Opensuse Leap vulnerabilities

CVE-2019-18808 [MEDIUM] CWE-401 CVE-2019-18808: A memory leak in the ccp_run_sha_cmd() function in drivers/crypto/ccp/ccp-ops.c in the Linux kernel A memory leak in the ccp_run_sha_cmd() function in drivers/crypto/ccp/ccp-ops.c in the Linux kernel through 5.3.9 allows attackers to cause a denial of service (memory consumption), aka CID-128c66429247.

CVE-2019-18809 [MEDIUM] CWE-401 CVE-2019-18809: A memory leak in the af9005_identify_state() function in drivers/media/usb/dvb-usb/af9005.c in the L A memory leak in the af9005_identify_state() function in drivers/media/usb/dvb-usb/af9005.c in the Linux kernel through 5.3.9 allows attackers to cause a denial of service (memory consumption), aka CID-2289adbfa559.

CVE-2019-14833 [MEDIUM] CWE-305 CVE-2019-14833: A flaw was found in Samba, all versions starting samba 4.5.0 before samba 4.9.15, samba 4.10.10, sam A flaw was found in Samba, all versions starting samba 4.5.0 before samba 4.9.15, samba 4.10.10, samba 4.11.2, in the way it handles a user password change or a new password for a samba user. The Samba Active Directory Domain Controller can be configured to use a custom script to check for password complexity. This configuration can fail to verify p

CVE-2019-14847 [MEDIUM] CWE-476 CVE-2019-14847: A flaw was found in samba 4.0.0 before samba 4.9.15 and samba 4.10.x before 4.10.10. An attacker can A flaw was found in samba 4.0.0 before samba 4.9.15 and samba 4.10.x before 4.10.10. An attacker can crash AD DC LDAP server via dirsync resulting in denial of service. Privilege escalation is not possible with this issue.

CVE-2019-5068 [MEDIUM] CWE-277 CVE-2019-5068: An exploitable shared memory permissions vulnerability exists in the functionality of X11 Mesa 3D Gr An exploitable shared memory permissions vulnerability exists in the functionality of X11 Mesa 3D Graphics Library 19.1.2. An attacker can access the shared memory without any specific permissions to trigger this vulnerability.

CVE-2016-4983 [LOW] CWE-732 CVE-2016-4983: A postinstall script in the dovecot rpm allows local users to read the contents of newly created SSL A postinstall script in the dovecot rpm allows local users to read the contents of newly created SSL/TLS key files.

CVE-2016-1000002 [LOW] CWE-200 CVE-2016-1000002: gdm3 3.14.2 and possibly later has an information leak before screen lock gdm3 3.14.2 and possibly later has an information leak before screen lock

CVE-2015-8980 [CRITICAL] CWE-20 CVE-2015-8980: The plural form formula in ngettext family of calls in php-gettext before 1.0.12 allows remote attac The plural form formula in ngettext family of calls in php-gettext before 1.0.12 allows remote attackers to execute arbitrary code.

CVE-2019-18683 [HIGH] CWE-362 CVE-2019-18683: An issue was discovered in drivers/media/platform/vivid in the Linux kernel through 5.3.8. It is exp An issue was discovered in drivers/media/platform/vivid in the Linux kernel through 5.3.8. It is exploitable for privilege escalation on some Linux distributions where local users have /dev/video0 access, but only if the driver happens to be loaded. There are multiple race conditions during streaming stopping in this driver (part of the V4L2 subsystem

CVE-2017-5331 [HIGH] CWE-190 CVE-2017-5331: Integer overflow in the check_offset function in b/wrestool/fileread.c in icoutils before 0.31.1 all Integer overflow in the check_offset function in b/wrestool/fileread.c in icoutils before 0.31.1 allows local users to cause a denial of service (process crash) and execute arbitrary code via a crafted executable.

CVE-2017-5332 [HIGH] CWE-119 CVE-2017-5332: The extract_group_icon_cursor_resource in wrestool/extract.c in icoutils before 0.31.1 can access un The extract_group_icon_cursor_resource in wrestool/extract.c in icoutils before 0.31.1 can access unallocated memory, which allows local users to cause a denial of service (process crash) and execute arbitrary code via a crafted executable.

