Computer vulnerabilities of SLES

Linux kernel: memory leak via __feat_register_sp
An attacker can create a memory leak via __feat_register_sp() of the Linux kernel, in order to trigger a denial of service...
CERTFR-2020-AVI-029, CVE-2019-20096, SUSE-SU-2020:0093-1, VIGILANCE-VUL-31249

Linux kernel: NULL pointer dereference via drop_sysctl_table
An attacker can force a NULL pointer to be dereferenced via drop_sysctl_table() of the Linux kernel, in order to trigger a denial of service...
CERTFR-2020-AVI-029, CVE-2019-20054, SUSE-SU-2020:0093-1, VIGILANCE-VUL-31241

SUSE LE: file corruption via trousers
A local attacker can create a symbolic link during the installation or the update of the trousers package, in order to alter the pointed file, with root privileges...
1157651, CVE-2019-18898, openSUSE-SU-2020:0015-1, SUSE-SU-2019:3349-1, VIGILANCE-VUL-31195

Apache Tomcat: privilege escalation via FORM authentication session fixation
An attacker can bypass restrictions via FORM authentication session fixation of Apache Tomcat, in order to escalate his privileges...
CERTFR-2019-AVI-643, CVE-2019-17563, DSA-4596-1, K24551552, openSUSE-SU-2020:0038-1, SUSE-SU-2020:0029-1, SUSE-SU-2020:0226-1, VIGILANCE-VUL-31188

Xen: denial of service via Debug Exceptions Blocked States
An attacker can trigger a fatal error via Debug Exceptions Blocked States of Xen, in order to trigger a denial of service...
CERTFR-2019-AVI-628, CERTFR-2019-AVI-630, CTX266932, CVE-2019-19583, DSA-4602-1, FEDORA-2019-2e12bd3a9a, openSUSE-SU-2020:0011-1, SUSE-SU-2019:3296-1, SUSE-SU-2019:3297-1, SUSE-SU-2019:3309-1, SUSE-SU-2019:3310-1, SUSE-SU-2019:3338-1, VIGILANCE-VUL-31124, XSA-308

Linux kernel: memory leak via netdev_register_kobject
An attacker can create a memory leak via netdev_register_kobject() of the Linux kernel, in order to trigger a denial of service...
CERTFR-2019-AVI-612, CERTFR-2019-AVI-635, CERTFR-2019-AVI-639, CERTFR-2019-AVI-652, CERTFR-2020-AVI-029, CVE-2019-15916, openSUSE-SU-2019:2675-1, RHSA-2019:3309-01, RHSA-2019:3517-01, SSB-439005, SUSE-SU-2019:3200-1, SUSE-SU-2019:3289-1, SUSE-SU-2019:3294-1, SUSE-SU-2019:3295-1, SUSE-SU-2019:3316-1, SUSE-SU-2019:3317-1, SUSE-SU-2019:3371-1, SUSE-SU-2019:3372-1, SUSE-SU-2019:3381-1, SUSE-SU-2020:0093-1, VIGILANCE-VUL-31092

OpenSSL: information disclosure via Montgomery Squaring rsaz_512_sqr Overflow
An attacker can bypass access restrictions to data via Montgomery Squaring rsaz_512_sqr() Overflow of OpenSSL, in order to obtain sensitive information...
CERTFR-2019-AVI-611, CVE-2019-1551, DSA-4594-1, openSUSE-SU-2020:0062-1, SSA:2019-354-01, SSB-439005, SUSE-SU-2020:0002-1, SUSE-SU-2020:0028-1, SUSE-SU-2020:0064-1, SUSE-SU-2020:0069-1, SUSE-SU-2020:0099-1, VIGILANCE-VUL-31088

OpenCV: denial of service via cv-HOGDescriptor-getDescriptorSize
An attacker can trigger a fatal error via cv::HOGDescriptor::getDescriptorSize() of OpenCV, in order to trigger a denial of service...
CVE-2019-15939, openSUSE-SU-2019:2671-1, SUSE-SU-2019:3192-1, VIGILANCE-VUL-31080

FFmpeg: NULL pointer dereference via ff_mpeg4_decode_picture_header
An attacker can force a NULL pointer to be dereferenced via ff_mpeg4_decode_picture_header() of FFmpeg, in order to trigger a denial of service...
CVE-2018-13301, SUSE-SU-2019:3184-1, VIGILANCE-VUL-31068

Linux kernel: information disclosure via drivers/net/can/usb/peak_usb/pcan_usb_pro.c
A local attacker can read a memory fragment via drivers/net/can/usb/peak_usb/pcan_usb_pro.c of the Linux kernel, in order to obtain sensitive information...
CERTFR-2019-AVI-639, CERTFR-2019-AVI-652, CERTFR-2019-AVI-655, CERTFR-2020-AVI-029, CVE-2019-19536, DLA-2068-1, openSUSE-SU-2019:2675-1, SUSE-SU-2019:3289-1, SUSE-SU-2019:3316-1, SUSE-SU-2019:3317-1, SUSE-SU-2019:3372-1, SUSE-SU-2019:3379-1, SUSE-SU-2019:3381-1, SUSE-SU-2019:3389-1, SUSE-SU-2020:0093-1, VIGILANCE-VUL-31055

Our database contains other pages. You can request a free trial to read them.

Display information about SLES:

https://www.suse.com/products/server/