Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2018-1000200 (GCVE-0-2018-1000200)
Vulnerability from cvelistv5
Published
2018-06-05 13:00
Modified
2024-08-05 12:40
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The Linux Kernel versions 4.14, 4.15, and 4.16 has a null pointer dereference which can result in an out of memory (OOM) killing of large mlocked processes. The issue arises from an oom killed process's final thread calling exit_mmap(), which calls munlock_vma_pages_all() for mlocked vmas.This can happen synchronously with the oom reaper's unmap_page_range() since the vma's VM_LOCKED bit is cleared before munlocking (to determine if any other vmas share the memory and are mlocked).
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T12:40:46.712Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "USN-3752-2",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/3752-2/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=27ae357fa82be5ab73b2ef8d39dcb8ca2563483a"
},
{
"name": "USN-3752-3",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/3752-3/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://access.redhat.com/security/cve/cve-2018-1000200"
},
{
"name": "[linux-kernel] 20180424 [patch v3 for-4.17] mm, oom: fix concurrent munlock and oom reaper unmap",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://marc.info/?l=linux-kernel\u0026m=152460926619256"
},
{
"name": "RHSA-2018:2948",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:2948"
},
{
"name": "104397",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/104397"
},
{
"name": "[linux-kernel] 20180417 [patch] mm, oom: fix concurrent munlock and oom reaper unmap",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://marc.info/?l=linux-kernel\u0026m=152400522806945"
},
{
"name": "USN-3752-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/3752-1/"
},
{
"name": "[oss-security] 20180424 CVE-2018-1000200 (Linux): Bad memory access on oom kill of large mlocked process",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://seclists.org/oss-sec/2018/q2/67"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"dateAssigned": "2018-04-17T00:00:00",
"datePublic": "2018-04-24T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The Linux Kernel versions 4.14, 4.15, and 4.16 has a null pointer dereference which can result in an out of memory (OOM) killing of large mlocked processes. The issue arises from an oom killed process\u0027s final thread calling exit_mmap(), which calls munlock_vma_pages_all() for mlocked vmas.This can happen synchronously with the oom reaper\u0027s unmap_page_range() since the vma\u0027s VM_LOCKED bit is cleared before munlocking (to determine if any other vmas share the memory and are mlocked)."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-31T09:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "USN-3752-2",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/3752-2/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=27ae357fa82be5ab73b2ef8d39dcb8ca2563483a"
},
{
"name": "USN-3752-3",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/3752-3/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://access.redhat.com/security/cve/cve-2018-1000200"
},
{
"name": "[linux-kernel] 20180424 [patch v3 for-4.17] mm, oom: fix concurrent munlock and oom reaper unmap",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://marc.info/?l=linux-kernel\u0026m=152460926619256"
},
{
"name": "RHSA-2018:2948",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:2948"
},
{
"name": "104397",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/104397"
},
{
"name": "[linux-kernel] 20180417 [patch] mm, oom: fix concurrent munlock and oom reaper unmap",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://marc.info/?l=linux-kernel\u0026m=152400522806945"
},
{
"name": "USN-3752-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/3752-1/"
},
{
"name": "[oss-security] 20180424 CVE-2018-1000200 (Linux): Bad memory access on oom kill of large mlocked process",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://seclists.org/oss-sec/2018/q2/67"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"DATE_ASSIGNED": "2018-04-17T12:00:00",
"DATE_REQUESTED": "2018-04-17T14:00:00",
"ID": "CVE-2018-1000200",
"REQUESTER": "rientjes@google.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Linux Kernel versions 4.14, 4.15, and 4.16 has a null pointer dereference which can result in an out of memory (OOM) killing of large mlocked processes. The issue arises from an oom killed process\u0027s final thread calling exit_mmap(), which calls munlock_vma_pages_all() for mlocked vmas.This can happen synchronously with the oom reaper\u0027s unmap_page_range() since the vma\u0027s VM_LOCKED bit is cleared before munlocking (to determine if any other vmas share the memory and are mlocked)."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "USN-3752-2",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/3752-2/"
},
{
"name": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=27ae357fa82be5ab73b2ef8d39dcb8ca2563483a",
"refsource": "CONFIRM",
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=27ae357fa82be5ab73b2ef8d39dcb8ca2563483a"
},
{
"name": "USN-3752-3",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/3752-3/"
},
{
"name": "https://access.redhat.com/security/cve/cve-2018-1000200",
"refsource": "CONFIRM",
"url": "https://access.redhat.com/security/cve/cve-2018-1000200"
},
{
"name": "[linux-kernel] 20180424 [patch v3 for-4.17] mm, oom: fix concurrent munlock and oom reaper unmap",
"refsource": "MLIST",
"url": "https://marc.info/?l=linux-kernel\u0026m=152460926619256"
},
{
"name": "RHSA-2018:2948",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:2948"
},
{
"name": "104397",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/104397"
},
{
"name": "[linux-kernel] 20180417 [patch] mm, oom: fix concurrent munlock and oom reaper unmap",
"refsource": "MLIST",
"url": "https://marc.info/?l=linux-kernel\u0026m=152400522806945"
},
{
"name": "USN-3752-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/3752-1/"
},
{
"name": "[oss-security] 20180424 CVE-2018-1000200 (Linux): Bad memory access on oom kill of large mlocked process",
"refsource": "MLIST",
"url": "http://seclists.org/oss-sec/2018/q2/67"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2018-1000200",
"datePublished": "2018-06-05T13:00:00",
"dateReserved": "2018-04-17T00:00:00",
"dateUpdated": "2024-08-05T12:40:46.712Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"nvd": "{\"cve\":{\"id\":\"CVE-2018-1000200\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2018-06-05T13:29:00.297\",\"lastModified\":\"2024-11-21T03:39:55.233\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"The Linux Kernel versions 4.14, 4.15, and 4.16 has a null pointer dereference which can result in an out of memory (OOM) killing of large mlocked processes. The issue arises from an oom killed process\u0027s final thread calling exit_mmap(), which calls munlock_vma_pages_all() for mlocked vmas.This can happen synchronously with the oom reaper\u0027s unmap_page_range() since the vma\u0027s VM_LOCKED bit is cleared before munlocking (to determine if any other vmas share the memory and are mlocked).\"},{\"lang\":\"es\",\"value\":\"Las versiones 4.14, 4.15 y 4.16 del kernel de Linux tienen una desreferencia de puntero NULL que puede resultar en agotamiento de memoria (OOM), cerrando grandes procesos bloqueados. El problema surge del hilo final de un proceso finalizado por un OOM que llama a exit_mmap(), el cual llama a munlock_vma_pages_all() para mlocked vmas. Esto puede ocurrir en sincron\u00eda con el rango unmap_page_range() del oom reaper ya que el bit VM_LOCKED del vma se borra antes del munlocking (para determinar si otros vmas comparten la memoria y son bloqueados).\"}],\"metrics\":{\"cvssMetricV30\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.0\",\"vectorString\":\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H\",\"baseScore\":5.5,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.8,\"impactScore\":3.6}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:L/AC:L/Au:N/C:N/I:N/A:C\",\"baseScore\":4.9,\"accessVector\":\"LOCAL\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"COMPLETE\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":3.9,\"impactScore\":6.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-476\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:4.14:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D31DCD50-805F-4CC6-9A98-2AC8BC224DF6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:4.15:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"380E55F5-238D-4FBB-8DB1-DB10EFC37CD0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:4.16:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A63F7D1D-EB47-48AE-B89E-E84A63579FA6\"}]}]}],\"references\":[{\"url\":\"http://seclists.org/oss-sec/2018/q2/67\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://www.securityfocus.com/bid/104397\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2018:2948\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://access.redhat.com/security/cve/cve-2018-1000200\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=27ae357fa82be5ab73b2ef8d39dcb8ca2563483a\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mitigation\",\"Patch\",\"Vendor Advisory\"]},{\"url\":\"https://marc.info/?l=linux-kernel\u0026m=152400522806945\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://marc.info/?l=linux-kernel\u0026m=152460926619256\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://usn.ubuntu.com/3752-1/\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://usn.ubuntu.com/3752-2/\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://usn.ubuntu.com/3752-3/\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://seclists.org/oss-sec/2018/q2/67\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://www.securityfocus.com/bid/104397\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2018:2948\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://access.redhat.com/security/cve/cve-2018-1000200\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=27ae357fa82be5ab73b2ef8d39dcb8ca2563483a\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mitigation\",\"Patch\",\"Vendor Advisory\"]},{\"url\":\"https://marc.info/?l=linux-kernel\u0026m=152400522806945\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://marc.info/?l=linux-kernel\u0026m=152460926619256\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://usn.ubuntu.com/3752-1/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://usn.ubuntu.com/3752-2/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://usn.ubuntu.com/3752-3/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}"
}
}
fkie_cve-2018-1000200
Vulnerability from fkie_nvd
Published
2018-06-05 13:29
Modified
2024-11-21 03:39
Severity ?
Summary
The Linux Kernel versions 4.14, 4.15, and 4.16 has a null pointer dereference which can result in an out of memory (OOM) killing of large mlocked processes. The issue arises from an oom killed process's final thread calling exit_mmap(), which calls munlock_vma_pages_all() for mlocked vmas.This can happen synchronously with the oom reaper's unmap_page_range() since the vma's VM_LOCKED bit is cleared before munlocking (to determine if any other vmas share the memory and are mlocked).
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://seclists.org/oss-sec/2018/q2/67 | Mailing List, Third Party Advisory | |
| cve@mitre.org | http://www.securityfocus.com/bid/104397 | Third Party Advisory, VDB Entry | |
| cve@mitre.org | https://access.redhat.com/errata/RHSA-2018:2948 | ||
| cve@mitre.org | https://access.redhat.com/security/cve/cve-2018-1000200 | Third Party Advisory | |
| cve@mitre.org | https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=27ae357fa82be5ab73b2ef8d39dcb8ca2563483a | Mitigation, Patch, Vendor Advisory | |
| cve@mitre.org | https://marc.info/?l=linux-kernel&m=152400522806945 | Mailing List, Third Party Advisory | |
| cve@mitre.org | https://marc.info/?l=linux-kernel&m=152460926619256 | Mailing List, Third Party Advisory | |
| cve@mitre.org | https://usn.ubuntu.com/3752-1/ | ||
| cve@mitre.org | https://usn.ubuntu.com/3752-2/ | ||
| cve@mitre.org | https://usn.ubuntu.com/3752-3/ | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://seclists.org/oss-sec/2018/q2/67 | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/104397 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://access.redhat.com/errata/RHSA-2018:2948 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://access.redhat.com/security/cve/cve-2018-1000200 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=27ae357fa82be5ab73b2ef8d39dcb8ca2563483a | Mitigation, Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://marc.info/?l=linux-kernel&m=152400522806945 | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://marc.info/?l=linux-kernel&m=152460926619256 | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://usn.ubuntu.com/3752-1/ | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://usn.ubuntu.com/3752-2/ | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://usn.ubuntu.com/3752-3/ |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| linux | linux_kernel | 4.14 | |
| linux | linux_kernel | 4.15 | |
| linux | linux_kernel | 4.16 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:linux:linux_kernel:4.14:*:*:*:*:*:*:*",
"matchCriteriaId": "D31DCD50-805F-4CC6-9A98-2AC8BC224DF6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:4.15:*:*:*:*:*:*:*",
"matchCriteriaId": "380E55F5-238D-4FBB-8DB1-DB10EFC37CD0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:4.16:*:*:*:*:*:*:*",
"matchCriteriaId": "A63F7D1D-EB47-48AE-B89E-E84A63579FA6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Linux Kernel versions 4.14, 4.15, and 4.16 has a null pointer dereference which can result in an out of memory (OOM) killing of large mlocked processes. The issue arises from an oom killed process\u0027s final thread calling exit_mmap(), which calls munlock_vma_pages_all() for mlocked vmas.This can happen synchronously with the oom reaper\u0027s unmap_page_range() since the vma\u0027s VM_LOCKED bit is cleared before munlocking (to determine if any other vmas share the memory and are mlocked)."
},
{
"lang": "es",
"value": "Las versiones 4.14, 4.15 y 4.16 del kernel de Linux tienen una desreferencia de puntero NULL que puede resultar en agotamiento de memoria (OOM), cerrando grandes procesos bloqueados. El problema surge del hilo final de un proceso finalizado por un OOM que llama a exit_mmap(), el cual llama a munlock_vma_pages_all() para mlocked vmas. Esto puede ocurrir en sincron\u00eda con el rango unmap_page_range() del oom reaper ya que el bit VM_LOCKED del vma se borra antes del munlocking (para determinar si otros vmas comparten la memoria y son bloqueados)."
}
],
"id": "CVE-2018-1000200",
"lastModified": "2024-11-21T03:39:55.233",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 4.9,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2018-06-05T13:29:00.297",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://seclists.org/oss-sec/2018/q2/67"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/104397"
},
{
"source": "cve@mitre.org",
"url": "https://access.redhat.com/errata/RHSA-2018:2948"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/security/cve/cve-2018-1000200"
},
{
"source": "cve@mitre.org",
"tags": [
"Mitigation",
"Patch",
"Vendor Advisory"
],
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=27ae357fa82be5ab73b2ef8d39dcb8ca2563483a"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://marc.info/?l=linux-kernel\u0026m=152400522806945"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://marc.info/?l=linux-kernel\u0026m=152460926619256"
},
{
"source": "cve@mitre.org",
"url": "https://usn.ubuntu.com/3752-1/"
},
{
"source": "cve@mitre.org",
"url": "https://usn.ubuntu.com/3752-2/"
},
{
"source": "cve@mitre.org",
"url": "https://usn.ubuntu.com/3752-3/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://seclists.org/oss-sec/2018/q2/67"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/104397"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://access.redhat.com/errata/RHSA-2018:2948"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/security/cve/cve-2018-1000200"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mitigation",
"Patch",
"Vendor Advisory"
],
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=27ae357fa82be5ab73b2ef8d39dcb8ca2563483a"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://marc.info/?l=linux-kernel\u0026m=152400522806945"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://marc.info/?l=linux-kernel\u0026m=152460926619256"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://usn.ubuntu.com/3752-1/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://usn.ubuntu.com/3752-2/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://usn.ubuntu.com/3752-3/"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-476"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
rhsa-2018:2948
Vulnerability from csaf_redhat
Published
2018-10-30 12:05
Modified
2025-08-04 12:06
Summary
Red Hat Security Advisory: kernel-alt security, bug fix, and enhancement update
Notes
Topic
An update for kernel-alt is now available for Red Hat Enterprise Linux 7.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
The kernel-alt packages provide the Linux kernel version 4.x.
Security Fix(es):
* An industry-wide issue was found in the way many modern microprocessor designs have implemented speculative execution of Load & Store instructions (a commonly used performance optimization). It relies on the presence of a precisely-defined instruction sequence in the privileged code as well as the fact that memory read from address to which a recent memory write has occurred may see an older value and subsequently cause an update into the microprocessor's data cache even for speculatively executed instructions that never actually commit (retire). As a result, an unprivileged attacker could use this flaw to read privileged memory by conducting targeted cache side-channel attacks. (CVE-2018-3639, aarch64)
* A flaw named SegmentSmack was found in the way the Linux kernel handled specially crafted TCP packets. A remote attacker could use this flaw to trigger time and calculation expensive calls to tcp_collapse_ofo_queue() and tcp_prune_ofo_queue() functions by sending specially modified packets within ongoing TCP sessions which could lead to a CPU saturation and hence a denial of service on the system. Maintaining the denial of service condition requires continuous two-way TCP sessions to a reachable open port, thus the attacks cannot be performed using spoofed IP addresses. (CVE-2018-5390)
* A flaw named FragmentSmack was found in the way the Linux kernel handled reassembly of fragmented IPv4 and IPv6 packets. A remote attacker could use this flaw to trigger time and calculation expensive fragment reassembly algorithm by sending specially crafted packets which could lead to a CPU saturation and hence a denial of service on the system. (CVE-2018-5391)
Space precludes documenting all of the security fixes in this advisory. See the descriptions of the remaining security fixes in the related Knowledge Article:
https://access.redhat.com/articles/3658021
For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.
Red Hat would like to thank Ken Johnson (Microsoft Security Response Center) and Jann Horn (Google Project Zero) for reporting CVE-2018-3639; Juha-Matti Tilli (Aalto University - Department of Communications and Networking and Nokia Bell Labs) for reporting CVE-2018-5390 and CVE-2018-5391; Qualys Research Labs for reporting CVE-2018-1120; David Rientjes (Google) for reporting CVE-2018-1000200; and Wen Xu for reporting CVE-2018-1092, CVE-2018-1094, and CVE-2018-1095. The CVE-2018-14619 issue was discovered by Florian Weimer (Red Hat) and Ondrej Mosnacek (Red Hat).
Additional Changes:
For detailed information on changes in this release, see the Red Hat Enterprise Linux 7.6 Release Notes linked from the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for kernel-alt is now available for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "The kernel-alt packages provide the Linux kernel version 4.x.\n\nSecurity Fix(es):\n\n* An industry-wide issue was found in the way many modern microprocessor designs have implemented speculative execution of Load \u0026 Store instructions (a commonly used performance optimization). It relies on the presence of a precisely-defined instruction sequence in the privileged code as well as the fact that memory read from address to which a recent memory write has occurred may see an older value and subsequently cause an update into the microprocessor\u0027s data cache even for speculatively executed instructions that never actually commit (retire). As a result, an unprivileged attacker could use this flaw to read privileged memory by conducting targeted cache side-channel attacks. (CVE-2018-3639, aarch64)\n\n* A flaw named SegmentSmack was found in the way the Linux kernel handled specially crafted TCP packets. A remote attacker could use this flaw to trigger time and calculation expensive calls to tcp_collapse_ofo_queue() and tcp_prune_ofo_queue() functions by sending specially modified packets within ongoing TCP sessions which could lead to a CPU saturation and hence a denial of service on the system. Maintaining the denial of service condition requires continuous two-way TCP sessions to a reachable open port, thus the attacks cannot be performed using spoofed IP addresses. (CVE-2018-5390)\n\n* A flaw named FragmentSmack was found in the way the Linux kernel handled reassembly of fragmented IPv4 and IPv6 packets. A remote attacker could use this flaw to trigger time and calculation expensive fragment reassembly algorithm by sending specially crafted packets which could lead to a CPU saturation and hence a denial of service on the system. (CVE-2018-5391)\n\nSpace precludes documenting all of the security fixes in this advisory. See the descriptions of the remaining security fixes in the related Knowledge Article: \n\nhttps://access.redhat.com/articles/3658021\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.\n\nRed Hat would like to thank Ken Johnson (Microsoft Security Response Center) and Jann Horn (Google Project Zero) for reporting CVE-2018-3639; Juha-Matti Tilli (Aalto University - Department of Communications and Networking and Nokia Bell Labs) for reporting CVE-2018-5390 and CVE-2018-5391; Qualys Research Labs for reporting CVE-2018-1120; David Rientjes (Google) for reporting CVE-2018-1000200; and Wen Xu for reporting CVE-2018-1092, CVE-2018-1094, and CVE-2018-1095. The CVE-2018-14619 issue was discovered by Florian Weimer (Red Hat) and Ondrej Mosnacek (Red Hat).\n\nAdditional Changes:\n\nFor detailed information on changes in this release, see the Red Hat Enterprise Linux 7.6 Release Notes linked from the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2018:2948",
"url": "https://access.redhat.com/errata/RHSA-2018:2948"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "https://access.redhat.com/articles/3553061",
"url": "https://access.redhat.com/articles/3553061"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/vulnerabilities/ssbd",
"url": "https://access.redhat.com/security/vulnerabilities/ssbd"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/7/html/7.6_release_notes/index",
"url": "https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/7/html/7.6_release_notes/index"
},
{
"category": "external",
"summary": "https://access.redhat.com/articles/3658021",
"url": "https://access.redhat.com/articles/3658021"
},
{
"category": "external",
"summary": "1516257",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1516257"
},
{
"category": "external",
"summary": "1528312",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1528312"
},
{
"category": "external",
"summary": "1528323",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1528323"
},
{
"category": "external",
"summary": "1533909",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1533909"
},
{
"category": "external",
"summary": "1539508",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1539508"
},
{
"category": "external",
"summary": "1539706",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1539706"
},
{
"category": "external",
"summary": "1541846",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1541846"
},
{
"category": "external",
"summary": "1547824",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1547824"
},
{
"category": "external",
"summary": "1548412",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1548412"
},
{
"category": "external",
"summary": "1550142",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1550142"
},
{
"category": "external",
"summary": "1551051",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1551051"
},
{
"category": "external",
"summary": "1551565",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1551565"
},
{
"category": "external",
"summary": "1552048",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1552048"
},
{
"category": "external",
"summary": "1553361",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1553361"
},
{
"category": "external",
"summary": "1560777",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1560777"
},
{
"category": "external",
"summary": "1560788",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1560788"
},
{
"category": "external",
"summary": "1560793",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1560793"
},
{
"category": "external",
"summary": "1566890",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1566890"
},
{
"category": "external",
"summary": "1568744",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1568744"
},
{
"category": "external",
"summary": "1571062",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1571062"
},
{
"category": "external",
"summary": "1571623",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1571623"
},
{
"category": "external",
"summary": "1573699",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1573699"
},
{
"category": "external",
"summary": "1575472",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1575472"
},
{
"category": "external",
"summary": "1577408",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1577408"
},
{
"category": "external",
"summary": "1583210",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1583210"
},
{
"category": "external",
"summary": "1589324",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1589324"
},
{
"category": "external",
"summary": "1590215",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1590215"
},
{
"category": "external",
"summary": "1590799",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1590799"
},
{
"category": "external",
"summary": "1596795",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1596795"
},
{
"category": "external",
"summary": "1596802",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1596802"
},
{
"category": "external",
"summary": "1596806",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1596806"
},
{
"category": "external",
"summary": "1596812",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1596812"
},
{
"category": "external",
"summary": "1596828",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1596828"
},
{
"category": "external",
"summary": "1596842",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1596842"
},
{
"category": "external",
"summary": "1596846",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1596846"
},
{
"category": "external",
"summary": "1599161",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1599161"
},
{
"category": "external",
"summary": "1601704",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1601704"
},
{
"category": "external",
"summary": "1609664",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1609664"
},
{
"category": "external",
"summary": "1610958",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1610958"
},
{
"category": "external",
"summary": "1622004",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1622004"
},
{
"category": "external",
"summary": "1623067",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1623067"
},
{
"category": "external",
"summary": "1629636",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1629636"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2018/rhsa-2018_2948.json"
}
],
"title": "Red Hat Security Advisory: kernel-alt security, bug fix, and enhancement update",
"tracking": {
"current_release_date": "2025-08-04T12:06:47+00:00",
"generator": {
"date": "2025-08-04T12:06:47+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.6"
}
},
"id": "RHSA-2018:2948",
"initial_release_date": "2018-10-30T12:05:20+00:00",
"revision_history": [
{
"date": "2018-10-30T12:05:20+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2018-10-30T12:05:20+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-08-04T12:06:47+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)",
"product": {
"name": "Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)",
"product_id": "7Server-RHELALT-7.6",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:7::server"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)",
"product": {
"name": "Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)",
"product_id": "7Server-optional-RHELALT-7.6",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:7::server"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"product": {
"name": "kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"product_id": "kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-tools-debuginfo@4.14.0-115.el7a?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"product": {
"name": "python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"product_id": "python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-perf-debuginfo@4.14.0-115.el7a?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"product": {
"name": "kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"product_id": "kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-debuginfo-common-ppc64le@4.14.0-115.el7a?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"product": {
"name": "kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"product_id": "kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-debug-devel@4.14.0-115.el7a?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"product": {
"name": "kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"product_id": "kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-debug-debuginfo@4.14.0-115.el7a?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"product": {
"name": "kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"product_id": "kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-tools-libs-devel@4.14.0-115.el7a?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"product": {
"name": "kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"product_id": "kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-debuginfo@4.14.0-115.el7a?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"product": {
"name": "perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"product_id": "perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/perf-debuginfo@4.14.0-115.el7a?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "kernel-debug-0:4.14.0-115.el7a.ppc64le",
"product": {
"name": "kernel-debug-0:4.14.0-115.el7a.ppc64le",
"product_id": "kernel-debug-0:4.14.0-115.el7a.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-debug@4.14.0-115.el7a?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "kernel-0:4.14.0-115.el7a.ppc64le",
"product": {
"name": "kernel-0:4.14.0-115.el7a.ppc64le",
"product_id": "kernel-0:4.14.0-115.el7a.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel@4.14.0-115.el7a?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "perf-0:4.14.0-115.el7a.ppc64le",
"product": {
"name": "perf-0:4.14.0-115.el7a.ppc64le",
"product_id": "perf-0:4.14.0-115.el7a.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/perf@4.14.0-115.el7a?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "kernel-devel-0:4.14.0-115.el7a.ppc64le",
"product": {
"name": "kernel-devel-0:4.14.0-115.el7a.ppc64le",
"product_id": "kernel-devel-0:4.14.0-115.el7a.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-devel@4.14.0-115.el7a?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "kernel-tools-0:4.14.0-115.el7a.ppc64le",
"product": {
"name": "kernel-tools-0:4.14.0-115.el7a.ppc64le",
"product_id": "kernel-tools-0:4.14.0-115.el7a.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-tools@4.14.0-115.el7a?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "python-perf-0:4.14.0-115.el7a.ppc64le",
"product": {
"name": "python-perf-0:4.14.0-115.el7a.ppc64le",
"product_id": "python-perf-0:4.14.0-115.el7a.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-perf@4.14.0-115.el7a?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"product": {
"name": "kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"product_id": "kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-bootwrapper@4.14.0-115.el7a?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"product": {
"name": "kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"product_id": "kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-tools-libs@4.14.0-115.el7a?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "kernel-headers-0:4.14.0-115.el7a.ppc64le",
"product": {
"name": "kernel-headers-0:4.14.0-115.el7a.ppc64le",
"product_id": "kernel-headers-0:4.14.0-115.el7a.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-headers@4.14.0-115.el7a?arch=ppc64le"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"product": {
"name": "kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"product_id": "kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-abi-whitelists@4.14.0-115.el7a?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "kernel-doc-0:4.14.0-115.el7a.noarch",
"product": {
"name": "kernel-doc-0:4.14.0-115.el7a.noarch",
"product_id": "kernel-doc-0:4.14.0-115.el7a.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-doc@4.14.0-115.el7a?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-alt-0:4.14.0-115.el7a.src",
"product": {
"name": "kernel-alt-0:4.14.0-115.el7a.src",
"product_id": "kernel-alt-0:4.14.0-115.el7a.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-alt@4.14.0-115.el7a?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-0:4.14.0-115.el7a.ppc64le as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)",
"product_id": "7Server-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le"
},
"product_reference": "kernel-0:4.14.0-115.el7a.ppc64le",
"relates_to_product_reference": "7Server-RHELALT-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-abi-whitelists-0:4.14.0-115.el7a.noarch as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)",
"product_id": "7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch"
},
"product_reference": "kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"relates_to_product_reference": "7Server-RHELALT-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-alt-0:4.14.0-115.el7a.src as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)",
"product_id": "7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src"
},
"product_reference": "kernel-alt-0:4.14.0-115.el7a.src",
"relates_to_product_reference": "7Server-RHELALT-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)",
"product_id": "7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le"
},
"product_reference": "kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"relates_to_product_reference": "7Server-RHELALT-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debug-0:4.14.0-115.el7a.ppc64le as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)",
"product_id": "7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le"
},
"product_reference": "kernel-debug-0:4.14.0-115.el7a.ppc64le",
"relates_to_product_reference": "7Server-RHELALT-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)",
"product_id": "7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le"
},
"product_reference": "kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"relates_to_product_reference": "7Server-RHELALT-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debug-devel-0:4.14.0-115.el7a.ppc64le as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)",
"product_id": "7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le"
},
"product_reference": "kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"relates_to_product_reference": "7Server-RHELALT-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debuginfo-0:4.14.0-115.el7a.ppc64le as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)",
"product_id": "7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le"
},
"product_reference": "kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"relates_to_product_reference": "7Server-RHELALT-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)",
"product_id": "7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le"
},
"product_reference": "kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"relates_to_product_reference": "7Server-RHELALT-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-devel-0:4.14.0-115.el7a.ppc64le as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)",
"product_id": "7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le"
},
"product_reference": "kernel-devel-0:4.14.0-115.el7a.ppc64le",
"relates_to_product_reference": "7Server-RHELALT-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-doc-0:4.14.0-115.el7a.noarch as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)",
"product_id": "7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch"
},
"product_reference": "kernel-doc-0:4.14.0-115.el7a.noarch",
"relates_to_product_reference": "7Server-RHELALT-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-headers-0:4.14.0-115.el7a.ppc64le as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)",
"product_id": "7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le"
},
"product_reference": "kernel-headers-0:4.14.0-115.el7a.ppc64le",
"relates_to_product_reference": "7Server-RHELALT-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-tools-0:4.14.0-115.el7a.ppc64le as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)",
"product_id": "7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le"
},
"product_reference": "kernel-tools-0:4.14.0-115.el7a.ppc64le",
"relates_to_product_reference": "7Server-RHELALT-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)",
"product_id": "7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le"
},
"product_reference": "kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"relates_to_product_reference": "7Server-RHELALT-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-tools-libs-0:4.14.0-115.el7a.ppc64le as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)",
"product_id": "7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le"
},
"product_reference": "kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"relates_to_product_reference": "7Server-RHELALT-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)",
"product_id": "7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le"
},
"product_reference": "kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"relates_to_product_reference": "7Server-RHELALT-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "perf-0:4.14.0-115.el7a.ppc64le as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)",
"product_id": "7Server-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le"
},
"product_reference": "perf-0:4.14.0-115.el7a.ppc64le",
"relates_to_product_reference": "7Server-RHELALT-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "perf-debuginfo-0:4.14.0-115.el7a.ppc64le as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)",
"product_id": "7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le"
},
"product_reference": "perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"relates_to_product_reference": "7Server-RHELALT-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-perf-0:4.14.0-115.el7a.ppc64le as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)",
"product_id": "7Server-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le"
},
"product_reference": "python-perf-0:4.14.0-115.el7a.ppc64le",
"relates_to_product_reference": "7Server-RHELALT-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)",
"product_id": "7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le"
},
"product_reference": "python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"relates_to_product_reference": "7Server-RHELALT-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-0:4.14.0-115.el7a.ppc64le as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)",
"product_id": "7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le"
},
"product_reference": "kernel-0:4.14.0-115.el7a.ppc64le",
"relates_to_product_reference": "7Server-optional-RHELALT-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-abi-whitelists-0:4.14.0-115.el7a.noarch as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)",
"product_id": "7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch"
},
"product_reference": "kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"relates_to_product_reference": "7Server-optional-RHELALT-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-alt-0:4.14.0-115.el7a.src as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)",
"product_id": "7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src"
},
"product_reference": "kernel-alt-0:4.14.0-115.el7a.src",
"relates_to_product_reference": "7Server-optional-RHELALT-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)",
"product_id": "7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le"
},
"product_reference": "kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"relates_to_product_reference": "7Server-optional-RHELALT-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debug-0:4.14.0-115.el7a.ppc64le as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)",
"product_id": "7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le"
},
"product_reference": "kernel-debug-0:4.14.0-115.el7a.ppc64le",
"relates_to_product_reference": "7Server-optional-RHELALT-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)",
"product_id": "7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le"
},
"product_reference": "kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"relates_to_product_reference": "7Server-optional-RHELALT-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debug-devel-0:4.14.0-115.el7a.ppc64le as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)",
"product_id": "7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le"
},
"product_reference": "kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"relates_to_product_reference": "7Server-optional-RHELALT-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debuginfo-0:4.14.0-115.el7a.ppc64le as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)",
"product_id": "7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le"
},
"product_reference": "kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"relates_to_product_reference": "7Server-optional-RHELALT-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)",
"product_id": "7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le"
},
"product_reference": "kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"relates_to_product_reference": "7Server-optional-RHELALT-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-devel-0:4.14.0-115.el7a.ppc64le as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)",
"product_id": "7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le"
},
"product_reference": "kernel-devel-0:4.14.0-115.el7a.ppc64le",
"relates_to_product_reference": "7Server-optional-RHELALT-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-doc-0:4.14.0-115.el7a.noarch as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)",
"product_id": "7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch"
},
"product_reference": "kernel-doc-0:4.14.0-115.el7a.noarch",
"relates_to_product_reference": "7Server-optional-RHELALT-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-headers-0:4.14.0-115.el7a.ppc64le as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)",
"product_id": "7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le"
},
"product_reference": "kernel-headers-0:4.14.0-115.el7a.ppc64le",
"relates_to_product_reference": "7Server-optional-RHELALT-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-tools-0:4.14.0-115.el7a.ppc64le as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)",
"product_id": "7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le"
},
"product_reference": "kernel-tools-0:4.14.0-115.el7a.ppc64le",
"relates_to_product_reference": "7Server-optional-RHELALT-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)",
"product_id": "7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le"
},
"product_reference": "kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"relates_to_product_reference": "7Server-optional-RHELALT-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-tools-libs-0:4.14.0-115.el7a.ppc64le as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)",
"product_id": "7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le"
},
"product_reference": "kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"relates_to_product_reference": "7Server-optional-RHELALT-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)",
"product_id": "7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le"
},
"product_reference": "kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"relates_to_product_reference": "7Server-optional-RHELALT-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "perf-0:4.14.0-115.el7a.ppc64le as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)",
"product_id": "7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le"
},
"product_reference": "perf-0:4.14.0-115.el7a.ppc64le",
"relates_to_product_reference": "7Server-optional-RHELALT-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "perf-debuginfo-0:4.14.0-115.el7a.ppc64le as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)",
"product_id": "7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le"
},
"product_reference": "perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"relates_to_product_reference": "7Server-optional-RHELALT-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-perf-0:4.14.0-115.el7a.ppc64le as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)",
"product_id": "7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le"
},
"product_reference": "python-perf-0:4.14.0-115.el7a.ppc64le",
"relates_to_product_reference": "7Server-optional-RHELALT-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)",
"product_id": "7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le"
},
"product_reference": "python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"relates_to_product_reference": "7Server-optional-RHELALT-7.6"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2017-13166",
"cwe": {
"id": "CWE-266",
"name": "Incorrect Privilege Assignment"
},
"discovery_date": "2018-02-22T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1548412"
}
],
"notes": [
{
"category": "description",
"text": "A bug in the 32-bit compatibility layer of the ioctl handling code of the v4l2 video driver in the Linux kernel has been found. A memory protection mechanism ensuring that user-provided buffers always point to a userspace memory were disabled, allowing destination address to be in a kernel space. This flaw could be exploited by an attacker to overwrite a kernel memory from an unprivileged userspace process, leading to privilege escalation.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: v4l2: disabled memory access protection mechanism allowing privilege escalation",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-13166"
},
{
"category": "external",
"summary": "RHBZ#1548412",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1548412"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-13166",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13166"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-13166",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-13166"
}
],
"release_date": "2017-07-20T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-10-30T12:05:20+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"7Server-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:2948"
},
{
"category": "workaround",
"details": "A systemtap script intercepting v4l2_compat_ioctl32() function of the [videodev] module and making it to return -ENOIOCTLCMD error value would work just fine, except breaking all 32bit video capturing software, but not 64bit ones.\n\nAlternatively, blacklisting [videodev] module will work too, but it will break all video capturing software.",
"product_ids": [
"7Server-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"7Server-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "kernel: v4l2: disabled memory access protection mechanism allowing privilege escalation"
},
{
"cve": "CVE-2017-16648",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"discovery_date": "2017-11-08T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1516257"
}
],
"notes": [
{
"category": "description",
"text": "The dvb frontend management subsystem in the Linux kernel contains a use-after-free which can allow a malicious user to write to memory that may be assigned to another kernel structure. This could create memory corruption, panic, or possibly other side affects.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: Use-after-free in drivers/media/dvb-core/dvb_frontend.c",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue does not affect the Linux kernel packages as shipped with Red Hat Enterprise Linux 5, 6, 7, MRG-2 and real-time kernels.\n\nThis issue affects the Linux kernel packages as shipped with Red Hat Enterprise Linux kernel-alt package.\n\nFuture Linux kernel updates for the respective releases may address this issue.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-16648"
},
{
"category": "external",
"summary": "RHBZ#1516257",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1516257"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-16648",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-16648"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-16648",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-16648"
}
],
"release_date": "2017-10-23T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-10-30T12:05:20+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"7Server-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:2948"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "PHYSICAL",
"availabilityImpact": "HIGH",
"baseScore": 4.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"7Server-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: Use-after-free in drivers/media/dvb-core/dvb_frontend.c"
},
{
"cve": "CVE-2017-17805",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2017-12-20T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1528312"
}
],
"notes": [
{
"category": "description",
"text": "The Salsa20 encryption algorithm in the Linux kernel, before 4.14.8, does not correctly handle zero-length inputs. This allows a local attacker the ability to use the AF_ALG-based skcipher interface to cause a denial of service (uninitialized-memory free and kernel crash) or have an unspecified other impact by executing a crafted sequence of system calls that use the blkcipher_walk API. Both the generic implementation (crypto/salsa20_generic.c) and x86 implementation (arch/x86/crypto/salsa20_glue.c) of Salsa20 are vulnerable.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: Salsa20 encryption algorithm does not correctly handle zero-length inputs allowing local attackers to cause denial-of-service",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue does not affect the Linux kernel packages as shipped with Red Hat Enterprise Linux 5 as the code with the flaw is not present in the products listed.\n\nThis issue affects the versions of the Linux kernel as shipped with Red Hat Enterprise Linux 6, 7, its real-time kernel, Red Hat Enterprise MRG 2, Red Hat Enterprise Linux 7 for ARM 64, and Red Hat Enterprise Linux 7 for Power 9 LE. Future Linux kernel updates for the respective releases may address this issue.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-17805"
},
{
"category": "external",
"summary": "RHBZ#1528312",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1528312"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-17805",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-17805"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-17805",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-17805"
}
],
"release_date": "2017-11-29T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-10-30T12:05:20+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"7Server-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:2948"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"7Server-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: Salsa20 encryption algorithm does not correctly handle zero-length inputs allowing local attackers to cause denial-of-service"
},
{
"cve": "CVE-2017-17806",
"cwe": {
"id": "CWE-391",
"name": "Unchecked Error Condition"
},
"discovery_date": "2017-12-20T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1528323"
}
],
"notes": [
{
"category": "description",
"text": "The HMAC implementation (crypto/hmac.c) in the Linux kernel, before 4.14.8, does not validate that the underlying cryptographic hash algorithm is unkeyed. This allows a local attacker, able to use the AF_ALG-based hash interface (CONFIG_CRYPTO_USER_API_HASH) and the SHA-3 hash algorithm (CONFIG_CRYPTO_SHA3), to cause a kernel stack buffer overflow by executing a crafted sequence of system calls that encounter a missing SHA-3 initialization.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: HMAC implementation does not validate that the underlying cryptographic hash algorithm is unkeyed allowing local attackers to cause denial-of-service",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue does not affect the Linux kernel packages as shipped with Red Hat Enterprise Linux 5, 6, and 7, its real-time kernel and Red Hat Enterprise MRG 2.\n\nThis issue affects the versions of the Linux kernel as shipped with Red Hat Enterprise Linux 7 for ARM 64 and Red Hat Enterprise Linux 7 for Power 9 LE. Future Linux kernel updates for the respective releases may address this issue.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-17806"
},
{
"category": "external",
"summary": "RHBZ#1528323",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1528323"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-17806",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-17806"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-17806",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-17806"
}
],
"release_date": "2017-11-29T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-10-30T12:05:20+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"7Server-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:2948"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"7Server-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: HMAC implementation does not validate that the underlying cryptographic hash algorithm is unkeyed allowing local attackers to cause denial-of-service"
},
{
"cve": "CVE-2017-18075",
"cwe": {
"id": "CWE-628",
"name": "Function Call with Incorrectly Specified Arguments"
},
"discovery_date": "2018-01-29T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1539508"
}
],
"notes": [
{
"category": "description",
"text": "crypto/pcrypt.c in the Linux kernel, before 4.14.13, mishandles freeing instances, allowing a local user able to access the AF_ALG-based AEAD interface (CONFIG_CRYPTO_USER_API_AEAD) and pcrypt (CONFIG_CRYPTO_PCRYPT) to cause a denial of service (kfree of an incorrect pointer) or possibly have unspecified other impact by executing a crafted sequence of system calls. Due to the nature of the flaw, privilege escalation cannot be fully ruled out, although we believe it is unlikely.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: Mishandled freeing of instances in pcrypt.c can allow a local user to cause a denial of service",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue does not affect the Linux kernel packages as shipped with Red Hat Enterprise Linux 5, 6, and 7, its real-time kernel and Red Hat Enterprise MRG 2, as the code with the flaw is not enabled and is not built in the products listed.\n\nThis issue affects the Linux kernel packages as shipped with Red Hat Enterprise Linux 7 for ARM 64 and Red Hat Enterprise Linux 7 for Power 9 LE. Future Linux kernel updates for the respective releases may address this issue.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-18075"
},
{
"category": "external",
"summary": "RHBZ#1539508",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1539508"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-18075",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-18075"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-18075",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-18075"
}
],
"release_date": "2017-12-20T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-10-30T12:05:20+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"7Server-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:2948"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"7Server-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: Mishandled freeing of instances in pcrypt.c can allow a local user to cause a denial of service"
},
{
"cve": "CVE-2017-18208",
"cwe": {
"id": "CWE-835",
"name": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)"
},
"discovery_date": "2018-03-01T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1551565"
}
],
"notes": [
{
"category": "description",
"text": "The madvise_willneed function in the Linux kernel allows local users to cause a denial of service (infinite loop) by triggering use of MADVISE_WILLNEED for a DAX mapping.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: Inifinite loop vulnerability in mm/madvise.c:madvise_willneed() function allows local denial of service",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-18208"
},
{
"category": "external",
"summary": "RHBZ#1551565",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1551565"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-18208",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-18208"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-18208",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-18208"
