Known CVE vulnerabilities and GitHub Security Advisories affecting the SUSE:Linux Enterprise Desktop 11 SP4 package kernel-default, with affected version ranges, CVSS severity, EPSS exploit prediction, and CISA KEV status.
CVEs (48)
CVE-2015-8104 — CVSS 10.0 (critical): The KVM subsystem in the Linux kernel through 4.2.6, and Xen 4.3.x through 4.6.x, allows guest OS users to cause a denial of service (host…
CVE-2015-8812 — CVSS 9.8 (critical): drivers/infiniband/hw/cxgb3/iwch_cm.c in the Linux kernel before 4.5 does not properly identify error conditions, which allows remote…
CVE-2015-8550 — CVSS 8.2 (high): Xen, when used on a system providing PV backends, allows local guest OS administrators to cause a denial of service (host OS crash) or gain…
CVE-2015-8539 — CVSS 7.8 (high): The KEYS subsystem in the Linux kernel before 4.4 allows local users to gain privileges or cause a denial of service (BUG) via crafted…
CVE-2015-5364 — CVSS 7.8 (high): The (1) udp_recvmsg and (2) udpv6_recvmsg functions in the Linux kernel before 4.0.6 do not properly consider yielding a processor, which…
CVE-2016-2069 — CVSS 7.4 (high): Race condition in arch/x86/mm/tlb.c in the Linux kernel before 4.4.1 allows local users to gain privileges by triggering access to a paging…
CVE-2015-5157 — CVSS 7.2 (high): arch/x86/entry/entry_64.S in the Linux kernel before 4.1.6 on the x86_64 platform mishandles IRET faults in processing NMIs that occurred…
CVE-2015-1805 — CVSS 7.2 (high): The (1) pipe_read and (2) pipe_write implementations in fs/pipe.c in the Linux kernel before 3.16 do not properly consider the side effects…
CVE-2015-8543 — CVSS 7.0 (high): The networking implementation in the Linux kernel through 4.3.3, as used in Android and other products, does not validate protocol…
CVE-2016-0723 — CVSS 6.8 (medium): Race condition in the tty_ioctl function in drivers/tty/tty_io.c in the Linux kernel through 4.4.1 allows local users to obtain sensitive…
CVE-2015-8767 — CVSS 6.2 (medium): net/sctp/sm_sideeffect.c in the Linux kernel before 4.3 does not properly manage the relationship between a lock and a socket, which allows…
CVE-2015-8785 — CVSS 6.2 (medium): The fuse_fill_write_pages function in fs/fuse/file.c in the Linux kernel before 4.4 allows local users to cause a denial of service…
CVE-2016-2548 — CVSS 6.2 (medium): sound/core/timer.c in the Linux kernel before 4.4.1 retains certain linked lists after a close or stop action, which allows local users to…
CVE-2016-2543 — CVSS 6.2 (medium): The snd_seq_ioctl_remove_events function in sound/core/seq/seq_clientmgr.c in the Linux kernel before 4.4.1 does not verify FIFO assignment…
CVE-2016-2549 — CVSS 6.2 (medium): sound/core/hrtimer.c in the Linux kernel before 4.4.1 does not prevent recursive callback access, which allows local users to cause a…
CVE-2015-8551 — CVSS 6.0 (medium): The PCI backend driver in Xen, when running on an x86 system and using Linux 3.1.x through 4.3.x as the driver domain, allows local guest…
CVE-2015-7990 — CVSS 5.8 (medium): Race condition in the rds_sendmsg function in net/rds/sendmsg.c in the Linux kernel before 4.3.3 allows local users to cause a denial of…
CVE-2015-7550 — CVSS 5.5 (medium): The keyctl_read_key function in security/keys/keyctl.c in the Linux kernel before 4.3.4 does not properly use a semaphore, which allows…
CVE-2013-7446 — CVSS 5.3 (medium): Use-after-free vulnerability in net/unix/af_unix.c in the Linux kernel before 4.3.3 allows local users to bypass intended AF_UNIX socket…
CVE-2016-2546 — CVSS 5.1 (medium): sound/core/timer.c in the Linux kernel before 4.4.1 uses an incorrect type of mutex, which allows local users to cause a denial of service…
CVE-2016-2545 — CVSS 5.1 (medium): The snd_timer_interrupt function in sound/core/timer.c in the Linux kernel before 4.4.1 does not properly maintain a certain linked list…
CVE-2016-2547 — CVSS 5.1 (medium): sound/core/timer.c in the Linux kernel before 4.4.1 employs a locking approach that does not consider slave timer instances, which allows…
CVE-2016-2544 — CVSS 5.1 (medium): Race condition in the queue_delete function in sound/core/seq/seq_queue.c in the Linux kernel before 4.4.1 allows local users to cause a…
