kgraft-patch-SLE12-SP2_Update_7 (SUSE:Linux Enterprise Live Patching 12) — known CVEs & security advisories
Known CVE vulnerabilities and GitHub Security Advisories affecting the SUSE:Linux Enterprise Live Patching 12 package kgraft-patch-SLE12-SP2_Update_7, with affected version ranges, CVSS severity, EPSS exploit prediction, and CISA KEV status.
CVEs (33)
CVE-2017-12762 — CVSS 9.8 (critical): In /drivers/isdn/i4l/isdn_net.c: A user-controlled buffer is copied into a local buffer of constant size using strcpy without a length…
CVE-2017-1000251 — CVSS 8.0 (high): The native Bluetooth stack in the Linux Kernel (BlueZ), starting at the Linux kernel version 2.6.32 and up to and including 4.13.1, are…
CVE-2017-7374 — CVSS 7.8 (high): Use-after-free vulnerability in fs/crypto/ in the Linux kernel before 4.10.7 allows local users to cause a denial of service (NULL pointer…
CVE-2017-7187 — CVSS 7.8 (high): The sg_ioctl function in drivers/scsi/sg.c in the Linux kernel through 4.10.4 allows local users to cause a denial of service (stack-based…
CVE-2017-7308 — CVSS 7.8 (high): The packet_set_ring function in net/packet/af_packet.c in the Linux kernel through 4.10.6 does not properly validate certain block-size…
CVE-2017-7294 — CVSS 7.8 (high): The vmw_surface_define_ioctl function in drivers/gpu/drm/vmwgfx/vmwgfx_surface.c in the Linux kernel through 4.10.6 does not validate…
CVE-2017-9077 — CVSS 7.8 (high): The tcp_v6_syn_recv_sock function in net/ipv6/tcp_ipv6.c in the Linux kernel through 4.11.1 mishandles inheritance, which allows local…
CVE-2017-8890 — CVSS 7.8 (high): The inet_csk_clone_lock function in net/ipv4/inet_connection_sock.c in the Linux kernel through 4.10.15 allows attackers to cause a denial…
CVE-2017-15649 — CVSS 7.8 (high): net/packet/af_packet.c in the Linux kernel before 4.13.6 allows local users to gain privileges via crafted system calls that trigger…
CVE-2017-16939 — CVSS 7.8 (high): The XFRM dump policy implementation in net/xfrm/xfrm_user.c in the Linux kernel before 4.13.11 allows local users to gain privileges or…
CVE-2017-6345 — CVSS 7.8 (high): The LLC subsystem in the Linux kernel before 4.9.13 does not ensure that a certain destructor exists in required circumstances, which…
CVE-2017-6347 — CVSS 7.8 (high): The ip_cmsg_recv_checksum function in net/ipv4/ip_sockglue.c in the Linux kernel before 4.10.1 has incorrect expectations about skb data…
CVE-2017-18075 — CVSS 7.8 (high): crypto/pcrypt.c in the Linux kernel before 4.14.13 mishandles freeing instances, allowing a local user able to access the AF_ALG-based AEAD…
CVE-2017-6074 — CVSS 7.8 (high): The dccp_rcv_state_process function in net/dccp/input.c in the Linux kernel through 4.9.11 mishandles DCCP_PKT_REQUEST packet data…
CVE-2017-8797 — CVSS 7.5 (high): The NFSv4 server in the Linux kernel before 4.11.3 does not properly validate the layout type when processing the NFSv4 pNFS GETDEVICEINFO…
CVE-2017-7645 — CVSS 7.5 (high): The NFSv2/NFSv3 server in the nfsd subsystem in the Linux kernel through 4.10.11 allows remote attackers to cause a denial of service…
CVE-2016-2117 — CVSS 7.5 (high): The atl2_probe function in drivers/net/ethernet/atheros/atlx/atl2.c in the Linux kernel through 4.5.2 incorrectly enables scatter/gather…
CVE-2017-6214 — CVSS 7.5 (high): The tcp_splice_read function in net/ipv4/tcp.c in the Linux kernel before 4.9.11 allows remote attackers to cause a denial of service…
CVE-2017-1000364 — CVSS 7.4 (high): An issue was discovered in the size of the stack guard page on Linux, specifically a 4k stack guard page is not sufficiently large and can…
CVE-2016-10200 — CVSS 7.0 (high): Race condition in the L2TPv3 IP Encapsulation feature in the Linux kernel before 4.8.14 allows local users to gain privileges or cause a…
CVE-2017-1000112 — CVSS 7.0 (high): Linux kernel: Exploitable memory corruption due to UFO to non-UFO path switch. When building a UFO packet with MSG_MORE __ip_append_data()…
CVE-2017-1000405 — CVSS 7.0 (high): The Linux Kernel versions 2.6.38 through 4.14 have a problematic use of pmd_mkdirty() in the touch_pmd() function inside the THP…
CVE-2017-10661 — CVSS 7.0 (high): Race condition in fs/timerfd.c in the Linux kernel before 4.10.15 allows local users to gain privileges or cause a denial of service (list…
CVE-2017-17712 — CVSS 7.0 (high): The raw_sendmsg() function in net/ipv4/raw.c in the Linux kernel through 4.14.6 has a race condition in inet->hdrincl that leads to…
CVE-2017-6346 — CVSS 7.0 (high): Race condition in net/packet/af_packet.c in the Linux kernel before 4.9.13 allows local users to cause a denial of service (use-after-free)…
CVE-2017-7533 — CVSS 7.0 (high): Race condition in the fsnotify implementation in the Linux kernel through 4.12.4 allows local users to gain privileges or cause a denial of…
CVE-2017-2596 — CVSS 6.5 (medium): The nested_vmx_check_vmptr function in arch/x86/kvm/vmx.c in the Linux kernel through 4.9.8 improperly emulates the VMXON instruction…
CVE-2017-9242 — CVSS 5.5 (medium): The __ip6_append_data function in net/ipv6/ip6_output.c in the Linux kernel through 4.11.3 is too late in checking whether an overwrite of…
CVE-2017-2671 — CVSS 5.5 (medium): The ping_unhash function in net/ipv4/ping.c in the Linux kernel through 4.10.8 is too late in obtaining a certain lock and consequently…
CVE-2017-6353 — CVSS 5.5 (medium): net/sctp/socket.c in the Linux kernel through 4.10.1 does not properly restrict association peel-off operations during certain wait states…
CVE-2016-9191 — CVSS 5.5 (medium): The cgroup offline implementation in the Linux kernel through 4.8.11 mishandles certain drain operations, which allows local users to cause…
CVE-2017-7261 — CVSS 5.5 (medium): The vmw_surface_define_ioctl function in drivers/gpu/drm/vmwgfx/vmwgfx_surface.c in the Linux kernel through 4.10.5 does not check for a…
CVE-2017-13080 — CVSS 5.3 (medium): Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Group Temporal Key (GTK) during the group key handshake, allowing an…