kgraft-patch-SLE12-SP2_Update_17 (SUSE:Linux Enterprise Live Patching 12) — known CVEs & security advisories
Known CVE vulnerabilities and GitHub Security Advisories affecting the SUSE:Linux Enterprise Live Patching 12 package kgraft-patch-SLE12-SP2_Update_17, with affected version ranges, CVSS severity, EPSS exploit prediction, and CISA KEV status.
CVEs (7)
CVE-2017-18075 — CVSS 7.8 (high): crypto/pcrypt.c in the Linux kernel before 4.14.13 mishandles freeing instances, allowing a local user able to access the AF_ALG-based AEAD…
CVE-2017-17805 — CVSS 7.8 (high): The Salsa20 encryption algorithm in the Linux kernel before 4.14.8 does not correctly handle zero-length inputs, allowing a local attacker…
CVE-2017-17806 — CVSS 7.8 (high): The HMAC implementation (crypto/hmac.c) in the Linux kernel before 4.14.8 does not validate that the underlying cryptographic hash…
CVE-2017-17712 — CVSS 7.0 (high): The raw_sendmsg() function in net/ipv4/raw.c in the Linux kernel through 4.14.6 has a race condition in inet->hdrincl that leads to…
CVE-2017-5715 — CVSS 5.6 (medium): Systems with microprocessors utilizing speculative execution and indirect branch prediction may allow unauthorized disclosure of…
CVE-2017-5753 — CVSS 5.6 (medium): Systems with microprocessors utilizing speculative execution and branch prediction may allow unauthorized disclosure of information to an…
CVE-2017-5754 — CVSS 5.6 (medium): Systems with microprocessors utilizing speculative execution and indirect branch prediction may allow unauthorized disclosure of…