Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Suse_linux_enterprise_server
(Novell)| Repositories | https://github.com/torvalds/linux |
| #Vulnerabilities | 91 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2016-05-02 | CVE-2016-2188 | The iowarrior_probe function in drivers/usb/misc/iowarrior.c in the Linux kernel before 4.5.1 allows physically proximate attackers to cause a denial of service (NULL pointer dereference and system crash) via a crafted endpoints value in a USB device descriptor. | Ubuntu_linux, Linux_kernel, Suse_linux_enterprise_debuginfo, Suse_linux_enterprise_desktop, Suse_linux_enterprise_live_patching, Suse_linux_enterprise_module_for_public_cloud, Suse_linux_enterprise_real_time_extension, Suse_linux_enterprise_server, Suse_linux_enterprise_software_development_kit, Suse_linux_enterprise_workstation_extension | 4.6 | ||
| 2016-05-02 | CVE-2016-2187 | The gtco_probe function in drivers/input/tablet/gtco.c in the Linux kernel through 4.5.2 allows physically proximate attackers to cause a denial of service (NULL pointer dereference and system crash) via a crafted endpoints value in a USB device descriptor. | Ubuntu_linux, Linux_kernel, Suse_linux_enterprise_debuginfo, Suse_linux_enterprise_server, Suse_linux_enterprise_software_development_kit | 4.6 | ||
| 2016-05-02 | CVE-2016-3689 | The ims_pcu_parse_cdc_data function in drivers/input/misc/ims-pcu.c in the Linux kernel before 4.5.1 allows physically proximate attackers to cause a denial of service (system crash) via a USB device without both a master and a slave interface. | Ubuntu_linux, Linux_kernel, Suse_linux_enterprise_desktop, Suse_linux_enterprise_live_patching, Suse_linux_enterprise_module_for_public_cloud, Suse_linux_enterprise_real_time_extension, Suse_linux_enterprise_server, Suse_linux_enterprise_software_development_kit, Suse_linux_enterprise_workstation_extension | 4.6 | ||
| 2016-05-23 | CVE-2016-4482 | The proc_connectinfo function in drivers/usb/core/devio.c in the Linux kernel through 4.6 does not initialize a certain data structure, which allows local users to obtain sensitive information from kernel stack memory via a crafted USBDEVFS_CONNECTINFO ioctl call. | Ubuntu_linux, Fedora, Linux_kernel, Suse_linux_enterprise_debuginfo, Suse_linux_enterprise_desktop, Suse_linux_enterprise_live_patching, Suse_linux_enterprise_module_for_public_cloud, Suse_linux_enterprise_real_time_extension, Suse_linux_enterprise_server, Suse_linux_enterprise_software_development_kit, Suse_linux_enterprise_workstation_extension | 6.2 | ||
| 2016-05-23 | CVE-2016-4485 | The llc_cmsg_rcv function in net/llc/af_llc.c in the Linux kernel before 4.5.5 does not initialize a certain data structure, which allows attackers to obtain sensitive information from kernel stack memory by reading a message. | Ubuntu_linux, Linux_kernel, Suse_linux_enterprise_debuginfo, Suse_linux_enterprise_server, Suse_linux_enterprise_software_development_kit | 7.5 | ||
| 2016-05-23 | CVE-2016-4486 | The rtnl_fill_link_ifmap function in net/core/rtnetlink.c in the Linux kernel before 4.5.5 does not initialize a certain data structure, which allows local users to obtain sensitive information from kernel stack memory by reading a Netlink message. | Ubuntu_linux, Linux_kernel, Suse_linux_enterprise_debuginfo, Suse_linux_enterprise_desktop, Suse_linux_enterprise_live_patching, Suse_linux_enterprise_module_for_public_cloud, Suse_linux_enterprise_real_time_extension, Suse_linux_enterprise_server, Suse_linux_enterprise_software_development_kit, Suse_linux_enterprise_workstation_extension | 3.3 | ||
| 2016-05-23 | CVE-2016-4569 | The snd_timer_user_params function in sound/core/timer.c in the Linux kernel through 4.6 does not initialize a certain data structure, which allows local users to obtain sensitive information from kernel stack memory via crafted use of the ALSA timer interface. | Ubuntu_linux, Linux_kernel, Suse_linux_enterprise_debuginfo, Suse_linux_enterprise_desktop, Suse_linux_enterprise_live_patching, Suse_linux_enterprise_module_for_public_cloud, Suse_linux_enterprise_real_time_extension, Suse_linux_enterprise_server, Suse_linux_enterprise_software_development_kit, Suse_linux_enterprise_workstation_extension | 5.5 | ||
| 2016-06-03 | CVE-2016-0363 | The com.ibm.CORBA.iiop.ClientDelegate class in IBM SDK, Java Technology Edition 6 before SR16 FP25 (6.0.16.25), 6 R1 before SR8 FP25 (6.1.8.25), 7 before SR9 FP40 (7.0.9.40), 7 R1 before SR3 FP40 (7.1.3.40), and 8 before SR3 (8.0.3.0) uses the invoke method of the java.lang.reflect.Method class in an AccessController doPrivileged block, which allows remote attackers to call setSecurityManager and bypass a sandbox protection mechanism via vectors related to a Proxy object instance... | Java_sdk, Suse_linux_enterprise_module_for_legacy_software, Suse_linux_enterprise_server, Suse_linux_enterprise_software_development_kit, Suse_manager, Suse_manager_proxy, Suse_openstack_cloud, Enterprise_linux_desktop, Enterprise_linux_hpc_node_supplementary, Enterprise_linux_server, Enterprise_linux_server_eus, Enterprise_linux_workstation, Satellite | 8.1 | ||
| 2016-05-23 | CVE-2016-4913 | The get_rock_ridge_filename function in fs/isofs/rock.c in the Linux kernel before 4.5.5 mishandles NM (aka alternate name) entries containing \0 characters, which allows local users to obtain sensitive information from kernel memory or possibly have unspecified other impact via a crafted isofs filesystem. | Ubuntu_linux, Linux_kernel, Suse_linux_enterprise_debuginfo, Suse_linux_enterprise_server, Suse_linux_enterprise_software_development_kit, Linux | 7.8 | ||
| 2016-06-03 | CVE-2016-0376 | The com.ibm.rmi.io.SunSerializableFactory class in IBM SDK, Java Technology Edition 6 before SR16 FP25 (6.0.16.25), 6 R1 before SR8 FP25 (6.1.8.25), 7 before SR9 FP40 (7.0.9.40), 7 R1 before SR3 FP40 (7.1.3.40), and 8 before SR3 (8.0.3.0) does not properly deserialize classes in an AccessController doPrivileged block, which allows remote attackers to bypass a sandbox protection mechanism and execute arbitrary code as demonstrated by the readValue method of the... | Java_sdk, Suse_linux_enterprise_module_for_legacy_software, Suse_linux_enterprise_server, Suse_linux_enterprise_software_development_kit, Suse_manager, Suse_manager_proxy, Suse_openstack_cloud, Enterprise_linux_desktop, Enterprise_linux_hpc_node_supplementary, Enterprise_linux_server, Enterprise_linux_server_eus, Enterprise_linux_workstation, Satellite | 8.1 |