rpm package
suse/kernel-source&distro=SUSE Linux Enterprise Desktop 12
pkg:rpm/suse/kernel-source&distro=SUSE%20Linux%20Enterprise%20Desktop%2012
Vulnerabilities (98)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2015-2830 | — | < 3.12.43-52.6.1 | 3.12.43-52.6.1 | May 27, 2015 | arch/x86/kernel/entry_64.S in the Linux kernel before 3.19.2 does not prevent the TS_COMPAT flag from reaching a user-mode task, which might allow local users to bypass the seccomp or audit protection mechanism via a crafted application that uses the (1) fork or (2) close system | ||
| CVE-2015-2666 | — | < 3.12.43-52.6.1 | 3.12.43-52.6.1 | May 27, 2015 | Stack-based buffer overflow in the get_matching_model_microcode function in arch/x86/kernel/cpu/microcode/intel_early.c in the Linux kernel before 4.0 allows context-dependent attackers to gain privileges by constructing a crafted microcode header and leveraging root privileges f | ||
| CVE-2015-2042 | — | < 3.12.43-52.6.1 | 3.12.43-52.6.1 | Apr 21, 2015 | net/rds/sysctl.c in the Linux kernel before 3.19 uses an incorrect data type in a sysctl table, which allows local users to obtain potentially sensitive information from kernel memory or possibly have unspecified other impact by accessing a sysctl entry. | ||
| CVE-2015-2041 | — | < 3.12.43-52.6.1 | 3.12.43-52.6.1 | Apr 21, 2015 | net/llc/sysctl_net_llc.c in the Linux kernel before 3.19 uses an incorrect data type in a sysctl table, which allows local users to obtain potentially sensitive information from kernel memory or possibly have unspecified other impact by accessing a sysctl entry. | ||
| CVE-2015-1465 | — | < 3.12.43-52.6.1 | 3.12.43-52.6.1 | Apr 5, 2015 | The IPv4 implementation in the Linux kernel before 3.18.8 does not properly consider the length of the Read-Copy Update (RCU) grace period for redirecting lookups in the absence of caching, which allows remote attackers to cause a denial of service (memory consumption or system c | ||
| CVE-2015-0777 | — | < 3.12.39-47.1 | 3.12.39-47.1 | Apr 5, 2015 | drivers/xen/usbback/usbback.c in linux-2.6.18-xen-3.4.0 (aka the Xen 3.4.x support patches for the Linux kernel 2.6.18), as used in the Linux kernel 2.6.x and 3.x in SUSE Linux distributions, allows guest OS users to obtain sensitive information from uninitialized locations in ho | ||
| CVE-2014-8159 | — | < 3.12.43-52.6.1 | 3.12.43-52.6.1 | Mar 16, 2015 | The InfiniBand (IB) implementation in the Linux kernel package before 2.6.32-504.12.2 on Red Hat Enterprise Linux (RHEL) 6 does not properly restrict use of User Verbs for registration of memory regions, which allows local users to access arbitrary physical memory locations, and | ||
| CVE-2014-7822 | — | < 3.12.38-44.1 | 3.12.38-44.1 | Mar 16, 2015 | The implementation of certain splice_write file operations in the Linux kernel before 3.16 does not enforce a restriction on the maximum size of a single file, which allows local users to cause a denial of service (system crash) or possibly have unspecified other impact via a cra | ||
| CVE-2015-2150 | — | < 3.12.39-47.1 | 3.12.39-47.1 | Mar 12, 2015 | Xen 3.3.x through 4.5.x and the Linux kernel through 3.19.1 do not properly restrict access to PCI command registers, which might allow local guest OS users to cause a denial of service (non-maskable interrupt and host crash) by disabling the (1) memory or (2) I/O decoding for a | ||
| CVE-2014-8160 | — | < 3.12.38-44.1 | 3.12.38-44.1 | Mar 2, 2015 | net/netfilter/nf_conntrack_proto_generic.c in the Linux kernel before 3.18 generates incorrect conntrack entries during handling of certain iptables rule sets for the SCTP, DCCP, GRE, and UDP-Lite protocols, which allows remote attackers to bypass intended access restrictions via | ||
