Vulnerabilities > Opensuse > Medium

DATE CVE VULNERABILITY TITLE RISK
2019-12-03 CVE-2019-19531 Use After Free vulnerability in multiple products
In the Linux kernel before 5.2.9, there is a use-after-free bug that can be caused by a malicious USB device in the drivers/usb/misc/yurex.c driver, aka CID-fc05481b2fca.
low complexity
linux debian opensuse CWE-416
6.8
6.8
2019-12-03 CVE-2019-19530 Use After Free vulnerability in multiple products
In the Linux kernel before 5.2.10, there is a use-after-free bug that can be caused by a malicious USB device in the drivers/usb/class/cdc-acm.c driver, aka CID-c52873e5a1ef.
low complexity
linux debian opensuse CWE-416
4.6
4.6
2019-12-03 CVE-2019-19527 Use After Free vulnerability in multiple products
In the Linux kernel before 5.2.10, there is a use-after-free bug that can be caused by a malicious USB device in the drivers/hid/usbhid/hiddev.c driver, aka CID-9c09b214f30e.
low complexity
linux debian opensuse CWE-416
6.8
6.8
2019-12-03 CVE-2019-19526 Use After Free vulnerability in multiple products
In the Linux kernel before 5.3.9, there is a use-after-free bug that can be caused by a malicious USB device in the drivers/nfc/pn533/usb.c driver, aka CID-6af3aa57a098.
low complexity
linux canonical opensuse CWE-416
4.6
4.6
2019-12-03 CVE-2019-19525 Use After Free vulnerability in multiple products
In the Linux kernel before 5.3.6, there is a use-after-free bug that can be caused by a malicious USB device in the drivers/net/ieee802154/atusb.c driver, aka CID-7fd25e6fc035.
low complexity
linux debian opensuse CWE-416
4.6
4.6
2019-12-03 CVE-2019-19523 Use After Free vulnerability in multiple products
In the Linux kernel before 5.3.7, there is a use-after-free bug that can be caused by a malicious USB device in the drivers/usb/misc/adutux.c driver, aka CID-44efc269db79.
low complexity
linux debian opensuse CWE-416
4.6
4.6
2019-11-30 CVE-2019-19462 NULL Pointer Dereference vulnerability in multiple products
relay_open in kernel/relay.c in the Linux kernel through 5.4.1 allows local users to cause a denial of service (such as relay blockage) by triggering a NULL alloc_percpu result.
local
low complexity
linux netapp canonical opensuse debian CWE-476
5.5
5.5
2019-11-29 CVE-2019-19451 Infinite Loop vulnerability in multiple products
When GNOME Dia before 2019-11-27 is launched with a filename argument that is not a valid codepoint in the current encoding, it enters an endless loop, thus endlessly writing text to stdout.
local
low complexity
gnome fedoraproject opensuse CWE-835
5.5
5.5
2019-11-28 CVE-2019-19318 Use After Free vulnerability in multiple products
In the Linux kernel 5.3.11, mounting a crafted btrfs image twice can cause an rwsem_down_write_slowpath use-after-free because (in rwsem_can_spin_on_owner in kernel/locking/rwsem.c) rwsem_owner_flags returns an already freed pointer,
local
low complexity
linux opensuse canonical debian netapp CWE-416
4.4
4.4
2019-11-27 CVE-2019-19319 Use After Free vulnerability in multiple products
In the Linux kernel before 5.2, a setxattr operation, after a mount of a crafted ext4 image, can cause a slab-out-of-bounds write access because of an ext4_xattr_set_entry use-after-free in fs/ext4/xattr.c when a large old_size value is used in a memset call, aka CID-345c0dbf3a30.
local
low complexity
linux redhat opensuse CWE-416
6.5
6.5