rpm package

suse/kernel-default&distro=SUSE Linux Enterprise Server for SAP Applications 12 SP2

pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP2

Vulnerabilities (431)

CVE	Sev	CVSS	Affected versions	Fixed in	Published	Description
CVE-2017-7618	Hig	7.5	< 4.4.74-92.29.1	4.4.74-92.29.1	Apr 10, 2017	crypto/ahash.c in the Linux kernel through 4.10.9 allows attackers to cause a denial of service (API operation calling its own callback, and infinite recursion) by triggering EBUSY on a full queue.
CVE-2017-7616	Med	5.5	< 4.4.74-92.29.1	4.4.74-92.29.1	Apr 10, 2017	Incorrect error handling in the set_mempolicy and mbind compat syscalls in mm/mempolicy.c in the Linux kernel through 4.10.9 allows local users to obtain sensitive information from uninitialized stack data by triggering failure of a certain bitmap operation.
CVE-2017-2671	Med	5.5	< 4.4.59-92.17.3	4.4.59-92.17.3	Apr 5, 2017	The ping_unhash function in net/ipv4/ping.c in the Linux kernel through 4.10.8 is too late in obtaining a certain lock and consequently cannot ensure that disconnect function calls are safe, which allows local users to cause a denial of service (panic) by leveraging access to the
CVE-2017-7374	Hig	7.8	< 4.4.59-92.17.3	4.4.59-92.17.3	Mar 31, 2017	Use-after-free vulnerability in fs/crypto/ in the Linux kernel before 4.10.7 allows local users to cause a denial of service (NULL pointer dereference) or possibly gain privileges by revoking keyring keys being used for ext4, f2fs, or ubifs encryption, causing cryptographic trans
CVE-2017-7346	Med	5.5	< 4.4.74-92.29.1	4.4.74-92.29.1	Mar 30, 2017	The vmw_gb_surface_define_ioctl function in drivers/gpu/drm/vmwgfx/vmwgfx_surface.c in the Linux kernel through 4.10.7 does not validate certain levels data, which allows local users to cause a denial of service (system hang) via a crafted ioctl call for a /dev/dri/renderD* devic
CVE-2017-7308	Hig	7.8	< 4.4.59-92.17.3	4.4.59-92.17.3	Mar 29, 2017	The packet_set_ring function in net/packet/af_packet.c in the Linux kernel through 4.10.6 does not properly validate certain block-size data, which allows local users to cause a denial of service (integer signedness error and out-of-bounds write), or gain privileges (if the CAP_N
CVE-2017-7294	Hig	7.8	< 4.4.59-92.17.3	4.4.59-92.17.3	Mar 29, 2017	The vmw_surface_define_ioctl function in drivers/gpu/drm/vmwgfx/vmwgfx_surface.c in the Linux kernel through 4.10.6 does not validate addition of certain levels data, which allows local users to trigger an integer overflow and out-of-bounds write, and cause a denial of service (s
CVE-2017-7261	Med	5.5	< 4.4.59-92.17.3	4.4.59-92.17.3	Mar 24, 2017	The vmw_surface_define_ioctl function in drivers/gpu/drm/vmwgfx/vmwgfx_surface.c in the Linux kernel through 4.10.5 does not check for a zero value of certain levels data, which allows local users to cause a denial of service (ZERO_SIZE_PTR dereference, and GPF and possibly panic
CVE-2017-5897	Cri	9.8	< 4.4.49-92.11.1	4.4.49-92.11.1	Mar 23, 2017	The ip6gre_err function in net/ipv6/ip6_gre.c in the Linux kernel allows remote attackers to have unspecified impact via vectors involving GRE flags in an IPv6 packet, which trigger an out-of-bounds access.
CVE-2017-7187	Hig	7.8	< 4.4.59-92.17.3	4.4.59-92.17.3	Mar 20, 2017	The sg_ioctl function in drivers/scsi/sg.c in the Linux kernel through 4.10.4 allows local users to cause a denial of service (stack-based buffer overflow) or possibly have unspecified other impact via a large command size in an SG_NEXT_CMD_LEN ioctl call, leading to out-of-bound
