rpm package

suse/kernel-default&distro=SUSE Linux Enterprise Server 12 SP1

pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP1

Vulnerabilities (131)

CVE	Sev	CVSS	Affected versions	Fixed in	Published	Description
CVE-2016-9604		—	< 3.12.74-60.64.40.1	3.12.74-60.64.40.1	Jul 11, 2018	It was discovered in the Linux kernel before 4.11-rc8 that root can gain direct access to an internal keyring, such as '.dns_resolver' in RHEL-7 or '.builtin_trusted_keys' upstream, by joining it as its session keyring. This allows root to bypass module signature verification by
CVE-2017-8106	Med	5.5	< 3.12.74-60.64.40.1	3.12.74-60.64.40.1	Apr 24, 2017	The handle_invept function in arch/x86/kvm/vmx.c in the Linux kernel 3.12 through 3.15 allows privileged KVM guest OS users to cause a denial of service (NULL pointer dereference and host OS crash) via a single-context INVEPT instruction with a NULL EPT pointer.
CVE-2017-7645	Hig	7.5	< 3.12.74-60.64.40.1	3.12.74-60.64.40.1	Apr 18, 2017	The NFSv2/NFSv3 server in the nfsd subsystem in the Linux kernel through 4.10.11 allows remote attackers to cause a denial of service (system crash) via a long RPC reply, related to net/sunrpc/svc.c, fs/nfsd/nfs3xdr.c, and fs/nfsd/nfsxdr.c.
CVE-2017-7616	Med	5.5	< 3.12.74-60.64.40.1	3.12.74-60.64.40.1	Apr 10, 2017	Incorrect error handling in the set_mempolicy and mbind compat syscalls in mm/mempolicy.c in the Linux kernel through 4.10.9 allows local users to obtain sensitive information from uninitialized stack data by triggering failure of a certain bitmap operation.
CVE-2017-2671	Med	5.5	< 3.12.74-60.64.40.1	3.12.74-60.64.40.1	Apr 5, 2017	The ping_unhash function in net/ipv4/ping.c in the Linux kernel through 4.10.8 is too late in obtaining a certain lock and consequently cannot ensure that disconnect function calls are safe, which allows local users to cause a denial of service (panic) by leveraging access to the
CVE-2017-2647	Hig	7.8	< 3.12.74-60.64.40.1	3.12.74-60.64.40.1	Mar 31, 2017	The KEYS subsystem in the Linux kernel before 3.18 allows local users to gain privileges or cause a denial of service (NULL pointer dereference and system crash) via vectors involving a NULL value for a certain match field, related to the keyring_search_iterator function in keyri
CVE-2017-7308	Hig	7.8	< 3.12.74-60.64.40.1	3.12.74-60.64.40.1	Mar 29, 2017	The packet_set_ring function in net/packet/af_packet.c in the Linux kernel through 4.10.6 does not properly validate certain block-size data, which allows local users to cause a denial of service (integer signedness error and out-of-bounds write), or gain privileges (if the CAP_N
CVE-2017-7294	Hig	7.8	< 3.12.74-60.64.40.1	3.12.74-60.64.40.1	Mar 29, 2017	The vmw_surface_define_ioctl function in drivers/gpu/drm/vmwgfx/vmwgfx_surface.c in the Linux kernel through 4.10.6 does not validate addition of certain levels data, which allows local users to trigger an integer overflow and out-of-bounds write, and cause a denial of service (s
CVE-2017-7261	Med	5.5	< 3.12.74-60.64.40.1	3.12.74-60.64.40.1	Mar 24, 2017	The vmw_surface_define_ioctl function in drivers/gpu/drm/vmwgfx/vmwgfx_surface.c in the Linux kernel through 4.10.5 does not check for a zero value of certain levels data, which allows local users to cause a denial of service (ZERO_SIZE_PTR dereference, and GPF and possibly panic
CVE-2017-5897	Cri	9.8	< 3.12.74-60.64.40.1	3.12.74-60.64.40.1	Mar 23, 2017	The ip6gre_err function in net/ipv6/ip6_gre.c in the Linux kernel allows remote attackers to have unspecified impact via vectors involving GRE flags in an IPv6 packet, which trigger an out-of-bounds access.
