kgraft-patch-SLE12-SP1_Update_22 (SUSE:Linux Enterprise Server for SAP Applications 12 SP1) — known CVEs & security advisories
Known CVE vulnerabilities and GitHub Security Advisories affecting the SUSE:Linux Enterprise Server for SAP Applications 12 SP1 package kgraft-patch-SLE12-SP1_Update_22, with affected version ranges, CVSS severity, EPSS exploit prediction, and CISA KEV status.
CVEs (46)
CVE-2017-12762 — CVSS 9.8 (critical): In /drivers/isdn/i4l/isdn_net.c: A user-controlled buffer is copied into a local buffer of constant size using strcpy without a length…
CVE-2017-1000363 — CVSS 7.8 (high): Linux drivers/char/lp.c Out-of-Bounds Write. Due to a missing bounds check, and the fact that parport_ptr integer is static, a 'secure…
CVE-2017-1000365 — CVSS 7.8 (high): The Linux Kernel imposes a size restriction on the arguments and environmental strings passed through RLIMIT_STACK/RLIM_INFINITY (1/4 of…
CVE-2017-0861 — CVSS 7.8 (high): Use-after-free vulnerability in the snd_pcm_info function in the ALSA subsystem in the Linux kernel allows attackers to gain privileges via…
CVE-2017-11176 — CVSS 7.8 (high): The mq_notify function in the Linux kernel through 4.11.9 does not set the sock pointer to NULL upon entry into the retry logic. During a…
CVE-2017-13166 — CVSS 7.8 (high): An elevation of privilege vulnerability in the kernel v4l2 video driver. Product: Android. Versions: Android kernel. Android ID A-34624167.
CVE-2017-15649 — CVSS 7.8 (high): net/packet/af_packet.c in the Linux kernel before 4.13.6 allows local users to gain privileges via crafted system calls that trigger…
CVE-2017-15868 — CVSS 7.8 (high): The bnep_add_connection function in net/bluetooth/bnep/core.c in the Linux kernel before 3.19 does not ensure that an l2cap socket is…
CVE-2017-16939 — CVSS 7.8 (high): The XFRM dump policy implementation in net/xfrm/xfrm_user.c in the Linux kernel before 4.13.11 allows local users to gain privileges or…
CVE-2017-7482 — CVSS 7.8 (high): In the Linux kernel before version 4.12, Kerberos 5 tickets decoded when using the RXRPC keys incorrectly assumes the size of a field. This…
CVE-2017-7487 — CVSS 7.8 (high): The ipxitf_ioctl function in net/ipx/af_ipx.c in the Linux kernel through 4.11.1 mishandles reference counts, which allows local users to…
CVE-2017-7541 — CVSS 7.8 (high): The brcmf_cfg80211_mgmt_tx function in drivers/net/wireless/broadcom/brcm80211/brcmfmac/cfg80211.c in the Linux kernel before 4.12.3 allows…
CVE-2017-7889 — CVSS 7.8 (high): The mm subsystem in the Linux kernel through 3.2 does not properly enforce the CONFIG_STRICT_DEVMEM protection mechanism, which allows…
CVE-2017-8890 — CVSS 7.8 (high): The inet_csk_clone_lock function in net/ipv4/inet_connection_sock.c in the Linux kernel through 4.10.15 allows attackers to cause a denial…
CVE-2017-9074 — CVSS 7.8 (high): The IPv6 fragmentation implementation in the Linux kernel through 4.11.1 does not consider that the nexthdr field may be associated with an…
CVE-2017-9075 — CVSS 7.8 (high): The sctp_v6_create_accept_sk function in net/sctp/ipv6.c in the Linux kernel through 4.11.1 mishandles inheritance, which allows local…
CVE-2017-9076 — CVSS 7.8 (high): The dccp_v6_request_recv_sock function in net/dccp/ipv6.c in the Linux kernel through 4.11.1 mishandles inheritance, which allows local…
CVE-2017-9077 — CVSS 7.8 (high): The tcp_v6_syn_recv_sock function in net/ipv6/tcp_ipv6.c in the Linux kernel through 4.11.1 mishandles inheritance, which allows local…
CVE-2018-10902 — CVSS 7.8 (high): It was found that the raw midi kernel driver does not protect against concurrent access which leads to a double realloc (double free) in…
CVE-2018-7566 — CVSS 7.8 (high): The Linux kernel 4.15 has a Buffer Overflow via an SNDRV_SEQ_IOCTL_SET_CLIENT_POOL ioctl write operation to /dev/snd/seq by a local user.
