rpm package
suse/kgraft-patch-SLE12-SP2_Update_0&distro=SUSE Linux Enterprise Live Patching 12
pkg:rpm/suse/kgraft-patch-SLE12-SP2_Update_0&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2012
Vulnerabilities (22)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2016-9555 | Cri | 9.8 | < 2-5.1 | 2-5.1 | Nov 28, 2016 | The sctp_sf_ootb function in net/sctp/sm_statefuns.c in the Linux kernel before 4.8.8 lacks chunk-length checking for the first chunk, which allows remote attackers to cause a denial of service (out-of-bounds slab access) or possibly have unspecified other impact via crafted SCTP | |
| CVE-2016-8632 | Hig | 7.8 | < 3-8.2 | 3-8.2 | Nov 28, 2016 | The tipc_msg_build function in net/tipc/msg.c in the Linux kernel through 4.8.11 does not validate the relationship between the minimum fragment length and the maximum packet size, which allows local users to gain privileges or cause a denial of service (heap-based buffer overflo |
- affected < 2-5.1fixed 2-5.1
The sctp_sf_ootb function in net/sctp/sm_statefuns.c in the Linux kernel before 4.8.8 lacks chunk-length checking for the first chunk, which allows remote attackers to cause a denial of service (out-of-bounds slab access) or possibly have unspecified other impact via crafted SCTP
- affected < 3-8.2fixed 3-8.2
The tipc_msg_build function in net/tipc/msg.c in the Linux kernel through 4.8.11 does not validate the relationship between the minimum fragment length and the maximum packet size, which allows local users to gain privileges or cause a denial of service (heap-based buffer overflo
Page 2 of 2