rpm package

suse/kernel-default&distro=SUSE Linux Enterprise Server 12 SP2

pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP2

Vulnerabilities (124)

CVE	Sev	CVSS	Affected versions	Fixed in	Published	Description
CVE-2017-7294	Hig	7.8	< 4.4.59-92.17.3	4.4.59-92.17.3	Mar 29, 2017	The vmw_surface_define_ioctl function in drivers/gpu/drm/vmwgfx/vmwgfx_surface.c in the Linux kernel through 4.10.6 does not validate addition of certain levels data, which allows local users to trigger an integer overflow and out-of-bounds write, and cause a denial of service (s
CVE-2017-7261	Med	5.5	< 4.4.59-92.17.3	4.4.59-92.17.3	Mar 24, 2017	The vmw_surface_define_ioctl function in drivers/gpu/drm/vmwgfx/vmwgfx_surface.c in the Linux kernel through 4.10.5 does not check for a zero value of certain levels data, which allows local users to cause a denial of service (ZERO_SIZE_PTR dereference, and GPF and possibly panic
CVE-2017-5897	Cri	9.8	< 4.4.49-92.11.1	4.4.49-92.11.1	Mar 23, 2017	The ip6gre_err function in net/ipv6/ip6_gre.c in the Linux kernel allows remote attackers to have unspecified impact via vectors involving GRE flags in an IPv6 packet, which trigger an out-of-bounds access.
CVE-2017-7187	Hig	7.8	< 4.4.59-92.17.3	4.4.59-92.17.3	Mar 20, 2017	The sg_ioctl function in drivers/scsi/sg.c in the Linux kernel through 4.10.4 allows local users to cause a denial of service (stack-based buffer overflow) or possibly have unspecified other impact via a large command size in an SG_NEXT_CMD_LEN ioctl call, leading to out-of-bound
CVE-2017-7184	Hig	7.8	< 4.4.49-92.14.1	4.4.49-92.14.1	Mar 19, 2017	The xfrm_replay_verify_len function in net/xfrm/xfrm_user.c in the Linux kernel through 4.10.6 does not validate certain size data after an XFRM_MSG_NEWAE update, which allows local users to obtain root privileges or cause a denial of service (heap-based out-of-bounds access) by
CVE-2017-2636	Hig	7.0	< 4.4.49-92.14.1	4.4.49-92.14.1	Mar 7, 2017	Race condition in drivers/tty/n_hdlc.c in the Linux kernel through 4.10.1 allows local users to gain privileges or cause a denial of service (double free) by setting the HDLC line discipline.
CVE-2016-10200	Hig	7.0	< 4.4.59-92.17.3	4.4.59-92.17.3	Mar 7, 2017	Race condition in the L2TPv3 IP Encapsulation feature in the Linux kernel before 4.8.14 allows local users to gain privileges or cause a denial of service (use-after-free) by making multiple bind system calls without properly ascertaining whether a socket has the SOCK_ZAPPED stat
CVE-2017-6353	Med	5.5	< 4.4.59-92.17.3	4.4.59-92.17.3	Mar 1, 2017	net/sctp/socket.c in the Linux kernel through 4.10.1 does not properly restrict association peel-off operations during certain wait states, which allows local users to cause a denial of service (invalid unlock and double free) via a multithreaded application. NOTE: this vulnerab
CVE-2017-6347	Hig	7.8	< 4.4.59-92.17.3	4.4.59-92.17.3	Mar 1, 2017	The ip_cmsg_recv_checksum function in net/ipv4/ip_sockglue.c in the Linux kernel before 4.10.1 has incorrect expectations about skb data layout, which allows local users to cause a denial of service (buffer over-read) or possibly have unspecified other impact via crafted system c
CVE-2017-6346	Hig	7.0	< 4.4.59-92.17.3	4.4.59-92.17.3	Mar 1, 2017	Race condition in net/packet/af_packet.c in the Linux kernel before 4.9.13 allows local users to cause a denial of service (use-after-free) or possibly have unspecified other impact via a multithreaded application that makes PACKET_FANOUT setsockopt system calls.
