rpm package
suse/kgraft-patch-SLE12-SP3_Update_16&distro=SUSE Linux Enterprise Live Patching 12 SP3
pkg:rpm/suse/kgraft-patch-SLE12-SP3_Update_16&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2012%20SP3
Vulnerabilities (16)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2019-11478 | — | < 6-2.1 | 6-2.1 | Jun 18, 2019 | Jonathan Looney discovered that the TCP retransmission queue implementation in tcp_fragment in the Linux kernel could be fragmented when handling certain TCP Selective Acknowledgment (SACK) sequences. A remote attacker could use this to cause a denial of service. This has been fi | ||
| CVE-2019-11477 | — | < 6-2.1 | 6-2.1 | Jun 18, 2019 | Jonathan Looney discovered that the TCP_SKB_CB(skb)->tcp_gso_segs value was subject to an integer overflow in the Linux kernel when handling TCP Selective Acknowledgments (SACKs). A remote attacker could use this to cause a denial of service. This has been fixed in stable kernel | ||
| CVE-2019-3846 | — | < 6-2.1 | 6-2.1 | Jun 3, 2019 | A flaw that allowed an attacker to corrupt memory and possibly escalate privileges was found in the mwifiex kernel module while connecting to a malicious wireless network. | ||
| CVE-2019-11487 | — | < 6-2.1 | 6-2.1 | Apr 23, 2019 | The Linux kernel before 5.1-rc5 allows page->_refcount reference count overflow, with resultant use-after-free issues, if about 140 GiB of RAM exists. This is related to fs/fuse/dev.c, fs/pipe.c, fs/splice.c, include/linux/mm.h, include/linux/pipe_fs_i.h, kernel/trace/trace.c, mm | ||
| CVE-2019-7221 | — | < 5-2.1 | 5-2.1 | Mar 17, 2019 | The KVM implementation in the Linux kernel through 4.20.5 has a Use-after-Free. | ||
| CVE-2019-9213 | — | < 5-2.1 | 5-2.1 | Mar 5, 2019 | In the Linux kernel before 4.20.14, expand_downwards in mm/mmap.c lacks a check for the mmap minimum address, which makes it easier for attackers to exploit kernel NULL pointer dereferences on non-SMAP platforms. This is related to a capability check for the wrong task. | ||
| CVE-2019-6974 | — | < 5-2.1 | 5-2.1 | Feb 15, 2019 | In the Linux kernel before 4.20.8, kvm_ioctl_create_device in virt/kvm/kvm_main.c mishandles reference counting because of a race condition, leading to a use-after-free. | ||
| CVE-2018-14633 | — | < 3-2.1 | 3-2.1 | Sep 25, 2018 | A security flaw was found in the chap_server_compute_md5() function in the ISCSI target code in the Linux kernel in a way an authentication request from an ISCSI initiator is processed. An unauthenticated remote attacker can cause a stack buffer overflow and smash up to 17 bytes | ||
| CVE-2018-17182 | — | < 3-2.1 | 3-2.1 | Sep 19, 2018 | An issue was discovered in the Linux kernel through 4.18.8. The vmacache_flush_all function in mm/vmacache.c mishandles sequence number overflows. An attacker can trigger a use-after-free (and possibly gain privileges) via certain thread creation, map, unmap, invalidation, and de | ||
| CVE-2018-10938 | — | < 2-2.1 | 2-2.1 | Aug 27, 2018 | A flaw was found in the Linux kernel present since v4.0-rc1 and through v4.13-rc4. A crafted network packet sent remotely by an attacker may force the kernel to enter an infinite loop in the cipso_v4_optptr() function in net/ipv4/cipso_ipv4.c leading to a denial-of-service. A cer | ||
| CVE-2018-10902 | — | < 2-2.1 | 2-2.1 | Aug 21, 2018 | It was found that the raw midi kernel driver does not protect against concurrent access which leads to a double realloc (double free) in snd_rawmidi_input_params() and snd_rawmidi_output_status() which are part of snd_rawmidi_ioctl() handler in rawmidi.c file. A malicious local a | ||
| CVE-2018-3646 | — | < 1-4.5.1 | 1-4.5.1 | Aug 14, 2018 | Systems with microprocessors utilizing speculative execution and address translations may allow unauthorized disclosure of information residing in the L1 data cache to an attacker with local user access with guest OS privilege via a terminal page fault and a side-channel analysis | ||
| CVE-2018-3620 | — | < 1-4.5.1 | 1-4.5.1 | Aug 14, 2018 | Systems with microprocessors utilizing speculative execution and address translations may allow unauthorized disclosure of information residing in the L1 data cache to an attacker with local user access via a terminal page fault and a side-channel analysis. | ||
| CVE-2018-5390 | — | < 1-4.5.1 | 1-4.5.1 | Aug 6, 2018 | Linux kernel versions 4.9+ can be forced to make very expensive calls to tcp_collapse_ofo_queue() and tcp_prune_ofo_queue() for every incoming packet which can lead to a denial of service. | ||
| CVE-2018-14734 | — | < 1-4.5.1 | 1-4.5.1 | Jul 29, 2018 | drivers/infiniband/core/ucma.c in the Linux kernel through 4.17.11 allows ucma_leave_multicast to access a certain data structure after a cleanup step in ucma_process_join, which allows attackers to cause a denial of service (use-after-free). | ||
| CVE-2017-18344 | — | < 1-4.5.1 | 1-4.5.1 | Jul 26, 2018 | The timer_create syscall implementation in kernel/time/posix-timers.c in the Linux kernel before 4.14.8 doesn't properly validate the sigevent->sigev_notify field, which leads to out-of-bounds access in the show_timer function (called when /proc/$PID/timers is read). This allows |
- CVE-2019-11478Jun 18, 2019affected < 6-2.1fixed 6-2.1
Jonathan Looney discovered that the TCP retransmission queue implementation in tcp_fragment in the Linux kernel could be fragmented when handling certain TCP Selective Acknowledgment (SACK) sequences. A remote attacker could use this to cause a denial of service. This has been fi
- CVE-2019-11477Jun 18, 2019affected < 6-2.1fixed 6-2.1
Jonathan Looney discovered that the TCP_SKB_CB(skb)->tcp_gso_segs value was subject to an integer overflow in the Linux kernel when handling TCP Selective Acknowledgments (SACKs). A remote attacker could use this to cause a denial of service. This has been fixed in stable kernel
- CVE-2019-3846Jun 3, 2019affected < 6-2.1fixed 6-2.1
A flaw that allowed an attacker to corrupt memory and possibly escalate privileges was found in the mwifiex kernel module while connecting to a malicious wireless network.
