VYPR

rpm package

suse/kgraft-patch-SLE12-SP2_Update_9&distro=SUSE Linux Enterprise Live Patching 12

pkg:rpm/suse/kgraft-patch-SLE12-SP2_Update_9&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2012

Vulnerabilities (17)

  • CVE-2017-18075Jan 24, 2018
    affected < 8-2.1fixed 8-2.1

    crypto/pcrypt.c in the Linux kernel before 4.14.13 mishandles freeing instances, allowing a local user able to access the AF_ALG-based AEAD interface (CONFIG_CRYPTO_USER_API_AEAD) and pcrypt (CONFIG_CRYPTO_PCRYPT) to cause a denial of service (kfree of an incorrect pointer) or po

  • CVE-2017-17712HigDec 16, 2017
    affected < 7-2.1fixed 7-2.1

    The raw_sendmsg() function in net/ipv4/raw.c in the Linux kernel through 4.14.6 has a race condition in inet->hdrincl that leads to uninitialized stack pointer usage; this allows a local user to execute code and gain privileges.

  • CVE-2017-1000405HigNov 30, 2017
    affected < 6-2.1fixed 6-2.1

    The Linux Kernel versions 2.6.38 through 4.14 have a problematic use of pmd_mkdirty() in the touch_pmd() function inside the THP implementation. touch_pmd() can be reached by get_user_pages(). In such case, the pmd will become dirty. This scenario breaks the new can_follow_write_

  • CVE-2017-16939HigNov 24, 2017
    affected < 6-2.1fixed 6-2.1

    The XFRM dump policy implementation in net/xfrm/xfrm_user.c in the Linux kernel before 4.13.11 allows local users to gain privileges or cause a denial of service (use-after-free) via a crafted SO_RCVBUF setsockopt system call in conjunction with XFRM_MSG_GETPOLICY Netlink message

  • CVE-2017-15649HigOct 19, 2017
    affected < 5-2.1fixed 5-2.1

    net/packet/af_packet.c in the Linux kernel before 4.13.6 allows local users to gain privileges via crafted system calls that trigger mishandling of packet_fanout data structures, because of a race condition (involving fanout_add and packet_do_bind) that leads to a use-after-free,

  • CVE-2017-13080MedOct 17, 2017
    affected < 5-2.1fixed 5-2.1

    Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Group Temporal Key (GTK) during the group key handshake, allowing an attacker within radio range to replay frames from access points to clients.

  • CVE-2017-1000112HigOct 5, 2017
    affected < 3-2.1fixed 3-2.1

    Linux kernel: Exploitable memory corruption due to UFO to non-UFO path switch. When building a UFO packet with MSG_MORE __ip_append_data() calls ip_ufo_append_data() to append. However in between two send() calls, the append path can be switched from UFO to non-UFO one, which lea

  • CVE-2017-1000251HigSep 12, 2017
    affected < 4-4.1fixed 4-4.1

    The native Bluetooth stack in the Linux Kernel (BlueZ), starting at the Linux kernel version 2.6.32 and up to and including 4.13.1, are vulnerable to a stack overflow vulnerability in the processing of L2CAP configuration responses resulting in Remote code execution in kernel spa

  • CVE-2017-10661HigAug 19, 2017
    affected < 6-2.1fixed 6-2.1

    Race condition in fs/timerfd.c in the Linux kernel before 4.10.15 allows local users to gain privileges or cause a denial of service (list corruption or use-after-free) via simultaneous file-descriptor operations that leverage improper might_cancel queueing.

  • CVE-2017-12762CriAug 9, 2017
    affected < 4-4.1fixed 4-4.1

    In /drivers/isdn/i4l/isdn_net.c: A user-controlled buffer is copied into a local buffer of constant size using strcpy without a length check which can cause a buffer overflow. This affects the Linux kernel 4.9-stable tree, 4.12-stable tree, 3.18-stable tree, and 4.4-stable tree.

  • CVE-2017-7533HigAug 5, 2017
    affected < 2-2.1fixed 2-2.1

    Race condition in the fsnotify implementation in the Linux kernel through 4.12.4 allows local users to gain privileges or cause a denial of service (memory corruption) via a crafted application that leverages simultaneous execution of the inotify_handle_event and vfs_rename funct

  • CVE-2017-8797HigJul 2, 2017
    affected < 2-2.1fixed 2-2.1

    The NFSv4 server in the Linux kernel before 4.11.3 does not properly validate the layout type when processing the NFSv4 pNFS GETDEVICEINFO or LAYOUTGET operand in a UDP packet from a remote attacker. This type value is uninitialized upon encountering certain error conditions. Thi

  • CVE-2017-1000364HigJun 19, 2017
    affected < 1-2.3fixed 1-2.3

    An issue was discovered in the size of the stack guard page on Linux, specifically a 4k stack guard page is not sufficiently large and can be "jumped" over (the stack guard page is bypassed), this affects Linux Kernel versions 4.11.5 and earlier (the stackguard page was introduce

  • CVE-2017-9242MedMay 27, 2017
    affected < 2-2.1fixed 2-2.1

    The __ip6_append_data function in net/ipv6/ip6_output.c in the Linux kernel through 4.11.3 is too late in checking whether an overwrite of an skb data structure may occur, which allows local users to cause a denial of service (system crash) via crafted system calls.

  • CVE-2017-9077HigMay 19, 2017
    affected < 2-2.1fixed 2-2.1

    The tcp_v6_syn_recv_sock function in net/ipv6/tcp_ipv6.c in the Linux kernel through 4.11.1 mishandles inheritance, which allows local users to cause a denial of service or possibly have unspecified other impact via crafted system calls, a related issue to CVE-2017-8890.

  • CVE-2017-8890HigMay 10, 2017
    affected < 2-2.1fixed 2-2.1

    The inet_csk_clone_lock function in net/ipv4/inet_connection_sock.c in the Linux kernel through 4.10.15 allows attackers to cause a denial of service (double free) or possibly have unspecified other impact by leveraging use of the accept system call.

  • CVE-2017-7645HigApr 18, 2017
    affected < 2-2.1fixed 2-2.1

    The NFSv2/NFSv3 server in the nfsd subsystem in the Linux kernel through 4.10.11 allows remote attackers to cause a denial of service (system crash) via a long RPC reply, related to net/sunrpc/svc.c, fs/nfsd/nfs3xdr.c, and fs/nfsd/nfsxdr.c.