rpm package
suse/kernel-ec2&distro=SUSE Linux Enterprise Module for Public Cloud 12
pkg:rpm/suse/kernel-ec2&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Public%20Cloud%2012
Vulnerabilities (409)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2015-8104 | Cri | 10.0 | < 3.12.51-52.31.1 | 3.12.51-52.31.1 | Nov 16, 2015 | The KVM subsystem in the Linux kernel through 4.2.6, and Xen 4.3.x through 4.6.x, allows guest OS users to cause a denial of service (host OS panic or hang) by triggering many #DB (aka Debug) exceptions, related to svm.c. | |
| CVE-2015-7872 | — | < 3.12.51-52.31.1 | 3.12.51-52.31.1 | Nov 16, 2015 | The key_gc_unused_keys function in security/keys/gc.c in the Linux kernel through 4.2.6 allows local users to cause a denial of service (OOPS) via crafted keyctl commands. | ||
| CVE-2015-5307 | — | < 3.12.51-52.31.1 | 3.12.51-52.31.1 | Nov 16, 2015 | The KVM subsystem in the Linux kernel through 4.2.6, and Xen 4.3.x through 4.6.x, allows guest OS users to cause a denial of service (host OS panic or hang) by triggering many #AC (aka Alignment Check) exceptions, related to svm.c and vmx.c. | ||
| CVE-2015-2925 | — | < 3.12.51-52.31.1 | 3.12.51-52.31.1 | Nov 16, 2015 | The prepend_path function in fs/dcache.c in the Linux kernel before 4.2.4 does not properly handle rename actions inside a bind mount, which allows local users to bypass an intended container protection mechanism by renaming a directory, related to a "double-chroot attack." | ||
| CVE-2015-7833 | — | < 3.12.62-60.62.1 | 3.12.62-60.62.1 | Oct 19, 2015 | The usbvision driver in the Linux kernel package 3.10.0-123.20.1.el7 through 3.10.0-229.14.1.el7 in Red Hat Enterprise Linux (RHEL) 7.1 allows physically proximate attackers to cause a denial of service (panic) via a nonzero bInterfaceNumber value in a USB device descriptor. | ||
| CVE-2015-7799 | — | < 3.12.51-52.31.1 | 3.12.51-52.31.1 | Oct 19, 2015 | The slhc_init function in drivers/net/slip/slhc.c in the Linux kernel through 4.2.3 does not ensure that certain slot numbers are valid, which allows local users to cause a denial of service (NULL pointer dereference and system crash) via a crafted PPPIOCSMAXCID ioctl call. | ||
| CVE-2015-7613 | — | < 3.12.48-52.27.1 | 3.12.48-52.27.1 | Oct 19, 2015 | Race condition in the IPC object implementation in the Linux kernel through 4.2.3 allows local users to gain privileges by triggering an ipc_addid call that leads to uid and gid comparisons against uninitialized data, related to msg.c, shm.c, and util.c. | ||
| CVE-2015-6937 | — | < 3.12.48-52.27.1 | 3.12.48-52.27.1 | Oct 19, 2015 | The __rds_conn_create function in net/rds/connection.c in the Linux kernel through 4.2.3 allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact by using a socket that was not properly bound. | ||
| CVE-2015-6252 | — | < 3.12.48-52.27.1 | 3.12.48-52.27.1 | Oct 19, 2015 | The vhost_dev_ioctl function in drivers/vhost/vhost.c in the Linux kernel before 4.1.5 allows local users to cause a denial of service (memory consumption) via a VHOST_SET_LOG_FD ioctl call that triggers permanent file-descriptor allocation. | ||
| CVE-2015-5707 | — | < 3.12.53-60.30.1 | 3.12.53-60.30.1 | Oct 19, 2015 | Integer overflow in the sg_start_req function in drivers/scsi/sg.c in the Linux kernel 2.6.x through 4.x before 4.1 allows local users to cause a denial of service or possibly have unspecified other impact via a large iov_count value in a write request. | ||
| CVE-2015-5283 | — | < 3.12.48-52.27.1 | 3.12.48-52.27.1 | Oct 19, 2015 | The sctp_init function in net/sctp/protocol.c in the Linux kernel before 4.2.3 has an incorrect sequence of protocol-initialization steps, which allows local users to cause a denial of service (panic or memory corruption) by creating SCTP sockets before all of the steps have fini | ||
| CVE-2015-5156 | — | < 3.12.48-52.27.1 | 3.12.48-52.27.1 | Oct 19, 2015 | The virtnet_probe function in drivers/net/virtio_net.c in the Linux kernel before 4.2 attempts to support a FRAGLIST feature without proper memory allocation, which allows guest OS users to cause a denial of service (buffer overflow and memory corruption) via a crafted sequence o | ||
| CVE-2015-4036 | — | < 3.12.44-52.10.1 | 3.12.44-52.10.1 | Aug 31, 2015 | Array index error in the tcm_vhost_make_tpg function in drivers/vhost/scsi.c in the Linux kernel before 4.0 might allow guest OS users to cause a denial of service (memory corruption) or possibly have unspecified other impact via a crafted VHOST_SCSI_SET_ENDPOINT ioctl call. NOT | ||
