rpm package
suse/kernel-default&distro=SUSE OpenStack Cloud Crowbar 8
pkg:rpm/suse/kernel-default&distro=SUSE%20OpenStack%20Cloud%20Crowbar%208
Vulnerabilities (347)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2018-13405 | — | < 4.4.180-94.150.1 | 4.4.180-94.150.1 | Jul 6, 2018 | The inode_init_owner function in fs/inode.c in the Linux kernel through 3.16 allows local users to create files with an unintended group ownership, in a scenario where a directory is SGID to a certain group and is writable by a user who is not a member of that group. Here, the no | ||
| CVE-2017-18255 | — | < 4.4.180-94.116.1 | 4.4.180-94.116.1 | Mar 31, 2018 | The perf_cpu_time_max_percent_handler function in kernel/events/core.c in the Linux kernel before 4.11 allows local users to cause a denial of service (integer overflow) or possibly have unspecified other impact via a large value, as demonstrated by an incorrect sample-rate calcu | ||
| CVE-2018-7755 | — | < 4.4.180-94.164.3 | 4.4.180-94.164.3 | Mar 8, 2018 | An issue was discovered in the fd_locked_ioctl function in drivers/block/floppy.c in the Linux kernel through 4.15.7. The floppy driver will copy a kernel pointer to user memory in response to the FDGETPRM ioctl. An attacker can send the FDGETPRM ioctl and use the obtained kernel | ||
| CVE-2017-18204 | — | < 4.4.180-94.135.1 | 4.4.180-94.135.1 | Feb 27, 2018 | The ocfs2_setattr function in fs/ocfs2/file.c in the Linux kernel before 4.14.2 allows local users to cause a denial of service (deadlock) via DIO requests. | ||
| CVE-2017-17864 | Low | 3.3 | < 4.4.180-94.150.1 | 4.4.180-94.150.1 | Dec 27, 2017 | kernel/bpf/verifier.c in the Linux kernel through 4.14.8 mishandles states_equal comparisons between the pointer data type and the UNKNOWN_VALUE data type, which allows local users to obtain potentially sensitive address information, aka a "pointer leak." | |
| CVE-2017-17862 | Med | 5.5 | < 4.4.180-94.150.1 | 4.4.180-94.150.1 | Dec 27, 2017 | kernel/bpf/verifier.c in the Linux kernel through 4.14.8 ignores unreachable code, even though it would still be processed by JIT compilers. This behavior, also considered an improper branch-pruning logic issue, could possibly be used by local users for denial of service. | |
| CVE-2017-13695 | Med | 5.5 | < 4.4.180-94.164.3 | 4.4.180-94.164.3 | Aug 25, 2017 | The acpi_ns_evaluate() function in drivers/acpi/acpica/nseval.c in the Linux kernel through 4.12.9 does not flush the operand cache and causes a kernel stack dump, which allows local users to obtain sensitive information from kernel memory and bypass the KASLR protection mechanis |
- CVE-2018-13405Jul 6, 2018affected < 4.4.180-94.150.1fixed 4.4.180-94.150.1
The inode_init_owner function in fs/inode.c in the Linux kernel through 3.16 allows local users to create files with an unintended group ownership, in a scenario where a directory is SGID to a certain group and is writable by a user who is not a member of that group. Here, the no
- CVE-2017-18255Mar 31, 2018affected < 4.4.180-94.116.1fixed 4.4.180-94.116.1
The perf_cpu_time_max_percent_handler function in kernel/events/core.c in the Linux kernel before 4.11 allows local users to cause a denial of service (integer overflow) or possibly have unspecified other impact via a large value, as demonstrated by an incorrect sample-rate calcu
- CVE-2018-7755Mar 8, 2018affected < 4.4.180-94.164.3fixed 4.4.180-94.164.3
An issue was discovered in the fd_locked_ioctl function in drivers/block/floppy.c in the Linux kernel through 4.15.7. The floppy driver will copy a kernel pointer to user memory in response to the FDGETPRM ioctl. An attacker can send the FDGETPRM ioctl and use the obtained kernel
- CVE-2017-18204Feb 27, 2018affected < 4.4.180-94.135.1fixed 4.4.180-94.135.1
The ocfs2_setattr function in fs/ocfs2/file.c in the Linux kernel before 4.14.2 allows local users to cause a denial of service (deadlock) via DIO requests.
- affected < 4.4.180-94.150.1fixed 4.4.180-94.150.1
kernel/bpf/verifier.c in the Linux kernel through 4.14.8 mishandles states_equal comparisons between the pointer data type and the UNKNOWN_VALUE data type, which allows local users to obtain potentially sensitive address information, aka a "pointer leak."
- affected < 4.4.180-94.150.1fixed 4.4.180-94.150.1
kernel/bpf/verifier.c in the Linux kernel through 4.14.8 ignores unreachable code, even though it would still be processed by JIT compilers. This behavior, also considered an improper branch-pruning logic issue, could possibly be used by local users for denial of service.
- affected < 4.4.180-94.164.3fixed 4.4.180-94.164.3
The acpi_ns_evaluate() function in drivers/acpi/acpica/nseval.c in the Linux kernel through 4.12.9 does not flush the operand cache and causes a kernel stack dump, which allows local users to obtain sensitive information from kernel memory and bypass the KASLR protection mechanis
Page 18 of 18