},
{
"category": "external",
"summary": "https://lwn.net/Articles/618064/",
"url": "https://lwn.net/Articles/618064/"
},
{
"category": "external",
"summary": "https://www.kernel.org/doc/Documentation/filesystems/dax.txt",
"url": "https://www.kernel.org/doc/Documentation/filesystems/dax.txt"
}
],
"release_date": "2017-11-30T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-10-30T12:05:20+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"7Server-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:2948"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"7Server-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: Inifinite loop vulnerability in mm/madvise.c:madvise_willneed() function allows local denial of service"
},
{
"cve": "CVE-2017-18344",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"discovery_date": "2018-07-27T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1610958"
}
],
"notes": [
{
"category": "description",
"text": "The timer_create syscall implementation in kernel/time/posix-timers.c in the Linux kernel doesn\u0027t properly validate the sigevent-\u003esigev_notify field, which leads to out-of-bounds access in the show_timer function.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: out-of-bounds access in the show_timer function in kernel/time/posix-timers.c",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-18344"
},
{
"category": "external",
"summary": "RHBZ#1610958",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1610958"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-18344",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-18344"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-18344",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-18344"
}
],
"release_date": "2017-12-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-10-30T12:05:20+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"7Server-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:2948"
},
{
"category": "workaround",
"details": "Attached to this bugzilla is a systemtap script that will prevent opening (and therefore reading) the /proc/\u003cprocess\u003e/timers file which is used to leak information.\n\nThe SystemTap script is relatively small and efficient, broken into 3 distinct sections as follows:\n\n--------\n\nprobe kernel.function(\"proc_timers_open@fs/proc/base.c\").return { \n // this is -EACCES\n\t$return = -13;\n message = sprintf(\"CVE-2017-18344 mitigation denied access to %s to %s(%d)\", file_name , execname(), pid());\n // print a warning message at KERN_INFO debug level\n printk(6, message);\n}\n\nprobe begin {\n printk(6, \"Mitigation for CVE-2017-18344 loaded.\\n\");\n}\n\n\nprobe end {\n printk(6, \"Mitigation for CVE-2017-18344 unloaded.\\n\");\n}\n\n\n---------\n\nFirst, the script places a probe at the return of the kernel function \u201cproc_timers_open\u201d when called. This modifies the return value to be EACCES which would return this value to userspace preventing this file from being opened. When the /proc/\u003cpid\u003e/timer file is attempted to be opened, a message will be logged to the kernel log subsystem showing the process and pid of the application attempting to access the timer file. \n\nThis file is not in widespread use at this time, although some applications may read from it to debug or understand their own timers that are set. This mitigation will not be useful in this context.\n\nFinally, the \u201cprobe begin\u201d and \u201cprobe end\u201d code blocks tell systemtap to add the supplied text to the kernel log buffer via the printk function. This creates an audit trail by registering in the system logs exactly when the mitigation is loaded and unloaded. This will need to be compiled with guru mode (-g parameter) to compile.\n\nThis will need to be loaded at each boot to remain effective. Red Hat Product security recommends updating to a patched kernel when it is available.\n\nRed Hat always seeks to provide both mitigations to disable attacks as well as the actual patches to treat the flaw. To learn more about SystemTap, and how it can be used in your management of your Red Hat systems, please refer to Using SystemTap[1] or one of our videos about it within our Customer Portal[2].\n\n1 - https://access.redhat.com/articles/17839\n2 - https://access.redhat.com/search/#/?q=systemtap",
"product_ids": [
"7Server-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N",
"version": "3.0"
},
"products": [
"7Server-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "kernel: out-of-bounds access in the show_timer function in kernel/time/posix-timers.c"
},
{
"cve": "CVE-2018-1065",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"discovery_date": "2018-02-22T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1547824"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the netfilter/iptables subsystem. A user with the netfilter modification capabilities could insert a rule which could panic the system.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: netfilter: xtables NULL pointer dereference in ip6_tables.c:ip6t_do_table() leading to a crash",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-1065"
},
{
"category": "external",
"summary": "RHBZ#1547824",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1547824"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-1065",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1065"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-1065",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-1065"
}
],
"release_date": "2018-02-04T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-10-30T12:05:20+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"7Server-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:2948"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"7Server-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: netfilter: xtables NULL pointer dereference in ip6_tables.c:ip6t_do_table() leading to a crash"
},
{
"cve": "CVE-2018-1068",
"cwe": {
"id": "CWE-119",
"name": "Improper Restriction of Operations within the Bounds of a Memory Buffer"
},
"discovery_date": "2018-03-05T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1552048"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Linux kernel\u0027s implementation of 32-bit syscall interface for bridging. This allowed a privileged user to arbitrarily write to a limited range of kernel memory.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: Out-of-bounds write via userland offsets in ebt_entry struct in netfilter/ebtables.c",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-1068"
},
{
"category": "external",
"summary": "RHBZ#1552048",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1552048"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-1068",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1068"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-1068",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-1068"
}
],
"release_date": "2018-03-05T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-10-30T12:05:20+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"7Server-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:2948"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"7Server-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "kernel: Out-of-bounds write via userland offsets in ebt_entry struct in netfilter/ebtables.c"
},
{
"acknowledgments": [
{
"names": [
"Wen Xu"
]
}
],
"cve": "CVE-2018-1092",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"discovery_date": "2018-03-27T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1560777"
}
],
"notes": [
{
"category": "description",
"text": "The Linux kernel is vulnerable to a NULL pointer dereference in the ext4/mballoc.c:ext4_process_freed_data() function. An attacker could trick a legitimate user or a privileged attacker could exploit this by mounting a crafted ext4 image to cause a kernel panic.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: NULL pointer dereference in ext4/mballoc.c:ext4_process_freed_data() when mounting crafted ext4 image",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-1092"
},
{
"category": "external",
"summary": "RHBZ#1560777",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1560777"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-1092",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1092"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-1092",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-1092"
}
],
"release_date": "2018-03-22T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-10-30T12:05:20+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"7Server-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:2948"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "PHYSICAL",
"availabilityImpact": "HIGH",
"baseScore": 4.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"7Server-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "kernel: NULL pointer dereference in ext4/mballoc.c:ext4_process_freed_data() when mounting crafted ext4 image"
},
{
"acknowledgments": [
{
"names": [
"Wen Xu"
]
}
],
"cve": "CVE-2018-1094",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"discovery_date": "2018-03-27T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1560788"
}
],
"notes": [
{
"category": "description",
"text": "The Linux kernel is vulnerable to a NULL pointer dereference in the ext4/xattr.c:ext4_xattr_inode_hash() function. An attacker could trick a legitimate user or a privileged attacker could exploit this to cause a NULL pointer dereference with a crafted ext4 image.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: NULL pointer dereference in ext4/xattr.c:ext4_xattr_inode_hash() causes crash with crafted ext4 image",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-1094"
},
{
"category": "external",
"summary": "RHBZ#1560788",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1560788"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-1094",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1094"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-1094",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-1094"
}
],
"release_date": "2018-03-22T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-10-30T12:05:20+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"7Server-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:2948"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "PHYSICAL",
"availabilityImpact": "HIGH",
"baseScore": 4.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"7Server-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "kernel: NULL pointer dereference in ext4/xattr.c:ext4_xattr_inode_hash() causes crash with crafted ext4 image"
},
{
"acknowledgments": [
{
"names": [
"Wen Xu"
]
}
],
"cve": "CVE-2018-1095",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"discovery_date": "2018-03-27T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1560793"
}
],
"notes": [
{
"category": "description",
"text": "The Linux kernel is vulnerable to an out-of-bound access bug in the fs/posix_acl.c:get_acl() function. An attacker could trick a legitimate user or a privileged attacker could exploit this to cause a system crash or other unspecified impact with a crafted ext4 image. Due to the nature of the flaw, privilege escalation cannot be fully ruled out, although we believe it is unlikely.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: out-of-bound access in fs/posix_acl.c:get_acl() causes crash with crafted ext4 image",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-1095"
},
{
"category": "external",
"summary": "RHBZ#1560793",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1560793"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-1095",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1095"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-1095",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-1095"
}
],
"release_date": "2018-03-22T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-10-30T12:05:20+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"7Server-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:2948"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "PHYSICAL",
"availabilityImpact": "HIGH",
"baseScore": 5.2,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H",
"version": "3.0"
},
"products": [
"7Server-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "kernel: out-of-bound access in fs/posix_acl.c:get_acl() causes crash with crafted ext4 image"
},
{
"cve": "CVE-2018-1118",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"discovery_date": "2018-05-02T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1573699"
}
],
"notes": [
{
"category": "description",
"text": "The Linux kernel does not properly initialize memory in messages passed between virtual guests and the host operating system in the vhost/vhost.c:vhost_new_msg() function. This can allow local privileged users to read some kernel memory contents when reading from the /dev/vhost-net device file.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: vhost: Information disclosure in vhost/vhost.c:vhost_new_msg()",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-1118"
},
{
"category": "external",
"summary": "RHBZ#1573699",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1573699"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-1118",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1118"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-1118",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-1118"
}
],
"release_date": "2018-04-23T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-10-30T12:05:20+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"7Server-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:2948"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 2.3,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N",
"version": "3.0"
},
"products": [
"7Server-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "kernel: vhost: Information disclosure in vhost/vhost.c:vhost_new_msg()"
},
{
"acknowledgments": [
{
"names": [
"Qualys Research Labs"
]
}
],
"cve": "CVE-2018-1120",
"cwe": {
"id": "CWE-122",
"name": "Heap-based Buffer Overflow"
},
"discovery_date": "2018-05-07T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1575472"
}
],
"notes": [
{
"category": "description",
"text": "By mmap()ing a FUSE-backed file onto a process\u0027s memory containing command line arguments (or environment strings), an attacker can cause utilities from psutils or procps (such as ps, w) or any other program which makes a read() call to the /proc/\u003cpid\u003e/cmdline (or /proc/\u003cpid\u003e/environ) files to block indefinitely (denial of service) or for some controlled time (as a synchronization primitive for other attacks).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: fuse-backed file mmap-ed onto process cmdline arguments causes denial of service",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-1120"
},
{
"category": "external",
"summary": "RHBZ#1575472",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1575472"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-1120",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1120"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-1120",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-1120"
},
{
"category": "external",
"summary": "http://seclists.org/oss-sec/2018/q2/122",
"url": "http://seclists.org/oss-sec/2018/q2/122"
}
],
"release_date": "2018-05-17T17:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-10-30T12:05:20+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"7Server-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:2948"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 2.8,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"7Server-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: fuse-backed file mmap-ed onto process cmdline arguments causes denial of service"
},
{
"acknowledgments": [
{
"names": [
"Jann Horn"
],
"organization": "Google Project Zero"
},
{
"names": [
"Ken Johnson"
],
"organization": "Microsoft Security Response Center"
}
],
"cve": "CVE-2018-3639",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"discovery_date": "2018-03-12T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1566890"
}
],
"notes": [
{
"category": "description",
"text": "An industry-wide issue was found in the way many modern microprocessor designs have implemented speculative execution of Load \u0026 Store instructions (a commonly used performance optimization). It relies on the presence of a precisely-defined instruction sequence in the privileged code as well as the fact that memory read from address to which a recent memory write has occurred may see an older value and subsequently cause an update into the microprocessor\u0027s data cache even for speculatively executed instructions that never actually commit (retire). As a result, an unprivileged attacker could use this flaw to read privileged memory by conducting targeted cache side-channel attacks.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "hw: cpu: speculative store bypass",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Product Security is aware of this issue. Updates will be released as they become available. For additional information, please refer to the Red Hat Knowledgebase article: https://access.redhat.com/security/vulnerabilities/ssbd",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-3639"
},
{
"category": "external",
"summary": "RHBZ#1566890",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1566890"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-3639",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-3639"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-3639",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-3639"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/vulnerabilities/ssbd",
"url": "https://access.redhat.com/security/vulnerabilities/ssbd"
},
{
"category": "external",
"summary": "https://bugs.chromium.org/p/project-zero/issues/detail?id=1528",
"url": "https://bugs.chromium.org/p/project-zero/issues/detail?id=1528"
},
{
"category": "external",
"summary": "https://software.intel.com/sites/default/files/managed/b9/f9/336983-Intel-Analysis-of-Speculative-Execution-Side-Channels-White-Paper.pdf",
"url": "https://software.intel.com/sites/default/files/managed/b9/f9/336983-Intel-Analysis-of-Speculative-Execution-Side-Channels-White-Paper.pdf"
},
{
"category": "external",
"summary": "https://software.intel.com/sites/default/files/managed/c5/63/336996-Speculative-Execution-Side-Channel-Mitigations.pdf",
"url": "https://software.intel.com/sites/default/files/managed/c5/63/336996-Speculative-Execution-Side-Channel-Mitigations.pdf"
},
{
"category": "external",
"summary": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00115.html",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00115.html"
}
],
"release_date": "2018-05-21T21:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-10-30T12:05:20+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"7Server-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:2948"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N",
"version": "3.0"
},
"products": [
"7Server-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "hw: cpu: speculative store bypass"
},
{
"cve": "CVE-2018-5344",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"discovery_date": "2018-01-12T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1533909"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Linux kernel\u0027s handling of loopback devices. An attacker, who has permissions to setup loopback disks, may create a denial of service or other unspecified actions.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: drivers/block/loop.c mishandles lo_release serialization allowing denial-of-service",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue does not affect the Linux kernel packages as shipped with Red Hat Enterprise Linux 5 and 6.\n\nThis issue affects the Linux kernel packages as shipped with Red Hat Enterprise Linux 7 and MRG-2.\n\nFuture Linux kernel updates for the respective releases may address this issue.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-5344"
},
{
"category": "external",
"summary": "RHBZ#1533909",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1533909"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-5344",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-5344"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-5344",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-5344"
}
],
"release_date": "2018-01-06T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-10-30T12:05:20+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"7Server-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:2948"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"7Server-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: drivers/block/loop.c mishandles lo_release serialization allowing denial-of-service"
},
{
"acknowledgments": [
{
"names": [
"Juha-Matti Tilli"
],
"organization": "Aalto University - Department of Communications and Networking and Nokia Bell Labs"
}
],
"cve": "CVE-2018-5390",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2018-07-17T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1601704"
}
],
"notes": [
{
"category": "description",
"text": "A flaw named SegmentSmack was found in the way the Linux kernel handled specially crafted TCP packets. A remote attacker could use this flaw to trigger time and calculation expensive calls to tcp_collapse_ofo_queue() and tcp_prune_ofo_queue() functions by sending specially modified packets within ongoing TCP sessions which could lead to a CPU saturation and hence a denial of service on the system. Maintaining the denial of service condition requires continuous two-way TCP sessions to a reachable open port, thus the attacks cannot be performed using spoofed IP addresses.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: TCP segments with random offsets allow a remote denial of service (SegmentSmack)",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Product Security is aware of this issue. Updates will be released as they become available. For additional information, please refer to the Red Hat Knowledgebase article: https://access.redhat.com/articles/3553061\n\nThis issue affects the versions of the Linux kernel as shipped with Red Hat Enterprise Linux 6, 7, its real-time kernel, Red Hat Enterprise MRG 2, Red Hat Enterprise Linux 7 for ARM 64, and Red Hat Enterprise Linux 7 for Power 9. Future kernel updates for the respective releases will address this issue.\n\nThis issue affects the Linux kernel packages as shipped with Red Hat Enterprise Linux 5, but to a lesser degree. As such, the issue severity for RHEL5 is considered Moderate. This is not currently planned to be addressed in future updates of the product due to its life cycle and the issue severity. For additional information, refer to the Red Hat Enterprise Linux Life Cycle: https://access.redhat.com/support/policy/updates/errata/.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-5390"
},
{
"category": "external",
"summary": "RHBZ#1601704",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1601704"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-5390",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-5390"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-5390",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-5390"
},
{
"category": "external",
"summary": "https://access.redhat.com/articles/3553061",
"url": "https://access.redhat.com/articles/3553061"
},
{
"category": "external",
"summary": "https://www.kb.cert.org/vuls/id/962459",
"url": "https://www.kb.cert.org/vuls/id/962459"
},
{
"category": "external",
"summary": "https://www.spinics.net/lists/netdev/msg514742.html",
"url": "https://www.spinics.net/lists/netdev/msg514742.html"
}
],
"release_date": "2018-08-06T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-10-30T12:05:20+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"7Server-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:2948"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"7Server-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "kernel: TCP segments with random offsets allow a remote denial of service (SegmentSmack)"
},
{
"acknowledgments": [
{
"names": [
"Juha-Matti Tilli"
],
"organization": "Aalto University - Department of Communications and Networking and Nokia Bell Labs"
}
],
"cve": "CVE-2018-5391",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2018-07-17T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1609664"
}
],
"notes": [
{
"category": "description",
"text": "A flaw named FragmentSmack was found in the way the Linux kernel handled reassembly of fragmented IPv4 and IPv6 packets. A remote attacker could use this flaw to trigger time and calculation expensive fragment reassembly algorithm by sending specially crafted packets which could lead to a CPU saturation and hence a denial of service on the system.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: IP fragments with random offsets allow a remote denial of service (FragmentSmack)",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Product Security is aware of this issue. Updates will be released as they become available. For additional information, please refer to the Red Hat Knowledgebase article: https://access.redhat.com/articles/3553061\n\nThis issue affects the versions of the Linux kernel as shipped with Red Hat Enterprise Linux 6, 7, its real-time kernel, Red Hat Enterprise MRG 2, Red Hat Enterprise Linux 7 for ARM 64, and Red Hat Enterprise Linux 7 for Power 9. Future kernel updates for the respective releases will address this issue.\n\nThis issue affects the Linux kernel packages as shipped with Red Hat Enterprise Linux 5, but to a lesser degree. As such, the issue severity for RHEL5 is considered Moderate. This is not currently planned to be addressed in future updates of the product due to its life cycle and the issue severity. For additional information, refer to the Red Hat Enterprise Linux Life Cycle: https://access.redhat.com/support/policy/updates/errata/.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-5391"
},
{
"category": "external",
"summary": "RHBZ#1609664",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1609664"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-5391",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-5391"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-5391",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-5391"
},
{
"category": "external",
"summary": "https://access.redhat.com/articles/3553061",
"url": "https://access.redhat.com/articles/3553061"
},
{
"category": "external",
"summary": "https://www.kb.cert.org/vuls/id/641765",
"url": "https://www.kb.cert.org/vuls/id/641765"
}
],
"release_date": "2018-08-14T16:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-10-30T12:05:20+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"7Server-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:2948"
},
{
"category": "workaround",
"details": "One may change the default 4MB and 3MB values of net.ipv4.ipfrag_high_thresh and net.ipv4.ipfrag_low_thresh (and their ipv6 counterparts net.ipv6.ipfrag_high_thresh and net.ipv6.ipfrag_low_thresh) to 256 kB and 192 kB (respectively) or below. Tests show some to significant CPU saturation drop during an attack, depending on a hardware, configuration and environment.\n\nThere can be some impact on performance though, due to ipfrag_high_thresh of 262144 bytes, as only two 64K fragments can fit in the reassembly queue at the same time. For example, there is a risk of breaking applications that rely on large UDP packets.\n\nSee the Mitigation section in the https://access.redhat.com/articles/3553061 article for the script to quickly change to/from default and lower settings.",
"product_ids": [
"7Server-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"7Server-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "kernel: IP fragments with random offsets allow a remote denial of service (FragmentSmack)"
},
{
"cve": "CVE-2018-5750",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"discovery_date": "2018-01-26T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1539706"
}
],
"notes": [
{
"category": "description",
"text": "The acpi_smbus_hc_add function in drivers/acpi/sbshc.c in the Linux kernel, through 4.14.15, allows local users to obtain sensitive address information by reading dmesg data from an SBS HC printk call.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: Kernel address information leak in drivers/acpi/sbshc.c:acpi_smbus_hc_add() function potentially allowing KASLR bypass",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue does not affect the Linux kernel packages as shipped with Red Hat Enterprise Linux 5, 6, and Red Hat Enterprise MRG 2, as KASLR feature is not present or enabled in these products.\n\nThis issue affects the Linux kernel packages as shipped with Red Hat Enterprise Linux 7, its real-time kernel, Red Hat Enterprise Linux 7 for ARM 64 and Red Hat Enterprise Linux 7 for Power 9 LE. Future Linux kernel updates for the respective releases may address this issue.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-5750"
},
{
"category": "external",
"summary": "RHBZ#1539706",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1539706"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-5750",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-5750"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-5750",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-5750"
}
],
"release_date": "2017-12-19T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-10-30T12:05:20+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"7Server-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:2948"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 3.3,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.0"
},
"products": [
"7Server-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: Kernel address information leak in drivers/acpi/sbshc.c:acpi_smbus_hc_add() function potentially allowing KASLR bypass"
},
{
"cve": "CVE-2018-5803",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2018-03-01T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1551051"
}
],
"notes": [
{
"category": "description",
"text": "An error in the \"_sctp_make_chunk()\" function (net/sctp/sm_make_chunk.c) when handling SCTP, packet length can be exploited by a malicious local user to cause a kernel crash and a DoS.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: Missing length check of payload in net/sctp/sm_make_chunk.c:_sctp_make_chunk() function allows denial of service",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-5803"
},
{
"category": "external",
"summary": "RHBZ#1551051",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1551051"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-5803",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-5803"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-5803",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-5803"
}
],
"release_date": "2018-02-09T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-10-30T12:05:20+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"7Server-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:2948"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"7Server-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: Missing length check of payload in net/sctp/sm_make_chunk.c:_sctp_make_chunk() function allows denial of service"
},
{
"cve": "CVE-2018-5848",
"cwe": {
"id": "CWE-120",
"name": "Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)"
},
"discovery_date": "2018-05-02T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1590799"
}
],
"notes": [
{
"category": "description",
"text": "In the function wmi_set_ie() in the Linux kernel the length validation code does not handle unsigned integer overflow properly. As a result, a large value of the \u2018ie_len\u2019 argument can cause a buffer overflow and thus a memory corruption leading to a system crash or other or unspecified impact. Due to the nature of the flaw, privilege escalation cannot be fully ruled out, although we believe it is unlikely.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: buffer overflow in drivers/net/wireless/ath/wil6210/wmi.c:wmi_set_ie() may lead to memory corruption",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-5848"
},
{
"category": "external",
"summary": "RHBZ#1590799",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1590799"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-5848",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-5848"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-5848",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-5848"
}
],
"release_date": "2017-12-02T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-10-30T12:05:20+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"7Server-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:2948"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:H",
"version": "3.0"
},
"products": [
"7Server-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: buffer overflow in drivers/net/wireless/ath/wil6210/wmi.c:wmi_set_ie() may lead to memory corruption"
},
{
"cve": "CVE-2018-7566",
"cwe": {
"id": "CWE-362",
"name": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)"
},
"discovery_date": "2018-01-29T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1550142"
}
],
"notes": [
{
"category": "description",
"text": "ALSA sequencer core initializes the event pool on demand by invoking snd_seq_pool_init() when the first write happens and the pool is empty. A user can reset the pool size manually via ioctl concurrently, and this may lead to UAF or out-of-bound access.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: race condition in snd_seq_write() may lead to UAF or OOB-access",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue does not affect the versions of the Linux kernel as shipped with Red Hat Enterprise Linux 5.\n\nThis issue affects the versions of the Linux kernel as shipped with Red Hat Enterprise Linux 6, 7, its real-time kernel, Red Hat Enterprise MRG 2, Red Hat Enterprise Linux 7 for ARM 64 and Red Hat Enterprise Linux 7 for Power 9 LE. Future Linux kernel updates for the respective releases may address this issue.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-7566"
},
{
"category": "external",
"summary": "RHBZ#1550142",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1550142"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-7566",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-7566"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-7566",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-7566"
}
],
"release_date": "2018-02-14T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-10-30T12:05:20+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"7Server-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:2948"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H",
"version": "3.0"
},
"products": [
"7Server-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: race condition in snd_seq_write() may lead to UAF or OOB-access"
},
{
"cve": "CVE-2018-7757",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2018-03-08T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1553361"
}
],
"notes": [
{
"category": "description",
"text": "Memory leak in the sas_smp_get_phy_events function in drivers/scsi/libsas/sas_expander.c in the Linux kernel allows local users to cause a denial of service (kernel memory exhaustion) via multiple read accesses to files in the /sys/class/sas_phy directory.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: Memory leak in the sas_smp_get_phy_events function in drivers/scsi/libsas/sas_expander.c",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-7757"
},
{
"category": "external",
"summary": "RHBZ#1553361",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1553361"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-7757",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-7757"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-7757",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-7757"
}
],
"release_date": "2018-03-08T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-10-30T12:05:20+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"7Server-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:2948"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"7Server-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "kernel: Memory leak in the sas_smp_get_phy_events function in drivers/scsi/libsas/sas_expander.c"
},
{
"cve": "CVE-2018-8781",
"cwe": {
"id": "CWE-190",
"name": "Integer Overflow or Wraparound"
},
"discovery_date": "2018-04-24T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1571062"
}
],
"notes": [
{
"category": "description",
"text": "A an integer overflow vulnerability was discovered in the Linux kernel, from version 3.4 through 4.15, in the drivers/gpu/drm/udl/udl_fb.c:udl_fb_mmap() function. An attacker with access to the udldrmfb driver could exploit this to obtain full read and write permissions on kernel physical pages, resulting in a code execution in kernel space.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: Integer overflow in drivers/gpu/drm/udl/udl_fb.c:udl_fb_mmap() can allow attackers to execute code in kernel space",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-8781"
},
{
"category": "external",
"summary": "RHBZ#1571062",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1571062"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-8781",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-8781"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-8781",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-8781"
}
],
"release_date": "2018-03-21T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-10-30T12:05:20+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"7Server-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:2948"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.0,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"7Server-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "kernel: Integer overflow in drivers/gpu/drm/udl/udl_fb.c:udl_fb_mmap() can allow attackers to execute code in kernel space"
},
{
"cve": "CVE-2018-9363",
"cwe": {
"id": "CWE-119",
"name": "Improper Restriction of Operations within the Bounds of a Memory Buffer"
},
"discovery_date": "2018-08-20T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1623067"
}
],
"notes": [
{
"category": "description",
"text": "A buffer overflow due to a singed-unsigned comparsion was found in hidp_process_report() in the net/bluetooth/hidp/core.c in the Linux kernel. The buffer length is an unsigned int but gets cast to a signed int which in certain conditions can lead to a system panic and a denial-of-service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: Buffer overflow in hidp_process_report",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-9363"
},
{
"category": "external",
"summary": "RHBZ#1623067",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1623067"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-9363",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-9363"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-9363",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-9363"
}
],
"release_date": "2018-08-16T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-10-30T12:05:20+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"7Server-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:2948"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H",
"version": "3.0"
},
"products": [
"7Server-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: Buffer overflow in hidp_process_report"
},
{
"cve": "CVE-2018-10322",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"discovery_date": "2018-04-24T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1571623"
}
],
"notes": [
{
"category": "description",
"text": "The xfs_dinode_verify function in fs/xfs/libxfs/xfs_inode_buf.c in the Linux kernel can cause a NULL pointer dereference in xfs_ilock_attr_map_shared function. An attacker could trick a legitimate user or a privileged attacker could exploit this by mounting a crafted xfs filesystem image to cause a kernel panic and thus a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: Invalid pointer dereference in xfs_ilock_attr_map_shared() when mounting crafted xfs image allowing denial of service",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-10322"
},
{
"category": "external",
"summary": "RHBZ#1571623",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1571623"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-10322",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-10322"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-10322",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-10322"
}
],
"release_date": "2018-04-12T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-10-30T12:05:20+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"7Server-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:2948"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "PHYSICAL",
"availabilityImpact": "HIGH",
"baseScore": 4.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"7Server-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "kernel: Invalid pointer dereference in xfs_ilock_attr_map_shared() when mounting crafted xfs image allowing denial of service"
},
{
"cve": "CVE-2018-10877",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"discovery_date": "2018-06-28T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1596795"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Linux kernel ext4 filesystem. An out-of-bound access is possible in the ext4_ext_drop_refs() function when operating on a crafted ext4 filesystem image.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: out-of-bound access in ext4_ext_drop_refs function with a crafted ext4 image",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-10877"
},
{
"category": "external",
"summary": "RHBZ#1596795",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1596795"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-10877",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-10877"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-10877",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-10877"
}
],
"release_date": "2018-04-16T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-10-30T12:05:20+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"7Server-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:2948"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "PHYSICAL",
"availabilityImpact": "HIGH",
"baseScore": 5.2,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H",
"version": "3.0"
},
"products": [
"7Server-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "kernel: out-of-bound access in ext4_ext_drop_refs function with a crafted ext4 image"
},
{
"cve": "CVE-2018-10878",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"discovery_date": "2018-06-28T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1596802"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Linux kernel\u0027s ext4 filesystem. A local user can cause an out-of-bounds write and a denial of service or unspecified other impact is possible by mounting and operating a crafted ext4 filesystem image.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: out-of-bound write in ext4_init_block_bitmap function with a crafted ext4 image",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-10878"
},
{
"category": "external",
"summary": "RHBZ#1596802",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1596802"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-10878",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-10878"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-10878",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-10878"
}
],
"release_date": "2018-05-28T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-10-30T12:05:20+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"7Server-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:2948"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "PHYSICAL",
"availabilityImpact": "HIGH",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:P/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H",
"version": "3.0"
},
"products": [
"7Server-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: out-of-bound write in ext4_init_block_bitmap function with a crafted ext4 image"
},
{
"cve": "CVE-2018-10879",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"discovery_date": "2018-06-28T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1596806"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Linux kernel\u0027s ext4 filesystem. A local user can cause a use-after-free in ext4_xattr_set_entry function and a denial of service or unspecified other impact may occur by renaming a file in a crafted ext4 filesystem image.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: use-after-free detected in ext4_xattr_set_entry with a crafted file",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-10879"
},
{
"category": "external",
"summary": "RHBZ#1596806",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1596806"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-10879",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-10879"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-10879",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-10879"
}
],
"release_date": "2018-06-08T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-10-30T12:05:20+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"7Server-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:2948"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "PHYSICAL",
"availabilityImpact": "HIGH",
"baseScore": 4.2,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:P/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"7Server-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "kernel: use-after-free detected in ext4_xattr_set_entry with a crafted file"
},
{
"cve": "CVE-2018-10880",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"discovery_date": "2018-06-28T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1596812"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Linux kernel\u0027s ext4 filesystem code. A stack-out-of-bounds write in ext4_update_inline_data() is possible when mounting and writing to a crafted ext4 image. An attacker could use this to cause a system crash and a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: stack-out-of-bounds write in ext4_update_inline_data function",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-10880"
},
{
"category": "external",
"summary": "RHBZ#1596812",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1596812"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-10880",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-10880"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-10880",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-10880"
}
],
"release_date": "2018-06-09T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-10-30T12:05:20+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"7Server-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:2948"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"7Server-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "kernel: stack-out-of-bounds write in ext4_update_inline_data function"
},
{
"cve": "CVE-2018-10881",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"discovery_date": "2018-06-28T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1596828"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Linux kernel\u0027s ext4 filesystem. A local user can cause an out-of-bound access in ext4_get_group_info function, a denial of service, and a system crash by mounting and operating on a crafted ext4 filesystem image.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: out-of-bound access in ext4_get_group_info() when mounting and operating a crafted ext4 image",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-10881"
},
{
"category": "external",
"summary": "RHBZ#1596828",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1596828"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-10881",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-10881"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-10881",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-10881"
}
],
"release_date": "2018-06-10T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-10-30T12:05:20+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"7Server-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:2948"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "PHYSICAL",
"availabilityImpact": "HIGH",
"baseScore": 4.2,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:P/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"7Server-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "kernel: out-of-bound access in ext4_get_group_info() when mounting and operating a crafted ext4 image"
},
{
"cve": "CVE-2018-10882",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"discovery_date": "2018-06-28T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1596842"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Linux kernel\u0027s ext4 filesystem. A local user can cause an out-of-bound write in the fs/jbd2/transaction.c code, a denial of service, and a system crash by unmounting a crafted ext4 filesystem image.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: stack-out-of-bounds write infs/jbd2/transaction.c",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-10882"
},
{
"category": "external",
"summary": "RHBZ#1596842",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1596842"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-10882",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-10882"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-10882",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-10882"
}
],
"release_date": "2018-06-14T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-10-30T12:05:20+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"7Server-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:2948"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "PHYSICAL",
"availabilityImpact": "HIGH",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:P/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H",
"version": "3.0"
},
"products": [
"7Server-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "kernel: stack-out-of-bounds write infs/jbd2/transaction.c"
},
{
"cve": "CVE-2018-10883",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"discovery_date": "2018-06-28T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1596846"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Linux kernel\u0027s ext4 filesystem. A local user can cause an out-of-bound write in jbd2_journal_dirty_metadata(), a denial of service, and a system crash by mounting and operating on a crafted ext4 filesystem image.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: stack-out-of-bounds write in jbd2_journal_dirty_metadata function",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-10883"
},
{
"category": "external",
"summary": "RHBZ#1596846",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1596846"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-10883",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-10883"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-10883",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-10883"
}
],
"release_date": "2018-06-14T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-10-30T12:05:20+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"7Server-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:2948"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "PHYSICAL",
"availabilityImpact": "HIGH",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:P/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H",
"version": "3.0"
},
"products": [
"7Server-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "kernel: stack-out-of-bounds write in jbd2_journal_dirty_metadata function"
},
{
"cve": "CVE-2018-10940",
"cwe": {
"id": "CWE-119",
"name": "Improper Restriction of Operations within the Bounds of a Memory Buffer"
},
"discovery_date": "2018-05-09T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1577408"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Linux kernel, before 4.16.6 where the cdrom_ioctl_media_changed function in drivers/cdrom/cdrom.c allows local attackers to use a incorrect bounds check in the CDROM driver CDROM_MEDIA_CHANGED ioctl to read out kernel memory.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: incorrect memory bounds check in drivers/cdrom/cdrom.c",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-10940"
},
{
"category": "external",
"summary": "RHBZ#1577408",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1577408"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-10940",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-10940"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-10940",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-10940"
}
],
"release_date": "2018-04-18T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-10-30T12:05:20+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"7Server-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:2948"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L",
"version": "3.0"
},
"products": [
"7Server-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "kernel: incorrect memory bounds check in drivers/cdrom/cdrom.c"
},
{
"cve": "CVE-2018-11506",
"cwe": {
"id": "CWE-121",
"name": "Stack-based Buffer Overflow"
},
"discovery_date": "2018-05-28T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1583210"
}
],
"notes": [
{
"category": "description",
"text": "The sr_do_ioctl function in drivers/scsi/sr_ioctl.c in the Linux kernel allows local users to cause a denial of service via a stack-based buffer overflow or possibly have unspecified other impact because sense buffers have different sizes at the CDROM layer and the SCSI layer.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: Stack-based buffer overflow in drivers/scsi/sr_ioctl.c allows denial of service or other unspecified impact",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-11506"
},
{
"category": "external",
"summary": "RHBZ#1583210",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1583210"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-11506",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-11506"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-11506",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-11506"
}
],
"release_date": "2018-05-21T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-10-30T12:05:20+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"7Server-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:2948"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:H",
"version": "3.0"
},
"products": [
"7Server-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: Stack-based buffer overflow in drivers/scsi/sr_ioctl.c allows denial of service or other unspecified impact"
},
{
"cve": "CVE-2018-12232",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"discovery_date": "2018-06-09T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1590215"
}
],
"notes": [
{
"category": "description",
"text": "A NULL pointer dereference issue was found in the Linux kernel. If the close() and fchownat() system calls share a socket file descriptor as an argument, then the two calls can race and trigger a NULL pointer dereference leading to a system crash and a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: NULL pointer dereference if close and fchownat system calls share a socket file descriptor",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-12232"
},
{
"category": "external",
"summary": "RHBZ#1590215",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1590215"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-12232",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-12232"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-12232",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-12232"
}
],
"release_date": "2018-06-04T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-10-30T12:05:20+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"7Server-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:2948"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"7Server-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: NULL pointer dereference if close and fchownat system calls share a socket file descriptor"
},
{
"cve": "CVE-2018-13405",
"cwe": {
"id": "CWE-284",
"name": "Improper Access Control"
},
"discovery_date": "2018-07-09T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1599161"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in the fs/inode.c:inode_init_owner() function logic of the LInux kernel that allows local users to create files with an unintended group ownership and with group execution and SGID permission bits set, in a scenario where a directory is SGID and belongs to a certain group and is writable by a user who is not a member of this group. This can lead to excessive permissions granted in case when they should not.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: Missing check in fs/inode.c:inode_init_owner() does not clear SGID bit on non-directories for non-members",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-13405"
},
{
"category": "external",
"summary": "RHBZ#1599161",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1599161"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-13405",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-13405"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-13405",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-13405"
}
],
"release_date": "2018-07-05T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-10-30T12:05:20+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"7Server-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:2948"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"7Server-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "kernel: Missing check in fs/inode.c:inode_init_owner() does not clear SGID bit on non-directories for non-members"
},
{
"acknowledgments": [
{
"names": [
"Florian Weimer",
"Ondrej Mosnacek"
],
"organization": "Red Hat",
"summary": "This issue was discovered by Red Hat."
