kgraft-patch-SLE12_Update_29 (SUSE:Linux Enterprise Server 12-LTSS) — known CVEs & security advisories
Known CVE vulnerabilities and GitHub Security Advisories affecting the SUSE:Linux Enterprise Server 12-LTSS package kgraft-patch-SLE12_Update_29, with affected version ranges, CVSS severity, EPSS exploit prediction, and CISA KEV status.
CVEs (34)
CVE-2017-16939 — CVSS 7.8 (high): The XFRM dump policy implementation in net/xfrm/xfrm_user.c in the Linux kernel before 4.13.11 allows local users to gain privileges or…
CVE-2017-0861 — CVSS 7.8 (high): Use-after-free vulnerability in the snd_pcm_info function in the ALSA subsystem in the Linux kernel allows attackers to gain privileges via…
CVE-2017-15868 — CVSS 7.8 (high): The bnep_add_connection function in net/bluetooth/bnep/core.c in the Linux kernel before 3.19 does not ensure that an l2cap socket is…
CVE-2018-7566 — CVSS 7.8 (high): The Linux kernel 4.15 has a Buffer Overflow via an SNDRV_SEQ_IOCTL_SET_CLIENT_POOL ioctl write operation to /dev/snd/seq by a local user.
CVE-2018-17182 — CVSS 7.8 (high): An issue was discovered in the Linux kernel through 4.18.8. The vmacache_flush_all function in mm/vmacache.c mishandles sequence number…
CVE-2018-10902 — CVSS 7.8 (high): It was found that the raw midi kernel driver does not protect against concurrent access which leads to a double realloc (double free) in…
CVE-2018-8897 — CVSS 7.8 (high): A statement in the System Programming Guide of the Intel 64 and IA-32 Architectures Software Developer's Manual (SDM) was mishandled in the…
CVE-2017-13166 — CVSS 7.8 (high): An elevation of privilege vulnerability in the kernel v4l2 video driver. Product: Android. Versions: Android kernel. Android ID A-34624167.
CVE-2018-8781 — CVSS 7.8 (high): The udl_fb_mmap function in drivers/gpu/drm/udl/udl_fb.c at the Linux kernel version 3.4 and up to and including 4.15 has an…
CVE-2017-15649 — CVSS 7.8 (high): net/packet/af_packet.c in the Linux kernel before 4.13.6 allows local users to gain privileges via crafted system calls that trigger…
CVE-2018-5390 — CVSS 7.5 (high): Linux kernel versions 4.9+ can be forced to make very expensive calls to tcp_collapse_ofo_queue() and tcp_prune_ofo_queue() for every…
CVE-2017-1000405 — CVSS 7.0 (high): The Linux Kernel versions 2.6.38 through 4.14 have a problematic use of pmd_mkdirty() in the touch_pmd() function inside the THP…
CVE-2017-11600 — CVSS 7.0 (high): net/xfrm/xfrm_policy.c in the Linux kernel through 4.12.3, when CONFIG_XFRM_MIGRATE is enabled, does not ensure that the dir value of…
CVE-2018-14633 — CVSS 7.0 (high): A security flaw was found in the chap_server_compute_md5() function in the ISCSI target code in the Linux kernel in a way an authentication…
CVE-2018-10853 — CVSS 7.0 (high): A flaw was found in the way Linux kernel KVM hypervisor before 4.18 emulated instructions such as sgdt/sidt/fxsave/fxrstor. It did not…
CVE-2014-0038 — CVSS 6.9 (medium): The compat_sys_recvmmsg function in net/compat.c in the Linux kernel before 3.13.2, when CONFIG_X86_X32 is enabled, allows local users to…
CVE-2018-1068 — CVSS 6.7 (medium): A flaw was found in the Linux 4.x kernel's implementation of 32-bit syscall interface for bridging. This allowed a privileged user to…
CVE-2017-16649 — CVSS 6.6 (medium): The usbnet_generic_cdc_bind function in drivers/net/usb/cdc_ether.c in the Linux kernel through 4.13.11 allows local users to cause a…
CVE-2017-16650 — CVSS 6.6 (medium): The qmi_wwan_bind function in drivers/net/usb/qmi_wwan.c in the Linux kernel through 4.13.11 allows local users to cause a denial of…
CVE-2017-16537 — CVSS 6.6 (medium): The imon_probe function in drivers/media/rc/imon.c in the Linux kernel through 4.13.11 allows local users to cause a denial of service…
CVE-2017-16536 — CVSS 6.6 (medium): The cx231xx_usb_probe function in drivers/media/usb/cx231xx/cx231xx-cards.c in the Linux kernel through 4.13.11 allows local users to cause…
CVE-2017-16535 — CVSS 6.6 (medium): The usb_get_bos_descriptor function in drivers/usb/core/config.c in the Linux kernel before 4.13.10 allows local users to cause a denial of…
CVE-2017-16531 — CVSS 6.6 (medium): drivers/usb/core/config.c in the Linux kernel before 4.13.6 allows local users to cause a denial of service (out-of-bounds read and system…
CVE-2017-16529 — CVSS 6.6 (medium): The snd_usb_create_streams function in sound/usb/card.c in the Linux kernel before 4.13.6 allows local users to cause a denial of service…
CVE-2017-16527 — CVSS 6.6 (medium): sound/usb/mixer.c in the Linux kernel before 4.13.8 allows local users to cause a denial of service (snd_usb_mixer_interrupt use-after-free…
CVE-2017-16525 — CVSS 6.6 (medium): The usb_serial_console_disconnect function in drivers/usb/serial/console.c in the Linux kernel before 4.13.8 allows local users to cause a…
CVE-2017-15102 — CVSS 6.3 (medium): The tower_probe function in drivers/usb/misc/legousbtower.c in the Linux kernel before 4.8.1 allows local users (who are physically…
CVE-2018-1000004 — CVSS 5.9 (medium): In the Linux kernel 4.12, 3.10, 2.6 and possibly earlier versions a race condition vulnerability exists in the sound system, this can lead…
CVE-2018-3646 — CVSS 5.6 (medium): Systems with microprocessors utilizing speculative execution and address translations may allow unauthorized disclosure of information…
CVE-2018-3665 — CVSS 5.6 (medium): System software utilizing Lazy FP state restore technique on systems using Intel Core-based microprocessors may potentially allow a local…
CVE-2017-12193 — CVSS 5.5 (medium): The assoc_array_insert_into_terminal_node function in lib/assoc_array.c in the Linux kernel before 4.13.11 mishandles node splitting, which…
CVE-2018-1000199 — CVSS 5.5 (medium): The Linux Kernel version 3.18 contains a dangerous feature vulnerability in modify_user_hw_breakpoint() that can result in crash and…
CVE-2018-18386 — CVSS 3.3 (low): drivers/tty/n_tty.c in the Linux kernel before 4.14.11 allows local attackers (who are able to access pseudo terminals) to hang/block…