rpm package

suse/kernel-default&distro=SUSE Linux Enterprise Desktop 12 SP2

pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Desktop%2012%20SP2

Vulnerabilities (124)

CVE	Sev	CVSS	Affected versions	Fixed in	Published	Description
CVE-2017-15649	Hig	7.8	< 4.4.90-92.45.1	4.4.90-92.45.1	Oct 19, 2017	net/packet/af_packet.c in the Linux kernel before 4.13.6 allows local users to gain privileges via crafted system calls that trigger mishandling of packet_fanout data structures, because of a race condition (involving fanout_add and packet_do_bind) that leads to a use-after-free,
CVE-2017-13080	Med	5.3	< 4.4.90-92.45.1	4.4.90-92.45.1	Oct 17, 2017	Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Group Temporal Key (GTK) during the group key handshake, allowing an attacker within radio range to replay frames from access points to clients.
CVE-2017-15265	Hig	7.0	< 4.4.103-92.53.1	4.4.103-92.53.1	Oct 16, 2017	Race condition in the ALSA subsystem in the Linux kernel before 4.13.8 allows local users to cause a denial of service (use-after-free) or possibly have unspecified other impact via crafted /dev/snd/seq ioctl calls, related to sound/core/seq/seq_clientmgr.c and sound/core/seq/seq
CVE-2017-1000112	Hig	7.0	< 4.4.74-92.35.1	4.4.74-92.35.1	Oct 5, 2017	Linux kernel: Exploitable memory corruption due to UFO to non-UFO path switch. When building a UFO packet with MSG_MORE __ip_append_data() calls ip_ufo_append_data() to append. However in between two send() calls, the append path can be switched from UFO to non-UFO one, which lea
CVE-2017-1000111	Hig	7.8	< 4.4.74-92.35.1	4.4.74-92.35.1	Oct 5, 2017	Linux kernel: heap out-of-bounds in AF_PACKET sockets. This new issue is analogous to previously disclosed CVE-2016-8655. In both cases, a socket option that changes socket state may race with safety checks in packet_set_ring. Previously with PACKET_VERSION. This time with PACKET
CVE-2017-12154	Hig	7.1	< 4.4.90-92.45.1	4.4.90-92.45.1	Sep 26, 2017	The prepare_vmcs02 function in arch/x86/kvm/vmx.c in the Linux kernel through 4.13.3 does not ensure that the "CR8-load exiting" and "CR8-store exiting" L0 vmcs02 controls exist in cases where L1 omits the "use TPR shadow" vmcs12 control, which allows KVM L2 guest OS users to obt
CVE-2017-1000252	Med	5.5	< 4.4.90-92.45.1	4.4.90-92.45.1	Sep 26, 2017	The KVM subsystem in the Linux kernel through 4.13.3 allows guest OS users to cause a denial of service (assertion failure, and hypervisor hang or crash) via an out-of bounds guest_irq value, related to arch/x86/kvm/vmx.c and virt/kvm/eventfd.c.
CVE-2017-12153	Med	4.4	< 4.4.90-92.45.1	4.4.90-92.45.1	Sep 21, 2017	A security flaw was discovered in the nl80211_set_rekey_data() function in net/wireless/nl80211.c in the Linux kernel through 4.13.3. This function does not check whether the required attributes are present in a Netlink request. This request can be issued by a user with the CAP_N
CVE-2017-14489	Med	5.5	< 4.4.90-92.45.1	4.4.90-92.45.1	Sep 15, 2017	The iscsi_if_rx function in drivers/scsi/scsi_transport_iscsi.c in the Linux kernel through 4.13.2 allows local users to cause a denial of service (panic) by leveraging incorrect length validation.
