rpm package
suse/kgraft-patch-SLE12-SP1_Update_26&distro=SUSE Linux Enterprise Server for SAP Applications 12 SP1
pkg:rpm/suse/kgraft-patch-SLE12-SP1_Update_26&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP1
Vulnerabilities (32)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2019-7221 | — | < 12-2.1 | 12-2.1 | Mar 17, 2019 | The KVM implementation in the Linux kernel through 4.20.5 has a Use-after-Free. | ||
| CVE-2019-9213 | — | < 12-2.1 | 12-2.1 | Mar 5, 2019 | In the Linux kernel before 4.20.14, expand_downwards in mm/mmap.c lacks a check for the mmap minimum address, which makes it easier for attackers to exploit kernel NULL pointer dereferences on non-SMAP platforms. This is related to a capability check for the wrong task. | ||
| CVE-2019-6974 | — | < 12-2.1 | 12-2.1 | Feb 15, 2019 | In the Linux kernel before 4.20.8, kvm_ioctl_create_device in virt/kvm/kvm_main.c mishandles reference counting because of a race condition, leading to a use-after-free. | ||
| CVE-2018-10853 | — | < 6-2.1 | 6-2.1 | Sep 11, 2018 | A flaw was found in the way Linux kernel KVM hypervisor before 4.18 emulated instructions such as sgdt/sidt/fxsave/fxrstor. It did not check current privilege(CPL) level while emulating unprivileged instructions. An unprivileged guest user/process could use this flaw to potential | ||
| CVE-2018-5391 | — | < 12-2.1 | 12-2.1 | Sep 6, 2018 | The Linux kernel, versions 3.9+, is vulnerable to a denial of service attack with low rates of specially modified packets targeting IP fragment re-assembly. An attacker may cause a denial of service condition by sending specially crafted IP fragments. Various vulnerabilities in I | ||
| CVE-2018-10902 | — | < 7-2.1 | 7-2.1 | Aug 21, 2018 | It was found that the raw midi kernel driver does not protect against concurrent access which leads to a double realloc (double free) in snd_rawmidi_input_params() and snd_rawmidi_output_status() which are part of snd_rawmidi_ioctl() handler in rawmidi.c file. A malicious local a | ||
| CVE-2018-3646 | — | < 6-2.1 | 6-2.1 | Aug 14, 2018 | Systems with microprocessors utilizing speculative execution and address translations may allow unauthorized disclosure of information residing in the L1 data cache to an attacker with local user access with guest OS privilege via a terminal page fault and a side-channel analysis | ||
| CVE-2018-5390 | — | < 7-2.1 | 7-2.1 | Aug 6, 2018 | Linux kernel versions 4.9+ can be forced to make very expensive calls to tcp_collapse_ofo_queue() and tcp_prune_ofo_queue() for every incoming packet which can lead to a denial of service. | ||
| CVE-2018-3665 | — | < 5-2.1 | 5-2.1 | Jun 21, 2018 | System software utilizing Lazy FP state restore technique on systems using Intel Core-based microprocessors may potentially allow a local process to infer data from another process through a speculative execution side channel. | ||
| CVE-2018-1000199 | — | < 3-2.1 | 3-2.1 | May 24, 2018 | The Linux Kernel version 3.18 contains a dangerous feature vulnerability in modify_user_hw_breakpoint() that can result in crash and possibly memory corruption. This attack appear to be exploitable via local code execution and the ability to use ptrace. This vulnerability appears | ||
| CVE-2018-8897 | — | < 4-2.1 | 4-2.1 | May 8, 2018 | A statement in the System Programming Guide of the Intel 64 and IA-32 Architectures Software Developer's Manual (SDM) was mishandled in the development of some or all operating-system kernels, resulting in unexpected behavior for #DB exceptions that are deferred by MOV SS or POP | ||
| CVE-2018-8781 | — | < 4-2.1 | 4-2.1 | Apr 23, 2018 | The udl_fb_mmap function in drivers/gpu/drm/udl/udl_fb.c at the Linux kernel version 3.4 and up to and including 4.15 has an integer-overflow vulnerability allowing local users with access to the udldrmfb driver to obtain full read and write permissions on kernel physical pages, | ||
| CVE-2018-7566 | — | < 1-2.3.1 | 1-2.3.1 | Mar 30, 2018 | The Linux kernel 4.15 has a Buffer Overflow via an SNDRV_SEQ_IOCTL_SET_CLIENT_POOL ioctl write operation to /dev/snd/seq by a local user. | ||
