rpm package

suse/kernel-default&distro=SUSE Linux Enterprise High Availability Extension 12 SP2

pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20High%20Availability%20Extension%2012%20SP2

Vulnerabilities (408)

CVE	Sev	CVSS	Affected versions	Fixed in	Published	Description
CVE-2017-5576	Hig	7.8	< 4.4.49-92.11.1	4.4.49-92.11.1	Feb 6, 2017	Integer overflow in the vc4_get_bcl function in drivers/gpu/drm/vc4/vc4_gem.c in the VideoCore DRM driver in the Linux kernel before 4.9.7 allows local users to cause a denial of service or possibly have unspecified other impact via a crafted size value in a VC4_SUBMIT_CL ioctl c
CVE-2017-5551	Med	4.4	< 4.4.49-92.11.1	4.4.49-92.11.1	Feb 6, 2017	The simple_set_acl function in fs/posix_acl.c in the Linux kernel before 4.9.6 preserves the setgid bit during a setxattr call involving a tmpfs filesystem, which allows local users to gain group privileges by leveraging the existence of a setgid program with restrictions on exec
CVE-2017-2596	Med	6.5	< 4.4.59-92.17.3	4.4.59-92.17.3	Feb 6, 2017	The nested_vmx_check_vmptr function in arch/x86/kvm/vmx.c in the Linux kernel through 4.9.8 improperly emulates the VMXON instruction, which allows KVM L1 guest OS users to cause a denial of service (host OS memory consumption) by leveraging the mishandling of page references.
CVE-2017-2583	Hig	8.4	< 4.4.49-92.11.1	4.4.49-92.11.1	Feb 6, 2017	The load_segment_descriptor implementation in arch/x86/kvm/emulate.c in the Linux kernel before 4.9.5 improperly emulates a "MOV SS, NULL selector" instruction, which allows guest OS users to cause a denial of service (guest OS crash) or gain guest OS privileges via a crafted app
CVE-2017-2584	Hig	7.1	< 4.4.49-92.11.1	4.4.49-92.11.1	Jan 15, 2017	arch/x86/kvm/emulate.c in the Linux kernel through 4.9.3 allows local users to obtain sensitive information from kernel memory or cause a denial of service (use-after-free) via a crafted application that leverages instruction emulation for fxrstor, fxsave, sgdt, and sidt.
CVE-2016-9806	Hig	7.8	< 4.4.49-92.11.1	4.4.49-92.11.1	Dec 28, 2016	Race condition in the netlink_dump function in net/netlink/af_netlink.c in the Linux kernel before 4.6.3 allows local users to cause a denial of service (double free) or possibly have unspecified other impact via a crafted application that makes sendmsg system calls, leading to a
CVE-2016-9794	Hig	7.8	< 4.4.21-90.1	4.4.21-90.1	Dec 28, 2016	Race condition in the snd_pcm_period_elapsed function in sound/core/pcm_lib.c in the ALSA subsystem in the Linux kernel before 4.7 allows local users to cause a denial of service (use-after-free) or possibly have unspecified other impact via a crafted SNDRV_PCM_TRIGGER_START comm
CVE-2016-9793	Hig	7.8	< 4.4.38-93.1	4.4.38-93.1	Dec 28, 2016	The sock_setsockopt function in net/core/sock.c in the Linux kernel before 4.8.14 mishandles negative values of sk_sndbuf and sk_rcvbuf, which allows local users to cause a denial of service (memory corruption and system crash) or possibly have unspecified other impact by leverag
CVE-2016-9576	Hig	7.8	< 4.4.21-90.1	4.4.21-90.1	Dec 28, 2016	The blk_rq_map_user_iov function in block/blk-map.c in the Linux kernel before 4.8.14 does not properly restrict the type of iterator, which allows local users to read or write to arbitrary kernel memory locations or cause a denial of service (use-after-free) by leveraging access
