rpm package

suse/kernel-syms&distro=SUSE Linux Enterprise Point of Sale 11 SP3

pkg:rpm/suse/kernel-syms&distro=SUSE%20Linux%20Enterprise%20Point%20of%20Sale%2011%20SP3

Vulnerabilities (198)

CVE	Sev	CVSS	Affected versions	Fixed in	Published	Description
CVE-2017-18017		—	< 3.0.101-0.47.106.19.1	3.0.101-0.47.106.19.1	Jan 3, 2018	The tcpmss_mangle_packet function in net/netfilter/xt_TCPMSS.c in the Linux kernel before 4.11, and 4.9.x before 4.9.36, allows remote attackers to cause a denial of service (use-after-free and memory corruption) or possibly have unspecified other impact by leveraging the presenc
CVE-2017-17806	Hig	7.8	< 3.0.101-0.47.106.11.1	3.0.101-0.47.106.11.1	Dec 20, 2017	The HMAC implementation (crypto/hmac.c) in the Linux kernel before 4.14.8 does not validate that the underlying cryptographic hash algorithm is unkeyed, allowing a local attacker able to use the AF_ALG-based hash interface (CONFIG_CRYPTO_USER_API_HASH) and the SHA-3 hash algorith
CVE-2017-17805	Hig	7.8	< 3.0.101-0.47.106.11.1	3.0.101-0.47.106.11.1	Dec 20, 2017	The Salsa20 encryption algorithm in the Linux kernel before 4.14.8 does not correctly handle zero-length inputs, allowing a local attacker able to use the AF_ALG-based skcipher interface (CONFIG_CRYPTO_USER_API_SKCIPHER) to cause a denial of service (uninitialized-memory free and
CVE-2017-17741	Med	6.5	< 3.0.101-0.47.106.19.1	3.0.101-0.47.106.19.1	Dec 18, 2017	The KVM implementation in the Linux kernel through 4.14.7 allows attackers to obtain potentially sensitive information from kernel memory, aka a write_mmio stack-based out-of-bounds read, related to arch/x86/kvm/x86.c and include/trace/events/kvm.h.
CVE-2017-17558	Med	6.6	< 3.0.101-0.47.106.11.1	3.0.101-0.47.106.11.1	Dec 12, 2017	The usb_destroy_configuration function in drivers/usb/core/config.c in the USB core subsystem in the Linux kernel through 4.14.5 does not consider the maximum number of configurations and interfaces before attempting to release resources, which allows local users to cause a denia
CVE-2017-1000407	Hig	7.4	< 3.0.101-0.47.106.59.1	3.0.101-0.47.106.59.1	Dec 11, 2017	The Linux Kernel 2.6.32 and later are affected by a denial of service, by flooding the diagnostic port 0x80 an exception can be triggered leading to a kernel panic.
CVE-2017-17450	Hig	7.8	< 3.0.101-0.47.106.11.1	3.0.101-0.47.106.11.1	Dec 7, 2017	net/netfilter/xt_osf.c in the Linux kernel through 4.14.4 does not require the CAP_NET_ADMIN capability for add_callback and remove_callback operations, which allows local users to bypass intended access restrictions because the xt_osf_fingers data structure is shared across all
CVE-2017-13167	Hig	7.8	< 3.0.101-0.47.106.11.1	3.0.101-0.47.106.11.1	Dec 6, 2017	An elevation of privilege vulnerability in the kernel sound timer. Product: Android. Versions: Android kernel. Android ID A-37240993.
CVE-2017-13166	Hig	7.8	< 3.0.101-0.47.106.22.1	3.0.101-0.47.106.22.1	Dec 6, 2017	An elevation of privilege vulnerability in the kernel v4l2 video driver. Product: Android. Versions: Android kernel. Android ID A-34624167.
CVE-2017-15868	Hig	7.8	< 3.0.101-0.47.106.11.1	3.0.101-0.47.106.11.1	Dec 5, 2017	The bnep_add_connection function in net/bluetooth/bnep/core.c in the Linux kernel before 3.19 does not ensure that an l2cap socket is available, which allows local users to gain privileges via a crafted application.
