rpm package
suse/kgraft-patch-SLE12-SP3_Update_8&distro=SUSE Linux Enterprise Live Patching 12 SP3
pkg:rpm/suse/kgraft-patch-SLE12-SP3_Update_8&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2012%20SP3
Vulnerabilities (29)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2018-5333 | — | < 1-4.3.5 | 1-4.3.5 | Jan 11, 2018 | In the Linux kernel through 4.14.13, the rds_cmsg_atomic function in net/rds/rdma.c mishandles cases where page pinning fails or an invalid address is supplied, leading to an rds_atomic_free_op NULL pointer dereference. | ||
| CVE-2018-5332 | — | < 1-4.3.5 | 1-4.3.5 | Jan 11, 2018 | In the Linux kernel through 3.2, the rds_message_alloc_sgs() function does not validate a value that is used during DMA page allocation, leading to a heap-based out-of-bounds write (related to the rds_rdma_extra_size function in net/rds/rdma.c). | ||
| CVE-2017-15129 | — | < 1-4.3.5 | 1-4.3.5 | Jan 9, 2018 | A use-after-free vulnerability was found in network namespaces code affecting the Linux kernel before 4.14.11. The function get_net_ns_by_id() in net/core/net_namespace.c does not check for the net::count value after it has found a peer network in netns_ids idr, which could lead | ||
| CVE-2017-5715 | — | < 1-4.3.5 | 1-4.3.5 | Jan 4, 2018 | Systems with microprocessors utilizing speculative execution and indirect branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis. | ||
| CVE-2017-18017 | — | < 1-4.3.5 | 1-4.3.5 | Jan 3, 2018 | The tcpmss_mangle_packet function in net/netfilter/xt_TCPMSS.c in the Linux kernel before 4.11, and 4.9.x before 4.9.36, allows remote attackers to cause a denial of service (use-after-free and memory corruption) or possibly have unspecified other impact by leveraging the presenc | ||
| CVE-2017-17864 | Low | 3.3 | < 1-4.3.5 | 1-4.3.5 | Dec 27, 2017 | kernel/bpf/verifier.c in the Linux kernel through 4.14.8 mishandles states_equal comparisons between the pointer data type and the UNKNOWN_VALUE data type, which allows local users to obtain potentially sensitive address information, aka a "pointer leak." | |
| CVE-2017-17862 | Med | 5.5 | < 1-4.3.5 | 1-4.3.5 | Dec 27, 2017 | kernel/bpf/verifier.c in the Linux kernel through 4.14.8 ignores unreachable code, even though it would still be processed by JIT compilers. This behavior, also considered an improper branch-pruning logic issue, could possibly be used by local users for denial of service. | |
| CVE-2017-17712 | Hig | 7.0 | < 1-4.3.5 | 1-4.3.5 | Dec 16, 2017 | The raw_sendmsg() function in net/ipv4/raw.c in the Linux kernel through 4.14.6 has a race condition in inet->hdrincl that leads to uninitialized stack pointer usage; this allows a local user to execute code and gain privileges. | |
| CVE-2017-13166 | Hig | 7.8 | < 2-2.1 | 2-2.1 | Dec 6, 2017 | An elevation of privilege vulnerability in the kernel v4l2 video driver. Product: Android. Versions: Android kernel. Android ID A-34624167. |
- CVE-2018-5333Jan 11, 2018affected < 1-4.3.5fixed 1-4.3.5
In the Linux kernel through 4.14.13, the rds_cmsg_atomic function in net/rds/rdma.c mishandles cases where page pinning fails or an invalid address is supplied, leading to an rds_atomic_free_op NULL pointer dereference.
- CVE-2018-5332Jan 11, 2018affected < 1-4.3.5fixed 1-4.3.5
In the Linux kernel through 3.2, the rds_message_alloc_sgs() function does not validate a value that is used during DMA page allocation, leading to a heap-based out-of-bounds write (related to the rds_rdma_extra_size function in net/rds/rdma.c).
- CVE-2017-15129Jan 9, 2018affected < 1-4.3.5fixed 1-4.3.5
A use-after-free vulnerability was found in network namespaces code affecting the Linux kernel before 4.14.11. The function get_net_ns_by_id() in net/core/net_namespace.c does not check for the net::count value after it has found a peer network in netns_ids idr, which could lead
- CVE-2017-5715Jan 4, 2018affected < 1-4.3.5fixed 1-4.3.5
Systems with microprocessors utilizing speculative execution and indirect branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis.
- CVE-2017-18017Jan 3, 2018affected < 1-4.3.5fixed 1-4.3.5
The tcpmss_mangle_packet function in net/netfilter/xt_TCPMSS.c in the Linux kernel before 4.11, and 4.9.x before 4.9.36, allows remote attackers to cause a denial of service (use-after-free and memory corruption) or possibly have unspecified other impact by leveraging the presenc
- affected < 1-4.3.5fixed 1-4.3.5
kernel/bpf/verifier.c in the Linux kernel through 4.14.8 mishandles states_equal comparisons between the pointer data type and the UNKNOWN_VALUE data type, which allows local users to obtain potentially sensitive address information, aka a "pointer leak."
- affected < 1-4.3.5fixed 1-4.3.5
kernel/bpf/verifier.c in the Linux kernel through 4.14.8 ignores unreachable code, even though it would still be processed by JIT compilers. This behavior, also considered an improper branch-pruning logic issue, could possibly be used by local users for denial of service.
- affected < 1-4.3.5fixed 1-4.3.5
The raw_sendmsg() function in net/ipv4/raw.c in the Linux kernel through 4.14.6 has a race condition in inet->hdrincl that leads to uninitialized stack pointer usage; this allows a local user to execute code and gain privileges.
- affected < 2-2.1fixed 2-2.1
An elevation of privilege vulnerability in the kernel v4l2 video driver. Product: Android. Versions: Android kernel. Android ID A-34624167.
Page 2 of 2