rpm package
suse/kernel-ec2&distro=SUSE Linux Enterprise Server 11 SP4
pkg:rpm/suse/kernel-ec2&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP4
Vulnerabilities (269)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2015-7509 | Med | 4.4 | < 3.0.101-68.1 | 3.0.101-68.1 | Dec 28, 2015 | fs/ext4/namei.c in the Linux kernel before 3.7 allows physically proximate attackers to cause a denial of service (system crash) via a crafted no-journal filesystem, a related issue to CVE-2013-2015. | |
| CVE-2013-7446 | Med | 5.3 | < 3.0.101-71.1 | 3.0.101-71.1 | Dec 28, 2015 | Use-after-free vulnerability in net/unix/af_unix.c in the Linux kernel before 4.3.3 allows local users to bypass intended AF_UNIX socket permissions or cause a denial of service (panic) via crafted epoll_ctl calls. | |
| CVE-2015-0272 | — | < 3.0.101-68.1 | 3.0.101-68.1 | Nov 17, 2015 | GNOME NetworkManager allows remote attackers to cause a denial of service (IPv6 traffic disruption) via a crafted MTU value in an IPv6 Router Advertisement (RA) message, a different vulnerability than CVE-2015-8215. | ||
| CVE-2015-8215 | — | < 3.0.101-68.1 | 3.0.101-68.1 | Nov 16, 2015 | net/ipv6/addrconf.c in the IPv6 stack in the Linux kernel before 4.0 does not validate attempted changes to the MTU value, which allows context-dependent attackers to cause a denial of service (packet loss) via a value that is (1) smaller than the minimum compliant value or (2) l | ||
| CVE-2015-8104 | Cri | 10.0 | < 3.0.101-68.1 | 3.0.101-68.1 | Nov 16, 2015 | The KVM subsystem in the Linux kernel through 4.2.6, and Xen 4.3.x through 4.6.x, allows guest OS users to cause a denial of service (host OS panic or hang) by triggering many #DB (aka Debug) exceptions, related to svm.c. | |
| CVE-2015-7872 | — | < 3.0.101-68.1 | 3.0.101-68.1 | Nov 16, 2015 | The key_gc_unused_keys function in security/keys/gc.c in the Linux kernel through 4.2.6 allows local users to cause a denial of service (OOPS) via crafted keyctl commands. | ||
| CVE-2015-5307 | — | < 3.0.101-68.1 | 3.0.101-68.1 | Nov 16, 2015 | The KVM subsystem in the Linux kernel through 4.2.6, and Xen 4.3.x through 4.6.x, allows guest OS users to cause a denial of service (host OS panic or hang) by triggering many #AC (aka Alignment Check) exceptions, related to svm.c and vmx.c. | ||
| CVE-2015-7799 | — | < 3.0.101-68.1 | 3.0.101-68.1 | Oct 19, 2015 | The slhc_init function in drivers/net/slip/slhc.c in the Linux kernel through 4.2.3 does not ensure that certain slot numbers are valid, which allows local users to cause a denial of service (NULL pointer dereference and system crash) via a crafted PPPIOCSMAXCID ioctl call. | ||
| CVE-2015-6937 | — | < 3.0.101-68.1 | 3.0.101-68.1 | Oct 19, 2015 | The __rds_conn_create function in net/rds/connection.c in the Linux kernel through 4.2.3 allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact by using a socket that was not properly bound. | ||
| CVE-2015-6252 | — | < 3.0.101-65.1 | 3.0.101-65.1 | Oct 19, 2015 | The vhost_dev_ioctl function in drivers/vhost/vhost.c in the Linux kernel before 4.1.5 allows local users to cause a denial of service (memory consumption) via a VHOST_SET_LOG_FD ioctl call that triggers permanent file-descriptor allocation. | ||
| CVE-2015-5707 | — | < 3.0.101-65.1 | 3.0.101-65.1 | Oct 19, 2015 | Integer overflow in the sg_start_req function in drivers/scsi/sg.c in the Linux kernel 2.6.x through 4.x before 4.1 allows local users to cause a denial of service or possibly have unspecified other impact via a large iov_count value in a write request. | ||
| CVE-2015-5156 | — | < 3.0.101-108.38.1 | 3.0.101-108.38.1 | Oct 19, 2015 | The virtnet_probe function in drivers/net/virtio_net.c in the Linux kernel before 4.2 attempts to support a FRAGLIST feature without proper memory allocation, which allows guest OS users to cause a denial of service (buffer overflow and memory corruption) via a crafted sequence o | ||
| CVE-2015-5366 | — | < 3.0.101-65.1 | 3.0.101-65.1 | Aug 31, 2015 | The (1) udp_recvmsg and (2) udpv6_recvmsg functions in the Linux kernel before 4.0.6 provide inappropriate -EAGAIN return values, which allows remote attackers to cause a denial of service (EPOLLET epoll application read outage) via an incorrect checksum in a UDP packet, a differ | ||
| CVE-2015-5364 | — | < 3.0.101-65.1 | 3.0.101-65.1 | Aug 31, 2015 | The (1) udp_recvmsg and (2) udpv6_recvmsg functions in the Linux kernel before 4.0.6 do not properly consider yielding a processor, which allows remote attackers to cause a denial of service (system hang) via incorrect checksums within a UDP packet flood. | ||
| CVE-2015-5157 | — | < 3.0.101-68.1 | 3.0.101-68.1 | Aug 31, 2015 | arch/x86/entry/entry_64.S in the Linux kernel before 4.1.6 on the x86_64 platform mishandles IRET faults in processing NMIs that occurred during userspace execution, which might allow local users to gain privileges by triggering an NMI. | ||
| CVE-2015-4700 | — | < 3.0.101-65.1 | 3.0.101-65.1 | Aug 31, 2015 | The bpf_int_jit_compile function in arch/x86/net/bpf_jit_comp.c in the Linux kernel before 4.0.6 allows local users to cause a denial of service (system crash) by creating a packet filter and then loading crafted BPF instructions that trigger late convergence by the JIT compiler. | ||
| CVE-2014-9731 | — | < 3.0.101-65.1 | 3.0.101-65.1 | Aug 31, 2015 | The UDF filesystem implementation in the Linux kernel before 3.18.2 does not ensure that space is available for storing a symlink target's name along with a trailing \0 character, which allows local users to obtain sensitive information via a crafted filesystem image, related to | ||
| CVE-2014-9730 | — | < 3.0.101-65.1 | 3.0.101-65.1 | Aug 31, 2015 | The udf_pc_to_char function in fs/udf/symlink.c in the Linux kernel before 3.18.2 relies on component lengths that are unused, which allows local users to cause a denial of service (system crash) via a crafted UDF filesystem image. | ||
| CVE-2014-9729 | — | < 3.0.101-65.1 | 3.0.101-65.1 | Aug 31, 2015 | The udf_read_inode function in fs/udf/inode.c in the Linux kernel before 3.18.2 does not ensure a certain data-structure size consistency, which allows local users to cause a denial of service (system crash) via a crafted UDF filesystem image. | ||
| CVE-2014-9728 | — | < 3.0.101-65.1 | 3.0.101-65.1 | Aug 31, 2015 | The UDF filesystem implementation in the Linux kernel before 3.18.2 does not validate certain lengths, which allows local users to cause a denial of service (buffer over-read and system crash) via a crafted filesystem image, related to fs/udf/inode.c and fs/udf/symlink.c. |
- affected < 3.0.101-68.1fixed 3.0.101-68.1
fs/ext4/namei.c in the Linux kernel before 3.7 allows physically proximate attackers to cause a denial of service (system crash) via a crafted no-journal filesystem, a related issue to CVE-2013-2015.
- affected < 3.0.101-71.1fixed 3.0.101-71.1
Use-after-free vulnerability in net/unix/af_unix.c in the Linux kernel before 4.3.3 allows local users to bypass intended AF_UNIX socket permissions or cause a denial of service (panic) via crafted epoll_ctl calls.
- CVE-2015-0272Nov 17, 2015affected < 3.0.101-68.1fixed 3.0.101-68.1
GNOME NetworkManager allows remote attackers to cause a denial of service (IPv6 traffic disruption) via a crafted MTU value in an IPv6 Router Advertisement (RA) message, a different vulnerability than CVE-2015-8215.
- CVE-2015-8215Nov 16, 2015affected < 3.0.101-68.1fixed 3.0.101-68.1
net/ipv6/addrconf.c in the IPv6 stack in the Linux kernel before 4.0 does not validate attempted changes to the MTU value, which allows context-dependent attackers to cause a denial of service (packet loss) via a value that is (1) smaller than the minimum compliant value or (2) l
- affected < 3.0.101-68.1fixed 3.0.101-68.1
The KVM subsystem in the Linux kernel through 4.2.6, and Xen 4.3.x through 4.6.x, allows guest OS users to cause a denial of service (host OS panic or hang) by triggering many #DB (aka Debug) exceptions, related to svm.c.
- CVE-2015-7872Nov 16, 2015affected < 3.0.101-68.1fixed 3.0.101-68.1
The key_gc_unused_keys function in security/keys/gc.c in the Linux kernel through 4.2.6 allows local users to cause a denial of service (OOPS) via crafted keyctl commands.