CVE-2017-6345	Hig	7.8	< 4.4.59-92.17.3	4.4.59-92.17.3	Mar 1, 2017	The LLC subsystem in the Linux kernel before 4.9.13 does not ensure that a certain destructor exists in required circumstances, which allows local users to cause a denial of service (BUG_ON) or possibly have unspecified other impact via crafted system calls.
CVE-2017-6214	Hig	7.5	< 4.4.59-92.17.3	4.4.59-92.17.3	Feb 23, 2017	The tcp_splice_read function in net/ipv4/tcp.c in the Linux kernel before 4.9.11 allows remote attackers to cause a denial of service (infinite loop and soft lockup) via vectors involving a TCP packet with the URG flag.
CVE-2017-6074	Hig	7.8	< 4.4.59-92.17.3	4.4.59-92.17.3	Feb 18, 2017	The dccp_rcv_state_process function in net/dccp/input.c in the Linux kernel through 4.9.11 mishandles DCCP_PKT_REQUEST packet data structures in the LISTEN state, which allows local users to obtain root privileges or cause a denial of service (double free) via an application that
CVE-2017-5986	Med	5.5	< 4.4.49-92.11.1	4.4.49-92.11.1	Feb 18, 2017	Race condition in the sctp_wait_for_sndbuf function in net/sctp/socket.c in the Linux kernel before 4.9.11 allows local users to cause a denial of service (assertion failure and panic) via a multithreaded application that peels off an association in a certain buffer-full state.
CVE-2017-5970	Hig	7.5	< 4.4.49-92.11.1	4.4.49-92.11.1	Feb 14, 2017	The ipv4_pktinfo_prepare function in net/ipv4/ip_sockglue.c in the Linux kernel through 4.9.9 allows attackers to cause a denial of service (system crash) via (1) an application that makes crafted system calls or possibly (2) IPv4 traffic with invalid IP options.
CVE-2017-5577	Med	5.5	< 4.4.49-92.11.1	4.4.49-92.11.1	Feb 6, 2017	The vc4_get_bcl function in drivers/gpu/drm/vc4/vc4_gem.c in the VideoCore DRM driver in the Linux kernel before 4.9.7 does not set an errno value upon certain overflow detections, which allows local users to cause a denial of service (incorrect pointer dereference and OOPS) via
CVE-2017-5576	Hig	7.8	< 4.4.49-92.11.1	4.4.49-92.11.1	Feb 6, 2017	Integer overflow in the vc4_get_bcl function in drivers/gpu/drm/vc4/vc4_gem.c in the VideoCore DRM driver in the Linux kernel before 4.9.7 allows local users to cause a denial of service or possibly have unspecified other impact via a crafted size value in a VC4_SUBMIT_CL ioctl c
CVE-2017-5551	Med	4.4	< 4.4.49-92.11.1	4.4.49-92.11.1	Feb 6, 2017	The simple_set_acl function in fs/posix_acl.c in the Linux kernel before 4.9.6 preserves the setgid bit during a setxattr call involving a tmpfs filesystem, which allows local users to gain group privileges by leveraging the existence of a setgid program with restrictions on exec
CVE-2017-2596	Med	6.5	< 4.4.59-92.17.3	4.4.59-92.17.3	Feb 6, 2017	The nested_vmx_check_vmptr function in arch/x86/kvm/vmx.c in the Linux kernel through 4.9.8 improperly emulates the VMXON instruction, which allows KVM L1 guest OS users to cause a denial of service (host OS memory consumption) by leveraging the mishandling of page references.