CVE-2017-7187	Hig	7.8	< 3.12.74-60.64.40.1	3.12.74-60.64.40.1	Mar 20, 2017	The sg_ioctl function in drivers/scsi/sg.c in the Linux kernel through 4.10.4 allows local users to cause a denial of service (stack-based buffer overflow) or possibly have unspecified other impact via a large command size in an SG_NEXT_CMD_LEN ioctl call, leading to out-of-bound
CVE-2017-7184	Hig	7.8	< 3.12.69-60.64.35.1	3.12.69-60.64.35.1	Mar 19, 2017	The xfrm_replay_verify_len function in net/xfrm/xfrm_user.c in the Linux kernel through 4.10.6 does not validate certain size data after an XFRM_MSG_NEWAE update, which allows local users to obtain root privileges or cause a denial of service (heap-based out-of-bounds access) by
CVE-2017-6951	Med	5.5	< 3.12.74-60.64.40.1	3.12.74-60.64.40.1	Mar 16, 2017	The keyring_search_aux function in security/keys/keyring.c in the Linux kernel through 3.14.79 allows local users to cause a denial of service (NULL pointer dereference and OOPS) via a request_key system call for the "dead" type.
CVE-2017-2636	Hig	7.0	< 3.12.69-60.64.35.1	3.12.69-60.64.35.1	Mar 7, 2017	Race condition in drivers/tty/n_hdlc.c in the Linux kernel through 4.10.1 allows local users to gain privileges or cause a denial of service (double free) by setting the HDLC line discipline.
CVE-2016-10200	Hig	7.0	< 3.12.74-60.64.40.1	3.12.74-60.64.40.1	Mar 7, 2017	Race condition in the L2TPv3 IP Encapsulation feature in the Linux kernel before 4.8.14 allows local users to gain privileges or cause a denial of service (use-after-free) by making multiple bind system calls without properly ascertaining whether a socket has the SOCK_ZAPPED stat
CVE-2017-6353	Med	5.5	< 3.12.74-60.64.40.1	3.12.74-60.64.40.1	Mar 1, 2017	net/sctp/socket.c in the Linux kernel through 4.10.1 does not properly restrict association peel-off operations during certain wait states, which allows local users to cause a denial of service (invalid unlock and double free) via a multithreaded application. NOTE: this vulnerab
CVE-2017-6348	Med	5.5	< 3.12.74-60.64.40.1	3.12.74-60.64.40.1	Mar 1, 2017	The hashbin_delete function in net/irda/irqueue.c in the Linux kernel before 4.9.13 improperly manages lock dropping, which allows local users to cause a denial of service (deadlock) via crafted operations on IrDA devices.
CVE-2017-6346	Hig	7.0	< 3.12.74-60.64.40.1	3.12.74-60.64.40.1	Mar 1, 2017	Race condition in net/packet/af_packet.c in the Linux kernel before 4.9.13 allows local users to cause a denial of service (use-after-free) or possibly have unspecified other impact via a multithreaded application that makes PACKET_FANOUT setsockopt system calls.
CVE-2017-6345	Hig	7.8	< 3.12.74-60.64.40.1	3.12.74-60.64.40.1	Mar 1, 2017	The LLC subsystem in the Linux kernel before 4.9.13 does not ensure that a certain destructor exists in required circumstances, which allows local users to cause a denial of service (BUG_ON) or possibly have unspecified other impact via crafted system calls.
