rpm package

suse/kernel-xen&distro=SUSE Linux Enterprise Server 12-LTSS

pkg:rpm/suse/kernel-xen&distro=SUSE%20Linux%20Enterprise%20Server%2012-LTSS

Vulnerabilities (221)

CVE	Sev	CVSS	KEV	Affected versions	Fixed in	Published	Description
CVE-2016-9793	Hig	7.8		< 3.12.61-52.66.1	3.12.61-52.66.1	Dec 28, 2016	The sock_setsockopt function in net/core/sock.c in the Linux kernel before 4.8.14 mishandles negative values of sk_sndbuf and sk_rcvbuf, which allows local users to cause a denial of service (memory corruption and system crash) or possibly have unspecified other impact by leverag
CVE-2016-9756	Med	5.5		< 3.12.61-52.66.1	3.12.61-52.66.1	Dec 28, 2016	arch/x86/kvm/emulate.c in the Linux kernel before 4.8.12 does not properly initialize Code Segment (CS) in certain error cases, which allows local users to obtain sensitive information from kernel stack memory via a crafted application.
CVE-2016-9588	Med	5.5		< 3.12.61-52.72.1	3.12.61-52.72.1	Dec 28, 2016	arch/x86/kvm/vmx.c in the Linux kernel through 4.9 mismanages the #BP and #OF exceptions, which allows guest OS users to cause a denial of service (guest OS crash) by declining to handle an exception thrown by an L2 guest.
CVE-2016-9576	Hig	7.8		< 3.12.60-52.63.1	3.12.60-52.63.1	Dec 28, 2016	The blk_rq_map_user_iov function in block/blk-map.c in the Linux kernel before 4.8.14 does not properly restrict the type of iterator, which allows local users to read or write to arbitrary kernel memory locations or cause a denial of service (use-after-free) by leveraging access
CVE-2016-8655	Hig	7.8		< 3.12.60-52.60.1	3.12.60-52.60.1	Dec 8, 2016	Race condition in net/packet/af_packet.c in the Linux kernel through 4.8.12 allows local users to gain privileges or cause a denial of service (use-after-free) by leveraging the CAP_NET_RAW capability to change a socket version, related to the packet_set_ring and packet_setsockop
CVE-2016-9555	Cri	9.8		< 3.12.60-52.60.1	3.12.60-52.60.1	Nov 28, 2016	The sctp_sf_ootb function in net/sctp/sm_statefuns.c in the Linux kernel before 4.8.8 lacks chunk-length checking for the first chunk, which allows remote attackers to cause a denial of service (out-of-bounds slab access) or possibly have unspecified other impact via crafted SCTP
CVE-2016-9084	Hig	7.8		< 3.12.61-52.66.1	3.12.61-52.66.1	Nov 28, 2016	drivers/vfio/pci/vfio_pci_intrs.c in the Linux kernel through 4.8.11 misuses the kzalloc function, which allows local users to cause a denial of service (integer overflow) or have unspecified other impact by leveraging access to a vfio PCI device file.
CVE-2016-9083	Hig	7.8		< 3.12.61-52.66.1	3.12.61-52.66.1	Nov 28, 2016	drivers/vfio/pci/vfio_pci.c in the Linux kernel through 4.8.11 allows local users to bypass integer overflow checks, and cause a denial of service (memory corruption) or have unspecified other impact, by leveraging access to a vfio PCI device file for a VFIO_DEVICE_SET_IRQS ioctl
CVE-2016-8645	Med	5.5		< 3.12.61-52.66.1	3.12.61-52.66.1	Nov 28, 2016	The TCP stack in the Linux kernel before 4.8.10 mishandles skb truncation, which allows local users to cause a denial of service (system crash) via a crafted application that makes sendto system calls, related to net/ipv4/tcp_ipv4.c and net/ipv6/tcp_ipv6.c.
CVE-2016-8633	Med	6.8		< 3.12.61-52.66.1	3.12.61-52.66.1	Nov 28, 2016	drivers/firewire/net.c in the Linux kernel before 4.8.7, in certain unusual hardware configurations, allows remote attackers to execute arbitrary code via crafted fragmented packets.
