Opensuse Leap vulnerabilities

CVE-2019-15214 [MEDIUM] CWE-416 CVE-2019-15214: An issue was discovered in the Linux kernel before 5.0.10. There is a use-after-free in the sound su An issue was discovered in the Linux kernel before 5.0.10. There is a use-after-free in the sound subsystem because card disconnection causes certain data structures to be deleted too early. This is related to sound/core/init.c and sound/core/info.c.

CVE-2017-18551 [MEDIUM] CWE-787 CVE-2017-18551: An issue was discovered in drivers/i2c/i2c-core-smbus.c in the Linux kernel before 4.14.15. There is An issue was discovered in drivers/i2c/i2c-core-smbus.c in the Linux kernel before 4.14.15. There is an out of bounds write in the function i2c_smbus_xfer_emulated.

CVE-2019-15213 [MEDIUM] CWE-416 CVE-2019-15213: An issue was discovered in the Linux kernel before 5.2.3. There is a use-after-free caused by a mali An issue was discovered in the Linux kernel before 5.2.3. There is a use-after-free caused by a malicious USB device in the drivers/media/usb/dvb-usb/dvb-usb-init.c driver.

CVE-2019-15222 [MEDIUM] CWE-476 CVE-2019-15222: An issue was discovered in the Linux kernel before 5.2.8. There is a NULL pointer dereference caused An issue was discovered in the Linux kernel before 5.2.8. There is a NULL pointer dereference caused by a malicious USB device in the sound/usb/helper.c (motu_microbookii) driver.

CVE-2019-15212 [MEDIUM] CWE-415 CVE-2019-15212: An issue was discovered in the Linux kernel before 5.1.8. There is a double-free caused by a malicio An issue was discovered in the Linux kernel before 5.1.8. There is a double-free caused by a malicious USB device in the drivers/usb/misc/rio500.c driver.

CVE-2019-15218 [MEDIUM] CWE-476 CVE-2019-15218: An issue was discovered in the Linux kernel before 5.1.8. There is a NULL pointer dereference caused An issue was discovered in the Linux kernel before 5.1.8. There is a NULL pointer dereference caused by a malicious USB device in the drivers/media/usb/siano/smsusb.c driver.

CVE-2019-15217 [MEDIUM] CWE-476 CVE-2019-15217: An issue was discovered in the Linux kernel before 5.2.3. There is a NULL pointer dereference caused An issue was discovered in the Linux kernel before 5.2.3. There is a NULL pointer dereference caused by a malicious USB device in the drivers/media/usb/zr364xx/zr364xx.c driver.

CVE-2019-15141 [MEDIUM] CVE-2019-15141: WriteTIFFImage in coders/tiff.c in ImageMagick 7.0.8-43 Q16 allows attackers to cause a denial-of-se WriteTIFFImage in coders/tiff.c in ImageMagick 7.0.8-43 Q16 allows attackers to cause a denial-of-service (application crash resulting from a heap-based buffer over-read) via a crafted TIFF image file, related to TIFFRewriteDirectory, TIFFWriteDirectory, TIFFWriteDirectorySec, and TIFFWriteDirectoryTagColormap in tif_dirwrite.c of LibTIFF. NOTE: this occurs

CVE-2019-15145 [MEDIUM] CWE-125 CVE-2019-15145: DjVuLibre 3.5.27 allows attackers to cause a denial-of-service attack (application crash via an out- DjVuLibre 3.5.27 allows attackers to cause a denial-of-service attack (application crash via an out-of-bounds read) by crafting a corrupted JB2 image file that is mishandled in JB2Dict::JB2Codec::get_direct_context in libdjvu/JB2Image.h because of a missing zero-bytes check in libdjvu/GBitmap.h.

CVE-2019-15144 [MEDIUM] CWE-674 CVE-2019-15144: In DjVuLibre 3.5.27, the sorting functionality (aka GArrayTemplate<TYPE>::sort) allows attackers to In DjVuLibre 3.5.27, the sorting functionality (aka GArrayTemplate::sort) allows attackers to cause a denial-of-service (application crash due to an Uncontrolled Recursion) by crafting a PBM image file that is mishandled in libdjvu/GContainer.h.

