rpm package

suse/kernel-default&distro=SUSE Linux Enterprise High Availability Extension 12 SP2

pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20High%20Availability%20Extension%2012%20SP2

Vulnerabilities (408)

CVE	Sev	CVSS	Affected versions	Fixed in	Published	Description
CVE-2016-8666	Hig	7.5	< 4.4.38-93.1	4.4.38-93.1	Oct 16, 2016	The IP stack in the Linux kernel before 4.6 allows remote attackers to cause a denial of service (stack consumption and panic) or possibly have unspecified other impact by triggering use of the GRO path for packets with tunnel stacking, as demonstrated by interleaved IPv4 headers
CVE-2016-7425	Hig	7.8	< 4.4.38-93.1	4.4.38-93.1	Oct 16, 2016	The arcmsr_iop_message_xfer function in drivers/scsi/arcmsr/arcmsr_hba.c in the Linux kernel through 4.8.2 does not restrict a certain length field, which allows local users to gain privileges or cause a denial of service (heap-based buffer overflow) via an ARCMSR_MESSAGE_WRITE_W
CVE-2016-7042	Med	6.2	< 4.4.38-93.1	4.4.38-93.1	Oct 16, 2016	The proc_keys_show function in security/keys/proc.c in the Linux kernel through 4.8.2, when the GNU Compiler Collection (gcc) stack protector is enabled, uses an incorrect buffer size for certain timeout data, which allows local users to cause a denial of service (stack memory co
CVE-2016-7039	Hig	7.5	< 4.4.38-93.1	4.4.38-93.1	Oct 16, 2016	The IP stack in the Linux kernel through 4.8.2 allows remote attackers to cause a denial of service (stack consumption and panic) or possibly have unspecified other impact by triggering use of the GRO path for large crafted packets, as demonstrated by packets that contain only VL
CVE-2016-7117	Cri	9.8	< 4.4.49-92.11.1	4.4.49-92.11.1	Oct 10, 2016	Use-after-free vulnerability in the __sys_recvmmsg function in net/socket.c in the Linux kernel before 4.5.2 allows remote attackers to execute arbitrary code via vectors involving a recvmmsg system call that is mishandled during error processing.
CVE-2016-2117	Hig	7.5	< 4.4.59-92.17.3	4.4.59-92.17.3	May 2, 2016	The atl2_probe function in drivers/net/ethernet/atheros/atlx/atl2.c in the Linux kernel through 4.5.2 incorrectly enables scatter/gather I/O, which allows remote attackers to obtain sensitive information from kernel memory by reading packet data.
CVE-2015-1350	Med	5.5	< 4.4.38-93.1	4.4.38-93.1	May 2, 2016	The VFS subsystem in the Linux kernel 3.x provides an incomplete set of requirements for setattr operations that underspecifies removing extended privilege attributes, which allows local users to cause a denial of service (capability stripping) via a failed invocation of a system
CVE-2015-8709	Hig	7.0	< 4.4.49-92.11.1	4.4.49-92.11.1	Feb 8, 2016	kernel/ptrace.c in the Linux kernel through 4.4.1 mishandles uid and gid mappings, which allows local users to gain privileges by establishing a user namespace, waiting for a root process to enter that namespace with an unsafe uid or gid, and then using the ptrace system call. N

CVE-2016-8666HigOct 16, 2016
affected < 4.4.38-93.1fixed 4.4.38-93.1
The IP stack in the Linux kernel before 4.6 allows remote attackers to cause a denial of service (stack consumption and panic) or possibly have unspecified other impact by triggering use of the GRO path for packets with tunnel stacking, as demonstrated by interleaved IPv4 headers
CVE-2016-7425HigOct 16, 2016
affected < 4.4.38-93.1fixed 4.4.38-93.1
The arcmsr_iop_message_xfer function in drivers/scsi/arcmsr/arcmsr_hba.c in the Linux kernel through 4.8.2 does not restrict a certain length field, which allows local users to gain privileges or cause a denial of service (heap-based buffer overflow) via an ARCMSR_MESSAGE_WRITE_W
CVE-2016-7042MedOct 16, 2016
affected < 4.4.38-93.1fixed 4.4.38-93.1
The proc_keys_show function in security/keys/proc.c in the Linux kernel through 4.8.2, when the GNU Compiler Collection (gcc) stack protector is enabled, uses an incorrect buffer size for certain timeout data, which allows local users to cause a denial of service (stack memory co
CVE-2016-7039HigOct 16, 2016
affected < 4.4.38-93.1fixed 4.4.38-93.1
The IP stack in the Linux kernel through 4.8.2 allows remote attackers to cause a denial of service (stack consumption and panic) or possibly have unspecified other impact by triggering use of the GRO path for large crafted packets, as demonstrated by packets that contain only VL
CVE-2016-7117CriOct 10, 2016
affected < 4.4.49-92.11.1fixed 4.4.49-92.11.1
Use-after-free vulnerability in the __sys_recvmmsg function in net/socket.c in the Linux kernel before 4.5.2 allows remote attackers to execute arbitrary code via vectors involving a recvmmsg system call that is mishandled during error processing.
CVE-2016-2117HigMay 2, 2016
affected < 4.4.59-92.17.3fixed 4.4.59-92.17.3
The atl2_probe function in drivers/net/ethernet/atheros/atlx/atl2.c in the Linux kernel through 4.5.2 incorrectly enables scatter/gather I/O, which allows remote attackers to obtain sensitive information from kernel memory by reading packet data.
CVE-2015-1350MedMay 2, 2016
affected < 4.4.38-93.1fixed 4.4.38-93.1
The VFS subsystem in the Linux kernel 3.x provides an incomplete set of requirements for setattr operations that underspecifies removing extended privilege attributes, which allows local users to cause a denial of service (capability stripping) via a failed invocation of a system
CVE-2015-8709HigFeb 8, 2016
affected < 4.4.49-92.11.1fixed 4.4.49-92.11.1
kernel/ptrace.c in the Linux kernel through 4.4.1 mishandles uid and gid mappings, which allows local users to gain privileges by establishing a user namespace, waiting for a root process to enter that namespace with an unsafe uid or gid, and then using the ptrace system call. N

Page 21 of 21