rpm package

suse/kernel-xen&distro=SUSE Linux Enterprise Point of Sale 11 SP3

pkg:rpm/suse/kernel-xen&distro=SUSE%20Linux%20Enterprise%20Point%20of%20Sale%2011%20SP3

Vulnerabilities (198)

CVE	Sev	CVSS	Affected versions	Fixed in	Published	Description
CVE-2017-7616	Med	5.5	< 3.0.101-0.47.106.5.1	3.0.101-0.47.106.5.1	Apr 10, 2017	Incorrect error handling in the set_mempolicy and mbind compat syscalls in mm/mempolicy.c in the Linux kernel through 4.10.9 allows local users to obtain sensitive information from uninitialized stack data by triggering failure of a certain bitmap operation.
CVE-2017-2671	Med	5.5	< 3.0.101-0.47.106.5.1	3.0.101-0.47.106.5.1	Apr 5, 2017	The ping_unhash function in net/ipv4/ping.c in the Linux kernel through 4.10.8 is too late in obtaining a certain lock and consequently cannot ensure that disconnect function calls are safe, which allows local users to cause a denial of service (panic) by leveraging access to the
CVE-2017-2647	Hig	7.8	< 3.0.101-0.47.106.5.1	3.0.101-0.47.106.5.1	Mar 31, 2017	The KEYS subsystem in the Linux kernel before 3.18 allows local users to gain privileges or cause a denial of service (NULL pointer dereference and system crash) via vectors involving a NULL value for a certain match field, related to the keyring_search_iterator function in keyri
CVE-2017-7308	Hig	7.8	< 3.0.101-0.47.106.5.1	3.0.101-0.47.106.5.1	Mar 29, 2017	The packet_set_ring function in net/packet/af_packet.c in the Linux kernel through 4.10.6 does not properly validate certain block-size data, which allows local users to cause a denial of service (integer signedness error and out-of-bounds write), or gain privileges (if the CAP_N
CVE-2017-7294	Hig	7.8	< 3.0.101-0.47.106.5.1	3.0.101-0.47.106.5.1	Mar 29, 2017	The vmw_surface_define_ioctl function in drivers/gpu/drm/vmwgfx/vmwgfx_surface.c in the Linux kernel through 4.10.6 does not validate addition of certain levels data, which allows local users to trigger an integer overflow and out-of-bounds write, and cause a denial of service (s
CVE-2017-7273	Med	6.6	< 3.0.101-0.47.106.59.1	3.0.101-0.47.106.59.1	Mar 27, 2017	The cp_report_fixup function in drivers/hid/hid-cypress.c in the Linux kernel 3.2 and 4.x before 4.9.4 allows physically proximate attackers to cause a denial of service (integer underflow) or possibly have unspecified other impact via a crafted HID report.
CVE-2017-7261	Med	5.5	< 3.0.101-0.47.106.5.1	3.0.101-0.47.106.5.1	Mar 24, 2017	The vmw_surface_define_ioctl function in drivers/gpu/drm/vmwgfx/vmwgfx_surface.c in the Linux kernel through 4.10.5 does not check for a zero value of certain levels data, which allows local users to cause a denial of service (ZERO_SIZE_PTR dereference, and GPF and possibly panic
CVE-2017-7187	Hig	7.8	< 3.0.101-0.47.106.5.1	3.0.101-0.47.106.5.1	Mar 20, 2017	The sg_ioctl function in drivers/scsi/sg.c in the Linux kernel through 4.10.4 allows local users to cause a denial of service (stack-based buffer overflow) or possibly have unspecified other impact via a large command size in an SG_NEXT_CMD_LEN ioctl call, leading to out-of-bound
CVE-2017-7184	Hig	7.8	< 3.0.101-0.47.106.5.1	3.0.101-0.47.106.5.1	Mar 19, 2017	The xfrm_replay_verify_len function in net/xfrm/xfrm_user.c in the Linux kernel through 4.10.6 does not validate certain size data after an XFRM_MSG_NEWAE update, which allows local users to obtain root privileges or cause a denial of service (heap-based out-of-bounds access) by
CVE-2017-6951	Med	5.5	< 3.0.101-0.47.106.5.1	3.0.101-0.47.106.5.1	Mar 16, 2017	The keyring_search_aux function in security/keys/keyring.c in the Linux kernel through 3.14.79 allows local users to cause a denial of service (NULL pointer dereference and OOPS) via a request_key system call for the "dead" type.
