rpm package
suse/kernel-default&distro=SUSE Linux Enterprise Live Patching 15
pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2015
Vulnerabilities (611)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2018-13406 | — | < 4.12.14-25.3.1 | 4.12.14-25.3.1 | Jul 6, 2018 | An integer overflow in the uvesafb_setcmap function in drivers/video/fbdev/uvesafb.c in the Linux kernel before 4.17.4 could result in local attackers being able to crash the kernel or potentially elevate privileges because kmalloc_array is not used. | ||
| CVE-2018-13405 | — | < 4.12.14-25.3.1 | 4.12.14-25.3.1 | Jul 6, 2018 | The inode_init_owner function in fs/inode.c in the Linux kernel through 3.16 allows local users to create files with an unintended group ownership, in a scenario where a directory is SGID to a certain group and is writable by a user who is not a member of that group. Here, the no | ||
| CVE-2018-13095 | — | < 4.12.14-25.19.1 | 4.12.14-25.19.1 | Jul 3, 2018 | An issue was discovered in fs/xfs/libxfs/xfs_inode_buf.c in the Linux kernel through 4.17.3. A denial of service (memory corruption and BUG) can occur for a corrupted xfs image upon encountering an inode that is in extent format, but has more extents than fit in the inode fork. | ||
| CVE-2018-13094 | — | < 4.12.14-25.19.1 | 4.12.14-25.19.1 | Jul 3, 2018 | An issue was discovered in fs/xfs/libxfs/xfs_attr_leaf.c in the Linux kernel through 4.17.3. An OOPS may occur for a corrupted xfs image after xfs_da_shrink_inode() is called with a NULL bp. | ||
| CVE-2018-13093 | — | < 4.12.14-25.19.1 | 4.12.14-25.19.1 | Jul 3, 2018 | An issue was discovered in fs/xfs/xfs_icache.c in the Linux kernel through 4.17.3. There is a NULL pointer dereference and panic in lookup_slow() on a NULL inode->i_ops pointer when doing pathwalks on a corrupted xfs image. This occurs because of a lack of proper validation that | ||
| CVE-2018-12896 | — | < 4.12.14-25.19.1 | 4.12.14-25.19.1 | Jul 2, 2018 | An issue was discovered in the Linux kernel through 4.17.3. An Integer Overflow in kernel/time/posix-timers.c in the POSIX timer code is caused by the way the overrun accounting works. Depending on interval and expiry time values, the overrun can be larger than INT_MAX, but the a | ||
| CVE-2018-13053 | — | < 4.12.14-25.3.1 | 4.12.14-25.3.1 | Jul 2, 2018 | The alarm_timer_nsleep function in kernel/time/alarmtimer.c in the Linux kernel through 4.17.3 has an integer overflow via a large relative timeout because ktime_add_safe is not used. | ||
| CVE-2018-1000204 | — | < 4.12.14-25.3.1 | 4.12.14-25.3.1 | Jun 26, 2018 | Linux Kernel version 3.18 to 4.16 incorrectly handles an SG_IO ioctl on /dev/sg0 with dxfer_direction=SG_DXFER_FROM_DEV and an empty 6-byte cmdp. This may lead to copying up to 1000 kernel heap pages to the userspace. This has been fixed upstream in https://github.com/torvalds/li | ||
| CVE-2018-1120 | — | < 4.12.14-25.3.1 | 4.12.14-25.3.1 | Jun 20, 2018 | A flaw was found affecting the Linux kernel before version 4.17. By mmap()ing a FUSE-backed file onto a process's memory containing command line arguments (or environment strings), an attacker can cause utilities from psutils or procps (such as ps, w) or any other program which m | ||
| CVE-2018-5848 | — | < 4.12.14-25.3.1 | 4.12.14-25.3.1 | Jun 12, 2018 | In the function wmi_set_ie(), the length validation code does not handle unsigned integer overflow properly. As a result, a large value of the 'ie_len' argument can cause a buffer overflow in all Android releases from CAF (Android for MSM, Firefox OS for MSM, QRD Android) using t | ||
| CVE-2018-5803 | — | < 4.12.14-25.3.1 | 4.12.14-25.3.1 | Jun 12, 2018 | In the Linux Kernel before version 4.15.8, 4.14.25, 4.9.87, 4.4.121, 4.1.51, and 3.2.102, an error in the "_sctp_make_chunk()" function (net/sctp/sm_make_chunk.c) when handling SCTP packets length can be exploited to cause a kernel crash. | ||
| CVE-2018-12233 | — | < 4.12.14-25.3.1 | 4.12.14-25.3.1 | Jun 12, 2018 | In the ea_get function in fs/jfs/xattr.c in the Linux kernel through 4.17.1, a memory corruption bug in JFS can be triggered by calling setxattr twice with two different extended attribute names on the same file. This vulnerability can be triggered by an unprivileged user with th | ||
| CVE-2018-12232 | — | < 4.12.14-25.28.1 | 4.12.14-25.28.1 | Jun 12, 2018 | In net/socket.c in the Linux kernel through 4.17.1, there is a race condition between fchownat and close in cases where they target the same socket file descriptor, related to the sock_close and sockfs_setattr functions. fchownat does not increment the file descriptor reference c | ||