CVE-2015-0272 — CVSS 5.0 (medium): GNOME NetworkManager allows remote attackers to cause a denial of service (IPv6 traffic disruption) via a crafted MTU value in an IPv6…
CVE-2015-8215 — CVSS 5.0 (medium): net/ipv6/addrconf.c in the IPv6 stack in the Linux kernel before 4.0 does not validate attempted changes to the MTU value, which allows…
CVE-2015-5366 — CVSS 5.0 (medium): The (1) udp_recvmsg and (2) udpv6_recvmsg functions in the Linux kernel before 4.0.6 provide inappropriate -EAGAIN return values, which…
CVE-2015-4700 — CVSS 4.9 (medium): The bpf_int_jit_compile function in arch/x86/net/bpf_jit_comp.c in the Linux kernel before 4.0.6 allows local users to cause a denial of…
CVE-2014-9728 — CVSS 4.9 (medium): The UDF filesystem implementation in the Linux kernel before 3.18.2 does not validate certain lengths, which allows local users to cause a…
CVE-2014-9729 — CVSS 4.9 (medium): The udf_read_inode function in fs/udf/inode.c in the Linux kernel before 3.18.2 does not ensure a certain data-structure size consistency…
CVE-2014-9730 — CVSS 4.9 (medium): The udf_pc_to_char function in fs/udf/symlink.c in the Linux kernel before 3.18.2 relies on component lengths that are unused, which allows…
CVE-2015-2150 — CVSS 4.9 (medium): Xen 3.3.x through 4.5.x and the Linux kernel through 3.19.1 do not properly restrict access to PCI command registers, which might allow…
CVE-2015-5307 — CVSS 4.9 (medium): The KVM subsystem in the Linux kernel through 4.2.6, and Xen 4.3.x through 4.6.x, allows guest OS users to cause a denial of service (host…
CVE-2015-6937 — CVSS 4.9 (medium): The __rds_conn_create function in net/rds/connection.c in the Linux kernel through 4.2.3 allows local users to cause a denial of service…
CVE-2015-7799 — CVSS 4.9 (medium): The slhc_init function in drivers/net/slip/slhc.c in the Linux kernel through 4.2.3 does not ensure that certain slot numbers are valid…
CVE-2015-4167 — CVSS 4.7 (medium): The udf_read_inode function in fs/udf/inode.c in the Linux kernel before 3.19.1 does not validate certain length values, which allows local…
CVE-2015-5707 — CVSS 4.6 (medium): Integer overflow in the sg_start_req function in drivers/scsi/sg.c in the Linux kernel 2.6.x through 4.x before 4.1 allows local users to…
CVE-2015-7515 — CVSS 4.6 (medium): The aiptek_probe function in drivers/input/tablet/aiptek.c in the Linux kernel before 4.4 allows physically proximate attackers to cause a…
CVE-2016-2384 — CVSS 4.6 (medium): Double free vulnerability in the snd_usbmidi_create function in sound/usb/midi.c in the Linux kernel before 4.5 allows physically proximate…
CVE-2015-8552 — CVSS 4.4 (medium): The PCI backend driver in Xen, when running on an x86 system and using Linux 3.1.x through 4.3.x as the driver domain, allows local guest…
CVE-2015-7509 — CVSS 4.4 (medium): fs/ext4/namei.c in the Linux kernel before 3.7 allows physically proximate attackers to cause a denial of service (system crash) via a…
CVE-2015-8575 — CVSS 4.0 (medium): The sco_sock_bind function in net/bluetooth/sco.c in the Linux kernel before 4.3.4 does not verify an address length, which allows local…
CVE-2015-8569 — CVSS 2.3 (low): The (1) pptp_bind and (2) pptp_connect functions in drivers/net/ppp/pptp.c in the Linux kernel through 4.3.3 do not verify an address…
CVE-2014-9731 — CVSS 2.1 (low): The UDF filesystem implementation in the Linux kernel before 3.18.2 does not ensure that space is available for storing a symlink target's…
CVE-2015-7872 — CVSS 2.1 (low): The key_gc_unused_keys function in security/keys/gc.c in the Linux kernel through 4.2.6 allows local users to cause a denial of service…
CVE-2015-6252 — CVSS 2.1 (low): The vhost_dev_ioctl function in drivers/vhost/vhost.c in the Linux kernel before 4.1.5 allows local users to cause a denial of service…
CVE-2015-0777 — CVSS 2.1 (low): drivers/xen/usbback/usbback.c in linux-2.6.18-xen-3.4.0 (aka the Xen 3.4.x support patches for the Linux kernel 2.6.18), as used in the…
CVE-2015-2830 — CVSS 1.9 (low): arch/x86/kernel/entry_64.S in the Linux kernel before 3.19.2 does not prevent the TS_COMPAT flag from reaching a user-mode task, which…
CVE-2015-1420 — CVSS 1.9 (low): Race condition in the handle_to_path function in fs/fhandle.c in the Linux kernel through 3.19.1 allows local users to bypass intended size…