kgraft-patch-SLE12-SP2_Update_27 (SUSE:Linux Enterprise Server for SAP Applications 12 SP2) — known CVEs & security advisories
Known CVE vulnerabilities and GitHub Security Advisories affecting the SUSE:Linux Enterprise Server for SAP Applications 12 SP2 package kgraft-patch-SLE12-SP2_Update_27, with affected version ranges, CVSS severity, EPSS exploit prediction, and CISA KEV status.
CVEs (24)
CVE-2019-14896 — CVSS 9.8 (critical): A heap-based buffer overflow vulnerability was found in the Linux kernel, version kernel-2.6.32, in Marvell WiFi chip driver. A remote…
CVE-2019-17133 — CVSS 9.8 (critical): In the Linux kernel through 5.3.2, cfg80211_mgd_wext_giwessid in net/wireless/wext-sme.c does not reject a long SSID IE, leading to a…
CVE-2019-14897 — CVSS 9.8 (critical): A stack-based buffer overflow was found in the Linux kernel, version kernel-2.6.32, in Marvell WiFi chip driver. An attacker is able to…
CVE-2019-3846 — CVSS 8.8 (high): A flaw that allowed an attacker to corrupt memory and possibly escalate privileges was found in the mwifiex kernel module while connecting…
CVE-2019-10220 — CVSS 8.8 (high): Linux kernel CIFS implementation, version 4.9.0 is vulnerable to a relative paths injection in directory entry lists.
CVE-2018-16884 — CVSS 8.0 (high): A flaw was found in the Linux kernel's NFS41+ subsystem. NFS41+ shares mounted in different network namespaces at the same time can make…
CVE-2018-19824 — CVSS 7.8 (high): In the Linux kernel through 4.19.6, a local user could exploit a use-after-free in the ALSA driver by supplying a malicious USB Sound…
CVE-2019-14835 — CVSS 7.8 (high): A buffer overflow flaw was found, in versions from 2.6.34 to 5.2.x, in the way Linux kernel's vhost functionality that translates virtqueue…
CVE-2018-9568 — CVSS 7.8 (high): In sk_clone_lock of sock.c, there is a possible memory corruption due to type confusion. This could lead to local escalation of privilege…
CVE-2019-11487 — CVSS 7.8 (high): The Linux kernel before 5.1-rc5 allows page->_refcount reference count overflow, with resultant use-after-free issues, if about 140 GiB of…
CVE-2018-18281 — CVSS 7.8 (high): Since Linux kernel version 3.2, the mremap() syscall performs TLB flushes after dropping pagetable locks. If a syscall such as ftruncate()…
CVE-2018-20856 — CVSS 7.8 (high): An issue was discovered in the Linux kernel before 4.18.7. In block/blk-core.c, there is an __blk_drain_queue() use-after-free because a…
CVE-2018-9516 — CVSS 7.8 (high): In hid_debug_events_read of drivers/hid/hid-debug.c, there is a possible out of bounds write due to a missing bounds check. This could lead…
CVE-2019-11477 — CVSS 7.5 (high): Jonathan Looney discovered that the TCP_SKB_CB(skb)->tcp_gso_segs value was subject to an integer overflow in the Linux kernel when…
CVE-2018-20169 — CVSS 6.8 (medium): An issue was discovered in the Linux kernel before 4.19.9. The USB subsystem mishandles size checks during the reading of an extra…
CVE-2019-3459 — CVSS 6.5 (medium): A heap address information leak while using L2CAP_GET_CONF_OPT was discovered in the Linux kernel before 5.1-rc1.
CVE-2019-3460 — CVSS 6.5 (medium): A heap data infoleak in multiple locations including L2CAP_PARSE_CONF_RSP was found in the Linux kernel before 5.1-rc1.
CVE-2018-18710 — CVSS 5.5 (medium): An issue was discovered in the Linux kernel through 4.19. An information leak in cdrom_ioctl_select_disc in drivers/cdrom/cdrom.c could be…
CVE-2018-18690 — CVSS 5.5 (medium): In the Linux kernel before 4.17, a local attacker able to set attributes on an xfs filesystem could make this filesystem non-operational…
CVE-2019-11478 — CVSS 5.3 (medium): Jonathan Looney discovered that the TCP retransmission queue implementation in tcp_fragment in the Linux kernel could be fragmented when…
CVE-2018-16862 — CVSS 5.3 (medium): A security flaw was found in the Linux kernel in a way that the cleancache subsystem clears an inode after the final file truncation…
CVE-2018-19985 — CVSS 4.6 (medium): The function hso_get_config_data in drivers/net/usb/hso.c in the Linux kernel through 4.19.8 reads if_num from the USB device (as a u8) and…
CVE-2018-18386 — CVSS 3.3 (low): drivers/tty/n_tty.c in the Linux kernel before 4.14.11 allows local attackers (who are able to access pseudo terminals) to hang/block…