Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Leap
(Opensuse)| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2019-11-18 | CVE-2019-19057 | Two memory leaks in the mwifiex_pcie_init_evt_ring() function in drivers/net/wireless/marvell/mwifiex/pcie.c in the Linux kernel through 5.3.11 allow attackers to cause a denial of service (memory consumption) by triggering mwifiex_map_pci_memory() failures, aka CID-d10dcb615c8e. | Brocade_fabric_operating_system_firmware, Ubuntu_linux, Debian_linux, Fedora, Linux_kernel, Active_iq_unified_manager, Aff_baseboard_management_controller, Cloud_backup, Data_availability_services, E\-Series_santricity_os_controller, Fas\/aff_baseboard_management_controller, Hci_baseboard_management_controller, Hci_compute_node_firmware, Solidfire\,_enterprise_sds_\&_hci_storage_node, Solidfire_\&_hci_management_node, Solidfire_baseboard_management_controller_firmware, Steelstore_cloud_integrated_storage, Leap | 3.3 | ||
| 2019-11-18 | CVE-2019-19058 | A memory leak in the alloc_sgtable() function in drivers/net/wireless/intel/iwlwifi/fw/dbg.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering alloc_page() failures, aka CID-b4b814fec1a5. | Ubuntu_linux, Fedora, Linux_kernel, Leap | 4.7 | ||
| 2019-11-18 | CVE-2019-19062 | A memory leak in the crypto_report() function in crypto/crypto_user_base.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering crypto_report_alg() failures, aka CID-ffdde5932042. | Ubuntu_linux, Debian_linux, Fedora, Linux_kernel, Leap, Enterprise_linux | 4.7 | ||
| 2019-11-18 | CVE-2019-19063 | Two memory leaks in the rtl_usb_probe() function in drivers/net/wireless/realtek/rtlwifi/usb.c in the Linux kernel through 5.3.11 allow attackers to cause a denial of service (memory consumption), aka CID-3f9361695113. | Brocade_fabric_operating_system_firmware, Ubuntu_linux, Fedora, Linux_kernel, Active_iq_unified_manager, Aff_baseboard_management_controller, Cloud_backup, Data_availability_services, E\-Series_santricity_os_controller, Fas\/aff_baseboard_management_controller, Hci_baseboard_management_controller, Hci_compute_node_firmware, Solidfire\,_enterprise_sds_\&_hci_storage_node, Solidfire_\&_hci_management_node, Solidfire_baseboard_management_controller_firmware, Steelstore_cloud_integrated_storage, Leap, Sd\-Wan_edge | 4.6 | ||
| 2019-11-18 | CVE-2019-19066 | A memory leak in the bfad_im_get_stats() function in drivers/scsi/bfa/bfad_attr.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering bfa_port_get_stats() failures, aka CID-0e62395da2bd. | Ubuntu_linux, Debian_linux, Fedora, Linux_kernel, Leap, Enterprise_linux | 4.7 | ||
| 2019-11-18 | CVE-2019-19068 | A memory leak in the rtl8xxxu_submit_int_urb() function in drivers/net/wireless/realtek/rtl8xxxu/rtl8xxxu_core.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering usb_submit_urb() failures, aka CID-a2cdd07488e6. | Ubuntu_linux, Debian_linux, Fedora, Linux_kernel, Leap, Enterprise_linux | 4.6 | ||
| 2019-11-18 | CVE-2019-19073 | Memory leaks in drivers/net/wireless/ath/ath9k/htc_hst.c in the Linux kernel through 5.3.11 allow attackers to cause a denial of service (memory consumption) by triggering wait_for_completion_timeout() failures. This affects the htc_config_pipe_credits() function, the htc_setup_complete() function, and the htc_connect_service() function, aka CID-853acf7caf10. | Fedora, Linux_kernel, Leap | 4.0 | ||
| 2019-11-19 | CVE-2019-18934 | Unbound 1.6.4 through 1.9.4 contain a vulnerability in the ipsec module that can cause shell code execution after receiving a specially crafted answer. This issue can only be triggered if unbound was compiled with `--enable-ipsecmod` support, and ipsecmod is enabled and used in the configuration. | Fedora, Unbound, Leap | 7.3 | ||
| 2019-11-22 | CVE-2019-18622 | An issue was discovered in phpMyAdmin before 4.9.2. A crafted database/table name can be used to trigger a SQL injection attack through the designer feature. | Fedora, Backports_sle, Leap, Phpmyadmin | 9.8 | ||
| 2019-11-26 | CVE-2019-12523 | An issue was discovered in Squid before 4.9. When handling a URN request, a corresponding HTTP request is made. This HTTP request doesn't go through the access checks that incoming HTTP requests go through. This causes all access checks to be bypassed and allows access to restricted HTTP servers, e.g., an attacker can connect to HTTP servers that only listen on localhost. | Ubuntu_linux, Debian_linux, Fedora, Leap, Squid | 9.1 |