CVE-2019-15142 [MEDIUM] CWE-125 CVE-2019-15142: In DjVuLibre 3.5.27, DjVmDir.cpp in the DJVU reader component allows attackers to cause a denial-of- In DjVuLibre 3.5.27, DjVmDir.cpp in the DJVU reader component allows attackers to cause a denial-of-service (application crash in GStringRep::strdup in libdjvu/GString.cpp caused by a heap-based buffer over-read) by crafting a DJVU file.

CVE-2019-15143 [MEDIUM] CWE-835 CVE-2019-15143: In DjVuLibre 3.5.27, the bitmap reader component allows attackers to cause a denial-of-service error In DjVuLibre 3.5.27, the bitmap reader component allows attackers to cause a denial-of-service error (resource exhaustion caused by a GBitmap::read_rle_raw infinite loop) by crafting a corrupted image file, related to libdjvu/DjVmDir.cpp and libdjvu/GBitmap.cpp.

CVE-2019-15090 [MEDIUM] CWE-125 CVE-2019-15090: An issue was discovered in drivers/scsi/qedi/qedi_dbg.c in the Linux kernel before 5.1.12. In the qe An issue was discovered in drivers/scsi/qedi/qedi_dbg.c in the Linux kernel before 5.1.12. In the qedi_dbg_* family of functions, there is an out-of-bounds read.

CVE-2019-15118 [MEDIUM] CWE-674 CVE-2019-15118: check_input_term in sound/usb/mixer.c in the Linux kernel through 5.2.9 mishandles recursion, leadin check_input_term in sound/usb/mixer.c in the Linux kernel through 5.2.9 mishandles recursion, leading to kernel stack exhaustion.

CVE-2019-15098 [MEDIUM] CWE-476 CVE-2019-15098: drivers/net/wireless/ath/ath6kl/usb.c in the Linux kernel through 5.2.9 has a NULL pointer dereferen drivers/net/wireless/ath/ath6kl/usb.c in the Linux kernel through 5.2.9 has a NULL pointer dereference via an incomplete address in an endpoint descriptor.

CVE-2019-9850 [CRITICAL] CVE-2019-9850: LibreOffice is typically bundled with LibreLogo, a programmable turtle vector graphics script, which LibreOffice is typically bundled with LibreLogo, a programmable turtle vector graphics script, which can execute arbitrary python commands contained with the document it is launched from. LibreOffice also has a feature where documents can specify that pre-installed scripts can be executed on various document script events such as mouse-over, etc. Protection

CVE-2019-9851 [CRITICAL] CVE-2019-9851: LibreOffice is typically bundled with LibreLogo, a programmable turtle vector graphics script, which LibreOffice is typically bundled with LibreLogo, a programmable turtle vector graphics script, which can execute arbitrary python commands contained with the document it is launched from. Protection was added, to address CVE-2019-9848, to block calling LibreLogo from document event script handers, e.g. mouse over. However LibreOffice also has a separate fea

CVE-2019-9852 [HIGH] CWE-116 CVE-2019-9852: LibreOffice has a feature where documents can specify that pre-installed macros can be executed on v LibreOffice has a feature where documents can specify that pre-installed macros can be executed on various script events such as mouse-over, document-open etc. Access is intended to be restricted to scripts under the share/Scripts/python, user/Scripts/python sub-directories of the LibreOffice install. Protection was added, to address CVE-2018-16858, to

CVE-2019-12854 [HIGH] CVE-2019-12854: Due to incorrect string termination, Squid cachemgr.cgi 4.0 through 4.7 may access unallocated memor Due to incorrect string termination, Squid cachemgr.cgi 4.0 through 4.7 may access unallocated memory. On systems with memory access protections, this can cause the CGI process to terminate unexpectedly, resulting in a denial of service for all clients using it.

CVE-2019-9506 [HIGH] CWE-310 CVE-2019-9506: The Bluetooth BR/EDR specification up to and including version 5.1 permits sufficiently low encrypti The Bluetooth BR/EDR specification up to and including version 5.1 permits sufficiently low encryption key length and does not prevent an attacker from influencing the key length negotiation. This allows practical brute-force attacks (aka "KNOB") that can decrypt traffic and inject arbitrary ciphertext without the victim noticing.