CVE-2016-9919	Hig	7.5	< 4.4.38-93.1	4.4.38-93.1	Dec 8, 2016	The icmp6_send function in net/ipv6/icmp.c in the Linux kernel through 4.8.12 omits a certain check of the dst data structure, which allows remote attackers to cause a denial of service (panic) via a fragmented IPv6 packet.
CVE-2016-8655	Hig	7.8	< 4.4.21-84.1	4.4.21-84.1	Dec 8, 2016	Race condition in net/packet/af_packet.c in the Linux kernel through 4.8.12 allows local users to gain privileges or cause a denial of service (use-after-free) by leveraging the CAP_NET_RAW capability to change a socket version, related to the packet_set_ring and packet_setsockop
CVE-2016-9555	Cri	9.8	< 4.4.21-84.1	4.4.21-84.1	Nov 28, 2016	The sctp_sf_ootb function in net/sctp/sm_statefuns.c in the Linux kernel before 4.8.8 lacks chunk-length checking for the first chunk, which allows remote attackers to cause a denial of service (out-of-bounds slab access) or possibly have unspecified other impact via crafted SCTP
CVE-2016-9191	Med	5.5	< 4.4.59-92.17.3	4.4.59-92.17.3	Nov 28, 2016	The cgroup offline implementation in the Linux kernel through 4.8.11 mishandles certain drain operations, which allows local users to cause a denial of service (system hang) by leveraging access to a container environment for executing a crafted application, as demonstrated by tr
CVE-2016-9084	Hig	7.8	< 4.4.38-93.1	4.4.38-93.1	Nov 28, 2016	drivers/vfio/pci/vfio_pci_intrs.c in the Linux kernel through 4.8.11 misuses the kzalloc function, which allows local users to cause a denial of service (integer overflow) or have unspecified other impact by leveraging access to a vfio PCI device file.
CVE-2016-9083	Hig	7.8	< 4.4.38-93.1	4.4.38-93.1	Nov 28, 2016	drivers/vfio/pci/vfio_pci.c in the Linux kernel through 4.8.11 allows local users to bypass integer overflow checks, and cause a denial of service (memory corruption) or have unspecified other impact, by leveraging access to a vfio PCI device file for a VFIO_DEVICE_SET_IRQS ioctl
CVE-2016-8645	Med	5.5	< 4.4.38-93.1	4.4.38-93.1	Nov 28, 2016	The TCP stack in the Linux kernel before 4.8.10 mishandles skb truncation, which allows local users to cause a denial of service (system crash) via a crafted application that makes sendto system calls, related to net/ipv4/tcp_ipv4.c and net/ipv6/tcp_ipv6.c.
CVE-2016-8632	Hig	7.8	< 4.4.21-84.1	4.4.21-84.1	Nov 28, 2016	The tipc_msg_build function in net/tipc/msg.c in the Linux kernel through 4.8.11 does not validate the relationship between the minimum fragment length and the maximum packet size, which allows local users to gain privileges or cause a denial of service (heap-based buffer overflo
CVE-2016-7917	Med	5.0	< 4.4.38-93.1	4.4.38-93.1	Nov 16, 2016	The nfnetlink_rcv_batch function in net/netfilter/nfnetlink.c in the Linux kernel before 4.5 does not check whether a batch message's length field is large enough, which allows local users to obtain sensitive information from kernel memory or cause a denial of service (infinite l
CVE-2016-7913	Hig	7.8	< 4.4.38-93.1	4.4.38-93.1	Nov 16, 2016	The xc2028_set_config function in drivers/media/tuners/tuner-xc2028.c in the Linux kernel before 4.6 allows local users to gain privileges or cause a denial of service (use-after-free) via vectors involving omission of the firmware name from a certain data structure.
CVE-2015-8964	Med	5.5	< 4.4.38-93.1	4.4.38-93.1	Nov 16, 2016	The tty_set_termios_ldisc function in drivers/tty/tty_ldisc.c in the Linux kernel before 4.5 allows local users to obtain sensitive information from kernel memory by reading a tty data structure.