CVE-2016-8632	Hig	7.8		< 3.12.60-52.60.1	3.12.60-52.60.1	Nov 28, 2016	The tipc_msg_build function in net/tipc/msg.c in the Linux kernel through 4.8.11 does not validate the relationship between the minimum fragment length and the maximum packet size, which allows local users to gain privileges or cause a denial of service (heap-based buffer overflo
CVE-2016-7915	Med	5.5		< 3.12.61-52.125.1	3.12.61-52.125.1	Nov 16, 2016	The hid_input_field function in drivers/hid/hid-core.c in the Linux kernel before 4.6 allows physically proximate attackers to obtain sensitive information from kernel memory or cause a denial of service (out-of-bounds read) by connecting a device, as demonstrated by a Logitech D
CVE-2016-7914	Med	5.5		< 3.12.61-52.66.1	3.12.61-52.66.1	Nov 16, 2016	The assoc_array_insert_into_terminal_node function in lib/assoc_array.c in the Linux kernel before 4.5.3 does not check whether a slot is a leaf, which allows local users to obtain sensitive information from kernel memory or cause a denial of service (invalid pointer dereference
CVE-2016-7913	Hig	7.8		< 3.12.61-52.66.1	3.12.61-52.66.1	Nov 16, 2016	The xc2028_set_config function in drivers/media/tuners/tuner-xc2028.c in the Linux kernel before 4.6 allows local users to gain privileges or cause a denial of service (use-after-free) via vectors involving omission of the firmware name from a certain data structure.
CVE-2016-7911	Hig	7.8		< 3.12.61-52.66.1	3.12.61-52.66.1	Nov 16, 2016	Race condition in the get_task_ioprio function in block/ioprio.c in the Linux kernel before 4.6.6 allows local users to gain privileges or cause a denial of service (use-after-free) via a crafted ioprio_get system call.
CVE-2016-7910	Hig	7.8		< 3.12.61-52.66.1	3.12.61-52.66.1	Nov 16, 2016	Use-after-free vulnerability in the disk_seqf_stop function in block/genhd.c in the Linux kernel before 4.7.1 allows local users to gain privileges by leveraging the execution of a certain stop operation even if the corresponding start operation had failed.
CVE-2015-8964	Med	5.5		< 3.12.61-52.66.1	3.12.61-52.66.1	Nov 16, 2016	The tty_set_termios_ldisc function in drivers/tty/tty_ldisc.c in the Linux kernel before 4.5 allows local users to obtain sensitive information from kernel memory by reading a tty data structure.
CVE-2015-8963	Hig	7.0		< 3.12.61-52.66.1	3.12.61-52.66.1	Nov 16, 2016	Race condition in kernel/events/core.c in the Linux kernel before 4.4 allows local users to gain privileges or cause a denial of service (use-after-free) by leveraging incorrect handling of an swevent data structure during a CPU unplug operation.
CVE-2015-8962	Hig	7.3		< 3.12.61-52.66.1	3.12.61-52.66.1	Nov 16, 2016	Double free vulnerability in the sg_common_write function in drivers/scsi/sg.c in the Linux kernel before 4.4 allows local users to gain privileges or cause a denial of service (memory corruption and system crash) by detaching a device during an SG_IO ioctl call.
CVE-2016-5195	Hig	7.0	KEV	< 3.12.60-52.57.1	3.12.60-52.57.1	Nov 10, 2016	Race condition in mm/gup.c in the Linux kernel 2.x through 4.x before 4.8.3 allows local users to gain privileges by leveraging incorrect handling of a copy-on-write (COW) feature to write to a read-only memory mapping, as exploited in the wild in October 2016, aka "Dirty COW."