CVE-2017-8824	Hig	7.8	< 3.0.101-0.47.106.11.1	3.0.101-0.47.106.11.1	Dec 5, 2017	The dccp_disconnect function in net/dccp/proto.c in the Linux kernel through 4.14.3 allows local users to gain privileges or cause a denial of service (use-after-free) via an AF_UNSPEC connect system call during the DCCP_LISTEN state.
CVE-2017-16939	Hig	7.8	< 3.0.101-0.47.106.11.1	3.0.101-0.47.106.11.1	Nov 24, 2017	The XFRM dump policy implementation in net/xfrm/xfrm_user.c in the Linux kernel before 4.13.11 allows local users to gain privileges or cause a denial of service (use-after-free) via a crafted SO_RCVBUF setsockopt system call in conjunction with XFRM_MSG_GETPOLICY Netlink message
CVE-2017-12190	Med	6.5	< 3.0.101-0.47.106.22.1	3.0.101-0.47.106.22.1	Nov 22, 2017	The bio_map_user_iov and bio_unmap_user functions in block/bio.c in the Linux kernel before 4.13.8 do unbalanced refcounting when a SCSI I/O vector has small consecutive buffers belonging to the same page. The bio_add_pc_page function merges them into one, but the page reference
CVE-2017-0861	Hig	7.8	< 3.0.101-0.47.106.22.1	3.0.101-0.47.106.22.1	Nov 16, 2017	Use-after-free vulnerability in the snd_pcm_info function in the ALSA subsystem in the Linux kernel allows attackers to gain privileges via unspecified vectors.
CVE-2017-15115	Hig	7.8	< 3.0.101-0.47.106.11.1	3.0.101-0.47.106.11.1	Nov 15, 2017	The sctp_do_peeloff function in net/sctp/socket.c in the Linux kernel before 4.14 does not check whether the intended netns is used in a peel-off action, which allows local users to cause a denial of service (use-after-free and system crash) or possibly have unspecified other imp
CVE-2017-15102	Med	6.3	< 3.0.101-0.47.106.11.1	3.0.101-0.47.106.11.1	Nov 15, 2017	The tower_probe function in drivers/usb/misc/legousbtower.c in the Linux kernel before 4.8.1 allows local users (who are physically proximate for inserting a crafted USB device) to gain privileges by leveraging a write-what-where condition that occurs after a race condition and a
CVE-2017-16649	Med	6.6	< 3.0.101-0.47.106.11.1	3.0.101-0.47.106.11.1	Nov 7, 2017	The usbnet_generic_cdc_bind function in drivers/net/usb/cdc_ether.c in the Linux kernel through 4.13.11 allows local users to cause a denial of service (divide-by-zero error and system crash) or possibly have unspecified other impact via a crafted USB device.
CVE-2017-16644	Med	6.6	< 3.0.101-0.47.106.22.1	3.0.101-0.47.106.22.1	Nov 7, 2017	The hdpvr_probe function in drivers/media/usb/hdpvr/hdpvr-core.c in the Linux kernel through 4.13.11 allows local users to cause a denial of service (improper error handling and system crash) or possibly have unspecified other impact via a crafted USB device.
CVE-2017-16538	Med	6.6	< 3.0.101-0.47.106.11.1	3.0.101-0.47.106.11.1	Nov 4, 2017	drivers/media/usb/dvb-usb-v2/lmedm04.c in the Linux kernel through 4.13.11 allows local users to cause a denial of service (general protection fault and system crash) or possibly have unspecified other impact via a crafted USB device, related to a missing warm-start check and inc
CVE-2017-16537	Med	6.6	< 3.0.101-0.47.106.11.1	3.0.101-0.47.106.11.1	Nov 4, 2017	The imon_probe function in drivers/media/rc/imon.c in the Linux kernel through 4.13.11 allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact via a crafted USB device.