| CVE-2018-1000200 | — | < 4.12.14-25.3.1 | 4.12.14-25.3.1 | Jun 5, 2018 | The Linux Kernel versions 4.14, 4.15, and 4.16 has a null pointer dereference which can result in an out of memory (OOM) killing of large mlocked processes. The issue arises from an oom killed process's final thread calling exit_mmap(), which calls munlock_vma_pages_all() for mlo | ||
| CVE-2018-1000199 | — | < 4.12.14-150.52.1 | 4.12.14-150.52.1 | May 24, 2018 | The Linux Kernel version 3.18 contains a dangerous feature vulnerability in modify_user_hw_breakpoint() that can result in crash and possibly memory corruption. This attack appear to be exploitable via local code execution and the ability to use ptrace. This vulnerability appears | ||
| CVE-2018-3639 | — | < 4.12.14-25.3.1 | 4.12.14-25.3.1 | May 22, 2018 | Systems with microprocessors utilizing speculative execution and speculative execution of memory reads before the addresses of all prior memory writes are known may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis, aka | ||
| CVE-2018-1118 | — | < 4.12.14-25.3.1 | 4.12.14-25.3.1 | May 10, 2018 | Linux kernel vhost since version 4.8 does not properly initialize memory in messages passed between virtual guests and the host operating system in the vhost/vhost.c:vhost_new_msg() function. This can allow local privileged users to read some kernel memory contents when reading f | ||
| CVE-2018-1130 | — | < 4.12.14-25.3.1 | 4.12.14-25.3.1 | May 10, 2018 | Linux kernel before version 4.16-rc7 is vulnerable to a null pointer dereference in dccp_write_xmit() function in net/dccp/output.c in that allows a local user to cause a denial of service by a number of certain crafted system calls. | ||
| CVE-2018-10940 | — | < 4.12.14-25.19.1 | 4.12.14-25.19.1 | May 9, 2018 | The cdrom_ioctl_media_changed function in drivers/cdrom/cdrom.c in the Linux kernel before 4.16.6 allows local attackers to use a incorrect bounds check in the CDROM driver CDROM_MEDIA_CHANGED ioctl to read out kernel memory. | ||
| CVE-2018-8781 | — | < 4.12.14-25.3.1 | 4.12.14-25.3.1 | Apr 23, 2018 | The udl_fb_mmap function in drivers/gpu/drm/udl/udl_fb.c at the Linux kernel version 3.4 and up to and including 4.15 has an integer-overflow vulnerability allowing local users with access to the udldrmfb driver to obtain full read and write permissions on kernel physical pages, |
- CVE-2018-13406Jul 6, 2018affected < 4.12.14-25.3.1fixed 4.12.14-25.3.1
An integer overflow in the uvesafb_setcmap function in drivers/video/fbdev/uvesafb.c in the Linux kernel before 4.17.4 could result in local attackers being able to crash the kernel or potentially elevate privileges because kmalloc_array is not used.
- CVE-2018-13405Jul 6, 2018affected < 4.12.14-25.3.1fixed 4.12.14-25.3.1
The inode_init_owner function in fs/inode.c in the Linux kernel through 3.16 allows local users to create files with an unintended group ownership, in a scenario where a directory is SGID to a certain group and is writable by a user who is not a member of that group. Here, the no
- CVE-2018-13095Jul 3, 2018affected < 4.12.14-25.19.1fixed 4.12.14-25.19.1
An issue was discovered in fs/xfs/libxfs/xfs_inode_buf.c in the Linux kernel through 4.17.3. A denial of service (memory corruption and BUG) can occur for a corrupted xfs image upon encountering an inode that is in extent format, but has more extents than fit in the inode fork.
- CVE-2018-13094Jul 3, 2018affected < 4.12.14-25.19.1fixed 4.12.14-25.19.1
An issue was discovered in fs/xfs/libxfs/xfs_attr_leaf.c in the Linux kernel through 4.17.3. An OOPS may occur for a corrupted xfs image after xfs_da_shrink_inode() is called with a NULL bp.
- CVE-2018-13093Jul 3, 2018affected < 4.12.14-25.19.1fixed 4.12.14-25.19.1
An issue was discovered in fs/xfs/xfs_icache.c in the Linux kernel through 4.17.3. There is a NULL pointer dereference and panic in lookup_slow() on a NULL inode->i_ops pointer when doing pathwalks on a corrupted xfs image. This occurs because of a lack of proper validation that
- CVE-2018-12896Jul 2, 2018affected < 4.12.14-25.19.1fixed 4.12.14-25.19.1
An issue was discovered in the Linux kernel through 4.17.3. An Integer Overflow in kernel/time/posix-timers.c in the POSIX timer code is caused by the way the overrun accounting works. Depending on interval and expiry time values, the overrun can be larger than INT_MAX, but the a
- CVE-2018-13053Jul 2, 2018affected < 4.12.14-25.3.1fixed 4.12.14-25.3.1
The alarm_timer_nsleep function in kernel/time/alarmtimer.c in the Linux kernel through 4.17.3 has an integer overflow via a large relative timeout because ktime_add_safe is not used.
