[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-SUSE-SU-2019:14157-1":6},{"stargazers_count":4,"fetched_at":5},7,"2026-06-04T08:53:30.047Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":11,"aliases":12,"duplicate_of":9,"upstream":13,"downstream":28,"duplicates":29,"related":30,"reserved_at":9,"published_at":38,"modified_at":39,"state":9,"summary":40,"references_raw":42,"kevs":143,"epss":9,"epss_history":144,"metrics":145,"affected":146},"SUSE-SU-2019:14157-1","Security update for the Linux Kernel\n\n\nThe SUSE Linux Enterprise 11 SP4 kernel was updated to receive various security and bugfixes.\n\nThe following security bugs were fixed:\n\n- CVE-2019-14284: The drivers/block/floppy.c allowed a denial of service by setup_format_params division-by-zero. Two consecutive ioctls can trigger the bug: the first one should set the drive geometry with .sect and .rate values that make F_SECT_PER_TRACK be zero. Next, the floppy format operation should be called. It can be triggered by an unprivileged local user even when a floppy disk has not been inserted. NOTE: QEMU creates the floppy device by default (bsc#1143189).\n- CVE-2019-14283: The function set_geometry in drivers/block/floppy.c did not validate the sect and head fields, as demonstrated by an integer overflow and out-of-bounds read. It can be triggered by an unprivileged local user when a floppy disk has been inserted. NOTE: QEMU creates the floppy device by default (bsc#1143191).\n- CVE-2019-13631: In parse_hid_report_descriptor in drivers/input/tablet/gtco.c, a malicious USB device can send an HID report that triggers an out-of-bounds write during generation of debugging messages (bsc#1142023).\n- CVE-2019-11810: A NULL pointer dereference can occur when megasas_create_frame_pool() fails in megasas_alloc_cmds() in drivers/scsi/megaraid/megaraid_sas_base.c. This causes a Denial of Service, related to a use-after-free (bsc#1134399).\n- CVE-2019-1125: Enable Spectre v1 swapgs mitigations (bsc#1139358).\n- CVE-2018-20855: An issue was discovered in create_qp_common in drivers/infiniband/hw/mlx5/qp.c, mlx5_ib_create_qp_resp was never initialized, resulting in a leak of stack memory to userspace (bsc#1143045).\n- CVE-2015-9289: A buffer overflow occurs when checking userspace params in drivers/media/dvb-frontends/cx24116.c. The maximum size for a DiSEqC command is 6, according to the userspace API. However, the code allowed larger values such as 23 (bsc#1143179).\n\nThe following non-security bugs were fixed:\n\n- fix detection of race between fcntl-setlk and close (bsc#1140965).\n- ocfs2: add first lock wait time in locking_state (bsc#1134390).\n- ocfs2: add last unlock times in locking_state (bsc#1134390).\n- ocfs2: add locking filter debugfs file (bsc#1134390).\n- powerpc/watchpoint: Restore NV GPRs while returning from exception (bsc#1140945,bsc#1141401,bsc#1141402,bsc#1141452,bsc#1141453,bsc#1141454).\n- xen-netfront: use napi_complete() correctly to prevent Rx stalling (bsc#1138744).\n",null,[],[],[],[14,16,18,20,22,24,26],{"_key":15},"CVE-2015-9289",{"_key":17},"CVE-2018-20855",{"_key":19},"CVE-2019-1125",{"_key":21},"CVE-2019-11810",{"_key":23},"CVE-2019-13631",{"_key":25},"CVE-2019-14283",{"_key":27},"CVE-2019-14284",[],[],[31,32,33,34,35,36,37],{"_key":15},{"_key":17},{"_key":19},{"_key":21},{"_key":23},{"_key":25},{"_key":27},"2019-08-29T14:18:28Z","2026-02-04T02:29:25.598254Z",{"cisa_kev":41,"cisa_ransomware":41,"cisa_vendor":9,"epss_severity":9,"epss_score":9,"severity":9,"severity_score":9,"severity_version":9,"severity_source":9,"severity_vector":9,"severity_status":9},false,[43,49,54,58,62,66,70,74,78,82,86,90,94,98,102,106,110,114,119,123,127,131,135,139],{"url":44,"sources":45,"tags":47},"https://www.suse.com/support/update/announcement/2019/suse-su-201914157-1/",[46],"osv_suse",[48],"Advisory",{"url":50,"sources":51,"tags":52},"https://bugzilla.suse.com/1134390",[46],[53],"REPORT",{"url":55,"sources":56,"tags":57},"https://bugzilla.suse.com/1134399",[46],[53],{"url":59,"sources":60,"tags":61},"https://bugzilla.suse.com/1138744",[46],[53],{"url":63,"sources":64,"tags":65},"https://bugzilla.suse.com/1139358",[46],[53],{"url":67,"sources":68,"tags":69},"https://bugzilla.suse.com/1140945",[46],[53],{"url":71,"sources":72,"tags":73},"https://bugzilla.suse.com/1140965",[46],[53],{"url":75,"sources":76,"tags":77},"https://bugzilla.suse.com/1141401",[46],[53],{"url":79,"sources":80,"tags":81},"https://bugzilla.suse.com/1141402",[46],[53],{"url":83,"sources":84,"tags":85},"https://bugzilla.suse.com/1141452",[46],[53],{"url":87,"sources":88,"tags":89},"https://bugzilla.suse.com/1141453",[46],[53],{"url":91,"sources":92,"tags":93