rpm package
suse/kernel-xen&distro=SUSE Linux Enterprise Server for SAP Applications 12
pkg:rpm/suse/kernel-xen&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012
Vulnerabilities (168)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2014-9729 | — | < 3.12.44-52.10.1 | 3.12.44-52.10.1 | Aug 31, 2015 | The udf_read_inode function in fs/udf/inode.c in the Linux kernel before 3.18.2 does not ensure a certain data-structure size consistency, which allows local users to cause a denial of service (system crash) via a crafted UDF filesystem image. | ||
| CVE-2014-9728 | — | < 3.12.44-52.10.1 | 3.12.44-52.10.1 | Aug 31, 2015 | The UDF filesystem implementation in the Linux kernel before 3.18.2 does not validate certain lengths, which allows local users to cause a denial of service (buffer over-read and system crash) via a crafted filesystem image, related to fs/udf/inode.c and fs/udf/symlink.c. | ||
| CVE-2015-1805 | — | < 3.12.44-52.10.1 | 3.12.44-52.10.1 | Aug 8, 2015 | The (1) pipe_read and (2) pipe_write implementations in fs/pipe.c in the Linux kernel before 3.16 do not properly consider the side effects of failed __copy_to_user_inatomic and __copy_from_user_inatomic calls, which allows local users to cause a denial of service (system crash) | ||
| CVE-2015-3636 | — | < 3.12.43-52.6.1 | 3.12.43-52.6.1 | Aug 6, 2015 | The ping_unhash function in net/ipv4/ping.c in the Linux kernel before 4.0.3 does not initialize a certain list data structure during an unhash operation, which allows local users to gain privileges or cause a denial of service (use-after-free and system crash) by leveraging the | ||
| CVE-2015-4167 | — | < 3.12.44-52.10.1 | 3.12.44-52.10.1 | Aug 5, 2015 | The udf_read_inode function in fs/udf/inode.c in the Linux kernel before 3.19.1 does not validate certain length values, which allows local users to cause a denial of service (incorrect data representation or integer overflow, and OOPS) via a crafted UDF filesystem. | ||
| CVE-2015-4692 | — | < 3.12.44-52.10.1 | 3.12.44-52.10.1 | Jul 27, 2015 | The kvm_apic_has_events function in arch/x86/kvm/lapic.h in the Linux kernel through 4.1.3 allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact by leveraging /dev/kvm access for an ioctl call. | ||
| CVE-2015-3339 | — | < 3.12.43-52.6.1 | 3.12.43-52.6.1 | May 27, 2015 | Race condition in the prepare_binprm function in fs/exec.c in the Linux kernel before 3.19.6 allows local users to gain privileges by executing a setuid program at a time instant when a chown to root is in progress, and the ownership is changed but the setuid bit is not yet strip | ||
| CVE-2015-3332 | — | < 3.12.43-52.6.1 | 3.12.43-52.6.1 | May 27, 2015 | A certain backport in the TCP Fast Open implementation for the Linux kernel before 3.18 does not properly maintain a count value, which allow local users to cause a denial of service (system crash) via the Fast Open feature, as demonstrated by visiting the chrome://flags/#enable- | ||
| CVE-2015-3331 | — | < 3.12.43-52.6.1 | 3.12.43-52.6.1 | May 27, 2015 | The __driver_rfc4106_decrypt function in arch/x86/crypto/aesni-intel_glue.c in the Linux kernel before 3.19.3 does not properly determine the memory locations used for encrypted data, which allows context-dependent attackers to cause a denial of service (buffer overflow and syste | ||
| CVE-2015-2922 | — | < 3.12.43-52.6.1 | 3.12.43-52.6.1 | May 27, 2015 | The ndisc_router_discovery function in net/ipv6/ndisc.c in the Neighbor Discovery (ND) protocol implementation in the IPv6 stack in the Linux kernel before 3.19.6 allows remote attackers to reconfigure a hop-limit setting via a small hop_limit value in a Router Advertisement (RA) | ||
| CVE-2015-2830 | — | < 3.12.43-52.6.1 | 3.12.43-52.6.1 | May 27, 2015 | arch/x86/kernel/entry_64.S in the Linux kernel before 3.19.2 does not prevent the TS_COMPAT flag from reaching a user-mode task, which might allow local users to bypass the seccomp or audit protection mechanism via a crafted application that uses the (1) fork or (2) close system | ||
| CVE-2015-2666 | — | < 3.12.43-52.6.1 | 3.12.43-52.6.1 | May 27, 2015 | Stack-based buffer overflow in the get_matching_model_microcode function in arch/x86/kernel/cpu/microcode/intel_early.c in the Linux kernel before 4.0 allows context-dependent attackers to gain privileges by constructing a crafted microcode header and leveraging root privileges f | ||
| CVE-2015-2042 | — | < 3.12.43-52.6.1 | 3.12.43-52.6.1 | Apr 21, 2015 | net/rds/sysctl.c in the Linux kernel before 3.19 uses an incorrect data type in a sysctl table, which allows local users to obtain potentially sensitive information from kernel memory or possibly have unspecified other impact by accessing a sysctl entry. | ||
