Suse Linux Enterprise Debuginfo Novell Suse Linux Enterprise Debuginfo

Don't miss out!

Thousands of developers use stack.watch to stay informed.
Get an email whenever new security vulnerabilities are reported in Novell Suse Linux Enterprise Debuginfo.

By the Year

In 2024 there have been 0 vulnerabilities in Novell Suse Linux Enterprise Debuginfo . Suse Linux Enterprise Debuginfo did not have any published security vulnerabilities last year.

Year Vulnerabilities Average Score
2024 0 0.00
2023 0 0.00
2022 0 0.00
2021 0 0.00
2020 1 3.50
2019 0 0.00
2018 0 0.00

It may take a day or so for new Suse Linux Enterprise Debuginfo vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.

Recent Novell Suse Linux Enterprise Debuginfo Security Vulnerabilities

The process_tx_desc function in hw/net/e1000.c in QEMU before 2.4.0.1 does not properly process transmit descriptor data when sending a network packet, which

CVE-2015-6815 3.5 - Low - January 31, 2020

The process_tx_desc function in hw/net/e1000.c in QEMU before 2.4.0.1 does not properly process transmit descriptor data when sending a network packet, which allows attackers to cause a denial of service (infinite loop and guest crash) via unspecified vectors.

Infinite Loop

The ecryptfs_privileged_open function in fs/ecryptfs/kthread.c in the Linux kernel before 4.6.3

CVE-2016-1583 7.8 - High - June 27, 2016

The ecryptfs_privileged_open function in fs/ecryptfs/kthread.c in the Linux kernel before 4.6.3 allows local users to gain privileges or cause a denial of service (stack memory consumption) via vectors involving crafted mmap calls for /proc pathnames, leading to recursive pagefault handling.

Buffer Overflow

The get_rock_ridge_filename function in fs/isofs/rock.c in the Linux kernel before 4.5.5 mishandles NM (aka alternate name) entries containing \0 characters, which

CVE-2016-4913 7.8 - High - May 23, 2016

The get_rock_ridge_filename function in fs/isofs/rock.c in the Linux kernel before 4.5.5 mishandles NM (aka alternate name) entries containing \0 characters, which allows local users to obtain sensitive information from kernel memory or possibly have unspecified other impact via a crafted isofs filesystem.

Information Disclosure

The snd_timer_user_params function in sound/core/timer.c in the Linux kernel through 4.6 does not initialize a certain data structure, which

CVE-2016-4569 5.5 - Medium - May 23, 2016

The snd_timer_user_params function in sound/core/timer.c in the Linux kernel through 4.6 does not initialize a certain data structure, which allows local users to obtain sensitive information from kernel stack memory via crafted use of the ALSA timer interface.

Information Disclosure

The rtnl_fill_link_ifmap function in net/core/rtnetlink.c in the Linux kernel before 4.5.5 does not initialize a certain data structure, which

CVE-2016-4486 3.3 - Low - May 23, 2016

The rtnl_fill_link_ifmap function in net/core/rtnetlink.c in the Linux kernel before 4.5.5 does not initialize a certain data structure, which allows local users to obtain sensitive information from kernel stack memory by reading a Netlink message.

Information Disclosure

The llc_cmsg_rcv function in net/llc/af_llc.c in the Linux kernel before 4.5.5 does not initialize a certain data structure, which

CVE-2016-4485 7.5 - High - May 23, 2016

The llc_cmsg_rcv function in net/llc/af_llc.c in the Linux kernel before 4.5.5 does not initialize a certain data structure, which allows attackers to obtain sensitive information from kernel stack memory by reading a message.

Information Disclosure

The proc_connectinfo function in drivers/usb/core/devio.c in the Linux kernel through 4.6 does not initialize a certain data structure, which

CVE-2016-4482 6.2 - Medium - May 23, 2016

The proc_connectinfo function in drivers/usb/core/devio.c in the Linux kernel through 4.6 does not initialize a certain data structure, which allows local users to obtain sensitive information from kernel stack memory via a crafted USBDEVFS_CONNECTINFO ioctl call.

Information Disclosure

drivers/usb/serial/cypress_m8.c in the Linux kernel before 4.5.1

CVE-2016-3137 4.6 - Medium - May 02, 2016

drivers/usb/serial/cypress_m8.c in the Linux kernel before 4.5.1 allows physically proximate attackers to cause a denial of service (NULL pointer dereference and system crash) via a USB device without both an interrupt-in and an interrupt-out endpoint descriptor, related to the cypress_generic_port_probe and cypress_open functions.

The ati_remote2_probe function in drivers/input/misc/ati_remote2.c in the Linux kernel before 4.5.1

CVE-2016-2185 4.6 - Medium - May 02, 2016

The ati_remote2_probe function in drivers/input/misc/ati_remote2.c in the Linux kernel before 4.5.1 allows physically proximate attackers to cause a denial of service (NULL pointer dereference and system crash) via a crafted endpoints value in a USB device descriptor.