| CVE-2014-9584 | — | < 3.12.38-44.1 | 3.12.38-44.1 | Jan 9, 2015 | The parse_rock_ridge_inode_internal function in fs/isofs/rock.c in the Linux kernel before 3.18.2 does not validate a length value in the Extensions Reference (ER) System Use Field, which allows local users to obtain sensitive information from kernel memory via a crafted iso9660 | ||
| CVE-2014-9419 | — | < 3.12.38-44.1 | 3.12.38-44.1 | Dec 26, 2014 | The __switch_to function in arch/x86/kernel/process_64.c in the Linux kernel through 3.18.1 does not ensure that Thread Local Storage (TLS) descriptors are loaded before proceeding with other steps, which makes it easier for local users to bypass the ASLR protection mechanism via | ||
| CVE-2014-7841 | — | < 3.12.38-44.1 | 3.12.38-44.1 | Nov 30, 2014 | The sctp_process_param function in net/sctp/sm_make_chunk.c in the SCTP implementation in the Linux kernel before 3.17.4, when ASCONF is used, allows remote attackers to cause a denial of service (NULL pointer dereference and system crash) via a malformed INIT chunk. | ||
| CVE-2014-8559 | Med | 5.5 | < 3.12.38-44.1 | 3.12.38-44.1 | Nov 10, 2014 | The d_walk function in fs/dcache.c in the Linux kernel through 3.17.2 does not properly maintain the semantics of rename_lock, which allows local users to cause a denial of service (deadlock and system hang) via a crafted application. | |
| CVE-2014-3687 | Hig | 7.5 | < 3.12.38-44.1 | 3.12.38-44.1 | Nov 10, 2014 | The sctp_assoc_lookup_asconf_ack function in net/sctp/associola.c in the SCTP implementation in the Linux kernel through 3.17.2 allows remote attackers to cause a denial of service (panic) via duplicate ASCONF chunks that trigger an incorrect uncork within the side-effect interpr | |
| CVE-2014-3673 | Hig | 7.5 | < 3.12.38-44.1 | 3.12.38-44.1 | Nov 10, 2014 | The SCTP implementation in the Linux kernel through 3.17.2 allows remote attackers to cause a denial of service (system crash) via a malformed ASCONF chunk, related to net/sctp/sm_make_chunk.c and net/sctp/sm_statefuns.c. | |
| CVE-2014-3647 | Med | 5.5 | < 3.12.43-52.6.1 | 3.12.43-52.6.1 | Nov 10, 2014 | arch/x86/kvm/emulate.c in the KVM subsystem in the Linux kernel through 3.17.2 does not properly perform RIP changes, which allows guest OS users to cause a denial of service (guest OS crash) via a crafted application. | |
| CVE-2014-8086 | Med | 4.7 | < 3.12.43-52.6.1 | 3.12.43-52.6.1 | Oct 13, 2014 | Race condition in the ext4_file_write_iter function in fs/ext4/file.c in the Linux kernel through 3.17 allows local users to cause a denial of service (file unavailability) via a combination of a write action and an F_SETFL fcntl operation for the O_DIRECT flag. |
- CVE-2015-2830May 27, 2015affected < 3.12.43-52.6.1fixed 3.12.43-52.6.1
arch/x86/kernel/entry_64.S in the Linux kernel before 3.19.2 does not prevent the TS_COMPAT flag from reaching a user-mode task, which might allow local users to bypass the seccomp or audit protection mechanism via a crafted application that uses the (1) fork or (2) close system
- CVE-2015-2666May 27, 2015affected < 3.12.43-52.6.1fixed 3.12.43-52.6.1
Stack-based buffer overflow in the get_matching_model_microcode function in arch/x86/kernel/cpu/microcode/intel_early.c in the Linux kernel before 4.0 allows context-dependent attackers to gain privileges by constructing a crafted microcode header and leveraging root privileges f
- CVE-2015-2042Apr 21, 2015affected < 3.12.43-52.6.1fixed 3.12.43-52.6.1
net/rds/sysctl.c in the Linux kernel before 3.19 uses an incorrect data type in a sysctl table, which allows local users to obtain potentially sensitive information from kernel memory or possibly have unspecified other impact by accessing a sysctl entry.
- CVE-2015-2041Apr 21, 2015affected < 3.12.43-52.6.1fixed 3.12.43-52.6.1
net/llc/sysctl_net_llc.c in the Linux kernel before 3.19 uses an incorrect data type in a sysctl table, which allows local users to obtain potentially sensitive information from kernel memory or possibly have unspecified other impact by accessing a sysctl entry.