| CVE-2018-1068 | — | < 1-2.3.1 | 1-2.3.1 | Mar 16, 2018 | A flaw was found in the Linux 4.x kernel's implementation of 32-bit syscall interface for bridging. This allowed a privileged user to arbitrarily write to a limited range of kernel memory. | ||
| CVE-2017-18221 | — | < 1-2.3.1 | 1-2.3.1 | Mar 7, 2018 | The __munlock_pagevec function in mm/mlock.c in the Linux kernel before 4.11.4 allows local users to cause a denial of service (NR_MLOCK accounting corruption) via crafted use of mlockall and munlockall system calls. | ||
| CVE-2018-1066 | — | < 1-2.3.1 | 1-2.3.1 | Mar 2, 2018 | The Linux kernel before version 4.11 is vulnerable to a NULL pointer dereference in fs/cifs/cifsencrypt.c:setup_ntlmv2_rsp() that allows an attacker controlling a CIFS server to kernel panic a client that has this server mounted, because an empty TargetInfo field in an NTLMSSP se | ||
| CVE-2017-18208 | — | < 1-2.3.1 | 1-2.3.1 | Mar 1, 2018 | The madvise_willneed function in mm/madvise.c in the Linux kernel before 4.14.4 allows local users to cause a denial of service (infinite loop) by triggering use of MADVISE_WILLNEED for a DAX mapping. | ||
| CVE-2017-18204 | — | < 1-2.3.1 | 1-2.3.1 | Feb 27, 2018 | The ocfs2_setattr function in fs/ocfs2/file.c in the Linux kernel before 4.14.2 allows local users to cause a denial of service (deadlock) via DIO requests. | ||
| CVE-2018-6927 | — | < 1-2.3.1 | 1-2.3.1 | Feb 12, 2018 | The futex_requeue function in kernel/futex.c in the Linux kernel before 4.14.15 might allow attackers to cause a denial of service (integer overflow) or possibly have unspecified other impact by triggering a negative wake or requeue value. | ||
| CVE-2017-16914 | — | < 1-2.3.1 | 1-2.3.1 | Jan 31, 2018 | The "stub_send_ret_submit()" function (drivers/usb/usbip/stub_tx.c) in the Linux Kernel before version 4.14.8, 4.9.71, 4.1.49, and 4.4.107 allows attackers to cause a denial of service (NULL pointer dereference) via a specially crafted USB over IP packet. |
- CVE-2019-7221Mar 17, 2019affected < 12-2.1fixed 12-2.1
The KVM implementation in the Linux kernel through 4.20.5 has a Use-after-Free.
- CVE-2019-9213Mar 5, 2019affected < 12-2.1fixed 12-2.1
In the Linux kernel before 4.20.14, expand_downwards in mm/mmap.c lacks a check for the mmap minimum address, which makes it easier for attackers to exploit kernel NULL pointer dereferences on non-SMAP platforms. This is related to a capability check for the wrong task.
- CVE-2019-6974Feb 15, 2019affected < 12-2.1fixed 12-2.1
In the Linux kernel before 4.20.8, kvm_ioctl_create_device in virt/kvm/kvm_main.c mishandles reference counting because of a race condition, leading to a use-after-free.
- CVE-2018-10853Sep 11, 2018affected < 6-2.1fixed 6-2.1
A flaw was found in the way Linux kernel KVM hypervisor before 4.18 emulated instructions such as sgdt/sidt/fxsave/fxrstor. It did not check current privilege(CPL) level while emulating unprivileged instructions. An unprivileged guest user/process could use this flaw to potential
- CVE-2018-5391Sep 6, 2018affected < 12-2.1fixed 12-2.1
The Linux kernel, versions 3.9+, is vulnerable to a denial of service attack with low rates of specially modified packets targeting IP fragment re-assembly. An attacker may cause a denial of service condition by sending specially crafted IP fragments. Various vulnerabilities in I
- CVE-2018-10902Aug 21, 2018affected < 7-2.1fixed 7-2.1
It was found that the raw midi kernel driver does not protect against concurrent access which leads to a double realloc (double free) in snd_rawmidi_input_params() and snd_rawmidi_output_status() which are part of snd_rawmidi_ioctl() handler in rawmidi.c file. A malicious local a
- CVE-2018-3646Aug 14, 2018affected < 6-2.1fixed 6-2.1
Systems with microprocessors utilizing speculative execution and address translations may allow unauthorized disclosure of information residing in the L1 data cache to an attacker with local user access with guest OS privilege via a terminal page fault and a side-channel analysis
- CVE-2018-5390Aug 6, 2018affected < 7-2.1fixed 7-2.1
Linux kernel versions 4.9+ can be forced to make very expensive calls to tcp_collapse_ofo_queue() and tcp_prune_ofo_queue() for every incoming packet which can lead to a denial of service.
