kgraft-patch-SLE12-SP1_Update_24 (SUSE:OpenStack Cloud 6) — known CVEs & security advisories
Known CVE vulnerabilities and GitHub Security Advisories affecting the SUSE:OpenStack Cloud 6 package kgraft-patch-SLE12-SP1_Update_24, with affected version ranges, CVSS severity, EPSS exploit prediction, and CISA KEV status.
CVEs (14)
CVE-2017-17448 — CVSS 7.8 (high): net/netfilter/nfnetlink_cthelper.c in the Linux kernel through 4.14.4 does not require the CAP_NET_ADMIN capability for new, get, and del…
CVE-2017-13167 — CVSS 7.8 (high): An elevation of privilege vulnerability in the kernel sound timer. Product: Android. Versions: Android kernel. Android ID A-37240993.
CVE-2017-15115 — CVSS 7.8 (high): The sctp_do_peeloff function in net/sctp/socket.c in the Linux kernel before 4.14 does not check whether the intended netns is used in a…
CVE-2017-15868 — CVSS 7.8 (high): The bnep_add_connection function in net/bluetooth/bnep/core.c in the Linux kernel before 3.19 does not ensure that an l2cap socket is…
CVE-2017-8824 — CVSS 7.8 (high): The dccp_disconnect function in net/dccp/proto.c in the Linux kernel through 4.14.3 allows local users to gain privileges or cause a denial…
CVE-2017-17450 — CVSS 7.8 (high): net/netfilter/xt_osf.c in the Linux kernel through 4.14.4 does not require the CAP_NET_ADMIN capability for add_callback and…
CVE-2017-11600 — CVSS 7.0 (high): net/xfrm/xfrm_policy.c in the Linux kernel through 4.12.3, when CONFIG_XFRM_MIGRATE is enabled, does not ensure that the dir value of…
CVE-2017-16534 — CVSS 6.8 (medium): The cdc_parse_cdc_header function in drivers/usb/core/message.c in the Linux kernel before 4.13.6 allows local users to cause a denial of…
CVE-2017-16538 — CVSS 6.6 (medium): drivers/media/usb/dvb-usb-v2/lmedm04.c in the Linux kernel through 4.13.11 allows local users to cause a denial of service (general…
CVE-2017-17558 — CVSS 6.6 (medium): The usb_destroy_configuration function in drivers/usb/core/config.c in the USB core subsystem in the Linux kernel through 4.14.5 does not…
CVE-2017-5715 — CVSS 5.6 (medium): Systems with microprocessors utilizing speculative execution and indirect branch prediction may allow unauthorized disclosure of…
CVE-2017-5753 — CVSS 5.6 (medium): Systems with microprocessors utilizing speculative execution and branch prediction may allow unauthorized disclosure of information to an…
CVE-2017-5754 — CVSS 5.6 (medium): Systems with microprocessors utilizing speculative execution and indirect branch prediction may allow unauthorized disclosure of…
CVE-2017-17449 — CVSS 4.7 (medium): The __netlink_deliver_tap_skb function in net/netlink/af_netlink.c in the Linux kernel through 4.14.4, when CONFIG_NLMON is enabled, does…