rpm package
suse/kernel-syms&distro=SUSE OpenStack Cloud 7
pkg:rpm/suse/kernel-syms&distro=SUSE%20OpenStack%20Cloud%207
Vulnerabilities (307)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2018-1065 | Med | 4.7 | < 4.4.121-92.85.1 | 4.4.121-92.85.1 | Mar 2, 2018 | The netfilter subsystem in the Linux kernel through 4.15.7 mishandles the case of a rule blob that contains a jump but lacks a user-defined chain, which allows local users to cause a denial of service (NULL pointer dereference) by leveraging the CAP_NET_RAW or CAP_NET_ADMIN capab | |
| CVE-2017-18204 | Med | 5.5 | < 4.4.121-92.146.1 | 4.4.121-92.146.1 | Feb 27, 2018 | The ocfs2_setattr function in fs/ocfs2/file.c in the Linux kernel before 4.14.2 allows local users to cause a denial of service (deadlock) via DIO requests. | |
| CVE-2018-7492 | Med | 5.5 | < 4.4.121-92.85.1 | 4.4.121-92.85.1 | Feb 26, 2018 | A NULL pointer dereference was found in the net/rds/rdma.c __rds_rdma_map() function in the Linux kernel before 4.14.7 allowing local attackers to cause a system panic and a denial-of-service, related to RDS_GET_MR and RDS_GET_MR_FOR_DEST. | |
| CVE-2018-7480 | Hig | 7.8 | < 4.4.121-92.95.1 | 4.4.121-92.95.1 | Feb 25, 2018 | The blkcg_init_queue function in block/blk-cgroup.c in the Linux kernel before 4.11 allows local users to cause a denial of service (double free) or possibly have unspecified other impact by triggering a creation failure. | |
| CVE-2017-18174 | Cri | 9.8 | < 4.4.121-92.109.2 | 4.4.121-92.109.2 | Feb 11, 2018 | In the Linux kernel before 4.7, the amd_gpio_remove function in drivers/pinctrl/pinctrl-amd.c calls the pinctrl_unregister function, leading to a double free. | |
| CVE-2017-17741 | Med | 6.5 | < 4.4.121-92.109.2 | 4.4.121-92.109.2 | Dec 18, 2017 | The KVM implementation in the Linux kernel through 4.14.7 allows attackers to obtain potentially sensitive information from kernel memory, aka a write_mmio stack-based out-of-bounds read, related to arch/x86/kvm/x86.c and include/trace/events/kvm.h. | |
| CVE-2016-8636 | Hig | 7.8 | < 4.4.121-92.109.2 | 4.4.121-92.109.2 | Feb 22, 2017 | Integer overflow in the mem_check_range function in drivers/infiniband/sw/rxe/rxe_mr.c in the Linux kernel before 4.9.10 allows local users to cause a denial of service (memory corruption), obtain sensitive information from kernel memory, or possibly have unspecified other impact |
- affected < 4.4.121-92.85.1fixed 4.4.121-92.85.1
The netfilter subsystem in the Linux kernel through 4.15.7 mishandles the case of a rule blob that contains a jump but lacks a user-defined chain, which allows local users to cause a denial of service (NULL pointer dereference) by leveraging the CAP_NET_RAW or CAP_NET_ADMIN capab
- affected < 4.4.121-92.146.1fixed 4.4.121-92.146.1
The ocfs2_setattr function in fs/ocfs2/file.c in the Linux kernel before 4.14.2 allows local users to cause a denial of service (deadlock) via DIO requests.
- affected < 4.4.121-92.85.1fixed 4.4.121-92.85.1
A NULL pointer dereference was found in the net/rds/rdma.c __rds_rdma_map() function in the Linux kernel before 4.14.7 allowing local attackers to cause a system panic and a denial-of-service, related to RDS_GET_MR and RDS_GET_MR_FOR_DEST.
- affected < 4.4.121-92.95.1fixed 4.4.121-92.95.1
The blkcg_init_queue function in block/blk-cgroup.c in the Linux kernel before 4.11 allows local users to cause a denial of service (double free) or possibly have unspecified other impact by triggering a creation failure.
- affected < 4.4.121-92.109.2fixed 4.4.121-92.109.2
In the Linux kernel before 4.7, the amd_gpio_remove function in drivers/pinctrl/pinctrl-amd.c calls the pinctrl_unregister function, leading to a double free.
- affected < 4.4.121-92.109.2fixed 4.4.121-92.109.2
The KVM implementation in the Linux kernel through 4.14.7 allows attackers to obtain potentially sensitive information from kernel memory, aka a write_mmio stack-based out-of-bounds read, related to arch/x86/kvm/x86.c and include/trace/events/kvm.h.
- affected < 4.4.121-92.109.2fixed 4.4.121-92.109.2
Integer overflow in the mem_check_range function in drivers/infiniband/sw/rxe/rxe_mr.c in the Linux kernel before 4.9.10 allows local users to cause a denial of service (memory corruption), obtain sensitive information from kernel memory, or possibly have unspecified other impact
Page 16 of 16