},"https://bugzilla.suse.com/1141454",[46],[53],{"url":95,"sources":96,"tags":97},"https://bugzilla.suse.com/1142023",[46],[53],{"url":99,"sources":100,"tags":101},"https://bugzilla.suse.com/1143045",[46],[53],{"url":103,"sources":104,"tags":105},"https://bugzilla.suse.com/1143179",[46],[53],{"url":107,"sources":108,"tags":109},"https://bugzilla.suse.com/1143189",[46],[53],{"url":111,"sources":112,"tags":113},"https://bugzilla.suse.com/1143191",[46],[53],{"url":115,"sources":116,"tags":117},"https://www.suse.com/security/cve/CVE-2015-9289",[46],[118],"WEB",{"url":120,"sources":121,"tags":122},"https://www.suse.com/security/cve/CVE-2018-20855",[46],[118],{"url":124,"sources":125,"tags":126},"https://www.suse.com/security/cve/CVE-2019-1125",[46],[118],{"url":128,"sources":129,"tags":130},"https://www.suse.com/security/cve/CVE-2019-11810",[46],[118],{"url":132,"sources":133,"tags":134},"https://www.suse.com/security/cve/CVE-2019-13631",[46],[118],{"url":136,"sources":137,"tags":138},"https://www.suse.com/security/cve/CVE-2019-14283",[46],[118],{"url":140,"sources":141,"tags":142},"https://www.suse.com/security/cve/CVE-2019-14284",[46],[118],[],[],[],[147,160,165,170,175,180,185,190,195],{"ecosystem":148,"name":149,"vendor":150,"product":151,"cpe_part":9,"purl_type":152,"purl_namespace":150,"purl_name":151,"source":9,"versions":153},"SUSE Linux Enterprise","kernel-bigmem","suse","kernel-bigmem&distro=SUSE Linux Enterprise Server 11 SP4-LTSS","rpm",[154],{"version":155,"is_range":156,"range_type":157,"version_start":9,"version_start_type":9,"version_end":158,"version_end_type":159,"fixed_in":9},"lt3_0_101_108_101_1",true,"ecosystem","3.0.101-108.101.1","excluding",{"ecosystem":148,"name":161,"vendor":150,"product":162,"cpe_part":9,"purl_type":152,"purl_namespace":150,"purl_name":162,"source":9,"versions":163},"kernel-default","kernel-default&distro=SUSE Linux Enterprise Server 11 SP4-LTSS",[164],{"version":155,"is_range":156,"range_type":157,"version_start":9,"version_start_type":9,"version_end":158,"version_end_type":159,"fixed_in":9},{"ecosystem":148,"name":166,"vendor":150,"product":167,"cpe_part":9,"purl_type":152,"purl_namespace":150,"purl_name":167,"source":9,"versions":168},"kernel-ec2","kernel-ec2&distro=SUSE Linux Enterprise Server 11 SP4-LTSS",[169],{"version":155,"is_range":156,"range_type":157,"version_start":9,"version_start_type":9,"version_end":158,"version_end_type":159,"fixed_in":9},{"ecosystem":148,"name":171,"vendor":150,"product":172,"cpe_part":9,"purl_type":152,"purl_namespace":150,"purl_name":172,"source":9,"versions":173},"kernel-pae","kernel-pae&distro=SUSE Linux Enterprise Server 11 SP4-LTSS",[174],{"version":155,"is_range":156,"range_type":157,"version_start":9,"version_start_type":9,"version_end":158,"version_end_type":159,"fixed_in":9},{"ecosystem":148,"name":176,"vendor":150,"product":177,"cpe_part":9,"purl_type":152,"purl_namespace":150,"purl_name":177,"source":9,"versions":178},"kernel-ppc64","kernel-ppc64&distro=SUSE Linux Enterprise Server 11 SP4-LTSS",[179],{"version":155,"is_range":156,"range_type":157,"version_start":9,"version_start_type":9,"version_end":158,"version_end_type":159,"fixed_in":9},{"ecosystem":148,"name":181,"vendor":150,"product":182,"cpe_part":9,"purl_type":152,"purl_namespace":150,"purl_name":182,"source":9,"versions":183},"kernel-source","kernel-source&distro=SUSE Linux Enterprise Server 11 SP4-LTSS",[184],{"version":155,"is_range":156,"range_type":157,"version_start":9,"version_start_type":9,"version_end":158,"version_end_type":159,"fixed_in":9},{"ecosystem":148,"name":186,"vendor":150,"product":187,"cpe_part":9,"purl_type":152,"purl_namespace":150,"purl_name":187,"source":9,"versions":188},"kernel-syms","kernel-syms&distro=SUSE Linux Enterprise Server 11 SP4-LTSS",[189],{"version":155,"is_range":156,"range_type":157,"version_start":9,"version_start_type":9,"version_end":158,"version_end_type":159,"fixed_in":9},{"ecosystem":148,"name":191,"vendor":150,"product":192,"cpe_part":9,"purl_type":152,"purl_namespace":150,"purl_name":192,"source":9,"versions":193},"kernel-trace","kernel-trace&distro=SUSE Linux Enterprise Server 11 SP4-LTSS",[194],{"version":155,"is_range":156,"range_type":157,"version_start":9,"version_start_type":9,"version_end":158,"version_end_type":159,"fixed_in":9},{"ecosystem":148,"name":196,"vendor":150,"product":197,"cpe_part":9,"purl_type":152,"purl_namespace":150,"purl_name":197,"source":9,"versions":198},"kernel-xen","kernel-xen&distro=SUSE Linux Enterprise Server 11 SP4-LTSS",[199],{"version":155,"is_range":156,"range_type":157,"version_start":9,"version_start_type":9,"version_end":158,"version_end_type":159,"fixed_in":9}]