rpm package

suse/kgraft-patch-SLE12-SP1_Update_24&distro=SUSE OpenStack Cloud 6

pkg:rpm/suse/kgraft-patch-SLE12-SP1_Update_24&distro=SUSE%20OpenStack%20Cloud%206

Vulnerabilities (14)

CVE	Sev	CVSS	Affected versions	Fixed in	Published	Description
CVE-2017-5754		—	< 1-2.3.1	1-2.3.1	Jan 4, 2018	Systems with microprocessors utilizing speculative execution and indirect branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis of the data cache.
CVE-2017-5753		—	< 1-2.3.1	1-2.3.1	Jan 4, 2018	Systems with microprocessors utilizing speculative execution and branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis.
CVE-2017-5715		—	< 1-2.3.1	1-2.3.1	Jan 4, 2018	Systems with microprocessors utilizing speculative execution and indirect branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis.
CVE-2017-17558	Med	6.6	< 1-2.3.1	1-2.3.1	Dec 12, 2017	The usb_destroy_configuration function in drivers/usb/core/config.c in the USB core subsystem in the Linux kernel through 4.14.5 does not consider the maximum number of configurations and interfaces before attempting to release resources, which allows local users to cause a denia
CVE-2017-17450	Hig	7.8	< 1-2.3.1	1-2.3.1	Dec 7, 2017	net/netfilter/xt_osf.c in the Linux kernel through 4.14.4 does not require the CAP_NET_ADMIN capability for add_callback and remove_callback operations, which allows local users to bypass intended access restrictions because the xt_osf_fingers data structure is shared across all
CVE-2017-17449	Med	4.7	< 1-2.3.1	1-2.3.1	Dec 7, 2017	The __netlink_deliver_tap_skb function in net/netlink/af_netlink.c in the Linux kernel through 4.14.4, when CONFIG_NLMON is enabled, does not restrict observations of Netlink messages to a single net namespace, which allows local users to obtain sensitive information by leveragin
CVE-2017-17448	Hig	7.8	< 1-2.3.1	1-2.3.1	Dec 7, 2017	net/netfilter/nfnetlink_cthelper.c in the Linux kernel through 4.14.4 does not require the CAP_NET_ADMIN capability for new, get, and del operations, which allows local users to bypass intended access restrictions because the nfnl_cthelper_list data structure is shared across all
CVE-2017-13167	Hig	7.8	< 1-2.3.1	1-2.3.1	Dec 6, 2017	An elevation of privilege vulnerability in the kernel sound timer. Product: Android. Versions: Android kernel. Android ID A-37240993.
CVE-2017-15868	Hig	7.8	< 1-2.3.1	1-2.3.1	Dec 5, 2017	The bnep_add_connection function in net/bluetooth/bnep/core.c in the Linux kernel before 3.19 does not ensure that an l2cap socket is available, which allows local users to gain privileges via a crafted application.
CVE-2017-8824	Hig	7.8	< 1-2.3.1	1-2.3.1	Dec 5, 2017	The dccp_disconnect function in net/dccp/proto.c in the Linux kernel through 4.14.3 allows local users to gain privileges or cause a denial of service (use-after-free) via an AF_UNSPEC connect system call during the DCCP_LISTEN state.
CVE-2017-15115	Hig	7.8	< 1-2.3.1	1-2.3.1	Nov 15, 2017	The sctp_do_peeloff function in net/sctp/socket.c in the Linux kernel before 4.14 does not check whether the intended netns is used in a peel-off action, which allows local users to cause a denial of service (use-after-free and system crash) or possibly have unspecified other imp
CVE-2017-16538	Med	6.6	< 1-2.3.1	1-2.3.1	Nov 4, 2017	drivers/media/usb/dvb-usb-v2/lmedm04.c in the Linux kernel through 4.13.11 allows local users to cause a denial of service (general protection fault and system crash) or possibly have unspecified other impact via a crafted USB device, related to a missing warm-start check and inc
CVE-2017-16534	Med	6.8	< 1-2.3.1	1-2.3.1	Nov 4, 2017	The cdc_parse_cdc_header function in drivers/usb/core/message.c in the Linux kernel before 4.13.6 allows local users to cause a denial of service (out-of-bounds read and system crash) or possibly have unspecified other impact via a crafted USB device.
CVE-2017-11600	Hig	7.0	< 1-2.3.1	1-2.3.1	Jul 24, 2017	net/xfrm/xfrm_policy.c in the Linux kernel through 4.12.3, when CONFIG_XFRM_MIGRATE is enabled, does not ensure that the dir value of xfrm_userpolicy_id is XFRM_POLICY_MAX or less, which allows local users to cause a denial of service (out-of-bounds access) or possibly have unspe

