rpm package
suse/kernel-default&distro=SUSE Linux Enterprise Server for SAP Applications 12 SP1
pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP1
Vulnerabilities (364)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2015-8552 | Med | 4.4 | < 3.12.62-60.62.1 | 3.12.62-60.62.1 | Apr 13, 2016 | The PCI backend driver in Xen, when running on an x86 system and using Linux 3.1.x through 4.3.x as the driver domain, allows local guest administrators to generate a continuous stream of WARN messages and cause a denial of service (disk consumption) by leveraging a system with a | |
| CVE-2015-8551 | Med | 6.0 | < 3.12.53-60.30.1 | 3.12.53-60.30.1 | Apr 13, 2016 | The PCI backend driver in Xen, when running on an x86 system and using Linux 3.1.x through 4.3.x as the driver domain, allows local guest administrators to hit BUG conditions and cause a denial of service (NULL pointer dereference and host OS crash) by leveraging a system with ac | |
| CVE-2016-0728 | Hig | 7.8 | < 3.12.51-60.25.1 | 3.12.51-60.25.1 | Feb 8, 2016 | The join_session_keyring function in security/keys/process_keys.c in the Linux kernel before 4.4.1 mishandles object references in a certain error case, which allows local users to gain privileges or cause a denial of service (integer overflow and use-after-free) via crafted keyc | |
| CVE-2016-0723 | Med | 6.8 | < 3.12.53-60.30.1 | 3.12.53-60.30.1 | Feb 8, 2016 | Race condition in the tty_ioctl function in drivers/tty/tty_io.c in the Linux kernel through 4.4.1 allows local users to obtain sensitive information from kernel memory or cause a denial of service (use-after-free and system crash) by making a TIOCGETD ioctl call during processin | |
| CVE-2015-8785 | Med | 6.2 | < 3.12.53-60.30.1 | 3.12.53-60.30.1 | Feb 8, 2016 | The fuse_fill_write_pages function in fs/fuse/file.c in the Linux kernel before 4.4 allows local users to cause a denial of service (infinite loop) via a writev system call that triggers a zero length for the first segment of an iov. | |
| CVE-2015-8767 | Med | 6.2 | < 3.12.53-60.30.1 | 3.12.53-60.30.1 | Feb 8, 2016 | net/sctp/sm_sideeffect.c in the Linux kernel before 4.3 does not properly manage the relationship between a lock and a socket, which allows local users to cause a denial of service (deadlock) via a crafted sctp_accept call. | |
| CVE-2015-8709 | Hig | 7.0 | < 3.12.57-60.35.1 | 3.12.57-60.35.1 | Feb 8, 2016 | kernel/ptrace.c in the Linux kernel through 4.4.1 mishandles uid and gid mappings, which allows local users to gain privileges by establishing a user namespace, waiting for a root process to enter that namespace with an unsafe uid or gid, and then using the ptrace system call. N | |
| CVE-2015-8575 | Med | 4.0 | < 3.12.53-60.30.1 | 3.12.53-60.30.1 | Feb 8, 2016 | The sco_sock_bind function in net/bluetooth/sco.c in the Linux kernel before 4.3.4 does not verify an address length, which allows local users to obtain sensitive information from kernel memory and bypass the KASLR protection mechanism via a crafted application. | |
| CVE-2015-8539 | Hig | 7.8 | < 3.12.53-60.30.1 | 3.12.53-60.30.1 | Feb 8, 2016 | The KEYS subsystem in the Linux kernel before 4.4 allows local users to gain privileges or cause a denial of service (BUG) via crafted keyctl commands that negatively instantiate a key, related to security/keys/encrypted-keys/encrypted.c, security/keys/trusted.c, and security/key | |
| CVE-2015-7550 | Med | 5.5 | < 3.12.53-60.30.1 | 3.12.53-60.30.1 | Feb 8, 2016 | The keyctl_read_key function in security/keys/keyctl.c in the Linux kernel before 4.3.4 does not properly use a semaphore, which allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact via a crafted app | |
| CVE-2015-8660 | Med | 6.7 | < 3.12.53-60.30.1 | 3.12.53-60.30.1 | Dec 28, 2015 | The ovl_setattr function in fs/overlayfs/inode.c in the Linux kernel through 4.3.3 attempts to merge distinct setattr operations, which allows local users to bypass intended access restrictions and modify the attributes of arbitrary overlay files via a crafted application. | |
| CVE-2015-8569 | Low | 2.3 | < 3.12.53-60.30.1 | 3.12.53-60.30.1 | Dec 28, 2015 | The (1) pptp_bind and (2) pptp_connect functions in drivers/net/ppp/pptp.c in the Linux kernel through 4.3.3 do not verify an address length, which allows local users to obtain sensitive information from kernel memory and bypass the KASLR protection mechanism via a crafted applic | |