- CVE-2019-11487Apr 23, 2019affected < 6-2.1fixed 6-2.1
The Linux kernel before 5.1-rc5 allows page->_refcount reference count overflow, with resultant use-after-free issues, if about 140 GiB of RAM exists. This is related to fs/fuse/dev.c, fs/pipe.c, fs/splice.c, include/linux/mm.h, include/linux/pipe_fs_i.h, kernel/trace/trace.c, mm
- CVE-2019-7221Mar 17, 2019affected < 5-2.1fixed 5-2.1
The KVM implementation in the Linux kernel through 4.20.5 has a Use-after-Free.
- CVE-2019-9213Mar 5, 2019affected < 5-2.1fixed 5-2.1
In the Linux kernel before 4.20.14, expand_downwards in mm/mmap.c lacks a check for the mmap minimum address, which makes it easier for attackers to exploit kernel NULL pointer dereferences on non-SMAP platforms. This is related to a capability check for the wrong task.
- CVE-2019-6974Feb 15, 2019affected < 5-2.1fixed 5-2.1
In the Linux kernel before 4.20.8, kvm_ioctl_create_device in virt/kvm/kvm_main.c mishandles reference counting because of a race condition, leading to a use-after-free.
- CVE-2018-14633Sep 25, 2018affected < 3-2.1fixed 3-2.1
A security flaw was found in the chap_server_compute_md5() function in the ISCSI target code in the Linux kernel in a way an authentication request from an ISCSI initiator is processed. An unauthenticated remote attacker can cause a stack buffer overflow and smash up to 17 bytes
- CVE-2018-17182Sep 19, 2018affected < 3-2.1fixed 3-2.1
An issue was discovered in the Linux kernel through 4.18.8. The vmacache_flush_all function in mm/vmacache.c mishandles sequence number overflows. An attacker can trigger a use-after-free (and possibly gain privileges) via certain thread creation, map, unmap, invalidation, and de
- CVE-2018-10938Aug 27, 2018affected < 2-2.1fixed 2-2.1
A flaw was found in the Linux kernel present since v4.0-rc1 and through v4.13-rc4. A crafted network packet sent remotely by an attacker may force the kernel to enter an infinite loop in the cipso_v4_optptr() function in net/ipv4/cipso_ipv4.c leading to a denial-of-service. A cer
- CVE-2018-10902Aug 21, 2018affected < 2-2.1fixed 2-2.1
It was found that the raw midi kernel driver does not protect against concurrent access which leads to a double realloc (double free) in snd_rawmidi_input_params() and snd_rawmidi_output_status() which are part of snd_rawmidi_ioctl() handler in rawmidi.c file. A malicious local a
- CVE-2018-3646Aug 14, 2018affected < 1-4.5.1fixed 1-4.5.1
Systems with microprocessors utilizing speculative execution and address translations may allow unauthorized disclosure of information residing in the L1 data cache to an attacker with local user access with guest OS privilege via a terminal page fault and a side-channel analysis
- CVE-2018-3620Aug 14, 2018affected < 1-4.5.1fixed 1-4.5.1
Systems with microprocessors utilizing speculative execution and address translations may allow unauthorized disclosure of information residing in the L1 data cache to an attacker with local user access via a terminal page fault and a side-channel analysis.
- CVE-2018-5390Aug 6, 2018affected < 1-4.5.1fixed 1-4.5.1
Linux kernel versions 4.9+ can be forced to make very expensive calls to tcp_collapse_ofo_queue() and tcp_prune_ofo_queue() for every incoming packet which can lead to a denial of service.
- CVE-2018-14734Jul 29, 2018affected < 1-4.5.1fixed 1-4.5.1
drivers/infiniband/core/ucma.c in the Linux kernel through 4.17.11 allows ucma_leave_multicast to access a certain data structure after a cleanup step in ucma_process_join, which allows attackers to cause a denial of service (use-after-free).
- CVE-2017-18344Jul 26, 2018affected < 1-4.5.1fixed 1-4.5.1
The timer_create syscall implementation in kernel/time/posix-timers.c in the Linux kernel before 4.14.8 doesn't properly validate the sigevent->sigev_notify field, which leads to out-of-bounds access in the show_timer function (called when /proc/$PID/timers is read). This allows