kgraft-patch-SLE12-SP1_Update_15 (SUSE:Linux Enterprise Live Patching 12) — known CVEs & security advisories
Known CVE vulnerabilities and GitHub Security Advisories affecting the SUSE:Linux Enterprise Live Patching 12 package kgraft-patch-SLE12-SP1_Update_15, with affected version ranges, CVSS severity, EPSS exploit prediction, and CISA KEV status.
CVEs (30)
CVE-2016-7117 — CVSS 9.8 (critical): Use-after-free vulnerability in the __sys_recvmmsg function in net/socket.c in the Linux kernel before 4.5.2 allows remote attackers to…
CVE-2017-5897 — CVSS 9.8 (critical): The ip6gre_err function in net/ipv6/ip6_gre.c in the Linux kernel allows remote attackers to have unspecified impact via vectors involving…
CVE-2016-10044 — CVSS 7.8 (high): The aio_mount function in fs/aio.c in the Linux kernel before 4.7.7 does not properly restrict execute access, which makes it easier for…
CVE-2017-6074 — CVSS 7.8 (high): The dccp_rcv_state_process function in net/dccp/input.c in the Linux kernel through 4.9.11 mishandles DCCP_PKT_REQUEST packet data…
CVE-2017-6345 — CVSS 7.8 (high): The LLC subsystem in the Linux kernel before 4.9.13 does not ensure that a certain destructor exists in required circumstances, which…
CVE-2017-7294 — CVSS 7.8 (high): The vmw_surface_define_ioctl function in drivers/gpu/drm/vmwgfx/vmwgfx_surface.c in the Linux kernel through 4.10.6 does not validate…
CVE-2017-7308 — CVSS 7.8 (high): The packet_set_ring function in net/packet/af_packet.c in the Linux kernel through 4.10.6 does not properly validate certain block-size…
CVE-2017-2647 — CVSS 7.8 (high): The KEYS subsystem in the Linux kernel before 3.18 allows local users to gain privileges or cause a denial of service (NULL pointer…
CVE-2017-5669 — CVSS 7.8 (high): The do_shmat function in ipc/shm.c in the Linux kernel through 4.9.12 does not restrict the address calculated by a certain rounding…
CVE-2016-3070 — CVSS 7.8 (high): The trace_writeback_dirty_page implementation in include/trace/events/writeback.h in the Linux kernel before 4.4 improperly interacts with…
CVE-2017-7187 — CVSS 7.8 (high): The sg_ioctl function in drivers/scsi/sg.c in the Linux kernel through 4.10.4 allows local users to cause a denial of service (stack-based…
CVE-2016-2117 — CVSS 7.5 (high): The atl2_probe function in drivers/net/ethernet/atheros/atlx/atl2.c in the Linux kernel through 4.5.2 incorrectly enables scatter/gather…
CVE-2017-7645 — CVSS 7.5 (high): The NFSv2/NFSv3 server in the nfsd subsystem in the Linux kernel through 4.10.11 allows remote attackers to cause a denial of service…
CVE-2017-6214 — CVSS 7.5 (high): The tcp_splice_read function in net/ipv4/tcp.c in the Linux kernel before 4.9.11 allows remote attackers to cause a denial of service…
CVE-2017-6346 — CVSS 7.0 (high): Race condition in net/packet/af_packet.c in the Linux kernel before 4.9.13 allows local users to cause a denial of service (use-after-free)…
CVE-2016-10200 — CVSS 7.0 (high): Race condition in the L2TPv3 IP Encapsulation feature in the Linux kernel before 4.8.14 allows local users to gain privileges or cause a…
CVE-2017-8106 — CVSS 5.5 (medium): The handle_invept function in arch/x86/kvm/vmx.c in the Linux kernel 3.12 through 3.15 allows privileged KVM guest OS users to cause a…
CVE-2016-5243 — CVSS 5.5 (medium): The tipc_nl_compat_link_dump function in net/tipc/netlink_compat.c in the Linux kernel through 4.6.3 does not properly copy a certain…
CVE-2016-9191 — CVSS 5.5 (medium): The cgroup offline implementation in the Linux kernel through 4.8.11 mishandles certain drain operations, which allows local users to cause…
CVE-2016-9588 — CVSS 5.5 (medium): arch/x86/kvm/vmx.c in the Linux kernel through 4.9 mismanages the #BP and #OF exceptions, which allows guest OS users to cause a denial of…
CVE-2017-2671 — CVSS 5.5 (medium): The ping_unhash function in net/ipv4/ping.c in the Linux kernel through 4.10.8 is too late in obtaining a certain lock and consequently…
CVE-2017-5986 — CVSS 5.5 (medium): Race condition in the sctp_wait_for_sndbuf function in net/sctp/socket.c in the Linux kernel before 4.9.11 allows local users to cause a…
CVE-2017-6348 — CVSS 5.5 (medium): The hashbin_delete function in net/irda/irqueue.c in the Linux kernel before 4.9.13 improperly manages lock dropping, which allows local…
CVE-2017-6353 — CVSS 5.5 (medium): net/sctp/socket.c in the Linux kernel through 4.10.1 does not properly restrict association peel-off operations during certain wait states…
CVE-2017-6951 — CVSS 5.5 (medium): The keyring_search_aux function in security/keys/keyring.c in the Linux kernel through 3.14.79 allows local users to cause a denial of…
CVE-2017-7261 — CVSS 5.5 (medium): The vmw_surface_define_ioctl function in drivers/gpu/drm/vmwgfx/vmwgfx_surface.c in the Linux kernel through 4.10.5 does not check for a…
CVE-2017-7616 — CVSS 5.5 (medium): Incorrect error handling in the set_mempolicy and mbind compat syscalls in mm/mempolicy.c in the Linux kernel through 4.10.9 allows local…
CVE-2015-1350 — CVSS 5.5 (medium): The VFS subsystem in the Linux kernel 3.x provides an incomplete set of requirements for setattr operations that underspecifies removing…
CVE-2016-9604 — CVSS 4.4 (medium): It was discovered in the Linux kernel before 4.11-rc8 that root can gain direct access to an internal keyring, such as '.dns_resolver' in…
CVE-2016-10208 — CVSS 4.3 (medium): The ext4_fill_super function in fs/ext4/super.c in the Linux kernel through 4.9.8 does not properly validate meta block groups, which…