}
],
"cve": "CVE-2018-14619",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"discovery_date": "2018-08-22T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1622004"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the crypto subsystem that allowed an attacker \r\nto crash the system or possibly escalate privileges with a specially crafted program.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: crash (possible privesc) in kernel crypto api.",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-14619"
},
{
"category": "external",
"summary": "RHBZ#1622004",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1622004"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-14619",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-14619"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-14619",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-14619"
},
{
"category": "external",
"summary": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=b32a7dc8aef1882fbf983eb354837488cc9d54dc",
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=b32a7dc8aef1882fbf983eb354837488cc9d54dc"
}
],
"release_date": "2018-08-28T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-10-30T12:05:20+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"7Server-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:2948"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.2,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"7Server-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "kernel: crash (possible privesc) in kernel crypto api."
},
{
"cve": "CVE-2018-14641",
"cwe": {
"id": "CWE-456",
"name": "Missing Initialization of a Variable"
},
"discovery_date": "2018-09-09T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1629636"
}
],
"notes": [
{
"category": "description",
"text": "A security flaw was found in the ip_frag_reasm() function in net/ipv4/ip_fragment.c in the Linux kernel which can cause a later system crash in ip_do_fragment(). With certain non-default, but non-rare, configuration of a victim host, an attacker can trigger this crash remotely, thus leading to a remote denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: a bug in ip_frag_reasm() can cause a crash in ip_do_fragment()",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-14641"
},
{
"category": "external",
"summary": "RHBZ#1629636",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1629636"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-14641",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-14641"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-14641",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-14641"
}
],
"release_date": "2018-09-18T09:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-10-30T12:05:20+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"7Server-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:2948"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"7Server-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "kernel: a bug in ip_frag_reasm() can cause a crash in ip_do_fragment()"
},
{
"cve": "CVE-2018-1000026",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2018-02-05T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1541846"
}
],
"notes": [
{
"category": "description",
"text": "Improper validation in the bnx2x network card driver of the Linux kernel version 4.15 can allow for denial of service (DoS) attacks via a packet with a gso_size larger than ~9700 bytes. Untrusted guest VMs can exploit this vulnerability in the host machine, causing a crash in the network card.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: Improper validation in bnx2x network card driver can allow for denial of service attacks via crafted packet",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue does not affect the Linux kernel packages as shipped with Red Hat Enterprise Linux 5 and 6, as supported configurations are not affected.\n\nThis issue affects the Linux kernel packages as shipped with Red Hat Enterprise Linux 7, its real-time kernel, Red Hat Enterprise MRG 2, Red Hat Enterprise Linux 7 for ARM 64 and Red Hat Enterprise Linux 7 for Power 9 LE. Future Linux kernel updates for the respective releases may address this issue.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-1000026"
},
{
"category": "external",
"summary": "RHBZ#1541846",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1541846"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-1000026",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1000026"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-1000026",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-1000026"
}
],
"release_date": "2018-01-12T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-10-30T12:05:20+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"7Server-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:2948"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:A/AC:H/PR:L/UI:N/S:C/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"7Server-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: Improper validation in bnx2x network card driver can allow for denial of service attacks via crafted packet"
},
{
"acknowledgments": [
{
"names": [
"David Rientjes"
],
"organization": "Google"
}
],
"cve": "CVE-2018-1000200",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"discovery_date": "2018-04-18T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1568744"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Linux kernel where an out of memory (oom) killing of a process that has large spans of mlocked memory can result in deferencing a NULL pointer, leading to denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: NULL pointer dereference on OOM kill of large mlocked process",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-1000200"
},
{
"category": "external",
"summary": "RHBZ#1568744",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1568744"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-1000200",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1000200"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-1000200",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-1000200"
}
],
"release_date": "2018-04-24T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-10-30T12:05:20+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"7Server-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:2948"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"7Server-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: NULL pointer dereference on OOM kill of large mlocked process"
},
{
"cve": "CVE-2018-1000204",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"discovery_date": "2018-06-08T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1589324"
}
],
"notes": [
{
"category": "description",
"text": "A malformed SG_IO ioctl issued for a SCSI device in the Linux kernel leads to a local kernel data leak manifesting in up to approximately 1000 memory pages copied to the userspace. The problem has limited scope as non-privileged users usually have no permissions to access SCSI device files.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: Infoleak caused by incorrect handling of the SG_IO ioctl",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-1000204"
},
{
"category": "external",
"summary": "RHBZ#1589324",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1589324"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-1000204",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1000204"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-1000204",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-1000204"
}
],
"release_date": "2018-05-18T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-10-30T12:05:20+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"7Server-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:2948"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 4.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"products": [
"7Server-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src",
"7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "kernel: Infoleak caused by incorrect handling of the SG_IO ioctl"
}
]
}
gsd-2018-1000200
Vulnerability from gsd
Modified
2023-12-13 01:22
Details
The Linux Kernel versions 4.14, 4.15, and 4.16 has a null pointer dereference which can result in an out of memory (OOM) killing of large mlocked processes. The issue arises from an oom killed process's final thread calling exit_mmap(), which calls munlock_vma_pages_all() for mlocked vmas.This can happen synchronously with the oom reaper's unmap_page_range() since the vma's VM_LOCKED bit is cleared before munlocking (to determine if any other vmas share the memory and are mlocked).
Aliases
Aliases
{
"GSD": {
"alias": "CVE-2018-1000200",
"description": "The Linux Kernel versions 4.14, 4.15, and 4.16 has a null pointer dereference which can result in an out of memory (OOM) killing of large mlocked processes. The issue arises from an oom killed process\u0027s final thread calling exit_mmap(), which calls munlock_vma_pages_all() for mlocked vmas.This can happen synchronously with the oom reaper\u0027s unmap_page_range() since the vma\u0027s VM_LOCKED bit is cleared before munlocking (to determine if any other vmas share the memory and are mlocked).",
"id": "GSD-2018-1000200",
"references": [
"https://www.suse.com/security/cve/CVE-2018-1000200.html",
"https://access.redhat.com/errata/RHSA-2018:2948",
"https://ubuntu.com/security/CVE-2018-1000200",
"https://advisories.mageia.org/CVE-2018-1000200.html"
]
},
"gsd": {
"metadata": {
"exploitCode": "unknown",
"remediation": "unknown",
"reportConfidence": "confirmed",
"type": "vulnerability"
},
"osvSchema": {
"aliases": [
"CVE-2018-1000200"
],
"details": "The Linux Kernel versions 4.14, 4.15, and 4.16 has a null pointer dereference which can result in an out of memory (OOM) killing of large mlocked processes. The issue arises from an oom killed process\u0027s final thread calling exit_mmap(), which calls munlock_vma_pages_all() for mlocked vmas.This can happen synchronously with the oom reaper\u0027s unmap_page_range() since the vma\u0027s VM_LOCKED bit is cleared before munlocking (to determine if any other vmas share the memory and are mlocked).",
"id": "GSD-2018-1000200",
"modified": "2023-12-13T01:22:27.756144Z",
"schema_version": "1.4.0"
}
},
"namespaces": {
"cve.org": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"DATE_ASSIGNED": "2018-04-17T12:00:00",
"DATE_REQUESTED": "2018-04-17T14:00:00",
"ID": "CVE-2018-1000200",
"REQUESTER": "rientjes@google.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Linux Kernel versions 4.14, 4.15, and 4.16 has a null pointer dereference which can result in an out of memory (OOM) killing of large mlocked processes. The issue arises from an oom killed process\u0027s final thread calling exit_mmap(), which calls munlock_vma_pages_all() for mlocked vmas.This can happen synchronously with the oom reaper\u0027s unmap_page_range() since the vma\u0027s VM_LOCKED bit is cleared before munlocking (to determine if any other vmas share the memory and are mlocked)."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "USN-3752-2",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/3752-2/"
},
{
"name": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=27ae357fa82be5ab73b2ef8d39dcb8ca2563483a",
"refsource": "CONFIRM",
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=27ae357fa82be5ab73b2ef8d39dcb8ca2563483a"
},
{
"name": "USN-3752-3",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/3752-3/"
},
{
"name": "https://access.redhat.com/security/cve/cve-2018-1000200",
"refsource": "CONFIRM",
"url": "https://access.redhat.com/security/cve/cve-2018-1000200"
},
{
"name": "[linux-kernel] 20180424 [patch v3 for-4.17] mm, oom: fix concurrent munlock and oom reaper unmap",
"refsource": "MLIST",
"url": "https://marc.info/?l=linux-kernel\u0026m=152460926619256"
},
{
"name": "RHSA-2018:2948",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:2948"
},
{
"name": "104397",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/104397"
},
{
"name": "[linux-kernel] 20180417 [patch] mm, oom: fix concurrent munlock and oom reaper unmap",
"refsource": "MLIST",
"url": "https://marc.info/?l=linux-kernel\u0026m=152400522806945"
},
{
"name": "USN-3752-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/3752-1/"
},
{
"name": "[oss-security] 20180424 CVE-2018-1000200 (Linux): Bad memory access on oom kill of large mlocked process",
"refsource": "MLIST",
"url": "http://seclists.org/oss-sec/2018/q2/67"
}
]
}
},
"nvd.nist.gov": {
"configurations": {
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:4.16:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:4.14:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:4.15:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
},
"cve": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-1000200"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "en",
"value": "The Linux Kernel versions 4.14, 4.15, and 4.16 has a null pointer dereference which can result in an out of memory (OOM) killing of large mlocked processes. The issue arises from an oom killed process\u0027s final thread calling exit_mmap(), which calls munlock_vma_pages_all() for mlocked vmas.This can happen synchronously with the oom reaper\u0027s unmap_page_range() since the vma\u0027s VM_LOCKED bit is cleared before munlocking (to determine if any other vmas share the memory and are mlocked)."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "en",
"value": "CWE-476"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=27ae357fa82be5ab73b2ef8d39dcb8ca2563483a",
"refsource": "CONFIRM",
"tags": [
"Mitigation",
"Patch",
"Vendor Advisory"
],
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=27ae357fa82be5ab73b2ef8d39dcb8ca2563483a"
},
{
"name": "https://access.redhat.com/security/cve/cve-2018-1000200",
"refsource": "CONFIRM",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/security/cve/cve-2018-1000200"
},
{
"name": "[oss-security] 20180424 CVE-2018-1000200 (Linux): Bad memory access on oom kill of large mlocked process",
"refsource": "MLIST",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://seclists.org/oss-sec/2018/q2/67"
},
{
"name": "[linux-kernel] 20180424 [patch v3 for-4.17] mm, oom: fix concurrent munlock and oom reaper unmap",
"refsource": "MLIST",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://marc.info/?l=linux-kernel\u0026m=152460926619256"
},
{
"name": "[linux-kernel] 20180417 [patch] mm, oom: fix concurrent munlock and oom reaper unmap",
"refsource": "MLIST",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://marc.info/?l=linux-kernel\u0026m=152400522806945"
},
{
"name": "104397",
"refsource": "BID",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/104397"
},
{
"name": "USN-3752-2",
"refsource": "UBUNTU",
"tags": [],
"url": "https://usn.ubuntu.com/3752-2/"
},
{
"name": "USN-3752-1",
"refsource": "UBUNTU",
"tags": [],
"url": "https://usn.ubuntu.com/3752-1/"
},
{
"name": "USN-3752-3",
"refsource": "UBUNTU",
"tags": [],
"url": "https://usn.ubuntu.com/3752-3/"
},
{
"name": "RHSA-2018:2948",
"refsource": "REDHAT",
"tags": [],
"url": "https://access.redhat.com/errata/RHSA-2018:2948"
}
]
}
},
"impact": {
"baseMetricV2": {
"cvssV2": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 4.9,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"userInteractionRequired": false
},
"baseMetricV3": {
"cvssV3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
},
"lastModifiedDate": "2018-10-31T10:30Z",
"publishedDate": "2018-06-05T13:29Z"
}
}
}
ghsa-qrgv-ph7p-j565
Vulnerability from github
Published
2022-05-14 02:03
Modified
2022-05-14 02:03
Severity ?
VLAI Severity ?
Details
The Linux Kernel versions 4.14, 4.15, and 4.16 has a null pointer dereference which can result in an out of memory (OOM) killing of large mlocked processes. The issue arises from an oom killed process's final thread calling exit_mmap(), which calls munlock_vma_pages_all() for mlocked vmas.This can happen synchronously with the oom reaper's unmap_page_range() since the vma's VM_LOCKED bit is cleared before munlocking (to determine if any other vmas share the memory and are mlocked).
{
"affected": [],
"aliases": [
"CVE-2018-1000200"
],
"database_specific": {
"cwe_ids": [
"CWE-476"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2018-06-05T13:29:00Z",
"severity": "MODERATE"
},
"details": "The Linux Kernel versions 4.14, 4.15, and 4.16 has a null pointer dereference which can result in an out of memory (OOM) killing of large mlocked processes. The issue arises from an oom killed process\u0027s final thread calling exit_mmap(), which calls munlock_vma_pages_all() for mlocked vmas.This can happen synchronously with the oom reaper\u0027s unmap_page_range() since the vma\u0027s VM_LOCKED bit is cleared before munlocking (to determine if any other vmas share the memory and are mlocked).",
"id": "GHSA-qrgv-ph7p-j565",
"modified": "2022-05-14T02:03:25Z",
"published": "2022-05-14T02:03:25Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-1000200"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2018:2948"
},
{
"type": "WEB",
"url": "https://access.redhat.com/security/cve/cve-2018-1000200"
},
{
"type": "WEB",
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=27ae357fa82be5ab73b2ef8d39dcb8ca2563483a"
},
{
"type": "WEB",
"url": "https://marc.info/?l=linux-kernel\u0026m=152400522806945"
},
{
"type": "WEB",
"url": "https://marc.info/?l=linux-kernel\u0026m=152460926619256"
},
{
"type": "WEB",
"url": "https://usn.ubuntu.com/3752-1"
},
{
"type": "WEB",
"url": "https://usn.ubuntu.com/3752-2"
},
{
"type": "WEB",
"url": "https://usn.ubuntu.com/3752-3"
},
{
"type": "WEB",
"url": "http://seclists.org/oss-sec/2018/q2/67"
},
{
"type": "WEB",
"url": "http://www.securityfocus.com/bid/104397"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
suse-su-2018:2092-1
Vulnerability from csaf_suse
Published
2018-07-27 13:37
Modified
2018-07-27 13:37
Summary
Security update for the Linux Kernel
Notes
Title of the patch
Security update for the Linux Kernel
Description of the patch
The SUSE Linux Enterprise 15 kernel was updated to receive various security and bugfixes.
The following new feature was added:
- NVDIMM memory error notification (ACPI 6.2)
The following security bugs were fixed:
- CVE-2018-13406: An integer overflow in the uvesafb_setcmap function could
have result in local attackers being able to crash the kernel or potentially
elevate privileges because kmalloc_array is not used (bnc#1100418)
- CVE-2018-13053: The alarm_timer_nsleep function had an integer overflow via a
large relative timeout because ktime_add_safe was not used (bnc#1099924)
- CVE-2018-9385: Prevent overread of the 'driver_override' buffer (bsc#1100491)
- CVE-2018-13405: The inode_init_owner function allowed local users to create
files with an unintended group ownership allowing attackers to escalate
privileges by making a plain file executable and SGID (bnc#1100416)
- CVE-2017-5753: Systems with microprocessors utilizing speculative execution
and branch prediction may have allowed unauthorized disclosure of information
to an attacker with local user access via a side-channel analysis (bsc#1068032)
- CVE-2018-1118: Linux kernel vhost did not properly initialize memory in
messages passed between virtual guests and the host operating system. This
could have allowed local privileged users to read some kernel memory contents
when reading from the /dev/vhost-net device file (bsc#1092472)
- CVE-2018-12233: A memory corruption bug in JFS could have been triggered by
calling setxattr twice with two different extended attribute names on the same
file. This vulnerability could be triggered by an unprivileged user with the
ability to create files and execute programs (bsc#1097234)
- CVE-2018-5848: In the function wmi_set_ie(), the length validation code did
not handle unsigned integer overflow properly. As a result, a large value of
the 'ie_len' argument could have caused a buffer overflow (bnc#1097356)
- CVE-2018-1000204: Prevent infoleak caused by incorrect handling of the SG_IO
ioctl (bsc#1096728)
- CVE-2018-3639: Systems with microprocessors utilizing speculative execution
and speculative execution of memory reads the addresses of all prior memory
writes are known may have allowed unauthorized disclosure of information to an
attacker with local user access via a side-channel analysis, aka Speculative
Store Bypass (SSB), Variant 4 (bsc#1087082)
- CVE-2018-1120: By mmap()ing a FUSE-backed file onto a process's memory
containing command line arguments (or environment strings), an attacker could
have caused utilities from psutils or procps (such as ps, w) to block
indefinitely (denial of service) or for some controlled time (as a
synchronization primitive for other attacks) (bsc#1093158)
- CVE-2018-1094: The ext4_fill_super function did not always initialize the
crc32c checksum driver, which allowed attackers to cause a denial of service
(ext4_xattr_inode_hash NULL pointer dereference and system crash) via a crafted
ext4 image (bsc#1087007)
- CVE-2018-1092: The ext4_iget function mishandled the case of a root directory
with a zero i_links_count, which allowed attackers to cause a denial of service
(ext4_process_freed_data NULL pointer dereference and OOPS) via a crafted ext4
image (bsc#1087012)
- 1093: The ext4_valid_block_bitmap function allowed attackers to cause a
denial of service (out-of-bounds read and system crash) via a crafted ext4
image because balloc.c and ialloc.c do not validate bitmap block numbers
(bsc#1087095)
- CVE-2018-1000200: Prevent NULL pointer dereference which could have resulted
in an out of memory (OOM) killing of large mlocked processes (bsc#1090150)
- CVE-2018-1130: NULL pointer dereference in dccp_write_xmit() function that
allowed a local user to cause a denial of service by a number of certain
crafted system calls (bsc#1092904)
- CVE-2018-5803: Prevent error in the '_sctp_make_chunk()' function when
handling SCTP packets length that could have been exploited to cause a kernel
crash (bnc#1083900)
- CVE-2018-7492: Prevent NULL pointer dereference in the net/rds/rdma.c
__rds_rdma_map() function that allowed local attackers to cause a system panic
and a denial-of-service, related to RDS_GET_MR and RDS_GET_MR_FOR_DEST
(bsc#1082962)
- CVE-2018-8781: The udl_fb_mmap function had an integer-overflow vulnerability
allowing local users with access to the udldrmfb driver to obtain full read and
write permissions on kernel physical pages, resulting in a code execution in
kernel space (bsc#1090643)
- CVE-2018-10124: The kill_something_info function in kernel/signal.c might
have allowed local users to cause a denial of service via an INT_MIN argument
(bnc#1089752)
- CVE-2018-10087: The kernel_wait4 function in kernel/exit.c might have allowed
local users to cause a denial of service by triggering an attempted use of the
-INT_MIN value (bnc#1089608)
- CVE-2017-5715: Prevent unauthorized disclosure of information to an attacker
with local user access caused by speculative execution and indirect branch
prediction (bsc#1068032)
The following non-security bugs were fixed:
- Fix copy_in_user() declaration (bsc#1052766).
- 1wire: family module autoload fails because of upper/lower case mismatch (bsc#1051510).
- 8021q: fix a memory leak for VLAN 0 device (networking-stable-18_01_12).
- 8139too: Use disable_irq_nosync() in rtl8139_poll_controller() (networking-stable-18_05_15).
- 8139too: revisit napi_complete_done() usage (networking-stable-17_10_09).
- 9p/trans_virtio: discard zero-length reply (bsc#1052766).
- ACPI / APEI: Replace ioremap_page_range() with fixmap (bsc#1051510).
- ACPI / LPSS: Add missing prv_offset setting for byt/cht PWM devices (bsc#1051510).
- ACPI / NUMA: ia64: Parse all entries of SRAT memory affinity table (bnc#1088796).
- ACPI / bus: Do not call _STA on battery devices with unmet dependencies (bsc#1051510).
- ACPI / button: make module loadable when booted in non-ACPI mode (bsc#1051510).
- ACPI / hotplug / PCI: Check presence of slot itself in get_slot_status() (bsc#1051510).
- ACPI / scan: Initialize watchdog before PNP (bsc#1073960).
- ACPI / scan: Send change uevent with offine environmental data (bsc#1082485).
- ACPI / scan: Use acpi_bus_get_status() to initialize ACPI_TYPE_DEVICE devs (bsc#1051510).
- ACPI / video: Add quirk to force acpi-video backlight on Samsung 670Z5E (bsc#1051510).
- ACPI / video: Default lcd_only to true on Win8-ready and newer machines (bsc#1051510).
- ACPI / video: Only default only_lcd to true on Win8-ready _desktops_ (bsc#1051510).
- ACPI / watchdog: Prefer iTCO_wdt on Lenovo Z50-70 (bsc#1051510).
- ACPI / watchdog: properly initialize resources (bsc#1051510).
- ACPI: EC: Fix debugfs_create_*() usage (bsc#1051510).
- ACPI: acpi_pad: Fix memory leak in power saving threads (bsc#1051510).
- ACPI: processor_perflib: Do not send _PPC change notification if not ready (bsc#1051510).
- ACPI: sysfs: Make ACPI GPE mask kernel parameter cover all GPEs (bsc#1051510).
- ACPICA: ACPI 6.0A: Changes to the NFIT ACPI table (bsc#1091424).
- ACPICA: Events: add a return on failure from acpi_hw_register_read (bsc#1051510).
- ACPICA: Fix memory leak on unusual memory leak (bsc#1051510).
- ACPICA: acpi: acpica: fix acpi operand cache leak in nseval.c (bsc#1051510).
- ALSA: aloop: Add missing cable lock to ctl API callbacks (bsc#1051510).
- ALSA: aloop: Mark paused device as inactive (bsc#1051510).
- ALSA: asihpi: Hardening for potential Spectre v1 (bsc#1051510).
- ALSA: caiaq: Add yet more sanity checks for invalid EPs (bsc#1051510).
- ALSA: control: Hardening for potential Spectre v1 (bsc#1051510).
- ALSA: control: fix a redundant-copy issue (bsc#1051510).
- ALSA: core: Report audio_tstamp in snd_pcm_sync_ptr (bsc#1051510).
- ALSA: dice: fix OUI for TC group (bsc#1051510).
- ALSA: dice: fix error path to destroy initialized stream data (bsc#1051510).
- ALSA: dice: fix kernel NULL pointer dereference due to invalid calculation for array index (bsc#1051510).
- ALSA: emu10k1: Fix kABI breakage (bsc#1093027).
- ALSA: emu10k1: add a IOMMU workaround (bsc#1093027).
- ALSA: emu10k1: add optional debug printouts with DMA addresses (bsc#1093027).
- ALSA: emu10k1: make sure synth DMA pages are allocated with DMA functions (bsc#1093027).
- ALSA: emu10k1: remove reserved_page (bsc#1093027).
- ALSA: emu10k1: use dma_set_mask_and_coherent() (bsc#1093027).
- ALSA: hda - Fix incorrect usage of IS_REACHABLE() (bsc#1051510).
- ALSA: hda - Handle kzalloc() failure in snd_hda_attach_pcm_stream() (bsc#1051510).
- ALSA: hda - New VIA controller suppor no-snoop path (bsc#1051510).
- ALSA: hda - Skip jack and others for non-existing PCM streams (bsc#1051510).
- ALSA: hda/ca0132 - use ARRAY_SIZE (bsc#1051510).
- ALSA: hda/ca0132: Add DSP Volume set and New mixers for SBZ + R3Di (bsc#1096696).
- ALSA: hda/ca0132: Add PCI region2 iomap for SBZ (bsc#1096696).
- ALSA: hda/ca0132: Add dsp setup + gpio functions for r3di (bsc#1096696).
- ALSA: hda/ca0132: Add extra exit functions for R3Di and SBZ (bsc#1096696).
- ALSA: hda/ca0132: Add new control changes for SBZ + R3Di (bsc#1096696).
- ALSA: hda/ca0132: Add pincfg for SBZ + R3Di, add fp hp auto-detect (bsc#1096696).
- ALSA: hda/ca0132: Delete pointless assignments to struct auto_pin_cfg fields (bsc#1051510).
- ALSA: hda/ca0132: Delete redundant UNSOL event requests (bsc#1051510).
- ALSA: hda/ca0132: Do not test for QUIRK_NONE (bsc#1051510).
- ALSA: hda/ca0132: Fix DMic data rate for Alienware M17x R4 (bsc#1051510).
- ALSA: hda/ca0132: R3Di and SBZ quirk entires + alt firmware loading (bsc#1096696).
- ALSA: hda/ca0132: Restore PCM Analog Mic-In2 (bsc#1051510).
- ALSA: hda/ca0132: Restore behavior of QUIRK_ALIENWARE (bsc#1051510).
- ALSA: hda/ca0132: add alt_select_in/out for R3Di + SBZ (bsc#1096696).
- ALSA: hda/ca0132: add ca0132_alt_set_vipsource (bsc#1096696).
- ALSA: hda/ca0132: add dsp setup related commands for the sbz (bsc#1096696).
- ALSA: hda/ca0132: add extra init functions for r3di + sbz (bsc#1096696).
- ALSA: hda/ca0132: add the ability to set src_id on scp commands (bsc#1096696).
- ALSA: hda/ca0132: constify parameter table for effects (bsc#1096696).
- ALSA: hda/ca0132: constify read-only members of string array (bsc#1096696).
- ALSA: hda/ca0132: constify templates for control element set (bsc#1096696).
- ALSA: hda/ca0132: fix array_size.cocci warnings (bsc#1096696).
- ALSA: hda/ca0132: fix build failure when a local macro is defined (bsc#1051510).
- ALSA: hda/ca0132: make array ca0132_alt_chmaps static (bsc#1051510).
- ALSA: hda/ca0132: merge strings just for printk (bsc#1096696).
- ALSA: hda/ca0132: update core functions for sbz + r3di (bsc#1096696).
- ALSA: hda/conexant - Add fixup for HP Z2 G4 workstation (bsc#1092975).
- ALSA: hda/conexant - Add hp-mic-fix model string (bsc#1092975).
- ALSA: hda/realtek - Add a quirk for FSC ESPRIMO U9210 (bsc#1051510).
- ALSA: hda/realtek - Add shutup hint (bsc#1051510).
- ALSA: hda/realtek - Add some fixes for ALC233 (bsc#1051510).
- ALSA: hda/realtek - Clevo P950ER ALC1220 Fixup (bsc#1051510).
- ALSA: hda/realtek - Enable mic-mute hotkey for several Lenovo AIOs (bsc#1051510).
- ALSA: hda/realtek - Fix pop noise on Lenovo P50 and co (bsc#1051510).
- ALSA: hda/realtek - Fix the problem of two front mics on more machines (bsc#1051510).
- ALSA: hda/realtek - Fixup for HP x360 laptops with BandO speakers (bsc#1096705).
- ALSA: hda/realtek - Fixup mute led on HP Spectre x360 (bsc#1096705).
- ALSA: hda/realtek - Refactor alc269_fixup_hp_mute_led_mic*() (bsc#1096705).
- ALSA: hda/realtek - Update ALC255 depop optimize (bsc#1051510).
- ALSA: hda/realtek - adjust the location of one mic (bsc#1051510).
- ALSA: hda/realtek - change the location for one of two front mics (bsc#1051510).
- ALSA: hda/realtek - set PINCFG_HEADSET_MIC to parse_flags (bsc#1051510).
- ALSA: hda: Add ASRock H81M-HDS to the power_save blacklist (bsc#1051510).
- ALSA: hda: Add Clevo W35xSS_370SS to the power_save blacklist (bsc#1051510).
- ALSA: hda: Add Gigabyte P55A-UD3 and Z87-D3HP to the power_save blacklist (bsc#1051510).
- ALSA: hda: Add Icelake PCI ID (bsc#1051510).
- ALSA: hda: Add Intel NUC5i7RY to the power_save blacklist (bsc#1051510).
- ALSA: hda: Add Intel NUC7i3BNB to the power_save blacklist (bsc#1051510).
- ALSA: hda: Add Lenovo C50 All in one to the power_save blacklist (bsc#1051510).
- ALSA: hda: Hardening for potential Spectre v1 (bsc#1051510).
- ALSA: hda: add dock and led support for HP EliteBook 830 G5 (bsc#1051510).
- ALSA: hda: add dock and led support for HP ProBook 640 G4 (bsc#1051510).
- ALSA: hdspm: Hardening for potential Spectre v1 (bsc#1051510).
- ALSA: hiface: Add sanity checks for invalid EPs (bsc#1051510).
- ALSA: line6: Add yet more sanity checks for invalid EPs (bsc#1051510).
- ALSA: line6: Use correct endpoint type for midi output (bsc#1051510).
- ALSA: line6: add support for POD HD DESKTOP (bsc#1051510).
- ALSA: line6: add support for POD HD500X (bsc#1051510).
- ALSA: line6: remove unnecessary initialization to PODHD500X (bsc#1051510).
- ALSA: opl3: Hardening for potential Spectre v1 (bsc#1051510).
- ALSA: pcm: Avoid potential races between OSS ioctls and read/write (bsc#1051510).
- ALSA: pcm: Check PCM state at xfern compat ioctl (bsc#1051510).
- ALSA: pcm: Fix UAF at PCM release via PCM timer access (bsc#1051510).
- ALSA: pcm: Fix endless loop for XRUN recovery in OSS emulation (bsc#1051510).
- ALSA: pcm: Fix mutex unbalance in OSS emulation ioctls (bsc#1051510).
- ALSA: pcm: Return -EBUSY for OSS ioctls changing busy streams (bsc#1051510).
- ALSA: pcm: potential uninitialized return values (bsc#1051510).
- ALSA: rawmidi: Fix missing input substream checks in compat ioctls (bsc#1051510).
- ALSA: rme9652: Hardening for potential Spectre v1 (bsc#1051510).
- ALSA: seq: Fix UBSAN warning at SNDRV_SEQ_IOCTL_QUERY_NEXT_CLIENT ioctl (bsc#1051510).
- ALSA: seq: Fix races at MIDI encoding in snd_virmidi_output_trigger() (bsc#1051510).
- ALSA: seq: oss: Fix unbalanced use lock for synth MIDI device (bsc#1051510).
- ALSA: seq: oss: Hardening for potential Spectre v1 (bsc#1051510).
- ALSA: timer: Fix UBSAN warning at SNDRV_TIMER_IOCTL_NEXT_DEVICE ioctl (bsc#1051510).
- ALSA: timer: Fix pause event notification (bsc#1051510).
- ALSA: usb-audio: Add 'Keep Interface' control (bsc#1089467).
