kgraft-patch-SLE12-SP1_Update_23 (SUSE:OpenStack Cloud 6) — known CVEs & security advisories
Known CVE vulnerabilities and GitHub Security Advisories affecting the SUSE:OpenStack Cloud 6 package kgraft-patch-SLE12-SP1_Update_23, with affected version ranges, CVSS severity, EPSS exploit prediction, and CISA KEV status.
CVEs (14)
CVE-2017-16939 — CVSS 7.8 (high): The XFRM dump policy implementation in net/xfrm/xfrm_user.c in the Linux kernel before 4.13.11 allows local users to gain privileges or…
CVE-2017-1000405 — CVSS 7.0 (high): The Linux Kernel versions 2.6.38 through 4.14 have a problematic use of pmd_mkdirty() in the touch_pmd() function inside the THP…
CVE-2014-0038 — CVSS 6.9 (medium): The compat_sys_recvmmsg function in net/compat.c in the Linux kernel before 3.13.2, when CONFIG_X86_X32 is enabled, allows local users to…
CVE-2017-16650 — CVSS 6.6 (medium): The qmi_wwan_bind function in drivers/net/usb/qmi_wwan.c in the Linux kernel through 4.13.11 allows local users to cause a denial of…
CVE-2017-16525 — CVSS 6.6 (medium): The usb_serial_console_disconnect function in drivers/usb/serial/console.c in the Linux kernel before 4.13.8 allows local users to cause a…
CVE-2017-16527 — CVSS 6.6 (medium): sound/usb/mixer.c in the Linux kernel before 4.13.8 allows local users to cause a denial of service (snd_usb_mixer_interrupt use-after-free…
CVE-2017-16529 — CVSS 6.6 (medium): The snd_usb_create_streams function in sound/usb/card.c in the Linux kernel before 4.13.6 allows local users to cause a denial of service…
CVE-2017-16531 — CVSS 6.6 (medium): drivers/usb/core/config.c in the Linux kernel before 4.13.6 allows local users to cause a denial of service (out-of-bounds read and system…
CVE-2017-16535 — CVSS 6.6 (medium): The usb_get_bos_descriptor function in drivers/usb/core/config.c in the Linux kernel before 4.13.10 allows local users to cause a denial of…
CVE-2017-16536 — CVSS 6.6 (medium): The cx231xx_usb_probe function in drivers/media/usb/cx231xx/cx231xx-cards.c in the Linux kernel through 4.13.11 allows local users to cause…
CVE-2017-16537 — CVSS 6.6 (medium): The imon_probe function in drivers/media/rc/imon.c in the Linux kernel through 4.13.11 allows local users to cause a denial of service…
CVE-2017-16649 — CVSS 6.6 (medium): The usbnet_generic_cdc_bind function in drivers/net/usb/cdc_ether.c in the Linux kernel through 4.13.11 allows local users to cause a…
CVE-2017-15102 — CVSS 6.3 (medium): The tower_probe function in drivers/usb/misc/legousbtower.c in the Linux kernel before 4.8.1 allows local users (who are physically…
CVE-2017-12193 — CVSS 5.5 (medium): The assoc_array_insert_into_terminal_node function in lib/assoc_array.c in the Linux kernel before 4.13.11 mishandles node splitting, which…