CVE-2017-5669	Hig	7.8	< 3.12.74-60.64.40.1	3.12.74-60.64.40.1	Feb 24, 2017	The do_shmat function in ipc/shm.c in the Linux kernel through 4.9.12 does not restrict the address calculated by a certain rounding operation, which allows local users to map page zero, and consequently bypass a protection mechanism that exists for the mmap system call, by makin

CVE-2016-9604Jul 11, 2018
affected < 3.12.74-60.64.40.1fixed 3.12.74-60.64.40.1
It was discovered in the Linux kernel before 4.11-rc8 that root can gain direct access to an internal keyring, such as '.dns_resolver' in RHEL-7 or '.builtin_trusted_keys' upstream, by joining it as its session keyring. This allows root to bypass module signature verification by
CVE-2017-8106MedApr 24, 2017
affected < 3.12.74-60.64.40.1fixed 3.12.74-60.64.40.1
The handle_invept function in arch/x86/kvm/vmx.c in the Linux kernel 3.12 through 3.15 allows privileged KVM guest OS users to cause a denial of service (NULL pointer dereference and host OS crash) via a single-context INVEPT instruction with a NULL EPT pointer.
CVE-2017-7645HigApr 18, 2017
affected < 3.12.74-60.64.40.1fixed 3.12.74-60.64.40.1
The NFSv2/NFSv3 server in the nfsd subsystem in the Linux kernel through 4.10.11 allows remote attackers to cause a denial of service (system crash) via a long RPC reply, related to net/sunrpc/svc.c, fs/nfsd/nfs3xdr.c, and fs/nfsd/nfsxdr.c.
CVE-2017-7616MedApr 10, 2017
affected < 3.12.74-60.64.40.1fixed 3.12.74-60.64.40.1
Incorrect error handling in the set_mempolicy and mbind compat syscalls in mm/mempolicy.c in the Linux kernel through 4.10.9 allows local users to obtain sensitive information from uninitialized stack data by triggering failure of a certain bitmap operation.
CVE-2017-2671MedApr 5, 2017
affected < 3.12.74-60.64.40.1fixed 3.12.74-60.64.40.1
The ping_unhash function in net/ipv4/ping.c in the Linux kernel through 4.10.8 is too late in obtaining a certain lock and consequently cannot ensure that disconnect function calls are safe, which allows local users to cause a denial of service (panic) by leveraging access to the
CVE-2017-2647HigMar 31, 2017
affected < 3.12.74-60.64.40.1fixed 3.12.74-60.64.40.1
The KEYS subsystem in the Linux kernel before 3.18 allows local users to gain privileges or cause a denial of service (NULL pointer dereference and system crash) via vectors involving a NULL value for a certain match field, related to the keyring_search_iterator function in keyri
CVE-2017-7308HigMar 29, 2017
affected < 3.12.74-60.64.40.1fixed 3.12.74-60.64.40.1
The packet_set_ring function in net/packet/af_packet.c in the Linux kernel through 4.10.6 does not properly validate certain block-size data, which allows local users to cause a denial of service (integer signedness error and out-of-bounds write), or gain privileges (if the CAP_N
CVE-2017-7294HigMar 29, 2017
affected < 3.12.74-60.64.40.1fixed 3.12.74-60.64.40.1
The vmw_surface_define_ioctl function in drivers/gpu/drm/vmwgfx/vmwgfx_surface.c in the Linux kernel through 4.10.6 does not validate addition of certain levels data, which allows local users to trigger an integer overflow and out-of-bounds write, and cause a denial of service (s
CVE-2017-7261MedMar 24, 2017
affected < 3.12.74-60.64.40.1fixed 3.12.74-60.64.40.1
The vmw_surface_define_ioctl function in drivers/gpu/drm/vmwgfx/vmwgfx_surface.c in the Linux kernel through 4.10.5 does not check for a zero value of certain levels data, which allows local users to cause a denial of service (ZERO_SIZE_PTR dereference, and GPF and possibly panic
CVE-2017-5897CriMar 23, 2017
affected < 3.12.74-60.64.40.1fixed 3.12.74-60.64.40.1
The ip6gre_err function in net/ipv6/ip6_gre.c in the Linux kernel allows remote attackers to have unspecified impact via vectors involving GRE flags in an IPv6 packet, which trigger an out-of-bounds access.
