rpm package
suse/kgraft-patch-SLE12-SP2_Update_25&distro=SUSE Enterprise Storage 4
pkg:rpm/suse/kgraft-patch-SLE12-SP2_Update_25&distro=SUSE%20Enterprise%20Storage%204
Vulnerabilities (28)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2018-10877 | — | < 1-3.4.1 | 1-3.4.1 | Jul 18, 2018 | Linux kernel ext4 filesystem is vulnerable to an out-of-bound access in the ext4_ext_drop_refs() function when operating on a crafted ext4 filesystem image. | ||
| CVE-2018-13095 | — | < 1-3.4.1 | 1-3.4.1 | Jul 3, 2018 | An issue was discovered in fs/xfs/libxfs/xfs_inode_buf.c in the Linux kernel through 4.17.3. A denial of service (memory corruption and BUG) can occur for a corrupted xfs image upon encountering an inode that is in extent format, but has more extents than fit in the inode fork. | ||
| CVE-2018-13094 | — | < 1-3.4.1 | 1-3.4.1 | Jul 3, 2018 | An issue was discovered in fs/xfs/libxfs/xfs_attr_leaf.c in the Linux kernel through 4.17.3. An OOPS may occur for a corrupted xfs image after xfs_da_shrink_inode() is called with a NULL bp. | ||
| CVE-2018-13093 | — | < 1-3.4.1 | 1-3.4.1 | Jul 3, 2018 | An issue was discovered in fs/xfs/xfs_icache.c in the Linux kernel through 4.17.3. There is a NULL pointer dereference and panic in lookup_slow() on a NULL inode->i_ops pointer when doing pathwalks on a corrupted xfs image. This occurs because of a lack of proper validation that | ||
| CVE-2018-12896 | — | < 1-3.4.1 | 1-3.4.1 | Jul 2, 2018 | An issue was discovered in the Linux kernel through 4.17.3. An Integer Overflow in kernel/time/posix-timers.c in the POSIX timer code is caused by the way the overrun accounting works. Depending on interval and expiry time values, the overrun can be larger than INT_MAX, but the a | ||
| CVE-2018-10940 | — | < 1-3.4.1 | 1-3.4.1 | May 9, 2018 | The cdrom_ioctl_media_changed function in drivers/cdrom/cdrom.c in the Linux kernel before 4.16.6 allows local attackers to use a incorrect bounds check in the CDROM driver CDROM_MEDIA_CHANGED ioctl to read out kernel memory. | ||
| CVE-2018-7757 | — | < 1-3.4.1 | 1-3.4.1 | Mar 8, 2018 | Memory leak in the sas_smp_get_phy_events function in drivers/scsi/libsas/sas_expander.c in the Linux kernel through 4.15.7 allows local users to cause a denial of service (memory consumption) via many read accesses to files in the /sys/class/sas_phy directory, as demonstrated by | ||
| CVE-2018-7480 | — | < 1-3.4.1 | 1-3.4.1 | Feb 25, 2018 | The blkcg_init_queue function in block/blk-cgroup.c in the Linux kernel before 4.11 allows local users to cause a denial of service (double free) or possibly have unspecified other impact by triggering a creation failure. |
- CVE-2018-10877Jul 18, 2018affected < 1-3.4.1fixed 1-3.4.1
Linux kernel ext4 filesystem is vulnerable to an out-of-bound access in the ext4_ext_drop_refs() function when operating on a crafted ext4 filesystem image.
- CVE-2018-13095Jul 3, 2018affected < 1-3.4.1fixed 1-3.4.1
An issue was discovered in fs/xfs/libxfs/xfs_inode_buf.c in the Linux kernel through 4.17.3. A denial of service (memory corruption and BUG) can occur for a corrupted xfs image upon encountering an inode that is in extent format, but has more extents than fit in the inode fork.
- CVE-2018-13094Jul 3, 2018affected < 1-3.4.1fixed 1-3.4.1
An issue was discovered in fs/xfs/libxfs/xfs_attr_leaf.c in the Linux kernel through 4.17.3. An OOPS may occur for a corrupted xfs image after xfs_da_shrink_inode() is called with a NULL bp.
- CVE-2018-13093Jul 3, 2018affected < 1-3.4.1fixed 1-3.4.1
An issue was discovered in fs/xfs/xfs_icache.c in the Linux kernel through 4.17.3. There is a NULL pointer dereference and panic in lookup_slow() on a NULL inode->i_ops pointer when doing pathwalks on a corrupted xfs image. This occurs because of a lack of proper validation that
- CVE-2018-12896Jul 2, 2018affected < 1-3.4.1fixed 1-3.4.1
An issue was discovered in the Linux kernel through 4.17.3. An Integer Overflow in kernel/time/posix-timers.c in the POSIX timer code is caused by the way the overrun accounting works. Depending on interval and expiry time values, the overrun can be larger than INT_MAX, but the a
- CVE-2018-10940May 9, 2018affected < 1-3.4.1fixed 1-3.4.1
The cdrom_ioctl_media_changed function in drivers/cdrom/cdrom.c in the Linux kernel before 4.16.6 allows local attackers to use a incorrect bounds check in the CDROM driver CDROM_MEDIA_CHANGED ioctl to read out kernel memory.
- CVE-2018-7757Mar 8, 2018affected < 1-3.4.1fixed 1-3.4.1
Memory leak in the sas_smp_get_phy_events function in drivers/scsi/libsas/sas_expander.c in the Linux kernel through 4.15.7 allows local users to cause a denial of service (memory consumption) via many read accesses to files in the /sys/class/sas_phy directory, as demonstrated by
- CVE-2018-7480Feb 25, 2018affected < 1-3.4.1fixed 1-3.4.1
The blkcg_init_queue function in block/blk-cgroup.c in the Linux kernel before 4.11 allows local users to cause a denial of service (double free) or possibly have unspecified other impact by triggering a creation failure.
Page 2 of 2