VYPR

rpm package

suse/kgraft-patch-SLE12-SP1_Update_24&distro=SUSE Linux Enterprise Server for SAP Applications 12 SP1

pkg:rpm/suse/kgraft-patch-SLE12-SP1_Update_24&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP1

Vulnerabilities (27)

  • CVE-2017-15868HigDec 5, 2017
    affected < 1-2.3.1fixed 1-2.3.1

    The bnep_add_connection function in net/bluetooth/bnep/core.c in the Linux kernel before 3.19 does not ensure that an l2cap socket is available, which allows local users to gain privileges via a crafted application.

  • CVE-2017-8824HigDec 5, 2017
    affected < 1-2.3.1fixed 1-2.3.1

    The dccp_disconnect function in net/dccp/proto.c in the Linux kernel through 4.14.3 allows local users to gain privileges or cause a denial of service (use-after-free) via an AF_UNSPEC connect system call during the DCCP_LISTEN state.

  • CVE-2017-0861HigNov 16, 2017
    affected < 3-2.1fixed 3-2.1

    Use-after-free vulnerability in the snd_pcm_info function in the ALSA subsystem in the Linux kernel allows attackers to gain privileges via unspecified vectors.

  • CVE-2017-15115HigNov 15, 2017
    affected < 1-2.3.1fixed 1-2.3.1

    The sctp_do_peeloff function in net/sctp/socket.c in the Linux kernel before 4.14 does not check whether the intended netns is used in a peel-off action, which allows local users to cause a denial of service (use-after-free and system crash) or possibly have unspecified other imp

  • CVE-2017-16538MedNov 4, 2017
    affected < 1-2.3.1fixed 1-2.3.1

    drivers/media/usb/dvb-usb-v2/lmedm04.c in the Linux kernel through 4.13.11 allows local users to cause a denial of service (general protection fault and system crash) or possibly have unspecified other impact via a crafted USB device, related to a missing warm-start check and inc

  • CVE-2017-16534MedNov 4, 2017
    affected < 1-2.3.1fixed 1-2.3.1

    The cdc_parse_cdc_header function in drivers/usb/core/message.c in the Linux kernel before 4.13.6 allows local users to cause a denial of service (out-of-bounds read and system crash) or possibly have unspecified other impact via a crafted USB device.

  • CVE-2017-11600HigJul 24, 2017
    affected < 1-2.3.1fixed 1-2.3.1

    net/xfrm/xfrm_policy.c in the Linux kernel through 4.12.3, when CONFIG_XFRM_MIGRATE is enabled, does not ensure that the dir value of xfrm_userpolicy_id is XFRM_POLICY_MAX or less, which allows local users to cause a denial of service (out-of-bounds access) or possibly have unspe

Page 2 of 2