rpm package
suse/kernel-firmware&distro=SUSE Linux Enterprise Server 12-LTSS
pkg:rpm/suse/kernel-firmware&distro=SUSE%20Linux%20Enterprise%20Server%2012-LTSS
Vulnerabilities (3)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2018-5383 | — | < 20140807git-5.11.1 | 20140807git-5.11.1 | Aug 7, 2018 | Bluetooth firmware or operating system software drivers in macOS versions before 10.13, High Sierra and iOS versions before 11.4, and Android versions before the 2018-06-05 patch may not sufficiently validate elliptic curve parameters used to generate public keys during a Diffie- | ||
| CVE-2015-1142857 | — | < 20140807git-5.8.1 | 20140807git-5.8.1 | Jan 23, 2018 | On multiple SR-IOV cars it is possible for VF's assigned to guests to send ethernet flow control pause frames via the PF. This includes Linux kernel ixgbe driver before commit f079fa005aae08ee0e1bc32699874ff4f02e11c1, the Linux Kernel i40e/i40evf driver before e7358f54a3954df16d4 | ||
| CVE-2017-5715 | — | < 20140807git-5.3.1 | 20140807git-5.3.1 | Jan 4, 2018 | Systems with microprocessors utilizing speculative execution and indirect branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis. |
- CVE-2018-5383Aug 7, 2018affected < 20140807git-5.11.1fixed 20140807git-5.11.1
Bluetooth firmware or operating system software drivers in macOS versions before 10.13, High Sierra and iOS versions before 11.4, and Android versions before the 2018-06-05 patch may not sufficiently validate elliptic curve parameters used to generate public keys during a Diffie-
- CVE-2015-1142857Jan 23, 2018affected < 20140807git-5.8.1fixed 20140807git-5.8.1
On multiple SR-IOV cars it is possible for VF's assigned to guests to send ethernet flow control pause frames via the PF. This includes Linux kernel ixgbe driver before commit f079fa005aae08ee0e1bc32699874ff4f02e11c1, the Linux Kernel i40e/i40evf driver before e7358f54a3954df16d4
- CVE-2017-5715Jan 4, 2018affected < 20140807git-5.3.1fixed 20140807git-5.3.1
Systems with microprocessors utilizing speculative execution and indirect branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis.