VYPR

rpm package

suse/kgraft-patch-SLE12-SP3_Update_1&distro=SUSE Linux Enterprise Live Patching 12 SP3

pkg:rpm/suse/kgraft-patch-SLE12-SP3_Update_1&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2012%20SP3

Vulnerabilities (30)

  • CVE-2017-1000112HigOct 5, 2017
    affected < 1-2.1fixed 1-2.1

    Linux kernel: Exploitable memory corruption due to UFO to non-UFO path switch. When building a UFO packet with MSG_MORE __ip_append_data() calls ip_ufo_append_data() to append. However in between two send() calls, the append path can be switched from UFO to non-UFO one, which lea

  • CVE-2017-1000111HigOct 5, 2017
    affected < 1-2.1fixed 1-2.1

    Linux kernel: heap out-of-bounds in AF_PACKET sockets. This new issue is analogous to previously disclosed CVE-2016-8655. In both cases, a socket option that changes socket state may race with safety checks in packet_set_ring. Previously with PACKET_VERSION. This time with PACKET

  • CVE-2017-1000251HigSep 12, 2017
    affected < 2-2.1fixed 2-2.1

    The native Bluetooth stack in the Linux Kernel (BlueZ), starting at the Linux kernel version 2.6.32 and up to and including 4.13.1, are vulnerable to a stack overflow vulnerability in the processing of L2CAP configuration responses resulting in Remote code execution in kernel spa

  • CVE-2017-7533HigAug 5, 2017
    affected < 1-2.1fixed 1-2.1

    Race condition in the fsnotify implementation in the Linux kernel through 4.12.4 allows local users to gain privileges or cause a denial of service (memory corruption) via a crafted application that leverages simultaneous execution of the inotify_handle_event and vfs_rename funct

  • CVE-2017-7541HigJul 25, 2017
    affected < 1-2.1fixed 1-2.1

    The brcmf_cfg80211_mgmt_tx function in drivers/net/wireless/broadcom/brcm80211/brcmfmac/cfg80211.c in the Linux kernel before 4.12.3 allows local users to cause a denial of service (buffer overflow and system crash) or possibly gain privileges via a crafted NL80211_CMD_FRAME Netl

  • CVE-2017-11600HigJul 24, 2017
    affected < 11-2.1fixed 11-2.1

    net/xfrm/xfrm_policy.c in the Linux kernel through 4.12.3, when CONFIG_XFRM_MIGRATE is enabled, does not ensure that the dir value of xfrm_userpolicy_id is XFRM_POLICY_MAX or less, which allows local users to cause a denial of service (out-of-bounds access) or possibly have unspe

  • CVE-2017-7542MedJul 21, 2017
    affected < 1-2.1fixed 1-2.1

    The ip6_find_1stfragopt function in net/ipv6/output_core.c in the Linux kernel through 4.12.3 allows local users to cause a denial of service (integer overflow and infinite loop) by leveraging the ability to open a raw socket.

  • CVE-2017-11473HigJul 20, 2017
    affected < 1-2.1fixed 1-2.1

    Buffer overflow in the mp_override_legacy_irq() function in arch/x86/kernel/acpi/boot.c in the Linux kernel through 3.2 allows local users to gain privileges via a crafted ACPI table.

  • CVE-2017-10810HigJul 4, 2017
    affected < 1-2.1fixed 1-2.1

    Memory leak in the virtio_gpu_object_create function in drivers/gpu/drm/virtio/virtgpu_object.c in the Linux kernel through 4.11.8 allows attackers to cause a denial of service (memory consumption) by triggering object-initialization failures.

  • CVE-2017-8831MedMay 8, 2017
    affected < 1-2.1fixed 1-2.1

    The saa7164_bus_get function in drivers/media/pci/saa7164/saa7164-bus.c in the Linux kernel through 4.11.5 allows local users to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact by changing a certain sequence-number value, aka a "do

Page 2 of 2