CVE-2017-1000251	Hig	8.0	< 4.4.74-92.38.1	4.4.74-92.38.1	Sep 12, 2017	The native Bluetooth stack in the Linux Kernel (BlueZ), starting at the Linux kernel version 2.6.32 and up to and including 4.13.1, are vulnerable to a stack overflow vulnerability in the processing of L2CAP configuration responses resulting in Remote code execution in kernel spa
CVE-2017-14106	Med	5.5	< 4.4.90-92.45.1	4.4.90-92.45.1	Sep 1, 2017	The tcp_disconnect function in net/ipv4/tcp.c in the Linux kernel before 4.12 allows local users to cause a denial of service (__tcp_select_window divide-by-zero error and system crash) by triggering a disconnect within a certain tcp_recvmsg code path.
CVE-2017-14051	Med	4.4	< 4.4.90-92.45.1	4.4.90-92.45.1	Aug 31, 2017	An integer overflow in the qla2x00_sysfs_write_optrom_ctl function in drivers/scsi/qla2xxx/qla_attr.c in the Linux kernel through 4.12.10 allows local users to cause a denial of service (memory corruption and system crash) by leveraging root access.
CVE-2017-12134	Hig	8.8	< 4.4.90-92.45.1	4.4.90-92.45.1	Aug 24, 2017	The xen_biovec_phys_mergeable function in drivers/xen/biomerge.c in Xen might allow local OS guest users to corrupt block device data streams and consequently obtain sensitive memory information, cause a denial of service, or gain host OS privileges by leveraging incorrect block
CVE-2017-7533	Hig	7.0	< 4.4.74-92.32.1	4.4.74-92.32.1	Aug 5, 2017	Race condition in the fsnotify implementation in the Linux kernel through 4.12.4 allows local users to gain privileges or cause a denial of service (memory corruption) via a crafted application that leverages simultaneous execution of the inotify_handle_event and vfs_rename funct
CVE-2017-7541	Hig	7.8	< 4.4.90-92.45.1	4.4.90-92.45.1	Jul 25, 2017	The brcmf_cfg80211_mgmt_tx function in drivers/net/wireless/broadcom/brcm80211/brcmfmac/cfg80211.c in the Linux kernel before 4.12.3 allows local users to cause a denial of service (buffer overflow and system crash) or possibly gain privileges via a crafted NL80211_CMD_FRAME Netl
CVE-2017-11600	Hig	7.0	< 4.4.103-92.53.1	4.4.103-92.53.1	Jul 24, 2017	net/xfrm/xfrm_policy.c in the Linux kernel through 4.12.3, when CONFIG_XFRM_MIGRATE is enabled, does not ensure that the dir value of xfrm_userpolicy_id is XFRM_POLICY_MAX or less, which allows local users to cause a denial of service (out-of-bounds access) or possibly have unspe
CVE-2017-7542	Med	5.5	< 4.4.90-92.45.1	4.4.90-92.45.1	Jul 21, 2017	The ip6_find_1stfragopt function in net/ipv6/output_core.c in the Linux kernel through 4.12.3 allows local users to cause a denial of service (integer overflow and infinite loop) by leveraging the ability to open a raw socket.
CVE-2017-11473	Hig	7.8	< 4.4.90-92.45.1	4.4.90-92.45.1	Jul 20, 2017	Buffer overflow in the mp_override_legacy_irq() function in arch/x86/kernel/acpi/boot.c in the Linux kernel through 3.2 allows local users to gain privileges via a crafted ACPI table.
CVE-2017-11472	Hig	7.1	< 4.4.90-92.45.1	4.4.90-92.45.1	Jul 20, 2017	The acpi_ns_terminate() function in drivers/acpi/acpica/nsutils.c in the Linux kernel before 4.12 does not flush the operand cache and causes a kernel stack dump, which allows local users to obtain sensitive information from kernel memory and bypass the KASLR protection mechanism
CVE-2017-10810	Hig	7.5	< 4.4.90-92.45.1	4.4.90-92.45.1	Jul 4, 2017	Memory leak in the virtio_gpu_object_create function in drivers/gpu/drm/virtio/virtgpu_object.c in the Linux kernel through 4.11.8 allows attackers to cause a denial of service (memory consumption) by triggering object-initialization failures.