- ALSA: usb-audio: Add a quirk for Nura's first gen headset (bsc#1051510).
- ALSA: usb-audio: Add keep_iface flag (bsc#1089467).
- ALSA: usb-audio: Add native DSD support for Luxman DA-06 (bsc#1051510).
- ALSA: usb-audio: Add native DSD support for Mytek DACs (bsc#1051510).
- ALSA: usb-audio: Add native DSD support for TEAC UD-301 (bsc#1051510).
- ALSA: usb-audio: Add sample rate quirk for Plantronics C310/C520-M (bsc#1051510).
- ALSA: usb-audio: Add sample rate quirk for Plantronics P610 (bsc#1051510).
- ALSA: usb-audio: Add sanity checks for invalid EPs (bsc#1051510).
- ALSA: usb-audio: Allow to override the longname string (bsc#1091678).
- ALSA: usb-audio: Apply vendor ID matching for sample rate quirk (bsc#1051510).
- ALSA: usb-audio: Avoid superfluous usb_set_interface() calls (bsc#1089467).
- ALSA: usb-audio: Change the semantics of the enable option (bsc#1051510).
- ALSA: usb-audio: Disable the quirk for Nura headset (bsc#1051510).
- ALSA: usb-audio: FIX native DSD support for TEAC UD-501 DAC (bsc#1051510).
- ALSA: usb-audio: Generic DSD detection for XMOS-based implementations (bsc#1051510).
- ALSA: usb-audio: Give proper vendor/product name for Dell WD15 Dock (bsc#1091678).
- ALSA: usb-audio: Initialize Dell Dock playback volumes (bsc#1089467).
- ALSA: usb-audio: Integrate native DSD support for ITF-USB based DACs (bsc#1051510).
- ALSA: usb-audio: Remove explicitly listed Mytek devices (bsc#1051510).
- ALSA: usb-audio: Skip broken EU on Dell dock USB-audio (bsc#1090658).
- ALSA: usb-audio: Support changing input on Sound Blaster E1 (bsc#1051510).
- ALSA: usb-audio: add boot quirk for Axe-Fx III (bsc#1051510).
- ALSA: usb-audio: add more quirks for DSD interfaces (bsc#1051510).
- ALSA: usb-audio: simplify set_sync_ep_implicit_fb_quirk (bsc#1051510).
- ALSA: usb: mixer: volume quirk for CM102-A+/102S+ (bsc#1051510).
- ALSA: usx2y: Add sanity checks for invalid EPs (bsc#1051510).
- ALSA: usx2y: Fix invalid stream URBs (bsc#1051510).
- ALSA: vmaster: Propagate slave error (bsc#1051510).
- ASoC: Intel: Skylake: Disable clock gating during firmware and library download (bsc#1051510).
- ASoC: Intel: cht_bsw_rt5645: Analog Mic support (bsc#1051510).
- ASoC: Intel: sst: remove redundant variable dma_dev_name (bsc#1051510).
- ASoC: adau17x1: Handling of DSP_RUN register during fw setup (bsc#1051510).
- ASoC: cirrus: i2s: Fix LRCLK configuration (bsc#1051510).
- ASoC: cirrus: i2s: Fix {TX|RX}LinCtrlData setup (bsc#1051510).
- ASoC: cs35l35: Add use_single_rw to regmap config (bsc#1051510).
- ASoC: dapm: delete dapm_kcontrol_data paths list before freeing it (bsc#1051510).
- ASoC: fsl_esai: Fix divisor calculation failure at lower ratio (bsc#1051510).
- ASoC: hdmi-codec: Fix module unloading caused kernel crash (bsc#1051510).
- ASoC: hdmi-codec: fix spelling mistake: 'deteced' -> 'detected' (bsc#1051510).
- ASoC: hdmi-codec: remove multi detection support (bsc#1051510).
- ASoC: omap: Remove OMAP_MUX dependency from Nokia N810 audio support (bsc#1051510).
- ASoC: rockchip: Fix dai_name for HDMI codec (bsc#1051510).
- ASoC: rockchip: rk3288-hdmi-analog: Select needed codecs (bsc#1051510).
- ASoC: rsnd: mark PM functions __maybe_unused (bsc#1051510).
- ASoC: rt5514: Add the missing register in the readable table (bsc#1051510).
- ASoC: samsung: i2s: Ensure the RCLK rate is properly determined (bsc#1051510).
- ASoC: samsung: odroid: Drop requirement of clocks in the sound node (bsc#1051510).
- ASoC: samsung: odroid: Fix 32000 sample rate handling (bsc#1051510).
- ASoC: samsung: odroid: Fix EPLL frequency values (bsc#1051510).
- ASoC: ssm2602: Replace reg_default_raw with reg_default (bsc#1051510).
- ASoC: topology: Check widget kcontrols before deref (bsc#1051510).
- ASoC: topology: Check widget kcontrols before deref (bsc#1051510).
- ASoC: topology: Fix bugs of freeing soc topology (bsc#1051510).
- ASoC: topology: Fix kcontrol name string handling (bsc#1051510).
- ASoC: topology: create TLV data for dapm widgets (bsc#1051510).
- ASoC: topology: fix some tiny memory leaks (bsc#1051510).
- Bluetooth: Add a new 04ca:3015 QCA_ROME device (bsc#1051510).
- Bluetooth: Apply QCA Rome patches for some ATH3012 models (bsc#1082504).
- Bluetooth: Fix missing encryption refresh on Security Request (bsc#1051510).
- Bluetooth: Set HCI_QUIRK_SIMULTANEOUS_DISCOVERY for BTUSB_QCA_ROME (bsc#1051510).
- Bluetooth: btrtl: Fix a error code in rtl_load_config() (bsc#1051510).
- Bluetooth: btusb: Add Dell XPS 13 9360 to btusb_needs_reset_resume_table (bsc#1051510).
- Bluetooth: btusb: Add USB ID 7392:a611 for Edimax EW-7611ULB (bsc#1051510).
- Bluetooth: btusb: Add device ID for RTL8822BE (bsc#1051510).
- Bluetooth: btusb: Only check needs_reset_resume DMI table for QCA rome chipsets (bsc#1051510).
- Bluetooth: btusb: add ID for LiteOn 04ca:3016 (bsc#1051510).
- Bluetooth: hci_bcm: Add 6 new ACPI HIDs (bsc#1051510).
- Bluetooth: hci_bcm: Add active_low irq polarity quirk for Asus T100CHI (bsc#1051510).
- Bluetooth: hci_bcm: Add support for BCM2E72 (bsc#1051510).
- Bluetooth: hci_bcm: Add support for MINIX Z83-4 based devices (bsc#1051510).
- Bluetooth: hci_bcm: Fix setting of irq trigger type (bsc#1051510).
- Bluetooth: hci_bcm: Handle empty packet after firmware loading (bsc#1051510).
- Bluetooth: hci_bcm: Make bcm_request_irq fail if no IRQ resource (bsc#1051510).
- Bluetooth: hci_bcm: Remove DMI quirk for the MINIX Z83-4 (bsc#1051510).
- Bluetooth: hci_bcm: Treat Interrupt ACPI resources as always being active-low (bsc#1051510).
- Bluetooth: hci_qca: Avoid missing rampatch failure with userspace fw loader (bsc#1051510).
- Btrfs: fix copy_items() return value when logging an inode (bsc#1097105).
- Btrfs: fix xattr loss after power failure (bsc#1097105).
- Btrfs: use btrfs_op instead of bio_op in __btrfs_map_block (bsc#1099918).
- Correct bug reference in the patch (bnc#1095155)
- Delete patches.arch/powerpc64-ftrace-Use-the-generic-version-of-ftrace_r.patch (bsc#1088804).
- Downgrade printk level for MMC SDHCI host version error (bsc#1097941).
- Fix kABI breakage due to acpi_ec gpe field change (bsc#1051510).
- Fix kABI breakage due to snd_usb_audio_quirk profile_name addition (bsc#1091678).
- Fix kABI breakage due to sound/timer.h inclusion (bsc#1051510).
- Fix kABI breakage for iwl_fw_runtime_ops change (bsc#1051510).
- Fix kABI breakage for iwlwifi (bsc#1051510).
- Fix kABI breakage of iio_buffer (bsc#1051510).
- Fix kABI incompatibility by snd_pcm_oss_runtime.rw_ref addition (bsc#1051510).
- Fix the build error in adau17x1 soc driver (bsc#1051510)
- Fix the build of da9063_wdt module (bsc#1100843) Backport the missing prerequisite commit, move the previous fixes into the sorted section and refresh.
- GFS2: Take inode off order_write list when setting jdata flag (bsc#1052766).
- HID: add backlight level quirk for Asus ROG laptops (bsc#1101324).
- HID: cp2112: fix broken gpio_direction_input callback (bsc#1051510).
- HID: debug: check length before copy_to_user() (bsc#1051510).
- HID: hiddev: fix potential Spectre v1 (bsc#1051510).
- HID: hidraw: Fix crash on HIDIOCGFEATURE with a destroyed device (bsc#1051510).
- HID: i2c-hid: Fix 'incomplete report' noise (bsc#1051510).
- HID: i2c-hid: fix size check and type usage (bsc#1051510).
- HID: intel-ish-hid: Enable Gemini Lake ish driver (bsc#1073765,).
- HID: intel-ish-hid: use put_device() instead of kfree() (bsc#1051510).
- HID: intel_ish-hid: ipc: register more pm callbacks to support hibernation (bsc#1051510).
- HID: lenovo: Add support for IBM/Lenovo Scrollpoint mice (bsc#1051510).
- HID: roccat: prevent an out of bounds read in kovaplus_profile_activated() (bsc#1051510).
- HID: wacom: Add support for One by Wacom (CTL-472 / CTL-672) (bsc#1100633).
- HID: wacom: Correct logical maximum Y for 2nd-gen Intuos Pro large (bsc#1051510).
- HID: wacom: Correct touch maximum XY of 2nd-gen Intuos (bsc#1051510).
- HID: wacom: EKR: ensure devres groups at higher indexes are released (bsc#1051510).
- HID: wacom: Fix reporting of touch toggle (WACOM_HID_WD_MUTE_DEVICE) events (bsc#1051510).
- HID: wacom: Release device resource data obtained by devres_alloc() (bsc#1051510).
- HID: wacom: bluetooth: send exit report for recent Bluetooth devices (bsc#1051510).
- IB/Hfi1: Read CCE Revision register to verify the device is responsive (bsc#1096793).
- IB/core: Generate GID change event regardless of RoCE GID table property (bsc#1046306).
- IB/core: Refer to RoCE port property instead of GID table property (bsc#1046306).
- IB/cq: Do not force IB_POLL_DIRECT poll context for ib_process_cq_direct (bsc#1046306).
- IB/hfi1 Use correct type for num_user_context (bsc#1096793).
- IB/hfi1: Add a safe wrapper for _rcd_get_by_index (bsc#1096793).
- IB/hfi1: Add tx_opcode_stats like the opcode_stats (bsc#1096793).
- IB/hfi1: Complete check for locally terminated smp (bsc#1096793).
- IB/hfi1: Compute BTH only for RDMA_WRITE_LAST/SEND_LAST packet (bsc#1096793).
- IB/hfi1: Convert PortXmitWait/PortVLXmitWait counters to flit times (bsc#1096793).
- IB/hfi1: Create common functions for affinity CPU mask operations (bsc#1096793).
- IB/hfi1: Do not allocate PIO send contexts for VNIC (bsc#1096793).
- IB/hfi1: Do not modify num_user_contexts module parameter (bsc#1096793).
- IB/hfi1: Do not override given pcie_pset value (bsc#1096793).
- IB/hfi1: Ensure VL index is within bounds (bsc#1096793).
- IB/hfi1: Fix NULL pointer dereference when invalid num_vls is used (bsc#1060463).
- IB/hfi1: Fix a wrapping test to insure the correct timeout (bsc#1096793).
- IB/hfi1: Fix for early release of sdma context (bsc#1096793).
- IB/hfi1: Fix handling of FECN marked multicast packet (bsc#1060463).
- IB/hfi1: Fix loss of BECN with AHG (bsc#1096793).
- IB/hfi1: Fix memory leak in exception path in get_irq_affinity() (bsc#1096793).
- IB/hfi1: Fix serdes loopback set-up (bsc#1096793).
- IB/hfi1: Handle initial value of 0 for CCTI setting (bsc#1096793).
- IB/hfi1: Inline common calculation (bsc#1096793).
- IB/hfi1: Insure int mask for in-kernel receive contexts is clear (bsc#1096793).
- IB/hfi1: Look up ibport using a pointer in receive path (bsc#1096793).
- IB/hfi1: Optimize kthread pointer locking when queuing CQ entries (bsc#1096793).
- IB/hfi1: Optimize packet type comparison using 9B and bypass code paths (bsc#1096793).
- IB/hfi1: Prevent LNI hang when LCB can't obtain lanes (bsc#1096793).
- IB/hfi1: Prohibit invalid Init to Armed state transition (bsc#1096793).
- IB/hfi1: Race condition between user notification and driver state (bsc#1096793).
- IB/hfi1: Re-order IRQ cleanup to address driver cleanup race (bsc#1060463).
- IB/hfi1: Refactor assign_ctxt() IOCTL (bsc#1096793).
- IB/hfi1: Refactor get_base_info (bsc#1096793).
- IB/hfi1: Refactor get_ctxt_info (bsc#1096793).
- IB/hfi1: Refactor get_user() IOCTLs (bsc#1096793).
- IB/hfi1: Refactor hfi_user_exp_rcv_clear() IOCTLs (bsc#1096793).
- IB/hfi1: Refactor hfi_user_exp_rcv_invalid() IOCTLs (bsc#1096793).
- IB/hfi1: Refactor hfi_user_exp_rcv_setup() IOCTL (bsc#1096793).
- IB/hfi1: Remove unused hfi1_cpulist variables (bsc#1096793).
- IB/hfi1: Reorder incorrect send context disable (bsc#1096793).
- IB/hfi1: Return correct value for device state (bsc#1096793).
- IB/hfi1: Send 'reboot' as planned down remote reason (bsc#1096793).
- IB/hfi1: Set port number for errorinfo MAD response (bsc#1096793).
- IB/hfi1: Show fault stats in both TX and RX directions (bsc#1096793).
- IB/hfi1: Update HFI to use the latest PCI API (bsc#1096793).
- IB/hfi1: Use after free race condition in send context error path (bsc#1096793).
- IB/hfi1: Validate PKEY for incoming GSI MAD packets (bsc#1096793).
- IB/ipoib: Avoid memory leak if the SA returns a different DGID (bsc#1046307).
- IB/ipoib: Change number of TX wqe to 64 (bsc#1096793).
- IB/ipoib: Fix for notify send CQ failure messages (bsc#1096793).
- IB/ipoib: Fix for potential no-carrier state (bsc#1046307).
- IB/ipoib: Get rid of the tx_outstanding variable in all modes (bsc#1096793).
- IB/ipoib: Use NAPI in UD/TX flows (bsc#1096793).
- IB/mlx4: Fix integer overflow when calculating optimal MTT size (bsc#1071218).
- IB/mlx4: Move mlx4_uverbs_ex_query_device_resp to include/uapi/ (bsc#1071218).
- IB/mlx5: Enable ECN capable bits for UD RoCE v2 QPs (bsc#1046305).
- IB/mlx5: Respect new UMR capabilities (bsc#1093205).
- IB/mlx5: Set the default active rate and width to QDR and 4X (bsc#1046305).
- IB/mlx5: Use unlimited rate when static rate is not supported (bsc#1046305).
- IB/mlx5:: pr_err() and mlx5_ib_dbg() strings should end with newlines (bsc#1093205).
- IB/rdmavt: Add trace for RNRNAK timer (bsc#1096793).
- IB/rdmavt: Allocate CQ memory on the correct node (bsc#1058717).
- IB/rdmavt: No need to cancel RNRNAK retry timer when it is running (bsc#1096793).
- IB/rdmavt: Use correct numa node for SRQ allocation (bsc#1096793).
- IB/srp: Fix completion vector assignment algorithm (bsc#1046306).
- IB/srp: Fix srp_abort() (bsc#1046306).
- IB/srpt: Fix an out-of-bounds stack access in srpt_zerolength_write() (bsc#1046306).
- IB/uverbs: Fix validating mandatory attributes (bsc#1046306).
- IB/{hfi1, qib}: Add handling of kernel restart (bsc#1096793).
- IB/{hfi1, rdmavt}: Fix memory leak in hfi1_alloc_devdata() upon failure (bsc#1096793).
- IB/{rdmavt,hfi1}: Change hrtimer add to use pinned version (bsc#1096793).
- Input: ALPS - fix TrackStick detection on Thinkpad L570 and Latitude 7370 (bsc#1051510).
- Input: atmel_mxt_ts - add touchpad button mapping for Samsung Chromebook Pro (bsc#1051510).
- Input: atmel_mxt_ts - fix the firmware update (bsc#1051510).
- Input: elan_i2c - add ELAN0612 (Lenovo v330 14IKB) ACPI ID (bsc#1051510).
- Input: elan_i2c - add ELAN0618 (Lenovo v330 15IKB) ACPI ID (bsc#1051510).
- Input: elan_i2c_smbus - fix corrupted stack (bsc#1051510).
- Input: elan_i2c_smbus - fix more potential stack buffer overflows (bsc#1051510).
- Input: elantech - enable middle button of touchpads on ThinkPad P52 (bsc#1051510).
- Input: elantech - fix V4 report decoding for module with middle key (bsc#1051510).
- Input: goodix - add new ACPI id for GPD Win 2 touch screen (bsc#1051510).
- Input: goodix - disable IRQs while suspended (bsc#1051510).
- Input: i8042 - add Lenovo ThinkPad L460 to i8042 reset list (bsc#1051510).
- Input: i8042 - enable MUX on Sony VAIO VGN-CS series to fix touchpad (bsc#1051510).
- Input: leds - fix out of bound access (bsc#1051510).
- Input: synaptics - Lenovo Carbon X1 Gen5 (2017) devices should use RMI (bsc#1051510).
- Input: synaptics - Lenovo Thinkpad X1 Carbon G5 (2017) with Elantech trackpoints should use RMI (bsc#1051510).
- Input: synaptics - add Intertouch support on X1 Carbon 6th and X280 (bsc#1051510).
- Input: synaptics - add Lenovo 80 series ids to SMBus (bsc#1051510).
- Input: synaptics - reset the ABS_X/Y fuzz after initializing MT axes (bsc#1051510).
- Input: synaptics-rmi4 - fix an unchecked out of memory error path (bsc#1051510).
- Input: synaptics: Add intertouch blacklist for Thinkpad Helix (bsc#1090457).
- Input: xpad - add GPD Win 2 Controller USB IDs (bsc#1051510).
- Input: xpad - fix GPD Win 2 controller name (bsc#1051510).
- Input: xpad - sync supported devices with 360Controller (bsc#1051510).
- Input: xpad - sync supported devices with XBCD (bsc#1051510).
- KABI protect struct nd_region ().
- KABI: hide ftrace_enabled in paca (bsc#1088804).
- KEYS: DNS: limit the length of option strings (networking-stable-18_04_26).
- KEYS: Use individual pages in big_key for crypto buffers (bsc#1051510).
- KVM: MMU: consider host cache mode in MMIO page check (bsc#1087213).
- KVM: PPC: Book3S HV: Fix ppc_breakpoint_available compile error (bsc#1061840).
- KVM: PPC: Book3S HV: Handle migration with POWER9 disabled DAWR (bsc#1061840).
- KVM: PPC: Book3S HV: Return error from h_set_dabr() on POWER9 (bsc#1061840).
- KVM: PPC: Book3S HV: Return error from h_set_mode(SET_DAWR) on POWER9 (bsc#1061840).
- KVM: PPC: Book3S HV: trace_tlbie must not be called in realmode (bsc#1061840).
- MD: Free bioset when md_run fails (bsc#1093023).
- Move upstreamed ideapad-laptop patch to sorted section (bsc#1093035)
- NET: usb: qmi_wwan: add support for ublox R410M PID 0x90b2 (bsc#1090888).
- NFC: fix device-allocation error return (bsc#1051510).
- NFC: llcp: Limit size of SDP URI (bsc#1051510).
- NFC: pn533: do not send USB data off of the stack (bsc#1051510).
- NFS: Revert 'NFS: Move the flock open mode check into nfs_flock()' (bsc#1098983).
- NFSv4: Revert commit 5f83d86cf531d ('NFSv4.x: Fix wraparound issues..') (git-fixes).
- PCI/ASPM: Add L1 Substates definitions (bsc#1051510).
- PCI/ASPM: Calculate LTR_L1.2_THRESHOLD from device characteristics (bsc#1051510).
- PCI/DPC: Do not enable DPC if AER control is not allowed by the BIOS (bsc#1093184).
- PCI/PME: Handle invalid data when reading Root Status (bsc#1051510).
- PCI: Add ACS quirk for Intel 300 series (bsc#1051510).
- PCI: Add ACS quirk for Intel 7th and 8th Gen mobile (bsc#1051510).
- PCI: Add function 1 DMA alias quirk for Highpoint RocketRAID 644L (bsc#1051510).
- PCI: Add function 1 DMA alias quirk for Marvell 88SE9220 (bsc#1051510).
- PCI: Add function 1 DMA alias quirk for Marvell 9128 (bsc#1051510).
- PCI: Create SR-IOV virtfn/physfn links before attaching driver (bsc#1051510).
- PCI: Detach driver before procfs and sysfs teardown on device remove (bsc#1051510).
- PCI: Mark Broadcom HT1100 and HT2000 Root Port Extended Tags as broken (bsc#1051510).
- PCI: Remove messages about reassigning resources (bsc#1051510).
- PCI: Restore config space on runtime resume despite being unbound (bsc#1051510).
- PCI: aardvark: Fix PCIe Max Read Request Size setting (bsc#1051510).
- PCI: aardvark: Fix logic in advk_pcie_{rd,wr}_conf() (bsc#1051510).
- PCI: aardvark: Set PIO_ADDR_LS correctly in advk_pcie_rd_conf() (bsc#1051510).
- PCI: aardvark: Use ISR1 instead of ISR0 interrupt in legacy irq mode (bsc#1051510).
- PCI: designware-ep: Fix find_first_zero_bit() usage (bsc#1051510).
- PCI: hv: Fix a __local_bh_enable_ip warning in hv_compose_msi_msg() (bnc#1094541).
- PCI: pciehp: Clear Presence Detect and Data Link Layer Status Changed on resume (bsc#1051510).
- PCI: shpchp: Enable bridge bus mastering if MSI is enabled (bsc#1051510).
- PM / OPP: Add missing of_node_put(np) (bsc#1051510).
- PM / OPP: Call notifier without holding opp_table->lock (bsc#1051510).
- PM / OPP: Move error message to debug level (bsc#1051510).
- PM / devfreq: Fix potential NULL pointer dereference in governor_store (bsc#1051510).
- PM / s2idle: Clear the events_check_enabled flag (bsc#1051510).
- PM / wakeirq: Fix unbalanced IRQ enable for wakeirq (bsc#1051510).
- PM: docs: Drop an excess character from devices.rst (bsc#1051510).
- Pass x86 as architecture on x86_64 and i386 (bsc#1093118).
- Preliminary series sort
- RDMA/bnxt_re: Fix broken RoCE driver due to recent L2 driver changes (bsc#1086283).
- RDMA/bnxt_re: Remove redundant bnxt_qplib_disable_nq() call (bsc#1086283).
- RDMA/core: Avoid that ib_drain_qp() triggers an out-of-bounds stack access (bsc#1046306).
- RDMA/core: Reduce poll batch for direct cq polling (bsc#1046306).
- RDMA/i40iw: Avoid panic when reading back the IRQ affinity hint (bsc#1084001).
- RDMA/mlx4: Fix uABI structure layouts for 32/64 compat (bsc#1071218).
- RDMA/mlx5: Fix crash while accessing garbage pointer and freed memory (bsc#1046305).
- RDMA/mlx5: Protect from NULL pointer derefence (bsc#1046305).
- RDMA/ocrdma: Fix permissions for OCRDMA_RESET_STATS (bsc#1058513).
- RDMA/rxe: Fix an out-of-bounds read (bsc#1050662).
- RDMA/ucma: Allow resolving address w/o specifying source address (bsc#1046306).
- RDMA/ucma: Introduce safer rdma_addr_size() variants (bsc#1046306).
- RDMAVT: Fix synchronization around percpu_ref (bsc#1058717).
- RDS: Check cmsg_len before dereferencing CMSG_DATA (networking-stable-17_12_31).
- README.BRANCH: add Takashi as co-maintainer
- Re-sort some patches to match SLE15
- Refresh patches.suse/btrfs-use-kvzalloc-to-allocate-btrfs_fs_info.patch - Fixed References (bsc#1062897).
- Remove the old fallback for iTCO/WDAT conflict (bsc#1073960) Now the upstream fix is included, so let's rip off the old trickery.
- Revert 'Bluetooth: btusb: Fix quirk for Atheros 1525/QCA6174' (bsc#1051510).
- Revert 'Remove patces for bug 1087405 due to regression' This reverts commit f91a2ea5192d9e933c41600da5d1543155df381c.
- Revert 'ath10k: send (re)assoc peer command when NSS changed' (bsc#1051510).
- Revert 'drm/i915/edp: Allow alternate fixed mode for eDP if available.' (bsc#1093604).
- Revert 'kernel-binary: do not package extract-cert when not signing modules' This reverts commit 10a8bc496a553b8069d490a8ae7508bdb19f58d9.
- Revert 'rt2800: use TXOP_BACKOFF for probe frames' (bsc#1051510).
- Revert 'scsi: core: return BLK_STS_OK for DID_OK in __scsi_error_from_host_byte()' (bsc#1099918).
- Sort series.conf
- USB: Accept bulk endpoints with 1024-byte maxpacket (bsc#1092888).
- USB: serial: pl2303: new device id for Chilitag (bsc#1087092).
- USB: serial: simple: add Motorola Tetra driver (bsc#1087092).
- USB:fix USB3 devices behind USB3 hubs not resuming at hibernate thaw (bsc#1090888).
- Update patches.fixes/vti-fix-use-after-free-in-vti_tunnel_xmit-vti6_tnl_x.patch (bsc#1076830 networking-stable-17_10_09).
- Update patches.suse/ceph-quota-add-counter-for-snaprealms-with-quota.patch (bsc#1089115).
- Update patches.suse/ceph-quota-add-initial-infrastructure-to-support-cephfs-quotas.patch (bsc#1089115).
- Update patches.suse/ceph-quota-cache-inode-pointer-in-ceph_snap_realm.patch (bsc#1089115).
- Update patches.suse/ceph-quota-don-t-allow-cross-quota-renames.patch (bsc#1089115).
- Update patches.suse/ceph-quota-support-for-ceph-quota-max_bytes.patch (bsc#1089115).
- Update patches.suse/ceph-quota-support-for-ceph-quota-max_files.patch (bsc#1089115).
- Update patches.suse/ceph-quota-update-mds-when-max_bytes-is-approaching.patch (bsc#1089115).
- Update for above change patches.drivers/0003-md-cluster-Suspend-writes-in-RAID10-if-within-range.patch (bsc#1093023).
- Update patches.suse/ceph-don-t-check-quota-for-snap-inode.patch (bsc#1089115).
- Update patches.suse/ceph-fix-root-quota-realm-check.patch (bsc#1089115).
- X.509: fix BUG_ON() when hash algorithm is unsupported (bsc#1051510).
- X.509: fix NULL dereference when restricting key with unsupported_sig (bsc#1051510).
- X.509: fix comparisons of ->pkey_algo (bsc#1051510).
- X.509: reject invalid BIT STRING for subjectPublicKey (bsc#1051510).
- acpi, nfit: quiet invalid block-aperture-region warnings (bsc#1091781).
- acpi, nfit: rework NVDIMM leaf method detection (bsc#1091782).
- acpi: Add helper for deactivating memory region (bsc#1100132).
- acpi: nfit: Add support for detect platform CPU cache flush on power loss (bsc#1091424).
- acpi: nfit: add persistent memory control flag for nd_region (bsc#1091424).
- adding missing rcu_read_unlock in ipxip6_rcv (networking-stable-17_12_31).
- af_netlink: ensure that NLMSG_DONE never fails in dumps (networking-stable-17_11_20).
- afs: Connect up the CB.ProbeUuid (bsc#1052766).
- afs: Fix missing error handling in afs_write_end() (bsc#1052766).
- amd-xgbe: Add pre/post auto-negotiation phy hooks (networking-stable-18_04_26).
- amd-xgbe: Improve KR auto-negotiation and training (networking-stable-18_04_26).
- amd-xgbe: Only use the SFP supported transceiver signals (networking-stable-18_04_26).
- amd-xgbe: Restore PCI interrupt enablement setting on resume (networking-stable-18_03_07).
- apparmor: fix dangling symlinks to policy rawdata after replacement (bsc#1095893).
- apparmor: fix display of .ns_name for containers (bsc#1095893).
- apparmor: fix logging of the existence test for signals (bsc#1095893).
- apparmor: fix memory leak on buffer on error exit path (bsc#1095893).
- arch/*: Kconfig: fix documentation for NMI watchdog (bsc#1099918).
- arm/arm64: smccc: Add SMCCC-specific return codes (bsc#1085308).
- arm64: Add 'ssbd' command-line option (bsc#1085308).
- arm64: Add ARCH_WORKAROUND_2 probing (bsc#1085308).
- arm64: Add per-cpu infrastructure to call ARCH_WORKAROUND_2 (bsc#1085308).
- arm64: Call ARCH_WORKAROUND_2 on transitions between EL0 and EL1 (bsc#1085308).
- arm64: alternatives: Add dynamic patching feature (bsc#1085308).
- arm64: fix endianness annotation for __apply_alternatives()/get_alt_insn() (bsc#1085308).
- arm64: ssbd: Add global mitigation state accessor (bsc#1085308).
- arm64: ssbd: Add prctl interface for per-thread mitigation (bsc#1085308).
- arm64: ssbd: Introduce thread flag to control userspace mitigation (bsc#1085308).
- arm64: ssbd: Restore mitigation status on CPU resume (bsc#1085308).
- arm64: ssbd: Skip apply_ssbd if not using dynamic mitigation (bsc#1085308).
- arp: fix arp_filter on l3slave devices (networking-stable-18_04_10).
- ath10k: Fix kernel panic while using worker (ath10k_sta_rc_update_wk) (bsc#1051510).
- ath10k: correct target assert problem due to CE5 stuck (bsc#1051510).
- ath10k: search all IEs for variant before falling back (bsc#1051510).
- ath9k: fix crash in spectral scan (bsc#1051510).
- auxdisplay: fix broken menu (bsc#1051510).
- auxdisplay: img-ascii-lcd: Only build on archs that have IOMEM (bsc#1051510).
- auxdisplay: img-ascii-lcd: add missing MODULE_DESCRIPTION/AUTHOR/LICENSE (bsc#1051510).
- backlight: as3711_bl: Fix Device Tree node lookup (bsc#1051510).
- backlight: max8925_bl: Fix Device Tree node lookup (bsc#1051510).
- backlight: tdo24m: Fix the SPI CS between transfers (bsc#1051510).
- backlight: tps65217_bl: Fix Device Tree node lookup (bsc#1051510).
- bcache: Add __printf annotation to __bch_check_keys() (bsc#1093023).
- bcache: Annotate switch fall-through (bsc#1093023).
- bcache: Fix a compiler warning in bcache_device_init() (bsc#1093023).
- bcache: Fix indentation (bsc#1093023).
- bcache: Fix kernel-doc warnings (bsc#1093023).
- bcache: Fix, improve efficiency of closure_sync() (bsc#1093023).
- bcache: Reduce the number of sparse complaints about lock imbalances (bsc#1093023).
- bcache: Remove an unused variable (bsc#1093023).
- bcache: Suppress more warnings about set-but-not-used variables (bsc#1093023).
- bcache: Use PTR_ERR_OR_ZERO() (bsc#1093023).
- bcache: add CACHE_SET_IO_DISABLE to struct cache_set flags (bsc#1093023).
- bcache: add backing_request_endio() for bi_end_io (bsc#1093023).
- bcache: add io_disable to struct cached_dev (bsc#1093023).
- bcache: add journal statistic (bsc#1093023).
- bcache: add stop_when_cache_set_failed option to backing device (bsc#1093023).
- bcache: add wait_for_kthread_stop() in bch_allocator_thread() (bsc#1093023).
- bcache: allow quick writeback when backing idle (bsc#1093023).
- bcache: closures: move control bits one bit right (bsc#1093023).
- bcache: comment on direct access to bvec table (bsc#1093023).
- bcache: correct flash only vols (check all uuids) (bsc#1093023).
- bcache: count backing device I/O error for writeback I/O (bsc#1093023).
- bcache: fix cached_dev->count usage for bch_cache_set_error() (bsc#1093023).
- bcache: fix error return value in memory shrink (bsc#1093023).
- bcache: fix for allocator and register thread race (bsc#1093023).
- bcache: fix for data collapse after re-attaching an attached device (bsc#1093023).
- bcache: fix high CPU occupancy during journal (bsc#1093023).
- bcache: fix inaccurate io state for detached bcache devices (bsc#1093023).
- bcache: fix incorrect sysfs output value of strip size (bsc#1093023).
- bcache: fix kcrashes with fio in RAID5 backend dev (bsc#1093023).
- bcache: fix misleading error message in bch_count_io_errors() (bsc#1093023).
- bcache: fix unmatched generic_end_io_acct() and generic_start_io_acct() (bsc#1093023).
- bcache: fix using of loop variable in memory shrink (bsc#1093023).
- bcache: fix writeback target calc on large devices (bsc#1093023).
- bcache: fix wrong return value in bch_debug_init() (bsc#1093023).
- bcache: mark closure_sync() __sched (bsc#1093023).
- bcache: move closure debug file into debug directory (bsc#1093023).
- bcache: properly set task state in bch_writeback_thread() (bsc#1093023).
- bcache: quit dc->writeback_thread when BCACHE_DEV_DETACHING is set (bsc#1093023).
- bcache: reduce cache_set devices iteration by devices_max_used (bsc#1093023).
- bcache: ret IOERR when read meets metadata error (bsc#1093023).
- bcache: return 0 from bch_debug_init() if CONFIG_DEBUG_FS=n (bsc#1093023).
- bcache: return attach error when no cache set exist (bsc#1093023).
- bcache: segregate flash only volume write streams (bsc#1093023).
- bcache: set CACHE_SET_IO_DISABLE in bch_cached_dev_error() (bsc#1093023).
- bcache: set dc->io_disable to true in conditional_stop_bcache_device() (bsc#1093023).
- bcache: set error_limit correctly (bsc#1093023).
- bcache: set writeback_rate_update_seconds in range [1, 60] seconds (bsc#1093023).
- bcache: stop dc->writeback_rate_update properly (bsc#1093023).
- bcache: stop writeback thread after detaching (bsc#1093023).
- bcache: store disk name in struct cache and struct cached_dev (bsc#1093023).
- bcache: use pr_info() to inform duplicated CACHE_SET_IO_DISABLE set (bsc#1093023).
- bcache: writeback: properly order backing device IO (bsc#1093023).
- bdi: Fix oops in wb_workfn() (bsc#1052766).
- bdi: wake up concurrent wb_shutdown() callers (bsc#1052766).
- be2net: Fix HW stall issue in Lancer (bsc#1086288).
- be2net: Fix error detection logic for BE3 (bsc#1050252).
- be2net: Handle transmit completion errors in Lancer (bsc#1086288).
- bfq-iosched: ensure to clear bic/bfqq pointers when preparing request (bsc#1052766).
- bfq: Re-enable auto-loading when built as a module (bsc#1099918).
- bio-integrity: move the bio integrity profile check earlier in bio_integrity_prep (bsc#1093023).
- bitmap: fix memset optimization on big-endian systems (bsc#1051510).
- bitops: Introduce assign_bit() (bsc#1093023).
- blacklist.conf: blacklist further commits not needed (bsc#1085933, bsc#1085938, bsc#1085939)
- blacklist.conf: blacklist tools specific change bsc#1085941
- blk-mq-debugfs: fix device sched directory for default scheduler (bsc#1099918).
- blk-mq: do not keep offline CPUs mapped to hctx 0 (bsc#1099918).
- blk-mq: make sure hctx->next_cpu is set correctly (bsc#1099918).
- blk-mq: make sure that correct hctx->next_cpu is set (bsc#1099918).
- blk-mq: reinit q->tag_set_list entry only after grace period (bsc#1099918).
- blk-mq: simplify queue mapping and schedule with each possisble CPU (bsc#1099918).