| CVE-2015-8543 | Hig | 7.0 | < 3.12.53-60.30.1 | 3.12.53-60.30.1 | Dec 28, 2015 | The networking implementation in the Linux kernel through 4.3.3, as used in Android and other products, does not validate protocol identifiers for certain protocol families, which allows local users to cause a denial of service (NULL function pointer dereference and system crash) | |
| CVE-2015-7990 | Med | 5.8 | < 3.12.51-60.20.2 | 3.12.51-60.20.2 | Dec 28, 2015 | Race condition in the rds_sendmsg function in net/rds/sendmsg.c in the Linux kernel before 4.3.3 allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact by using a socket that was not properly bound. N | |
| CVE-2013-7446 | Med | 5.3 | < 3.12.53-60.30.1 | 3.12.53-60.30.1 | Dec 28, 2015 | Use-after-free vulnerability in net/unix/af_unix.c in the Linux kernel before 4.3.3 allows local users to bypass intended AF_UNIX socket permissions or cause a denial of service (panic) via crafted epoll_ctl calls. | |
| CVE-2015-0272 | — | < 3.12.51-60.20.2 | 3.12.51-60.20.2 | Nov 17, 2015 | GNOME NetworkManager allows remote attackers to cause a denial of service (IPv6 traffic disruption) via a crafted MTU value in an IPv6 Router Advertisement (RA) message, a different vulnerability than CVE-2015-8215. | ||
| CVE-2015-8215 | — | < 3.12.51-60.20.2 | 3.12.51-60.20.2 | Nov 16, 2015 | net/ipv6/addrconf.c in the IPv6 stack in the Linux kernel before 4.0 does not validate attempted changes to the MTU value, which allows context-dependent attackers to cause a denial of service (packet loss) via a value that is (1) smaller than the minimum compliant value or (2) l | ||
| CVE-2015-7872 | — | < 3.12.51-60.20.2 | 3.12.51-60.20.2 | Nov 16, 2015 | The key_gc_unused_keys function in security/keys/gc.c in the Linux kernel through 4.2.6 allows local users to cause a denial of service (OOPS) via crafted keyctl commands. | ||
| CVE-2015-2925 | — | < 3.12.51-60.20.2 | 3.12.51-60.20.2 | Nov 16, 2015 | The prepend_path function in fs/dcache.c in the Linux kernel before 4.2.4 does not properly handle rename actions inside a bind mount, which allows local users to bypass an intended container protection mechanism by renaming a directory, related to a "double-chroot attack." | ||
| CVE-2015-7833 | — | < 3.12.62-60.62.1 | 3.12.62-60.62.1 | Oct 19, 2015 | The usbvision driver in the Linux kernel package 3.10.0-123.20.1.el7 through 3.10.0-229.14.1.el7 in Red Hat Enterprise Linux (RHEL) 7.1 allows physically proximate attackers to cause a denial of service (panic) via a nonzero bInterfaceNumber value in a USB device descriptor. |
- affected < 3.12.62-60.62.1fixed 3.12.62-60.62.1
The PCI backend driver in Xen, when running on an x86 system and using Linux 3.1.x through 4.3.x as the driver domain, allows local guest administrators to generate a continuous stream of WARN messages and cause a denial of service (disk consumption) by leveraging a system with a
- affected < 3.12.53-60.30.1fixed 3.12.53-60.30.1
The PCI backend driver in Xen, when running on an x86 system and using Linux 3.1.x through 4.3.x as the driver domain, allows local guest administrators to hit BUG conditions and cause a denial of service (NULL pointer dereference and host OS crash) by leveraging a system with ac
- affected < 3.12.51-60.25.1fixed 3.12.51-60.25.1
The join_session_keyring function in security/keys/process_keys.c in the Linux kernel before 4.4.1 mishandles object references in a certain error case, which allows local users to gain privileges or cause a denial of service (integer overflow and use-after-free) via crafted keyc
- affected < 3.12.53-60.30.1fixed 3.12.53-60.30.1
Race condition in the tty_ioctl function in drivers/tty/tty_io.c in the Linux kernel through 4.4.1 allows local users to obtain sensitive information from kernel memory or cause a denial of service (use-after-free and system crash) by making a TIOCGETD ioctl call during processin
- affected < 3.12.53-60.30.1fixed 3.12.53-60.30.1
The fuse_fill_write_pages function in fs/fuse/file.c in the Linux kernel before 4.4 allows local users to cause a denial of service (infinite loop) via a writev system call that triggers a zero length for the first segment of an iov.
