rpm package
suse/kgraft-patch-SLE12-SP2_Update_21&distro=SUSE Linux Enterprise Server 12 SP2-BCL
pkg:rpm/suse/kgraft-patch-SLE12-SP2_Update_21&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP2-BCL
Vulnerabilities (9)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2018-1087 | — | < 1-3.3.1 | 1-3.3.1 | May 15, 2018 | kernel KVM before versions kernel 4.16, kernel 4.16-rc7, kernel 4.17-rc1, kernel 4.17-rc2 and kernel 4.17-rc3 is vulnerable to a flaw in the way the Linux kernel's KVM hypervisor handled exceptions delivered after a stack switch operation via Mov SS or Pop SS instructions. During | ||
| CVE-2018-8897 | — | < 1-3.3.1 | 1-3.3.1 | May 8, 2018 | A statement in the System Programming Guide of the Intel 64 and IA-32 Architectures Software Developer's Manual (SDM) was mishandled in the development of some or all operating-system kernels, resulting in unexpected behavior for #DB exceptions that are deferred by MOV SS or POP | ||
| CVE-2018-8781 | — | < 1-3.3.1 | 1-3.3.1 | Apr 23, 2018 | The udl_fb_mmap function in drivers/gpu/drm/udl/udl_fb.c at the Linux kernel version 3.4 and up to and including 4.15 has an integer-overflow vulnerability allowing local users with access to the udldrmfb driver to obtain full read and write permissions on kernel physical pages, | ||
| CVE-2018-10124 | — | < 1-3.3.1 | 1-3.3.1 | Apr 16, 2018 | The kill_something_info function in kernel/signal.c in the Linux kernel before 4.13, when an unspecified architecture and compiler is used, might allow local users to cause a denial of service via an INT_MIN argument. | ||
| CVE-2018-10087 | — | < 1-3.3.1 | 1-3.3.1 | Apr 13, 2018 | The kernel_wait4 function in kernel/exit.c in the Linux kernel before 4.13, when an unspecified architecture and compiler is used, might allow local users to cause a denial of service by triggering an attempted use of the -INT_MIN value. | ||
| CVE-2017-18257 | — | < 1-3.3.1 | 1-3.3.1 | Apr 4, 2018 | The __get_data_block function in fs/f2fs/data.c in the Linux kernel before 4.11 allows local users to cause a denial of service (integer overflow and loop) via crafted use of the open and fallocate system calls with an FS_IOC_FIEMAP ioctl. | ||
| CVE-2018-8822 | — | < 1-3.3.1 | 1-3.3.1 | Mar 20, 2018 | Incorrect buffer length handling in the ncp_read_kernel function in fs/ncpfs/ncplib_kernel.c in the Linux kernel through 4.15.11, and in drivers/staging/ncpfs/ncplib_kernel.c in the Linux kernel 4.16-rc through 4.16-rc6, could be exploited by malicious NCPFS servers to crash the | ||
| CVE-2018-8043 | — | < 1-3.3.1 | 1-3.3.1 | Mar 10, 2018 | The unimac_mdio_probe function in drivers/net/phy/mdio-bcm-unimac.c in the Linux kernel through 4.15.8 does not validate certain resource availability, which allows local users to cause a denial of service (NULL pointer dereference). | ||
| CVE-2018-7740 | — | < 1-3.3.1 | 1-3.3.1 | Mar 7, 2018 | The resv_map_release function in mm/hugetlb.c in the Linux kernel through 4.15.7 allows local users to cause a denial of service (BUG) via a crafted application that makes mmap system calls and has a large pgoff argument to the remap_file_pages system call. |
- CVE-2018-1087May 15, 2018affected < 1-3.3.1fixed 1-3.3.1
kernel KVM before versions kernel 4.16, kernel 4.16-rc7, kernel 4.17-rc1, kernel 4.17-rc2 and kernel 4.17-rc3 is vulnerable to a flaw in the way the Linux kernel's KVM hypervisor handled exceptions delivered after a stack switch operation via Mov SS or Pop SS instructions. During
- CVE-2018-8897May 8, 2018affected < 1-3.3.1fixed 1-3.3.1
A statement in the System Programming Guide of the Intel 64 and IA-32 Architectures Software Developer's Manual (SDM) was mishandled in the development of some or all operating-system kernels, resulting in unexpected behavior for #DB exceptions that are deferred by MOV SS or POP
- CVE-2018-8781Apr 23, 2018affected < 1-3.3.1fixed 1-3.3.1
The udl_fb_mmap function in drivers/gpu/drm/udl/udl_fb.c at the Linux kernel version 3.4 and up to and including 4.15 has an integer-overflow vulnerability allowing local users with access to the udldrmfb driver to obtain full read and write permissions on kernel physical pages,
- CVE-2018-10124Apr 16, 2018affected < 1-3.3.1fixed 1-3.3.1
The kill_something_info function in kernel/signal.c in the Linux kernel before 4.13, when an unspecified architecture and compiler is used, might allow local users to cause a denial of service via an INT_MIN argument.
- CVE-2018-10087Apr 13, 2018affected < 1-3.3.1fixed 1-3.3.1
The kernel_wait4 function in kernel/exit.c in the Linux kernel before 4.13, when an unspecified architecture and compiler is used, might allow local users to cause a denial of service by triggering an attempted use of the -INT_MIN value.
- CVE-2017-18257Apr 4, 2018affected < 1-3.3.1fixed 1-3.3.1
The __get_data_block function in fs/f2fs/data.c in the Linux kernel before 4.11 allows local users to cause a denial of service (integer overflow and loop) via crafted use of the open and fallocate system calls with an FS_IOC_FIEMAP ioctl.
- CVE-2018-8822Mar 20, 2018affected < 1-3.3.1fixed 1-3.3.1
Incorrect buffer length handling in the ncp_read_kernel function in fs/ncpfs/ncplib_kernel.c in the Linux kernel through 4.15.11, and in drivers/staging/ncpfs/ncplib_kernel.c in the Linux kernel 4.16-rc through 4.16-rc6, could be exploited by malicious NCPFS servers to crash the
- CVE-2018-8043Mar 10, 2018affected < 1-3.3.1fixed 1-3.3.1
The unimac_mdio_probe function in drivers/net/phy/mdio-bcm-unimac.c in the Linux kernel through 4.15.8 does not validate certain resource availability, which allows local users to cause a denial of service (NULL pointer dereference).
- CVE-2018-7740Mar 7, 2018affected < 1-3.3.1fixed 1-3.3.1
The resv_map_release function in mm/hugetlb.c in the Linux kernel through 4.15.7 allows local users to cause a denial of service (BUG) via a crafted application that makes mmap system calls and has a large pgoff argument to the remap_file_pages system call.