- CVE-2018-1000204Jun 26, 2018affected < 4.12.14-25.3.1fixed 4.12.14-25.3.1
Linux Kernel version 3.18 to 4.16 incorrectly handles an SG_IO ioctl on /dev/sg0 with dxfer_direction=SG_DXFER_FROM_DEV and an empty 6-byte cmdp. This may lead to copying up to 1000 kernel heap pages to the userspace. This has been fixed upstream in https://github.com/torvalds/li
- CVE-2018-1120Jun 20, 2018affected < 4.12.14-25.3.1fixed 4.12.14-25.3.1
A flaw was found affecting the Linux kernel before version 4.17. By mmap()ing a FUSE-backed file onto a process's memory containing command line arguments (or environment strings), an attacker can cause utilities from psutils or procps (such as ps, w) or any other program which m
- CVE-2018-5848Jun 12, 2018affected < 4.12.14-25.3.1fixed 4.12.14-25.3.1
In the function wmi_set_ie(), the length validation code does not handle unsigned integer overflow properly. As a result, a large value of the 'ie_len' argument can cause a buffer overflow in all Android releases from CAF (Android for MSM, Firefox OS for MSM, QRD Android) using t
- CVE-2018-5803Jun 12, 2018affected < 4.12.14-25.3.1fixed 4.12.14-25.3.1
In the Linux Kernel before version 4.15.8, 4.14.25, 4.9.87, 4.4.121, 4.1.51, and 3.2.102, an error in the "_sctp_make_chunk()" function (net/sctp/sm_make_chunk.c) when handling SCTP packets length can be exploited to cause a kernel crash.
- CVE-2018-12233Jun 12, 2018affected < 4.12.14-25.3.1fixed 4.12.14-25.3.1
In the ea_get function in fs/jfs/xattr.c in the Linux kernel through 4.17.1, a memory corruption bug in JFS can be triggered by calling setxattr twice with two different extended attribute names on the same file. This vulnerability can be triggered by an unprivileged user with th
- CVE-2018-12232Jun 12, 2018affected < 4.12.14-25.28.1fixed 4.12.14-25.28.1
In net/socket.c in the Linux kernel through 4.17.1, there is a race condition between fchownat and close in cases where they target the same socket file descriptor, related to the sock_close and sockfs_setattr functions. fchownat does not increment the file descriptor reference c
- CVE-2018-1000200Jun 5, 2018affected < 4.12.14-25.3.1fixed 4.12.14-25.3.1
The Linux Kernel versions 4.14, 4.15, and 4.16 has a null pointer dereference which can result in an out of memory (OOM) killing of large mlocked processes. The issue arises from an oom killed process's final thread calling exit_mmap(), which calls munlock_vma_pages_all() for mlo
- CVE-2018-1000199May 24, 2018affected < 4.12.14-150.52.1fixed 4.12.14-150.52.1
The Linux Kernel version 3.18 contains a dangerous feature vulnerability in modify_user_hw_breakpoint() that can result in crash and possibly memory corruption. This attack appear to be exploitable via local code execution and the ability to use ptrace. This vulnerability appears
- CVE-2018-3639May 22, 2018affected < 4.12.14-25.3.1fixed 4.12.14-25.3.1
Systems with microprocessors utilizing speculative execution and speculative execution of memory reads before the addresses of all prior memory writes are known may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis, aka
- CVE-2018-1118May 10, 2018affected < 4.12.14-25.3.1fixed 4.12.14-25.3.1
Linux kernel vhost since version 4.8 does not properly initialize memory in messages passed between virtual guests and the host operating system in the vhost/vhost.c:vhost_new_msg() function. This can allow local privileged users to read some kernel memory contents when reading f
- CVE-2018-1130May 10, 2018affected < 4.12.14-25.3.1fixed 4.12.14-25.3.1
Linux kernel before version 4.16-rc7 is vulnerable to a null pointer dereference in dccp_write_xmit() function in net/dccp/output.c in that allows a local user to cause a denial of service by a number of certain crafted system calls.
- CVE-2018-10940May 9, 2018affected < 4.12.14-25.19.1fixed 4.12.14-25.19.1
The cdrom_ioctl_media_changed function in drivers/cdrom/cdrom.c in the Linux kernel before 4.16.6 allows local attackers to use a incorrect bounds check in the CDROM driver CDROM_MEDIA_CHANGED ioctl to read out kernel memory.
- CVE-2018-8781Apr 23, 2018affected < 4.12.14-25.3.1fixed 4.12.14-25.3.1
The udl_fb_mmap function in drivers/gpu/drm/udl/udl_fb.c at the Linux kernel version 3.4 and up to and including 4.15 has an integer-overflow vulnerability allowing local users with access to the udldrmfb driver to obtain full read and write permissions on kernel physical pages,
Page 30 of 31