kgraft-patch-SLE12_Update_9 (SUSE:Linux Enterprise Live Patching 12) — known CVEs & security advisories
Known CVE vulnerabilities and GitHub Security Advisories affecting the SUSE:Linux Enterprise Live Patching 12 package kgraft-patch-SLE12_Update_9, with affected version ranges, CVSS severity, EPSS exploit prediction, and CISA KEV status.
CVEs (15)
CVE-2015-8104 — CVSS 10.0 (critical): The KVM subsystem in the Linux kernel through 4.2.6, and Xen 4.3.x through 4.6.x, allows guest OS users to cause a denial of service (host…
CVE-2015-8812 — CVSS 9.8 (critical): drivers/infiniband/hw/cxgb3/iwch_cm.c in the Linux kernel before 4.5 does not properly identify error conditions, which allows remote…
CVE-2016-0728 — CVSS 7.8 (high): The join_session_keyring function in security/keys/process_keys.c in the Linux kernel before 4.4.1 mishandles object references in a…
CVE-2015-8539 — CVSS 7.8 (high): The KEYS subsystem in the Linux kernel before 4.4 allows local users to gain privileges or cause a denial of service (BUG) via crafted…
CVE-2015-8709 — CVSS 7.0 (high): kernel/ptrace.c in the Linux kernel through 4.4.1 mishandles uid and gid mappings, which allows local users to gain privileges by…
CVE-2015-2925 — CVSS 6.9 (medium): The prepend_path function in fs/dcache.c in the Linux kernel before 4.2.4 does not properly handle rename actions inside a bind mount…
CVE-2016-0774 — CVSS 6.8 (medium): The (1) pipe_read and (2) pipe_write implementations in fs/pipe.c in a certain Linux kernel backport in the linux package before…
CVE-2015-7990 — CVSS 5.8 (medium): Race condition in the rds_sendmsg function in net/rds/sendmsg.c in the Linux kernel before 4.3.3 allows local users to cause a denial of…
CVE-2013-7446 — CVSS 5.3 (medium): Use-after-free vulnerability in net/unix/af_unix.c in the Linux kernel before 4.3.3 allows local users to bypass intended AF_UNIX socket…
CVE-2015-0272 — CVSS 5.0 (medium): GNOME NetworkManager allows remote attackers to cause a denial of service (IPv6 traffic disruption) via a crafted MTU value in an IPv6…
CVE-2015-7799 — CVSS 4.9 (medium): The slhc_init function in drivers/net/slip/slhc.c in the Linux kernel through 4.2.3 does not ensure that certain slot numbers are valid…
CVE-2015-5307 — CVSS 4.9 (medium): The KVM subsystem in the Linux kernel through 4.2.6, and Xen 4.3.x through 4.6.x, allows guest OS users to cause a denial of service (host…
CVE-2015-5283 — CVSS 4.7 (medium): The sctp_init function in net/sctp/protocol.c in the Linux kernel before 4.2.3 has an incorrect sequence of protocol-initialization steps…
CVE-2016-2384 — CVSS 4.6 (medium): Double free vulnerability in the snd_usbmidi_create function in sound/usb/midi.c in the Linux kernel before 4.5 allows physically proximate…
CVE-2015-7872 — CVSS 2.1 (low): The key_gc_unused_keys function in security/keys/gc.c in the Linux kernel through 4.2.6 allows local users to cause a denial of service…