kernel-livepatch-SLE15_Update_0 (SUSE:Linux Enterprise Live Patching 15) — known CVEs & security advisories
Known CVE vulnerabilities and GitHub Security Advisories affecting the SUSE:Linux Enterprise Live Patching 15 package kernel-livepatch-SLE15_Update_0, with affected version ranges, CVSS severity, EPSS exploit prediction, and CISA KEV status.
CVEs (21)
CVE-2019-6974 — CVSS 8.1 (high): In the Linux kernel before 4.20.8, kvm_ioctl_create_device in virt/kvm/kvm_main.c mishandles reference counting because of a race…
CVE-2018-16884 — CVSS 8.0 (high): A flaw was found in the Linux kernel's NFS41+ subsystem. NFS41+ shares mounted in different network namespaces at the same time can make…
CVE-2018-9568 — CVSS 7.8 (high): In sk_clone_lock of sock.c, there is a possible memory corruption due to type confusion. This could lead to local escalation of privilege…
CVE-2018-10902 — CVSS 7.8 (high): It was found that the raw midi kernel driver does not protect against concurrent access which leads to a double realloc (double free) in…
CVE-2019-8912 — CVSS 7.8 (high): In the Linux kernel through 4.20.11, af_alg_release() in crypto/af_alg.c neglects to set a NULL value for a certain structure member, which…
CVE-2018-14734 — CVSS 7.8 (high): drivers/infiniband/core/ucma.c in the Linux kernel through 4.17.11 allows ucma_leave_multicast to access a certain data structure after a…
CVE-2018-15471 — CVSS 7.8 (high): An issue was discovered in xenvif_set_hash_mapping in drivers/net/xen-netback/hash.c in the Linux kernel through 4.18.1, as used in Xen…
CVE-2018-17182 — CVSS 7.8 (high): An issue was discovered in the Linux kernel through 4.18.8. The vmacache_flush_all function in mm/vmacache.c mishandles sequence number…
CVE-2018-5848 — CVSS 7.8 (high): In the function wmi_set_ie(), the length validation code does not handle unsigned integer overflow properly. As a result, a large value of…
CVE-2018-5390 — CVSS 7.5 (high): Linux kernel versions 4.9+ can be forced to make very expensive calls to tcp_collapse_ofo_queue() and tcp_prune_ofo_queue() for every…
CVE-2018-5391 — CVSS 7.5 (high): The Linux kernel, versions 3.9+, is vulnerable to a denial of service attack with low rates of specially modified packets targeting IP…
CVE-2018-14633 — CVSS 7.0 (high): A security flaw was found in the chap_server_compute_md5() function in the ISCSI target code in the Linux kernel in a way an authentication…
CVE-2018-10853 — CVSS 7.0 (high): A flaw was found in the way Linux kernel KVM hypervisor before 4.18 emulated instructions such as sgdt/sidt/fxsave/fxrstor. It did not…
CVE-2018-12232 — CVSS 5.9 (medium): In net/socket.c in the Linux kernel through 4.17.1, there is a race condition between fchownat and close in cases where they target the…
CVE-2018-10938 — CVSS 5.9 (medium): A flaw was found in the Linux kernel present since v4.0-rc1 and through v4.13-rc4. A crafted network packet sent remotely by an attacker…
CVE-2018-3646 — CVSS 5.6 (medium): Systems with microprocessors utilizing speculative execution and address translations may allow unauthorized disclosure of information…
CVE-2019-9213 — CVSS 5.5 (medium): In the Linux kernel before 4.20.14, expand_downwards in mm/mmap.c lacks a check for the mmap minimum address, which makes it easier for…
CVE-2017-18344 — CVSS 5.5 (medium): The timer_create syscall implementation in kernel/time/posix-timers.c in the Linux kernel before 4.14.8 doesn't properly validate the…
CVE-2018-12904 — CVSS 4.9 (medium): In arch/x86/kvm/vmx.c in the Linux kernel before 4.17.2, when nested virtualization is used, local attackers could cause L1 KVM guests to…
CVE-2018-18386 — CVSS 3.3 (low): drivers/tty/n_tty.c in the Linux kernel before 4.14.11 allows local attackers (who are able to access pseudo terminals) to hang/block…