Linux Enterprise Debuginfo Security Vulnerabilities and Issues — Linux Enterprise Debuginfo CVE List

Lucene search

SuseLinux Enterprise Debuginfo

11 matches found

CVE•added 2017/07/21 2:29 p.m.•213 views

CVE-2015-5300

The panic_gate check in NTP before 4.2.8p5 is only re-enabled after the first change to the system clock that was greater than 128 milliseconds by default, which allows remote attackers to set NTP to an arbitrary time when started with the -g option, or to alter the time by up to 900 seconds otherw...

7.5CVSS7.6AI score0.17786EPSS

CVE•added 2009/04/17 2:30 p.m.•203 views

CVE-2009-1185

udev before 1.4.1 does not verify whether a NETLINK message originates from kernel space, which allows local users to gain privileges by sending a NETLINK message from user space.

7.2CVSS7.4AI score0.86494EPSS

CVE•added 2021/06/02 2:15 p.m.•173 views

CVE-2018-10195

lrzsz before version 0.12.21~rc can leak information to the receiving side due to an incorrect length check in the function zsdata that causes a size_t to wrap around.

7.1CVSS6.5AI score0.00138EPSS

CVE•added 2017/07/21 2:29 p.m.•169 views

CVE-2015-5219

The ULOGTOD function in ntp.d in SNTP before 4.2.7p366 does not properly perform type conversions from a precision value to a double, which allows remote attackers to cause a denial of service (infinite loop) via a crafted NTP packet.

7.5CVSS7.1AI score0.0364EPSS

CVE•added 2017/07/21 2:29 p.m.•154 views

CVE-2015-5194

The log_config_command function in ntp_parser.y in ntpd in NTP before 4.2.7p42 allows remote attackers to cause a denial of service (ntpd crash) via crafted logconfig commands.

7.5CVSS7.1AI score0.11834EPSS

CVE•added 2016/06/27 10:59 a.m.•135 views

CVE-2016-5244

The rds_inc_info_copy function in net/rds/recv.c in the Linux kernel through 4.6.3 does not initialize a certain structure member, which allows remote attackers to obtain sensitive information from kernel stack memory by reading an RDS message.

7.5CVSS6.9AI score0.01662EPSS

CVE•added 2015/06/15 3:59 p.m.•112 views

CVE-2015-3209

Heap-based buffer overflow in the PCNET controller in QEMU allows remote attackers to execute arbitrary code by sending a packet with TXSTATUS_STARTPACKET set and then a crafted packet with TXSTATUS_DEVICEOWNS set.

7.5CVSS6.5AI score0.04545EPSS

CVE•added 2009/09/15 10:30 p.m.•97 views

CVE-2009-2903

Memory leak in the appletalk subsystem in the Linux kernel 2.4.x through 2.4.37.6 and 2.6.x through 2.6.31, when the appletalk and ipddp modules are loaded but the ipddp"N" device is not found, allows remote attackers to cause a denial of service (memory consumption) via IP-DDP datagrams.

7.1CVSS6.6AI score0.03773EPSS

CVE•added 2017/04/13 5:59 p.m.•95 views

CVE-2015-8567

Memory leak in net/vmxnet3.c in QEMU allows remote attackers to cause a denial of service (memory consumption).

7.7CVSS7.7AI score0.04759EPSS

CVE•added 2009/10/22 4:0 p.m.•94 views

CVE-2009-3620

The ATI Rage 128 (aka r128) driver in the Linux kernel before 2.6.31-git11 does not properly verify Concurrent Command Engine (CCE) state initialization, which allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly gain privileges via unspecified ioc...

7.8CVSS6.7AI score0.00098EPSS

CVE•added 2015/08/12 2:59 p.m.•93 views

CVE-2015-5154

Heap-based buffer overflow in the IDE subsystem in QEMU, as used in Xen 4.5.x and earlier, when the container has a CDROM drive enabled, allows local guest users to execute arbitrary code on the host via unspecified ATAPI commands.

7.2CVSS6.9AI score0.00183EPSS