kgraft-patch-SLE12_Update_24 (SUSE:Linux Enterprise Server 12-LTSS) — known CVEs & security advisories
Known CVE vulnerabilities and GitHub Security Advisories affecting the SUSE:Linux Enterprise Server 12-LTSS package kgraft-patch-SLE12_Update_24, with affected version ranges, CVSS severity, EPSS exploit prediction, and CISA KEV status.
CVEs (20)
CVE-2017-1000251 — CVSS 8.0 (high): The native Bluetooth stack in the Linux Kernel (BlueZ), starting at the Linux kernel version 2.6.32 and up to and including 4.13.1, are…
CVE-2017-0861 — CVSS 7.8 (high): Use-after-free vulnerability in the snd_pcm_info function in the ALSA subsystem in the Linux kernel allows attackers to gain privileges via…
CVE-2017-13166 — CVSS 7.8 (high): An elevation of privilege vulnerability in the kernel v4l2 video driver. Product: Android. Versions: Android kernel. Android ID A-34624167.
CVE-2017-15649 — CVSS 7.8 (high): net/packet/af_packet.c in the Linux kernel before 4.13.6 allows local users to gain privileges via crafted system calls that trigger…
CVE-2017-15868 — CVSS 7.8 (high): The bnep_add_connection function in net/bluetooth/bnep/core.c in the Linux kernel before 3.19 does not ensure that an l2cap socket is…
CVE-2017-16939 — CVSS 7.8 (high): The XFRM dump policy implementation in net/xfrm/xfrm_user.c in the Linux kernel before 4.13.11 allows local users to gain privileges or…
CVE-2018-7566 — CVSS 7.8 (high): The Linux kernel 4.15 has a Buffer Overflow via an SNDRV_SEQ_IOCTL_SET_CLIENT_POOL ioctl write operation to /dev/snd/seq by a local user.
CVE-2018-8781 — CVSS 7.8 (high): The udl_fb_mmap function in drivers/gpu/drm/udl/udl_fb.c at the Linux kernel version 3.4 and up to and including 4.15 has an…
CVE-2018-8897 — CVSS 7.8 (high): A statement in the System Programming Guide of the Intel 64 and IA-32 Architectures Software Developer's Manual (SDM) was mishandled in the…
CVE-2017-7645 — CVSS 7.5 (high): The NFSv2/NFSv3 server in the nfsd subsystem in the Linux kernel through 4.10.11 allows remote attackers to cause a denial of service…
CVE-2017-1000112 — CVSS 7.0 (high): Linux kernel: Exploitable memory corruption due to UFO to non-UFO path switch. When building a UFO packet with MSG_MORE __ip_append_data()…
CVE-2017-7533 — CVSS 7.0 (high): Race condition in the fsnotify implementation in the Linux kernel through 4.12.4 allows local users to gain privileges or cause a denial of…
CVE-2017-10661 — CVSS 7.0 (high): Race condition in fs/timerfd.c in the Linux kernel before 4.10.15 allows local users to gain privileges or cause a denial of service (list…
CVE-2018-1068 — CVSS 6.7 (medium): A flaw was found in the Linux 4.x kernel's implementation of 32-bit syscall interface for bridging. This allowed a privileged user to…
CVE-2018-1000004 — CVSS 5.9 (medium): In the Linux kernel 4.12, 3.10, 2.6 and possibly earlier versions a race condition vulnerability exists in the sound system, this can lead…
CVE-2018-3665 — CVSS 5.6 (medium): System software utilizing Lazy FP state restore technique on systems using Intel Core-based microprocessors may potentially allow a local…
CVE-2017-9242 — CVSS 5.5 (medium): The __ip6_append_data function in net/ipv6/ip6_output.c in the Linux kernel through 4.11.3 is too late in checking whether an overwrite of…
CVE-2017-15274 — CVSS 5.5 (medium): security/keys/keyctl.c in the Linux kernel before 4.11.5 does not consider the case of a NULL payload in conjunction with a nonzero length…
CVE-2018-1000199 — CVSS 5.5 (medium): The Linux Kernel version 3.18 contains a dangerous feature vulnerability in modify_user_hw_breakpoint() that can result in crash and…
CVE-2017-13080 — CVSS 5.3 (medium): Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Group Temporal Key (GTK) during the group key handshake, allowing an…