CVE-2017-5754Jan 4, 2018
affected < 1-2.3.1fixed 1-2.3.1
Systems with microprocessors utilizing speculative execution and indirect branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis of the data cache.
CVE-2017-5753Jan 4, 2018
affected < 1-2.3.1fixed 1-2.3.1
Systems with microprocessors utilizing speculative execution and branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis.
CVE-2017-5715Jan 4, 2018
affected < 1-2.3.1fixed 1-2.3.1
Systems with microprocessors utilizing speculative execution and indirect branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis.
CVE-2017-17558MedDec 12, 2017
affected < 1-2.3.1fixed 1-2.3.1
The usb_destroy_configuration function in drivers/usb/core/config.c in the USB core subsystem in the Linux kernel through 4.14.5 does not consider the maximum number of configurations and interfaces before attempting to release resources, which allows local users to cause a denia
CVE-2017-17450HigDec 7, 2017
affected < 1-2.3.1fixed 1-2.3.1
net/netfilter/xt_osf.c in the Linux kernel through 4.14.4 does not require the CAP_NET_ADMIN capability for add_callback and remove_callback operations, which allows local users to bypass intended access restrictions because the xt_osf_fingers data structure is shared across all
CVE-2017-17449MedDec 7, 2017
affected < 1-2.3.1fixed 1-2.3.1
The __netlink_deliver_tap_skb function in net/netlink/af_netlink.c in the Linux kernel through 4.14.4, when CONFIG_NLMON is enabled, does not restrict observations of Netlink messages to a single net namespace, which allows local users to obtain sensitive information by leveragin
CVE-2017-17448HigDec 7, 2017
affected < 1-2.3.1fixed 1-2.3.1
net/netfilter/nfnetlink_cthelper.c in the Linux kernel through 4.14.4 does not require the CAP_NET_ADMIN capability for new, get, and del operations, which allows local users to bypass intended access restrictions because the nfnl_cthelper_list data structure is shared across all
CVE-2017-13167HigDec 6, 2017
affected < 1-2.3.1fixed 1-2.3.1
An elevation of privilege vulnerability in the kernel sound timer. Product: Android. Versions: Android kernel. Android ID A-37240993.
CVE-2017-15868HigDec 5, 2017
affected < 1-2.3.1fixed 1-2.3.1
The bnep_add_connection function in net/bluetooth/bnep/core.c in the Linux kernel before 3.19 does not ensure that an l2cap socket is available, which allows local users to gain privileges via a crafted application.
CVE-2017-8824HigDec 5, 2017
affected < 1-2.3.1fixed 1-2.3.1
The dccp_disconnect function in net/dccp/proto.c in the Linux kernel through 4.14.3 allows local users to gain privileges or cause a denial of service (use-after-free) via an AF_UNSPEC connect system call during the DCCP_LISTEN state.
CVE-2017-15115HigNov 15, 2017
affected < 1-2.3.1fixed 1-2.3.1
The sctp_do_peeloff function in net/sctp/socket.c in the Linux kernel before 4.14 does not check whether the intended netns is used in a peel-off action, which allows local users to cause a denial of service (use-after-free and system crash) or possibly have unspecified other imp
CVE-2017-16538MedNov 4, 2017
affected < 1-2.3.1fixed 1-2.3.1
drivers/media/usb/dvb-usb-v2/lmedm04.c in the Linux kernel through 4.13.11 allows local users to cause a denial of service (general protection fault and system crash) or possibly have unspecified other impact via a crafted USB device, related to a missing warm-start check and inc
CVE-2017-16534MedNov 4, 2017
affected < 1-2.3.1fixed 1-2.3.1
The cdc_parse_cdc_header function in drivers/usb/core/message.c in the Linux kernel before 4.13.6 allows local users to cause a denial of service (out-of-bounds read and system crash) or possibly have unspecified other impact via a crafted USB device.
CVE-2017-11600HigJul 24, 2017
affected < 1-2.3.1fixed 1-2.3.1
net/xfrm/xfrm_policy.c in the Linux kernel through 4.12.3, when CONFIG_XFRM_MIGRATE is enabled, does not ensure that the dir value of xfrm_userpolicy_id is XFRM_POLICY_MAX or less, which allows local users to cause a denial of service (out-of-bounds access) or possibly have unspe