rpm package

suse/kgraft-patch-SLE12-SP1_Update_22&distro=SUSE Linux Enterprise Server 12 SP1-LTSS

pkg:rpm/suse/kgraft-patch-SLE12-SP1_Update_22&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP1-LTSS

Vulnerabilities (49)

CVE	Sev	CVSS	Affected versions	Fixed in	Published	Description
CVE-2017-9076	Hig	7.8	< 1-2.1	1-2.1	May 19, 2017	The dccp_v6_request_recv_sock function in net/dccp/ipv6.c in the Linux kernel through 4.11.1 mishandles inheritance, which allows local users to cause a denial of service or possibly have unspecified other impact via crafted system calls, a related issue to CVE-2017-8890.
CVE-2017-9075	Hig	7.8	< 1-2.1	1-2.1	May 19, 2017	The sctp_v6_create_accept_sk function in net/sctp/ipv6.c in the Linux kernel through 4.11.1 mishandles inheritance, which allows local users to cause a denial of service or possibly have unspecified other impact via crafted system calls, a related issue to CVE-2017-8890.
CVE-2017-9074	Hig	7.8	< 1-2.1	1-2.1	May 19, 2017	The IPv6 fragmentation implementation in the Linux kernel through 4.11.1 does not consider that the nexthdr field may be associated with an invalid option, which allows local users to cause a denial of service (out-of-bounds read and BUG) or possibly have unspecified other impact
CVE-2017-7487	Hig	7.8	< 1-2.1	1-2.1	May 14, 2017	The ipxitf_ioctl function in net/ipx/af_ipx.c in the Linux kernel through 4.11.1 mishandles reference counts, which allows local users to cause a denial of service (use-after-free) or possibly have unspecified other impact via a failed SIOCGIFADDR ioctl call for an IPX interface.
CVE-2017-8925	Med	5.5	< 1-2.1	1-2.1	May 12, 2017	The omninet_open function in drivers/usb/serial/omninet.c in the Linux kernel before 4.10.4 allows local users to cause a denial of service (tty exhaustion) by leveraging reference count mishandling.
CVE-2017-8924	Med	4.6	< 1-2.1	1-2.1	May 12, 2017	The edge_bulk_in_callback function in drivers/usb/serial/io_ti.c in the Linux kernel before 4.10.4 allows local users to obtain sensitive information (in the dmesg ringbuffer and syslog) from uninitialized kernel memory by using a crafted USB device (posing as an io_ti USB serial
CVE-2017-8890	Hig	7.8	< 1-2.1	1-2.1	May 10, 2017	The inet_csk_clone_lock function in net/ipv4/inet_connection_sock.c in the Linux kernel through 4.10.15 allows attackers to cause a denial of service (double free) or possibly have unspecified other impact by leveraging use of the accept system call.
CVE-2017-8831	Med	6.4	< 1-2.1	1-2.1	May 8, 2017	The saa7164_bus_get function in drivers/media/pci/saa7164/saa7164-bus.c in the Linux kernel through 4.11.5 allows local users to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact by changing a certain sequence-number value, aka a "do
CVE-2017-7889	Hig	7.8	< 1-2.1	1-2.1	Apr 17, 2017	The mm subsystem in the Linux kernel through 3.2 does not properly enforce the CONFIG_STRICT_DEVMEM protection mechanism, which allows local users to read or write to kernel memory locations in the first megabyte (and bypass slab-allocation access restrictions) via an application

CVE-2017-9076HigMay 19, 2017
affected < 1-2.1fixed 1-2.1
The dccp_v6_request_recv_sock function in net/dccp/ipv6.c in the Linux kernel through 4.11.1 mishandles inheritance, which allows local users to cause a denial of service or possibly have unspecified other impact via crafted system calls, a related issue to CVE-2017-8890.
CVE-2017-9075HigMay 19, 2017
affected < 1-2.1fixed 1-2.1
The sctp_v6_create_accept_sk function in net/sctp/ipv6.c in the Linux kernel through 4.11.1 mishandles inheritance, which allows local users to cause a denial of service or possibly have unspecified other impact via crafted system calls, a related issue to CVE-2017-8890.
CVE-2017-9074HigMay 19, 2017
affected < 1-2.1fixed 1-2.1
The IPv6 fragmentation implementation in the Linux kernel through 4.11.1 does not consider that the nexthdr field may be associated with an invalid option, which allows local users to cause a denial of service (out-of-bounds read and BUG) or possibly have unspecified other impact
CVE-2017-7487HigMay 14, 2017
affected < 1-2.1fixed 1-2.1
The ipxitf_ioctl function in net/ipx/af_ipx.c in the Linux kernel through 4.11.1 mishandles reference counts, which allows local users to cause a denial of service (use-after-free) or possibly have unspecified other impact via a failed SIOCGIFADDR ioctl call for an IPX interface.
CVE-2017-8925MedMay 12, 2017
affected < 1-2.1fixed 1-2.1
The omninet_open function in drivers/usb/serial/omninet.c in the Linux kernel before 4.10.4 allows local users to cause a denial of service (tty exhaustion) by leveraging reference count mishandling.
CVE-2017-8924MedMay 12, 2017
affected < 1-2.1fixed 1-2.1
The edge_bulk_in_callback function in drivers/usb/serial/io_ti.c in the Linux kernel before 4.10.4 allows local users to obtain sensitive information (in the dmesg ringbuffer and syslog) from uninitialized kernel memory by using a crafted USB device (posing as an io_ti USB serial
CVE-2017-8890HigMay 10, 2017
affected < 1-2.1fixed 1-2.1
The inet_csk_clone_lock function in net/ipv4/inet_connection_sock.c in the Linux kernel through 4.10.15 allows attackers to cause a denial of service (double free) or possibly have unspecified other impact by leveraging use of the accept system call.
CVE-2017-8831MedMay 8, 2017
affected < 1-2.1fixed 1-2.1
The saa7164_bus_get function in drivers/media/pci/saa7164/saa7164-bus.c in the Linux kernel through 4.11.5 allows local users to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact by changing a certain sequence-number value, aka a "do
CVE-2017-7889HigApr 17, 2017
affected < 1-2.1fixed 1-2.1
The mm subsystem in the Linux kernel through 3.2 does not properly enforce the CONFIG_STRICT_DEVMEM protection mechanism, which allows local users to read or write to kernel memory locations in the first megabyte (and bypass slab-allocation access restrictions) via an application

Page 3 of 3