Suse

Linux Enterprise Real Time Extension

57 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
10

CVE-2017-18017

  • EPSS 27.65%
  • Published 03.01.2018 06:29:00
  • Last modified 03.01.2025 12:15:25

The tcpmss_mangle_packet function in net/netfilter/xt_TCPMSS.c in the Linux kernel before 4.11, and 4.9.x before 4.9.36, allows remote attackers to cause a denial of service (use-after-free and memory corruption) or possibly have unspecified other im...

7.5

CVE-2016-5244

  • EPSS 0.77%
  • Published 27.06.2016 10:59:11
  • Last modified 12.04.2025 10:46:40

The rds_inc_info_copy function in net/rds/recv.c in the Linux kernel through 4.6.3 does not initialize a certain structure member, which allows remote attackers to obtain sensitive information from kernel stack memory by reading an RDS message.

4.9

CVE-2016-2782

Exploit
  • EPSS 0.47%
  • Published 27.04.2016 17:59:20
  • Last modified 12.04.2025 10:46:40

The treo_attach function in drivers/usb/serial/visor.c in the Linux kernel before 4.5 allows physically proximate attackers to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact by insertin...

6

CVE-2015-8551

  • EPSS 0.07%
  • Published 13.04.2016 15:59:05
  • Last modified 12.04.2025 10:46:40

The PCI backend driver in Xen, when running on an x86 system and using Linux 3.1.x through 4.3.x as the driver domain, allows local guest administrators to hit BUG conditions and cause a denial of service (NULL pointer dereference and host OS crash) ...

6.2

CVE-2015-8785

  • EPSS 0.07%
  • Published 08.02.2016 03:59:07
  • Last modified 12.04.2025 10:46:40

The fuse_fill_write_pages function in fs/fuse/file.c in the Linux kernel before 4.4 allows local users to cause a denial of service (infinite loop) via a writev system call that triggers a zero length for the first segment of an iov.

7.8

CVE-2015-8539

  • EPSS 0.1%
  • Published 08.02.2016 03:59:03
  • Last modified 12.04.2025 10:46:40

The KEYS subsystem in the Linux kernel before 4.4 allows local users to gain privileges or cause a denial of service (BUG) via crafted keyctl commands that negatively instantiate a key, related to security/keys/encrypted-keys/encrypted.c, security/ke...

5

CVE-2015-0272

  • EPSS 1.08%
  • Published 17.11.2015 15:59:00
  • Last modified 12.04.2025 10:46:40

GNOME NetworkManager allows remote attackers to cause a denial of service (IPv6 traffic disruption) via a crafted MTU value in an IPv6 Router Advertisement (RA) message, a different vulnerability than CVE-2015-8215.

5

CVE-2014-8160

  • EPSS 2.9%
  • Published 02.03.2015 11:59:02
  • Last modified 12.04.2025 10:46:40

net/netfilter/nf_conntrack_proto_generic.c in the Linux kernel before 3.18 generates incorrect conntrack entries during handling of certain iptables rule sets for the SCTP, DCCP, GRE, and UDP-Lite protocols, which allows remote attackers to bypass in...

2.1

CVE-2014-9585

Exploit
  • EPSS 0.05%
  • Published 09.01.2015 21:59:02
  • Last modified 12.04.2025 10:46:40

The vdso_addr function in arch/x86/vdso/vma.c in the Linux kernel through 3.18.2 does not properly choose memory locations for the vDSO area, which makes it easier for local users to bypass the ASLR protection mechanism by guessing a location at the ...

2.1

CVE-2014-9584

  • EPSS 0.13%
  • Published 09.01.2015 21:59:01
  • Last modified 12.04.2025 10:46:40

The parse_rock_ridge_inode_internal function in fs/isofs/rock.c in the Linux kernel before 3.18.2 does not validate a length value in the Extensions Reference (ER) System Use Field, which allows local users to obtain sensitive information from kernel...