rpm package

suse/kgraft-patch-SLE12-SP2_Update_29&distro=SUSE OpenStack Cloud 7

pkg:rpm/suse/kgraft-patch-SLE12-SP2_Update_29&distro=SUSE%20OpenStack%20Cloud%207

Vulnerabilities (16)

CVE	Sev	CVSS	Affected versions	Fixed in	Published	Description
CVE-2019-8564		—	< 1-3.5.2	1-3.5.2	Oct 27, 2020	A logic issue was addressed with improved validation. This issue is fixed in macOS Mojave 10.14.4, Security Update 2019-002 High Sierra, Security Update 2019-002 Sierra. An attacker in a privileged network position can modify driver state.
CVE-2019-9503		—	< 1-3.5.2	1-3.5.2	Jan 16, 2020	The Broadcom brcmfmac WiFi driver prior to commit a4176ec356c73a46c07c181c6d04039fafa34a9f is vulnerable to a frame validation bypass. If the brcmfmac driver receives a firmware event frame from a remote source, the is_wlc_event_frame function will cause this frame to be discarde
CVE-2018-12130		—	< 1-3.5.2	1-3.5.2	May 30, 2019	Microarchitectural Fill Buffer Data Sampling (MFBDS): Fill buffers on some microprocessors utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access. A list of impacted products can be found h
CVE-2018-12127		—	< 1-3.5.2	1-3.5.2	May 30, 2019	Microarchitectural Load Port Data Sampling (MLPDS): Load ports on some microprocessors utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access. A list of impacted products can be found here:
CVE-2018-12126		—	< 1-3.5.2	1-3.5.2	May 30, 2019	Microarchitectural Store Buffer Data Sampling (MSBDS): Store buffers on some microprocessors utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access. A list of impacted products can be found
CVE-2019-11091		—	< 1-3.5.2	1-3.5.2	May 30, 2019	Microarchitectural Data Sampling Uncacheable Memory (MDSUM): Uncacheable memory on some microprocessors utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access. A list of impacted products c
CVE-2019-3882		—	< 1-3.5.2	1-3.5.2	Apr 24, 2019	A flaw was found in the Linux kernel's vfio interface implementation that permits violation of the user's locked memory limit. If a device is bound to a vfio driver, such as vfio-pci, and the local attacker is administratively granted ownership of the device, it may cause a syste
CVE-2019-11486		—	< 1-3.5.2	1-3.5.2	Apr 23, 2019	The Siemens R3964 line discipline driver in drivers/tty/n_r3964.c in the Linux kernel before 5.0.8 has multiple race conditions.
CVE-2018-19407		—	< 1-3.5.2	1-3.5.2	Nov 21, 2018	The vcpu_scan_ioapic function in arch/x86/kvm/x86.c in the Linux kernel through 4.19.2 allows local users to cause a denial of service (NULL pointer dereference and BUG) via crafted system calls that reach a situation where ioapic is uninitialized.
CVE-2018-1129		—	< 1-3.5.2	1-3.5.2	Jul 10, 2018	A flaw was found in the way signature calculation was handled by cephx authentication protocol. An attacker having access to ceph cluster network who is able to alter the message payload was able to bypass signature checks done by cephx protocol. Ceph branches master, mimic, lumi
CVE-2018-1128		—	< 1-3.5.2	1-3.5.2	Jul 10, 2018	It was found that cephx authentication protocol did not verify ceph clients correctly and was vulnerable to replay attack. Any attacker having access to ceph cluster network who is able to sniff packets on network can use this vulnerability to authenticate with ceph service and p
CVE-2018-1120		—	< 1-3.5.2	1-3.5.2	Jun 20, 2018	A flaw was found affecting the Linux kernel before version 4.17. By mmap()ing a FUSE-backed file onto a process's memory containing command line arguments (or environment strings), an attacker can cause utilities from psutils or procps (such as ps, w) or any other program which m
CVE-2018-1091		—	< 1-3.5.2	1-3.5.2	Mar 27, 2018	In the flush_tmregs_to_thread function in arch/powerpc/kernel/ptrace.c in the Linux kernel before 4.13.5, a guest kernel crash can be triggered from unprivileged userspace during a core dump on a POWER host due to a missing processor feature check and an erroneous use of transact
CVE-2017-18174		—	< 1-3.5.2	1-3.5.2	Feb 11, 2018	In the Linux kernel before 4.7, the amd_gpio_remove function in drivers/pinctrl/pinctrl-amd.c calls the pinctrl_unregister function, leading to a double free.
CVE-2017-17741	Med	6.5	< 1-3.5.2	1-3.5.2	Dec 18, 2017	The KVM implementation in the Linux kernel through 4.14.7 allows attackers to obtain potentially sensitive information from kernel memory, aka a write_mmio stack-based out-of-bounds read, related to arch/x86/kvm/x86.c and include/trace/events/kvm.h.
CVE-2016-8636	Hig	7.8	< 1-3.5.2	1-3.5.2	Feb 22, 2017	Integer overflow in the mem_check_range function in drivers/infiniband/sw/rxe/rxe_mr.c in the Linux kernel before 4.9.10 allows local users to cause a denial of service (memory corruption), obtain sensitive information from kernel memory, or possibly have unspecified other impact