- block, bfq: add missing invocations of bfqg_stats_update_io_add/remove (bsc#1099918).
- block, bfq: fix occurrences of request finish method's old name (bsc#1099918).
- block, bfq: put async queues for root bfq groups too (bsc#1052766).
- block/loop: fix deadlock after loop_set_status (bsc#1052766).
- block/swim: Remove extra put_disk() call from error path (bsc#1099918).
- block: Add comment to submit_bio_wait() (bsc#1093023).
- block: Fix __bio_integrity_endio() documentation (bsc#1099918).
- block: Fix cloning of requests with a special payload (bsc#1099918).
- block: Set BIO_TRACE_COMPLETION on new bio during split (bsc#1052766).
- block: cope with WRITE ZEROES failing in blkdev_issue_zeroout() (bsc#1099918).
- block: factor out __blkdev_issue_zero_pages() (bsc#1099918).
- block: sed-opal: Fix a couple off by one bugs (bsc#1099918).
- bnx2x: Collect the device debug information during Tx timeout (bsc#1086323).
- bnx2x: Deprecate pci_get_bus_and_slot() (bsc#1086323).
- bnx2x: Replace doorbell barrier() with wmb() (bsc#1086323).
- bnx2x: Use NETIF_F_GRO_HW (bsc#1086323).
- bnx2x: Use pci_ari_enabled() instead of local copy (bsc#1086323).
- bnx2x: fix slowpath null crash (bsc#1086323).
- bnx2x: fix spelling mistake: 'registeration' -> 'registration' (bsc#1086323).
- bnx2x: use the right constant (bsc#1086323).
- bnxt_en: Add BCM5745X NPAR device IDs (bsc#1086282).
- bnxt_en: Add IRQ remapping logic (bsc#1086282).
- bnxt_en: Add TC to hardware QoS queue mapping logic (bsc#1086282).
- bnxt_en: Add ULP calls to stop and restart IRQs (bsc#1086282).
- bnxt_en: Add cache line size setting to optimize performance (bsc#1086282).
- bnxt_en: Add extended port statistics support (bsc#1086282).
- bnxt_en: Add support for ndo_set_vf_trust (bsc#1086282).
- bnxt_en: Add the new firmware API to query hardware resources (bsc#1086282).
- bnxt_en: Adjust default rings for multi-port NICs (bsc#1086282).
- bnxt_en: Always forward VF MAC address to the PF (bsc#1086282).
- bnxt_en: Change IRQ assignment for RDMA driver (bsc#1086282).
- bnxt_en: Check max_tx_scheduler_inputs value from firmware (bsc#1086282).
- bnxt_en: Check the lengths of encapsulated firmware responses (bsc#1086282).
- bnxt_en: Check unsupported speeds in bnxt_update_link() on PF only (bsc#1086282).
- bnxt_en: Display function level rx/tx_discard_pkts via ethtool (bsc#1086282).
- bnxt_en: Do not allow VF to read EEPROM (bsc#1086282).
- bnxt_en: Do not reserve rings on VF when min rings were not provisioned by PF (bsc#1086282).
- bnxt_en: Do not set firmware time from VF driver on older firmware (bsc#1086282).
- bnxt_en: Eliminate duplicate barriers on weakly-ordered archs (bsc#1086282).
- bnxt_en: Expand bnxt_check_rings() to check all resources (bsc#1086282).
- bnxt_en: Fix NULL pointer dereference at bnxt_free_irq() (bsc#1086282).
- bnxt_en: Fix ethtool -x crash when device is down (bsc#1086282).
- bnxt_en: Fix firmware message delay loop regression (bsc#1086282).
- bnxt_en: Fix regressions when setting up MQPRIO TX rings (bsc#1086282).
- bnxt_en: Fix vnic accounting in the bnxt_check_rings() path (bsc#1086282).
- bnxt_en: Forward VF MAC address to the PF (bsc#1086282).
- bnxt_en: Ignore src port field in decap filter nodes (bsc#1050242).
- bnxt_en: Implement new method for the PF to assign SRIOV resources (bsc#1086282).
- bnxt_en: Implement new method to reserve rings (bsc#1086282).
- bnxt_en: Improve resource accounting for SRIOV (bsc#1086282).
- bnxt_en: Improve ring allocation logic (bsc#1086282).
- bnxt_en: Improve valid bit checking in firmware response message (bsc#1086282).
- bnxt_en: Include additional hardware port statistics in ethtool -S (bsc#1086282).
- bnxt_en: Increase RING_IDLE minimum threshold to 50 (bsc#1086282).
- bnxt_en: Need to include RDMA rings in bnxt_check_rings() (bsc#1086282).
- bnxt_en: Pass complete VLAN TCI to the stack (bsc#1086282).
- bnxt_en: Read phy eeprom A2h address only when optical diagnostics is supported (bsc#1086282).
- bnxt_en: Refactor bnxt_close_nic() (bsc#1086282).
- bnxt_en: Refactor bnxt_need_reserve_rings() (bsc#1086282).
- bnxt_en: Refactor hardware resource data structures (bsc#1086282).
- bnxt_en: Refactor the functions to reserve hardware rings (bsc#1086282).
- bnxt_en: Remap TC to hardware queues when configuring PFC (bsc#1086282).
- bnxt_en: Reserve RSS and L2 contexts for VF (bsc#1086282).
- bnxt_en: Reserve completion rings and MSIX for bnxt_re RDMA driver (bsc#1086282).
- bnxt_en: Reserve resources for RFS (bsc#1086282).
- bnxt_en: Reserve rings at driver open if none was reserved at probe time (bsc#1086282).
- bnxt_en: Reserve rings in bnxt_set_channels() if device is down (bsc#1086282).
- bnxt_en: Restore MSIX after disabling SRIOV (bsc#1086282).
- bnxt_en: Set initial default RX and TX ring numbers the same in combined mode (bsc#1086282).
- bnxt_en: Simplify ring alloc/free error messages (bsc#1086282).
- bnxt_en: Support max-mtu with VF-reps (bsc#1086282).
- bnxt_en: Update firmware interface to 1.9.0 (bsc#1086282).
- bnxt_en: Update firmware interface to 1.9.1.15 (bsc#1086282).
- bnxt_en: Use a dedicated VNIC mode for RDMA (bsc#1086282).
- bnxt_en: close and open NIC, only when the interface is in running state (bsc#1086282).
- bnxt_en: do not allow wildcard matches for L2 flows (bsc#1050242).
- bnxt_en: export a common switchdev PARENT_ID for all reps of an adapter (bsc#1086282).
- bnxt_en: fix clear flags in ethtool reset handling (bsc#1050242).
- bnxt_en: reduce timeout on initial HWRM calls (bsc#1086282).
- bonding: discard lowest hash bit for 802.3ad layer3+4 (networking-stable-17_11_20).
- bonding: do not set slave_dev npinfo before slave_enable_netpoll in bond_enslave (networking-stable-18_04_26).
- bonding: fix the err path for dev hwaddr sync in bond_enslave (networking-stable-18_04_10).
- bonding: move dev_mc_sync after master_upper_dev_link in bond_enslave (networking-stable-18_04_10).
- bonding: process the err returned by dev_set_allmulti properly in bond_enslave (networking-stable-18_04_10).
- bonding: send learning packets for vlans on slave (networking-stable-18_05_15).
- bpf, ppc64: fix out of bounds access in tail call (bsc#1083647).
- bpf, x64: fix memleak when not converging after image (bsc#1083647).
- bpf: add schedule points in percpu arrays management (bsc#1083647).
- bpf: fix bpf_skb_adjust_net/bpf_skb_proto_xlat to deal with gso sctp skbs (bsc#1076830).
- bpf: fix mlock precharge on arraymaps (bsc#1083647).
- bpf: make bnxt compatible w/ bpf_xdp_adjust_tail (bsc#1086282).
- bpf: properly enforce index mask to prevent out-of-bounds speculation (bsc#1098425).
- brcmfmac: Fix check for ISO3166 code (bsc#1051510).
- brd: fix overflow in __brd_direct_access (bsc#1052766).
- bridge: check iface upper dev when setting master via ioctl (networking-stable-18_05_15).
- Btrfs: Take trans lock before access running trans in check_delayed_ref (bsc#1097105).
- Btrfs: return error value if create_io_em failed in cow_file_range (bsc#1097105).
- can: af_can: can_pernet_init(): add missing error handling for kzalloc returning NULL (bsc#1051510).
- can: af_can: can_rcv(): replace WARN_ONCE by pr_warn_once (bsc#1051510).
- can: af_can: canfd_rcv(): replace WARN_ONCE by pr_warn_once (bsc#1051510).
- can: c_can: do not indicate triple sampling support for D_CAN (bsc#1051510).
- can: cc770: Fix queue stall and dropped RTR reply (bsc#1051510).
- can: cc770: Fix stalls on rt-linux, remove redundant IRQ ack (bsc#1051510).
- can: cc770: Fix use after free in cc770_tx_interrupt() (bsc#1051510).
- can: ems_usb: cancel urb on -EPIPE and -EPROTO (bsc#1051510).
- can: esd_usb2: Fix can_dlc value for received RTR, frames (bsc#1051510).
- can: esd_usb2: cancel urb on -EPIPE and -EPROTO (bsc#1051510).
- can: flex_can: Correct the checking for frame length in flexcan_start_xmit() (bsc#1051510).
- can: flexcan: fix VF610 state transition issue (bsc#1051510).
- can: flexcan: fix i.MX28 state transition issue (bsc#1051510).
- can: flexcan: fix i.MX6 state transition issue (bsc#1051510).
- can: flexcan: fix p1010 state transition issue (bsc#1051510).
- can: flexcan: fix state transition regression (bsc#1051510).
- can: flexcan: implement error passive state quirk (bsc#1051510).
- can: flexcan: rename legacy error state quirk (bsc#1051510).
- can: gs_usb: fix busy loop if no more TX context is available (bsc#1051510).
- can: gs_usb: fix return value of the 'set_bittiming' callback (bsc#1051510).
- can: hi311x: Acquire SPI lock on ->do_get_berr_counter (bsc#1051510).
- can: hi311x: Work around TX complete interrupt erratum (bsc#1051510).
- can: ifi: Check core revision upon probe (bsc#1051510).
- can: ifi: Fix transmitter delay calculation (bsc#1051510).
- can: ifi: Repair the error handling (bsc#1051510).
- can: kvaser_usb: Correct return value in printout (bsc#1051510).
- can: kvaser_usb: Fix comparison bug in kvaser_usb_read_bulk_callback() (bsc#1051510).
- can: kvaser_usb: Ignore CMD_FLUSH_QUEUE_REPLY messages (bsc#1051510).
- can: kvaser_usb: Increase correct stats counter in kvaser_usb_rx_can_msg() (bsc#1051510).
- can: kvaser_usb: cancel urb on -EPIPE and -EPROTO (bsc#1051510).
- can: kvaser_usb: free buf in error paths (bsc#1051510).
- can: kvaser_usb: ratelimit errors if incomplete messages are received (bsc#1051510).
- can: mcba_usb: cancel urb on -EPROTO (bsc#1051510).
- can: mcba_usb: fix device disconnect bug (bsc#1051510).
- can: peak/pci: fix potential bug when probe() fails (bsc#1051510).
- can: peak/pcie_fd: fix echo_skb is occupied! bug (bsc#1051510).
- can: peak/pcie_fd: fix potential bug in restarting tx queue (bsc#1051510).
- can: peak/pcie_fd: remove useless code when interface starts (bsc#1051510).
- can: peak: Add support for new PCIe/M2 CAN FD interfaces (bsc#1051510).
- can: peak: fix potential bug in packet fragmentation (bsc#1051510).
- can: sun4i: fix loopback mode (bsc#1051510).
- can: sun4i: handle overrun in RX FIFO (bsc#1051510).
- can: ti_hecc: Fix napi poll return value for repoll (bsc#1051510).
- can: usb_8dev: cancel urb on -EPIPE and -EPROTO (bsc#1051510).
- can: vxcan: improve handling of missing peer name attribute (bsc#1051510).
- cdc_ether: flag the Cinterion AHS8 modem by gemalto as WWAN (networking-stable-18_04_13).
- cdrom: information leak in cdrom_ioctl_media_changed() (bsc#1051510).
- ceph: adding protection for showing cap reservation info (bsc#1089115).
- ceph: always update atime/mtime/ctime for new inode (bsc#1089115).
- ceph: change variable name to follow common rule (bsc#1089115).
- ceph: check if mds create snaprealm when setting quota (bsc#1089115).
- ceph: do not wait on writeback when there is no more dirty pages (bsc#1089115).
- ceph: filter out used flags when printing unused open flags (bsc#1089115).
- ceph: fix alignment of rasize (bsc#1098236).
- ceph: fix dentry leak in splice_dentry() (bsc#1098236).
- ceph: fix invalid point dereference for error case in mdsc destroy (bsc#1089115).
- ceph: fix rsize/wsize capping in ceph_direct_read_write() (bsc#1089115).
- ceph: fix st_nlink stat for directories (bsc#1093904).
- ceph: fix use-after-free in ceph_statfs() (bsc#1098236).
- ceph: fix wrong check for the case of updating link count (bsc#1098236).
- ceph: keep consistent semantic in fscache related option combination (bsc#1089115).
- ceph: mark the cap cache as unreclaimable (bsc#1089115).
- ceph: optimize mds session register (bsc#1089115).
- ceph: optimize memory usage (bsc#1089115).
- ceph: optimizing cap allocation (bsc#1089115).
- ceph: optimizing cap reservation (bsc#1089115).
- ceph: prevent i_version from going back (bsc#1098236).
- ceph: quota: report root dir quota usage in statfs (bsc#1089115).
- ceph: release unreserved caps if having enough available caps (bsc#1089115).
- ceph: return proper bool type to caller instead of pointer (bsc#1089115).
- ceph: support file lock on directory (bsc#1098236).
- ceph: use seq_show_option for string type options (bsc#1089115).
- cfg80211: clear wep keys after disconnection (bsc#1051510).
- cfg80211: further limit wiphy names to 64 bytes (bsc#1051510).
- cfg80211: limit wiphy names to 128 bytes (bsc#1051510).
- cgroup: Fix deadlock in cpu hotplug path (Git-fixes).
- cgroup: Reinit cgroup_taskset structure before cgroup_migrate_execute() returns (Git-fixes).
- cifs: Check for timeout on Negotiate stage (bsc#1091171).
- cifs: silence compiler warnings showing up with gcc-8.0.0 (bsc#1090734).
- config: arm64: enable Spectre-v4 per-thread mitigation
- coresight: Fix disabling of CoreSight TPIU (bsc#1051510).
- cpufreq: intel_pstate: Add HWP boost utility and sched util hooks (bsc#1066110).
- cpufreq: intel_pstate: Fix scaling max/min limits with Turbo 3.0 (bsc#1051510).
- cpufreq: intel_pstate: HWP boost performance on IO wakeup (bsc#1066110).
- cpufreq: intel_pstate: New sysfs entry to control HWP boost (bsc#1066110).
- cpufreq: intel_pstate: enable boost for Skylake Xeon (bsc#1066110).
- cpufreq: schedutil: Avoid using invalid next_freq (git-fixes).
- cpuidle: fix broadcast control when broadcast can not be entered (Git-fixes).
- cros_ec: fix nul-termination for firmware build info (bsc#1051510).
- crypto: AF_ALG - remove SGL terminator indicator when chaining (bsc#1051510).
- crypto: aes-generic - build with -Os on gcc-7+ (bsc#1051510).
- crypto: aes-generic - fix aes-generic regression on powerpc (bsc#1051510).
- crypto: af_alg - fix possible uninit-value in alg_bind() (bsc#1051510).
- crypto: ahash - Fix early termination in hash walk (bsc#1051510).
- crypto: arm,arm64 - Fix random regeneration of S_shipped (bsc#1051510).
- crypto: atmel-aes - fix the keys zeroing on errors (bsc#1051510).
- crypto: caam - Fix null dereference at error path (bsc#1051510).
- crypto: caam - fix DMA mapping dir for generated IV (bsc#1051510).
- crypto: caam - fix IV DMA mapping and updating (bsc#1051510).
- crypto: caam - fix incorrect define (bsc#1051510).
- crypto: caam - strip input zeros from RSA input buffer (bsc#1051510).
- crypto: caam/qi - fix IV DMA mapping and updating (bsc#1051510).
- crypto: caam/qi - fix IV DMA mapping and updating (bsc#1051510).
- crypto: ccp - Fix sparse, use plain integer as NULL pointer (git-fixes 200664d5237f).
- crypto: drbg - set freed buffers to NULL (bsc#1051510).
- crypto: lrw - Free rctx->ext with kzfree (bsc#1051510).
- crypto: omap-sham - fix memleak (bsc#1051510).
- crypto: qat - remove unused and redundant pointer vf_info (bsc#1051510).
- crypto: sunxi-ss - Add MODULE_ALIAS to sun4i-ss (bsc#1051510).
- crypto: vmx - Remove overly verbose printk from AES XTS init (bsc#1051510).
- crypto: vmx - Remove overly verbose printk from AES init routines (bsc#1051510).
- crypto: x86/cast5-avx - fix ECB encryption when long sg follows short one (bsc#1051510).
- cxgb4: Correct ntuple mask validation for hash filters (bsc#1064802 bsc#1066129).
- cxgb4: fix error return code in adap_init0() (bsc#1064802 bsc#1066129).
- cxgb4: fix offset in collecting TX rate limit info (bsc#1073513).
- cxgb4vf: Fix SGE FL buffer initialization logic for 64K pages (bsc#1046542).
- dax, dm: allow device-mapper to operate without dax support (bsc#1093023).
- dax: check for QUEUE_FLAG_DAX in bdev_dax_supported() (bsc#1101315).
- dccp: do not restart ccid2_hc_tx_rto_expire() if sk in closed state (networking-stable-18_01_28).
- dccp: fix tasklet usage (networking-stable-18_05_15).
- delayacct: Account blkio completion on the correct task (bsc#1052766).
- dell_rbu: make firmware payload memory uncachable (bsc#1087978).
- device-dax: allow MAP_SYNC to succeed (bsc#1052766).
- devlink: Remove redundant free on error path (networking-stable-18_03_28).
- direct-io: Prevent NULL pointer access in submit_page_section (bsc#1052766).
- disable patches.drivers/s390-qeth-use-Read-device-to-query-hypervisor-for-MA.patch Backport of mainline commit b7493e91c11a ('s390/qeth: use Read device to query hypervisor for MAC') changes assigned MAC address (and breaks networking) on one of our machines and it's not clear which address is actually correct (bsc#1094575).
- dlm: fix a clerical error when set SCTP_NODELAY (bsc#1091594).
- dlm: make sctp_connect_to_sock() return in specified time (bsc#1080542).
- dlm: remove O_NONBLOCK flag in sctp_connect_to_sock (bsc#1080542).
- dm btree: fix serious bug in btree_split_beneath() (bsc#1093023).
- dm bufio: add missed destroys of client mutex (bsc#1093023).
- dm bufio: check result of register_shrinker() (bsc#1093023).
- dm bufio: delete outdated comment (bsc#1093023).
- dm bufio: do not embed a bio in the dm_buffer structure (bsc#1093023).
- dm bufio: eliminate unnecessary labels in dm_bufio_client_create() (bsc#1093023).
- dm bufio: fix buffer alignment (bsc#1093023).
- dm bufio: fix integer overflow when limiting maximum cache size (bsc#1093023).
- dm bufio: fix shrinker scans when (nr_to_scan lower than retain_target) (bsc#1093023).
- dm bufio: get rid of slab cache name allocations (bsc#1093023).
- dm bufio: move dm-bufio.h to include/linux/ (bsc#1093023).
- dm bufio: relax alignment constraint on slab cache (bsc#1093023).
- dm bufio: remove code that merges slab caches (bsc#1093023).
- dm bufio: reorder fields in dm_buffer structure (bsc#1093023).
- dm bufio: support non-power-of-two block sizes (bsc#1093023).
- dm bufio: use REQ_OP_READ and REQ_OP_WRITE (bsc#1093023).
- dm bufio: use slab cache for dm_buffer structure allocations (bsc#1093023).
- dm cache background tracker: limit amount of background work that may be issued at once (bsc#1093023).
- dm cache policy smq: allocate cache blocks in order (bsc#1093023).
- dm cache policy smq: change max background work from 10240 to 4096 blocks (bsc#1093023).
- dm cache policy smq: handle races with queuing background_work (bsc#1093023).
- dm cache policy smq: take origin idle status into account when queuing writebacks (bsc#1093023).
- dm cache: convert dm_cache_metadata.ref_count from atomic_t to refcount_t (bsc#1093023).
- dm cache: fix race condition in the writeback mode overwrite_bio optimisation (bsc#1093023).
- dm cache: lift common migration preparation code to alloc_migration() (bsc#1093023).
- dm cache: pass cache structure to mode functions (bsc#1093023).
- dm cache: remove all obsolete writethrough-specific code (bsc#1093023).
- dm cache: remove usused deferred_cells member from struct cache (bsc#1093023).
- dm cache: simplify get_per_bio_data() by removing data_size argument (bsc#1093023).
- dm cache: submit writethrough writes in parallel to origin and cache (bsc#1093023).
- dm crypt: allow unaligned bv_offset (bsc#1093023).
- dm crypt: fix crash by adding missing check for auth key size (bsc#1093023).
- dm crypt: fix error return code in crypt_ctr() (bsc#1093023).
- dm crypt: fix memory leak in crypt_ctr_cipher_old() (bsc#1093023).
- dm crypt: limit the number of allocated pages (bsc#1093023).
- dm crypt: reject sector_size feature if device length is not aligned to it (bsc#1093023).
- dm crypt: remove BIOSET_NEED_RESCUER flag (bsc#1093023).
- dm crypt: wipe kernel key copy after IV initialization (bsc#1093023).
- dm flakey: check for null arg_name in parse_features() (bsc#1093023).
- dm integrity: allow unaligned bv_offset (bsc#1093023).
- dm integrity: count and display checksum failures (bsc#1093023).
- dm integrity: do not check integrity for failed read operations (bsc#1093023).
- dm integrity: do not store cipher request on the stack (bsc#1093023).
- dm integrity: fail early if required HMAC key is not available (bsc#1093023).
- dm integrity: make blk_integrity_profile structure const (bsc#1093023).
- dm integrity: optimize writing dm-bufio buffers that are partially changed (bsc#1093023).
- dm integrity: use init_completion instead of COMPLETION_INITIALIZER_ONSTACK (bsc#1093023).
- dm integrity: use kvfree for kvmalloc'd memory (bsc#1099918).
- dm io: remove BIOSET_NEED_RESCUER flag from bios bioset (bsc#1093023).
- dm ioctl: constify ioctl lookup table (bsc#1093023).
- dm log writes: add support for DAX (bsc#1093023).
- dm log writes: add support for inline data buffers (bsc#1093023).
- dm log writes: do not use all the cpu while waiting to log blocks (bsc#1093023).
- dm log writes: fix >512b sectorsize support (bsc#1093023).
- dm log writes: fix max length used for kstrndup (bsc#1093023).
- dm log writes: record metadata flag for better flags record (bsc#1093023).
- dm mpath: fix bio-based multipath queue_if_no_path handling (bsc#1099918).
- dm raid: add component device size checks to avoid runtime failure (bsc#1093023).
- dm raid: avoid passing array_in_sync variable to raid_status() callees (bsc#1093023).
- dm raid: bump target version to reflect numerous fixes (bsc#1093023).
- dm raid: consume sizes after md_finish_reshape() completes changing them (bsc#1093023).
- dm raid: correct resizing state relative to reshape space in ctr (bsc#1093023).
- dm raid: display a consistent copy of the MD status via raid_status() (bsc#1093023).
- dm raid: do not use 'const' in function return (bsc#1099918).
- dm raid: ensure 'a' chars during reshape (bsc#1093023).
- dm raid: fix deadlock caused by premature md_stop_writes() (bsc#1093023).
- dm raid: fix incorrect status output at the end of a 'recover' process (bsc#1093023).
- dm raid: fix incorrect sync_ratio when degraded (bsc#1093023).
- dm raid: fix nosync status (bsc#1093023).
- dm raid: fix panic when attempting to force a raid to sync (bsc#1093023).
- dm raid: fix parse_raid_params() variable range issue (bsc#1093023).
- dm raid: fix raid set size revalidation (bsc#1093023).
- dm raid: fix raid_resume() to keep raid set frozen as needed (bsc#1093023).
- dm raid: fix rs_get_progress() synchronization state/ratio (bsc#1093023).
- dm raid: make raid_sets symbol static (bsc#1093023).
- dm raid: simplify rs_get_progress() (bsc#1093023).
- dm raid: small cleanup and remove unsed 'struct raid_set' member (bsc#1093023).
- dm raid: stop keeping raid set frozen altogether (bsc#1093023).
- dm raid: use rs_is_raid*() (bsc#1093023).
- dm raid: validate current raid sets redundancy (bsc#1093023).
- dm rq: do not update rq partially in each ending bio (bsc#1093023).
- dm rq: make dm-sq requeuing behavior consistent with dm-mq behavior (bsc#1093023).
- dm space map metadata: use ARRAY_SIZE (bsc#1093023).
- dm stripe: get rid of a Variable Length Array (VLA) (bsc#1093023).
- dm table: fix regression from improper dm_dev_internal.count refcount_t conversion (bsc#1093023).
- dm thin metadata: THIN_MAX_CONCURRENT_LOCKS should be 6 (bsc#1093023).
- dm thin: fix trailing semicolon in __remap_and_issue_shared_cell (bsc#1093023).
- dm zoned: avoid triggering reclaim from inside dmz_map() (bsc#1099918).
- dm zoned: ignore last smaller runt zone (bsc#1093023).
- dm-crypt: do not clear bvec->bv_page in crypt_free_buffer_pages() (bsc#1093023).
- dm-crypt: do not mess with BIP_BLOCK_INTEGRITY (bsc#1093023).
- dm-raid: fix a race condition in request handling (bsc#1093023).
- dm: backfill missing calls to mutex_destroy() (bsc#1093023).
- dm: clear all discard attributes in queue_limits when discards are disabled (bsc#1093023).
- dm: convert DM printk macros to pr level macros (bsc#1099918).
- dm: convert dm_dev_internal.count from atomic_t to refcount_t (bsc#1093023).
- dm: convert table_device.count from atomic_t to refcount_t (bsc#1093023).
- dm: correctly handle chained bios in dec_pending() (bsc#1093023).
- dm: discard support requires all targets in a table support discards (bsc#1093023).
- dm: do not set 'discards_supported' in targets that do not need it (bsc#1093023).
- dm: ensure bio submission follows a depth-first tree walk (bsc#1093023).
- dm: ensure bio-based DM's bioset and io_pool support targets' maximum IOs (bsc#1093023).
- dm: fix __send_changing_extent_only() to send first bio and chain remainder (bsc#1093023).
- dm: fix comment above dm_accept_partial_bio (bsc#1093023).
- dm: fix printk() rate limiting code (bsc#1099918).
- dm: fix various targets to dm_register_target after module __init resources created (bsc#1093023).
- dm: limit the max bio size as BIO_MAX_PAGES * PAGE_SIZE (bsc#1093023).
- dm: move dm_table_destroy() to same header as dm_table_create() (bsc#1093023).
- dm: remove BIOSET_NEED_RESCUER based dm_offload infrastructure (bsc#1093023).
- dm: remove stale comment blocks (bsc#1093023).
- dm: remove unused 'num_write_bios' target interface (bsc#1093023).
- dm: remove unused macro DM_MOD_NAME_SIZE (bsc#1093023).
- dm: rename 'bio' member of dm_io structure to 'orig_bio' (bsc#1093023).
- dm: safely allocate multiple bioset bios (bsc#1093023).
- dm: set QUEUE_FLAG_DAX accordingly in dm_table_set_restrictions() (bsc#1093023).
- dm: simplify start of block stats accounting for bio-based (bsc#1093023).
- dm: small cleanup in dm_get_md() (bsc#1093023).
- dm: use bio_split() when splitting out the already processed bio (bsc#1099918).
- dmaengine: at_hdmac: fix potential NULL pointer dereference in atc_prep_dma_interleaved (bsc#1051510).
- dmaengine: at_xdmac: fix rare residue corruption (bsc#1051510).
- dmaengine: dmatest: fix container_of member in dmatest_callback (bsc#1051510).
- dmaengine: dmatest: move callback wait queue to thread context (bsc#1051510).
- dmaengine: dmatest: warn user when dma test times out (bsc#1051510).
- dmaengine: edma: Align the memcpy acnt array size with the transfer (bsc#1051510).
- dmaengine: ioat: Fix error handling path (bsc#1051510).
- dmaengine: jz4740: disable/unprepare clk if probe fails (bsc#1051510).
- dmaengine: ti-dma-crossbar: Correct am335x/am43xx mux value type (bsc#1051510).
- dmaengine: ti-dma-crossbar: Fix event mapping for TPCC_EVT_MUX_60_63 (bsc#1051510).
- dmaengine: ti-dma-crossbar: Fix possible race condition with dma_inuse (bsc#1051510).
- docs: disable KASLR when debugging kernel (bsc#1051510).
- dpaa_eth: increment the RX dropped counter when needed (networking-stable-18_03_28).
- dpaa_eth: remove duplicate increment of the tx_errors counter (networking-stable-18_03_28).
- dpaa_eth: remove duplicate initialization (networking-stable-18_03_28).
- drbd: Fix drbd_request_prepare() discard handling (bsc#1099918).
- driver core: Do not ignore class_dir_create_and_add() failure (bsc#1051510).
- driver core: Move device_links_purge() after bus_remove_device() (bsc#1099918).
- drivers/infiniband/core/verbs.c: fix build with gcc-4.4.4 (bsc#1046306).
- drivers/infiniband/ulp/srpt/ib_srpt.c: fix build with gcc-4.4.4 (bsc#1046306).
- drivers: net: bnx2x: use setup_timer() helper (bsc#1086323).
- drm/amd/powerplay: Fix enum mismatch (bsc#1051510).
- drm/amdgpu/sdma: fix mask in emit_pipeline_sync (bsc#1051510).
- drm/amdgpu/si: implement get/set pcie_lanes asic callback (bsc#1051510).
- drm/amdgpu: Add APU support in vi_set_uvd_clocks (bsc#1051510).
- drm/amdgpu: Add APU support in vi_set_vce_clocks (bsc#1051510).
- drm/amdgpu: Add an ATPX quirk for hybrid laptop (bsc#1051510).
- drm/amdgpu: Fix PCIe lane width calculation (bsc#1051510).
- drm/amdgpu: Fix always_valid bos multiple LRU insertions (bsc#1051510).
- drm/amdgpu: Fix deadlock on runtime suspend (bsc#1051510).
- drm/amdgpu: Use kvmalloc_array for allocating VRAM manager nodes array (bsc#1051510).
- drm/amdgpu: adjust timeout for ib_ring_tests(v2) (bsc#1051510).
- drm/amdgpu: disable GFX ring and disable PQ wptr in hw_fini (bsc#1051510).
- drm/amdgpu: set COMPUTE_PGM_RSRC1 for SGPR/VGPR clearing shaders (bsc#1051510).
- drm/amdkfd: fix clock counter retrieval for node without GPU (bsc#1051510).
- drm/armada: fix leak of crtc structure (bsc#1051510).
- drm/ast: Fixed 1280x800 Display Issue (bsc#1051510).
- drm/atmel-hlcdc: check stride values in the first plane (bsc#1051510).
- drm/atomic: Clean old_state/new_state in drm_atomic_state_default_clear() (bsc#1051510).
- drm/atomic: Clean private obj old_state/new_state in drm_atomic_state_default_clear() (bsc#1051510).
- drm/bridge: analogix dp: Fix runtime PM state in get_modes() callback (bsc#1051510).
- drm/bridge: tc358767: do no fail on hi-res displays (bsc#1051510).
- drm/bridge: tc358767: filter out too high modes (bsc#1051510).
- drm/bridge: tc358767: fix 1-lane behavior (bsc#1051510).
- drm/bridge: tc358767: fix AUXDATAn registers access (bsc#1051510).
- drm/bridge: tc358767: fix DP0_MISC register set (bsc#1051510).
- drm/bridge: tc358767: fix timing calculations (bsc#1051510).
- drm/bridge: vga-dac: Fix edid memory leak (bsc#1051510).
- drm/dumb-buffers: Integer overflow in drm_mode_create_ioctl() (bsc#1051510).
- drm/exynos/dsi: mask frame-done interrupt (bsc#1051510).
- drm/exynos: Allow DRM_EXYNOS on s5pv210 (bsc#1051510).
- drm/exynos: Fix default value for zpos plane property (bsc#1051510).
- drm/exynos: fix comparison to bitshift when dealing with a mask (bsc#1051510).
- drm/exynos: g2d: use monotonic timestamps (bsc#1051510).
- drm/fsl-dcu: enable IRQ before drm_atomic_helper_resume() (bsc#1051510).
- drm/hisilicon: Ensure LDI regs are properly configured (bsc#1051510).
- drm/i915/audio: Fix audio detection issue on GLK (bsc#1051510).
- drm/i915/audio: set minimum CD clock to twice the BCLK (bsc#1095265).
- drm/i915/bios: filter out invalid DDC pins from VBT child devices (bsc#1051510).
- drm/i915/execlists: Use rmb() to order CSB reads (bsc#1051510).
- drm/i915/gen9: Add WaClearHIZ_WM_CHICKEN3 for bxt and glk (bsc#1051510).
- drm/i915/glk: Add MODULE_FIRMWARE for Geminilake (bsc#1095265).
- drm/i915/gvt: fix memory leak of a cmd_entry struct on error exit path (bsc#1051510).
- drm/i915/gvt: throw error on unhandled vfio ioctls (bsc#1051510).
- drm/i915/lvds: Move acpi lid notification registration to registration phase (bsc#1051510).
- drm/i915/psr: Chase psr.enabled only under the psr.lock (bsc#1051510).
- drm/i915/userptr: reject zero user_size (bsc#1051510).
- drm/i915: Adjust eDP's logical vco in a reliable place (bsc#1095265).
- drm/i915: Apply batch location restrictions before pinning (bsc#1051510).
- drm/i915: Call i915_perf_fini() on init_hw error unwind (bsc#1051510).
- drm/i915: Disable LVDS on Radiant P845 (bsc#1051510).
- drm/i915: Do no use kfree() to free a kmem_cache_alloc() return value (bsc#1051510).
- drm/i915: Do not request a bug report for unsafe module parameters (bsc#1051510).
- drm/i915: Enable display WA#1183 from its correct spot (bsc#1051510).
- drm/i915: Enable provoking vertex fix on Gen9 systems (bsc#1051510).
- drm/i915: Fix LSPCON TMDS output buffer enabling from low-power state (bsc#1051510).
- drm/i915: Fix context ban and hang accounting for client (bsc#1051510).
- drm/i915: Fix drm:intel_enable_lvds ERROR message in kernel log (bsc#1051510).
- drm/i915: Remove stale asserts from i915_gem_find_active_request() (bsc#1051510).
- drm/i915: Remove stale asserts from i915_gem_find_active_request() (bsc#1051510).
- drm/i915: Remove unbannable context spam from reset (bsc#1051510).
- drm/i915: Restore planes after load detection (bsc#1051510).
- drm/i915: Restore planes after load detection (bsc#1051510).
- drm/i915: Try GGTT mmapping whole object as partial (bsc#1051510).
- drm/imx: move arming of the vblank event to atomic_flush (bsc#1051510).
- drm/meson: Fix an un-handled error path in 'meson_drv_bind_master()' (bsc#1051510).
- drm/meson: Fix some error handling paths in 'meson_drv_bind_master()' (bsc#1051510).
- drm/meson: fix vsync buffer update (bsc#1051510).
- drm/msm/dsi: use correct enum in dsi_get_cmd_fmt (bsc#1051510).
- drm/msm: Fix possible null dereference on failure of get_pages() (bsc#1051510).
- drm/msm: do not deref error pointer in the msm_fbdev_create error path (bsc#1100209).
- drm/msm: fix leak in failed get_pages (bsc#1051510).
- drm/nouveau/bar/gf100: add config option to limit BAR2 to 16MiB (bsc#1095094).
- drm/nouveau/bios/iccsense: rails for power sensors have a mask of 0xf8 for version 0x10 (bsc#1095094).
- drm/nouveau/bios/init: add a new devinit script interpreter entry-point (bsc#1095094).
- drm/nouveau/bios/init: add or/link args separate from output path (bsc#1095094).
- drm/nouveau/bios/init: bump script offset to 32-bits (bsc#1095094).
- drm/nouveau/bios/init: remove internal use of nvbios_init.bios (bsc#1095094).
