rpm package
suse/kgraft-patch-SLE12-SP2_Update_2&distro=SUSE Linux Enterprise Live Patching 12
pkg:rpm/suse/kgraft-patch-SLE12-SP2_Update_2&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2012
Vulnerabilities (25)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2016-9794 | Hig | 7.8 | < 2-2.1 | 2-2.1 | Dec 28, 2016 | Race condition in the snd_pcm_period_elapsed function in sound/core/pcm_lib.c in the ALSA subsystem in the Linux kernel before 4.7 allows local users to cause a denial of service (use-after-free) or possibly have unspecified other impact via a crafted SNDRV_PCM_TRIGGER_START comm | |
| CVE-2016-9576 | Hig | 7.8 | < 2-2.1 | 2-2.1 | Dec 28, 2016 | The blk_rq_map_user_iov function in block/blk-map.c in the Linux kernel before 4.8.14 does not properly restrict the type of iterator, which allows local users to read or write to arbitrary kernel memory locations or cause a denial of service (use-after-free) by leveraging access | |
| CVE-2016-8655 | Hig | 7.8 | < 1-2.1 | 1-2.1 | Dec 8, 2016 | Race condition in net/packet/af_packet.c in the Linux kernel through 4.8.12 allows local users to gain privileges or cause a denial of service (use-after-free) by leveraging the CAP_NET_RAW capability to change a socket version, related to the packet_set_ring and packet_setsockop | |
| CVE-2016-9555 | Cri | 9.8 | < 1-2.1 | 1-2.1 | Nov 28, 2016 | The sctp_sf_ootb function in net/sctp/sm_statefuns.c in the Linux kernel before 4.8.8 lacks chunk-length checking for the first chunk, which allows remote attackers to cause a denial of service (out-of-bounds slab access) or possibly have unspecified other impact via crafted SCTP | |
| CVE-2016-8632 | Hig | 7.8 | < 1-2.1 | 1-2.1 | Nov 28, 2016 | The tipc_msg_build function in net/tipc/msg.c in the Linux kernel through 4.8.11 does not validate the relationship between the minimum fragment length and the maximum packet size, which allows local users to gain privileges or cause a denial of service (heap-based buffer overflo |
- affected < 2-2.1fixed 2-2.1
Race condition in the snd_pcm_period_elapsed function in sound/core/pcm_lib.c in the ALSA subsystem in the Linux kernel before 4.7 allows local users to cause a denial of service (use-after-free) or possibly have unspecified other impact via a crafted SNDRV_PCM_TRIGGER_START comm
- affected < 2-2.1fixed 2-2.1
The blk_rq_map_user_iov function in block/blk-map.c in the Linux kernel before 4.8.14 does not properly restrict the type of iterator, which allows local users to read or write to arbitrary kernel memory locations or cause a denial of service (use-after-free) by leveraging access
- affected < 1-2.1fixed 1-2.1
Race condition in net/packet/af_packet.c in the Linux kernel through 4.8.12 allows local users to gain privileges or cause a denial of service (use-after-free) by leveraging the CAP_NET_RAW capability to change a socket version, related to the packet_set_ring and packet_setsockop
- affected < 1-2.1fixed 1-2.1
The sctp_sf_ootb function in net/sctp/sm_statefuns.c in the Linux kernel before 4.8.8 lacks chunk-length checking for the first chunk, which allows remote attackers to cause a denial of service (out-of-bounds slab access) or possibly have unspecified other impact via crafted SCTP
- affected < 1-2.1fixed 1-2.1
The tipc_msg_build function in net/tipc/msg.c in the Linux kernel through 4.8.11 does not validate the relationship between the minimum fragment length and the maximum packet size, which allows local users to gain privileges or cause a denial of service (heap-based buffer overflo
Page 2 of 2