CVE-2017-7187HigMar 20, 2017
affected < 3.12.74-60.64.40.1fixed 3.12.74-60.64.40.1
The sg_ioctl function in drivers/scsi/sg.c in the Linux kernel through 4.10.4 allows local users to cause a denial of service (stack-based buffer overflow) or possibly have unspecified other impact via a large command size in an SG_NEXT_CMD_LEN ioctl call, leading to out-of-bound
CVE-2017-7184HigMar 19, 2017
affected < 3.12.69-60.64.35.1fixed 3.12.69-60.64.35.1
The xfrm_replay_verify_len function in net/xfrm/xfrm_user.c in the Linux kernel through 4.10.6 does not validate certain size data after an XFRM_MSG_NEWAE update, which allows local users to obtain root privileges or cause a denial of service (heap-based out-of-bounds access) by
CVE-2017-6951MedMar 16, 2017
affected < 3.12.74-60.64.40.1fixed 3.12.74-60.64.40.1
The keyring_search_aux function in security/keys/keyring.c in the Linux kernel through 3.14.79 allows local users to cause a denial of service (NULL pointer dereference and OOPS) via a request_key system call for the "dead" type.
CVE-2017-2636HigMar 7, 2017
affected < 3.12.69-60.64.35.1fixed 3.12.69-60.64.35.1
Race condition in drivers/tty/n_hdlc.c in the Linux kernel through 4.10.1 allows local users to gain privileges or cause a denial of service (double free) by setting the HDLC line discipline.
CVE-2016-10200HigMar 7, 2017
affected < 3.12.74-60.64.40.1fixed 3.12.74-60.64.40.1
Race condition in the L2TPv3 IP Encapsulation feature in the Linux kernel before 4.8.14 allows local users to gain privileges or cause a denial of service (use-after-free) by making multiple bind system calls without properly ascertaining whether a socket has the SOCK_ZAPPED stat
CVE-2017-6353MedMar 1, 2017
affected < 3.12.74-60.64.40.1fixed 3.12.74-60.64.40.1
net/sctp/socket.c in the Linux kernel through 4.10.1 does not properly restrict association peel-off operations during certain wait states, which allows local users to cause a denial of service (invalid unlock and double free) via a multithreaded application. NOTE: this vulnerab
CVE-2017-6348MedMar 1, 2017
affected < 3.12.74-60.64.40.1fixed 3.12.74-60.64.40.1
The hashbin_delete function in net/irda/irqueue.c in the Linux kernel before 4.9.13 improperly manages lock dropping, which allows local users to cause a denial of service (deadlock) via crafted operations on IrDA devices.
CVE-2017-6346HigMar 1, 2017
affected < 3.12.74-60.64.40.1fixed 3.12.74-60.64.40.1
Race condition in net/packet/af_packet.c in the Linux kernel before 4.9.13 allows local users to cause a denial of service (use-after-free) or possibly have unspecified other impact via a multithreaded application that makes PACKET_FANOUT setsockopt system calls.
CVE-2017-6345HigMar 1, 2017
affected < 3.12.74-60.64.40.1fixed 3.12.74-60.64.40.1
The LLC subsystem in the Linux kernel before 4.9.13 does not ensure that a certain destructor exists in required circumstances, which allows local users to cause a denial of service (BUG_ON) or possibly have unspecified other impact via crafted system calls.
CVE-2017-5669HigFeb 24, 2017
affected < 3.12.74-60.64.40.1fixed 3.12.74-60.64.40.1
The do_shmat function in ipc/shm.c in the Linux kernel through 4.9.12 does not restrict the address calculated by a certain rounding operation, which allows local users to map page zero, and consequently bypass a protection mechanism that exists for the mmap system call, by makin

Page 1 of 7