CVE-2017-5576HigFeb 6, 2017
affected < 4.4.49-92.11.1fixed 4.4.49-92.11.1
Integer overflow in the vc4_get_bcl function in drivers/gpu/drm/vc4/vc4_gem.c in the VideoCore DRM driver in the Linux kernel before 4.9.7 allows local users to cause a denial of service or possibly have unspecified other impact via a crafted size value in a VC4_SUBMIT_CL ioctl c
CVE-2017-5551MedFeb 6, 2017
affected < 4.4.49-92.11.1fixed 4.4.49-92.11.1
The simple_set_acl function in fs/posix_acl.c in the Linux kernel before 4.9.6 preserves the setgid bit during a setxattr call involving a tmpfs filesystem, which allows local users to gain group privileges by leveraging the existence of a setgid program with restrictions on exec
CVE-2017-2596MedFeb 6, 2017
affected < 4.4.59-92.17.3fixed 4.4.59-92.17.3
The nested_vmx_check_vmptr function in arch/x86/kvm/vmx.c in the Linux kernel through 4.9.8 improperly emulates the VMXON instruction, which allows KVM L1 guest OS users to cause a denial of service (host OS memory consumption) by leveraging the mishandling of page references.
CVE-2017-2583HigFeb 6, 2017
affected < 4.4.49-92.11.1fixed 4.4.49-92.11.1
The load_segment_descriptor implementation in arch/x86/kvm/emulate.c in the Linux kernel before 4.9.5 improperly emulates a "MOV SS, NULL selector" instruction, which allows guest OS users to cause a denial of service (guest OS crash) or gain guest OS privileges via a crafted app
CVE-2017-2584HigJan 15, 2017
affected < 4.4.49-92.11.1fixed 4.4.49-92.11.1
arch/x86/kvm/emulate.c in the Linux kernel through 4.9.3 allows local users to obtain sensitive information from kernel memory or cause a denial of service (use-after-free) via a crafted application that leverages instruction emulation for fxrstor, fxsave, sgdt, and sidt.
CVE-2016-9806HigDec 28, 2016
affected < 4.4.49-92.11.1fixed 4.4.49-92.11.1
Race condition in the netlink_dump function in net/netlink/af_netlink.c in the Linux kernel before 4.6.3 allows local users to cause a denial of service (double free) or possibly have unspecified other impact via a crafted application that makes sendmsg system calls, leading to a
CVE-2016-9794HigDec 28, 2016
affected < 4.4.21-90.1fixed 4.4.21-90.1
Race condition in the snd_pcm_period_elapsed function in sound/core/pcm_lib.c in the ALSA subsystem in the Linux kernel before 4.7 allows local users to cause a denial of service (use-after-free) or possibly have unspecified other impact via a crafted SNDRV_PCM_TRIGGER_START comm
CVE-2016-9793HigDec 28, 2016
affected < 4.4.38-93.1fixed 4.4.38-93.1
The sock_setsockopt function in net/core/sock.c in the Linux kernel before 4.8.14 mishandles negative values of sk_sndbuf and sk_rcvbuf, which allows local users to cause a denial of service (memory corruption and system crash) or possibly have unspecified other impact by leverag
CVE-2016-9576HigDec 28, 2016
affected < 4.4.21-90.1fixed 4.4.21-90.1
The blk_rq_map_user_iov function in block/blk-map.c in the Linux kernel before 4.8.14 does not properly restrict the type of iterator, which allows local users to read or write to arbitrary kernel memory locations or cause a denial of service (use-after-free) by leveraging access
CVE-2016-9919HigDec 8, 2016
affected < 4.4.38-93.1fixed 4.4.38-93.1
The icmp6_send function in net/ipv6/icmp.c in the Linux kernel through 4.8.12 omits a certain check of the dst data structure, which allows remote attackers to cause a denial of service (panic) via a fragmented IPv6 packet.
CVE-2016-8655HigDec 8, 2016
affected < 4.4.21-84.1fixed 4.4.21-84.1
Race condition in net/packet/af_packet.c in the Linux kernel through 4.8.12 allows local users to gain privileges or cause a denial of service (use-after-free) by leveraging the CAP_NET_RAW capability to change a socket version, related to the packet_set_ring and packet_setsockop
CVE-2016-9555CriNov 28, 2016
affected < 4.4.21-84.1fixed 4.4.21-84.1
The sctp_sf_ootb function in net/sctp/sm_statefuns.c in the Linux kernel before 4.8.8 lacks chunk-length checking for the first chunk, which allows remote attackers to cause a denial of service (out-of-bounds slab access) or possibly have unspecified other impact via crafted SCTP
CVE-2016-9191MedNov 28, 2016
affected < 4.4.59-92.17.3fixed 4.4.59-92.17.3
The cgroup offline implementation in the Linux kernel through 4.8.11 mishandles certain drain operations, which allows local users to cause a denial of service (system hang) by leveraging access to a container environment for executing a crafted application, as demonstrated by tr
CVE-2016-9084HigNov 28, 2016
affected < 4.4.38-93.1fixed 4.4.38-93.1
drivers/vfio/pci/vfio_pci_intrs.c in the Linux kernel through 4.8.11 misuses the kzalloc function, which allows local users to cause a denial of service (integer overflow) or have unspecified other impact by leveraging access to a vfio PCI device file.
CVE-2016-9083HigNov 28, 2016
affected < 4.4.38-93.1fixed 4.4.38-93.1
drivers/vfio/pci/vfio_pci.c in the Linux kernel through 4.8.11 allows local users to bypass integer overflow checks, and cause a denial of service (memory corruption) or have unspecified other impact, by leveraging access to a vfio PCI device file for a VFIO_DEVICE_SET_IRQS ioctl
CVE-2016-8645MedNov 28, 2016
affected < 4.4.38-93.1fixed 4.4.38-93.1
The TCP stack in the Linux kernel before 4.8.10 mishandles skb truncation, which allows local users to cause a denial of service (system crash) via a crafted application that makes sendto system calls, related to net/ipv4/tcp_ipv4.c and net/ipv6/tcp_ipv6.c.
CVE-2016-8632HigNov 28, 2016
affected < 4.4.21-84.1fixed 4.4.21-84.1
The tipc_msg_build function in net/tipc/msg.c in the Linux kernel through 4.8.11 does not validate the relationship between the minimum fragment length and the maximum packet size, which allows local users to gain privileges or cause a denial of service (heap-based buffer overflo
CVE-2016-7917MedNov 16, 2016
affected < 4.4.38-93.1fixed 4.4.38-93.1
The nfnetlink_rcv_batch function in net/netfilter/nfnetlink.c in the Linux kernel before 4.5 does not check whether a batch message's length field is large enough, which allows local users to obtain sensitive information from kernel memory or cause a denial of service (infinite l
CVE-2016-7913HigNov 16, 2016
affected < 4.4.38-93.1fixed 4.4.38-93.1
The xc2028_set_config function in drivers/media/tuners/tuner-xc2028.c in the Linux kernel before 4.6 allows local users to gain privileges or cause a denial of service (use-after-free) via vectors involving omission of the firmware name from a certain data structure.
CVE-2015-8964MedNov 16, 2016
affected < 4.4.38-93.1fixed 4.4.38-93.1
The tty_set_termios_ldisc function in drivers/tty/tty_ldisc.c in the Linux kernel before 4.5 allows local users to obtain sensitive information from kernel memory by reading a tty data structure.

Page 20 of 21