CVE-2019-8564Oct 27, 2020
affected < 1-3.5.2fixed 1-3.5.2
A logic issue was addressed with improved validation. This issue is fixed in macOS Mojave 10.14.4, Security Update 2019-002 High Sierra, Security Update 2019-002 Sierra. An attacker in a privileged network position can modify driver state.
CVE-2019-9503Jan 16, 2020
affected < 1-3.5.2fixed 1-3.5.2
The Broadcom brcmfmac WiFi driver prior to commit a4176ec356c73a46c07c181c6d04039fafa34a9f is vulnerable to a frame validation bypass. If the brcmfmac driver receives a firmware event frame from a remote source, the is_wlc_event_frame function will cause this frame to be discarde
CVE-2018-12130May 30, 2019
affected < 1-3.5.2fixed 1-3.5.2
Microarchitectural Fill Buffer Data Sampling (MFBDS): Fill buffers on some microprocessors utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access. A list of impacted products can be found h
CVE-2018-12127May 30, 2019
affected < 1-3.5.2fixed 1-3.5.2
Microarchitectural Load Port Data Sampling (MLPDS): Load ports on some microprocessors utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access. A list of impacted products can be found here:
CVE-2018-12126May 30, 2019
affected < 1-3.5.2fixed 1-3.5.2
Microarchitectural Store Buffer Data Sampling (MSBDS): Store buffers on some microprocessors utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access. A list of impacted products can be found
CVE-2019-11091May 30, 2019
affected < 1-3.5.2fixed 1-3.5.2
Microarchitectural Data Sampling Uncacheable Memory (MDSUM): Uncacheable memory on some microprocessors utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access. A list of impacted products c
CVE-2019-3882Apr 24, 2019
affected < 1-3.5.2fixed 1-3.5.2
A flaw was found in the Linux kernel's vfio interface implementation that permits violation of the user's locked memory limit. If a device is bound to a vfio driver, such as vfio-pci, and the local attacker is administratively granted ownership of the device, it may cause a syste
CVE-2019-11486Apr 23, 2019
affected < 1-3.5.2fixed 1-3.5.2
The Siemens R3964 line discipline driver in drivers/tty/n_r3964.c in the Linux kernel before 5.0.8 has multiple race conditions.
CVE-2018-19407Nov 21, 2018
affected < 1-3.5.2fixed 1-3.5.2
The vcpu_scan_ioapic function in arch/x86/kvm/x86.c in the Linux kernel through 4.19.2 allows local users to cause a denial of service (NULL pointer dereference and BUG) via crafted system calls that reach a situation where ioapic is uninitialized.
CVE-2018-1129Jul 10, 2018
affected < 1-3.5.2fixed 1-3.5.2
A flaw was found in the way signature calculation was handled by cephx authentication protocol. An attacker having access to ceph cluster network who is able to alter the message payload was able to bypass signature checks done by cephx protocol. Ceph branches master, mimic, lumi
CVE-2018-1128Jul 10, 2018
affected < 1-3.5.2fixed 1-3.5.2
It was found that cephx authentication protocol did not verify ceph clients correctly and was vulnerable to replay attack. Any attacker having access to ceph cluster network who is able to sniff packets on network can use this vulnerability to authenticate with ceph service and p
CVE-2018-1120Jun 20, 2018
affected < 1-3.5.2fixed 1-3.5.2
A flaw was found affecting the Linux kernel before version 4.17. By mmap()ing a FUSE-backed file onto a process's memory containing command line arguments (or environment strings), an attacker can cause utilities from psutils or procps (such as ps, w) or any other program which m
CVE-2018-1091Mar 27, 2018
affected < 1-3.5.2fixed 1-3.5.2
In the flush_tmregs_to_thread function in arch/powerpc/kernel/ptrace.c in the Linux kernel before 4.13.5, a guest kernel crash can be triggered from unprivileged userspace during a core dump on a POWER host due to a missing processor feature check and an erroneous use of transact
CVE-2017-18174Feb 11, 2018
affected < 1-3.5.2fixed 1-3.5.2
In the Linux kernel before 4.7, the amd_gpio_remove function in drivers/pinctrl/pinctrl-amd.c calls the pinctrl_unregister function, leading to a double free.
CVE-2017-17741MedDec 18, 2017
affected < 1-3.5.2fixed 1-3.5.2
The KVM implementation in the Linux kernel through 4.14.7 allows attackers to obtain potentially sensitive information from kernel memory, aka a write_mmio stack-based out-of-bounds read, related to arch/x86/kvm/x86.c and include/trace/events/kvm.h.
CVE-2016-8636HigFeb 22, 2017
affected < 1-3.5.2fixed 1-3.5.2
Integer overflow in the mem_check_range function in drivers/infiniband/sw/rxe/rxe_mr.c in the Linux kernel before 4.9.10 allows local users to cause a denial of service (memory corruption), obtain sensitive information from kernel memory, or possibly have unspecified other impact