| CVE-2015-5697 | — | < 3.12.48-52.27.1 | 3.12.48-52.27.1 | Aug 31, 2015 | The get_bitmap_file function in drivers/md/md.c in the Linux kernel before 4.1.6 does not initialize a certain bitmap data structure, which allows local users to obtain sensitive information from kernel memory via a GET_BITMAP_FILE ioctl call. | ||
| CVE-2015-5366 | — | < 3.12.44-52.10.1 | 3.12.44-52.10.1 | Aug 31, 2015 | The (1) udp_recvmsg and (2) udpv6_recvmsg functions in the Linux kernel before 4.0.6 provide inappropriate -EAGAIN return values, which allows remote attackers to cause a denial of service (EPOLLET epoll application read outage) via an incorrect checksum in a UDP packet, a differ | ||
| CVE-2015-5364 | — | < 3.12.44-52.10.1 | 3.12.44-52.10.1 | Aug 31, 2015 | The (1) udp_recvmsg and (2) udpv6_recvmsg functions in the Linux kernel before 4.0.6 do not properly consider yielding a processor, which allows remote attackers to cause a denial of service (system hang) via incorrect checksums within a UDP packet flood. | ||
| CVE-2015-5157 | — | < 3.12.48-52.27.1 | 3.12.48-52.27.1 | Aug 31, 2015 | arch/x86/entry/entry_64.S in the Linux kernel before 4.1.6 on the x86_64 platform mishandles IRET faults in processing NMIs that occurred during userspace execution, which might allow local users to gain privileges by triggering an NMI. | ||
| CVE-2015-3212 | — | < 3.12.44-52.10.1 | 3.12.44-52.10.1 | Aug 31, 2015 | Race condition in net/sctp/socket.c in the Linux kernel before 4.1.2 allows local users to cause a denial of service (list corruption and panic) via a rapid series of system calls related to sockets, as demonstrated by setsockopt calls. | ||
| CVE-2014-9731 | — | < 3.12.44-52.10.1 | 3.12.44-52.10.1 | Aug 31, 2015 | The UDF filesystem implementation in the Linux kernel before 3.18.2 does not ensure that space is available for storing a symlink target's name along with a trailing \0 character, which allows local users to obtain sensitive information via a crafted filesystem image, related to | ||
| CVE-2014-9730 | — | < 3.12.44-52.10.1 | 3.12.44-52.10.1 | Aug 31, 2015 | The udf_pc_to_char function in fs/udf/symlink.c in the Linux kernel before 3.18.2 relies on component lengths that are unused, which allows local users to cause a denial of service (system crash) via a crafted UDF filesystem image. |
- affected < 3.12.51-52.31.1fixed 3.12.51-52.31.1
The KVM subsystem in the Linux kernel through 4.2.6, and Xen 4.3.x through 4.6.x, allows guest OS users to cause a denial of service (host OS panic or hang) by triggering many #DB (aka Debug) exceptions, related to svm.c.
- CVE-2015-7872Nov 16, 2015affected < 3.12.51-52.31.1fixed 3.12.51-52.31.1
The key_gc_unused_keys function in security/keys/gc.c in the Linux kernel through 4.2.6 allows local users to cause a denial of service (OOPS) via crafted keyctl commands.
- CVE-2015-5307Nov 16, 2015affected < 3.12.51-52.31.1fixed 3.12.51-52.31.1
The KVM subsystem in the Linux kernel through 4.2.6, and Xen 4.3.x through 4.6.x, allows guest OS users to cause a denial of service (host OS panic or hang) by triggering many #AC (aka Alignment Check) exceptions, related to svm.c and vmx.c.
- CVE-2015-2925Nov 16, 2015affected < 3.12.51-52.31.1fixed 3.12.51-52.31.1
The prepend_path function in fs/dcache.c in the Linux kernel before 4.2.4 does not properly handle rename actions inside a bind mount, which allows local users to bypass an intended container protection mechanism by renaming a directory, related to a "double-chroot attack."
- CVE-2015-7833Oct 19, 2015affected < 3.12.62-60.62.1fixed 3.12.62-60.62.1
The usbvision driver in the Linux kernel package 3.10.0-123.20.1.el7 through 3.10.0-229.14.1.el7 in Red Hat Enterprise Linux (RHEL) 7.1 allows physically proximate attackers to cause a denial of service (panic) via a nonzero bInterfaceNumber value in a USB device descriptor.
- CVE-2015-7799Oct 19, 2015affected < 3.12.51-52.31.1fixed 3.12.51-52.31.1
The slhc_init function in drivers/net/slip/slhc.c in the Linux kernel through 4.2.3 does not ensure that certain slot numbers are valid, which allows local users to cause a denial of service (NULL pointer dereference and system crash) via a crafted PPPIOCSMAXCID ioctl call.
