VYPR

rpm package

suse/kgraft-patch-SLE12-SP1_Update_37&distro=SUSE Linux Enterprise Server 12 SP1-LTSS

pkg:rpm/suse/kgraft-patch-SLE12-SP1_Update_37&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP1-LTSS

Vulnerabilities (47)

  • CVE-2016-10906Aug 19, 2019
    affected < 1-2.3.1fixed 1-2.3.1

    An issue was discovered in drivers/net/ethernet/arc/emac_main.c in the Linux kernel before 4.5. A use-after-free is caused by a race condition between the functions arc_emac_tx and arc_emac_tx_clean.

  • CVE-2017-18551Aug 19, 2019
    affected < 1-2.3.1fixed 1-2.3.1

    An issue was discovered in drivers/i2c/i2c-core-smbus.c in the Linux kernel before 4.14.15. There is an out of bounds write in the function i2c_smbus_xfer_emulated.

  • CVE-2019-15118Aug 16, 2019
    affected < 1-2.3.1fixed 1-2.3.1

    check_input_term in sound/usb/mixer.c in the Linux kernel through 5.2.9 mishandles recursion, leading to kernel stack exhaustion.

  • CVE-2019-15098Aug 16, 2019
    affected < 1-2.3.1fixed 1-2.3.1

    drivers/net/wireless/ath/ath6kl/usb.c in the Linux kernel through 5.2.9 has a NULL pointer dereference via an incomplete address in an endpoint descriptor.

  • CVE-2019-9506Aug 14, 2019
    affected < 1-2.3.1fixed 1-2.3.1

    The Bluetooth BR/EDR specification up to and including version 5.1 permits sufficiently low encryption key length and does not prevent an attacker from influencing the key length negotiation. This allows practical brute-force attacks (aka "KNOB") that can decrypt traffic and inje

  • CVE-2017-18509Aug 13, 2019
    affected < 1-2.3.1fixed 1-2.3.1

    An issue was discovered in net/ipv6/ip6mr.c in the Linux kernel before 4.11. By setting a specific socket option, an attacker can control a pointer in kernel land and cause an inet_csk_listen_stop general protection fault, or potentially execute arbitrary code under certain circu

  • CVE-2019-11477Jun 18, 2019
    affected < 1-2.3.1fixed 1-2.3.1

    Jonathan Looney discovered that the TCP_SKB_CB(skb)->tcp_gso_segs value was subject to an integer overflow in the Linux kernel when handling TCP Selective Acknowledgments (SACKs). A remote attacker could use this to cause a denial of service. This has been fixed in stable kernel

Page 3 of 3