CVE-2016-9793HigDec 28, 2016
affected < 3.12.61-52.66.1fixed 3.12.61-52.66.1
The sock_setsockopt function in net/core/sock.c in the Linux kernel before 4.8.14 mishandles negative values of sk_sndbuf and sk_rcvbuf, which allows local users to cause a denial of service (memory corruption and system crash) or possibly have unspecified other impact by leverag
CVE-2016-9756MedDec 28, 2016
affected < 3.12.61-52.66.1fixed 3.12.61-52.66.1
arch/x86/kvm/emulate.c in the Linux kernel before 4.8.12 does not properly initialize Code Segment (CS) in certain error cases, which allows local users to obtain sensitive information from kernel stack memory via a crafted application.
CVE-2016-9588MedDec 28, 2016
affected < 3.12.61-52.72.1fixed 3.12.61-52.72.1
arch/x86/kvm/vmx.c in the Linux kernel through 4.9 mismanages the #BP and #OF exceptions, which allows guest OS users to cause a denial of service (guest OS crash) by declining to handle an exception thrown by an L2 guest.
CVE-2016-9576HigDec 28, 2016
affected < 3.12.60-52.63.1fixed 3.12.60-52.63.1
The blk_rq_map_user_iov function in block/blk-map.c in the Linux kernel before 4.8.14 does not properly restrict the type of iterator, which allows local users to read or write to arbitrary kernel memory locations or cause a denial of service (use-after-free) by leveraging access
CVE-2016-8655HigDec 8, 2016
affected < 3.12.60-52.60.1fixed 3.12.60-52.60.1
Race condition in net/packet/af_packet.c in the Linux kernel through 4.8.12 allows local users to gain privileges or cause a denial of service (use-after-free) by leveraging the CAP_NET_RAW capability to change a socket version, related to the packet_set_ring and packet_setsockop
CVE-2016-9555CriNov 28, 2016
affected < 3.12.60-52.60.1fixed 3.12.60-52.60.1
The sctp_sf_ootb function in net/sctp/sm_statefuns.c in the Linux kernel before 4.8.8 lacks chunk-length checking for the first chunk, which allows remote attackers to cause a denial of service (out-of-bounds slab access) or possibly have unspecified other impact via crafted SCTP
CVE-2016-9084HigNov 28, 2016
affected < 3.12.61-52.66.1fixed 3.12.61-52.66.1
drivers/vfio/pci/vfio_pci_intrs.c in the Linux kernel through 4.8.11 misuses the kzalloc function, which allows local users to cause a denial of service (integer overflow) or have unspecified other impact by leveraging access to a vfio PCI device file.
CVE-2016-9083HigNov 28, 2016
affected < 3.12.61-52.66.1fixed 3.12.61-52.66.1
drivers/vfio/pci/vfio_pci.c in the Linux kernel through 4.8.11 allows local users to bypass integer overflow checks, and cause a denial of service (memory corruption) or have unspecified other impact, by leveraging access to a vfio PCI device file for a VFIO_DEVICE_SET_IRQS ioctl
CVE-2016-8645MedNov 28, 2016
affected < 3.12.61-52.66.1fixed 3.12.61-52.66.1
The TCP stack in the Linux kernel before 4.8.10 mishandles skb truncation, which allows local users to cause a denial of service (system crash) via a crafted application that makes sendto system calls, related to net/ipv4/tcp_ipv4.c and net/ipv6/tcp_ipv6.c.
CVE-2016-8633MedNov 28, 2016
affected < 3.12.61-52.66.1fixed 3.12.61-52.66.1
drivers/firewire/net.c in the Linux kernel before 4.8.7, in certain unusual hardware configurations, allows remote attackers to execute arbitrary code via crafted fragmented packets.
CVE-2016-8632HigNov 28, 2016
affected < 3.12.60-52.60.1fixed 3.12.60-52.60.1
The tipc_msg_build function in net/tipc/msg.c in the Linux kernel through 4.8.11 does not validate the relationship between the minimum fragment length and the maximum packet size, which allows local users to gain privileges or cause a denial of service (heap-based buffer overflo
CVE-2016-7915MedNov 16, 2016
affected < 3.12.61-52.125.1fixed 3.12.61-52.125.1
The hid_input_field function in drivers/hid/hid-core.c in the Linux kernel before 4.6 allows physically proximate attackers to obtain sensitive information from kernel memory or cause a denial of service (out-of-bounds read) by connecting a device, as demonstrated by a Logitech D
CVE-2016-7914MedNov 16, 2016
affected < 3.12.61-52.66.1fixed 3.12.61-52.66.1
The assoc_array_insert_into_terminal_node function in lib/assoc_array.c in the Linux kernel before 4.5.3 does not check whether a slot is a leaf, which allows local users to obtain sensitive information from kernel memory or cause a denial of service (invalid pointer dereference
CVE-2016-7913HigNov 16, 2016
affected < 3.12.61-52.66.1fixed 3.12.61-52.66.1
The xc2028_set_config function in drivers/media/tuners/tuner-xc2028.c in the Linux kernel before 4.6 allows local users to gain privileges or cause a denial of service (use-after-free) via vectors involving omission of the firmware name from a certain data structure.
CVE-2016-7911HigNov 16, 2016
affected < 3.12.61-52.66.1fixed 3.12.61-52.66.1
Race condition in the get_task_ioprio function in block/ioprio.c in the Linux kernel before 4.6.6 allows local users to gain privileges or cause a denial of service (use-after-free) via a crafted ioprio_get system call.
CVE-2016-7910HigNov 16, 2016
affected < 3.12.61-52.66.1fixed 3.12.61-52.66.1
Use-after-free vulnerability in the disk_seqf_stop function in block/genhd.c in the Linux kernel before 4.7.1 allows local users to gain privileges by leveraging the execution of a certain stop operation even if the corresponding start operation had failed.
CVE-2015-8964MedNov 16, 2016
affected < 3.12.61-52.66.1fixed 3.12.61-52.66.1
The tty_set_termios_ldisc function in drivers/tty/tty_ldisc.c in the Linux kernel before 4.5 allows local users to obtain sensitive information from kernel memory by reading a tty data structure.
CVE-2015-8963HigNov 16, 2016
affected < 3.12.61-52.66.1fixed 3.12.61-52.66.1
Race condition in kernel/events/core.c in the Linux kernel before 4.4 allows local users to gain privileges or cause a denial of service (use-after-free) by leveraging incorrect handling of an swevent data structure during a CPU unplug operation.
CVE-2015-8962HigNov 16, 2016
affected < 3.12.61-52.66.1fixed 3.12.61-52.66.1
Double free vulnerability in the sg_common_write function in drivers/scsi/sg.c in the Linux kernel before 4.4 allows local users to gain privileges or cause a denial of service (memory corruption and system crash) by detaching a device during an SG_IO ioctl call.
CVE-2016-5195HigKEVNov 10, 2016
affected < 3.12.60-52.57.1fixed 3.12.60-52.57.1
Race condition in mm/gup.c in the Linux kernel 2.x through 4.x before 4.8.3 allows local users to gain privileges by leveraging incorrect handling of a copy-on-write (COW) feature to write to a read-only memory mapping, as exploited in the wild in October 2016, aka "Dirty COW."

Page 10 of 12