rpm package
suse/kernel-bigmem&distro=SUSE Linux Enterprise Server for SAP Applications 11 SP4
pkg:rpm/suse/kernel-bigmem&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2011%20SP4
Vulnerabilities (189)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2018-15594 | — | < 3.0.101-108.71.1 | 3.0.101-108.71.1 | Aug 20, 2018 | arch/x86/kernel/paravirt.c in the Linux kernel before 4.18.1 mishandles certain indirect calls, which makes it easier for attackers to conduct Spectre-v2 attacks against paravirtual guests. | ||
| CVE-2018-15572 | — | < 3.0.101-108.71.1 | 3.0.101-108.71.1 | Aug 20, 2018 | The spectre_v2_select_mitigation function in arch/x86/kernel/cpu/bugs.c in the Linux kernel before 4.18.1 does not always fill RSB upon a context switch, which makes it easier for attackers to conduct userspace-userspace spectreRSB attacks. | ||
| CVE-2018-3646 | — | < 3.0.101-108.68.1 | 3.0.101-108.68.1 | Aug 14, 2018 | Systems with microprocessors utilizing speculative execution and address translations may allow unauthorized disclosure of information residing in the L1 data cache to an attacker with local user access with guest OS privilege via a terminal page fault and a side-channel analysis | ||
| CVE-2018-3620 | — | < 3.0.101-108.68.1 | 3.0.101-108.68.1 | Aug 14, 2018 | Systems with microprocessors utilizing speculative execution and address translations may allow unauthorized disclosure of information residing in the L1 data cache to an attacker with local user access via a terminal page fault and a side-channel analysis. | ||
| CVE-2017-7482 | — | < 3.0.101-108.7.1 | 3.0.101-108.7.1 | Jul 30, 2018 | In the Linux kernel before version 4.12, Kerberos 5 tickets decoded when using the RXRPC keys incorrectly assumes the size of a field. This could lead to the size-remaining variable wrapping and the data pointer going over the end of the buffer. This could possibly lead to memory | ||
| CVE-2018-14734 | — | < 3.0.101-108.71.1 | 3.0.101-108.71.1 | Jul 29, 2018 | drivers/infiniband/core/ucma.c in the Linux kernel through 4.17.11 allows ucma_leave_multicast to access a certain data structure after a cleanup step in ucma_process_join, which allows attackers to cause a denial of service (use-after-free). | ||
| CVE-2018-14617 | — | < 3.0.101-108.71.1 | 3.0.101-108.71.1 | Jul 27, 2018 | An issue was discovered in the Linux kernel through 4.17.10. There is a NULL pointer dereference and panic in hfsplus_lookup() in fs/hfsplus/dir.c when opening a file (that is purportedly a hard link) in an hfs+ filesystem that has malformed catalog data, and is mounted read-only | ||
| CVE-2018-13406 | — | < 3.0.101-108.68.1 | 3.0.101-108.68.1 | Jul 6, 2018 | An integer overflow in the uvesafb_setcmap function in drivers/video/fbdev/uvesafb.c in the Linux kernel before 4.17.4 could result in local attackers being able to crash the kernel or potentially elevate privileges because kmalloc_array is not used. | ||
| CVE-2018-12896 | — | < 3.0.101-108.71.1 | 3.0.101-108.71.1 | Jul 2, 2018 | An issue was discovered in the Linux kernel through 4.17.3. An Integer Overflow in kernel/time/posix-timers.c in the POSIX timer code is caused by the way the overrun accounting works. Depending on interval and expiry time values, the overrun can be larger than INT_MAX, but the a | ||
| CVE-2018-13053 | — | < 3.0.101-108.68.1 | 3.0.101-108.68.1 | Jul 2, 2018 | The alarm_timer_nsleep function in kernel/time/alarmtimer.c in the Linux kernel through 4.17.3 has an integer overflow via a large relative timeout because ktime_add_safe is not used. | ||
| CVE-2018-1000204 | — | < 3.0.101-108.68.1 | 3.0.101-108.68.1 | Jun 26, 2018 | Linux Kernel version 3.18 to 4.16 incorrectly handles an SG_IO ioctl on /dev/sg0 with dxfer_direction=SG_DXFER_FROM_DEV and an empty 6-byte cmdp. This may lead to copying up to 1000 kernel heap pages to the userspace. This has been fixed upstream in https://github.com/torvalds/li | ||
| CVE-2018-3665 | — | < 3.0.101-108.57.1 | 3.0.101-108.57.1 | Jun 21, 2018 | System software utilizing Lazy FP state restore technique on systems using Intel Core-based microprocessors may potentially allow a local process to infer data from another process through a speculative execution side channel. | ||
| CVE-2018-5814 | — | < 3.0.101-108.68.1 | 3.0.101-108.68.1 | Jun 12, 2018 | In the Linux Kernel before version 4.16.11, 4.14.43, 4.9.102, and 4.4.133, multiple race condition errors when handling probe, disconnect, and rebind operations can be exploited to trigger a use-after-free condition or a NULL pointer dereference by sending multiple USB over IP pa | ||
| CVE-2018-5803 | — | < 3.0.101-108.68.1 | 3.0.101-108.68.1 | Jun 12, 2018 | In the Linux Kernel before version 4.15.8, 4.14.25, 4.9.87, 4.4.121, 4.1.51, and 3.2.102, an error in the "_sctp_make_chunk()" function (net/sctp/sm_make_chunk.c) when handling SCTP packets length can be exploited to cause a kernel crash. | ||
| CVE-2018-12233 | — | < 3.0.101-108.68.1 | 3.0.101-108.68.1 | Jun 12, 2018 | In the ea_get function in fs/jfs/xattr.c in the Linux kernel through 4.17.1, a memory corruption bug in JFS can be triggered by calling setxattr twice with two different extended attribute names on the same file. This vulnerability can be triggered by an unprivileged user with th | ||
| CVE-2018-1000199 | — | < 3.0.101-108.48.1 | 3.0.101-108.48.1 | May 24, 2018 | The Linux Kernel version 3.18 contains a dangerous feature vulnerability in modify_user_hw_breakpoint() that can result in crash and possibly memory corruption. This attack appear to be exploitable via local code execution and the ability to use ptrace. This vulnerability appears | ||
| CVE-2018-3639 | — | < 3.0.101-108.48.1 | 3.0.101-108.48.1 | May 22, 2018 | Systems with microprocessors utilizing speculative execution and speculative execution of memory reads before the addresses of all prior memory writes are known may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis, aka | ||
| CVE-2018-1087 | — | < 3.0.101-108.41.1 | 3.0.101-108.41.1 | May 15, 2018 | kernel KVM before versions kernel 4.16, kernel 4.16-rc7, kernel 4.17-rc1, kernel 4.17-rc2 and kernel 4.17-rc3 is vulnerable to a flaw in the way the Linux kernel's KVM hypervisor handled exceptions delivered after a stack switch operation via Mov SS or Pop SS instructions. During | ||
| CVE-2018-1130 | — | < 3.0.101-108.68.1 | 3.0.101-108.68.1 | May 10, 2018 | Linux kernel before version 4.16-rc7 is vulnerable to a null pointer dereference in dccp_write_xmit() function in net/dccp/output.c in that allows a local user to cause a denial of service by a number of certain crafted system calls. | ||
| CVE-2018-10940 | — | < 3.0.101-108.71.1 | 3.0.101-108.71.1 | May 9, 2018 | The cdrom_ioctl_media_changed function in drivers/cdrom/cdrom.c in the Linux kernel before 4.16.6 allows local attackers to use a incorrect bounds check in the CDROM driver CDROM_MEDIA_CHANGED ioctl to read out kernel memory. |
- CVE-2018-15594Aug 20, 2018affected < 3.0.101-108.71.1fixed 3.0.101-108.71.1
arch/x86/kernel/paravirt.c in the Linux kernel before 4.18.1 mishandles certain indirect calls, which makes it easier for attackers to conduct Spectre-v2 attacks against paravirtual guests.
- CVE-2018-15572Aug 20, 2018affected < 3.0.101-108.71.1fixed 3.0.101-108.71.1
The spectre_v2_select_mitigation function in arch/x86/kernel/cpu/bugs.c in the Linux kernel before 4.18.1 does not always fill RSB upon a context switch, which makes it easier for attackers to conduct userspace-userspace spectreRSB attacks.
- CVE-2018-3646Aug 14, 2018affected < 3.0.101-108.68.1fixed 3.0.101-108.68.1
Systems with microprocessors utilizing speculative execution and address translations may allow unauthorized disclosure of information residing in the L1 data cache to an attacker with local user access with guest OS privilege via a terminal page fault and a side-channel analysis
- CVE-2018-3620Aug 14, 2018affected < 3.0.101-108.68.1fixed 3.0.101-108.68.1
Systems with microprocessors utilizing speculative execution and address translations may allow unauthorized disclosure of information residing in the L1 data cache to an attacker with local user access via a terminal page fault and a side-channel analysis.
- CVE-2017-7482Jul 30, 2018affected < 3.0.101-108.7.1fixed 3.0.101-108.7.1
In the Linux kernel before version 4.12, Kerberos 5 tickets decoded when using the RXRPC keys incorrectly assumes the size of a field. This could lead to the size-remaining variable wrapping and the data pointer going over the end of the buffer. This could possibly lead to memory
- CVE-2018-14734Jul 29, 2018affected < 3.0.101-108.71.1fixed 3.0.101-108.71.1
drivers/infiniband/core/ucma.c in the Linux kernel through 4.17.11 allows ucma_leave_multicast to access a certain data structure after a cleanup step in ucma_process_join, which allows attackers to cause a denial of service (use-after-free).
- CVE-2018-14617Jul 27, 2018affected < 3.0.101-108.71.1fixed 3.0.101-108.71.1
An issue was discovered in the Linux kernel through 4.17.10. There is a NULL pointer dereference and panic in hfsplus_lookup() in fs/hfsplus/dir.c when opening a file (that is purportedly a hard link) in an hfs+ filesystem that has malformed catalog data, and is mounted read-only
- CVE-2018-13406Jul 6, 2018affected < 3.0.101-108.68.1fixed 3.0.101-108.68.1
An integer overflow in the uvesafb_setcmap function in drivers/video/fbdev/uvesafb.c in the Linux kernel before 4.17.4 could result in local attackers being able to crash the kernel or potentially elevate privileges because kmalloc_array is not used.
- CVE-2018-12896Jul 2, 2018affected < 3.0.101-108.71.1fixed 3.0.101-108.71.1
An issue was discovered in the Linux kernel through 4.17.3. An Integer Overflow in kernel/time/posix-timers.c in the POSIX timer code is caused by the way the overrun accounting works. Depending on interval and expiry time values, the overrun can be larger than INT_MAX, but the a
- CVE-2018-13053Jul 2, 2018affected < 3.0.101-108.68.1fixed 3.0.101-108.68.1
The alarm_timer_nsleep function in kernel/time/alarmtimer.c in the Linux kernel through 4.17.3 has an integer overflow via a large relative timeout because ktime_add_safe is not used.
- CVE-2018-1000204Jun 26, 2018affected < 3.0.101-108.68.1fixed 3.0.101-108.68.1
Linux Kernel version 3.18 to 4.16 incorrectly handles an SG_IO ioctl on /dev/sg0 with dxfer_direction=SG_DXFER_FROM_DEV and an empty 6-byte cmdp. This may lead to copying up to 1000 kernel heap pages to the userspace. This has been fixed upstream in https://github.com/torvalds/li
- CVE-2018-3665Jun 21, 2018affected < 3.0.101-108.57.1fixed 3.0.101-108.57.1
System software utilizing Lazy FP state restore technique on systems using Intel Core-based microprocessors may potentially allow a local process to infer data from another process through a speculative execution side channel.
- CVE-2018-5814Jun 12, 2018affected < 3.0.101-108.68.1fixed 3.0.101-108.68.1
In the Linux Kernel before version 4.16.11, 4.14.43, 4.9.102, and 4.4.133, multiple race condition errors when handling probe, disconnect, and rebind operations can be exploited to trigger a use-after-free condition or a NULL pointer dereference by sending multiple USB over IP pa
- CVE-2018-5803Jun 12, 2018affected < 3.0.101-108.68.1fixed 3.0.101-108.68.1
In the Linux Kernel before version 4.15.8, 4.14.25, 4.9.87, 4.4.121, 4.1.51, and 3.2.102, an error in the "_sctp_make_chunk()" function (net/sctp/sm_make_chunk.c) when handling SCTP packets length can be exploited to cause a kernel crash.
- CVE-2018-12233Jun 12, 2018affected < 3.0.101-108.68.1fixed 3.0.101-108.68.1
In the ea_get function in fs/jfs/xattr.c in the Linux kernel through 4.17.1, a memory corruption bug in JFS can be triggered by calling setxattr twice with two different extended attribute names on the same file. This vulnerability can be triggered by an unprivileged user with th
- CVE-2018-1000199May 24, 2018affected < 3.0.101-108.48.1fixed 3.0.101-108.48.1
The Linux Kernel version 3.18 contains a dangerous feature vulnerability in modify_user_hw_breakpoint() that can result in crash and possibly memory corruption. This attack appear to be exploitable via local code execution and the ability to use ptrace. This vulnerability appears
- CVE-2018-3639May 22, 2018affected < 3.0.101-108.48.1fixed 3.0.101-108.48.1
Systems with microprocessors utilizing speculative execution and speculative execution of memory reads before the addresses of all prior memory writes are known may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis, aka
- CVE-2018-1087May 15, 2018affected < 3.0.101-108.41.1fixed 3.0.101-108.41.1
kernel KVM before versions kernel 4.16, kernel 4.16-rc7, kernel 4.17-rc1, kernel 4.17-rc2 and kernel 4.17-rc3 is vulnerable to a flaw in the way the Linux kernel's KVM hypervisor handled exceptions delivered after a stack switch operation via Mov SS or Pop SS instructions. During
- CVE-2018-1130May 10, 2018affected < 3.0.101-108.68.1fixed 3.0.101-108.68.1
Linux kernel before version 4.16-rc7 is vulnerable to a null pointer dereference in dccp_write_xmit() function in net/dccp/output.c in that allows a local user to cause a denial of service by a number of certain crafted system calls.
- CVE-2018-10940May 9, 2018affected < 3.0.101-108.71.1fixed 3.0.101-108.71.1
The cdrom_ioctl_media_changed function in drivers/cdrom/cdrom.c in the Linux kernel before 4.16.6 allows local attackers to use a incorrect bounds check in the CDROM driver CDROM_MEDIA_CHANGED ioctl to read out kernel memory.
Page 2 of 10