Vulnerabilities (CVE)

Filtered by vendor Novell Subscribe
Filtered by product Suse Linux Enterprise Debuginfo
Total 24 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2013-4589 3 Fedoraproject, Graphicsmagick, Novell 5 Fedora, Graphicsmagick, Suse Linux Enterprise Debuginfo and 2 more 2024-11-21 4.3 MEDIUM N/A
The ExportAlphaQuantumType function in export.c in GraphicsMagick before 1.3.18 might allow remote attackers to cause a denial of service (crash) via vectors related to exporting the alpha of an 8-bit RGBA image.
CVE-2015-6815 7 Arista, Canonical, Fedoraproject and 4 more 11 Eos, Ubuntu Linux, Fedora and 8 more 2024-02-04 2.7 LOW 3.5 LOW
The process_tx_desc function in hw/net/e1000.c in QEMU before 2.4.0.1 does not properly process transmit descriptor data when sending a network packet, which allows attackers to cause a denial of service (infinite loop and guest crash) via unspecified vectors.
CVE-2016-2184 3 Canonical, Linux, Novell 10 Ubuntu Linux, Linux Kernel, Suse Linux Enterprise Debuginfo and 7 more 2024-02-04 4.9 MEDIUM 4.6 MEDIUM
The create_fixed_stream_quirk function in sound/usb/quirks.c in the snd-usb-audio driver in the Linux kernel before 4.5.1 allows physically proximate attackers to cause a denial of service (NULL pointer dereference or double free, and system crash) via a crafted endpoints value in a USB device descriptor.
CVE-2016-4569 3 Canonical, Linux, Novell 10 Ubuntu Linux, Linux Kernel, Suse Linux Enterprise Debuginfo and 7 more 2024-02-04 2.1 LOW 5.5 MEDIUM
The snd_timer_user_params function in sound/core/timer.c in the Linux kernel through 4.6 does not initialize a certain data structure, which allows local users to obtain sensitive information from kernel stack memory via crafted use of the ALSA timer interface.
CVE-2016-2185 3 Canonical, Linux, Novell 10 Ubuntu Linux, Linux Kernel, Suse Linux Enterprise Debuginfo and 7 more 2024-02-04 4.9 MEDIUM 4.6 MEDIUM
The ati_remote2_probe function in drivers/input/misc/ati_remote2.c in the Linux kernel before 4.5.1 allows physically proximate attackers to cause a denial of service (NULL pointer dereference and system crash) via a crafted endpoints value in a USB device descriptor.
CVE-2016-2186 3 Canonical, Linux, Novell 10 Ubuntu Linux, Linux Kernel, Suse Linux Enterprise Debuginfo and 7 more 2024-02-04 4.9 MEDIUM 4.6 MEDIUM
The powermate_probe function in drivers/input/misc/powermate.c in the Linux kernel before 4.5.1 allows physically proximate attackers to cause a denial of service (NULL pointer dereference and system crash) via a crafted endpoints value in a USB device descriptor.
CVE-2016-3137 3 Canonical, Linux, Novell 10 Ubuntu Linux, Linux Kernel, Suse Linux Enterprise Debuginfo and 7 more 2024-02-04 4.9 MEDIUM 4.6 MEDIUM
drivers/usb/serial/cypress_m8.c in the Linux kernel before 4.5.1 allows physically proximate attackers to cause a denial of service (NULL pointer dereference and system crash) via a USB device without both an interrupt-in and an interrupt-out endpoint descriptor, related to the cypress_generic_port_probe and cypress_open functions.
CVE-2016-4486 3 Canonical, Linux, Novell 10 Ubuntu Linux, Linux Kernel, Suse Linux Enterprise Debuginfo and 7 more 2024-02-04 2.1 LOW 3.3 LOW
The rtnl_fill_link_ifmap function in net/core/rtnetlink.c in the Linux kernel before 4.5.5 does not initialize a certain data structure, which allows local users to obtain sensitive information from kernel stack memory by reading a Netlink message.
CVE-2016-1583 3 Canonical, Linux, Novell 9 Ubuntu Linux, Linux Kernel, Suse Linux Enterprise Debuginfo and 6 more 2024-02-04 7.2 HIGH 7.8 HIGH
The ecryptfs_privileged_open function in fs/ecryptfs/kthread.c in the Linux kernel before 4.6.3 allows local users to gain privileges or cause a denial of service (stack memory consumption) via vectors involving crafted mmap calls for /proc pathnames, leading to recursive pagefault handling.
CVE-2016-4482 4 Canonical, Fedoraproject, Linux and 1 more 11 Ubuntu Linux, Fedora, Linux Kernel and 8 more 2024-02-04 2.1 LOW 6.2 MEDIUM
The proc_connectinfo function in drivers/usb/core/devio.c in the Linux kernel through 4.6 does not initialize a certain data structure, which allows local users to obtain sensitive information from kernel stack memory via a crafted USBDEVFS_CONNECTINFO ioctl call.