- CVE-2015-1465Apr 5, 2015affected < 3.12.43-52.6.1fixed 3.12.43-52.6.1
The IPv4 implementation in the Linux kernel before 3.18.8 does not properly consider the length of the Read-Copy Update (RCU) grace period for redirecting lookups in the absence of caching, which allows remote attackers to cause a denial of service (memory consumption or system c
- CVE-2015-0777Apr 5, 2015affected < 3.12.39-47.1fixed 3.12.39-47.1
drivers/xen/usbback/usbback.c in linux-2.6.18-xen-3.4.0 (aka the Xen 3.4.x support patches for the Linux kernel 2.6.18), as used in the Linux kernel 2.6.x and 3.x in SUSE Linux distributions, allows guest OS users to obtain sensitive information from uninitialized locations in ho
- CVE-2014-8159Mar 16, 2015affected < 3.12.43-52.6.1fixed 3.12.43-52.6.1
The InfiniBand (IB) implementation in the Linux kernel package before 2.6.32-504.12.2 on Red Hat Enterprise Linux (RHEL) 6 does not properly restrict use of User Verbs for registration of memory regions, which allows local users to access arbitrary physical memory locations, and
- CVE-2014-7822Mar 16, 2015affected < 3.12.38-44.1fixed 3.12.38-44.1
The implementation of certain splice_write file operations in the Linux kernel before 3.16 does not enforce a restriction on the maximum size of a single file, which allows local users to cause a denial of service (system crash) or possibly have unspecified other impact via a cra
- CVE-2015-2150Mar 12, 2015affected < 3.12.39-47.1fixed 3.12.39-47.1
Xen 3.3.x through 4.5.x and the Linux kernel through 3.19.1 do not properly restrict access to PCI command registers, which might allow local guest OS users to cause a denial of service (non-maskable interrupt and host crash) by disabling the (1) memory or (2) I/O decoding for a
- CVE-2014-8160Mar 2, 2015affected < 3.12.38-44.1fixed 3.12.38-44.1
net/netfilter/nf_conntrack_proto_generic.c in the Linux kernel before 3.18 generates incorrect conntrack entries during handling of certain iptables rule sets for the SCTP, DCCP, GRE, and UDP-Lite protocols, which allows remote attackers to bypass intended access restrictions via
- CVE-2014-9584Jan 9, 2015affected < 3.12.38-44.1fixed 3.12.38-44.1
The parse_rock_ridge_inode_internal function in fs/isofs/rock.c in the Linux kernel before 3.18.2 does not validate a length value in the Extensions Reference (ER) System Use Field, which allows local users to obtain sensitive information from kernel memory via a crafted iso9660
- CVE-2014-9419Dec 26, 2014affected < 3.12.38-44.1fixed 3.12.38-44.1
The __switch_to function in arch/x86/kernel/process_64.c in the Linux kernel through 3.18.1 does not ensure that Thread Local Storage (TLS) descriptors are loaded before proceeding with other steps, which makes it easier for local users to bypass the ASLR protection mechanism via
- CVE-2014-7841Nov 30, 2014affected < 3.12.38-44.1fixed 3.12.38-44.1
The sctp_process_param function in net/sctp/sm_make_chunk.c in the SCTP implementation in the Linux kernel before 3.17.4, when ASCONF is used, allows remote attackers to cause a denial of service (NULL pointer dereference and system crash) via a malformed INIT chunk.
- affected < 3.12.38-44.1fixed 3.12.38-44.1
The d_walk function in fs/dcache.c in the Linux kernel through 3.17.2 does not properly maintain the semantics of rename_lock, which allows local users to cause a denial of service (deadlock and system hang) via a crafted application.
- affected < 3.12.38-44.1fixed 3.12.38-44.1
The sctp_assoc_lookup_asconf_ack function in net/sctp/associola.c in the SCTP implementation in the Linux kernel through 3.17.2 allows remote attackers to cause a denial of service (panic) via duplicate ASCONF chunks that trigger an incorrect uncork within the side-effect interpr
- affected < 3.12.38-44.1fixed 3.12.38-44.1
The SCTP implementation in the Linux kernel through 3.17.2 allows remote attackers to cause a denial of service (system crash) via a malformed ASCONF chunk, related to net/sctp/sm_make_chunk.c and net/sctp/sm_statefuns.c.
- affected < 3.12.43-52.6.1fixed 3.12.43-52.6.1
arch/x86/kvm/emulate.c in the KVM subsystem in the Linux kernel through 3.17.2 does not properly perform RIP changes, which allows guest OS users to cause a denial of service (guest OS crash) via a crafted application.
- affected < 3.12.43-52.6.1fixed 3.12.43-52.6.1
Race condition in the ext4_file_write_iter function in fs/ext4/file.c in the Linux kernel through 3.17 allows local users to cause a denial of service (file unavailability) via a combination of a write action and an F_SETFL fcntl operation for the O_DIRECT flag.
Page 5 of 5