- CVE-2015-5307Nov 16, 2015affected < 3.0.101-68.1fixed 3.0.101-68.1
The KVM subsystem in the Linux kernel through 4.2.6, and Xen 4.3.x through 4.6.x, allows guest OS users to cause a denial of service (host OS panic or hang) by triggering many #AC (aka Alignment Check) exceptions, related to svm.c and vmx.c.
- CVE-2015-7799Oct 19, 2015affected < 3.0.101-68.1fixed 3.0.101-68.1
The slhc_init function in drivers/net/slip/slhc.c in the Linux kernel through 4.2.3 does not ensure that certain slot numbers are valid, which allows local users to cause a denial of service (NULL pointer dereference and system crash) via a crafted PPPIOCSMAXCID ioctl call.
- CVE-2015-6937Oct 19, 2015affected < 3.0.101-68.1fixed 3.0.101-68.1
The __rds_conn_create function in net/rds/connection.c in the Linux kernel through 4.2.3 allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact by using a socket that was not properly bound.
- CVE-2015-6252Oct 19, 2015affected < 3.0.101-65.1fixed 3.0.101-65.1
The vhost_dev_ioctl function in drivers/vhost/vhost.c in the Linux kernel before 4.1.5 allows local users to cause a denial of service (memory consumption) via a VHOST_SET_LOG_FD ioctl call that triggers permanent file-descriptor allocation.
- CVE-2015-5707Oct 19, 2015affected < 3.0.101-65.1fixed 3.0.101-65.1
Integer overflow in the sg_start_req function in drivers/scsi/sg.c in the Linux kernel 2.6.x through 4.x before 4.1 allows local users to cause a denial of service or possibly have unspecified other impact via a large iov_count value in a write request.
- CVE-2015-5156Oct 19, 2015affected < 3.0.101-108.38.1fixed 3.0.101-108.38.1
The virtnet_probe function in drivers/net/virtio_net.c in the Linux kernel before 4.2 attempts to support a FRAGLIST feature without proper memory allocation, which allows guest OS users to cause a denial of service (buffer overflow and memory corruption) via a crafted sequence o
- CVE-2015-5366Aug 31, 2015affected < 3.0.101-65.1fixed 3.0.101-65.1
The (1) udp_recvmsg and (2) udpv6_recvmsg functions in the Linux kernel before 4.0.6 provide inappropriate -EAGAIN return values, which allows remote attackers to cause a denial of service (EPOLLET epoll application read outage) via an incorrect checksum in a UDP packet, a differ
- CVE-2015-5364Aug 31, 2015affected < 3.0.101-65.1fixed 3.0.101-65.1
The (1) udp_recvmsg and (2) udpv6_recvmsg functions in the Linux kernel before 4.0.6 do not properly consider yielding a processor, which allows remote attackers to cause a denial of service (system hang) via incorrect checksums within a UDP packet flood.
- CVE-2015-5157Aug 31, 2015affected < 3.0.101-68.1fixed 3.0.101-68.1
arch/x86/entry/entry_64.S in the Linux kernel before 4.1.6 on the x86_64 platform mishandles IRET faults in processing NMIs that occurred during userspace execution, which might allow local users to gain privileges by triggering an NMI.
- CVE-2015-4700Aug 31, 2015affected < 3.0.101-65.1fixed 3.0.101-65.1
The bpf_int_jit_compile function in arch/x86/net/bpf_jit_comp.c in the Linux kernel before 4.0.6 allows local users to cause a denial of service (system crash) by creating a packet filter and then loading crafted BPF instructions that trigger late convergence by the JIT compiler.
- CVE-2014-9731Aug 31, 2015affected < 3.0.101-65.1fixed 3.0.101-65.1
The UDF filesystem implementation in the Linux kernel before 3.18.2 does not ensure that space is available for storing a symlink target's name along with a trailing \0 character, which allows local users to obtain sensitive information via a crafted filesystem image, related to
- CVE-2014-9730Aug 31, 2015affected < 3.0.101-65.1fixed 3.0.101-65.1
The udf_pc_to_char function in fs/udf/symlink.c in the Linux kernel before 3.18.2 relies on component lengths that are unused, which allows local users to cause a denial of service (system crash) via a crafted UDF filesystem image.
- CVE-2014-9729Aug 31, 2015affected < 3.0.101-65.1fixed 3.0.101-65.1
The udf_read_inode function in fs/udf/inode.c in the Linux kernel before 3.18.2 does not ensure a certain data-structure size consistency, which allows local users to cause a denial of service (system crash) via a crafted UDF filesystem image.
- CVE-2014-9728Aug 31, 2015affected < 3.0.101-65.1fixed 3.0.101-65.1
The UDF filesystem implementation in the Linux kernel before 3.18.2 does not validate certain lengths, which allows local users to cause a denial of service (buffer over-read and system crash) via a crafted filesystem image, related to fs/udf/inode.c and fs/udf/symlink.c.
Page 13 of 14