CVE-2017-2636	Hig	7.0	< 3.0.101-0.47.99.1	3.0.101-0.47.99.1	Mar 7, 2017	Race condition in drivers/tty/n_hdlc.c in the Linux kernel through 4.10.1 allows local users to gain privileges or cause a denial of service (double free) by setting the HDLC line discipline.
CVE-2016-10200	Hig	7.0	< 3.0.101-0.47.106.5.1	3.0.101-0.47.106.5.1	Mar 7, 2017	Race condition in the L2TPv3 IP Encapsulation feature in the Linux kernel before 4.8.14 allows local users to gain privileges or cause a denial of service (use-after-free) by making multiple bind system calls without properly ascertaining whether a socket has the SOCK_ZAPPED stat
CVE-2017-6353	Med	5.5	< 3.0.101-0.47.106.5.1	3.0.101-0.47.106.5.1	Mar 1, 2017	net/sctp/socket.c in the Linux kernel through 4.10.1 does not properly restrict association peel-off operations during certain wait states, which allows local users to cause a denial of service (invalid unlock and double free) via a multithreaded application. NOTE: this vulnerab
CVE-2017-6348	Med	5.5	< 3.0.101-0.47.106.5.1	3.0.101-0.47.106.5.1	Mar 1, 2017	The hashbin_delete function in net/irda/irqueue.c in the Linux kernel before 4.9.13 improperly manages lock dropping, which allows local users to cause a denial of service (deadlock) via crafted operations on IrDA devices.
CVE-2017-5669	Hig	7.8	< 3.0.101-0.47.106.5.1	3.0.101-0.47.106.5.1	Feb 24, 2017	The do_shmat function in ipc/shm.c in the Linux kernel through 4.9.12 does not restrict the address calculated by a certain rounding operation, which allows local users to map page zero, and consequently bypass a protection mechanism that exists for the mmap system call, by makin
CVE-2017-6214	Hig	7.5	< 3.0.101-0.47.106.5.1	3.0.101-0.47.106.5.1	Feb 23, 2017	The tcp_splice_read function in net/ipv4/tcp.c in the Linux kernel before 4.9.11 allows remote attackers to cause a denial of service (infinite loop and soft lockup) via vectors involving a TCP packet with the URG flag.
CVE-2017-6074	Hig	7.8	< 3.0.101-0.47.106.5.1	3.0.101-0.47.106.5.1	Feb 18, 2017	The dccp_rcv_state_process function in net/dccp/input.c in the Linux kernel through 4.9.11 mishandles DCCP_PKT_REQUEST packet data structures in the LISTEN state, which allows local users to obtain root privileges or cause a denial of service (double free) via an application that
CVE-2017-5986	Med	5.5	< 3.0.101-0.47.106.5.1	3.0.101-0.47.106.5.1	Feb 18, 2017	Race condition in the sctp_wait_for_sndbuf function in net/sctp/socket.c in the Linux kernel before 4.9.11 allows local users to cause a denial of service (assertion failure and panic) via a multithreaded application that peels off an association in a certain buffer-full state.
CVE-2017-5970	Hig	7.5	< 3.0.101-0.47.106.5.1	3.0.101-0.47.106.5.1	Feb 14, 2017	The ipv4_pktinfo_prepare function in net/ipv4/ip_sockglue.c in the Linux kernel through 4.9.9 allows attackers to cause a denial of service (system crash) via (1) an application that makes crafted system calls or possibly (2) IPv4 traffic with invalid IP options.
