 4.9
fs/pipe.c in the Linux kernel before 4.5 does not limit the amount of unread data in pipes, which allows local users to cause a denial of service (memory consumption) by creating many pipes with non-default sizes.
CVE-2016-2384 2 Linux, Novell 2 Linux Kernel, Suse Linux Enterprise Real Time Extension 2018-01-05 4.9
Double free vulnerability in the snd_usbmidi_create function in sound/usb/midi.c in the Linux kernel before 4.5 allows physically proximate attackers to cause a denial of service (panic) or possibly have unspecified other impact via vectors...
CVE-2015-8845 3 Suse, Linux, Novell 8 Linux Kernel, Suse Linux Enterprise Real Time Extension, Suse Linux Enterprise Workstation Extension and 5 more 2018-01-05 4.9
The tm_reclaim_thread function in arch/powerpc/kernel/process.c in the Linux kernel before 4.4.1 on powerpc platforms does not ensure that TM suspend mode exists before proceeding with a tm_reclaim call, which allows local users to cause a denial...
CVE-2015-8812 2 Linux, Novell 2 Linux Kernel, Suse Linux Enterprise Real Time Extension 2018-01-05 10.0
drivers/infiniband/hw/cxgb3/iwch_cm.c in the Linux kernel before 4.5 does not properly identify error conditions, which allows remote attackers to execute arbitrary code or cause a denial of service (use-after-free) via crafted packets.
CVE-2015-8552 4 Xen, Debian, Novell and 1 more 5 Debian Linux, Ubuntu Linux, Xen and 2 more 2017-11-04 1.7
The PCI backend driver in Xen, when running on an x86 system and using Linux 3.1.x through 4.3.x as the driver domain, allows local guest administrators to generate a continuous stream of WARN messages and cause a denial of service (disk...
CVE-2015-8551 5 Debian, Linux, Xen and 2 more 6 Ubuntu Linux, Linux Kernel, Suse Linux Enterprise Real Time Extension and 3 more 2017-11-04 4.7
The PCI backend driver in Xen, when running on an x86 system and using Linux 3.1.x through 4.3.x as the driver domain, allows local guest administrators to hit BUG conditions and cause a denial of service (NULL pointer dereference and host OS...
CVE-2015-8550 2 Xen, Novell 2 Xen, Suse Linux Enterprise Real Time Extension 2017-11-04 5.7
Xen, when used on a system providing PV backends, allows local guest OS administrators to cause a denial of service (host OS crash) or gain privileges by writing to memory shared between the frontend and backend, aka a double fetch vulnerability.