CVE-2016-3139 2 Linux, Novell 9 Linux Kernel, Suse Linux Enterprise Debuginfo, Suse Linux Enterprise Desktop and 6 more 2024-02-04 4.9 MEDIUM 4.6 MEDIUM
The wacom_probe function in drivers/input/tablet/wacom_sys.c in the Linux kernel before 3.17 allows physically proximate attackers to cause a denial of service (NULL pointer dereference and system crash) via a crafted endpoints value in a USB device descriptor.
CVE-2016-3134 2 Linux, Novell 9 Linux Kernel, Suse Linux Enterprise Debuginfo, Suse Linux Enterprise Desktop and 6 more 2024-02-04 7.2 HIGH 8.4 HIGH
The netfilter subsystem in the Linux kernel through 4.5.2 does not validate certain offset fields, which allows local users to gain privileges or cause a denial of service (heap memory corruption) via an IPT_SO_SET_REPLACE setsockopt call.
CVE-2016-4485 3 Canonical, Linux, Novell 5 Ubuntu Linux, Linux Kernel, Suse Linux Enterprise Debuginfo and 2 more 2024-02-04 5.0 MEDIUM 7.5 HIGH
The llc_cmsg_rcv function in net/llc/af_llc.c in the Linux kernel before 4.5.5 does not initialize a certain data structure, which allows attackers to obtain sensitive information from kernel stack memory by reading a message.
CVE-2016-2847 2 Linux, Novell 9 Linux Kernel, Suse Linux Enterprise Debuginfo, Suse Linux Enterprise Desktop and 6 more 2024-02-04 4.9 MEDIUM 6.2 MEDIUM
fs/pipe.c in the Linux kernel before 4.5 does not limit the amount of unread data in pipes, which allows local users to cause a denial of service (memory consumption) by creating many pipes with non-default sizes.
CVE-2016-3140 3 Canonical, Linux, Novell 10 Ubuntu Linux, Linux Kernel, Suse Linux Enterprise Debuginfo and 7 more 2024-02-04 4.9 MEDIUM 4.6 MEDIUM
The digi_port_init function in drivers/usb/serial/digi_acceleport.c in the Linux kernel before 4.5.1 allows physically proximate attackers to cause a denial of service (NULL pointer dereference and system crash) via a crafted endpoints value in a USB device descriptor.
CVE-2016-3138 3 Canonical, Linux, Novell 10 Ubuntu Linux, Linux Kernel, Suse Linux Enterprise Debuginfo and 7 more 2024-02-04 4.9 MEDIUM 4.6 MEDIUM
The acm_probe function in drivers/usb/class/cdc-acm.c in the Linux kernel before 4.5.1 allows physically proximate attackers to cause a denial of service (NULL pointer dereference and system crash) via a USB device without both a control and a data endpoint descriptor.
CVE-2016-4913 4 Canonical, Linux, Novell and 1 more 6 Ubuntu Linux, Linux Kernel, Suse Linux Enterprise Debuginfo and 3 more 2024-02-04 7.2 HIGH 7.8 HIGH
The get_rock_ridge_filename function in fs/isofs/rock.c in the Linux kernel before 4.5.5 mishandles NM (aka alternate name) entries containing \0 characters, which allows local users to obtain sensitive information from kernel memory or possibly have unspecified other impact via a crafted isofs filesystem.
CVE-2015-8816 2 Linux, Novell 9 Linux Kernel, Suse Linux Enterprise Debuginfo, Suse Linux Enterprise Desktop and 6 more 2024-02-04 7.2 HIGH 6.8 MEDIUM
The hub_activate function in drivers/usb/core/hub.c in the Linux kernel before 4.3.5 does not properly maintain a hub-interface data structure, which allows physically proximate attackers to cause a denial of service (invalid memory access and system crash) or possibly have unspecified other impact by unplugging a USB hub device.
CVE-2016-2187 3 Canonical, Linux, Novell 5 Ubuntu Linux, Linux Kernel, Suse Linux Enterprise Debuginfo and 2 more 2024-02-04 4.9 MEDIUM 4.6 MEDIUM
The gtco_probe function in drivers/input/tablet/gtco.c in the Linux kernel through 4.5.2 allows physically proximate attackers to cause a denial of service (NULL pointer dereference and system crash) via a crafted endpoints value in a USB device descriptor.
CVE-2016-2188 3 Canonical, Linux, Novell 10 Ubuntu Linux, Linux Kernel, Suse Linux Enterprise Debuginfo and 7 more 2024-02-04 4.9 MEDIUM 4.6 MEDIUM
The iowarrior_probe function in drivers/usb/misc/iowarrior.c in the Linux kernel before 4.5.1 allows physically proximate attackers to cause a denial of service (NULL pointer dereference and system crash) via a crafted endpoints value in a USB device descriptor.