Suse

Linux Enterprise Server

473 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
4.3

CVE-2018-18585

Exploit
  • EPSS 1.31%
  • Veröffentlicht 23.10.2018 02:29:00
  • Zuletzt bearbeitet 21.11.2024 03:56:12

chmd_read_headers in mspack/chmd.c in libmspack before 0.8alpha accepts a filename that has '\0' as its first or second character (such as the "/\0" name).

7.5

CVE-2018-17962

Exploit
  • EPSS 0.26%
  • Veröffentlicht 09.10.2018 22:29:00
  • Zuletzt bearbeitet 21.11.2024 03:55:17

Qemu has a Buffer Overflow in pcnet_receive in hw/net/pcnet.c because an incorrect integer data type is used.

9.8

CVE-2016-1000030

  • EPSS 0.74%
  • Veröffentlicht 05.09.2018 17:29:00
  • Zuletzt bearbeitet 21.11.2024 02:42:51

Pidgin version <2.11.0 contains a vulnerability in X.509 Certificates imports specifically due to improper check of return values from gnutls_x509_crt_init() and gnutls_x509_crt_import() that can result in code execution. This attack appear to be exp...

7.8

CVE-2018-7566

  • EPSS 0.05%
  • Veröffentlicht 30.03.2018 21:29:02
  • Zuletzt bearbeitet 21.11.2024 04:12:22

The Linux kernel 4.15 has a Buffer Overflow via an SNDRV_SEQ_IOCTL_SET_CLIENT_POOL ioctl write operation to /dev/snd/seq by a local user.

10

CVE-2017-18017

  • EPSS 40.71%
  • Veröffentlicht 03.01.2018 06:29:00
  • Zuletzt bearbeitet 03.01.2025 12:15:25

The tcpmss_mangle_packet function in net/netfilter/xt_TCPMSS.c in the Linux kernel before 4.11, and 4.9.x before 4.9.36, allows remote attackers to cause a denial of service (use-after-free and memory corruption) or possibly have unspecified other im...

7.8

CVE-2017-17805

  • EPSS 0.02%
  • Veröffentlicht 20.12.2017 23:29:00
  • Zuletzt bearbeitet 20.04.2025 01:37:25

The Salsa20 encryption algorithm in the Linux kernel before 4.14.8 does not correctly handle zero-length inputs, allowing a local attacker able to use the AF_ALG-based skcipher interface (CONFIG_CRYPTO_USER_API_SKCIPHER) to cause a denial of service ...

7.8

CVE-2017-17806

  • EPSS 0.01%
  • Veröffentlicht 20.12.2017 23:29:00
  • Zuletzt bearbeitet 20.04.2025 01:37:25

The HMAC implementation (crypto/hmac.c) in the Linux kernel before 4.14.8 does not validate that the underlying cryptographic hash algorithm is unkeyed, allowing a local attacker able to use the AF_ALG-based hash interface (CONFIG_CRYPTO_USER_API_HAS...

7.2

CVE-2017-17558

  • EPSS 0.07%
  • Veröffentlicht 12.12.2017 15:29:00
  • Zuletzt bearbeitet 20.04.2025 01:37:25

The usb_destroy_configuration function in drivers/usb/core/config.c in the USB core subsystem in the Linux kernel through 4.14.5 does not consider the maximum number of configurations and interfaces before attempting to release resources, which allow...

7.8

CVE-2017-15115

  • EPSS 0.04%
  • Veröffentlicht 15.11.2017 21:29:00
  • Zuletzt bearbeitet 20.04.2025 01:37:25

The sctp_do_peeloff function in net/sctp/socket.c in the Linux kernel before 4.14 does not check whether the intended netns is used in a peel-off action, which allows local users to cause a denial of service (use-after-free and system crash) or possi...

5.3

CVE-2017-13078

  • EPSS 0.62%
  • Veröffentlicht 17.10.2017 13:29:00
  • Zuletzt bearbeitet 20.04.2025 01:37:25

Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Group Temporal Key (GTK) during the four-way handshake, allowing an attacker within radio range to replay frames from access points to clients.