- drm/nouveau/bios/init: rename 'crtc' to 'head' (bsc#1095094).
- drm/nouveau/bios/init: rename nvbios_init() to nvbios_devinit() (bsc#1095094).
- drm/nouveau/bios/volt: Parse min and max for Version 0x40 (bsc#1095094).
- drm/nouveau/bios: Demote missing fp table message to NV_DEBUG (bsc#1095094).
- drm/nouveau/bl: fix backlight regression (bsc#1095094).
- drm/nouveau/devinit: use new devinit script interpreter entry-point (bsc#1095094).
- drm/nouveau/disp/dp: determine a failsafe link training rate (bsc#1095094).
- drm/nouveau/disp/dp: determine link bandwidth requirements from head state (bsc#1095094).
- drm/nouveau/disp/dp: no need for lt_state except during manual link training (bsc#1095094).
- drm/nouveau/disp/dp: only check for re-train when the link is active (bsc#1095094).
- drm/nouveau/disp/dp: remove DP_PWR method (bsc#1095094).
- drm/nouveau/disp/dp: store current link configuration in nvkm_ior (bsc#1095094).
- drm/nouveau/disp/dp: train link only when actively displaying an image (bsc#1095094).
- drm/nouveau/disp/dp: use cached link configuration when checking link status (bsc#1095094).
- drm/nouveau/disp/dp: use new devinit script interpreter entry-point (bsc#1095094).
- drm/nouveau/disp/g84-: Extend NVKM HDMI power control method to set InfoFrames (bsc#1095094).
- drm/nouveau/disp/g84-: port OR HDMI control to nvkm_ior (bsc#1095094).
- drm/nouveau/disp/g84-gt200: Use supplied HDMI InfoFrames (bsc#1095094).
- drm/nouveau/disp/g94-: port OR DP drive setting control to nvkm_ior (bsc#1095094).
- drm/nouveau/disp/g94-: port OR DP lane mapping to nvkm_ior (bsc#1095094).
- drm/nouveau/disp/g94-: port OR DP link power control to nvkm_ior (bsc#1095094).
- drm/nouveau/disp/g94-: port OR DP link setup to nvkm_ior (bsc#1095094).
- drm/nouveau/disp/g94-: port OR DP training pattern control to nvkm_ior (bsc#1095094).
- drm/nouveau/disp/gf119-: avoid creating non-existent heads (bsc#1095094).
- drm/nouveau/disp/gf119-: port OR DP VCPI control to nvkm_ior (bsc#1095094).
- drm/nouveau/disp/gf119: Use supplied HDMI InfoFrames (bsc#1095094).
- drm/nouveau/disp/gf119: add missing drive vfunc ptr (bsc#1095094).
- drm/nouveau/disp/gk104-: Use supplied HDMI InfoFrames (bsc#1095094).
- drm/nouveau/disp/gm200-: allow non-identity mapping of SOR != macro links (bsc#1095094).
- drm/nouveau/disp/gt215-: port HDA ELD controls to nvkm_ior (bsc#1095094).
- drm/nouveau/disp/gt215: Use supplied HDMI InfoFrames (bsc#1095094).
- drm/nouveau/disp/nv04: avoid creation of output paths (bsc#1095094).
- drm/nouveau/disp/nv50-: avoid creating ORs that are not present on HW (bsc#1095094).
- drm/nouveau/disp/nv50-: execute supervisor on its own workqueue (bsc#1095094).
- drm/nouveau/disp/nv50-: fetch head/OR state at beginning of supervisor (bsc#1095094).
- drm/nouveau/disp/nv50-: implement a common supervisor 1.0 (bsc#1095094).
- drm/nouveau/disp/nv50-: implement a common supervisor 2.0 (bsc#1095094).
- drm/nouveau/disp/nv50-: implement a common supervisor 2.1 (bsc#1095094).
- drm/nouveau/disp/nv50-: implement a common supervisor 2.2 (bsc#1095094).
- drm/nouveau/disp/nv50-: implement a common supervisor 3.0 (bsc#1095094).
- drm/nouveau/disp/nv50-: port OR manual sink detection to nvkm_ior (bsc#1095094).
- drm/nouveau/disp/nv50-: port OR power state control to nvkm_ior (bsc#1095094).
- drm/nouveau/disp/nv50-gt21x: remove workaround for dp->tmds hotplug issues (bsc#1095094).
- drm/nouveau/disp: Add mechanism to convert HDMI InfoFrames to hardware format (bsc#1095094).
- drm/nouveau/disp: Silence DCB warnings (bsc#1095094).
- drm/nouveau/disp: add tv encoders to output resource mapping (bsc#1095094).
- drm/nouveau/disp: common implementation of scanoutpos method in nvkm_head (bsc#1095094).
- drm/nouveau/disp: delay output path / connector construction until oneinit() (bsc#1095094).
- drm/nouveau/disp: fork off some new hw-specific implementations (bsc#1095094).
- drm/nouveau/disp: identity-map display paths to output resources (bsc#1095094).
- drm/nouveau/disp: introduce acquire/release display path methods (bsc#1095094).
- drm/nouveau/disp: introduce input/output resource abstraction (bsc#1095094).
- drm/nouveau/disp: introduce object to track per-head functions/state (bsc#1095094).
- drm/nouveau/disp: move vblank_{get,put} methods into nvkm_head (bsc#1095094).
- drm/nouveau/disp: remove hw-specific customisation of output paths (bsc#1095094).
- drm/nouveau/disp: rename nvkm_output to nvkm_outp (bsc#1095094).
- drm/nouveau/disp: rename nvkm_output_dp to nvkm_dp (bsc#1095094).
- drm/nouveau/disp: s/nvkm_connector/nvkm_conn/ (bsc#1095094).
- drm/nouveau/disp: shuffle functions around (bsc#1095094).
- drm/nouveau/falcon: use a more reasonable msgqueue timeout value (bsc#1095094).
- drm/nouveau/fb/gf100-: zero mmu debug buffers (bsc#1095094).
- drm/nouveau/fb/ram/nv40-: use new devinit script interpreter entry-point (bsc#1095094).
- drm/nouveau/fbcon: fix oops without fbdev emulation (bsc#1094751).
- drm/nouveau/hwmon: Add config for all sensors and their settings (bsc#1095094).
- drm/nouveau/hwmon: Add nouveau_hwmon_ops structure with .is_visible/.read_string (bsc#1095094).
- drm/nouveau/hwmon: Change permissions to numeric (bsc#1095094).
- drm/nouveau/hwmon: Remove old code, add .write/.read operations (bsc#1095094).
- drm/nouveau/hwmon: expose the auto_point and pwm_min/max attrs (bsc#1095094).
- drm/nouveau/kms/nv04-nv40: improve overlay error detection, fix pitch setting (bsc#1095094).
- drm/nouveau/kms/nv04-nv40: prevent undisplayable framebuffers from creation (bsc#1095094).
- drm/nouveau/kms/nv04-nv4x: fix exposed format list (bsc#1095094).
- drm/nouveau/kms/nv04: use new devinit script interpreter entry-point (bsc#1095094).
- drm/nouveau/kms/nv10-nv40: add NV21 support to overlay (bsc#1095094).
- drm/nouveau/mc/gf100: add pmu to reset mask (bsc#1095094).
- drm/nouveau/mpeg: print more debug info when rejecting dma objects (bsc#1095094).
- drm/nouveau/pmu/fuc: do not use movw directly anymore (bsc#1051510).
- drm/nouveau/pmu/gt215-: abstract detection of whether reset is needed (bsc#1095094).
- drm/nouveau/pmu/gt215: fix reset (bsc#1095094).
- drm/nouveau/tegra: Do not leave GPU in reset (bsc#1095094).
- drm/nouveau/tegra: Skip manual unpowergating when not necessary (bsc#1095094).
- drm/nouveau/therm/gm200: Added (bsc#1095094).
- drm/nouveau/therm: fix spelling mistake on array thresolds (bsc#1095094).
- drm/nouveau/tmr: remove nvkm_timer_alarm_cancel() (bsc#1095094).
- drm/nouveau: Clean up nv50_head_atomic_check_mode() and fix blankus calculation (bsc#1095094).
- drm/nouveau: Convert nouveau to use new iterator macros, v2 (bsc#1095094).
- drm/nouveau: Drop drm_vblank_cleanup (bsc#1095094).
- drm/nouveau: Enable stereoscopic 3D output over HDMI (bsc#1095094).
- drm/nouveau: Fix deadlock in nv50_mstm_register_connector() (bsc#1051510).
- drm/nouveau: Fix deadlock on runtime suspend (bsc#1051510).
- drm/nouveau: Fix merge commit (bsc#1095094).
- drm/nouveau: Handle drm_atomic_helper_swap_state failure (bsc#1095094).
- drm/nouveau: Handle frame-packing mode geometry and timing effects (bsc#1095094).
- drm/nouveau: Pass mode-dependent AVI and Vendor HDMI InfoFrames to NVKM (bsc#1095094).
- drm/nouveau: Skip vga_fini on non-PCI device (bsc#1095094).
- drm/nouveau: Use the drm_driver.dumb_destroy default (bsc#1095094).
- drm/nouveau: silence suspend/resume debugging messages (bsc#1095094).
- drm/nouveau: use drm_for_each_connector_iter() (bsc#1095094).
- drm/omap: DMM: Check for DMM readiness after successful transaction commit (bsc#1051510).
- drm/omap: fix possible NULL ref issue in tiler_reserve_2d (bsc#1051510).
- drm/omap: fix uninitialized ret variable (bsc#1051510).
- drm/omap: handle alloc failures in omap_connector (bsc#1051510).
- drm/omap: silence unititialized variable warning (bsc#1051510).
- drm/panel: simple: Fix the bus format for the Ontat panel (bsc#1051510).
- drm/psr: Fix missed entry in PSR setup time table (bsc#1051510).
- drm/qxl: Call qxl_bo_unref outside atomic context (bsc#1051510).
- drm/radeon: Fix PCIe lane width calculation (bsc#1051510).
- drm/radeon: Fix deadlock on runtime suspend (bsc#1051510).
- drm/radeon: add PX quirk for Asus K73TK (bsc#1051510).
- drm/radeon: make MacBook Pro d3_delay quirk more generic (bsc#1051510).
- drm/rockchip: Clear all interrupts before requesting the IRQ (bsc#1051510).
- drm/rockchip: Respect page offset for PRIME mmap calls (bsc#1051510).
- drm/rockchip: dw-mipi-dsi: fix possible un-balanced runtime PM enable (bsc#1051510).
- drm/sun4i: Fix dclk_set_phase (bsc#1051510).
- drm/sun4i: Fix error path handling (bsc#1051510).
- drm/tegra: Shutdown on driver unbind (bsc#1051510).
- drm/tilcdc: ensure nonatomic iowrite64 is not used (bsc#1051510).
- drm/vc4: Fix memory leak during BO teardown (bsc#1051510).
- drm/vc4: Fix scaling of uni-planar formats (bsc#1051510).
- drm/virtio: fix vq wait_event condition (bsc#1051510).
- drm/vmwgfx: Fix 32-bit VMW_PORT_HB_[IN|OUT] macros (bsc#1051510).
- drm/vmwgfx: Fix a buffer object leak (bsc#1051510).
- drm/vmwgfx: Set dmabuf_size when vmw_dmabuf_init is successful (bsc#1051510).
- drm/vmwgfx: Unpin the screen object backup buffer when not used (bsc#1051510).
- drm: Allow determining if current task is output poll worker (bsc#1051510).
- drm: Match sysfs name in link removal to link creation (bsc#1051510).
- drm: bridge: dw-hdmi: Fix overflow workaround for Amlogic Meson GX SoCs (bsc#1051510).
- drm: nouveau: remove dead code and pointless local lut storage (bsc#1095094).
- drm: rcar-du: lvds: Fix LVDS startup on R-Car Gen2 (bsc#1051510).
- drm: rcar-du: lvds: Fix LVDS startup on R-Car Gen3 (bsc#1051510).
- drm: set FMODE_UNSIGNED_OFFSET for drm files (bsc#1051510).
- e1000e: Ignore TSYNCRXCTL when getting I219 clock attributes (bsc#1075876).
- eCryptfs: do not pass up plaintext names when using filename encryption (bsc#1052766).
- earlycon: Use a pointer table to fix __earlycon_table stride (bsc#1099918).
- efi/esrt: Use memunmap() instead of kfree() to free the remapping (bsc#1051510).
- emulex/benet: Constify *be_misconfig_evt_port_state (bsc#1086288).
- ethernet/broadcom: Use zeroing memory allocator than allocator/memset (bsc#1086282).
- ethernet: Use octal not symbolic permissions (bsc#1086288).
- ethtool: do not print warning for applications using legacy API (networking-stable-18_01_12).
- etnaviv: fix gem object list corruption (bsc#1051510).
- etnaviv: fix submit error path (bsc#1051510).
- ext4: add bounds checking to ext4_xattr_find_entry() (bsc#1052766).
- ext4: do not update checksum of new initialized bitmaps (bsc#1052766).
- ext4: eliminate sleep from shutdown ioctl (bsc#1052766).
- ext4: fix hole length detection in ext4_ind_map_blocks() (bsc#1090953).
- ext4: fix offset overflow on 32-bit archs in ext4_iomap_begin() (bsc#1079747).
- ext4: fix unsupported feature message formatting (bsc#1098435).
- ext4: move call to ext4_error() into ext4_xattr_check_block() (bsc#1052766).
- ext4: pass -ESHUTDOWN code to jbd2 layer (bsc#1052766).
- ext4: prevent right-shifting extents beyond EXT_MAX_BLOCKS (bsc#1052766).
- ext4: protect i_disksize update by i_data_sem in direct write path (bsc#1052766).
- ext4: set h_journal if there is a failure starting a reserved handle (bsc#1052766).
- ext4: shutdown should not prevent get_write_access (bsc#1052766).
- extcon: intel-cht-wc: Set direction and drv flags for V5 boost GPIO (bsc#1051510).
- f2fs: avoid hungtask when GC encrypted block if io_bits is set (bsc#1052766).
- f2fs: expose some sectors to user in inline data or dentry case (bsc#1052766).
- f2fs: fix a panic caused by NULL flush_cmd_control (bsc#1086400).
- f2fs: fix heap mode to reset it back (bsc#1052766).
- f2fs: fix to clear CP_TRIMMED_FLAG (bsc#1052766).
- f2fs: fix to wake up all sleeping flusher (bsc#1099918).
- fanotify: fix logic of events on child (bsc#1052766).
- fbdev: controlfb: Add missing modes to fix out of bounds access (bsc#1051510).
- fealnx: Fix building error on MIPS (networking-stable-17_11_20).
- fib_semantics: Do not match route with mismatching tclassid (networking-stable-18_03_07).
- firewire-ohci: work around oversized DMA reads on JMicron controllers (bsc#1051510).
- firmware: add helper to unregister pm ops (bsc#1085937).
- firmware: always enable the reboot notifier (bsc#1085937).
- firmware: dmi_scan: Fix UUID length safety check (bsc#1051510).
- firmware: dmi_scan: Fix handling of empty DMI strings (bsc#1051510).
- firmware: fix capturing errors on fw_cache_init() on early init (bsc#1085937).
- firmware: fix checking for return values for fw_add_devm_name() (bsc#1051510).
- firmware: fix detecting error on register_reboot_notifier() (bsc#1085936).
- firmware: move kill_requests_without_uevent() up above (bsc#1085937).
- firmware: provide helpers for registering the syfs loader (bsc#1085937).
- firmware: share fw fallback killing on reboot/suspend (bsc#1085937).
- flow_dissector: properly cap thoff field (networking-stable-18_01_28).
- fs/aio: Add explicit RCU grace period when freeing kioctx (bsc#1088722).
- fs/aio: Use RCU accessors for kioctx_table->table[] (bsc#1088722).
- fs/binfmt_misc.c: do not allow offset overflow (bsc#1099142).
- fs/fat/inode.c: fix sb_rdonly() change (bsc#1052766).
- fs/reiserfs/journal.c: add missing resierfs_warning() arg (bsc#1052766).
- fsnotify: Fix fsnotify_mark_connector race (bsc#1052766).
- fsnotify: Hide kABI changes in fsnotify_mark_connector (bsc#1052766).
- ftrace: Fix selftest goto location on error (bsc#1099918).
- fuse: fix READDIRPLUS skipping an entry (bsc#1088690).
- geneve: Fix function matching VNI and tunnel ID on big-endian (bsc#1051510).
- geneve: fix fill_info when link down (bsc#1051510).
- gfs2: Fix debugfs glocks dump (bsc#1052766).
- gpio: No NULL owner (bsc#1051510).
- gpio: ath79: add missing MODULE_DESCRIPTION/LICENSE (bsc#1051510).
- gpio: davinci: Assign first bank regs for unbanked case (bsc#1051510).
- gpio: fix 'gpio-line-names' property retrieval (bsc#1051510).
- gpio: fix aspeed_gpio unmask irq (bsc#1051510).
- gpio: fix error path in lineevent_create (bsc#1051510).
- gpio: iop: add missing MODULE_DESCRIPTION/AUTHOR/LICENSE (bsc#1051510).
- gpio: label descriptors using the device name (bsc#1051510).
- gpio: stmpe: i2c transfer are forbiden in atomic context (bsc#1051510).
- gpioib: do not free unrequested descriptors (bsc#1051510).
- gpu: ipu-v3: pre: fix device node leak in ipu_pre_lookup_by_phandle (bsc#1051510).
- gpu: ipu-v3: prg: avoid possible array underflow (bsc#1051510).
- gpu: ipu-v3: prg: fix device node leak in ipu_prg_lookup_by_phandle (bsc#1051510).
- hdlc_ppp: carrier detect ok, do not turn off negotiation (networking-stable-18_03_07).
- hv_netvsc: Fix a network regression after ifdown/ifup (bsc#1094420).
- hwmon: (ina2xx) Fix access to uninitialized mutex (bsc#1051510).
- hwmon: (ina2xx) Make calibration register value fixed (bsc#1051510).
- hwmon: (jc42) optionally try to disable the SMBUS timeout (bsc#1051510).
- hwmon: (nct6775) Fix writing pwmX_mode (bsc#1051510).
- hwmon: (pmbus/adm1275) Accept negative page register values (bsc#1051510).
- hwmon: (pmbus/max8688) Accept negative page register values (bsc#1051510).
- hwtracing: stm: fix build error on some arches (bsc#1051510).
- i2c: designware: fix poll-after-enable regression (bsc#1051510).
- i2c: i801: Restore configuration at shutdown (bsc#1051510).
- i2c: i801: Save register SMBSLVCMD value only once (bsc#1051510).
- i2c: ismt: Separate I2C block read from SMBus block read (bsc#1051510).
- i2c: mv64xxx: Apply errata delay only in standard mode (bsc#1051510).
- i2c: pmcmsp: fix error return from master_xfer (bsc#1051510).
- i2c: pmcmsp: return message count on master_xfer success (bsc#1051510).
- i2c: viperboard: return message count on master_xfer success (bsc#1051510).
- i40e: Close client on suspend and restore client MSIx on resume (bsc#1088821).
- i40e: Do not allow use more TC queue pairs than MSI-X vectors exist (bsc#1094978).
- i40e: Fix attach VF to VM issue (bsc#1056658 bsc#1056662).
- i40e: Fix the number of queues available to be mapped for use (bsc#1094978).
- i40e: program fragmented IPv4 filter input set (bsc#1056658 bsc#1056662).
- i40evf: Do not schedule reset_task when device is being removed (bsc#1056658 bsc#1056662).
- i40evf: do not rely on netif_running() outside rtnl_lock() (bsc#1056658 bsc#1056662).
- i40evf: ignore link up if not running (bsc#1056658 bsc#1056662).
- i40iw: Zero-out consumer key on allocate stag for FMR (bsc#1058659).
- ibmvnic: Check CRQ command return codes (bsc#1094840).
- ibmvnic: Create separate initialization routine for resets (bsc#1094840).
- ibmvnic: Fix non-fatal firmware error reset (bsc#1093990).
- ibmvnic: Fix partial success login retries (bsc#1094840).
- ibmvnic: Fix statistics buffers memory leak (bsc#1093990).
- ibmvnic: Free coherent DMA memory if FW map failed (bsc#1093990).
- ibmvnic: Handle error case when setting link state (bsc#1094840).
- ibmvnic: Introduce active CRQ state (bsc#1094840).
- ibmvnic: Introduce hard reset recovery (bsc#1094840).
- ibmvnic: Mark NAPI flag as disabled when released (bsc#1094840).
- ibmvnic: Only do H_EOI for mobility events (bsc#1094356).
- ibmvnic: Return error code if init interrupted by transport event (bsc#1094840).
- ibmvnic: Set resetting state at earliest possible point (bsc#1094840).
- ide: Make ide_cdrom_prep_fs() initialize the sense buffer pointer (bsc#1099918).
- ide: ide-atapi: fix compile error with defining macro DEBUG (bsc#1099918).
- ide:ide-cd: fix kernel panic resulting from missing scsi_req_init (bsc#1099918).
- idr: fix invalid ptr dereference on item delete (bsc#1051510).
- ieee802154: 6lowpan: fix possible NULL deref in lowpan_device_event() (networking-stable-18_03_28).
- igb: Allow to remove administratively set MAC on VFs (bsc#1056651).
- igb: Clear TXSTMP when ptp_tx_work() is timeout (bsc#1056651).
- igb: Fix a test with HWTSTAMP_TX_ON (bsc#1056651 bsc#1056643).
- iio: ABI: Fix name of timestamp sysfs file (bsc#1051510).
- iio: ad7793: Fix the serial interface reset (bsc#1051510).
- iio: ad7793: implement IIO_CHAN_INFO_SAMP_FREQ (bsc#1051510).
- iio: ad_sigma_delta: Implement a dedicated reset function (bsc#1051510).
- iio: adc/accel: Fix up module licenses (bsc#1051510).
- iio: adc: cpcap: fix incorrect validation (bsc#1051510).
- iio: adc: mcp320x: Fix oops on module unload (bsc#1051510).
- iio: adc: mcp320x: Fix readout of negative voltages (bsc#1051510).
- iio: adc: meson-saradc: fix the bit_idx of the adc_en clock (bsc#1051510).
- iio: adc: stm32: fix scan of multiple channels with DMA (bsc#1051510).
- iio: adc: ti-ads1015: add 10% to conversion wait time (bsc#1051510).
- iio: adc: twl4030: Disable the vusb3v1 rugulator in the error handling path of 'twl4030_madc_probe()' (bsc#1051510).
- iio: adc: twl4030: Fix an error handling path in 'twl4030_madc_probe()' (bsc#1051510).
- iio: adis_lib: Initialize trigger before requesting interrupt (bsc#1051510).
- iio: buffer: check if a buffer has been set up when poll is called (bsc#1051510).
- iio: buffer: fix the function signature to match implementation (bsc#1051510).
- iio: core: Return error for failed read_reg (bsc#1051510).
- iio: fix kernel-doc build errors (bsc#1051510).
- iio: health: max30102: Add power enable parameter to get_temp function (bsc#1051510).
- iio: health: max30102: Temperature should be in milli Celsius (bsc#1051510).
- iio: imu: st_lsm6dsx: fix endianness in st_lsm6dsx_read_oneshot() (bsc#1051510).
- iio: st_pressure: st_accel: Initialise sensor platform data properly (bsc#1051510).
- iio: st_pressure: st_accel: pass correct platform data to init (bsc#1051510).
- iio: trigger: stm32-timer: fix get/set down count direction (bsc#1051510).
- iio: trigger: stm32-timer: fix get/set down count direction (bsc#1051510).
- iio: trigger: stm32-timer: preset shouldn't be buffered (bsc#1051510).
- iio:buffer: make length types match kfifo types (bsc#1051510).
- iio:kfifo_buf: check for uint overflow (bsc#1051510).
- ima: Fallback to the builtin hash algorithm (bsc#1091686).
- infiniband: drop unknown function from core_priv.h (bsc#1046306).
- init: fix false positives in W+X checking (bsc#1093721).
- initial support (display-only) for GP108 (bsc#1095094).
- intel_th: Use correct device when freeing buffers (bsc#1051510).
- iommu/amd: Take into account that alloc_dev_data() may return NULL (bsc#975772).
- iommu/vt-d: Clear pasid table entry when memory unbound (bsc#1087214).
- iommu/vt-d: Fix race condition in add_unmap() (bsc#1096790, bsc#1097034).
- iov_iter: fix memory leak in pipe_get_pages_alloc() (bsc#1092710).
- iov_iter: fix return type of __pipe_get_pages() (bsc#1092710).
- ip6_gre: better validate user provided tunnel names (networking-stable-18_04_10).
- ip6_gre: fix device features for ioctl setup (networking-stable-17_12_31).
- ip6_gre: init dev->mtu and dev->hard_header_len correctly (networking-stable-18_01_28).
- ip6_gre: ip6gre_tap device should keep dst (networking-stable-17_10_09).
- ip6_gre: only increase err_count for some certain type icmpv6 in ip6gre_err (networking-stable-17_11_14).
- ip6_gre: skb_push ipv6hdr before packing the header in ip6gre_header (networking-stable-17_10_09).
- ip6_tunnel: better validate user provided tunnel names (networking-stable-18_04_10).
- ip6_tunnel: disable dst caching if tunnel is dual-stack (networking-stable-18_01_12).
- ip6_tunnel: do not allow loading ip6_tunnel if ipv6 is disabled in cmdline (networking-stable-17_10_09).
- ip6_vti: adjust vti mtu according to mtu of lower device (bsc#1082869).
- ip6mr: fix stale iterator (networking-stable-18_02_06).
- ip6mr: only set ip6mr_table from setsockopt when ip6mr_new_table succeeds (git-fixes).
- ip_gre: fix IFLA_MTU ignored on NEWLINK (bsc#1076830).
- ip_tunnel: better validate user provided tunnel names (networking-stable-18_04_10).
- ipip: only increase err_count for some certain type icmp in ipip_err (networking-stable-17_11_14).
- ipv4: Fix use-after-free when flushing FIB tables (networking-stable-17_12_31).
- ipv4: Make neigh lookup keys for loopback/point-to-point devices be INADDR_ANY (networking-stable-18_01_28).
- ipv4: fix fnhe usage by non-cached routes (networking-stable-18_05_15).
- ipv4: fix memory leaks in udp_sendmsg, ping_v4_sendmsg (networking-stable-18_05_15).
- ipv4: igmp: guard against silly MTU values (bsc#1082869).
- ipv6 sit: work around bogus gcc-8 -Wrestrict warning (networking-stable-18_03_07).
- ipv6: Fix getsockopt() for sockets with default IPV6_AUTOFLOWLABEL (git-fixes).
- ipv6: add RTA_TABLE and RTA_PREFSRC to rtm_ipv6_policy (networking-stable-18_04_26).
- ipv6: fix access to non-linear packet in ndisc_fill_redirect_hdr_option() (networking-stable-18_03_28).
- ipv6: fix udpv6 sendmsg crash caused by too small MTU (networking-stable-18_01_28).
- ipv6: flowlabel: do not leave opt->tot_len with garbage (networking-stable-17_11_14).
- ipv6: mcast: better catch silly mtu values (networking-stable-17_12_31).
- ipv6: old_dport should be a __be16 in __ip6_datagram_connect() (networking-stable-18_03_28).
- ipv6: omit traffic class when calculating flow hash (bsc#1095042).
- ipv6: sit: better validate user provided tunnel names (networking-stable-18_04_10).
- ipv6: sr: fix NULL pointer dereference in seg6_do_srh_encap()- v4 pkts (git-fixes).
- ipv6: sr: fix NULL pointer dereference when setting encap source address (networking-stable-18_03_28).
- ipv6: sr: fix TLVs not being copied using setsockopt (networking-stable-18_01_12).
- ipv6: sr: fix scheduling in RCU when creating seg6 lwtunnel state (networking-stable-18_03_28).
- ipv6: sr: fix seg6 encap performances with TSO enabled (networking-stable-18_04_10).
- ipv6: the entire IPv6 header chain must fit the first fragment (networking-stable-18_04_10).
- irqchip/gic-v3-its: Ensure nr_ites >= nr_lpis (bsc#1098401).
- isdn: eicon: fix a missing-check bug (bsc#1051510).
- iw_cxgb4: Atomically flush per QP HW CQEs (bsc#1046543).
- iw_cxgb4: Fix an error handling path in 'c4iw_get_dma_mr()' (bsc#1064802 bsc#1066129).
- iw_cxgb4: print mapped ports correctly (bsc#1046543).
- iwlmvm: tdls: Check TDLS channel switch support (bsc#1051510).
- iwlwifi: add a bunch of new 9000 PCI IDs (1051510).
- iwlwifi: add shared clock PHY config flag for some devices (bsc#1051510).
- iwlwifi: avoid collecting firmware dump if not loaded (bsc#1051510).
- iwlwifi: fix non_shared_ant for 9000 devices (bsc#1051510).
- iwlwifi: fw: harden page loading code (bsc#1051510).
- iwlwifi: mvm: Correctly set IGTK for AP (bsc#1051510).
- iwlwifi: mvm: Correctly set the tid for mcast queue (bsc#1051510).
- iwlwifi: mvm: Direct multicast frames to the correct station (bsc#1051510).
- iwlwifi: mvm: Fix channel switch for count 0 and 1 (bsc#1051510).
- iwlwifi: mvm: Increase session protection time after CS (bsc#1051510).
- iwlwifi: mvm: always init rs with 20mhz bandwidth rates (bsc#1051510).
- iwlwifi: mvm: clear tx queue id when unreserving aggregation queue (bsc#1051510).
- iwlwifi: mvm: do not warn in queue sync on RF-kill (bsc#1051510).
- iwlwifi: mvm: fix 'failed to remove key' message (bsc#1051510).
- iwlwifi: mvm: fix IBSS for devices that support station type API (bsc#1051510).
- iwlwifi: mvm: fix TSO with highly fragmented SKBs (bsc#1051510).
- iwlwifi: mvm: fix TX of CCMP 256 (bsc#1051510).
- iwlwifi: mvm: fix array out of bounds reference (bsc#1051510).
- iwlwifi: mvm: fix assert 0x2B00 on older FWs (bsc#1051510).
- iwlwifi: mvm: fix error checking for multi/broadcast sta (bsc#1051510).
- iwlwifi: mvm: fix race in queue notification wait (bsc#1051510).
- iwlwifi: mvm: fix security bug in PN checking (bsc#1051510).
- iwlwifi: mvm: honor the max_amsdu_subframes limit (bsc#1051510).
- iwlwifi: mvm: make sure internal station has a valid id (bsc#1051510).
- iwlwifi: mvm: remove DQA non-STA client mode special case (bsc#1051510).
- iwlwifi: mvm: set the correct tid when we flush the MCAST sta (bsc#1051510).
- iwlwifi: pcie: compare with number of IRQs requested for, not number of CPUs (bsc#1051510).
- ixgbe: do not set RXDCTL.RLPML for 82599 (bsc#1056657).
- ixgbe: prevent ptp_rx_hang from running when in FILTER_ALL mode (bsc#1056657 bsc#1056653).
- jbd2: if the journal is aborted then do not allow update of the log tail (bsc#1052766).
- jffs2_kill_sb(): deal with failed allocations (bsc#1052766).
- kABI: protect ife_tlv_meta_decode (kabi).
- kABI: protect struct cstate (kabi).
- kABI: protect struct ipv6_pinfo (kabi).
- kABI: protect tap_create_cdev (kabi).
- kabi protect struct acpi_nfit_desc (bsc#1091424).
- kabi/severities: Ignore kABI incompatibility for meson drm The symbols are used only between meson modules, so mostly internal.
- kabi/severities: Ignore removed bugs.c symbols The second wave of SSBD patches drops those symbols and we can ignore them from kABI because nothing external should use them - they were exported only for kvm.
- kabi/severities: add 'drivers/md/bcache/* PASS' for above change.
- kabi/severities: add nvdimm internal symbols to kabi ignore list
- kabi: add struct bpf_map back (References: bsc#1098425).
- kcm: lock lower socket in kcm_attach (networking-stable-18_03_28).
- kconfig: Avoid format overflow warning from GCC 8.1 (bsc#1051510).
- kconfig: Do not leak main menus during parsing (bsc#1051510).
- kconfig: Fix automatic menu creation mem leak (bsc#1051510).
- kconfig: Fix expr_free() E_NOT leak (bsc#1051510).
- kernel-binary: also default klp_symbols to 0 here.
- kernel-binary: pass ARCH= to kernel build Recent kernel does not save CONFIG_64BIT so it has to be specified by arch.
- kernel-binary: pass MAKE_ARGS to install script as well.
- kernel-{binary,docs}.spec sort dependencies.
- kernel/acct.c: fix the acct->needcheck check in check_free_space() (Git-fixes).
- kernel/async.c: revert 'async: simplify lowest_in_progress()' (Git-fixes).
- kernel/relay.c: limit kmalloc size to KMALLOC_MAX_SIZE (bsc#1051510).
- kernel/relay.c: revert 'kernel/relay.c: fix potential memory leak' (Git-fixes).
- kernel/signal.c: protect the SIGNAL_UNKILLABLE tasks from !sig_kernel_only() signals (Git-fixes).
- kernel/signal.c: protect the traced SIGNAL_UNKILLABLE tasks from SIGKILL (Git-fixes).
- kernel/signal.c: remove the no longer needed SIGNAL_UNKILLABLE check in complete_signal() (Git-fixes).
- kexec: export PG_swapbacked to VMCOREINFO (bsc#1088354).
- kexec_file: do not add extra alignment to efi memmap (bsc#1089268).
- klp_symbols: make --klp-symbols argument semantic sane It selects build of klp symbols and defaults to off
- kmod: fix wait on recursive loop (bsc#1099792).
- kmod: reduce atomic operations on kmod_concurrent and simplify (bsc#1099792).
- kmod: throttle kmod thread limit (bsc#1099792).
- kobject: do not use WARN for registration failures (bsc#1051510).
- kvm: Introduce nopvspin kernel parameter (bsc#1056427).
- kvm: nVMX: Enforce cpl=0 for VMX instructions (bsc#1099183).
- l2tp: check sockaddr length in pppol2tp_connect() (networking-stable-18_04_26).
- l2tp: do not accept arbitrary sockets (bsc#1076830).
- lan78xx: Crash in lan78xx_writ_reg (Workqueue: events lan78xx_deferred_multicast_write) (networking-stable-18_04_10).
- leds: pm8058: Silence pointer to integer size warning (bsc#1051510).
- lib/kobject: Join string literals back (bsc#1051510).
- lib/string_helpers: Add missed declaration of struct task_struct (bsc#1099918).
- lib/test_bitmap.c: fix bitmap optimisation tests to report errors correctly (bsc#1051510).
- libata: Apply NOLPM quirk for SanDisk SD7UB3Q*G1001 SSDs (bsc#1051510).
- libata: Blacklist some Sandisk SSDs for NCQ (bsc#1051510).
- libata: Drop SanDisk SD7UB3Q*G1001 NOLPM quirk (bsc#1051510).
- libata: blacklist Micron 500IT SSD with MU01 firmware (bsc#1051510).
- libata: zpodd: make arrays cdb static, reduces object code size (bsc#1051510).
- libata: zpodd: small read overflow in eject_tray() (bsc#1051510).
- libceph, ceph: change permission for readonly debugfs entries (bsc#1089115).
- libceph: adding missing message types to ceph_msg_type_name() (bsc#1089115).
- libceph: fix misjudgement of maximum monitor number (bsc#1089115).
- libceph: reschedule a tick in finish_hunting() (bsc#1089115).
- libceph: un-backoff on tick when we have a authenticated session (bsc#1089115).
- libceph: validate con->state at the top of try_write() (bsc#1089115).
- libnvdimm, btt: add a couple of missing kernel-doc lines (bsc#1087210).
- libnvdimm, btt: clean up warning and error messages (bsc#1087205).
- libnvdimm, btt: fix format string warnings (bsc#1087205).
- libnvdimm, dimm: handle EACCES failures from label reads ().
- libnvdimm, label: change min label storage size per UEFI 2.7 (bsc#1091666).
- libnvdimm, namespace: use a safe lookup for dimm device name (bsc#1095321).
- libnvdimm, nfit: fix persistence domain reporting (bsc#1091424).
- libnvdimm, pmem: Add sysfs notifications to badblocks ().
- libnvdimm, pmem: Do not flush power-fail protected CPU caches (bsc#1091424).
- libnvdimm, pmem: Unconditionally deep flush on *sync (bsc#1091424).
- libnvdimm, region, pmem: fix 'badblocks' sysfs_get_dirent() reference lifetime ().