CVE-2017-5333 [HIGH] CWE-190 CVE-2017-5333: Integer overflow in the extract_group_icon_cursor_resource function in b/wrestool/extract.c in icout Integer overflow in the extract_group_icon_cursor_resource function in b/wrestool/extract.c in icoutils before 0.31.1 allows local users to cause a denial of service (process crash) or execute arbitrary code via a crafted executable file.

CVE-2019-6470 [HIGH] CVE-2019-6470: There had existed in one of the ISC BIND libraries a bug in a function that was used by dhcpd when o There had existed in one of the ISC BIND libraries a bug in a function that was used by dhcpd when operating in DHCPv6 mode. There was also a bug in dhcpd relating to the use of this function per its documentation, but the bug in the library function prevented this from causing any harm. All releases of dhcpd from ISC contain copies of this, and other, BIND lib

CVE-2019-18425 [CRITICAL] CWE-269 CVE-2019-18425: An issue was discovered in Xen through 4.12.x allowing 32-bit PV guest OS users to gain guest OS pri An issue was discovered in Xen through 4.12.x allowing 32-bit PV guest OS users to gain guest OS privileges by installing and using descriptors. There is missing descriptor table limit checking in x86 PV emulation. When emulating certain PV guest operations, descriptor table accesses are performed by the emulating code. Such accesses should respec

CVE-2019-5010 [HIGH] CWE-476 CVE-2019-5010: An exploitable denial-of-service vulnerability exists in the X509 certificate parser of Python.org P An exploitable denial-of-service vulnerability exists in the X509 certificate parser of Python.org Python 2.7.11 / 3.6.6. A specially crafted X509 certificate can cause a NULL pointer dereference, resulting in a denial of service. An attacker can initiate or accept TLS connections using crafted certificates to trigger this vulnerability.

CVE-2019-18421 [HIGH] CWE-362 CVE-2019-18421: An issue was discovered in Xen through 4.12.x allowing x86 PV guest OS users to gain host OS privile An issue was discovered in Xen through 4.12.x allowing x86 PV guest OS users to gain host OS privileges by leveraging race conditions in pagetable promotion and demotion operations. There are issues with restartable PV type change operations. To avoid using shadow pagetables for PV guests, Xen exposes the actual hardware pagetables to the guest. In or

CVE-2019-18424 [MEDIUM] CWE-78 CVE-2019-18424: An issue was discovered in Xen through 4.12.x allowing attackers to gain host OS privileges via DMA An issue was discovered in Xen through 4.12.x allowing attackers to gain host OS privileges via DMA in a situation where an untrusted domain has access to a physical device. This occurs because passed through PCI devices may corrupt host memory after deassignment. When a PCI device is assigned to an untrusted domain, it is possible for that domain to

CVE-2019-17596 [HIGH] CWE-436 CVE-2019-17596: Go before 1.12.11 and 1.3.x before 1.13.2 can panic upon an attempt to process network traffic conta Go before 1.12.11 and 1.3.x before 1.13.2 can panic upon an attempt to process network traffic containing an invalid DSA public key. There are several attack scenarios, such as traffic from a client to a server that verifies client certificates.

CVE-2019-17498 [HIGH] CWE-190 CVE-2019-17498: In libssh2 v1.9.0 and earlier versions, the SSH_MSG_DISCONNECT logic in packet.c has an integer over In libssh2 v1.9.0 and earlier versions, the SSH_MSG_DISCONNECT logic in packet.c has an integer overflow in a bounds check, enabling an attacker to specify an arbitrary (out-of-bounds) offset for a subsequent memory read. A crafted SSH server may be able to disclose sensitive information or cause a denial of service condition on the client system when

CVE-2019-18218 [HIGH] CWE-787 CVE-2019-18218: cdf_read_property_info in cdf.c in file through 5.37 does not restrict the number of CDF_VECTOR elem cdf_read_property_info in cdf.c in file through 5.37 does not restrict the number of CDF_VECTOR elements, which allows a heap-based buffer overflow (4-byte out-of-bounds write).