- CVE-2015-7613Oct 19, 2015affected < 3.12.48-52.27.1fixed 3.12.48-52.27.1
Race condition in the IPC object implementation in the Linux kernel through 4.2.3 allows local users to gain privileges by triggering an ipc_addid call that leads to uid and gid comparisons against uninitialized data, related to msg.c, shm.c, and util.c.
- CVE-2015-6937Oct 19, 2015affected < 3.12.48-52.27.1fixed 3.12.48-52.27.1
The __rds_conn_create function in net/rds/connection.c in the Linux kernel through 4.2.3 allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact by using a socket that was not properly bound.
- CVE-2015-6252Oct 19, 2015affected < 3.12.48-52.27.1fixed 3.12.48-52.27.1
The vhost_dev_ioctl function in drivers/vhost/vhost.c in the Linux kernel before 4.1.5 allows local users to cause a denial of service (memory consumption) via a VHOST_SET_LOG_FD ioctl call that triggers permanent file-descriptor allocation.
- CVE-2015-5707Oct 19, 2015affected < 3.12.53-60.30.1fixed 3.12.53-60.30.1
Integer overflow in the sg_start_req function in drivers/scsi/sg.c in the Linux kernel 2.6.x through 4.x before 4.1 allows local users to cause a denial of service or possibly have unspecified other impact via a large iov_count value in a write request.
- CVE-2015-5283Oct 19, 2015affected < 3.12.48-52.27.1fixed 3.12.48-52.27.1
The sctp_init function in net/sctp/protocol.c in the Linux kernel before 4.2.3 has an incorrect sequence of protocol-initialization steps, which allows local users to cause a denial of service (panic or memory corruption) by creating SCTP sockets before all of the steps have fini
- CVE-2015-5156Oct 19, 2015affected < 3.12.48-52.27.1fixed 3.12.48-52.27.1
The virtnet_probe function in drivers/net/virtio_net.c in the Linux kernel before 4.2 attempts to support a FRAGLIST feature without proper memory allocation, which allows guest OS users to cause a denial of service (buffer overflow and memory corruption) via a crafted sequence o
- CVE-2015-4036Aug 31, 2015affected < 3.12.44-52.10.1fixed 3.12.44-52.10.1
Array index error in the tcm_vhost_make_tpg function in drivers/vhost/scsi.c in the Linux kernel before 4.0 might allow guest OS users to cause a denial of service (memory corruption) or possibly have unspecified other impact via a crafted VHOST_SCSI_SET_ENDPOINT ioctl call. NOT
- CVE-2015-5697Aug 31, 2015affected < 3.12.48-52.27.1fixed 3.12.48-52.27.1
The get_bitmap_file function in drivers/md/md.c in the Linux kernel before 4.1.6 does not initialize a certain bitmap data structure, which allows local users to obtain sensitive information from kernel memory via a GET_BITMAP_FILE ioctl call.
- CVE-2015-5366Aug 31, 2015affected < 3.12.44-52.10.1fixed 3.12.44-52.10.1
The (1) udp_recvmsg and (2) udpv6_recvmsg functions in the Linux kernel before 4.0.6 provide inappropriate -EAGAIN return values, which allows remote attackers to cause a denial of service (EPOLLET epoll application read outage) via an incorrect checksum in a UDP packet, a differ
- CVE-2015-5364Aug 31, 2015affected < 3.12.44-52.10.1fixed 3.12.44-52.10.1
The (1) udp_recvmsg and (2) udpv6_recvmsg functions in the Linux kernel before 4.0.6 do not properly consider yielding a processor, which allows remote attackers to cause a denial of service (system hang) via incorrect checksums within a UDP packet flood.
- CVE-2015-5157Aug 31, 2015affected < 3.12.48-52.27.1fixed 3.12.48-52.27.1
arch/x86/entry/entry_64.S in the Linux kernel before 4.1.6 on the x86_64 platform mishandles IRET faults in processing NMIs that occurred during userspace execution, which might allow local users to gain privileges by triggering an NMI.
- CVE-2015-3212Aug 31, 2015affected < 3.12.44-52.10.1fixed 3.12.44-52.10.1
Race condition in net/sctp/socket.c in the Linux kernel before 4.1.2 allows local users to cause a denial of service (list corruption and panic) via a rapid series of system calls related to sockets, as demonstrated by setsockopt calls.
- CVE-2014-9731Aug 31, 2015affected < 3.12.44-52.10.1fixed 3.12.44-52.10.1
The UDF filesystem implementation in the Linux kernel before 3.18.2 does not ensure that space is available for storing a symlink target's name along with a trailing \0 character, which allows local users to obtain sensitive information via a crafted filesystem image, related to
- CVE-2014-9730Aug 31, 2015affected < 3.12.44-52.10.1fixed 3.12.44-52.10.1
The udf_pc_to_char function in fs/udf/symlink.c in the Linux kernel before 3.18.2 relies on component lengths that are unused, which allows local users to cause a denial of service (system crash) via a crafted UDF filesystem image.
Page 19 of 21