CVE-2017-2583	Hig	8.4	< 4.4.49-92.11.1	4.4.49-92.11.1	Feb 6, 2017	The load_segment_descriptor implementation in arch/x86/kvm/emulate.c in the Linux kernel before 4.9.5 improperly emulates a "MOV SS, NULL selector" instruction, which allows guest OS users to cause a denial of service (guest OS crash) or gain guest OS privileges via a crafted app

CVE-2017-7294HigMar 29, 2017
affected < 4.4.59-92.17.3fixed 4.4.59-92.17.3
The vmw_surface_define_ioctl function in drivers/gpu/drm/vmwgfx/vmwgfx_surface.c in the Linux kernel through 4.10.6 does not validate addition of certain levels data, which allows local users to trigger an integer overflow and out-of-bounds write, and cause a denial of service (s
CVE-2017-7261MedMar 24, 2017
affected < 4.4.59-92.17.3fixed 4.4.59-92.17.3
The vmw_surface_define_ioctl function in drivers/gpu/drm/vmwgfx/vmwgfx_surface.c in the Linux kernel through 4.10.5 does not check for a zero value of certain levels data, which allows local users to cause a denial of service (ZERO_SIZE_PTR dereference, and GPF and possibly panic
CVE-2017-5897CriMar 23, 2017
affected < 4.4.49-92.11.1fixed 4.4.49-92.11.1
The ip6gre_err function in net/ipv6/ip6_gre.c in the Linux kernel allows remote attackers to have unspecified impact via vectors involving GRE flags in an IPv6 packet, which trigger an out-of-bounds access.
CVE-2017-7187HigMar 20, 2017
affected < 4.4.59-92.17.3fixed 4.4.59-92.17.3
The sg_ioctl function in drivers/scsi/sg.c in the Linux kernel through 4.10.4 allows local users to cause a denial of service (stack-based buffer overflow) or possibly have unspecified other impact via a large command size in an SG_NEXT_CMD_LEN ioctl call, leading to out-of-bound
CVE-2017-7184HigMar 19, 2017
affected < 4.4.49-92.14.1fixed 4.4.49-92.14.1
The xfrm_replay_verify_len function in net/xfrm/xfrm_user.c in the Linux kernel through 4.10.6 does not validate certain size data after an XFRM_MSG_NEWAE update, which allows local users to obtain root privileges or cause a denial of service (heap-based out-of-bounds access) by
CVE-2017-2636HigMar 7, 2017
affected < 4.4.49-92.14.1fixed 4.4.49-92.14.1
Race condition in drivers/tty/n_hdlc.c in the Linux kernel through 4.10.1 allows local users to gain privileges or cause a denial of service (double free) by setting the HDLC line discipline.
CVE-2016-10200HigMar 7, 2017
affected < 4.4.59-92.17.3fixed 4.4.59-92.17.3
Race condition in the L2TPv3 IP Encapsulation feature in the Linux kernel before 4.8.14 allows local users to gain privileges or cause a denial of service (use-after-free) by making multiple bind system calls without properly ascertaining whether a socket has the SOCK_ZAPPED stat
CVE-2017-6353MedMar 1, 2017
affected < 4.4.59-92.17.3fixed 4.4.59-92.17.3
net/sctp/socket.c in the Linux kernel through 4.10.1 does not properly restrict association peel-off operations during certain wait states, which allows local users to cause a denial of service (invalid unlock and double free) via a multithreaded application. NOTE: this vulnerab
CVE-2017-6347HigMar 1, 2017
affected < 4.4.59-92.17.3fixed 4.4.59-92.17.3
The ip_cmsg_recv_checksum function in net/ipv4/ip_sockglue.c in the Linux kernel before 4.10.1 has incorrect expectations about skb data layout, which allows local users to cause a denial of service (buffer over-read) or possibly have unspecified other impact via crafted system c
CVE-2017-6346HigMar 1, 2017
affected < 4.4.59-92.17.3fixed 4.4.59-92.17.3
Race condition in net/packet/af_packet.c in the Linux kernel before 4.9.13 allows local users to cause a denial of service (use-after-free) or possibly have unspecified other impact via a multithreaded application that makes PACKET_FANOUT setsockopt system calls.
