The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a database and tools to fix them.

Computer vulnerabilities of SUSE Linux Enterprise Desktop

threat note CVE-2019-14857

mod_auth_openidc: open redirect via Logout Backslashes Url

Synthesis of the vulnerability

An attacker can deceive the user via Logout Backslashes Url of mod_auth_openidc, in order to redirect him to a malicious site.
Severity: 1/4.
Creation date: 28/10/2019.
Identifiers: CVE-2019-14857, FEDORA-2019-23638d42f3, FEDORA-2019-7b06f18a10, SUSE-SU-2019:2934-1, SUSE-SU-2019:2935-1, VIGILANCE-VUL-30724.
Full Vigil@nce bulletin... (Free trial)

Description of the vulnerability

An attacker can deceive the user via Logout Backslashes Url of mod_auth_openidc, in order to redirect him to a malicious site.
Full Vigil@nce bulletin... (Free trial)

threat alert CVE-2018-20651

libbfd: NULL pointer dereference via elf_link_add_object_symbols

Synthesis of the vulnerability

An attacker can force a NULL pointer to be dereferenced via elf_link_add_object_symbols() of libbfd, in order to trigger a denial of service.
Severity: 1/4.
Creation date: 15/10/2019.
Identifiers: CVE-2018-20651, openSUSE-SU-2019:2415-1, openSUSE-SU-2019:2432-1, SSB-439005, SUSE-SU-2019:2650-1, VIGILANCE-VUL-30625.
Full Vigil@nce bulletin... (Free trial)

Description of the vulnerability

An attacker can force a NULL pointer to be dereferenced via elf_link_add_object_symbols() of libbfd, in order to trigger a denial of service.
Full Vigil@nce bulletin... (Free trial)

computer vulnerability alert CVE-2019-16995

Linux kernel: memory leak via hsr_dev_finalize

Synthesis of the vulnerability

An attacker can create a memory leak via hsr_dev_finalize() of the Linux kernel, in order to trigger a denial of service.
Severity: 1/4.
Creation date: 01/10/2019.
Identifiers: CVE-2019-16995, openSUSE-SU-2019:2444-1, SUSE-SU-2019:2946-1, SUSE-SU-2019:2947-1, SUSE-SU-2019:2949-1, SUSE-SU-2019:2951-1, SUSE-SU-2019:2952-1, SUSE-SU-2019:2953-1, VIGILANCE-VUL-30486.
Full Vigil@nce bulletin... (Free trial)

Description of the vulnerability

An attacker can create a memory leak via hsr_dev_finalize() of the Linux kernel, in order to trigger a denial of service.
Full Vigil@nce bulletin... (Free trial)

computer vulnerability bulletin CVE-2019-15920

Linux kernel: use after free via SMB2_read

Synthesis of the vulnerability

An attacker can force the usage of a freed memory area via SMB2_read() of the Linux kernel, in order to trigger a denial of service, and possibly to run code.
Severity: 1/4.
Creation date: 25/09/2019.
Identifiers: CERTFR-2019-AVI-455, CERTFR-2019-AVI-502, CERTFR-2019-AVI-503, CERTFR-2019-AVI-530, CVE-2019-15920, openSUSE-SU-2019:2173-1, openSUSE-SU-2019:2181-1, SUSE-SU-2019:2412-1, SUSE-SU-2019:2424-1, SUSE-SU-2019:2648-1, SUSE-SU-2019:2651-1, SUSE-SU-2019:2658-1, SUSE-SU-2019:2738-1, VIGILANCE-VUL-30408.
Full Vigil@nce bulletin... (Free trial)

Description of the vulnerability

An attacker can force the usage of a freed memory area via SMB2_read() of the Linux kernel, in order to trigger a denial of service, and possibly to run code.
Full Vigil@nce bulletin... (Free trial)

vulnerability alert CVE-2019-15919

Linux kernel: use after free via SMB2_write

Synthesis of the vulnerability

An attacker can force the usage of a freed memory area via SMB2_write() of the Linux kernel, in order to trigger a denial of service, and possibly to run code.
Severity: 1/4.
Creation date: 25/09/2019.
Identifiers: CERTFR-2019-AVI-455, CERTFR-2019-AVI-502, CERTFR-2019-AVI-503, CERTFR-2019-AVI-530, CVE-2019-15919, openSUSE-SU-2019:2173-1, openSUSE-SU-2019:2181-1, SUSE-SU-2019:2412-1, SUSE-SU-2019:2424-1, SUSE-SU-2019:2648-1, SUSE-SU-2019:2651-1, SUSE-SU-2019:2658-1, SUSE-SU-2019:2738-1, VIGILANCE-VUL-30407.
Full Vigil@nce bulletin... (Free trial)

Description of the vulnerability

An attacker can force the usage of a freed memory area via SMB2_write() of the Linux kernel, in order to trigger a denial of service, and possibly to run code.
Full Vigil@nce bulletin... (Free trial)

security vulnerability CVE-2019-15921

Linux kernel: memory leak via genl_register_family

Synthesis of the vulnerability

An attacker can create a memory leak via genl_register_family() of the Linux kernel, in order to trigger a denial of service.
Severity: 1/4.
Creation date: 25/09/2019.
Identifiers: CERTFR-2019-AVI-455, CERTFR-2019-AVI-502, CERTFR-2019-AVI-503, CERTFR-2019-AVI-530, CVE-2019-15921, openSUSE-SU-2019:2173-1, openSUSE-SU-2019:2181-1, SUSE-SU-2019:2412-1, SUSE-SU-2019:2424-1, SUSE-SU-2019:2648-1, SUSE-SU-2019:2651-1, SUSE-SU-2019:2658-1, SUSE-SU-2019:2738-1, VIGILANCE-VUL-30406.
Full Vigil@nce bulletin... (Free trial)

