rpm package
suse/kernel-syms-azure&distro=SUSE Linux Enterprise Server 12 SP3
pkg:rpm/suse/kernel-syms-azure&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP3
Vulnerabilities (67)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2018-3639 | — | < 4.4.170-4.22.1 | 4.4.170-4.22.1 | May 22, 2018 | Systems with microprocessors utilizing speculative execution and speculative execution of memory reads before the addresses of all prior memory writes are known may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis, aka | ||
| CVE-2018-10940 | — | < 4.4.155-4.16.1 | 4.4.155-4.16.1 | May 9, 2018 | The cdrom_ioctl_media_changed function in drivers/cdrom/cdrom.c in the Linux kernel before 4.16.6 allows local attackers to use a incorrect bounds check in the CDROM driver CDROM_MEDIA_CHANGED ioctl to read out kernel memory. | ||
| CVE-2017-18249 | — | < 4.4.176-4.25.1 | 4.4.176-4.25.1 | Mar 26, 2018 | The add_free_nid function in fs/f2fs/node.c in the Linux kernel before 4.12 does not properly track an allocated nid, which allows local users to cause a denial of service (race condition) or possibly have unspecified other impact via concurrent threads. | ||
| CVE-2018-7757 | — | < 4.4.162-4.19.1 | 4.4.162-4.19.1 | Mar 8, 2018 | Memory leak in the sas_smp_get_phy_events function in drivers/scsi/libsas/sas_expander.c in the Linux kernel through 4.15.7 allows local users to cause a denial of service (memory consumption) via many read accesses to files in the /sys/class/sas_phy directory, as demonstrated by | ||
| CVE-2018-7480 | — | < 4.4.162-4.19.1 | 4.4.162-4.19.1 | Feb 25, 2018 | The blkcg_init_queue function in block/blk-cgroup.c in the Linux kernel before 4.11 allows local users to cause a denial of service (double free) or possibly have unspecified other impact by triggering a creation failure. | ||
| CVE-2017-16939 | Hig | 7.8 | < 4.4.170-4.22.1 | 4.4.170-4.22.1 | Nov 24, 2017 | The XFRM dump policy implementation in net/xfrm/xfrm_user.c in the Linux kernel before 4.13.11 allows local users to gain privileges or cause a denial of service (use-after-free) via a crafted SO_RCVBUF setsockopt system call in conjunction with XFRM_MSG_GETPOLICY Netlink message | |
| CVE-2013-4343 | — | < 4.4.180-4.31.1 | 4.4.180-4.31.1 | Sep 25, 2013 | Use-after-free vulnerability in drivers/net/tun.c in the Linux kernel through 3.11.1 allows local users to gain privileges by leveraging the CAP_NET_ADMIN capability and providing an invalid tuntap interface name in a TUNSETIFF ioctl call. |
- CVE-2018-3639May 22, 2018affected < 4.4.170-4.22.1fixed 4.4.170-4.22.1
Systems with microprocessors utilizing speculative execution and speculative execution of memory reads before the addresses of all prior memory writes are known may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis, aka
- CVE-2018-10940May 9, 2018affected < 4.4.155-4.16.1fixed 4.4.155-4.16.1
The cdrom_ioctl_media_changed function in drivers/cdrom/cdrom.c in the Linux kernel before 4.16.6 allows local attackers to use a incorrect bounds check in the CDROM driver CDROM_MEDIA_CHANGED ioctl to read out kernel memory.
- CVE-2017-18249Mar 26, 2018affected < 4.4.176-4.25.1fixed 4.4.176-4.25.1
The add_free_nid function in fs/f2fs/node.c in the Linux kernel before 4.12 does not properly track an allocated nid, which allows local users to cause a denial of service (race condition) or possibly have unspecified other impact via concurrent threads.
- CVE-2018-7757Mar 8, 2018affected < 4.4.162-4.19.1fixed 4.4.162-4.19.1
Memory leak in the sas_smp_get_phy_events function in drivers/scsi/libsas/sas_expander.c in the Linux kernel through 4.15.7 allows local users to cause a denial of service (memory consumption) via many read accesses to files in the /sys/class/sas_phy directory, as demonstrated by
- CVE-2018-7480Feb 25, 2018affected < 4.4.162-4.19.1fixed 4.4.162-4.19.1
The blkcg_init_queue function in block/blk-cgroup.c in the Linux kernel before 4.11 allows local users to cause a denial of service (double free) or possibly have unspecified other impact by triggering a creation failure.
- affected < 4.4.170-4.22.1fixed 4.4.170-4.22.1
The XFRM dump policy implementation in net/xfrm/xfrm_user.c in the Linux kernel before 4.13.11 allows local users to gain privileges or cause a denial of service (use-after-free) via a crafted SO_RCVBUF setsockopt system call in conjunction with XFRM_MSG_GETPOLICY Netlink message
- CVE-2013-4343Sep 25, 2013affected < 4.4.180-4.31.1fixed 4.4.180-4.31.1
Use-after-free vulnerability in drivers/net/tun.c in the Linux kernel through 3.11.1 allows local users to gain privileges by leveraging the CAP_NET_ADMIN capability and providing an invalid tuntap interface name in a TUNSETIFF ioctl call.
Page 4 of 4