The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a vigilance database and tools to fix them.

Computer vulnerabilities of openSUSE Leap

Linux kernel: information disclosure via vb2_warn_zero_bytesused
A local attacker can read a memory fragment via vb2_warn_zero_bytesused() of the Linux kernel, in order to obtain sensitive information...
CERTFR-2020-AVI-376, CVE-2019-9455, openSUSE-SU-2020:0801-1, SUSE-SU-2020:1599-1, SUSE-SU-2020:1663-1, VIGILANCE-VUL-32513
Linux kernel: memory corruption via xdp_umem_reg
An attacker can trigger a memory corruption via xdp_umem_reg() of the Linux kernel, in order to trigger a denial of service, and possibly to run code...
CERTFR-2020-AVI-356, CERTFR-2020-AVI-376, CVE-2020-12659, openSUSE-SU-2020:0801-1, SUSE-SU-2020:1599-1, USN-4387-1, USN-4388-1, USN-4389-1, VIGILANCE-VUL-32510
Linux kernel: NULL pointer dereference via tw5864_handle_frame
An attacker can force a NULL pointer to be dereferenced via tw5864_handle_frame() of the Linux kernel, in order to trigger a denial of service...
CERTFR-2020-AVI-368, CERTFR-2020-AVI-376, CVE-2019-20806, DLA-2242-1, DSA-4698-1, openSUSE-SU-2020:0801-1, SUSE-SU-2020:1599-1, VIGILANCE-VUL-32503
Intel Processors: information disclosure via Special Register Buffer Data Sampling
An attacker can bypass access restrictions to data via Special Register Buffer Data Sampling of Intel Processors, in order to obtain sensitive information...
CERTFR-2020-AVI-351, CERTFR-2020-AVI-352, CERTFR-2020-AVI-353, CERTFR-2020-AVI-356, CERTFR-2020-AVI-368, CERTFR-2020-AVI-376, CTX275165, CVE-2020-0543, DLA-2241-1, DLA-2241-2, DLA-2242-1, DLA-2248-1, DSA-4698-1, DSA-4699-1, DSA-4701-1, FEDORA-2020-11ddbfbdf0, FEDORA-2020-3364913ace, FEDORA-2020-e47d28bc2b, FEDORA-2020-e49a911382, FEDORA-2020-e8835a5f8e, HPESBHF04001, INTEL-SA-00320, openSUSE-SU-2020:0791-1, openSUSE-SU-2020:0801-1, openSUSE-SU-2020:0818-1, RHSA-2020:2431-01, RHSA-2020:2432-01, RHSA-2020:2433-01, RHSA-2020:2677-01, RHSA-2020:2679-01, RHSA-2020:2680-01, RHSA-2020:2706-01, RHSA-2020:2707-01, RHSA-2020:2757-01, RHSA-2020:2758-01, RHSA-2020:2771-01, SSA:2020-163-01, SUSE-SU-2020:14393-1, SUSE-SU-2020:14394-1, SUSE-SU-2020:1599-1, SUSE-SU-2020:1630-1, SUSE-SU-2020:1632-1, SUSE-SU-2020:1633-1, SUSE-SU-2020:1634-1, SUSE-SU-2020:1663-1, USN-4385-1, USN-4385-2, USN-4387-1, USN-4388-1, USN-4389-1, USN-4390-1, USN-4391-1, USN-4392-1, USN-4393-1, VIGILANCE-VUL-32486, XSA-320
Linux kernel: overload via prb_calc_retire_blk_tmo
An attacker can trigger an overload via prb_calc_retire_blk_tmo() of the Linux kernel, in order to trigger a denial of service...
CERTFR-2020-AVI-376, CVE-2019-20812, openSUSE-SU-2020:0801-1, SUSE-SU-2020:1599-1, SUSE-SU-2020:1663-1, VIGILANCE-VUL-32443
PowerDNS Recursor: information disclosure via gethostname
An attacker can bypass access restrictions to data via gethostname() of PowerDNS Recursor, in order to obtain sensitive information...
CVE-2020-10030, FEDORA-2020-c0ff3df740, FEDORA-2020-d9abb0c06d, openSUSE-SU-2020:0698-1, VIGILANCE-VUL-32336
Mozilla NSS: vulnerability via DSA Exponentiation
A vulnerability via DSA Exponentiation of Mozilla NSS was announced...
CERTFR-2020-AVI-344, CVE-2020-12399, DLA-2243-1, DLA-2247-1, DLA-2266-1, DSA-4695-1, DSA-4702-1, FEDORA-2020-19e5635ee3, FEDORA-2020-5f7f8fcbce, MFSA2020-21, MFSA2020-22, openSUSE-SU-2020:0854-1, SSA:2020-156-01, SUSE-SU-2020:1677-1, USN-4383-1, USN-4397-1, USN-4397-2, VIGILANCE-VUL-32310
Linux kernel: denial of service via xfs
An attacker can trigger long delay in a xfs operation of the Linux kernel, in order to trigger a denial of service...
CERTFR-2020-AVI-376, CVE-2020-12655, FEDORA-2020-4336d63533, FEDORA-2020-5a69decc0c, FEDORA-2020-c6b9fff7f8, openSUSE-SU-2020:0801-1, SUSE-SU-2020:1599-1, SUSE-SU-2020:1663-1, VIGILANCE-VUL-32304
Linux kernel: use after free
An attacker can force the usage of a freed memory area of the Linux kernel, in order to trigger a denial of service, and possibly to run code...
CERTFR-2020-AVI-300, CERTFR-2020-AVI-307, CERTFR-2020-AVI-312, CERTFR-2020-AVI-326, CERTFR-2020-AVI-355, CERTFR-2020-AVI-376, CVE-2020-12657, openSUSE-SU-2020:0801-1, RHSA-2020:2427-01, RHSA-2020:2428-01, RHSA-2020:2429-01, RHSA-2020:2567-01, RHSA-2020:2667-01, RHSA-2020:2669-01, SUSE-SU-2020:1599-1, SUSE-SU-2020:1663-1, USN-4363-1, USN-4367-1, USN-4367-2, USN-4368-1, USN-4369-1, USN-4369-2, VIGILANCE-VUL-32296
LibreOffice: information disclosure by encryption disabling
An attacker can corrupt an encrypted MS-Office document to be edited with LibreOffice, in order to disable the encryption on next save and so get sensitive data...
CERTFR-2020-AVI-298, CVE-2020-12801, openSUSE-SU-2020:0786-1, SUSE-SU-2020:1731-1, VIGILANCE-VUL-32289
Our database contains other pages. You can request a free trial to read them.

Display information about openSUSE Leap: