rpm package
suse/kernel-default&distro=SUSE Linux Enterprise Desktop 11 SP4
pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Desktop%2011%20SP4
Vulnerabilities (48)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2014-9729 | — | < 3.0.101-65.1 | 3.0.101-65.1 | Aug 31, 2015 | The udf_read_inode function in fs/udf/inode.c in the Linux kernel before 3.18.2 does not ensure a certain data-structure size consistency, which allows local users to cause a denial of service (system crash) via a crafted UDF filesystem image. | ||
| CVE-2014-9728 | — | < 3.0.101-65.1 | 3.0.101-65.1 | Aug 31, 2015 | The UDF filesystem implementation in the Linux kernel before 3.18.2 does not validate certain lengths, which allows local users to cause a denial of service (buffer over-read and system crash) via a crafted filesystem image, related to fs/udf/inode.c and fs/udf/symlink.c. | ||
| CVE-2015-1805 | — | < 3.0.101-65.1 | 3.0.101-65.1 | Aug 8, 2015 | The (1) pipe_read and (2) pipe_write implementations in fs/pipe.c in the Linux kernel before 3.16 do not properly consider the side effects of failed __copy_to_user_inatomic and __copy_from_user_inatomic calls, which allows local users to cause a denial of service (system crash) | ||
| CVE-2015-4167 | — | < 3.0.101-65.1 | 3.0.101-65.1 | Aug 5, 2015 | The udf_read_inode function in fs/udf/inode.c in the Linux kernel before 3.19.1 does not validate certain length values, which allows local users to cause a denial of service (incorrect data representation or integer overflow, and OOPS) via a crafted UDF filesystem. | ||
| CVE-2015-2830 | — | < 3.0.101-65.1 | 3.0.101-65.1 | May 27, 2015 | arch/x86/kernel/entry_64.S in the Linux kernel before 3.19.2 does not prevent the TS_COMPAT flag from reaching a user-mode task, which might allow local users to bypass the seccomp or audit protection mechanism via a crafted application that uses the (1) fork or (2) close system | ||
| CVE-2015-0777 | — | < 3.0.101-65.1 | 3.0.101-65.1 | Apr 5, 2015 | drivers/xen/usbback/usbback.c in linux-2.6.18-xen-3.4.0 (aka the Xen 3.4.x support patches for the Linux kernel 2.6.18), as used in the Linux kernel 2.6.x and 3.x in SUSE Linux distributions, allows guest OS users to obtain sensitive information from uninitialized locations in ho | ||
| CVE-2015-1420 | — | < 3.0.101-65.1 | 3.0.101-65.1 | Mar 16, 2015 | Race condition in the handle_to_path function in fs/fhandle.c in the Linux kernel through 3.19.1 allows local users to bypass intended size restrictions and trigger read operations on additional memory locations by changing the handle_bytes value of a file handle during the execu | ||
| CVE-2015-2150 | — | < 3.0.101-65.1 | 3.0.101-65.1 | Mar 12, 2015 | Xen 3.3.x through 4.5.x and the Linux kernel through 3.19.1 do not properly restrict access to PCI command registers, which might allow local guest OS users to cause a denial of service (non-maskable interrupt and host crash) by disabling the (1) memory or (2) I/O decoding for a |
- CVE-2014-9729Aug 31, 2015affected < 3.0.101-65.1fixed 3.0.101-65.1
The udf_read_inode function in fs/udf/inode.c in the Linux kernel before 3.18.2 does not ensure a certain data-structure size consistency, which allows local users to cause a denial of service (system crash) via a crafted UDF filesystem image.
- CVE-2014-9728Aug 31, 2015affected < 3.0.101-65.1fixed 3.0.101-65.1
The UDF filesystem implementation in the Linux kernel before 3.18.2 does not validate certain lengths, which allows local users to cause a denial of service (buffer over-read and system crash) via a crafted filesystem image, related to fs/udf/inode.c and fs/udf/symlink.c.
- CVE-2015-1805Aug 8, 2015affected < 3.0.101-65.1fixed 3.0.101-65.1
The (1) pipe_read and (2) pipe_write implementations in fs/pipe.c in the Linux kernel before 3.16 do not properly consider the side effects of failed __copy_to_user_inatomic and __copy_from_user_inatomic calls, which allows local users to cause a denial of service (system crash)
- CVE-2015-4167Aug 5, 2015affected < 3.0.101-65.1fixed 3.0.101-65.1
The udf_read_inode function in fs/udf/inode.c in the Linux kernel before 3.19.1 does not validate certain length values, which allows local users to cause a denial of service (incorrect data representation or integer overflow, and OOPS) via a crafted UDF filesystem.
- CVE-2015-2830May 27, 2015affected < 3.0.101-65.1fixed 3.0.101-65.1
arch/x86/kernel/entry_64.S in the Linux kernel before 3.19.2 does not prevent the TS_COMPAT flag from reaching a user-mode task, which might allow local users to bypass the seccomp or audit protection mechanism via a crafted application that uses the (1) fork or (2) close system
- CVE-2015-0777Apr 5, 2015affected < 3.0.101-65.1fixed 3.0.101-65.1
drivers/xen/usbback/usbback.c in linux-2.6.18-xen-3.4.0 (aka the Xen 3.4.x support patches for the Linux kernel 2.6.18), as used in the Linux kernel 2.6.x and 3.x in SUSE Linux distributions, allows guest OS users to obtain sensitive information from uninitialized locations in ho
- CVE-2015-1420Mar 16, 2015affected < 3.0.101-65.1fixed 3.0.101-65.1
Race condition in the handle_to_path function in fs/fhandle.c in the Linux kernel through 3.19.1 allows local users to bypass intended size restrictions and trigger read operations on additional memory locations by changing the handle_bytes value of a file handle during the execu
- CVE-2015-2150Mar 12, 2015affected < 3.0.101-65.1fixed 3.0.101-65.1
Xen 3.3.x through 4.5.x and the Linux kernel through 3.19.1 do not properly restrict access to PCI command registers, which might allow local guest OS users to cause a denial of service (non-maskable interrupt and host crash) by disabling the (1) memory or (2) I/O decoding for a
Page 3 of 3