Description of the vulnerability

An attacker can create a memory leak via genl_register_family() of the Linux kernel, in order to trigger a denial of service.
Full Vigil@nce bulletin... (Free trial)

threat alert CVE-2019-15917

Linux kernel: use after free via hci_uart_register_dev

Synthesis of the vulnerability

An attacker can force the usage of a freed memory area via hci_uart_register_dev() of the Linux kernel, in order to trigger a denial of service, and possibly to run code.
Severity: 1/4.
Creation date: 25/09/2019.
Identifiers: CERTFR-2019-AVI-455, CERTFR-2019-AVI-502, CERTFR-2019-AVI-503, CERTFR-2019-AVI-530, CVE-2019-15917, DLA-1930-1, openSUSE-SU-2019:2173-1, openSUSE-SU-2019:2181-1, SUSE-SU-2019:2412-1, SUSE-SU-2019:2424-1, SUSE-SU-2019:2648-1, SUSE-SU-2019:2651-1, SUSE-SU-2019:2658-1, SUSE-SU-2019:2738-1, VIGILANCE-VUL-30405.
Full Vigil@nce bulletin... (Free trial)

Description of the vulnerability

An attacker can force the usage of a freed memory area via hci_uart_register_dev() of the Linux kernel, in order to trigger a denial of service, and possibly to run code.
Full Vigil@nce bulletin... (Free trial)

cybersecurity weakness CVE-2018-21008

Linux kernel: use after free via rsi_mac80211_detach

Synthesis of the vulnerability

An attacker can force the usage of a freed memory area via rsi_mac80211_detach() of the Linux kernel, in order to trigger a denial of service, and possibly to run code.
Severity: 1/4.
Creation date: 25/09/2019.
Identifiers: CERTFR-2019-AVI-455, CERTFR-2019-AVI-502, CERTFR-2019-AVI-503, CERTFR-2019-AVI-527, CERTFR-2019-AVI-530, CVE-2018-21008, DLA-1930-1, openSUSE-SU-2019:2173-1, openSUSE-SU-2019:2181-1, SUSE-SU-2019:2412-1, SUSE-SU-2019:2424-1, SUSE-SU-2019:2648-1, SUSE-SU-2019:2651-1, SUSE-SU-2019:2658-1, SUSE-SU-2019:2738-1, USN-4162-1, USN-4162-2, USN-4163-1, USN-4163-2, VIGILANCE-VUL-30403.
Full Vigil@nce bulletin... (Free trial)

Description of the vulnerability

An attacker can force the usage of a freed memory area via rsi_mac80211_detach() of the Linux kernel, in order to trigger a denial of service, and possibly to run code.
Full Vigil@nce bulletin... (Free trial)

cybersecurity bulletin CVE-2018-20976

Linux kernel: use after free via fs/xfs/xfs_super.c

Synthesis of the vulnerability

An attacker can force the usage of a freed memory area via fs/xfs/xfs_super.c of the Linux kernel, in order to trigger a denial of service, and possibly to run code.
Severity: 1/4.
Creation date: 25/09/2019.
Identifiers: CERTFR-2019-AVI-455, CERTFR-2019-AVI-478, CERTFR-2019-AVI-502, CERTFR-2019-AVI-503, CERTFR-2019-AVI-530, CVE-2018-20976, DLA-1930-1, openSUSE-SU-2019:2173-1, openSUSE-SU-2019:2181-1, SSA:2019-311-01, SUSE-SU-2019:2412-1, SUSE-SU-2019:2424-1, SUSE-SU-2019:2648-1, SUSE-SU-2019:2651-1, SUSE-SU-2019:2658-1, SUSE-SU-2019:2738-1, SUSE-SU-2019:2949-1, SUSE-SU-2019:2950-1, USN-4144-1, USN-4145-1, VIGILANCE-VUL-30400.
Full Vigil@nce bulletin... (Free trial)

Description of the vulnerability

An attacker can force the usage of a freed memory area via fs/xfs/xfs_super.c of the Linux kernel, in order to trigger a denial of service, and possibly to run code.
Full Vigil@nce bulletin... (Free trial)

computer threat announce CVE-2019-16413

Linux kernel: infinite loop via the Plan9 filesystem

Synthesis of the vulnerability

An attacker can trigger an infinite loop via Plan9 of the Linux kernel, in order to trigger a denial of service.
Severity: 1/4.
Creation date: 19/09/2019.
Identifiers: CVE-2019-16413, SUSE-SU-2019:2949-1, SUSE-SU-2019:2950-1, VIGILANCE-VUL-30368.
Full Vigil@nce bulletin... (Free trial)

Description of the vulnerability

An attacker can trigger an infinite loop via the implemnetation of the Plan9 filesystem in the Linux kernel, in order to trigger a denial of service.
Full Vigil@nce bulletin... (Free trial)
Our database contains other pages. You can request a free trial to read them.

Display information about SUSE Linux Enterprise Desktop: