rpm package
suse/kgraft-patch-SLE12-SP1_Update_24&distro=SUSE Linux Enterprise Server for SAP Applications 12 SP1
pkg:rpm/suse/kgraft-patch-SLE12-SP1_Update_24&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP1
Vulnerabilities (27)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2017-15868 | Hig | 7.8 | < 1-2.3.1 | 1-2.3.1 | Dec 5, 2017 | The bnep_add_connection function in net/bluetooth/bnep/core.c in the Linux kernel before 3.19 does not ensure that an l2cap socket is available, which allows local users to gain privileges via a crafted application. | |
| CVE-2017-8824 | Hig | 7.8 | < 1-2.3.1 | 1-2.3.1 | Dec 5, 2017 | The dccp_disconnect function in net/dccp/proto.c in the Linux kernel through 4.14.3 allows local users to gain privileges or cause a denial of service (use-after-free) via an AF_UNSPEC connect system call during the DCCP_LISTEN state. | |
| CVE-2017-0861 | Hig | 7.8 | < 3-2.1 | 3-2.1 | Nov 16, 2017 | Use-after-free vulnerability in the snd_pcm_info function in the ALSA subsystem in the Linux kernel allows attackers to gain privileges via unspecified vectors. | |
| CVE-2017-15115 | Hig | 7.8 | < 1-2.3.1 | 1-2.3.1 | Nov 15, 2017 | The sctp_do_peeloff function in net/sctp/socket.c in the Linux kernel before 4.14 does not check whether the intended netns is used in a peel-off action, which allows local users to cause a denial of service (use-after-free and system crash) or possibly have unspecified other imp | |
| CVE-2017-16538 | Med | 6.6 | < 1-2.3.1 | 1-2.3.1 | Nov 4, 2017 | drivers/media/usb/dvb-usb-v2/lmedm04.c in the Linux kernel through 4.13.11 allows local users to cause a denial of service (general protection fault and system crash) or possibly have unspecified other impact via a crafted USB device, related to a missing warm-start check and inc | |
| CVE-2017-16534 | Med | 6.8 | < 1-2.3.1 | 1-2.3.1 | Nov 4, 2017 | The cdc_parse_cdc_header function in drivers/usb/core/message.c in the Linux kernel before 4.13.6 allows local users to cause a denial of service (out-of-bounds read and system crash) or possibly have unspecified other impact via a crafted USB device. | |
| CVE-2017-11600 | Hig | 7.0 | < 1-2.3.1 | 1-2.3.1 | Jul 24, 2017 | net/xfrm/xfrm_policy.c in the Linux kernel through 4.12.3, when CONFIG_XFRM_MIGRATE is enabled, does not ensure that the dir value of xfrm_userpolicy_id is XFRM_POLICY_MAX or less, which allows local users to cause a denial of service (out-of-bounds access) or possibly have unspe |
- affected < 1-2.3.1fixed 1-2.3.1
The bnep_add_connection function in net/bluetooth/bnep/core.c in the Linux kernel before 3.19 does not ensure that an l2cap socket is available, which allows local users to gain privileges via a crafted application.
- affected < 1-2.3.1fixed 1-2.3.1
The dccp_disconnect function in net/dccp/proto.c in the Linux kernel through 4.14.3 allows local users to gain privileges or cause a denial of service (use-after-free) via an AF_UNSPEC connect system call during the DCCP_LISTEN state.
- affected < 3-2.1fixed 3-2.1
Use-after-free vulnerability in the snd_pcm_info function in the ALSA subsystem in the Linux kernel allows attackers to gain privileges via unspecified vectors.
- affected < 1-2.3.1fixed 1-2.3.1
The sctp_do_peeloff function in net/sctp/socket.c in the Linux kernel before 4.14 does not check whether the intended netns is used in a peel-off action, which allows local users to cause a denial of service (use-after-free and system crash) or possibly have unspecified other imp
- affected < 1-2.3.1fixed 1-2.3.1
drivers/media/usb/dvb-usb-v2/lmedm04.c in the Linux kernel through 4.13.11 allows local users to cause a denial of service (general protection fault and system crash) or possibly have unspecified other impact via a crafted USB device, related to a missing warm-start check and inc
- affected < 1-2.3.1fixed 1-2.3.1
The cdc_parse_cdc_header function in drivers/usb/core/message.c in the Linux kernel before 4.13.6 allows local users to cause a denial of service (out-of-bounds read and system crash) or possibly have unspecified other impact via a crafted USB device.
- affected < 1-2.3.1fixed 1-2.3.1
net/xfrm/xfrm_policy.c in the Linux kernel through 4.12.3, when CONFIG_XFRM_MIGRATE is enabled, does not ensure that the dir value of xfrm_userpolicy_id is XFRM_POLICY_MAX or less, which allows local users to cause a denial of service (out-of-bounds access) or possibly have unspe
Page 2 of 2