📦

suse_linux_enterprise_software_development_kit

Vendor: suse

Login to add this product to WatchStack
Actively Exploited 0 CISA KEV List
PoC / Exploits 13 Code Available
Total RCEs 5 Remote Access
Total CVEs 82 Total Indexed
Avg. EPSS 4.58% Exploit Prob.
Latest CVE CVE-2015-6815 Jan 31

Security Vulnerability Index

Page 4 / 9
4.6 CVSS
CVE-2016-3136
Exploit Found

The mct_u232_msr_to_state function in drivers/usb/serial/mct_u232.c in the Linux kernel before 4.5.1 allows physically proximate attackers to cause a denial of service (NULL pointer dereference and system crash) via a crafted USB device without two interrupt-in endpoint descriptors.

EPSS: 0.20%
4.6 CVSS
CVE-2016-2188
Exploit Found

The iowarrior_probe function in drivers/usb/misc/iowarrior.c in the Linux kernel before 4.5.1 allows physically proximate attackers to cause a denial of service (NULL pointer dereference and system crash) via a crafted endpoints value in a USB device descriptor.

EPSS: 0.23%
4.6 CVSS
CVE-2016-2187

The gtco_probe function in drivers/input/tablet/gtco.c in the Linux kernel through 4.5.2 allows physically proximate attackers to cause a denial of service (NULL pointer dereference and system crash) via a crafted endpoints value in a USB device descriptor.

EPSS: 0.04%
4.6 CVSS
CVE-2016-2186

The powermate_probe function in drivers/input/misc/powermate.c in the Linux kernel before 4.5.1 allows physically proximate attackers to cause a denial of service (NULL pointer dereference and system crash) via a crafted endpoints value in a USB device descriptor.

EPSS: 0.08%
4.6 CVSS
CVE-2016-2185

The ati_remote2_probe function in drivers/input/misc/ati_remote2.c in the Linux kernel before 4.5.1 allows physically proximate attackers to cause a denial of service (NULL pointer dereference and system crash) via a crafted endpoints value in a USB device descriptor.

EPSS: 0.06%
7.8 CVSS
CVE-2016-3672
Exploit Found

The arch_pick_mmap_layout function in arch/x86/mm/mmap.c in the Linux kernel through 4.5.2 does not properly randomize the legacy base address, which makes it easier for local users to defeat the intended restrictions on the ADDR_NO_RANDOMIZE flag, and bypass the ASLR protection mechanism for a setuid or setgid program, by disabling stack-consumption resource limits.

EPSS: 0.03%
5.5 CVSS
CVE-2016-3156

The IPv4 implementation in the Linux kernel before 4.5.2 mishandles destruction of device objects, which allows guest OS users to cause a denial of service (host OS networking outage) by arranging for a large number of IP addresses.

EPSS: 0.03%
4.6 CVSS
CVE-2016-3139
Exploit Found

The wacom_probe function in drivers/input/tablet/wacom_sys.c in the Linux kernel before 3.17 allows physically proximate attackers to cause a denial of service (NULL pointer dereference and system crash) via a crafted endpoints value in a USB device descriptor.

EPSS: 0.13%
8.4 CVSS
CVE-2016-3134
Exploit Found

The netfilter subsystem in the Linux kernel through 4.5.2 does not validate certain offset fields, which allows local users to gain privileges or cause a denial of service (heap memory corruption) via an IPT_SO_SET_REPLACE setsockopt call.

EPSS: 0.04%
6.2 CVSS
CVE-2016-2847

fs/pipe.c in the Linux kernel before 4.5 does not limit the amount of unread data in pipes, which allows local users to cause a denial of service (memory consumption) by creating many pipes with non-default sizes.

EPSS: 0.07%