CVE-2017-18017Jan 3, 2018
affected < 3.0.101-0.47.106.19.1fixed 3.0.101-0.47.106.19.1
The tcpmss_mangle_packet function in net/netfilter/xt_TCPMSS.c in the Linux kernel before 4.11, and 4.9.x before 4.9.36, allows remote attackers to cause a denial of service (use-after-free and memory corruption) or possibly have unspecified other impact by leveraging the presenc
CVE-2017-17806HigDec 20, 2017
affected < 3.0.101-0.47.106.11.1fixed 3.0.101-0.47.106.11.1
The HMAC implementation (crypto/hmac.c) in the Linux kernel before 4.14.8 does not validate that the underlying cryptographic hash algorithm is unkeyed, allowing a local attacker able to use the AF_ALG-based hash interface (CONFIG_CRYPTO_USER_API_HASH) and the SHA-3 hash algorith
CVE-2017-17805HigDec 20, 2017
affected < 3.0.101-0.47.106.11.1fixed 3.0.101-0.47.106.11.1
The Salsa20 encryption algorithm in the Linux kernel before 4.14.8 does not correctly handle zero-length inputs, allowing a local attacker able to use the AF_ALG-based skcipher interface (CONFIG_CRYPTO_USER_API_SKCIPHER) to cause a denial of service (uninitialized-memory free and
CVE-2017-17741MedDec 18, 2017
affected < 3.0.101-0.47.106.19.1fixed 3.0.101-0.47.106.19.1
The KVM implementation in the Linux kernel through 4.14.7 allows attackers to obtain potentially sensitive information from kernel memory, aka a write_mmio stack-based out-of-bounds read, related to arch/x86/kvm/x86.c and include/trace/events/kvm.h.
CVE-2017-17558MedDec 12, 2017
affected < 3.0.101-0.47.106.11.1fixed 3.0.101-0.47.106.11.1
The usb_destroy_configuration function in drivers/usb/core/config.c in the USB core subsystem in the Linux kernel through 4.14.5 does not consider the maximum number of configurations and interfaces before attempting to release resources, which allows local users to cause a denia
CVE-2017-1000407HigDec 11, 2017
affected < 3.0.101-0.47.106.59.1fixed 3.0.101-0.47.106.59.1
The Linux Kernel 2.6.32 and later are affected by a denial of service, by flooding the diagnostic port 0x80 an exception can be triggered leading to a kernel panic.
CVE-2017-17450HigDec 7, 2017
affected < 3.0.101-0.47.106.11.1fixed 3.0.101-0.47.106.11.1
net/netfilter/xt_osf.c in the Linux kernel through 4.14.4 does not require the CAP_NET_ADMIN capability for add_callback and remove_callback operations, which allows local users to bypass intended access restrictions because the xt_osf_fingers data structure is shared across all
CVE-2017-13167HigDec 6, 2017
affected < 3.0.101-0.47.106.11.1fixed 3.0.101-0.47.106.11.1
An elevation of privilege vulnerability in the kernel sound timer. Product: Android. Versions: Android kernel. Android ID A-37240993.
CVE-2017-13166HigDec 6, 2017
affected < 3.0.101-0.47.106.22.1fixed 3.0.101-0.47.106.22.1
An elevation of privilege vulnerability in the kernel v4l2 video driver. Product: Android. Versions: Android kernel. Android ID A-34624167.
CVE-2017-15868HigDec 5, 2017
affected < 3.0.101-0.47.106.11.1fixed 3.0.101-0.47.106.11.1
The bnep_add_connection function in net/bluetooth/bnep/core.c in the Linux kernel before 3.19 does not ensure that an l2cap socket is available, which allows local users to gain privileges via a crafted application.
CVE-2017-8824HigDec 5, 2017
affected < 3.0.101-0.47.106.11.1fixed 3.0.101-0.47.106.11.1
The dccp_disconnect function in net/dccp/proto.c in the Linux kernel through 4.14.3 allows local users to gain privileges or cause a denial of service (use-after-free) via an AF_UNSPEC connect system call during the DCCP_LISTEN state.
CVE-2017-16939HigNov 24, 2017
affected < 3.0.101-0.47.106.11.1fixed 3.0.101-0.47.106.11.1
The XFRM dump policy implementation in net/xfrm/xfrm_user.c in the Linux kernel before 4.13.11 allows local users to gain privileges or cause a denial of service (use-after-free) via a crafted SO_RCVBUF setsockopt system call in conjunction with XFRM_MSG_GETPOLICY Netlink message
CVE-2017-12190MedNov 22, 2017
affected < 3.0.101-0.47.106.22.1fixed 3.0.101-0.47.106.22.1
The bio_map_user_iov and bio_unmap_user functions in block/bio.c in the Linux kernel before 4.13.8 do unbalanced refcounting when a SCSI I/O vector has small consecutive buffers belonging to the same page. The bio_add_pc_page function merges them into one, but the page reference
CVE-2017-0861HigNov 16, 2017
affected < 3.0.101-0.47.106.22.1fixed 3.0.101-0.47.106.22.1
Use-after-free vulnerability in the snd_pcm_info function in the ALSA subsystem in the Linux kernel allows attackers to gain privileges via unspecified vectors.
CVE-2017-15115HigNov 15, 2017
affected < 3.0.101-0.47.106.11.1fixed 3.0.101-0.47.106.11.1
The sctp_do_peeloff function in net/sctp/socket.c in the Linux kernel before 4.14 does not check whether the intended netns is used in a peel-off action, which allows local users to cause a denial of service (use-after-free and system crash) or possibly have unspecified other imp
CVE-2017-15102MedNov 15, 2017
affected < 3.0.101-0.47.106.11.1fixed 3.0.101-0.47.106.11.1
The tower_probe function in drivers/usb/misc/legousbtower.c in the Linux kernel before 4.8.1 allows local users (who are physically proximate for inserting a crafted USB device) to gain privileges by leveraging a write-what-where condition that occurs after a race condition and a
CVE-2017-16649MedNov 7, 2017
affected < 3.0.101-0.47.106.11.1fixed 3.0.101-0.47.106.11.1
The usbnet_generic_cdc_bind function in drivers/net/usb/cdc_ether.c in the Linux kernel through 4.13.11 allows local users to cause a denial of service (divide-by-zero error and system crash) or possibly have unspecified other impact via a crafted USB device.
CVE-2017-16644MedNov 7, 2017
affected < 3.0.101-0.47.106.22.1fixed 3.0.101-0.47.106.22.1
The hdpvr_probe function in drivers/media/usb/hdpvr/hdpvr-core.c in the Linux kernel through 4.13.11 allows local users to cause a denial of service (improper error handling and system crash) or possibly have unspecified other impact via a crafted USB device.
CVE-2017-16538MedNov 4, 2017
affected < 3.0.101-0.47.106.11.1fixed 3.0.101-0.47.106.11.1
drivers/media/usb/dvb-usb-v2/lmedm04.c in the Linux kernel through 4.13.11 allows local users to cause a denial of service (general protection fault and system crash) or possibly have unspecified other impact via a crafted USB device, related to a missing warm-start check and inc
CVE-2017-16537MedNov 4, 2017
affected < 3.0.101-0.47.106.11.1fixed 3.0.101-0.47.106.11.1
The imon_probe function in drivers/media/rc/imon.c in the Linux kernel through 4.13.11 allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact via a crafted USB device.

Page 4 of 10