CVE-2017-7184	Hig	7.8	< 4.4.49-92.14.1	4.4.49-92.14.1	Mar 19, 2017	The xfrm_replay_verify_len function in net/xfrm/xfrm_user.c in the Linux kernel through 4.10.6 does not validate certain size data after an XFRM_MSG_NEWAE update, which allows local users to obtain root privileges or cause a denial of service (heap-based out-of-bounds access) by
CVE-2017-2636	Hig	7.0	< 4.4.49-92.14.1	4.4.49-92.14.1	Mar 7, 2017	Race condition in drivers/tty/n_hdlc.c in the Linux kernel through 4.10.1 allows local users to gain privileges or cause a denial of service (double free) by setting the HDLC line discipline.
CVE-2016-10200	Hig	7.0	< 4.4.59-92.17.3	4.4.59-92.17.3	Mar 7, 2017	Race condition in the L2TPv3 IP Encapsulation feature in the Linux kernel before 4.8.14 allows local users to gain privileges or cause a denial of service (use-after-free) by making multiple bind system calls without properly ascertaining whether a socket has the SOCK_ZAPPED stat
CVE-2017-6353	Med	5.5	< 4.4.59-92.17.3	4.4.59-92.17.3	Mar 1, 2017	net/sctp/socket.c in the Linux kernel through 4.10.1 does not properly restrict association peel-off operations during certain wait states, which allows local users to cause a denial of service (invalid unlock and double free) via a multithreaded application. NOTE: this vulnerab
CVE-2017-6347	Hig	7.8	< 4.4.59-92.17.3	4.4.59-92.17.3	Mar 1, 2017	The ip_cmsg_recv_checksum function in net/ipv4/ip_sockglue.c in the Linux kernel before 4.10.1 has incorrect expectations about skb data layout, which allows local users to cause a denial of service (buffer over-read) or possibly have unspecified other impact via crafted system c
CVE-2017-6346	Hig	7.0	< 4.4.59-92.17.3	4.4.59-92.17.3	Mar 1, 2017	Race condition in net/packet/af_packet.c in the Linux kernel before 4.9.13 allows local users to cause a denial of service (use-after-free) or possibly have unspecified other impact via a multithreaded application that makes PACKET_FANOUT setsockopt system calls.
CVE-2017-6345	Hig	7.8	< 4.4.59-92.17.3	4.4.59-92.17.3	Mar 1, 2017	The LLC subsystem in the Linux kernel before 4.9.13 does not ensure that a certain destructor exists in required circumstances, which allows local users to cause a denial of service (BUG_ON) or possibly have unspecified other impact via crafted system calls.
CVE-2017-6214	Hig	7.5	< 4.4.59-92.17.3	4.4.59-92.17.3	Feb 23, 2017	The tcp_splice_read function in net/ipv4/tcp.c in the Linux kernel before 4.9.11 allows remote attackers to cause a denial of service (infinite loop and soft lockup) via vectors involving a TCP packet with the URG flag.
CVE-2016-8636	Hig	7.8	< 4.4.121-92.109.2	4.4.121-92.109.2	Feb 22, 2017	Integer overflow in the mem_check_range function in drivers/infiniband/sw/rxe/rxe_mr.c in the Linux kernel before 4.9.10 allows local users to cause a denial of service (memory corruption), obtain sensitive information from kernel memory, or possibly have unspecified other impact
CVE-2017-6074	Hig	7.8	< 4.4.59-92.17.3	4.4.59-92.17.3	Feb 18, 2017	The dccp_rcv_state_process function in net/dccp/input.c in the Linux kernel through 4.9.11 mishandles DCCP_PKT_REQUEST packet data structures in the LISTEN state, which allows local users to obtain root privileges or cause a denial of service (double free) via an application that