CVE-2017-5551	Med	4.4	< 3.0.101-0.47.96.1	3.0.101-0.47.96.1	Feb 6, 2017	The simple_set_acl function in fs/posix_acl.c in the Linux kernel before 4.9.6 preserves the setgid bit during a setxattr call involving a tmpfs filesystem, which allows local users to gain group privileges by leveraging the existence of a setgid program with restrictions on exec

CVE-2017-7616MedApr 10, 2017
affected < 3.0.101-0.47.106.5.1fixed 3.0.101-0.47.106.5.1
Incorrect error handling in the set_mempolicy and mbind compat syscalls in mm/mempolicy.c in the Linux kernel through 4.10.9 allows local users to obtain sensitive information from uninitialized stack data by triggering failure of a certain bitmap operation.
CVE-2017-2671MedApr 5, 2017
affected < 3.0.101-0.47.106.5.1fixed 3.0.101-0.47.106.5.1
The ping_unhash function in net/ipv4/ping.c in the Linux kernel through 4.10.8 is too late in obtaining a certain lock and consequently cannot ensure that disconnect function calls are safe, which allows local users to cause a denial of service (panic) by leveraging access to the
CVE-2017-2647HigMar 31, 2017
affected < 3.0.101-0.47.106.5.1fixed 3.0.101-0.47.106.5.1
The KEYS subsystem in the Linux kernel before 3.18 allows local users to gain privileges or cause a denial of service (NULL pointer dereference and system crash) via vectors involving a NULL value for a certain match field, related to the keyring_search_iterator function in keyri
CVE-2017-7308HigMar 29, 2017
affected < 3.0.101-0.47.106.5.1fixed 3.0.101-0.47.106.5.1
The packet_set_ring function in net/packet/af_packet.c in the Linux kernel through 4.10.6 does not properly validate certain block-size data, which allows local users to cause a denial of service (integer signedness error and out-of-bounds write), or gain privileges (if the CAP_N
CVE-2017-7294HigMar 29, 2017
affected < 3.0.101-0.47.106.5.1fixed 3.0.101-0.47.106.5.1
The vmw_surface_define_ioctl function in drivers/gpu/drm/vmwgfx/vmwgfx_surface.c in the Linux kernel through 4.10.6 does not validate addition of certain levels data, which allows local users to trigger an integer overflow and out-of-bounds write, and cause a denial of service (s
CVE-2017-7273MedMar 27, 2017
affected < 3.0.101-0.47.106.59.1fixed 3.0.101-0.47.106.59.1
The cp_report_fixup function in drivers/hid/hid-cypress.c in the Linux kernel 3.2 and 4.x before 4.9.4 allows physically proximate attackers to cause a denial of service (integer underflow) or possibly have unspecified other impact via a crafted HID report.
CVE-2017-7261MedMar 24, 2017
affected < 3.0.101-0.47.106.5.1fixed 3.0.101-0.47.106.5.1
The vmw_surface_define_ioctl function in drivers/gpu/drm/vmwgfx/vmwgfx_surface.c in the Linux kernel through 4.10.5 does not check for a zero value of certain levels data, which allows local users to cause a denial of service (ZERO_SIZE_PTR dereference, and GPF and possibly panic
CVE-2017-7187HigMar 20, 2017
affected < 3.0.101-0.47.106.5.1fixed 3.0.101-0.47.106.5.1
The sg_ioctl function in drivers/scsi/sg.c in the Linux kernel through 4.10.4 allows local users to cause a denial of service (stack-based buffer overflow) or possibly have unspecified other impact via a large command size in an SG_NEXT_CMD_LEN ioctl call, leading to out-of-bound
CVE-2017-7184HigMar 19, 2017
affected < 3.0.101-0.47.106.5.1fixed 3.0.101-0.47.106.5.1
The xfrm_replay_verify_len function in net/xfrm/xfrm_user.c in the Linux kernel through 4.10.6 does not validate certain size data after an XFRM_MSG_NEWAE update, which allows local users to obtain root privileges or cause a denial of service (heap-based out-of-bounds access) by
CVE-2017-6951MedMar 16, 2017
affected < 3.0.101-0.47.106.5.1fixed 3.0.101-0.47.106.5.1
The keyring_search_aux function in security/keys/keyring.c in the Linux kernel through 3.14.79 allows local users to cause a denial of service (NULL pointer dereference and OOPS) via a request_key system call for the "dead" type.
