rpm package
suse/kgraft-patch-SLE12_Update_21&distro=SUSE Linux Enterprise Server for SAP Applications 12
pkg:rpm/suse/kgraft-patch-SLE12_Update_21&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012
Vulnerabilities (29)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2017-5970 | Hig | 7.5 | < 1-2.1 | 1-2.1 | Feb 14, 2017 | The ipv4_pktinfo_prepare function in net/ipv4/ip_sockglue.c in the Linux kernel through 4.9.9 allows attackers to cause a denial of service (system crash) via (1) an application that makes crafted system calls or possibly (2) IPv4 traffic with invalid IP options. | |
| CVE-2016-10044 | Hig | 7.8 | < 1-2.1 | 1-2.1 | Feb 7, 2017 | The aio_mount function in fs/aio.c in the Linux kernel before 4.7.7 does not properly restrict execute access, which makes it easier for local users to bypass intended SELinux W^X policy restrictions, and consequently gain privileges, via an io_setup system call. | |
| CVE-2016-10208 | Med | 4.3 | < 1-2.1 | 1-2.1 | Feb 6, 2017 | The ext4_fill_super function in fs/ext4/super.c in the Linux kernel through 4.9.8 does not properly validate meta block groups, which allows physically proximate attackers to cause a denial of service (out-of-bounds read and system crash) via a crafted ext4 image. | |
| CVE-2016-9588 | Med | 5.5 | < 1-2.1 | 1-2.1 | Dec 28, 2016 | arch/x86/kvm/vmx.c in the Linux kernel through 4.9 mismanages the #BP and #OF exceptions, which allows guest OS users to cause a denial of service (guest OS crash) by declining to handle an exception thrown by an L2 guest. | |
| CVE-2016-7117 | Cri | 9.8 | < 1-2.1 | 1-2.1 | Oct 10, 2016 | Use-after-free vulnerability in the __sys_recvmmsg function in net/socket.c in the Linux kernel before 4.5.2 allows remote attackers to execute arbitrary code via vectors involving a recvmmsg system call that is mishandled during error processing. | |
| CVE-2016-3070 | Hig | 7.8 | < 1-2.1 | 1-2.1 | Aug 6, 2016 | The trace_writeback_dirty_page implementation in include/trace/events/writeback.h in the Linux kernel before 4.4 improperly interacts with mm/migrate.c, which allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified | |
| CVE-2016-5243 | Med | 5.5 | < 1-2.1 | 1-2.1 | Jun 27, 2016 | The tipc_nl_compat_link_dump function in net/tipc/netlink_compat.c in the Linux kernel through 4.6.3 does not properly copy a certain string, which allows local users to obtain sensitive information from kernel stack memory by reading a Netlink message. | |
| CVE-2016-2117 | Hig | 7.5 | < 1-2.1 | 1-2.1 | May 2, 2016 | The atl2_probe function in drivers/net/ethernet/atheros/atlx/atl2.c in the Linux kernel through 4.5.2 incorrectly enables scatter/gather I/O, which allows remote attackers to obtain sensitive information from kernel memory by reading packet data. | |
| CVE-2015-1350 | Med | 5.5 | < 1-2.1 | 1-2.1 | May 2, 2016 | The VFS subsystem in the Linux kernel 3.x provides an incomplete set of requirements for setattr operations that underspecifies removing extended privilege attributes, which allows local users to cause a denial of service (capability stripping) via a failed invocation of a system |
- affected < 1-2.1fixed 1-2.1
The ipv4_pktinfo_prepare function in net/ipv4/ip_sockglue.c in the Linux kernel through 4.9.9 allows attackers to cause a denial of service (system crash) via (1) an application that makes crafted system calls or possibly (2) IPv4 traffic with invalid IP options.
- affected < 1-2.1fixed 1-2.1
The aio_mount function in fs/aio.c in the Linux kernel before 4.7.7 does not properly restrict execute access, which makes it easier for local users to bypass intended SELinux W^X policy restrictions, and consequently gain privileges, via an io_setup system call.
- affected < 1-2.1fixed 1-2.1
The ext4_fill_super function in fs/ext4/super.c in the Linux kernel through 4.9.8 does not properly validate meta block groups, which allows physically proximate attackers to cause a denial of service (out-of-bounds read and system crash) via a crafted ext4 image.
- affected < 1-2.1fixed 1-2.1
arch/x86/kvm/vmx.c in the Linux kernel through 4.9 mismanages the #BP and #OF exceptions, which allows guest OS users to cause a denial of service (guest OS crash) by declining to handle an exception thrown by an L2 guest.
- affected < 1-2.1fixed 1-2.1
Use-after-free vulnerability in the __sys_recvmmsg function in net/socket.c in the Linux kernel before 4.5.2 allows remote attackers to execute arbitrary code via vectors involving a recvmmsg system call that is mishandled during error processing.
- affected < 1-2.1fixed 1-2.1
The trace_writeback_dirty_page implementation in include/trace/events/writeback.h in the Linux kernel before 4.4 improperly interacts with mm/migrate.c, which allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified
- affected < 1-2.1fixed 1-2.1
The tipc_nl_compat_link_dump function in net/tipc/netlink_compat.c in the Linux kernel through 4.6.3 does not properly copy a certain string, which allows local users to obtain sensitive information from kernel stack memory by reading a Netlink message.
- affected < 1-2.1fixed 1-2.1
The atl2_probe function in drivers/net/ethernet/atheros/atlx/atl2.c in the Linux kernel through 4.5.2 incorrectly enables scatter/gather I/O, which allows remote attackers to obtain sensitive information from kernel memory by reading packet data.
- affected < 1-2.1fixed 1-2.1
The VFS subsystem in the Linux kernel 3.x provides an incomplete set of requirements for setattr operations that underspecifies removing extended privilege attributes, which allows local users to cause a denial of service (capability stripping) via a failed invocation of a system
Page 2 of 2