CVE-2017-7618HigApr 10, 2017
affected < 4.4.74-92.29.1fixed 4.4.74-92.29.1
crypto/ahash.c in the Linux kernel through 4.10.9 allows attackers to cause a denial of service (API operation calling its own callback, and infinite recursion) by triggering EBUSY on a full queue.
CVE-2017-7616MedApr 10, 2017
affected < 4.4.74-92.29.1fixed 4.4.74-92.29.1
Incorrect error handling in the set_mempolicy and mbind compat syscalls in mm/mempolicy.c in the Linux kernel through 4.10.9 allows local users to obtain sensitive information from uninitialized stack data by triggering failure of a certain bitmap operation.
CVE-2017-2671MedApr 5, 2017
affected < 4.4.59-92.17.3fixed 4.4.59-92.17.3
The ping_unhash function in net/ipv4/ping.c in the Linux kernel through 4.10.8 is too late in obtaining a certain lock and consequently cannot ensure that disconnect function calls are safe, which allows local users to cause a denial of service (panic) by leveraging access to the
CVE-2017-7374HigMar 31, 2017
affected < 4.4.59-92.17.3fixed 4.4.59-92.17.3
Use-after-free vulnerability in fs/crypto/ in the Linux kernel before 4.10.7 allows local users to cause a denial of service (NULL pointer dereference) or possibly gain privileges by revoking keyring keys being used for ext4, f2fs, or ubifs encryption, causing cryptographic trans
CVE-2017-7346MedMar 30, 2017
affected < 4.4.74-92.29.1fixed 4.4.74-92.29.1
The vmw_gb_surface_define_ioctl function in drivers/gpu/drm/vmwgfx/vmwgfx_surface.c in the Linux kernel through 4.10.7 does not validate certain levels data, which allows local users to cause a denial of service (system hang) via a crafted ioctl call for a /dev/dri/renderD* devic
CVE-2017-7308HigMar 29, 2017
affected < 4.4.59-92.17.3fixed 4.4.59-92.17.3
The packet_set_ring function in net/packet/af_packet.c in the Linux kernel through 4.10.6 does not properly validate certain block-size data, which allows local users to cause a denial of service (integer signedness error and out-of-bounds write), or gain privileges (if the CAP_N
CVE-2017-7294HigMar 29, 2017
affected < 4.4.59-92.17.3fixed 4.4.59-92.17.3
The vmw_surface_define_ioctl function in drivers/gpu/drm/vmwgfx/vmwgfx_surface.c in the Linux kernel through 4.10.6 does not validate addition of certain levels data, which allows local users to trigger an integer overflow and out-of-bounds write, and cause a denial of service (s
CVE-2017-7261MedMar 24, 2017
affected < 4.4.59-92.17.3fixed 4.4.59-92.17.3
The vmw_surface_define_ioctl function in drivers/gpu/drm/vmwgfx/vmwgfx_surface.c in the Linux kernel through 4.10.5 does not check for a zero value of certain levels data, which allows local users to cause a denial of service (ZERO_SIZE_PTR dereference, and GPF and possibly panic
CVE-2017-5897CriMar 23, 2017
affected < 4.4.49-92.11.1fixed 4.4.49-92.11.1
The ip6gre_err function in net/ipv6/ip6_gre.c in the Linux kernel allows remote attackers to have unspecified impact via vectors involving GRE flags in an IPv6 packet, which trigger an out-of-bounds access.
CVE-2017-7187HigMar 20, 2017
affected < 4.4.59-92.17.3fixed 4.4.59-92.17.3
The sg_ioctl function in drivers/scsi/sg.c in the Linux kernel through 4.10.4 allows local users to cause a denial of service (stack-based buffer overflow) or possibly have unspecified other impact via a large command size in an SG_NEXT_CMD_LEN ioctl call, leading to out-of-bound
CVE-2017-7184HigMar 19, 2017
affected < 4.4.49-92.14.1fixed 4.4.49-92.14.1
The xfrm_replay_verify_len function in net/xfrm/xfrm_user.c in the Linux kernel through 4.10.6 does not validate certain size data after an XFRM_MSG_NEWAE update, which allows local users to obtain root privileges or cause a denial of service (heap-based out-of-bounds access) by
CVE-2017-2636HigMar 7, 2017
affected < 4.4.49-92.14.1fixed 4.4.49-92.14.1
Race condition in drivers/tty/n_hdlc.c in the Linux kernel through 4.10.1 allows local users to gain privileges or cause a denial of service (double free) by setting the HDLC line discipline.
CVE-2016-10200HigMar 7, 2017
affected < 4.4.59-92.17.3fixed 4.4.59-92.17.3
Race condition in the L2TPv3 IP Encapsulation feature in the Linux kernel before 4.8.14 allows local users to gain privileges or cause a denial of service (use-after-free) by making multiple bind system calls without properly ascertaining whether a socket has the SOCK_ZAPPED stat
CVE-2017-6353MedMar 1, 2017
affected < 4.4.59-92.17.3fixed 4.4.59-92.17.3
net/sctp/socket.c in the Linux kernel through 4.10.1 does not properly restrict association peel-off operations during certain wait states, which allows local users to cause a denial of service (invalid unlock and double free) via a multithreaded application. NOTE: this vulnerab
CVE-2017-6347HigMar 1, 2017
affected < 4.4.59-92.17.3fixed 4.4.59-92.17.3
The ip_cmsg_recv_checksum function in net/ipv4/ip_sockglue.c in the Linux kernel before 4.10.1 has incorrect expectations about skb data layout, which allows local users to cause a denial of service (buffer over-read) or possibly have unspecified other impact via crafted system c
CVE-2017-6346HigMar 1, 2017
affected < 4.4.59-92.17.3fixed 4.4.59-92.17.3
Race condition in net/packet/af_packet.c in the Linux kernel before 4.9.13 allows local users to cause a denial of service (use-after-free) or possibly have unspecified other impact via a multithreaded application that makes PACKET_FANOUT setsockopt system calls.
CVE-2017-6345HigMar 1, 2017
affected < 4.4.59-92.17.3fixed 4.4.59-92.17.3
The LLC subsystem in the Linux kernel before 4.9.13 does not ensure that a certain destructor exists in required circumstances, which allows local users to cause a denial of service (BUG_ON) or possibly have unspecified other impact via crafted system calls.
CVE-2017-6214HigFeb 23, 2017
affected < 4.4.59-92.17.3fixed 4.4.59-92.17.3
The tcp_splice_read function in net/ipv4/tcp.c in the Linux kernel before 4.9.11 allows remote attackers to cause a denial of service (infinite loop and soft lockup) via vectors involving a TCP packet with the URG flag.
CVE-2016-8636HigFeb 22, 2017
affected < 4.4.121-92.109.2fixed 4.4.121-92.109.2
Integer overflow in the mem_check_range function in drivers/infiniband/sw/rxe/rxe_mr.c in the Linux kernel before 4.9.10 allows local users to cause a denial of service (memory corruption), obtain sensitive information from kernel memory, or possibly have unspecified other impact
CVE-2017-6074HigFeb 18, 2017
affected < 4.4.59-92.17.3fixed 4.4.59-92.17.3
The dccp_rcv_state_process function in net/dccp/input.c in the Linux kernel through 4.9.11 mishandles DCCP_PKT_REQUEST packet data structures in the LISTEN state, which allows local users to obtain root privileges or cause a denial of service (double free) via an application that

Page 20 of 22