CVE-2018-8781 — CVSS 7.8 (high): The udl_fb_mmap function in drivers/gpu/drm/udl/udl_fb.c at the Linux kernel version 3.4 and up to and including 4.15 has an…
CVE-2018-8897 — CVSS 7.8 (high): A statement in the System Programming Guide of the Intel 64 and IA-32 Architectures Software Developer's Manual (SDM) was mishandled in the…
CVE-2018-5390 — CVSS 7.5 (high): Linux kernel versions 4.9+ can be forced to make very expensive calls to tcp_collapse_ofo_queue() and tcp_prune_ofo_queue() for every…
CVE-2017-12154 — CVSS 7.1 (high): The prepare_vmcs02 function in arch/x86/kvm/vmx.c in the Linux kernel through 4.13.3 does not ensure that the "CR8-load exiting" and…
CVE-2017-10661 — CVSS 7.0 (high): Race condition in fs/timerfd.c in the Linux kernel before 4.10.15 allows local users to gain privileges or cause a denial of service (list…
CVE-2018-10853 — CVSS 7.0 (high): A flaw was found in the way Linux kernel KVM hypervisor before 4.18 emulated instructions such as sgdt/sidt/fxsave/fxrstor. It did not…
CVE-2017-15265 — CVSS 7.0 (high): Race condition in the ALSA subsystem in the Linux kernel before 4.13.8 allows local users to cause a denial of service (use-after-free) or…
CVE-2017-11600 — CVSS 7.0 (high): net/xfrm/xfrm_policy.c in the Linux kernel through 4.12.3, when CONFIG_XFRM_MIGRATE is enabled, does not ensure that the dir value of…
CVE-2018-1068 — CVSS 6.7 (medium): A flaw was found in the Linux 4.x kernel's implementation of 32-bit syscall interface for bridging. This allowed a privileged user to…
CVE-2017-8831 — CVSS 6.4 (medium): The saa7164_bus_get function in drivers/media/pci/saa7164/saa7164-bus.c in the Linux kernel through 4.11.5 allows local users to cause a…
CVE-2018-1000004 — CVSS 5.9 (medium): In the Linux kernel 4.12, 3.10, 2.6 and possibly earlier versions a race condition vulnerability exists in the sound system, this can lead…
CVE-2018-3646 — CVSS 5.6 (medium): Systems with microprocessors utilizing speculative execution and address translations may allow unauthorized disclosure of information…
CVE-2018-3665 — CVSS 5.6 (medium): System software utilizing Lazy FP state restore technique on systems using Intel Core-based microprocessors may potentially allow a local…
CVE-2017-7518 — CVSS 5.5 (medium): A flaw was found in the Linux kernel before version 4.12 in the way the KVM module processed the trap flag(TF) bit in EFLAGS during…
CVE-2017-7542 — CVSS 5.5 (medium): The ip6_find_1stfragopt function in net/ipv6/output_core.c in the Linux kernel through 4.12.3 allows local users to cause a denial of…
CVE-2018-1000199 — CVSS 5.5 (medium): The Linux Kernel version 3.18 contains a dangerous feature vulnerability in modify_user_hw_breakpoint() that can result in crash and…
CVE-2017-1000380 — CVSS 5.5 (medium): sound/core/timer.c in the Linux kernel before 4.11.5 is vulnerable to a data race in the ALSA /dev/snd/timer driver resulting in local…
CVE-2017-8925 — CVSS 5.5 (medium): The omninet_open function in drivers/usb/serial/omninet.c in the Linux kernel before 4.10.4 allows local users to cause a denial of service…
CVE-2017-14106 — CVSS 5.5 (medium): The tcp_disconnect function in net/ipv4/tcp.c in the Linux kernel before 4.12 allows local users to cause a denial of service…
CVE-2017-14140 — CVSS 5.5 (medium): The move_pages system call in mm/migrate.c in the Linux kernel before 4.12.9 doesn't check the effective uid of the target process…
CVE-2017-15274 — CVSS 5.5 (medium): security/keys/keyctl.c in the Linux kernel before 4.11.5 does not consider the case of a NULL payload in conjunction with a nonzero length…
CVE-2017-9242 — CVSS 5.5 (medium): The __ip6_append_data function in net/ipv6/ip6_output.c in the Linux kernel through 4.11.3 is too late in checking whether an overwrite of…
CVE-2017-13080 — CVSS 5.3 (medium): Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Group Temporal Key (GTK) during the group key handshake, allowing an…
CVE-2017-8924 — CVSS 4.6 (medium): The edge_bulk_in_callback function in drivers/usb/serial/io_ti.c in the Linux kernel before 4.10.4 allows local users to obtain sensitive…
CVE-2017-12153 — CVSS 4.4 (medium): A security flaw was discovered in the nl80211_set_rekey_data() function in net/wireless/nl80211.c in the Linux kernel through 4.13.3. This…
CVE-2017-14051 — CVSS 4.4 (medium): An integer overflow in the qla2x00_sysfs_write_optrom_ctl function in drivers/scsi/qla2xxx/qla_attr.c in the Linux kernel through 4.12.10…