- libnvdimm, region: hide persistence_domain when unknown (bsc#1091424).
- libnvdimm: expose platform persistence attribute for nd_region (bsc#1091424).
- libnvdimm: re-enable deep flush for pmem devices via fsync() (bsc#1091424).
- llc: better deal with too small mtu (networking-stable-18_05_15).
- llc: fix NULL pointer deref for SOCK_ZAPPED (networking-stable-18_04_26).
- llc: hold llc_sap before release_sock() (networking-stable-18_04_26).
- lock_parent() needs to recheck if dentry got __dentry_kill'ed under it (bsc#1052766).
- locking/atomics, dm-integrity: Convert ACCESS_ONCE() to READ_ONCE()/WRITE_ONCE() (bsc#1093023).
- locking/atomics: COCCINELLE/treewide: Convert trivial ACCESS_ONCE() patterns to READ_ONCE()/WRITE_ONCE() (bsc#1093023).
- locking/qspinlock: Ensure node is initialised before updating prev->next (bsc#1050549).
- locking/qspinlock: Ensure node->count is updated before initialising node (bsc#1050549).
- locking: Remove smp_read_barrier_depends() from queued_spin_lock_slowpath() (bsc#1050549).
- loop: handle short DIO reads (bsc#1052766).
- lsm: fix smack_inode_removexattr and xattr_getsecurity memleak (bsc#1051510).
- mac80211: Adjust SAE authentication timeout (bsc#1051510).
- mac80211: Do not disconnect on invalid operating class (bsc#1051510).
- mac80211: Fix condition validating WMM IE (bsc#1051510).
- mac80211: Fix sending ADDBA response for an ongoing session (bsc#1051510).
- mac80211: Fix setting TX power on monitor interfaces (bsc#1051510).
- mac80211: drop frames with unexpected DS bits from fast-rx to slow path (bsc#1051510).
- mac80211: mesh: fix wrong mesh TTL offset calculation (bsc#1051510).
- mac80211: round IEEE80211_TX_STATUS_HEADROOM up to multiple of 4 (bsc#1051510).
- mac80211: use timeout from the AddBA response instead of the request (bsc#1051510).
- macros.kernel-source: Fix building non-x86 KMPs
- macros.kernel-source: define linux_arch for KMPs (boo#1098050). CONFIG_64BIT is no longer defined so KMP spec files need to include %{?linux_make_arch} in any make call to build modules or descent into the kernel directory for any reason.
- macros.kernel-source: ignore errors when using make to print kernel release There is no way to handle the errors anyway and including the error into package version does not give good results.
- macvlan: filter out unsupported feature flags (networking-stable-18_03_28).
- macvlan: fix memory hole in macvlan_dev (bsc#1099918).
- macvlan: remove unused fields in struct macvlan_dev (bsc#1099918).
- mailbox: bcm-flexrm-mailbox: Fix FlexRM ring flush sequence (bsc#1051510).
- mailbox: bcm-flexrm-mailbox: Fix mask used in CMPL_START_ADDR_VALUE() (bsc#1051510).
- mailbox: mailbox-test: do not rely on rx_buffer content to signal data ready (bsc#1051510).
- mbcache: initialize entry->e_referenced in mb_cache_entry_create() (bsc#1052766).
- md-cluster: choose correct label when clustered layout is not supported (bsc#1093023).
- md-cluster: do not update recovery_offset for faulty device (bsc#1093023).
- md-cluster: make function cluster_check_sync_size static (bsc#1093023).
- md-multipath: Use seq_putc() in multipath_status() (bsc#1093023).
- md/bitmap: clear BITMAP_WRITE_ERROR bit before writing it to sb (bsc#1093023).
- md/bitmap: copy correct data for bitmap super (bsc#1093023).
- md/bitmap: revert a patch (bsc#1093023).
- md/r5cache: call mddev_lock/unlock() in r5c_journal_mode_show (bsc#1093023).
- md/r5cache: fix io_unit handling in r5l_log_endio() (bsc#1093023).
- md/r5cache: move mddev_lock() out of r5c_journal_mode_set() (bsc#1093023).
- md/r5cache: print more info of log recovery (bsc#1093023).
- md/raid0: attach correct cgroup info in bio (bsc#1093023).
- md/raid1,raid10: silence warning about wait-within-wait (bsc#1093023).
- md/raid1/10: add missed blk plug (bsc#1093023).
- md/raid1: Fix trailing semicolon (bsc#1093023).
- md/raid1: exit sync request if MD_RECOVERY_INTR is set (bsc#1093023).
- md/raid1: fix NULL pointer dereference (bsc#1093023).
- md/raid5: cap worker count (bsc#1093023).
- md/raid5: correct degraded calculation in raid5_error (bsc#1093023).
- md/raid5: simplify uninitialization of shrinker (bsc#1093023).
- md: Delete gendisk before cleaning up the request queue (bsc#1093023).
- md: allow metadata update while suspending (bsc#1093023).
- md: always hold reconfig_mutex when calling mddev_suspend() (bsc#1093023).
- md: be cautious about using ->curr_resync_completed for ->recovery_offset (bsc#1093023).
- md: do not call bitmap_create() while array is quiesced (bsc#1093023).
- md: do not check MD_SB_CHANGE_CLEAN in md_allow_write (bsc#1093023).
- md: document lifetime of internal rdev pointer (bsc#1093023).
- md: fix a potential deadlock of raid5/raid10 reshape (bsc#1093023).
- md: fix a race condition for flush request handling (bsc#1093023).
- md: fix deadlock error in recent patch (bsc#1093023).
- md: fix two problems with setting the 're-add' device state (bsc#1098176).
- md: forbid a RAID5 from having both a bitmap and a journal (bsc#1093023).
- md: free unused memory after bitmap resize (bsc#1093023).
- md: limit mdstat resync progress to max_sectors (bsc#1093023).
- md: move suspend_hi/lo handling into core md code (bsc#1093023).
- md: only allow remove_and_add_spares when no sync_thread running (bsc#1093023).
- md: raid10: remove VLAIS (bsc#1093023).
- md: raid10: remove a couple of redundant variables and initializations (bsc#1093023).
- md: raid5: avoid string overflow warning (bsc#1093023).
- md: release allocated bitset sync_set (bsc#1093023).
- md: remove redundant variable q (bsc#1093023).
- md: remove special meaning of ->quiesce(.., 2) (bsc#1093023).
- md: rename some drivers/md/ files to have an 'md-' prefix (bsc#1093023).
- md: replace seq_release_private with seq_release (bsc#1093023).
- md: separate request handling (bsc#1093023).
- md: use TASK_IDLE instead of blocking signals (bsc#1093023).
- md: use lockdep_assert_held (bsc#1093023).
- md: use mddev_suspend/resume instead of ->quiesce() (bsc#1093023).
- media: atomisp_fops.c: disable atomisp_compat_ioctl32 (bsc#1051510).
- media: au0828: add VIDEO_V4L2 dependency (bsc#1051510).
- media: cx231xx: Add support for AverMedia DVD EZMaker 7 (bsc#1051510).
- media: cx23885: Override 888 ImpactVCBe crystal frequency (bsc#1051510).
- media: cx23885: Set subdev host data to clk_freq pointer (bsc#1051510).
- media: dmxdev: fix error code for invalid ioctls (bsc#1051510).
- media: dvb_frontend: fix locking issues at dvb_frontend_get_event() (bsc#1051510).
- media: em28xx: Add Hauppauge SoloHD/DualHD bulk models (bsc#1051510).
- media: em28xx: USB bulk packet size fix (bsc#1051510).
- media: lgdt3306a: Fix a double kfree on i2c device remove (bsc#1051510).
- media: lgdt3306a: Fix module count mismatch on usb unplug (bsc#1051510).
- media: smiapp: fix timeout checking in smiapp_read_nvm (bsc#1099918).
- media: uvcvideo: Support realtek's UVC 1.5 device (bsc#1099109).
- media: v4l2-compat-ioctl32: do not oops on overlay (bsc#1051510).
- media: v4l2-compat-ioctl32: prevent go past max size (bsc#1051510).
- media: videobuf2-core: do not go out of the buffer range (bsc#1051510).
- media: vivid: check if the cec_adapter is valid (bsc#1051510).
- mei: me: add cannon point device ids ().
- mei: me: add cannon point device ids for 4th device ().
- mei: remove dev_err message on an unsupported ioctl (bsc#1051510).
- mfd: cros ec: spi: Do not send first message too soon (bsc#1051510).
- mfd: intel-lpss: Fix Intel Cannon Lake LPSS I2C input clock (bsc#1051510).
- mfd: intel-lpss: Program REMAP register in PIO mode (bsc#1051510).
- mkspec: only build docs for default variant kernel.
- mlxsw: spectrum: Disable MAC learning for ovs port (networking-stable-17_12_31).
- mlxsw: spectrum: Forbid linking to devices that have uppers FIX (stable-fixes).
- mlxsw: spectrum: Prevent mirred-related crash on removal (networking-stable-17_10_09).
- mlxsw: spectrum: Relax sanity checks during enslavement (networking-stable-18_01_12).
- mlxsw: spectrum_buffers: Set a minimum quota for CPU port traffic (networking-stable-18_03_28).
- mlxsw: spectrum_router: Do not log an error on missing neighbor (networking-stable-18_01_28).
- mlxsw: spectrum_router: Fix NULL pointer deref (networking-stable-18_01_12).
- mlxsw: spectrum_router: Fix error path in mlxsw_sp_vr_create (networking-stable-18_03_07).
- mlxsw: spectrum_router: Simplify a piece of code (networking-stable-18_01_12).
- mlxsw: spectrum_switchdev: Check success of FDB add operation (networking-stable-18_03_07).
- mm, oom_reaper: skip mm structs with mmu notifiers (bsc#1099918).
- mm, page_alloc: do not break __GFP_THISNODE by zonelist reset (bsc#1079152, VM Functionality).
- mm, percpu: add support for __GFP_NOWARN flag (bsc#1089753).
- mm, slab: reschedule cache_reap() on the same CPU (VM Functionality, bsc#1097796).
- mm, swap: fix false error message in __swp_swapcount() (VM Functionality, bsc#1098043).
- mm, swap: fix race between swap count continuation operations (VM Functionality, bsc#1097373). mm, swap: fix race between swap count continuation operations - KABI fix (VM Functionality, bsc#1097373).
- mm, thp: do not cause memcg oom for thp (bnc#1089663).
- mm/fadvise: discard partial page if endbyte is also EOF (bsc#1052766).
- mm/filemap.c: fix NULL pointer in page_cache_tree_insert() (bsc#1052766).
- mm/huge_memory.c: __split_huge_page() use atomic ClearPageDirty() (VM Functionality, bsc#1097800).
- mm/khugepaged.c: convert VM_BUG_ON() to collapse fail (VM Functionality, bsc#1097468).
- mm/ksm.c: fix inconsistent accounting of zero pages (VM Functionality, bsc#1097780).
- mm/mempolicy.c: avoid use uninitialized preferred_node (VM Functionality, bsc#1097465).
- mm/page_owner: fix recursion bug after changing skip entries (VM Functionality, bsc#1097472).
- mm/pkeys, powerpc, x86: Provide an empty vma_pkey() in linux/pkeys.h (bsc#1078248).
- mm/pkeys, x86, powerpc: Display pkey in smaps if arch supports pkeys (bsc#1078248).
- mm/pkeys: Add an empty arch_pkeys_enabled() (bsc#1078248).
- mm/pkeys: Remove include of asm/mmu_context.h from pkeys.h (bsc#1078248).
- mm/shmem: do not wait for lock_page() in shmem_unused_huge_shrink() (bnc#1089667).
- mm/thp: do not wait for lock_page() in deferred_split_scan() (VM Functionality, bsc#1097470).
- mm: Fix memory size alignment in devm_memremap_pages_release() (VM Functionality, bsc#1097439).
- mm: fix device-dax pud write-faults triggered by get_user_pages() (bsc#1052766).
- mm: fix the NULL mapping case in __isolate_lru_page() (bnc#971975 VM -- git fixes).
- mmc: dw_mmc: exynos: fix the suspend/resume issue for exynos5433 (bsc#1051510).
- mmc: jz4740: Fix race condition in IRQ mask update (bsc#1051510).
- mmc: sdhci-iproc: add SDHCI_QUIRK2_HOST_OFF_CARD_ON for cygnus (bsc#1051510).
- mmc: sdhci-iproc: fix 32bit writes for TRANSFER_MODE register (bsc#1051510).
- mmc: sdhci-iproc: remove hard coded mmc cap 1.8v (bsc#1051510).
- mmc: sdhci-pci: Fix voltage switch for some Intel host controllers (bsc#1051510).
- mmc: sdhci-pci: Only do AMD tuning for HS200 (bsc#1051510).
- mq-deadline: Enable auto-loading when built as module (bsc#1099918).
- mremap: Remove LATENCY_LIMIT from mremap to reduce the number of TLB shootdowns (bnc#1095115).
- mtd: cmdlinepart: Update comment for introduction of OFFSET_CONTINUOUS (bsc#1099918).
- mtd: jedec_probe: Fix crash in jedec_read_mfr() (bsc#1099918).
- mtd: nand: fsl_ifc: Fix eccstat array overflow for IFC ver >= 2.0.0 (bsc#1099918).
- mtd: partitions: add helper for deleting partition (bsc#1099918).
- mtd: partitions: remove sysfs files when deleting all master's partitions (bsc#1099918).
- mtd: ubi: wl: Fix error return code in ubi_wl_init() (bsc#1051510).
- mwifiex: pcie: tighten a check in mwifiex_pcie_process_event_ready() (bsc#1051510).
- n_tty: Access echo_* variables carefully (bsc#1051510).
- n_tty: Fix stall at n_tty_receive_char_special() (bsc#1051510).
- n_tty: fix EXTPROC vs ICANON interaction with TIOCINQ (aka FIONREAD) (bnc#1094825).
- nbd: do not start req until after the dead connection logic (bsc#1099918).
- nbd: fix -ERESTARTSYS handling (bsc#1099918).
- nbd: fix nbd device deletion (bsc#1099918).
- nbd: fix return value in error handling path (bsc#1099918).
- nbd: wait uninterruptible for the dead timeout (bsc#1099918).
- net sched actions: fix refcnt leak in skbmod (networking-stable-18_05_15).
- net sched actions: return explicit error when tunnel_key mode is not specified (bsc#1056787).
- net/ipv6: Fix route leaking between VRFs (networking-stable-18_04_10).
- net/ipv6: Increment OUTxxx counters after netfilter hook (networking-stable-18_04_10).
- net/iucv: Free memory obtained by kzalloc (networking-stable-18_03_28).
- net/mlx4_en: Fix an error handling path in 'mlx4_en_init_netdev()' (networking-stable-18_05_15).
- net/mlx4_en: Verify coalescing parameters are in range (networking-stable-18_05_15).
- net/mlx5: E-Switch, Include VF RDMA stats in vport statistics (networking-stable-18_05_15).
- net/mlx5: Eliminate query xsrq dead code (bsc#1046303).
- net/mlx5: Fix build break when CONFIG_SMP=n (bsc#1046303).
- net/mlx5: Fix mlx5_get_vector_affinity function (bsc#1046303).
- net/mlx5e: Allow offloading ipv4 header re-write for icmp (bsc#1046303).
- net/mlx5e: Do not reset Receive Queue params on every type change (bsc#1046303).
- net/mlx5e: Err if asked to offload TC match on frag being first (networking-stable-18_05_15).
- net/mlx5e: Fixed sleeping inside atomic context (bsc#1046303).
- net/mlx5e: Remove unused define MLX5_MPWRQ_STRIDES_PER_PAGE (bsc#1046303).
- net/mlx5e: TX, Use correct counter in dma_map error flow (networking-stable-18_05_15).
- net/sched: cls_u32: fix cls_u32 on filter replace (networking-stable-18_03_07).
- net/sched: fix NULL dereference in the error path of tcf_bpf_init() (bsc#1056787).
- net/sched: fix NULL dereference in the error path of tunnel_key_init() (bsc#1056787).
- net/sched: fix NULL dereference on the error path of tcf_skbmod_init() (bsc#1056787).
- net/sctp: Always set scope_id in sctp_inet6_skb_msgname (networking-stable-17_11_20).
- net/unix: do not show information about sockets from other namespaces (networking-stable-17_11_14).
- net/usb/qmi_wwan.c: Add USB id for lt4120 modem (bsc#1087092).
- net: Allow neigh contructor functions ability to modify the primary_key (networking-stable-18_01_28).
- net: Fix hlist corruptions in inet_evict_bucket() (networking-stable-18_03_28).
- net: Only honor ifindex in IP_PKTINFO if non-0 (networking-stable-18_03_28).
- net: Set sk_prot_creator when cloning sockets to the right proto (networking-stable-17_10_09).
- net: af_packet: fix race in PACKET_{R|T}X_RING (networking-stable-18_04_26).
- net: bonding: Fix transmit load balancing in balance-alb mode if specified by sysfs (networking-stable-17_10_09).
- net: bonding: fix tlb_dynamic_lb default value (networking-stable-17_10_09).
- net: bridge: fix early call to br_stp_change_bridge_id and plug newlink leaks (networking-stable-17_12_31).
- net: bridge: fix returning of vlan range op errors (networking-stable-17_11_14).
- net: core: fix module type in sock_diag_bind (networking-stable-18_01_12).
- net: dsa: bcm_sf2: Clear IDDQ_GLOBAL_PWR bit for PHY (networking-stable-17_12_31).
- net: dsa: check master device before put (networking-stable-17_11_14).
- net: dsa: mv88e6xxx: lock mutex when freeing IRQs (networking-stable-17_10_09).
- net: emac: Fix napi poll list corruption (networking-stable-17_10_09).
- net: ethernet: arc: Fix a potential memory leak if an optional regulator is deferred (networking-stable-18_03_28).
- net: ethernet: sun: niu set correct packet size in skb (networking-stable-18_05_15).
- net: ethernet: ti: cpsw: add check for in-band mode setting with RGMII PHY interface (networking-stable-18_03_28).
- net: ethernet: ti: cpsw: fix net watchdog timeout (networking-stable-18_03_07).
- net: ethernet: ti: cpsw: fix packet leaking in dual_mac mode (networking-stable-18_05_15).
- net: ethernet: ti: cpsw: fix tx vlan priority mapping (networking-stable-18_04_26).
- net: ethtool: Add missing kernel doc for FEC parameters (bsc#1046540).
- net: fec: Fix unbalanced PM runtime calls (networking-stable-18_03_28).
- net: fec: defer probe if regulator is not ready (networking-stable-18_01_12).
- net: fec: free/restore resource in related probe error pathes (networking-stable-18_01_12).
- net: fec: restore dev_id in the cases of probe error (networking-stable-18_01_12).
- net: fec: unmap the xmit buffer that are not transferred by DMA (networking-stable-17_12_31).
- net: fix deadlock while clearing neighbor proxy table (networking-stable-18_04_26).
- net: fix possible out-of-bound read in skb_network_protocol() (networking-stable-18_04_10).
- net: fool proof dev_valid_name() (networking-stable-18_04_10).
- net: igmp: Use correct source address on IGMPv3 reports (networking-stable-17_12_31).
- net: igmp: add a missing rcu locking section (git-fixes).
- net: igmp: fix source address check for IGMPv3 reports (git-fixes).
- net: ipv4: avoid unused variable warning for sysctl (git-fixes).
- net: ipv4: do not allow setting net.ipv4.route.min_pmtu below 68 (networking-stable-18_03_07).
- net: ipv6: keep sk status consistent after datagram connect failure (networking-stable-18_03_28).
- net: mvmdio: disable/unprepare clocks in EPROBE_DEFER case (networking-stable-17_12_31).
- net: phy: Fix mask value write on gmii2rgmii converter speed register (networking-stable-17_10_09).
- net: phy: Tell caller result of phy_change() (networking-stable-18_03_28).
- net: phy: fix phy_start to consider PHY_IGNORE_INTERRUPT (networking-stable-18_03_07).
- net: phy: marvell: Limit 88m1101 autoneg errata to 88E1145 as well (networking-stable-17_12_31).
- net: phy: micrel: ksz9031: reconfigure autoneg after phy autoneg workaround (networking-stable-17_12_31).
- net: qcom/emac: specify the correct size when mapping a DMA buffer (networking-stable-17_10_09).
- net: qdisc_pkt_len_init() should be more robust (networking-stable-18_01_28).
- net: qlge: use memmove instead of skb_copy_to_linear_data (bsc#1050529 bsc#1086319).
- net: realtek: r8169: implement set_link_ksettings() (networking-stable-17_12_12).
- net: reevalulate autoflowlabel setting after sysctl setting (networking-stable-17_12_31).
- net: remove hlist_nulls_add_tail_rcu() (networking-stable-17_12_12).
- net: sched: fix error path in tcf_proto_create() when modules are not configured (networking-stable-18_05_15).
- net: sched: ife: check on metadata length (networking-stable-18_04_26).
- net: sched: ife: handle malformed tlv length (networking-stable-18_04_26).
- net: sched: ife: signal not finding metaid (networking-stable-18_04_26).
- net: sched: report if filter is too large to dump (networking-stable-18_03_07).
- net: stmmac: enable EEE in MII, GMII or RGMII only (networking-stable-18_01_12).
- net: support compat 64-bit time in {s,g}etsockopt (networking-stable-18_05_15).
- net: systemport: Correct IPG length settings (networking-stable-17_11_20).
- net: systemport: Rewrite __bcm_sysport_tx_reclaim() (networking-stable-18_03_28).
- net: tcp: close sock if net namespace is exiting (networking-stable-18_01_28).
- net: validate attribute sizes in neigh_dump_table() (networking-stable-18_04_26).
- net: vrf: Add support for sends to local broadcast address (networking-stable-18_01_28).
- net_sched: fq: take care of throttled flows before reuse (networking-stable-18_05_15).
- netfilter/ipvs: clear ipvs_property flag when SKB net namespace changed (networking-stable-17_11_20).
- netfilter: use skb_to_full_sk in ip6_route_me_harder (bsc#1076830).
- netlink: avoid a double skb free in genlmsg_mcast() (git-fixes).
- netlink: do not proceed if dump's start() errs (networking-stable-17_10_09).
- netlink: do not set cb_running if dump's start() errs (networking-stable-17_11_14).
- netlink: ensure to loop over all netns in genlmsg_multicast_allns() (networking-stable-18_03_07).
- netlink: extack needs to be reset each time through loop (networking-stable-18_01_28).
- netlink: make sure nladdr has correct size in netlink_connect() (networking-stable-18_04_10).
- netlink: put module reference if dump start fails (git-fixes).
- netlink: reset extack earlier in netlink_rcv_skb (networking-stable-18_01_28).
- nfit-test: Add platform cap support from ACPI 6.2a to test (bsc#1091424).
- nfit: skip region registration for incomplete control regions (bsc#1091666).
- nfp: use full 40 bits of the NSP buffer address (bsc#1055968).
- nl80211: relax ht operation checks for mesh (bsc#1051510).
- nubus: Avoid array underflow and overflow (bsc#1099918).
- nubus: Fix up header split (bsc#1099918).
- nvme-fabrics: allow duplicate connections to the discovery controller (bsc#1098706).
- nvme-fabrics: allow internal passthrough command on deleting controllers (bsc#1098706).
- nvme-fabrics: centralize discovery controller defaults (bsc#1098706).
- nvme-fabrics: fix and refine state checks in __nvmf_check_ready (bsc#1098706).
- nvme-fabrics: handle the admin-only case properly in nvmf_check_ready (bsc#1098706).
- nvme-fabrics: refactor queue ready check (bsc#1098706).
- nvme-fabrics: remove unnecessary controller subnqn validation (bsc#1098706).
- nvme-fc: change controllers first connect to use reconnect path (bsc#1098706).
- nvme-fc: fix nulling of queue data on reconnect (bsc#1098706).
- nvme-fc: release io queues to allow fast fail (bsc#1098706).
- nvme-fc: remove reinit_request routine (bsc#1098706).
- nvme-fc: remove setting DNR on exception conditions (bsc#1098706).
- nvme-multipath: fix sysfs dangerously created links (bsc#1096529).
- nvme-rdma: Fix command completion race at error recovery (bsc#1099041).
- nvme-rdma: correctly check for target keyed sgl support (bsc#1099041).
- nvme-rdma: do not override opts->queue_size (bsc#1099041).
- nvme-rdma: fix error flow during mapping request data (bsc#1099041).
- nvme-rdma: fix possible double free condition when failing to create a controller (bsc#1099041).
- nvme/multipath: Fix multipath disabled naming collisions (bsc#1098706).
- nvme: Set integrity flag for user passthrough commands (bsc#1098706).
- nvme: Skip checking heads without namespaces (bsc#1098706).
- nvme: Use admin command effects for admin commands (bsc#1098706).
- nvme: add quirk to force medium priority for SQ creation ().
- nvme: allow duplicate controller if prior controller being deleted (bsc#1098706).
- nvme: check return value of init_srcu_struct function (bsc#1098706).
- nvme: do not send keep-alives to the discovery controller ().
- nvme: expand nvmf_check_if_ready checks (bsc#1098706).
- nvme: fix NULL pointer dereference in nvme_init_subsystem (bsc#1098706).
- nvme: fix extended data LBA supported setting ().
- nvme: fix lockdep warning in nvme_mpath_clear_current_path ().
- nvme: fix potential memory leak in option parsing (bsc#1098706).
- nvme: move init of keep_alive work item to controller initialization (bsc#1098706).
- nvme: target: fix buffer overflow ().
- nvmet-fc: increase LS buffer count per fc port (bsc#1098706).
- nvmet: fix space padding in serial number ().
- nvmet: switch loopback target state to connecting when resetting (bsc#1098706).
- objtool, perf: Fix GCC 8 -Wrestrict error (Fix gcc 8 restrict error).
- ocfs2/acl: use 'ip_xattr_sem' to protect getting extended attribute (bsc#1052766).
- ocfs2/dlm: Fix up kABI in dlm_ctxt (bsc#1052766).
- ocfs2/dlm: wait for dlm recovery done when migrating all lock resources (bsc#1052766).
- ocfs2: return -EROFS to mount.ocfs2 if inode block is invalid (bsc#1052766).
- of: overlay: validate offset from property fixups (bsc#1051510).
- of: platform: stop accessing invalid dev in of_platform_device_destroy (bsc#1051510).
- of: unittest: for strings, account for trailing \0 in property length field (bsc#1051510).
- omapdrm: panel: fix compatible vendor string for td028ttec1 (bsc#1051510).
- openvswitch: Do not swap table in nlattr_set() after OVS_ATTR_NESTED is found (networking-stable-18_05_15).
- ovl: Put upperdentry if ovl_check_origin() fails (bsc#1088704).
- ovl: Return -ENOMEM if an allocation fails ovl_lookup() (bsc#1096065).
- ovl: fix failure to fsync lower dir (bsc#108871).
- ovl: fix lookup with middle layer opaque dir and absolute path redirects (bsc#1090605).
- p54: do not unregister leds when they are not initialized (bsc#1051510).
- parport_pc: Add support for WCH CH382L PCI-E single parallel port card (bsc#1051510).
- partitions/msdos: Unable to mount UFS 44bsd partitions (bsc#1051510).
- pinctrl/amd: Fix build dependency on pinmux code (bsc#1051510).
- pinctrl/amd: save pin registers over suspend/resume (bsc#1051510).
- pinctrl: adi2: Fix Kconfig build problem (bsc#1051510).
- pinctrl: armada-37xx: Fix direction_output() callback behavior (bsc#1051510).
- pinctrl: artpec6: dt: add missing pin group uart5nocts (bsc#1051510).
- pinctrl: baytrail: Enable glitch filter for GPIOs used as interrupts (bsc#1051510).
- pinctrl: denverton: Fix UART2 RTS pin mode (bsc#1051510).
- pinctrl: pxa: pxa2xx: add missing MODULE_DESCRIPTION/AUTHOR/LICENSE (bsc#1051510).
- pinctrl: rockchip: enable clock when reading pin direction register (bsc#1051510).
- pinctrl: samsung: Fix NULL pointer exception on external interrupts on S3C24xx (bsc#1051510).
- pinctrl: samsung: Fix invalid register offset used for Exynos5433 external interrupts (bsc#1051510).
- pinctrl: sh-pfc: r8a7795-es1: Fix MOD_SEL1 bit[25:24] to 0x3 when using STP_ISEN_1_D (bsc#1051510).
- pinctrl: sh-pfc: r8a7796: Fix MOD_SEL register pin assignment for SSI pins group (bsc#1051510).
- pinctrl: sunxi: Fix A64 UART mux value (bsc#1051510).
- pinctrl: sunxi: Fix A80 interrupt pin bank (bsc#1051510).
- pinctrl: sx150x: Add a static gpio/pinctrl pin range mapping (bsc#1051510).
- pinctrl: sx150x: Register pinctrl before adding the gpiochip (bsc#1051510).
- pinctrl: sx150x: Unregister the pinctrl on release (bsc#1051510).
- pipe: fix off-by-one error when checking buffer limits (bsc#1051510).
- pktcdvd: Fix a recently introduced NULL pointer dereference (bsc#1099918).
- pktcdvd: Fix pkt_setup_dev() error path (bsc#1099918).
- platform/chrome: Use proper protocol transfer function (bsc#1051510).
- platform/chrome: cros_ec_lpc: remove redundant pointer request (bsc#1051510).
- platform/x86: asus-wireless: Fix NULL pointer dereference (bsc#1051510).
- platform/x86: asus-wmi: Fix NULL pointer dereference (bsc#1051510).
- platform/x86: fujitsu-laptop: Support Lifebook U7x7 hotkeys (bsc#1087284).
- platform/x86: ideapad-laptop: Add MIIX 720-12IKB to no_hw_rfkill (bsc#1093035).
- platform/x86: ideapad-laptop: Apply no_hw_rfkill to Y20-15IKBM, too (bsc#1098626).
- platform/x86: thinkpad_acpi: suppress warning about palm detection (bsc#1051510).
- power: supply: ab8500_charger: Bail out in case of error in 'ab8500_charger_init_hw_registers()' (bsc#1051510).
- power: supply: ab8500_charger: Fix an error handling path (bsc#1051510).
- power: supply: axp288_charger: Properly stop work on probe-error / remove (bsc#1051510).
- powerpc/64s/idle: avoid sync for KVM state when waking from idle (bsc#1061840).
- powerpc/64s: Fix mce accounting for powernv (bsc#1094244).
- powerpc/fadump: Do not use hugepages when fadump is active (bsc#1092772).
- powerpc/fadump: exclude memory holes while reserving memory in second kernel (bsc#1092772).
- powerpc/kvm: Fix guest boot failure on Power9 since DAWR changes (bsc#1061840).
- powerpc/kvm: Fix lockups when running KVM guests on Power8 (bsc#1061840).
- powerpc/livepatch: Fix KABI breaker in stacktrace.c (bsc#1071995 bsc#1072856 bsc#1087458 bsc#1089664 bsc#1089669).
- powerpc/livepatch: Fix build error with kprobes disabled (bsc#1071995).
- powerpc/mm: Fix thread_pkey_regs_init() (bsc#1078248, git-fixes).
- powerpc/perf: Add blacklisted events for Power9 DD2.1 (bsc1056686).
- powerpc/perf: Add blacklisted events for Power9 DD2.2 (bsc1056686).
- powerpc/perf: Fix kernel address leak via sampling registers (bsc1056686).
- powerpc/perf: Infrastructure to support addition of blacklisted events (bsc1056686).
- powerpc/perf: Prevent kernel address leak to userspace via BHRB buffer (bsc1056686).
- powerpc/perf: Prevent kernel address leak via perf_get_data_addr() (bsc1056686).
- powerpc/perf: fix bug references.
- powerpc/pkeys: Detach execute_only key on !PROT_EXEC (bsc#1078248, git-fixes).
- powerpc/pkeys: Drop private VM_PKEY definitions (bsc#1078248).
- powerpc/ptrace: Fix enforcement of DAWR constraints (bsc#1099918).
- powerpc/xmon: Also setup debugger hooks when single-stepping (bsc#1072829).
- powerpc64/ftrace: Add a field in paca to disable ftrace in unsafe code paths (bsc#1088804).
- powerpc64/ftrace: Add helpers to hard disable ftrace (bsc#1088804).
- powerpc64/ftrace: Delay enabling ftrace on secondary cpus (bsc#1088804).
- powerpc64/ftrace: Disable ftrace during hotplug (bsc#1088804).
- powerpc64/ftrace: Disable ftrace during kvm guest entry/exit (bsc#1088804).
- powerpc64/ftrace: Rearrange #ifdef sections in ftrace.h (bsc#1088804).
- powerpc64/ftrace: Use the generic version of ftrace_replace_code() (bsc#1088804).
- powerpc64/kexec: Hard disable ftrace before switching to the new kernel (bsc#1088804).
- powerpc64/module: Tighten detection of mcount call sites with -mprofile-kernel (bsc#1088804).
- powerpc: Machine check interrupt is a non-maskable interrupt (bsc#1094244).
- ppp: avoid loop in xmit recursion detection code (networking-stable-18_03_28).
- ppp: fix race in ppp device destruction (networking-stable-17_11_14).
- ppp: prevent unregistered channels from connecting to PPP units (networking-stable-18_03_07).
- ppp: unlock all_ppp_mutex before registering device (networking-stable-18_01_28).
- pppoe: check sockaddr length in pppoe_connect() (networking-stable-18_04_26).
- pppoe: take ->needed_headroom of lower device into account on xmit (networking-stable-18_01_28).
- pptp: remove a buggy dst release in pptp_connect() (networking-stable-18_04_10).
- printk: fix possible reuse of va_list variable (bsc#1100602).
- procfs: add tunable for fd/fdinfo dentry retention (bsc#1086652).
- ptr_ring: add barriers (networking-stable-17_12_31).
- pty: cancel pty slave port buf's work in tty_release (bsc#1051510).
- pwm: lpss: platform: Save/restore the ctrl register over a suspend/resume (bsc#1051510).
- pwm: rcar: Fix a condition to prevent mismatch value setting to duty (bsc#1051510).
- pwm: stmpe: Fix wrong register offset for hwpwm=2 case (bsc#1051510).
- qed: Fix l2 initializations over iWARP personality (bsc#1050536 bsc#1050545).
- qed: Fix non TCP packets should be dropped on iWARP ll2 connection (bsc#1050545).
- qed: Free RoCE ILT Memory on rmmod qedr (bsc#1050536 bsc#1050545).
- qed: Use after free in qed_rdma_free() (bsc#1050536 bsc#1050545).
- qede: Fix gfp flags sent to rdma event node allocation (bsc#1050538 bsc#1050545).
- qede: Fix qedr link update (bsc#1050538 bsc#1050545).
- qla2xxx: Mask off Scope bits in retry delay (bsc#1068054).
- qmi_wwan: Add missing skb_reset_mac_header-call (networking-stable-17_11_20).
- qmi_wwan: Add support for Quectel EP06 (networking-stable-18_02_06).
- qmi_wwan: do not steal interfaces from class drivers (bsc#1092888).
- r8169: fix powering up RTL8168h (bsc#1051510).
- r8169: fix setting driver_data after register_netdev (bsc#1051510).
- radeon: hide pointless #warning when compile testing (bsc#1051510).
- radix tree test suite: add item_delete_rcu() (bsc#1095467).
- radix tree test suite: fix compilation issue (bsc#1095467).
- radix tree test suite: fix mapshift build target (bsc#1095467).
- radix tree test suite: multi-order iteration race (bsc#1095467).
- radix tree: fix multi-order iteration race (bsc#1095467).
- raid10: check bio in r10buf_pool_free to void NULL pointer dereference (bsc#1098174).
- raid1: copy write hint from master bio to behind bio (bsc#1093023).
- raid1: prevent freeze_array/wait_all_barriers deadlock (bsc#1093023).
- raid1: remove obsolete code in raid1_write_request (bsc#1093023).
- raid5-ppl: PPL support for disks with write-back cache enabled (bsc#1093023).
- raid5-ppl: fix handling flush requests (bsc#1093023).
- raid5: Set R5_Expanded on parity devices as well as data (bsc#1093023).
- raid5: remove raid5_build_block (bsc#1093023).
- raid: remove tile specific raid6 implementation (bsc#1093023).
- random: crng_reseed() should lock the crng instance that it is modifying (bsc#1051510).
- random: use a different mixing algorithm for add_device_randomness() (bsc#1051510).
- random: use a tighter cap in credit_entropy_bits_safe() (bsc#1051510).
- rbd: use GFP_NOIO for parent stat and data requests (bsc#1093728).
- rds: Incorrect reference counting in TCP socket creation (bsc#1076830).
