VYPR

rpm package

suse/kgraft-patch-SLE12-SP1_Update_15&distro=SUSE Linux Enterprise Live Patching 12

pkg:rpm/suse/kgraft-patch-SLE12-SP1_Update_15&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2012

Vulnerabilities (30)

  • CVE-2017-5986MedFeb 18, 2017
    affected < 1-4.1fixed 1-4.1

    Race condition in the sctp_wait_for_sndbuf function in net/sctp/socket.c in the Linux kernel before 4.9.11 allows local users to cause a denial of service (assertion failure and panic) via a multithreaded application that peels off an association in a certain buffer-full state.

  • CVE-2016-10044HigFeb 7, 2017
    affected < 1-4.1fixed 1-4.1

    The aio_mount function in fs/aio.c in the Linux kernel before 4.7.7 does not properly restrict execute access, which makes it easier for local users to bypass intended SELinux W^X policy restrictions, and consequently gain privileges, via an io_setup system call.

  • CVE-2016-10208MedFeb 6, 2017
    affected < 1-4.1fixed 1-4.1

    The ext4_fill_super function in fs/ext4/super.c in the Linux kernel through 4.9.8 does not properly validate meta block groups, which allows physically proximate attackers to cause a denial of service (out-of-bounds read and system crash) via a crafted ext4 image.

  • CVE-2016-9588MedDec 28, 2016
    affected < 1-4.1fixed 1-4.1

    arch/x86/kvm/vmx.c in the Linux kernel through 4.9 mismanages the #BP and #OF exceptions, which allows guest OS users to cause a denial of service (guest OS crash) by declining to handle an exception thrown by an L2 guest.

  • CVE-2016-9191MedNov 28, 2016
    affected < 1-4.1fixed 1-4.1

    The cgroup offline implementation in the Linux kernel through 4.8.11 mishandles certain drain operations, which allows local users to cause a denial of service (system hang) by leveraging access to a container environment for executing a crafted application, as demonstrated by tr

  • CVE-2016-7117CriOct 10, 2016
    affected < 1-4.1fixed 1-4.1

    Use-after-free vulnerability in the __sys_recvmmsg function in net/socket.c in the Linux kernel before 4.5.2 allows remote attackers to execute arbitrary code via vectors involving a recvmmsg system call that is mishandled during error processing.

  • CVE-2016-3070HigAug 6, 2016
    affected < 1-4.1fixed 1-4.1

    The trace_writeback_dirty_page implementation in include/trace/events/writeback.h in the Linux kernel before 4.4 improperly interacts with mm/migrate.c, which allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified

  • CVE-2016-5243MedJun 27, 2016
    affected < 1-4.1fixed 1-4.1

    The tipc_nl_compat_link_dump function in net/tipc/netlink_compat.c in the Linux kernel through 4.6.3 does not properly copy a certain string, which allows local users to obtain sensitive information from kernel stack memory by reading a Netlink message.

  • CVE-2016-2117HigMay 2, 2016
    affected < 1-4.1fixed 1-4.1

    The atl2_probe function in drivers/net/ethernet/atheros/atlx/atl2.c in the Linux kernel through 4.5.2 incorrectly enables scatter/gather I/O, which allows remote attackers to obtain sensitive information from kernel memory by reading packet data.

  • CVE-2015-1350MedMay 2, 2016
    affected < 1-4.1fixed 1-4.1

    The VFS subsystem in the Linux kernel 3.x provides an incomplete set of requirements for setattr operations that underspecifies removing extended privilege attributes, which allows local users to cause a denial of service (capability stripping) via a failed invocation of a system

Page 2 of 2