rpm package
suse/kgraft-patch-SLE12-SP3_Update_37&distro=SUSE Linux Enterprise Server 12 SP3-LTSS
pkg:rpm/suse/kgraft-patch-SLE12-SP3_Update_37&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP3-LTSS
Vulnerabilities (66)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2020-25211 | — | < 1-4.3.1 | 1-4.3.1 | Sep 9, 2020 | In the Linux kernel through 5.8.7, local attackers able to inject conntrack netlink configuration could overflow a local buffer, causing crashes or triggering use of incorrect protocol numbers in ctnetlink_parse_tuple_filter in net/netfilter/nf_conntrack_netlink.c, aka CID-1cc5ef | ||
| CVE-2020-1749 | — | < 2-2.2 | 2-2.2 | Sep 9, 2020 | A flaw was found in the Linux kernel's implementation of some networking protocols in IPsec, such as VXLAN and GENEVE tunnels over IPv6. When an encrypted tunnel is created between two hosts, the kernel isn't correctly routing tunneled data over the encrypted link; rather sending | ||
| CVE-2020-3702 | — | < 14-2.2 | 14-2.2 | Sep 8, 2020 | u'Specifically timed and handcrafted traffic can cause internal errors in a WLAN device that lead to improper layer 2 Wi-Fi encryption with a consequent possibility of information disclosure over the air for a discrete set of traffic' in Snapdragon Auto, Snapdragon Compute, Snapd | ||
| CVE-2020-11668 | — | < 1-4.3.1 | 1-4.3.1 | Apr 9, 2020 | In the Linux kernel before 5.6.1, drivers/media/usb/gspca/xirlink_cit.c (aka the Xirlink camera USB driver) mishandles invalid descriptors, aka CID-a246b4d54770. | ||
| CVE-2019-0136 | — | < 14-2.2 | 14-2.2 | Jun 13, 2019 | Insufficient access control in the Intel(R) PROSet/Wireless WiFi Software driver before version 21.10 may allow an unauthenticated user to potentially enable denial of service via adjacent access. | ||
| CVE-2018-10902 | — | < 1-4.3.1 | 1-4.3.1 | Aug 21, 2018 | It was found that the raw midi kernel driver does not protect against concurrent access which leads to a double realloc (double free) in snd_rawmidi_input_params() and snd_rawmidi_output_status() which are part of snd_rawmidi_ioctl() handler in rawmidi.c file. A malicious local a |
- CVE-2020-25211Sep 9, 2020affected < 1-4.3.1fixed 1-4.3.1
In the Linux kernel through 5.8.7, local attackers able to inject conntrack netlink configuration could overflow a local buffer, causing crashes or triggering use of incorrect protocol numbers in ctnetlink_parse_tuple_filter in net/netfilter/nf_conntrack_netlink.c, aka CID-1cc5ef
- CVE-2020-1749Sep 9, 2020affected < 2-2.2fixed 2-2.2
A flaw was found in the Linux kernel's implementation of some networking protocols in IPsec, such as VXLAN and GENEVE tunnels over IPv6. When an encrypted tunnel is created between two hosts, the kernel isn't correctly routing tunneled data over the encrypted link; rather sending
- CVE-2020-3702Sep 8, 2020affected < 14-2.2fixed 14-2.2
u'Specifically timed and handcrafted traffic can cause internal errors in a WLAN device that lead to improper layer 2 Wi-Fi encryption with a consequent possibility of information disclosure over the air for a discrete set of traffic' in Snapdragon Auto, Snapdragon Compute, Snapd
- CVE-2020-11668Apr 9, 2020affected < 1-4.3.1fixed 1-4.3.1
In the Linux kernel before 5.6.1, drivers/media/usb/gspca/xirlink_cit.c (aka the Xirlink camera USB driver) mishandles invalid descriptors, aka CID-a246b4d54770.
- CVE-2019-0136Jun 13, 2019affected < 14-2.2fixed 14-2.2
Insufficient access control in the Intel(R) PROSet/Wireless WiFi Software driver before version 21.10 may allow an unauthenticated user to potentially enable denial of service via adjacent access.
- CVE-2018-10902Aug 21, 2018affected < 1-4.3.1fixed 1-4.3.1
It was found that the raw midi kernel driver does not protect against concurrent access which leads to a double realloc (double free) in snd_rawmidi_input_params() and snd_rawmidi_output_status() which are part of snd_rawmidi_ioctl() handler in rawmidi.c file. A malicious local a
Page 4 of 4