CVE-2017-15649HigOct 19, 2017
affected < 4.4.90-92.45.1fixed 4.4.90-92.45.1
net/packet/af_packet.c in the Linux kernel before 4.13.6 allows local users to gain privileges via crafted system calls that trigger mishandling of packet_fanout data structures, because of a race condition (involving fanout_add and packet_do_bind) that leads to a use-after-free,
CVE-2017-13080MedOct 17, 2017
affected < 4.4.90-92.45.1fixed 4.4.90-92.45.1
Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Group Temporal Key (GTK) during the group key handshake, allowing an attacker within radio range to replay frames from access points to clients.
CVE-2017-15265HigOct 16, 2017
affected < 4.4.103-92.53.1fixed 4.4.103-92.53.1
Race condition in the ALSA subsystem in the Linux kernel before 4.13.8 allows local users to cause a denial of service (use-after-free) or possibly have unspecified other impact via crafted /dev/snd/seq ioctl calls, related to sound/core/seq/seq_clientmgr.c and sound/core/seq/seq
CVE-2017-1000112HigOct 5, 2017
affected < 4.4.74-92.35.1fixed 4.4.74-92.35.1
Linux kernel: Exploitable memory corruption due to UFO to non-UFO path switch. When building a UFO packet with MSG_MORE __ip_append_data() calls ip_ufo_append_data() to append. However in between two send() calls, the append path can be switched from UFO to non-UFO one, which lea
CVE-2017-1000111HigOct 5, 2017
affected < 4.4.74-92.35.1fixed 4.4.74-92.35.1
Linux kernel: heap out-of-bounds in AF_PACKET sockets. This new issue is analogous to previously disclosed CVE-2016-8655. In both cases, a socket option that changes socket state may race with safety checks in packet_set_ring. Previously with PACKET_VERSION. This time with PACKET
CVE-2017-12154HigSep 26, 2017
affected < 4.4.90-92.45.1fixed 4.4.90-92.45.1
The prepare_vmcs02 function in arch/x86/kvm/vmx.c in the Linux kernel through 4.13.3 does not ensure that the "CR8-load exiting" and "CR8-store exiting" L0 vmcs02 controls exist in cases where L1 omits the "use TPR shadow" vmcs12 control, which allows KVM L2 guest OS users to obt
CVE-2017-1000252MedSep 26, 2017
affected < 4.4.90-92.45.1fixed 4.4.90-92.45.1
The KVM subsystem in the Linux kernel through 4.13.3 allows guest OS users to cause a denial of service (assertion failure, and hypervisor hang or crash) via an out-of bounds guest_irq value, related to arch/x86/kvm/vmx.c and virt/kvm/eventfd.c.
CVE-2017-12153MedSep 21, 2017
affected < 4.4.90-92.45.1fixed 4.4.90-92.45.1
A security flaw was discovered in the nl80211_set_rekey_data() function in net/wireless/nl80211.c in the Linux kernel through 4.13.3. This function does not check whether the required attributes are present in a Netlink request. This request can be issued by a user with the CAP_N
CVE-2017-14489MedSep 15, 2017
affected < 4.4.90-92.45.1fixed 4.4.90-92.45.1
The iscsi_if_rx function in drivers/scsi/scsi_transport_iscsi.c in the Linux kernel through 4.13.2 allows local users to cause a denial of service (panic) by leveraging incorrect length validation.
