kgraft-patch-SLE12-SP2_Update_30 (SUSE:OpenStack Cloud 7) — known CVEs & security advisories
Known CVE vulnerabilities and GitHub Security Advisories affecting the SUSE:OpenStack Cloud 7 package kgraft-patch-SLE12-SP2_Update_30, with affected version ranges, CVSS severity, EPSS exploit prediction, and CISA KEV status.
CVEs (12)
CVE-2019-3846 — CVSS 8.8 (high): A flaw that allowed an attacker to corrupt memory and possibly escalate privileges was found in the mwifiex kernel module while connecting…
CVE-2019-11815 — CVSS 8.1 (high): An issue was discovered in rds_tcp_kill_sock in net/rds/tcp.c in the Linux kernel before 5.0.8. There is a race condition leading to a…
CVE-2019-11479 — CVSS 7.5 (high): Jonathan Looney discovered that the Linux kernel default MSS is hard-coded to 48 bytes. This allows a remote peer to fragment TCP resend…
CVE-2019-11477 — CVSS 7.5 (high): Jonathan Looney discovered that the TCP_SKB_CB(skb)->tcp_gso_segs value was subject to an integer overflow in the Linux kernel when…
CVE-2019-5489 — CVSS 5.5 (medium): The mincore() implementation in mm/mincore.c in the Linux kernel through 4.19.13 allowed local attackers to observe page cache access…
CVE-2018-7191 — CVSS 5.5 (medium): In the tun subsystem in the Linux kernel before 4.13.14, dev_get_valid_name is not called before register_netdevice. This allows local…
CVE-2019-11833 — CVSS 5.5 (medium): fs/ext4/extents.c in the Linux kernel through 5.1.2 does not zero out the unused memory region in the extent tree block, which might allow…
CVE-2019-12382 — CVSS 5.5 (medium): An issue was discovered in drm_load_edid_firmware in drivers/gpu/drm/drm_edid_load.c in the Linux kernel through 5.1.5. There is an…
CVE-2018-17972 — CVSS 5.5 (medium): An issue was discovered in the proc_pid_stack function in fs/proc/base.c in the Linux kernel through 4.18.11. It does not ensure that only…
CVE-2019-11478 — CVSS 5.3 (medium): Jonathan Looney discovered that the TCP retransmission queue implementation in tcp_fragment in the Linux kernel could be fragmented when…
CVE-2019-11190 — CVSS 4.7 (medium): The Linux kernel before 4.8 allows local users to bypass ASLR on setuid programs (such as /bin/su) because install_exec_creds() is called…
CVE-2019-11884 — CVSS 3.3 (low): The do_hidp_sock_ioctl function in net/bluetooth/hidp/sock.c in the Linux kernel before 5.0.15 allows a local user to obtain potentially…