CVE-2017-6345HigMar 1, 2017
affected < 4.4.59-92.17.3fixed 4.4.59-92.17.3
The LLC subsystem in the Linux kernel before 4.9.13 does not ensure that a certain destructor exists in required circumstances, which allows local users to cause a denial of service (BUG_ON) or possibly have unspecified other impact via crafted system calls.
CVE-2017-6214HigFeb 23, 2017
affected < 4.4.59-92.17.3fixed 4.4.59-92.17.3
The tcp_splice_read function in net/ipv4/tcp.c in the Linux kernel before 4.9.11 allows remote attackers to cause a denial of service (infinite loop and soft lockup) via vectors involving a TCP packet with the URG flag.
CVE-2017-6074HigFeb 18, 2017
affected < 4.4.59-92.17.3fixed 4.4.59-92.17.3
The dccp_rcv_state_process function in net/dccp/input.c in the Linux kernel through 4.9.11 mishandles DCCP_PKT_REQUEST packet data structures in the LISTEN state, which allows local users to obtain root privileges or cause a denial of service (double free) via an application that
CVE-2017-5986MedFeb 18, 2017
affected < 4.4.49-92.11.1fixed 4.4.49-92.11.1
Race condition in the sctp_wait_for_sndbuf function in net/sctp/socket.c in the Linux kernel before 4.9.11 allows local users to cause a denial of service (assertion failure and panic) via a multithreaded application that peels off an association in a certain buffer-full state.
CVE-2017-5970HigFeb 14, 2017
affected < 4.4.49-92.11.1fixed 4.4.49-92.11.1
The ipv4_pktinfo_prepare function in net/ipv4/ip_sockglue.c in the Linux kernel through 4.9.9 allows attackers to cause a denial of service (system crash) via (1) an application that makes crafted system calls or possibly (2) IPv4 traffic with invalid IP options.
CVE-2017-5577MedFeb 6, 2017
affected < 4.4.49-92.11.1fixed 4.4.49-92.11.1
The vc4_get_bcl function in drivers/gpu/drm/vc4/vc4_gem.c in the VideoCore DRM driver in the Linux kernel before 4.9.7 does not set an errno value upon certain overflow detections, which allows local users to cause a denial of service (incorrect pointer dereference and OOPS) via
CVE-2017-5576HigFeb 6, 2017
affected < 4.4.49-92.11.1fixed 4.4.49-92.11.1
Integer overflow in the vc4_get_bcl function in drivers/gpu/drm/vc4/vc4_gem.c in the VideoCore DRM driver in the Linux kernel before 4.9.7 allows local users to cause a denial of service or possibly have unspecified other impact via a crafted size value in a VC4_SUBMIT_CL ioctl c
CVE-2017-5551MedFeb 6, 2017
affected < 4.4.49-92.11.1fixed 4.4.49-92.11.1
The simple_set_acl function in fs/posix_acl.c in the Linux kernel before 4.9.6 preserves the setgid bit during a setxattr call involving a tmpfs filesystem, which allows local users to gain group privileges by leveraging the existence of a setgid program with restrictions on exec
CVE-2017-2596MedFeb 6, 2017
affected < 4.4.59-92.17.3fixed 4.4.59-92.17.3
The nested_vmx_check_vmptr function in arch/x86/kvm/vmx.c in the Linux kernel through 4.9.8 improperly emulates the VMXON instruction, which allows KVM L1 guest OS users to cause a denial of service (host OS memory consumption) by leveraging the mishandling of page references.
CVE-2017-2583HigFeb 6, 2017
affected < 4.4.49-92.11.1fixed 4.4.49-92.11.1
The load_segment_descriptor implementation in arch/x86/kvm/emulate.c in the Linux kernel before 4.9.5 improperly emulates a "MOV SS, NULL selector" instruction, which allows guest OS users to cause a denial of service (guest OS crash) or gain guest OS privileges via a crafted app

Page 5 of 7