CVE-2017-1000251HigSep 12, 2017
affected < 4.4.74-92.38.1fixed 4.4.74-92.38.1
The native Bluetooth stack in the Linux Kernel (BlueZ), starting at the Linux kernel version 2.6.32 and up to and including 4.13.1, are vulnerable to a stack overflow vulnerability in the processing of L2CAP configuration responses resulting in Remote code execution in kernel spa
CVE-2017-14106MedSep 1, 2017
affected < 4.4.90-92.45.1fixed 4.4.90-92.45.1
The tcp_disconnect function in net/ipv4/tcp.c in the Linux kernel before 4.12 allows local users to cause a denial of service (__tcp_select_window divide-by-zero error and system crash) by triggering a disconnect within a certain tcp_recvmsg code path.
CVE-2017-14051MedAug 31, 2017
affected < 4.4.90-92.45.1fixed 4.4.90-92.45.1
An integer overflow in the qla2x00_sysfs_write_optrom_ctl function in drivers/scsi/qla2xxx/qla_attr.c in the Linux kernel through 4.12.10 allows local users to cause a denial of service (memory corruption and system crash) by leveraging root access.
CVE-2017-12134HigAug 24, 2017
affected < 4.4.90-92.45.1fixed 4.4.90-92.45.1
The xen_biovec_phys_mergeable function in drivers/xen/biomerge.c in Xen might allow local OS guest users to corrupt block device data streams and consequently obtain sensitive memory information, cause a denial of service, or gain host OS privileges by leveraging incorrect block
CVE-2017-7533HigAug 5, 2017
affected < 4.4.74-92.32.1fixed 4.4.74-92.32.1
Race condition in the fsnotify implementation in the Linux kernel through 4.12.4 allows local users to gain privileges or cause a denial of service (memory corruption) via a crafted application that leverages simultaneous execution of the inotify_handle_event and vfs_rename funct
CVE-2017-7541HigJul 25, 2017
affected < 4.4.90-92.45.1fixed 4.4.90-92.45.1
The brcmf_cfg80211_mgmt_tx function in drivers/net/wireless/broadcom/brcm80211/brcmfmac/cfg80211.c in the Linux kernel before 4.12.3 allows local users to cause a denial of service (buffer overflow and system crash) or possibly gain privileges via a crafted NL80211_CMD_FRAME Netl
CVE-2017-11600HigJul 24, 2017
affected < 4.4.103-92.53.1fixed 4.4.103-92.53.1
net/xfrm/xfrm_policy.c in the Linux kernel through 4.12.3, when CONFIG_XFRM_MIGRATE is enabled, does not ensure that the dir value of xfrm_userpolicy_id is XFRM_POLICY_MAX or less, which allows local users to cause a denial of service (out-of-bounds access) or possibly have unspe
CVE-2017-7542MedJul 21, 2017
affected < 4.4.90-92.45.1fixed 4.4.90-92.45.1
The ip6_find_1stfragopt function in net/ipv6/output_core.c in the Linux kernel through 4.12.3 allows local users to cause a denial of service (integer overflow and infinite loop) by leveraging the ability to open a raw socket.
CVE-2017-11473HigJul 20, 2017
affected < 4.4.90-92.45.1fixed 4.4.90-92.45.1
Buffer overflow in the mp_override_legacy_irq() function in arch/x86/kernel/acpi/boot.c in the Linux kernel through 3.2 allows local users to gain privileges via a crafted ACPI table.
CVE-2017-11472HigJul 20, 2017
affected < 4.4.90-92.45.1fixed 4.4.90-92.45.1
The acpi_ns_terminate() function in drivers/acpi/acpica/nsutils.c in the Linux kernel before 4.12 does not flush the operand cache and causes a kernel stack dump, which allows local users to obtain sensitive information from kernel memory and bypass the KASLR protection mechanism
CVE-2017-10810HigJul 4, 2017
affected < 4.4.90-92.45.1fixed 4.4.90-92.45.1
Memory leak in the virtio_gpu_object_create function in drivers/gpu/drm/virtio/virtgpu_object.c in the Linux kernel through 4.11.8 allows attackers to cause a denial of service (memory consumption) by triggering object-initialization failures.

Page 3 of 7