- CVE-2018-3665Jun 21, 2018affected < 5-2.1fixed 5-2.1
System software utilizing Lazy FP state restore technique on systems using Intel Core-based microprocessors may potentially allow a local process to infer data from another process through a speculative execution side channel.
- CVE-2018-1000199May 24, 2018affected < 3-2.1fixed 3-2.1
The Linux Kernel version 3.18 contains a dangerous feature vulnerability in modify_user_hw_breakpoint() that can result in crash and possibly memory corruption. This attack appear to be exploitable via local code execution and the ability to use ptrace. This vulnerability appears
- CVE-2018-8897May 8, 2018affected < 4-2.1fixed 4-2.1
A statement in the System Programming Guide of the Intel 64 and IA-32 Architectures Software Developer's Manual (SDM) was mishandled in the development of some or all operating-system kernels, resulting in unexpected behavior for #DB exceptions that are deferred by MOV SS or POP
- CVE-2018-8781Apr 23, 2018affected < 4-2.1fixed 4-2.1
The udl_fb_mmap function in drivers/gpu/drm/udl/udl_fb.c at the Linux kernel version 3.4 and up to and including 4.15 has an integer-overflow vulnerability allowing local users with access to the udldrmfb driver to obtain full read and write permissions on kernel physical pages,
- CVE-2018-7566Mar 30, 2018affected < 1-2.3.1fixed 1-2.3.1
The Linux kernel 4.15 has a Buffer Overflow via an SNDRV_SEQ_IOCTL_SET_CLIENT_POOL ioctl write operation to /dev/snd/seq by a local user.
- CVE-2018-1068Mar 16, 2018affected < 1-2.3.1fixed 1-2.3.1
A flaw was found in the Linux 4.x kernel's implementation of 32-bit syscall interface for bridging. This allowed a privileged user to arbitrarily write to a limited range of kernel memory.
- CVE-2017-18221Mar 7, 2018affected < 1-2.3.1fixed 1-2.3.1
The __munlock_pagevec function in mm/mlock.c in the Linux kernel before 4.11.4 allows local users to cause a denial of service (NR_MLOCK accounting corruption) via crafted use of mlockall and munlockall system calls.
- CVE-2018-1066Mar 2, 2018affected < 1-2.3.1fixed 1-2.3.1
The Linux kernel before version 4.11 is vulnerable to a NULL pointer dereference in fs/cifs/cifsencrypt.c:setup_ntlmv2_rsp() that allows an attacker controlling a CIFS server to kernel panic a client that has this server mounted, because an empty TargetInfo field in an NTLMSSP se
- CVE-2017-18208Mar 1, 2018affected < 1-2.3.1fixed 1-2.3.1
The madvise_willneed function in mm/madvise.c in the Linux kernel before 4.14.4 allows local users to cause a denial of service (infinite loop) by triggering use of MADVISE_WILLNEED for a DAX mapping.
- CVE-2017-18204Feb 27, 2018affected < 1-2.3.1fixed 1-2.3.1
The ocfs2_setattr function in fs/ocfs2/file.c in the Linux kernel before 4.14.2 allows local users to cause a denial of service (deadlock) via DIO requests.
- CVE-2018-6927Feb 12, 2018affected < 1-2.3.1fixed 1-2.3.1
The futex_requeue function in kernel/futex.c in the Linux kernel before 4.14.15 might allow attackers to cause a denial of service (integer overflow) or possibly have unspecified other impact by triggering a negative wake or requeue value.
- CVE-2017-16914Jan 31, 2018affected < 1-2.3.1fixed 1-2.3.1
The "stub_send_ret_submit()" function (drivers/usb/usbip/stub_tx.c) in the Linux Kernel before version 4.14.8, 4.9.71, 4.1.49, and 4.4.107 allows attackers to cause a denial of service (NULL pointer dereference) via a specially crafted USB over IP packet.
Page 1 of 2