rpm package
suse/kgraft-patch-SLE12-SP2_Update_24&distro=SUSE Linux Enterprise Server 12 SP2-BCL
pkg:rpm/suse/kgraft-patch-SLE12-SP2_Update_24&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP2-BCL
Vulnerabilities (11)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2018-9385 | — | < 1-3.7.1 | 1-3.7.1 | Nov 6, 2018 | In driver_override_store of bus.c, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Andro | ||
| CVE-2018-5391 | — | < 1-3.7.1 | 1-3.7.1 | Sep 6, 2018 | The Linux kernel, versions 3.9+, is vulnerable to a denial of service attack with low rates of specially modified packets targeting IP fragment re-assembly. An attacker may cause a denial of service condition by sending specially crafted IP fragments. Various vulnerabilities in I | ||
| CVE-2018-3646 | — | < 1-3.7.1 | 1-3.7.1 | Aug 14, 2018 | Systems with microprocessors utilizing speculative execution and address translations may allow unauthorized disclosure of information residing in the L1 data cache to an attacker with local user access with guest OS privilege via a terminal page fault and a side-channel analysis | ||
| CVE-2018-3620 | — | < 1-3.7.1 | 1-3.7.1 | Aug 14, 2018 | Systems with microprocessors utilizing speculative execution and address translations may allow unauthorized disclosure of information residing in the L1 data cache to an attacker with local user access via a terminal page fault and a side-channel analysis. | ||
| CVE-2018-5390 | — | < 1-3.7.1 | 1-3.7.1 | Aug 6, 2018 | Linux kernel versions 4.9+ can be forced to make very expensive calls to tcp_collapse_ofo_queue() and tcp_prune_ofo_queue() for every incoming packet which can lead to a denial of service. | ||
| CVE-2018-14734 | — | < 1-3.7.1 | 1-3.7.1 | Jul 29, 2018 | drivers/infiniband/core/ucma.c in the Linux kernel through 4.17.11 allows ucma_leave_multicast to access a certain data structure after a cleanup step in ucma_process_join, which allows attackers to cause a denial of service (use-after-free). | ||
| CVE-2017-18344 | — | < 1-3.7.1 | 1-3.7.1 | Jul 26, 2018 | The timer_create syscall implementation in kernel/time/posix-timers.c in the Linux kernel before 4.14.8 doesn't properly validate the sigevent->sigev_notify field, which leads to out-of-bounds access in the show_timer function (called when /proc/$PID/timers is read). This allows | ||
| CVE-2018-13406 | — | < 1-3.7.1 | 1-3.7.1 | Jul 6, 2018 | An integer overflow in the uvesafb_setcmap function in drivers/video/fbdev/uvesafb.c in the Linux kernel before 4.17.4 could result in local attackers being able to crash the kernel or potentially elevate privileges because kmalloc_array is not used. | ||
| CVE-2018-13405 | — | < 1-3.7.1 | 1-3.7.1 | Jul 6, 2018 | The inode_init_owner function in fs/inode.c in the Linux kernel through 3.16 allows local users to create files with an unintended group ownership, in a scenario where a directory is SGID to a certain group and is writable by a user who is not a member of that group. Here, the no | ||
| CVE-2018-13053 | — | < 1-3.7.1 | 1-3.7.1 | Jul 2, 2018 | The alarm_timer_nsleep function in kernel/time/alarmtimer.c in the Linux kernel through 4.17.3 has an integer overflow via a large relative timeout because ktime_add_safe is not used. | ||
| CVE-2018-5814 | — | < 1-3.7.1 | 1-3.7.1 | Jun 12, 2018 | In the Linux Kernel before version 4.16.11, 4.14.43, 4.9.102, and 4.4.133, multiple race condition errors when handling probe, disconnect, and rebind operations can be exploited to trigger a use-after-free condition or a NULL pointer dereference by sending multiple USB over IP pa |
- CVE-2018-9385Nov 6, 2018affected < 1-3.7.1fixed 1-3.7.1
In driver_override_store of bus.c, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Andro
- CVE-2018-5391Sep 6, 2018affected < 1-3.7.1fixed 1-3.7.1
The Linux kernel, versions 3.9+, is vulnerable to a denial of service attack with low rates of specially modified packets targeting IP fragment re-assembly. An attacker may cause a denial of service condition by sending specially crafted IP fragments. Various vulnerabilities in I
- CVE-2018-3646Aug 14, 2018affected < 1-3.7.1fixed 1-3.7.1
Systems with microprocessors utilizing speculative execution and address translations may allow unauthorized disclosure of information residing in the L1 data cache to an attacker with local user access with guest OS privilege via a terminal page fault and a side-channel analysis
- CVE-2018-3620Aug 14, 2018affected < 1-3.7.1fixed 1-3.7.1
Systems with microprocessors utilizing speculative execution and address translations may allow unauthorized disclosure of information residing in the L1 data cache to an attacker with local user access via a terminal page fault and a side-channel analysis.
- CVE-2018-5390Aug 6, 2018affected < 1-3.7.1fixed 1-3.7.1
Linux kernel versions 4.9+ can be forced to make very expensive calls to tcp_collapse_ofo_queue() and tcp_prune_ofo_queue() for every incoming packet which can lead to a denial of service.
- CVE-2018-14734Jul 29, 2018affected < 1-3.7.1fixed 1-3.7.1
drivers/infiniband/core/ucma.c in the Linux kernel through 4.17.11 allows ucma_leave_multicast to access a certain data structure after a cleanup step in ucma_process_join, which allows attackers to cause a denial of service (use-after-free).
- CVE-2017-18344Jul 26, 2018affected < 1-3.7.1fixed 1-3.7.1
The timer_create syscall implementation in kernel/time/posix-timers.c in the Linux kernel before 4.14.8 doesn't properly validate the sigevent->sigev_notify field, which leads to out-of-bounds access in the show_timer function (called when /proc/$PID/timers is read). This allows
- CVE-2018-13406Jul 6, 2018affected < 1-3.7.1fixed 1-3.7.1
An integer overflow in the uvesafb_setcmap function in drivers/video/fbdev/uvesafb.c in the Linux kernel before 4.17.4 could result in local attackers being able to crash the kernel or potentially elevate privileges because kmalloc_array is not used.
- CVE-2018-13405Jul 6, 2018affected < 1-3.7.1fixed 1-3.7.1
The inode_init_owner function in fs/inode.c in the Linux kernel through 3.16 allows local users to create files with an unintended group ownership, in a scenario where a directory is SGID to a certain group and is writable by a user who is not a member of that group. Here, the no
- CVE-2018-13053Jul 2, 2018affected < 1-3.7.1fixed 1-3.7.1
The alarm_timer_nsleep function in kernel/time/alarmtimer.c in the Linux kernel through 4.17.3 has an integer overflow via a large relative timeout because ktime_add_safe is not used.
- CVE-2018-5814Jun 12, 2018affected < 1-3.7.1fixed 1-3.7.1
In the Linux Kernel before version 4.16.11, 4.14.43, 4.9.102, and 4.4.133, multiple race condition errors when handling probe, disconnect, and rebind operations can be exploited to trigger a use-after-free condition or a NULL pointer dereference by sending multiple USB over IP pa