- Home
- CVEs with nessus.description==The SUSE Linux Enterprise 12 SP3 kernel was updated to 4.4.82 to
receive various security and bugfixes. The following security bugs
were fixed :
- CVE-2017-1000111: Fixed a race condition in net-packet
code that could be exploited to cause out-of-bounds
memory access (bsc#1052365).
- CVE-2017-1000112: Fixed a race condition in net-packet
code that could have been exploited by unprivileged
users to gain root access. (bsc#1052311).
- CVE-2017-8831: The saa7164_bus_get function in
drivers/media/pci/saa7164/saa7164-bus.c in the Linux
kernel allowed local users to cause a denial of service
(out-of-bounds array access) or possibly have
unspecified other impact by changing a certain
sequence-number value, aka a 'double fetch'
vulnerability (bnc#1037994).
- CVE-2017-7542: The ip6_find_1stfragopt function in
net/ipv6/output_core.c in the Linux kernel allowed local
users to cause a denial of service (integer overflow and
infinite loop) by leveraging the ability to open a raw
socket (bnc#1049882).
- CVE-2017-11473: Buffer overflow in the
mp_override_legacy_irq() function in
arch/x86/kernel/acpi/boot.c in the Linux kernel allowed
local users to gain privileges via a crafted ACPI table
(bnc#1049603).
- CVE-2017-7533: Race condition in the fsnotify
implementation in the Linux kernel allowed local users
to gain privileges or cause a denial of service (memory
corruption) via a crafted application that leverages
simultaneous execution of the inotify_handle_event and
vfs_rename functions (bnc#1049483 bnc#1050677).
- CVE-2017-7541: The brcmf_cfg80211_mgmt_tx function in
drivers/net/wireless/broadcom/brcm80211/brcmfmac/cfg8021
1.c in the Linux kernel allowed local users to cause a
denial of service (buffer overflow and system crash) or
possibly gain privileges via a crafted NL80211_CMD_FRAME
Netlink packet (bnc#1049645).
- CVE-2017-10810: Memory leak in the
virtio_gpu_object_create function in
drivers/gpu/drm/virtio/virtgpu_object.c in the Linux
kernel allowed attackers to cause a denial of service
(memory consumption) by triggering object-initialization
failures (bnc#1047277).
The update package also includes non-security fixes. See advisory for
details.
Note that Tenable Network Security has extracted the preceding
description block directly from the SUSE security advisory. Tenable
has attempted to automatically clean and format it as much as possible
without introducing additional issues.
Max CVSS | 0 |
Min CVSS | 0 |
Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published |
Back to Top
Mark selected
Back to Top