- Home
- CVEs with nessus.description==The SUSE Linux Enterprise 12 SP2 LTSS kernel was updated to 4.4.121 to
receive various security and bugfixes. The following security bugs
were fixed :
- CVE-2018-8781: The udl_fb_mmap function in
drivers/gpu/drm/udl/udl_fb.c had an integer-overflow
vulnerability that allowed local users with access to
the udldrmfb driver to obtain full read and write
permissions on kernel physical pages, resulting in a
code execution in kernel space (bnc#1090643).
- CVE-2018-10124: The kill_something_info function in
kernel/signal.c might have allowed local users to cause
a denial of service via an INT_MIN argument
(bnc#1089752).
- CVE-2018-10087: The kernel_wait4 function in
kernel/exit.c might have allowed local users to cause a
denial of service by triggering an attempted use of the
-INT_MIN value (bnc#1089608).
- CVE-2017-18257: The __get_data_block function in
fs/f2fs/data.c in the Linux kernel allowed local users
to cause a denial of service (integer overflow and loop)
via crafted use of the open and fallocate system calls
with an FS_IOC_FIEMAP ioctl. (bnc#1088241)
- CVE-2018-8822: Incorrect buffer length handling in the
ncp_read_kernel function in fs/ncpfs/ncplib_kernel.c
could be exploited by malicious NCPFS servers to crash
the kernel or execute code (bnc#1086162).
- CVE-2018-8043: The unimac_mdio_probe function in
drivers/net/phy/mdio-bcm-unimac.c did not validate
certain resource availability, which allowed local users
to cause a denial of service (NULL pointer dereference)
(bnc#1084829).
- CVE-2018-7740: The resv_map_release function in
mm/hugetlb.c allowed local users to cause a denial of
service (BUG) via a crafted application that made mmap
system calls and has a large pgoff argument to the
remap_file_pages system call (bnc#1084353).
- CVE-2018-1087: And an unprivileged KVM guest user could
use this flaw to potentially escalate their privileges
inside a guest. (bsc#1087088)
- CVE-2018-8897: An unprivileged system user could use
incorrect set up interrupt stacks to crash the Linux
kernel resulting in DoS issue. (bsc#1087088)
The update package also includes non-security fixes. See advisory for
details.
Note that Tenable Network Security has extracted the preceding
description block directly from the SUSE security advisory. Tenable
has attempted to automatically clean and format it as much as possible
without introducing additional issues.
Max CVSS | 0 |
Min CVSS | 0 |
Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published |
Back to Top
Mark selected
Back to Top