CVE-2017-2636HigMar 7, 2017
affected < 3.0.101-0.47.99.1fixed 3.0.101-0.47.99.1
Race condition in drivers/tty/n_hdlc.c in the Linux kernel through 4.10.1 allows local users to gain privileges or cause a denial of service (double free) by setting the HDLC line discipline.
CVE-2016-10200HigMar 7, 2017
affected < 3.0.101-0.47.106.5.1fixed 3.0.101-0.47.106.5.1
Race condition in the L2TPv3 IP Encapsulation feature in the Linux kernel before 4.8.14 allows local users to gain privileges or cause a denial of service (use-after-free) by making multiple bind system calls without properly ascertaining whether a socket has the SOCK_ZAPPED stat
CVE-2017-6353MedMar 1, 2017
affected < 3.0.101-0.47.106.5.1fixed 3.0.101-0.47.106.5.1
net/sctp/socket.c in the Linux kernel through 4.10.1 does not properly restrict association peel-off operations during certain wait states, which allows local users to cause a denial of service (invalid unlock and double free) via a multithreaded application. NOTE: this vulnerab
CVE-2017-6348MedMar 1, 2017
affected < 3.0.101-0.47.106.5.1fixed 3.0.101-0.47.106.5.1
The hashbin_delete function in net/irda/irqueue.c in the Linux kernel before 4.9.13 improperly manages lock dropping, which allows local users to cause a denial of service (deadlock) via crafted operations on IrDA devices.
CVE-2017-5669HigFeb 24, 2017
affected < 3.0.101-0.47.106.5.1fixed 3.0.101-0.47.106.5.1
The do_shmat function in ipc/shm.c in the Linux kernel through 4.9.12 does not restrict the address calculated by a certain rounding operation, which allows local users to map page zero, and consequently bypass a protection mechanism that exists for the mmap system call, by makin
CVE-2017-6214HigFeb 23, 2017
affected < 3.0.101-0.47.106.5.1fixed 3.0.101-0.47.106.5.1
The tcp_splice_read function in net/ipv4/tcp.c in the Linux kernel before 4.9.11 allows remote attackers to cause a denial of service (infinite loop and soft lockup) via vectors involving a TCP packet with the URG flag.
CVE-2017-6074HigFeb 18, 2017
affected < 3.0.101-0.47.106.5.1fixed 3.0.101-0.47.106.5.1
The dccp_rcv_state_process function in net/dccp/input.c in the Linux kernel through 4.9.11 mishandles DCCP_PKT_REQUEST packet data structures in the LISTEN state, which allows local users to obtain root privileges or cause a denial of service (double free) via an application that
CVE-2017-5986MedFeb 18, 2017
affected < 3.0.101-0.47.106.5.1fixed 3.0.101-0.47.106.5.1
Race condition in the sctp_wait_for_sndbuf function in net/sctp/socket.c in the Linux kernel before 4.9.11 allows local users to cause a denial of service (assertion failure and panic) via a multithreaded application that peels off an association in a certain buffer-full state.
CVE-2017-5970HigFeb 14, 2017
affected < 3.0.101-0.47.106.5.1fixed 3.0.101-0.47.106.5.1
The ipv4_pktinfo_prepare function in net/ipv4/ip_sockglue.c in the Linux kernel through 4.9.9 allows attackers to cause a denial of service (system crash) via (1) an application that makes crafted system calls or possibly (2) IPv4 traffic with invalid IP options.
CVE-2017-5551MedFeb 6, 2017
affected < 3.0.101-0.47.96.1fixed 3.0.101-0.47.96.1
The simple_set_acl function in fs/posix_acl.c in the Linux kernel before 4.9.6 preserves the setgid bit during a setxattr call involving a tmpfs filesystem, which allows local users to gain group privileges by leveraging the existence of a setgid program with restrictions on exec

Page 7 of 10