kgraft-patch-SLE12-SP2_Update_24 (SUSE:OpenStack Cloud 7) — known CVEs & security advisories
Known CVE vulnerabilities and GitHub Security Advisories affecting the SUSE:OpenStack Cloud 7 package kgraft-patch-SLE12-SP2_Update_24, with affected version ranges, CVSS severity, EPSS exploit prediction, and CISA KEV status.
CVEs (11)
CVE-2018-13406 — CVSS 7.8 (high): An integer overflow in the uvesafb_setcmap function in drivers/video/fbdev/uvesafb.c in the Linux kernel before 4.17.4 could result in…
CVE-2018-13405 — CVSS 7.8 (high): The inode_init_owner function in fs/inode.c in the Linux kernel through 3.16 allows local users to create files with an unintended group…
CVE-2018-14734 — CVSS 7.8 (high): drivers/infiniband/core/ucma.c in the Linux kernel through 4.17.11 allows ucma_leave_multicast to access a certain data structure after a…
CVE-2018-9385 — CVSS 7.8 (high): In driver_override_store of bus.c, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local…
CVE-2018-5391 — CVSS 7.5 (high): The Linux kernel, versions 3.9+, is vulnerable to a denial of service attack with low rates of specially modified packets targeting IP…
CVE-2018-5390 — CVSS 7.5 (high): Linux kernel versions 4.9+ can be forced to make very expensive calls to tcp_collapse_ofo_queue() and tcp_prune_ofo_queue() for every…
CVE-2018-5814 — CVSS 7.0 (high): In the Linux Kernel before version 4.16.11, 4.14.43, 4.9.102, and 4.4.133, multiple race condition errors when handling probe, disconnect…
CVE-2018-3620 — CVSS 5.6 (medium): Systems with microprocessors utilizing speculative execution and address translations may allow unauthorized disclosure of information…
CVE-2018-3646 — CVSS 5.6 (medium): Systems with microprocessors utilizing speculative execution and address translations may allow unauthorized disclosure of information…
CVE-2017-18344 — CVSS 5.5 (medium): The timer_create syscall implementation in kernel/time/posix-timers.c in the Linux kernel before 4.14.8 doesn't properly validate the…
CVE-2018-13053 — CVSS 3.3 (low): The alarm_timer_nsleep function in kernel/time/alarmtimer.c in the Linux kernel through 4.17.3 has an integer overflow via a large relative…