The powermate_probe function in drivers/input/misc/powermate.c in the Linux kernel before 4.5.1

CVE-2016-2186 4.6 - Medium - May 02, 2016

The powermate_probe function in drivers/input/misc/powermate.c in the Linux kernel before 4.5.1 allows physically proximate attackers to cause a denial of service (NULL pointer dereference and system crash) via a crafted endpoints value in a USB device descriptor.

The gtco_probe function in drivers/input/tablet/gtco.c in the Linux kernel through 4.5.2

CVE-2016-2187 4.6 - Medium - May 02, 2016

The gtco_probe function in drivers/input/tablet/gtco.c in the Linux kernel through 4.5.2 allows physically proximate attackers to cause a denial of service (NULL pointer dereference and system crash) via a crafted endpoints value in a USB device descriptor.

The iowarrior_probe function in drivers/usb/misc/iowarrior.c in the Linux kernel before 4.5.1

CVE-2016-2188 4.6 - Medium - May 02, 2016

The iowarrior_probe function in drivers/usb/misc/iowarrior.c in the Linux kernel before 4.5.1 allows physically proximate attackers to cause a denial of service (NULL pointer dereference and system crash) via a crafted endpoints value in a USB device descriptor.

The acm_probe function in drivers/usb/class/cdc-acm.c in the Linux kernel before 4.5.1

CVE-2016-3138 4.6 - Medium - May 02, 2016

The acm_probe function in drivers/usb/class/cdc-acm.c in the Linux kernel before 4.5.1 allows physically proximate attackers to cause a denial of service (NULL pointer dereference and system crash) via a USB device without both a control and a data endpoint descriptor.

The digi_port_init function in drivers/usb/serial/digi_acceleport.c in the Linux kernel before 4.5.1

CVE-2016-3140 4.6 - Medium - May 02, 2016

The digi_port_init function in drivers/usb/serial/digi_acceleport.c in the Linux kernel before 4.5.1 allows physically proximate attackers to cause a denial of service (NULL pointer dereference and system crash) via a crafted endpoints value in a USB device descriptor.

fs/pipe.c in the Linux kernel before 4.5 does not limit the amount of unread data in pipes, which

CVE-2016-2847 6.2 - Medium - April 27, 2016

fs/pipe.c in the Linux kernel before 4.5 does not limit the amount of unread data in pipes, which allows local users to cause a denial of service (memory consumption) by creating many pipes with non-default sizes.

Resource Management Errors

The IPv4 implementation in the Linux kernel before 4.5.2 mishandles destruction of device objects, which

CVE-2016-3156 5.5 - Medium - April 27, 2016

The IPv4 implementation in the Linux kernel before 4.5.2 mishandles destruction of device objects, which allows guest OS users to cause a denial of service (host OS networking outage) by arranging for a large number of IP addresses.

Resource Management Errors

The wacom_probe function in drivers/input/tablet/wacom_sys.c in the Linux kernel before 3.17

CVE-2016-3139 4.6 - Medium - April 27, 2016

The wacom_probe function in drivers/input/tablet/wacom_sys.c in the Linux kernel before 3.17 allows physically proximate attackers to cause a denial of service (NULL pointer dereference and system crash) via a crafted endpoints value in a USB device descriptor.

The netfilter subsystem in the Linux kernel through 4.5.2 does not validate certain offset fields, which

CVE-2016-3134 8.4 - High - April 27, 2016

The netfilter subsystem in the Linux kernel through 4.5.2 does not validate certain offset fields, which allows local users to gain privileges or cause a denial of service (heap memory corruption) via an IPT_SO_SET_REPLACE setsockopt call.

Buffer Overflow

The create_fixed_stream_quirk function in sound/usb/quirks.c in the snd-usb-audio driver in the Linux kernel before 4.5.1

CVE-2016-2184 4.6 - Medium - April 27, 2016

The create_fixed_stream_quirk function in sound/usb/quirks.c in the snd-usb-audio driver in the Linux kernel before 4.5.1 allows physically proximate attackers to cause a denial of service (NULL pointer dereference or double free, and system crash) via a crafted endpoints value in a USB device descriptor.

The hub_activate function in drivers/usb/core/hub.c in the Linux kernel before 4.3.5 does not properly maintain a hub-interface data structure, which

CVE-2015-8816 6.8 - Medium - April 27, 2016

The hub_activate function in drivers/usb/core/hub.c in the Linux kernel before 4.3.5 does not properly maintain a hub-interface data structure, which allows physically proximate attackers to cause a denial of service (invalid memory access and system crash) or possibly have unspecified other impact by unplugging a USB hub device.

The ExportAlphaQuantumType function in export.c in GraphicsMagick before 1.3.18 might

CVE-2013-4589 - November 23, 2013

The ExportAlphaQuantumType function in export.c in GraphicsMagick before 1.3.18 might allow remote attackers to cause a denial of service (crash) via vectors related to exporting the alpha of an 8-bit RGBA image.

Stay on top of Security Vulnerabilities

Want an email whenever new vulnerabilities are published for Fedora Project Fedora or by Novell? Click the Watch button to subscribe.

Novell
Vendor

subscribe