| CVE-2015-2041 | — | < 3.12.43-52.6.1 | 3.12.43-52.6.1 | Apr 21, 2015 | net/llc/sysctl_net_llc.c in the Linux kernel before 3.19 uses an incorrect data type in a sysctl table, which allows local users to obtain potentially sensitive information from kernel memory or possibly have unspecified other impact by accessing a sysctl entry. | ||
| CVE-2015-1465 | — | < 3.12.43-52.6.1 | 3.12.43-52.6.1 | Apr 5, 2015 | The IPv4 implementation in the Linux kernel before 3.18.8 does not properly consider the length of the Read-Copy Update (RCU) grace period for redirecting lookups in the absence of caching, which allows remote attackers to cause a denial of service (memory consumption or system c | ||
| CVE-2015-0777 | — | < 3.12.39-47.1 | 3.12.39-47.1 | Apr 5, 2015 | drivers/xen/usbback/usbback.c in linux-2.6.18-xen-3.4.0 (aka the Xen 3.4.x support patches for the Linux kernel 2.6.18), as used in the Linux kernel 2.6.x and 3.x in SUSE Linux distributions, allows guest OS users to obtain sensitive information from uninitialized locations in ho | ||
| CVE-2014-8159 | — | < 3.12.43-52.6.1 | 3.12.43-52.6.1 | Mar 16, 2015 | The InfiniBand (IB) implementation in the Linux kernel package before 2.6.32-504.12.2 on Red Hat Enterprise Linux (RHEL) 6 does not properly restrict use of User Verbs for registration of memory regions, which allows local users to access arbitrary physical memory locations, and | ||
| CVE-2014-7822 | — | < 3.12.38-44.1 | 3.12.38-44.1 | Mar 16, 2015 | The implementation of certain splice_write file operations in the Linux kernel before 3.16 does not enforce a restriction on the maximum size of a single file, which allows local users to cause a denial of service (system crash) or possibly have unspecified other impact via a cra | ||
| CVE-2015-2150 | — | < 3.12.39-47.1 | 3.12.39-47.1 | Mar 12, 2015 | Xen 3.3.x through 4.5.x and the Linux kernel through 3.19.1 do not properly restrict access to PCI command registers, which might allow local guest OS users to cause a denial of service (non-maskable interrupt and host crash) by disabling the (1) memory or (2) I/O decoding for a | ||
| CVE-2014-8160 | — | < 3.12.38-44.1 | 3.12.38-44.1 | Mar 2, 2015 | net/netfilter/nf_conntrack_proto_generic.c in the Linux kernel before 3.18 generates incorrect conntrack entries during handling of certain iptables rule sets for the SCTP, DCCP, GRE, and UDP-Lite protocols, which allows remote attackers to bypass intended access restrictions via |
- CVE-2014-9729Aug 31, 2015affected < 3.12.44-52.10.1fixed 3.12.44-52.10.1
The udf_read_inode function in fs/udf/inode.c in the Linux kernel before 3.18.2 does not ensure a certain data-structure size consistency, which allows local users to cause a denial of service (system crash) via a crafted UDF filesystem image.
- CVE-2014-9728Aug 31, 2015affected < 3.12.44-52.10.1fixed 3.12.44-52.10.1
The UDF filesystem implementation in the Linux kernel before 3.18.2 does not validate certain lengths, which allows local users to cause a denial of service (buffer over-read and system crash) via a crafted filesystem image, related to fs/udf/inode.c and fs/udf/symlink.c.
- CVE-2015-1805Aug 8, 2015affected < 3.12.44-52.10.1fixed 3.12.44-52.10.1
The (1) pipe_read and (2) pipe_write implementations in fs/pipe.c in the Linux kernel before 3.16 do not properly consider the side effects of failed __copy_to_user_inatomic and __copy_from_user_inatomic calls, which allows local users to cause a denial of service (system crash)
- CVE-2015-3636Aug 6, 2015affected < 3.12.43-52.6.1fixed 3.12.43-52.6.1
The ping_unhash function in net/ipv4/ping.c in the Linux kernel before 4.0.3 does not initialize a certain list data structure during an unhash operation, which allows local users to gain privileges or cause a denial of service (use-after-free and system crash) by leveraging the
- CVE-2015-4167Aug 5, 2015affected < 3.12.44-52.10.1fixed 3.12.44-52.10.1
The udf_read_inode function in fs/udf/inode.c in the Linux kernel before 3.19.1 does not validate certain length values, which allows local users to cause a denial of service (incorrect data representation or integer overflow, and OOPS) via a crafted UDF filesystem.
- CVE-2015-4692Jul 27, 2015affected < 3.12.44-52.10.1fixed 3.12.44-52.10.1
The kvm_apic_has_events function in arch/x86/kvm/lapic.h in the Linux kernel through 4.1.3 allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact by leveraging /dev/kvm access for an ioctl call.
- CVE-2015-3339May 27, 2015affected < 3.12.43-52.6.1fixed 3.12.43-52.6.1
Race condition in the prepare_binprm function in fs/exec.c in the Linux kernel before 3.19.6 allows local users to gain privileges by executing a setuid program at a time instant when a chown to root is in progress, and the ownership is changed but the setuid bit is not yet strip
- CVE-2015-3332May 27, 2015affected < 3.12.43-52.6.1fixed 3.12.43-52.6.1
A certain backport in the TCP Fast Open implementation for the Linux kernel before 3.18 does not properly maintain a count value, which allow local users to cause a denial of service (system crash) via the Fast Open feature, as demonstrated by visiting the chrome://flags/#enable-
- CVE-2015-3331May 27, 2015affected < 3.12.43-52.6.1fixed 3.12.43-52.6.1
The __driver_rfc4106_decrypt function in arch/x86/crypto/aesni-intel_glue.c in the Linux kernel before 3.19.3 does not properly determine the memory locations used for encrypted data, which allows context-dependent attackers to cause a denial of service (buffer overflow and syste
- CVE-2015-2922May 27, 2015affected < 3.12.43-52.6.1fixed 3.12.43-52.6.1
The ndisc_router_discovery function in net/ipv6/ndisc.c in the Neighbor Discovery (ND) protocol implementation in the IPv6 stack in the Linux kernel before 3.19.6 allows remote attackers to reconfigure a hop-limit setting via a small hop_limit value in a Router Advertisement (RA)
- CVE-2015-2830May 27, 2015affected < 3.12.43-52.6.1fixed 3.12.43-52.6.1
arch/x86/kernel/entry_64.S in the Linux kernel before 3.19.2 does not prevent the TS_COMPAT flag from reaching a user-mode task, which might allow local users to bypass the seccomp or audit protection mechanism via a crafted application that uses the (1) fork or (2) close system
- CVE-2015-2666May 27, 2015affected < 3.12.43-52.6.1fixed 3.12.43-52.6.1
Stack-based buffer overflow in the get_matching_model_microcode function in arch/x86/kernel/cpu/microcode/intel_early.c in the Linux kernel before 4.0 allows context-dependent attackers to gain privileges by constructing a crafted microcode header and leveraging root privileges f
- CVE-2015-2042Apr 21, 2015affected < 3.12.43-52.6.1fixed 3.12.43-52.6.1
net/rds/sysctl.c in the Linux kernel before 3.19 uses an incorrect data type in a sysctl table, which allows local users to obtain potentially sensitive information from kernel memory or possibly have unspecified other impact by accessing a sysctl entry.
- CVE-2015-2041Apr 21, 2015affected < 3.12.43-52.6.1fixed 3.12.43-52.6.1
net/llc/sysctl_net_llc.c in the Linux kernel before 3.19 uses an incorrect data type in a sysctl table, which allows local users to obtain potentially sensitive information from kernel memory or possibly have unspecified other impact by accessing a sysctl entry.
- CVE-2015-1465Apr 5, 2015affected < 3.12.43-52.6.1fixed 3.12.43-52.6.1
The IPv4 implementation in the Linux kernel before 3.18.8 does not properly consider the length of the Read-Copy Update (RCU) grace period for redirecting lookups in the absence of caching, which allows remote attackers to cause a denial of service (memory consumption or system c
- CVE-2015-0777Apr 5, 2015affected < 3.12.39-47.1fixed 3.12.39-47.1
drivers/xen/usbback/usbback.c in linux-2.6.18-xen-3.4.0 (aka the Xen 3.4.x support patches for the Linux kernel 2.6.18), as used in the Linux kernel 2.6.x and 3.x in SUSE Linux distributions, allows guest OS users to obtain sensitive information from uninitialized locations in ho
- CVE-2014-8159Mar 16, 2015affected < 3.12.43-52.6.1fixed 3.12.43-52.6.1
The InfiniBand (IB) implementation in the Linux kernel package before 2.6.32-504.12.2 on Red Hat Enterprise Linux (RHEL) 6 does not properly restrict use of User Verbs for registration of memory regions, which allows local users to access arbitrary physical memory locations, and
- CVE-2014-7822Mar 16, 2015affected < 3.12.38-44.1fixed 3.12.38-44.1
The implementation of certain splice_write file operations in the Linux kernel before 3.16 does not enforce a restriction on the maximum size of a single file, which allows local users to cause a denial of service (system crash) or possibly have unspecified other impact via a cra
- CVE-2015-2150Mar 12, 2015affected < 3.12.39-47.1fixed 3.12.39-47.1
Xen 3.3.x through 4.5.x and the Linux kernel through 3.19.1 do not properly restrict access to PCI command registers, which might allow local guest OS users to cause a denial of service (non-maskable interrupt and host crash) by disabling the (1) memory or (2) I/O decoding for a
- CVE-2014-8160Mar 2, 2015affected < 3.12.38-44.1fixed 3.12.38-44.1
net/netfilter/nf_conntrack_proto_generic.c in the Linux kernel before 3.18 generates incorrect conntrack entries during handling of certain iptables rule sets for the SCTP, DCCP, GRE, and UDP-Lite protocols, which allows remote attackers to bypass intended access restrictions via
Page 8 of 9