rpm package
suse/kernel-pae&distro=SUSE Linux Enterprise Server for SAP Applications 11 SP4
pkg:rpm/suse/kernel-pae&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2011%20SP4
Vulnerabilities (269)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2015-1805 | — | < 3.0.101-65.1 | 3.0.101-65.1 | Aug 8, 2015 | The (1) pipe_read and (2) pipe_write implementations in fs/pipe.c in the Linux kernel before 3.16 do not properly consider the side effects of failed __copy_to_user_inatomic and __copy_from_user_inatomic calls, which allows local users to cause a denial of service (system crash) | ||
| CVE-2015-4167 | — | < 3.0.101-65.1 | 3.0.101-65.1 | Aug 5, 2015 | The udf_read_inode function in fs/udf/inode.c in the Linux kernel before 3.19.1 does not validate certain length values, which allows local users to cause a denial of service (incorrect data representation or integer overflow, and OOPS) via a crafted UDF filesystem. | ||
| CVE-2015-2830 | — | < 3.0.101-65.1 | 3.0.101-65.1 | May 27, 2015 | arch/x86/kernel/entry_64.S in the Linux kernel before 3.19.2 does not prevent the TS_COMPAT flag from reaching a user-mode task, which might allow local users to bypass the seccomp or audit protection mechanism via a crafted application that uses the (1) fork or (2) close system | ||
| CVE-2015-0777 | — | < 3.0.101-65.1 | 3.0.101-65.1 | Apr 5, 2015 | drivers/xen/usbback/usbback.c in linux-2.6.18-xen-3.4.0 (aka the Xen 3.4.x support patches for the Linux kernel 2.6.18), as used in the Linux kernel 2.6.x and 3.x in SUSE Linux distributions, allows guest OS users to obtain sensitive information from uninitialized locations in ho | ||
| CVE-2015-1420 | — | < 3.0.101-65.1 | 3.0.101-65.1 | Mar 16, 2015 | Race condition in the handle_to_path function in fs/fhandle.c in the Linux kernel through 3.19.1 allows local users to bypass intended size restrictions and trigger read operations on additional memory locations by changing the handle_bytes value of a file handle during the execu | ||
| CVE-2015-2150 | — | < 3.0.101-65.1 | 3.0.101-65.1 | Mar 12, 2015 | Xen 3.3.x through 4.5.x and the Linux kernel through 3.19.1 do not properly restrict access to PCI command registers, which might allow local guest OS users to cause a denial of service (non-maskable interrupt and host crash) by disabling the (1) memory or (2) I/O decoding for a | ||
| CVE-2014-3688 | — | < 3.0.101-108.60.1 | 3.0.101-108.60.1 | Nov 30, 2014 | The SCTP implementation in the Linux kernel before 3.17.4 allows remote attackers to cause a denial of service (memory consumption) by triggering a large number of chunks in an association's output queue, as demonstrated by ASCONF probes, related to net/sctp/inqueue.c and net/sct | ||
| CVE-2013-6368 | — | < 3.0.101-94.1 | 3.0.101-94.1 | Dec 14, 2013 | The KVM subsystem in the Linux kernel through 3.12.5 allows local users to gain privileges or cause a denial of service (system crash) via a VAPIC synchronization operation involving a page-end address. | ||
| CVE-2004-0230 | — | < 3.0.101-94.1 | 3.0.101-94.1 | May 5, 2004 | TCP, when using a large Window Size, makes it easier for remote attackers to guess sequence numbers and cause a denial of service (connection loss) to persistent TCP connections by repeatedly injecting a TCP RST packet, especially in protocols that use long-lived connections, suc |
- CVE-2015-1805Aug 8, 2015affected < 3.0.101-65.1fixed 3.0.101-65.1
The (1) pipe_read and (2) pipe_write implementations in fs/pipe.c in the Linux kernel before 3.16 do not properly consider the side effects of failed __copy_to_user_inatomic and __copy_from_user_inatomic calls, which allows local users to cause a denial of service (system crash)
- CVE-2015-4167Aug 5, 2015affected < 3.0.101-65.1fixed 3.0.101-65.1
The udf_read_inode function in fs/udf/inode.c in the Linux kernel before 3.19.1 does not validate certain length values, which allows local users to cause a denial of service (incorrect data representation or integer overflow, and OOPS) via a crafted UDF filesystem.
- CVE-2015-2830May 27, 2015affected < 3.0.101-65.1fixed 3.0.101-65.1
arch/x86/kernel/entry_64.S in the Linux kernel before 3.19.2 does not prevent the TS_COMPAT flag from reaching a user-mode task, which might allow local users to bypass the seccomp or audit protection mechanism via a crafted application that uses the (1) fork or (2) close system
- CVE-2015-0777Apr 5, 2015affected < 3.0.101-65.1fixed 3.0.101-65.1
drivers/xen/usbback/usbback.c in linux-2.6.18-xen-3.4.0 (aka the Xen 3.4.x support patches for the Linux kernel 2.6.18), as used in the Linux kernel 2.6.x and 3.x in SUSE Linux distributions, allows guest OS users to obtain sensitive information from uninitialized locations in ho
- CVE-2015-1420Mar 16, 2015affected < 3.0.101-65.1fixed 3.0.101-65.1
Race condition in the handle_to_path function in fs/fhandle.c in the Linux kernel through 3.19.1 allows local users to bypass intended size restrictions and trigger read operations on additional memory locations by changing the handle_bytes value of a file handle during the execu
- CVE-2015-2150Mar 12, 2015affected < 3.0.101-65.1fixed 3.0.101-65.1
Xen 3.3.x through 4.5.x and the Linux kernel through 3.19.1 do not properly restrict access to PCI command registers, which might allow local guest OS users to cause a denial of service (non-maskable interrupt and host crash) by disabling the (1) memory or (2) I/O decoding for a
- CVE-2014-3688Nov 30, 2014affected < 3.0.101-108.60.1fixed 3.0.101-108.60.1
The SCTP implementation in the Linux kernel before 3.17.4 allows remote attackers to cause a denial of service (memory consumption) by triggering a large number of chunks in an association's output queue, as demonstrated by ASCONF probes, related to net/sctp/inqueue.c and net/sct
- CVE-2013-6368Dec 14, 2013affected < 3.0.101-94.1fixed 3.0.101-94.1
The KVM subsystem in the Linux kernel through 3.12.5 allows local users to gain privileges or cause a denial of service (system crash) via a VAPIC synchronization operation involving a page-end address.
- CVE-2004-0230May 5, 2004affected < 3.0.101-94.1fixed 3.0.101-94.1
TCP, when using a large Window Size, makes it easier for remote attackers to guess sequence numbers and cause a denial of service (connection loss) to persistent TCP connections by repeatedly injecting a TCP RST packet, especially in protocols that use long-lived connections, suc
Page 14 of 14