rpm package

suse/kgraft-patch-SLE12-SP1_Update_32&distro=SUSE Linux Enterprise Server for SAP Applications 12 SP1

pkg:rpm/suse/kgraft-patch-SLE12-SP1_Update_32&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP1

Vulnerabilities (10)

CVE	CVSS	Affected versions	Fixed in	Published	Description
CVE-2019-14835	—	< 9-2.1	9-2.1	Sep 17, 2019	A buffer overflow flaw was found, in versions from 2.6.34 to 5.2.x, in the way Linux kernel's vhost functionality that translates virtqueue buffers to IOVs, logged the buffer descriptors during migration. A privileged guest user able to pass descriptors with invalid length to the
CVE-2019-11478	—	< 7-2.1	7-2.1	Jun 18, 2019	Jonathan Looney discovered that the TCP retransmission queue implementation in tcp_fragment in the Linux kernel could be fragmented when handling certain TCP Selective Acknowledgment (SACK) sequences. A remote attacker could use this to cause a denial of service. This has been fi
CVE-2019-11477	—	< 7-2.1	7-2.1	Jun 18, 2019	Jonathan Looney discovered that the TCP_SKB_CB(skb)->tcp_gso_segs value was subject to an integer overflow in the Linux kernel when handling TCP Selective Acknowledgments (SACKs). A remote attacker could use this to cause a denial of service. This has been fixed in stable kernel
CVE-2019-3846	—	< 7-2.1	7-2.1	Jun 3, 2019	A flaw that allowed an attacker to corrupt memory and possibly escalate privileges was found in the mwifiex kernel module while connecting to a malicious wireless network.
CVE-2019-11487	—	< 7-2.1	7-2.1	Apr 23, 2019	The Linux kernel before 5.1-rc5 allows page->_refcount reference count overflow, with resultant use-after-free issues, if about 140 GiB of RAM exists. This is related to fs/fuse/dev.c, fs/pipe.c, fs/splice.c, include/linux/mm.h, include/linux/pipe_fs_i.h, kernel/trace/trace.c, mm
CVE-2019-7221	—	< 6-2.1	6-2.1	Mar 17, 2019	The KVM implementation in the Linux kernel through 4.20.5 has a Use-after-Free.
CVE-2019-9213	—	< 6-2.1	6-2.1	Mar 5, 2019	In the Linux kernel before 4.20.14, expand_downwards in mm/mmap.c lacks a check for the mmap minimum address, which makes it easier for attackers to exploit kernel NULL pointer dereferences on non-SMAP platforms. This is related to a capability check for the wrong task.
CVE-2019-6974	—	< 6-2.1	6-2.1	Feb 15, 2019	In the Linux kernel before 4.20.8, kvm_ioctl_create_device in virt/kvm/kvm_main.c mishandles reference counting because of a race condition, leading to a use-after-free.
CVE-2018-17182	—	< 1-2.3.1	1-2.3.1	Sep 19, 2018	An issue was discovered in the Linux kernel through 4.18.8. The vmacache_flush_all function in mm/vmacache.c mishandles sequence number overflows. An attacker can trigger a use-after-free (and possibly gain privileges) via certain thread creation, map, unmap, invalidation, and de
CVE-2018-5391	—	< 6-2.1	6-2.1	Sep 6, 2018	The Linux kernel, versions 3.9+, is vulnerable to a denial of service attack with low rates of specially modified packets targeting IP fragment re-assembly. An attacker may cause a denial of service condition by sending specially crafted IP fragments. Various vulnerabilities in I

CVE-2019-14835Sep 17, 2019
affected < 9-2.1fixed 9-2.1
A buffer overflow flaw was found, in versions from 2.6.34 to 5.2.x, in the way Linux kernel's vhost functionality that translates virtqueue buffers to IOVs, logged the buffer descriptors during migration. A privileged guest user able to pass descriptors with invalid length to the
CVE-2019-11478Jun 18, 2019
affected < 7-2.1fixed 7-2.1
Jonathan Looney discovered that the TCP retransmission queue implementation in tcp_fragment in the Linux kernel could be fragmented when handling certain TCP Selective Acknowledgment (SACK) sequences. A remote attacker could use this to cause a denial of service. This has been fi
CVE-2019-11477Jun 18, 2019
affected < 7-2.1fixed 7-2.1
Jonathan Looney discovered that the TCP_SKB_CB(skb)->tcp_gso_segs value was subject to an integer overflow in the Linux kernel when handling TCP Selective Acknowledgments (SACKs). A remote attacker could use this to cause a denial of service. This has been fixed in stable kernel
CVE-2019-3846Jun 3, 2019
affected < 7-2.1fixed 7-2.1
A flaw that allowed an attacker to corrupt memory and possibly escalate privileges was found in the mwifiex kernel module while connecting to a malicious wireless network.
CVE-2019-11487Apr 23, 2019
affected < 7-2.1fixed 7-2.1
The Linux kernel before 5.1-rc5 allows page->_refcount reference count overflow, with resultant use-after-free issues, if about 140 GiB of RAM exists. This is related to fs/fuse/dev.c, fs/pipe.c, fs/splice.c, include/linux/mm.h, include/linux/pipe_fs_i.h, kernel/trace/trace.c, mm
CVE-2019-7221Mar 17, 2019
affected < 6-2.1fixed 6-2.1
The KVM implementation in the Linux kernel through 4.20.5 has a Use-after-Free.
CVE-2019-9213Mar 5, 2019
affected < 6-2.1fixed 6-2.1
In the Linux kernel before 4.20.14, expand_downwards in mm/mmap.c lacks a check for the mmap minimum address, which makes it easier for attackers to exploit kernel NULL pointer dereferences on non-SMAP platforms. This is related to a capability check for the wrong task.
CVE-2019-6974Feb 15, 2019
affected < 6-2.1fixed 6-2.1
In the Linux kernel before 4.20.8, kvm_ioctl_create_device in virt/kvm/kvm_main.c mishandles reference counting because of a race condition, leading to a use-after-free.
CVE-2018-17182Sep 19, 2018
affected < 1-2.3.1fixed 1-2.3.1
An issue was discovered in the Linux kernel through 4.18.8. The vmacache_flush_all function in mm/vmacache.c mishandles sequence number overflows. An attacker can trigger a use-after-free (and possibly gain privileges) via certain thread creation, map, unmap, invalidation, and de
CVE-2018-5391Sep 6, 2018
affected < 6-2.1fixed 6-2.1
The Linux kernel, versions 3.9+, is vulnerable to a denial of service attack with low rates of specially modified packets targeting IP fragment re-assembly. An attacker may cause a denial of service condition by sending specially crafted IP fragments. Various vulnerabilities in I