- affected < 3.12.53-60.30.1fixed 3.12.53-60.30.1
net/sctp/sm_sideeffect.c in the Linux kernel before 4.3 does not properly manage the relationship between a lock and a socket, which allows local users to cause a denial of service (deadlock) via a crafted sctp_accept call.
- affected < 3.12.57-60.35.1fixed 3.12.57-60.35.1
kernel/ptrace.c in the Linux kernel through 4.4.1 mishandles uid and gid mappings, which allows local users to gain privileges by establishing a user namespace, waiting for a root process to enter that namespace with an unsafe uid or gid, and then using the ptrace system call. N
- affected < 3.12.53-60.30.1fixed 3.12.53-60.30.1
The sco_sock_bind function in net/bluetooth/sco.c in the Linux kernel before 4.3.4 does not verify an address length, which allows local users to obtain sensitive information from kernel memory and bypass the KASLR protection mechanism via a crafted application.
- affected < 3.12.53-60.30.1fixed 3.12.53-60.30.1
The KEYS subsystem in the Linux kernel before 4.4 allows local users to gain privileges or cause a denial of service (BUG) via crafted keyctl commands that negatively instantiate a key, related to security/keys/encrypted-keys/encrypted.c, security/keys/trusted.c, and security/key
- affected < 3.12.53-60.30.1fixed 3.12.53-60.30.1
The keyctl_read_key function in security/keys/keyctl.c in the Linux kernel before 4.3.4 does not properly use a semaphore, which allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact via a crafted app
- affected < 3.12.53-60.30.1fixed 3.12.53-60.30.1
The ovl_setattr function in fs/overlayfs/inode.c in the Linux kernel through 4.3.3 attempts to merge distinct setattr operations, which allows local users to bypass intended access restrictions and modify the attributes of arbitrary overlay files via a crafted application.
- affected < 3.12.53-60.30.1fixed 3.12.53-60.30.1
The (1) pptp_bind and (2) pptp_connect functions in drivers/net/ppp/pptp.c in the Linux kernel through 4.3.3 do not verify an address length, which allows local users to obtain sensitive information from kernel memory and bypass the KASLR protection mechanism via a crafted applic
- affected < 3.12.53-60.30.1fixed 3.12.53-60.30.1
The networking implementation in the Linux kernel through 4.3.3, as used in Android and other products, does not validate protocol identifiers for certain protocol families, which allows local users to cause a denial of service (NULL function pointer dereference and system crash)
- affected < 3.12.51-60.20.2fixed 3.12.51-60.20.2
Race condition in the rds_sendmsg function in net/rds/sendmsg.c in the Linux kernel before 4.3.3 allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact by using a socket that was not properly bound. N
- affected < 3.12.53-60.30.1fixed 3.12.53-60.30.1
Use-after-free vulnerability in net/unix/af_unix.c in the Linux kernel before 4.3.3 allows local users to bypass intended AF_UNIX socket permissions or cause a denial of service (panic) via crafted epoll_ctl calls.
- CVE-2015-0272Nov 17, 2015affected < 3.12.51-60.20.2fixed 3.12.51-60.20.2
GNOME NetworkManager allows remote attackers to cause a denial of service (IPv6 traffic disruption) via a crafted MTU value in an IPv6 Router Advertisement (RA) message, a different vulnerability than CVE-2015-8215.
- CVE-2015-8215Nov 16, 2015affected < 3.12.51-60.20.2fixed 3.12.51-60.20.2
net/ipv6/addrconf.c in the IPv6 stack in the Linux kernel before 4.0 does not validate attempted changes to the MTU value, which allows context-dependent attackers to cause a denial of service (packet loss) via a value that is (1) smaller than the minimum compliant value or (2) l
- CVE-2015-7872Nov 16, 2015affected < 3.12.51-60.20.2fixed 3.12.51-60.20.2
The key_gc_unused_keys function in security/keys/gc.c in the Linux kernel through 4.2.6 allows local users to cause a denial of service (OOPS) via crafted keyctl commands.
- CVE-2015-2925Nov 16, 2015affected < 3.12.51-60.20.2fixed 3.12.51-60.20.2
The prepend_path function in fs/dcache.c in the Linux kernel before 4.2.4 does not properly handle rename actions inside a bind mount, which allows local users to bypass an intended container protection mechanism by renaming a directory, related to a "double-chroot attack."
- CVE-2015-7833Oct 19, 2015affected < 3.12.62-60.62.1fixed 3.12.62-60.62.1
The usbvision driver in the Linux kernel package 3.10.0-123.20.1.el7 through 3.10.0-229.14.1.el7 in Red Hat Enterprise Linux (RHEL) 7.1 allows physically proximate attackers to cause a denial of service (panic) via a nonzero bInterfaceNumber value in a USB device descriptor.
Page 18 of 19