- rds: MP-RDS may use an invalid c_path (networking-stable-18_04_13).
- rds: do not leak kernel memory to user land (networking-stable-18_05_15).
- regulator: Do not return or expect -errno from of_map_mode() (bsc#1099029).
- regulator: cpcap: Fix standby mode (bsc#1051510).
- regulator: gpio: Fix some error handling paths in 'gpio_regulator_probe()' (bsc#1091960).
- regulator: of: Add a missing 'of_node_put()' in an error handling path of 'of_regulator_match()' (bsc#1051510).
- resource: fix integer overflow at reallocation (bsc#1086739).
- restore cond_resched() in shrink_dcache_parent() (bsc#1098599).
- rfkill: gpio: fix memory leak in probe error path (bsc#1051510).
- rhashtable: Fix rhlist duplicates insertion (bsc#1051510).
- rmdir(),rename(): do shrink_dcache_parent() only on success (bsc#1100340).
- rocker: fix possible null pointer dereference in rocker_router_fib_event_work (networking-stable-18_02_06).
- route: check sysctl_fib_multipath_use_neigh earlier than hash (networking-stable-18_04_10).
- rpm/config.sh: Fixup BUGZILLA_PRODUCT variable
- rpm/kernel-docs.spec.in: Fix and cleanup for 4.13 doc build (bsc#1048129) The whole DocBook stuff has been deleted. The PDF build still non-working thus the sub-packaging disabled so far.
- rpm/kernel-source.changes.old: Add pre-SLE15 history (bsc#1098995).
- rpm/modules.fips include module list from dracut
- rt2x00: do not pause queue unconditionally on error path (bsc#1051510).
- rtc-opal: Fix handling of firmware error codes, prevent busy loops (bsc#1051510).
- rtc: hctosys: Ensure system time does not overflow time_t (bsc#1051510).
- rtc: pcf8563: fix output clock rate (bsc#1051510).
- rtc: pl031: make interrupt optional (bsc#1051510).
- rtc: snvs: Fix usage of snvs_rtc_enable (bsc#1051510).
- rtc: tx4939: avoid unintended sign extension on a 24 bit shift (bsc#1051510).
- rtl8187: Fix NULL pointer dereference in priv->conf_mutex (bsc#1051510).
- rtlwifi: rtl8192cu: Remove variable self-assignment in rf.c (bsc#1051510).
- rxrpc: Fix send in rxrpc_send_data_packet() (networking-stable-18_03_07).
- s390/archrandom: Reconsider s390 arch random implementation (bnc#1096753, LTC#168037).
- s390/archrandom: Rework arch random implementation (bnc#1096753, LTC#168037).
- s390/cio: update chpid descriptor after resource accessibility event (bnc#1093148, LTC#167307).
- s390/cpum_sf: ensure sample frequency of perf event attributes is non-zero (bnc#1096753, LTC#168037).
- s390/dasd: fix IO error for newly defined devices (bnc#1093148, LTC#167307).
- s390/qdio: do not merge ERROR output buffers (bsc#1099715).
- s390/qdio: fix access to uninitialized qdio_q fields (bnc#1096753, LTC#168037).
- s390/qeth: do not dump control cmd twice (bsc#1099715).
- s390/qeth: fix IPA command submission race (networking-stable-18_03_07).
- s390/qeth: fix IPA command submission race (bsc#1099715).
- s390/qeth: fix MAC address update sequence (bnc#1093148, LTC#167307).
- s390/qeth: fix overestimated count of buffer elements (bsc#1099715).
- s390/qeth: fix overestimated count of buffer elements (networking-stable-18_03_07).
- s390/qeth: free netdevice when removing a card (networking-stable-18_03_28).
- s390/qeth: free netdevice when removing a card (bsc#1099715).
- s390/qeth: lock read device while queueing next buffer (bsc#1099715).
- s390/qeth: lock read device while queueing next buffer (networking-stable-18_03_28).
- s390/qeth: translate SETVLAN/DELVLAN errors (bnc#1093148, LTC#167307).
- s390/qeth: use Read device to query hypervisor for MAC (bsc#1061024).
- s390/qeth: when thread completes, wake up all waiters (bsc#1099715).
- s390/qeth: when thread completes, wake up all waiters (networking-stable-18_03_28).
- s390/uprobes: implement arch_uretprobe_is_alive() (bnc#1093148, LTC#167307).
- s390/zcrypt: Fix CCA and EP11 CPRB processing failure memory leak (bnc#1096753, LTC#168037).
- sch_netem: fix skb leak in netem_enqueue() (networking-stable-18_03_28).
- sched/numa: Stagger NUMA balancing scan periods for new threads (Automatic NUMA Balancing ()).
- sched: Make resched_cpu() unconditional (Git-fixes).
- sched: Stop resched_cpu() from sending IPIs to offline CPUs (Git-fixes).
- sched: Stop switched_to_rt() from sending IPIs to offline CPUs (Git-fixes).
- scripts/git_sort/git_sort.py:
- scripts/git_sort/git_sort.py: add Viro's vfs git
- scsi: core: return BLK_STS_OK for DID_OK in __scsi_error_from_host_byte() (bsc#1099918).
- scsi: ipr: Format HCAM overlay ID 0x41 (bsc#1097961).
- scsi: ipr: new IOASC update (bsc#1097961).
- scsi: lpfc: Add per io channel NVME IO statistics (bsc#1088866).
- scsi: lpfc: Change IO submit return to EBUSY if remote port is recovering (bsc#1088866).
- scsi: lpfc: Comment cleanup regarding Broadcom copyright header (bsc#1088866).
- scsi: lpfc: Correct fw download error message (bsc#1088866).
- scsi: lpfc: Correct missing remoteport registration during link bounces (bsc#1088866).
- scsi: lpfc: Correct target queue depth application changes (bsc#1088866).
- scsi: lpfc: Driver NVME load fails when CPU cnt > WQ resource cnt (bsc#1088866).
- scsi: lpfc: Enhance log messages when reporting CQE errors (bsc#1088866).
- scsi: lpfc: Enlarge nvmet asynchronous receive buffer counts (bsc#1088866).
- scsi: lpfc: Fix 16gb hbas failing cq create (bsc#1093290).
- scsi: lpfc: Fix Abort request WQ selection (bsc#1088866).
- scsi: lpfc: Fix MDS diagnostics failure (Rx andlt; Tx) (bsc#1088866).
- scsi: lpfc: Fix NULL pointer access in lpfc_nvme_info_show (bsc#1088866).
- scsi: lpfc: Fix NULL pointer reference when resetting adapter (bsc#1088866).
- scsi: lpfc: Fix crash in blk_mq layer when executing modprobe -r lpfc (bsc#1088866).
- scsi: lpfc: Fix driver not recovering NVME rports during target link faults (bsc#1088866).
- scsi: lpfc: Fix lingering lpfc_wq resource after driver unload (bsc#1088866).
- scsi: lpfc: Fix multiple PRLI completion error path (bsc#1088866).
- scsi: lpfc: Fix nvme remoteport registration race conditions (bsc#1088866).
- scsi: lpfc: Fix port initialization failure (bsc#1093290).
- scsi: lpfc: Fix up log messages and stats counters in IO submit code path (bsc#1088866).
- scsi: lpfc: Handle new link fault code returned by adapter firmware (bsc#1088866).
- scsi: lpfc: correct oversubscription of nvme io requests for an adapter (bsc#1088866).
- scsi: lpfc: enhance LE data structure copies to hardware (bsc#1088866).
- scsi: lpfc: fix spelling mistakes: 'mabilbox' and 'maibox' (bsc#1088866).
- scsi: lpfc: update driver version to 12.0.0.2 (bsc#1088866).
- scsi: lpfc: update driver version to 12.0.0.3 (bsc#1088866).
- scsi: lpfc: update driver version to 12.0.0.4 (bsc#1088866).
- scsi: qla2xxx: Add FC-NVMe abort processing (bsc#1084570).
- scsi: qla2xxx: Add changes for devloss timeout in driver (bsc#1084570).
- scsi: qla2xxx: Cleanup code to improve FC-NVMe error handling (bsc#1084570).
- scsi: qla2xxx: Delete session for nport id change (bsc#1077338).
- scsi: qla2xxx: Fix Async GPN_FT for FCP and FC-NVMe scan (bsc#1084570).
- scsi: qla2xxx: Fix FC-NVMe IO abort during driver reset (bsc#1084570).
- scsi: qla2xxx: Fix n2n_ae flag to prevent dev_loss on PDB change (bsc#1084570).
- scsi: qla2xxx: Fix retry for PRLI RJT with reason of BUSY (bsc#1084570).
- scsi: qla2xxx: Fix small memory leak in qla2x00_probe_one on probe failure (bsc#1077338).
- scsi: qla2xxx: Remove nvme_done_list (bsc#1084570).
- scsi: qla2xxx: Remove unneeded message and minor cleanup for FC-NVMe (bsc#1084570).
- scsi: qla2xxx: Restore ZIO threshold setting (bsc#1084570).
- scsi: qla2xxx: Return busy if rport going away (bsc#1084570).
- scsi: qla2xxx: Set IIDMA and fcport state before qla_nvme_register_remote() (bsc#1084570).
- scsi: qla2xxx: Update driver version to 10.00.00.06-k (bsc#1084570).
- scsi: raid_class: Add 'JBOD' RAID level (bsc#1093023).
- scsi: sg: mitigate read/write abuse (bsc#1101296).
- scsi: target: fix crash with iscsi target and dvd (bsc#1099918).
- sctp: delay the authentication for the duplicated cookie-echo chunk (networking-stable-18_05_15).
- sctp: do not check port in sctp_inet6_cmp_addr (networking-stable-18_04_26).
- sctp: do not leak kernel memory to user space (networking-stable-18_04_10).
- sctp: do not retransmit upon FragNeeded if PMTU discovery is disabled (networking-stable-18_01_12).
- sctp: fix dst refcnt leak in sctp_v6_get_dst() (networking-stable-18_03_07).
- sctp: fix the handling of ICMP Frag Needed for too small MTUs (networking-stable-18_01_12).
- sctp: fix the issue that the cookie-ack with auth can't get processed (networking-stable-18_05_15).
- sctp: full support for ipv6 ip_nonlocal_bind and IP_FREEBIND (networking-stable-17_11_14).
- sctp: handle two v4 addrs comparison in sctp_inet6_cmp_addr (git-fixes).
- sctp: potential read out of bounds in sctp_ulpevent_type_enabled() (networking-stable-17_10_09).
- sctp: remove sctp_chunk_put from fail_mark err path in sctp_ulpevent_make_rcvmsg (networking-stable-18_05_15).
- sctp: reset owner sk for data chunks on out queues when migrating a sock (networking-stable-17_11_14).
- sctp: sctp_sockaddr_af must check minimal addr length for AF_INET6 (networking-stable-18_04_10).
- sctp: use right member as the param of list_for_each_entry (git-fixes).
- sctp: use the old asoc when making the cookie-ack chunk in dupcook_d (networking-stable-18_05_15).
- sdhci: Advertise 2.0v supply on SDIO host controller (bsc#1051510).
- selinux: KASAN: slab-out-of-bounds in xattr_getsecurity (bsc#1051510).
- selinux: ensure the context is NUL terminated in security_context_to_sid_core() (bsc#1051510).
- selinux: skip bounded transition processing if the policy isn't loaded (bsc#1051510).
- serdev: fix memleak on module unload (bsc#1051510).
- serdev: fix receive_buf return value when no callback (bsc#1051510).
- serdev: fix registration of second slave (bsc#1051510).
- serdev: ttyport: add missing open() error handling (bsc#1051510).
- serdev: ttyport: add missing receive_buf sanity checks (bsc#1051510).
- serdev: ttyport: enforce tty-driver open() requirement (bsc#1051510).
- serdev: ttyport: fix NULL-deref on hangup (bsc#1051510).
- serdev: ttyport: fix tty locking in close (bsc#1051510).
- serial: 8250: Preserve DLD[7:4] for PORT_XR17V35X (bsc#1051510).
- serial: 8250: omap: Fix idling of clocks for unused uarts (bsc#1051510).
- serial: 8250_dw: Disable clock on error (bsc#1051510).
- serial: 8250_fintek: Fix finding base_port with activated SuperIO (bsc#1051510).
- serial: 8250_pci: Add Brainboxes UC-260 4 port serial device (bsc#1051510).
- serial: altera: ensure port->regshift is honored consistently (bsc#1051510).
- serial: arc_uart: Fix out-of-bounds access through DT alias (bsc#1051510).
- serial: core: mark port as initialized in autoconfig (bsc#1051510).
- serial: fsl_lpuart: Fix out-of-bounds access through DT alias (bsc#1051510).
- serial: imx: Fix out-of-bounds access through serial port index (bsc#1051510).
- serial: imx: Only wakeup via RTSDEN bit if the system has RTS/CTS (bsc#1051510).
- serial: mxs-auart: Fix out-of-bounds access through serial port index (bsc#1051510).
- serial: omap: Fix EFR write on RTS deassertion (bsc#1051510).
- serial: samsung: Fix out-of-bounds access through serial port index (bsc#1051510).
- serial: samsung: fix maxburst parameter for DMA transactions (bsc#1051510).
- serial: sh-sci: Fix out-of-bounds access through DT alias (bsc#1051510).
- serial: sh-sci: Stop using printk format %pCr (bsc#1051510).
- serial: sh-sci: prevent lockup on full TTY buffers (bsc#1051510).
- serial: xuartps: Fix out-of-bounds access through DT alias (bsc#1051510).
- sget(): handle failures of register_shrinker() (bsc#1052766).
- sh_eth: fix SH7757 GEther initialization (networking-stable-18_01_12).
- sh_eth: fix TSU resource handling (networking-stable-18_01_12).
- skbuff: Fix not waking applications when errors are enqueued (networking-stable-18_03_28).
- sky2: Increase D3 delay to sky2 stops working after suspend (bsc#1051510).
- slip: Check if rstate is initialized before uncompressing (networking-stable-18_04_13).
- sock: free skb in skb_complete_tx_timestamp on error (networking-stable-17_12_31).
- soreuseport: fix mem leak in reuseport_add_sock() (networking-stable-18_02_06).
- spi: Fix scatterlist elements size in spi_map_buf (bsc#1051510).
- spi: a3700: Fix clk prescaling for coefficient over 15 (bsc#1051510).
- spi: a3700: Return correct value on timeout detection (bsc#1051510).
- spi: armada-3700: Fix failing commands with quad-SPI (bsc#1051510).
- spi: atmel: fixed spin_lock usage inside atmel_spi_remove (bsc#1051510).
- spi: atmel: init FIFOs before spi enable (bsc#1051510).
- spi: bcm-qspi: Fix use after free in bcm_qspi_probe() in error path (bsc#1051510).
- spi: imx: do not access registers while clocks disabled (bsc#1051510).
- spi: sh-msiof: Fix DMA transfer size check (bsc#1051510).
- spi: spi-axi: fix potential use-after-free after deregistration (bsc#1051510).
- spi: sun4i: disable clocks in the remove function (bsc#1051510).
- spi: sun6i: disable/unprepare clocks on remove (bsc#1051510).
- spi: xilinx: Detect stall with Unknown commands (bsc#1051510).
- srcu: Provide ordering for CPU not involved in grace period (bsc#1052766).
- staging: bcm2835-audio: Release resources on module_exit() (bsc#1051510).
- staging: comedi: fix comedi_nsamples_left (bsc#1051510).
- staging: comedi: ni_mio_common: ack ai fifo error interrupts (bsc#1051510).
- staging: iio: ad5933: switch buffer mode to software (bsc#1051510).
- staging: iio: ad7192: Fix - use the dedicated reset function avoiding dma from stack (bsc#1051510).
- staging: iio: adc: ad7192: fix external frequency setting (bsc#1051510).
- staging: rtl8192u: return -ENOMEM on failed allocation of priv->oldaddr (bsc#1051510).
- staging: vchiq_2835_arm: Fix NULL ptr dereference in free_pagelist (bsc#1051510).
- staging: wilc1000: Fix bssid buffer offset in Txq (bsc#1051510).
- stm class: Fix a use-after-free (bsc#1051510).
- stm class: Use vmalloc for the master map (bsc#1051510).
- stmmac: reset last TSO segment size after device open (networking-stable-17_12_12).
- strparser: Do not call mod_delayed_work with a timeout of LONG_MAX (networking-stable-18_04_26).
- strparser: Fix incorrect strp->need_bytes value (networking-stable-18_04_26).
- strparser: Fix sign of err codes (networking-stable-18_04_10).
- sunrpc: remove incorrect HMAC request initialization (bsc#1051510).
- supported.conf: Remove external flag from iwlwifi modules (bsc#1093273)
- supported.conf: fix folder of the driver module
- swap: divide-by-zero when zero length swap file on ssd (bsc#1051510).
- swiotlb: suppress warning when __GFP_NOWARN is set (bsc#1051510).
- tap: reference to KVA of an unloaded module causes kernel panic (networking-stable-17_11_14).
- target: transport should handle st FM/EOM/ILI reads (bsc#1081599).
- tcp: do not read out-of-bounds opsize (networking-stable-18_04_26).
- tcp: fix data delivery rate (networking-stable-17_10_09).
- tcp: ignore Fast Open on repair mode (networking-stable-18_05_15).
- tcp: md5: reject TCP_MD5SIG or TCP_MD5SIG_EXT on established sockets (networking-stable-18_04_26).
- tcp: release sk_frag.page in tcp_disconnect (networking-stable-18_02_06).
- tcp: revert F-RTO extension to detect more spurious timeouts (networking-stable-18_03_07).
- tcp: revert F-RTO middle-box workaround (bsc#1076830).
- tcp_bbr: fix to zero idle_restart only upon S/ACKed data (networking-stable-18_05_15).
- tcp_bbr: record 'full bw reached' decision in new full_bw_reached bit (networking-stable-17_12_31).
- tcp_bbr: reset full pipe detection on loss recovery undo (networking-stable-17_12_31).
- tcp_bbr: reset long-term bandwidth sampling on loss recovery undo (networking-stable-17_12_31).
- tcp_nv: fix division by zero in tcpnv_acked() (networking-stable-17_11_20).
- team: Fix double free in error path (networking-stable-18_03_28).
- team: avoid adding twice the same option to the event list (networking-stable-18_04_26).
- team: fix netconsole setup over team (networking-stable-18_04_26).
- team: move dev_mc_sync after master_upper_dev_link in team_port_add (networking-stable-18_04_10).
- tee: check shm references are consistent in offset/size (bsc#1051510).
- tee: shm: fix use-after-free via temporarily dropped reference (bsc#1051510).
- test_firmware: fix missing unlock on error in config_num_requests_store() (bsc#1051510).
- test_firmware: fix setting old custom fw path back on exit (bsc#1051510).
- test_firmware: fix setting old custom fw path back on exit, second try (bsc#1051510).
- tg3: APE heartbeat changes (bsc#1086286).
- tg3: Add Macronix NVRAM support (bsc#1086286).
- tg3: Fix vunmap() BUG_ON() triggered from tg3_free_consistent() (bsc#1086286).
- tg3: prevent scheduling while atomic splat (bsc#1086286).
- thermal/drivers/step_wise: Fix temperature regulation misbehavior (bsc#1051510).
- thermal: bcm2835: Stop using printk format %pCr (bsc#1051510).
- thermal: enable broadcom menu for arm64 bcm2835 (bsc#1095573).
- thermal: exynos: Propagate error value from tmu_read() (bsc#1051510).
- thermal: exynos: Reading temperature makes sense only when TMU is turned on (bsc#1051510).
- thermal: imx: Fix race condition in imx_thermal_probe() (bsc#1051510).
- thermal: int3400_thermal: fix error handling in int3400_thermal_probe() (bsc#1051510).
- thermal: int3403_thermal: Fix NULL pointer deref on module load / probe (bsc#1051510).
- thermal: power_allocator: fix one race condition issue for thermal_instances list (bsc#1051510).
- thunderbolt: Prevent crash when ICM firmware is not running (bsc#1090888).
- thunderbolt: Resume control channel after hibernation image is created (bsc#1051510).
- thunderbolt: Serialize PCIe tunnel creation with PCI rescan (bsc#1090888).
- thunderbolt: Wait a bit longer for ICM to authenticate the active NVM (bsc#1090888).
- timekeeping: Eliminate the stale declaration of ktime_get_raw_and_real_ts64() (bsc#1099918).
- timers: Invoke timer_start_debug() where it makes sense (Git-fixes).
- timers: Reinitialize per cpu bases on hotplug (Git-fixes).
- timers: Unconditionally check deferrable base (Git-fixes).
- timers: Use deferrable base independent of base::nohz_active (Git-fixes).
- tipc: add policy for TIPC_NLA_NET_ADDR (networking-stable-18_04_26).
- tipc: fix a memory leak in tipc_nl_node_get_link() (networking-stable-18_01_28).
- tipc: fix hanging poll() for stream sockets (networking-stable-17_12_31).
- tipc: fix memory leak in tipc_accept_from_sock() (networking-stable-17_12_12).
- tools headers: Restore READ_ONCE() C++ compatibility (bsc#1093023).
- tools/lib/subcmd/pager.c: do not alias select() params (Fix gcc 8 restrict error).
- tracing/uprobe_event: Fix strncpy corner case (bsc#1099918).
- tracing: Fix converting enum's from the map in trace_event_eval_update() (bsc#1099918).
- tracing: Fix missing tab for hwlat_detector print format (bsc#1099918).
- tracing: Kconfig text fixes for CONFIG_HWLAT_TRACER (bsc#1099918).
- tracing: Make the snapshot trigger work with instances (bsc#1099918).
- tracing: probeevent: Fix to support minus offset from symbol (bsc#1099918).
- tty fix oops when rmmod 8250 (bsc#1051510).
- tty/serial: atmel: add new version check for usart (bsc#1051510).
- tty/serial: atmel: use port->name as name in request_irq() (bsc#1051510).
- tty: Avoid possible error pointer dereference at tty_ldisc_restore() (bsc#1051510).
- tty: Do not call panic() at tty_ldisc_init() (bsc#1051510).
- tty: Use __GFP_NOFAIL for tty_ldisc_get() (bsc#1051510).
- tty: fix __tty_insert_flip_char regression (bsc#1051510).
- tty: fix tty_ldisc_receive_buf() documentation (bsc#1051510).
- tty: improve tty_insert_flip_char() fast path (bsc#1051510).
- tty: improve tty_insert_flip_char() slow path (bsc#1051510).
- tty: make n_tty_read() always abort if hangup is in progress (bsc#1051510).
- tty: n_gsm: Allow ADM response in addition to UA for control dlci (bsc#1051510).
- tty: n_gsm: Fix DLCI handling for ADM mode if debug and 2 is not set (bsc#1051510).
- tty: n_gsm: Fix long delays with control frame timeouts in ADM mode (bsc#1051510).
- tty: pl011: Avoid spuriously stuck-off interrupts (bsc#1051510).
- tty: vt: fix up tabstops properly (bsc#1051510).
- tun/tap: sanitize TUNSETSNDBUF input (networking-stable-17_11_14).
- tun: allow positive return values on dev_get_valid_name() call (networking-stable-17_11_14).
- tun: bail out from tun_get_user() if the skb is empty (networking-stable-17_10_09).
- tun: call dev_get_valid_name() before register_netdevice() (networking-stable-17_11_14).
- ubi: Fix error for write access (bsc#1051510).
- ubi: Fix race condition between ubi volume creation and udev (bsc#1051510).
- ubi: Reject MLC NAND (bsc#1051510).
- ubi: block: Fix locking for idr_alloc/idr_remove (bsc#1051510).
- ubi: fastmap: Cancel work upon detach (bsc#1051510).
- ubi: fastmap: Cancel work upon detach (bsc#1051510).
- ubi: fastmap: Do not flush fastmap work on detach (bsc#1051510).
- ubi: fastmap: Erase outdated anchor PEBs during attach (bsc#1051510).
- ubifs: Check ubifs_wbuf_sync() return code (bsc#1052766).
- ubifs: free the encrypted symlink target (bsc#1052766).
- udf: Avoid overflow when session starts at large offset (bsc#1052766).
- udf: Fix leak of UTF-16 surrogates into encoded strings (bsc#1052766).
- usb: core: Add quirk for HP v222w 16GB Mini (bsc#1090888).
- usb: quirks: add control message delay for 1b1c:1b20 (bsc#1087092).
- usb: typec: ucsi: Fix for incorrect status data issue (bsc#1100132).
- usb: typec: ucsi: Increase command completion timeout value (bsc#1090888).
- usb: typec: ucsi: acpi: Workaround for cache mode issue (bsc#1100132).
- usb: xhci: Disable slot even when virt-dev is null (bsc#1085539).
- usb: xhci: Fix potential memory leak in xhci_disable_slot() (bsc#1085539).
- usb: xhci: Make some static functions global ().
- usbip: usbip_host: delete device from busid_table after rebind (bsc#1096480).
- usbip: usbip_host: fix NULL-ptr deref and use-after-free errors (bsc#1096480).
- usbip: usbip_host: fix bad unlock balance during stub_probe() (bsc#1096480).
- usbip: usbip_host: fix to hold parent lock for device_attach() calls (bsc#1096480).
- usbip: usbip_host: run rebind from exit when module is removed (bsc#1096480).
- usbip: vudc: fix null pointer dereference on udc->lock (bsc#1087092).
- userns: Do not fail follow_automount based on s_user_ns (bsc#1099918).
- vfb: fix video mode and line_length being set when loaded (bsc#1100362).
- vfio: Use get_user_pages_longterm correctly (bsc#1095337).
- vfio: disable filesystem-dax page pinning (bsc#1095337).
- vfio: platform: Fix reset module leak in error path (bsc#1099918).
- vhost: Fix vhost_copy_to_user() (networking-stable-18_04_13).
- vhost: correctly remove wait queue during poll failure (networking-stable-18_04_10).
- vhost: fix vhost_vq_access_ok() log check (networking-stable-18_04_13).
- vhost: validate log when IOTLB is enabled (networking-stable-18_04_10).
- vhost_net: add missing lock nesting notation (networking-stable-18_04_10).
- vhost_net: stop device during reset owner (networking-stable-18_02_06).
- video/fbdev/stifb: Return -ENOMEM after a failed kzalloc() in stifb_init_fb() (bsc#1090888 bsc#1099966).
- video/hdmi: Allow 'empty' HDMI infoframes (bsc#1051510).
- video: fbdev/mmp: add MODULE_LICENSE (bsc#1051510).
- video: fbdev: atmel_lcdfb: fix display-timings lookup (bsc#1051510).
- video: fbdev: aty: do not leak uninitialized padding in clk to userspace (bsc#1051510).
- video: fbdev: au1200fb: Release some resources if a memory allocation fails (bsc#1051510).
- video: fbdev: au1200fb: Return an error code if a memory allocation fails (bsc#1051510).
- virtio-gpu: fix ioctl and expose the fixed status to userspace (bsc#1100382).
- virtio: add ability to iterate over vqs (bsc#1051510).
- virtio: release virtio index when fail to device_register (bsc#1051510).
- virtio_console: do not tie bufs to a vq (bsc#1051510).
- virtio_console: drop custom control queue cleanup (bsc#1051510).
- virtio_console: free buffers after reset (bsc#1051510).
- virtio_console: move removal code (bsc#1051510).
- virtio_console: reset on out of memory (bsc#1051510).
- virtio_net: fix adding vids on big-endian (networking-stable-18_04_26).
- virtio_net: split out ctrl buffer (networking-stable-18_04_26).
- virtio_ring: fix num_free handling in error case (bsc#1051510).
- vlan: Fix reading memory beyond skb->tail in skb_vlan_tagged_multi (networking-stable-18_04_26).
- vlan: also check phy_driver ts_info for vlan's real device (networking-stable-18_04_10).
- vlan: fix a use-after-free in vlan_device_event() (networking-stable-17_11_20).
- vmw_balloon: fix inflation with batching (bsc#1051510).
- vmw_balloon: fixing double free when batching mode is off (bsc#1051510).
- vmxnet3: avoid xmit reset due to a race in vmxnet3 (bsc#1091860).
- vmxnet3: fix incorrect dereference when rxvlan is disabled (bsc#1091860).
- vmxnet3: increase default rx ring sizes (bsc#1091860).
- vmxnet3: repair memory leak (bsc#1051510).
- vmxnet3: set the DMA mask before the first DMA map operation (bsc#1091860).
- vmxnet3: use DMA memory barriers where required (bsc#1091860).
- vmxnet3: use correct flag to indicate LRO feature (bsc#1091860).
- vrf: Fix use after free and double free in vrf_finish_output (networking-stable-18_04_10).
- vt6655: Fix a possible sleep-in-atomic bug in vt6655_suspend (bsc#1051510).
- vt: change SGR 21 to follow the standards (bsc#1051510).
- vt: prevent leaking uninitialized data to userspace via /dev/vcs* (bsc#1051510).
- vti6: Change minimum MTU to IPV4_MIN_MTU, vti6 can carry IPv4 too (bsc#1082869).
- vti6: Fix dev->max_mtu setting (bsc#1082869).
- vti6: Keep set MTU on link creation or change, validate it (bsc#1082869).
- vti6: Properly adjust vti6 MTU from MTU of lower device (bsc#1082869).
- vti6: better validate user provided tunnel names (networking-stable-18_04_10).
- vti: fix use after free in vti_tunnel_xmit/vti6_tnl_xmit (bsc#1076830).
- vxlan: fix the issue that neigh proxy blocks all icmpv6 packets (networking-stable-17_11_20).
- w1: mxc_w1: Enable clock before calling clk_get_rate() on it (bsc#1051510).
- wait: add wait_event_killable_timeout() (bsc#1099792).
- watchdog: da9063: Fix setting/changing timeout (bsc#1100843).
- watchdog: da9063: Fix timeout handling during probe (bsc#1100843).
- watchdog: da9063: Fix updating timeout value (bsc#1100843).
- watchdog: f71808e_wdt: Fix WD_EN register read (bsc#1051510).
- watchdog: f71808e_wdt: Fix magic close handling (bsc#1051510).
- watchdog: sp5100_tco: Fix watchdog disable bit (bsc#1051510).
- wcn36xx: Fix dynamic power saving (bsc#1051510).
- wcn36xx: Introduce mutual exclusion of fw configuration (bsc#1051510).
- wl1251: check return from call to wl1251_acx_arp_ip_filter (bsc#1051510).
- workqueue: Allow retrieval of current task's work struct (bsc#1051510).
- workqueue: use put_device() instead of kfree() (bsc#1051510).
- x86,sched: Allow topologies where NUMA nodes share an LLC (bsc#1091158).
- x86/cpu_entry_area: Map also trace_idt_table (bsc#1089878).
- x86/intel_rdt: Add command line parameter to control L2_CDP ().
- x86/intel_rdt: Add two new resources for L2 Code and Data Prioritization (CDP) ().
- x86/intel_rdt: Enable L2 CDP in MSR IA32_L2_QOS_CFG ().
- x86/intel_rdt: Enumerate L2 Code and Data Prioritization (CDP) feature ().
- x86/mm: add a function to check if a pfn is UC/UC-/WC (bsc#1087213).
- x86/pkeys: Add arch_pkeys_enabled() (bsc#1078248).
- x86/pkeys: Move vma_pkey() into asm/pkeys.h (bsc#1078248).
- x86/pti: do not report XenPV as vulnerable (bsc#1097551).
- x86/setup: Do not reserve a crash kernel region if booted on Xen PV (bsc#1085626).
- x86/stacktrace: Clarify the reliable success paths (bnc#1058115).
- x86/stacktrace: Do not fail for ORC with regs on stack (bnc#1058115).
- x86/stacktrace: Do not unwind after user regs (bnc#1058115).
- x86/stacktrace: Enable HAVE_RELIABLE_STACKTRACE for the ORC unwinder (bnc#1058115).
- x86/stacktrace: Remove STACKTRACE_DUMP_ONCE (bnc#1058115).
- x86/tsc: Future-proof native_calibrate_tsc() (bsc#1074873).
- x86/unwind/orc: Detect the end of the stack (bnc#1058115).
- xen/acpi: off by one in read_acpi_id() (bnc#1065600).
- xen/netfront: raise max number of slots in xennet_get_responses() (bnc#1076049).
- xen: do not print error message in case of missing Xenstore entry (bnc#1065600).
- xhci: Add port status decoder for tracing purposes ().
- xhci: Fix USB ports for Dell Inspiron 5775 (bsc#1090888).
- xhci: add definitions for all port link states ().
- xhci: add port speed ID to portsc tracing ().
- xhci: add port status tracing ().
- xhci: fix endpoint context tracer output (bsc#1087092).
- xhci: workaround for AMD Promontory disabled ports wakeup (bsc#1087092).
- xhci: zero usb device slot_id member when disabling and freeing a xhci slot (bsc#1090888).
- xprtrdma: Fix list corruption / DMAR errors during MR recovery (git-fixes).
- xprtrdma: Return -ENOBUFS when no pages are available (git-fixes).
Patchnames
SUSE-SLE-Module-Basesystem-15-2018-1420,SUSE-SLE-Module-Development-Tools-15-2018-1420,SUSE-SLE-Module-Legacy-15-2018-1420,SUSE-SLE-Module-Live-Patching-15-2018-1420,SUSE-SLE-Product-HA-15-2018-1420,SUSE-SLE-Product-WE-15-2018-1420
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for the Linux Kernel",
"title": "Title of the patch"
},
{
"category": "description",
"text": "\nThe SUSE Linux Enterprise 15 kernel was updated to receive various security and bugfixes.\n\nThe following new feature was added:\n\n- NVDIMM memory error notification (ACPI 6.2)\n\nThe following security bugs were fixed:\n\n- CVE-2018-13406: An integer overflow in the uvesafb_setcmap function could\n have result in local attackers being able to crash the kernel or potentially\n elevate privileges because kmalloc_array is not used (bnc#1100418)\n- CVE-2018-13053: The alarm_timer_nsleep function had an integer overflow via a\n large relative timeout because ktime_add_safe was not used (bnc#1099924)\n- CVE-2018-9385: Prevent overread of the \u0027driver_override\u0027 buffer (bsc#1100491)\n- CVE-2018-13405: The inode_init_owner function allowed local users to create\n files with an unintended group ownership allowing attackers to escalate\n privileges by making a plain file executable and SGID (bnc#1100416)\n- CVE-2017-5753: Systems with microprocessors utilizing speculative execution\n and branch prediction may have allowed unauthorized disclosure of information\n to an attacker with local user access via a side-channel analysis (bsc#1068032)\n- CVE-2018-1118: Linux kernel vhost did not properly initialize memory in\n messages passed between virtual guests and the host operating system. This\n could have allowed local privileged users to read some kernel memory contents\n when reading from the /dev/vhost-net device file (bsc#1092472)\n- CVE-2018-12233: A memory corruption bug in JFS could have been triggered by\n calling setxattr twice with two different extended attribute names on the same\n file. This vulnerability could be triggered by an unprivileged user with the\n ability to create files and execute programs (bsc#1097234)\n- CVE-2018-5848: In the function wmi_set_ie(), the length validation code did\n not handle unsigned integer overflow properly. As a result, a large value of\n the \u0027ie_len\u0027 argument could have caused a buffer overflow (bnc#1097356)\n- CVE-2018-1000204: Prevent infoleak caused by incorrect handling of the SG_IO\n ioctl (bsc#1096728)\n- CVE-2018-3639: Systems with microprocessors utilizing speculative execution\n and speculative execution of memory reads the addresses of all prior memory\n writes are known may have allowed unauthorized disclosure of information to an\n attacker with local user access via a side-channel analysis, aka Speculative\n Store Bypass (SSB), Variant 4 (bsc#1087082)\n- CVE-2018-1120: By mmap()ing a FUSE-backed file onto a process\u0027s memory\n containing command line arguments (or environment strings), an attacker could\n have caused utilities from psutils or procps (such as ps, w) to block\n indefinitely (denial of service) or for some controlled time (as a\n synchronization primitive for other attacks) (bsc#1093158)\n- CVE-2018-1094: The ext4_fill_super function did not always initialize the\n crc32c checksum driver, which allowed attackers to cause a denial of service\n (ext4_xattr_inode_hash NULL pointer dereference and system crash) via a crafted\n ext4 image (bsc#1087007)\n- CVE-2018-1092: The ext4_iget function mishandled the case of a root directory\n with a zero i_links_count, which allowed attackers to cause a denial of service\n (ext4_process_freed_data NULL pointer dereference and OOPS) via a crafted ext4\n image (bsc#1087012)\n- 1093: The ext4_valid_block_bitmap function allowed attackers to cause a\n denial of service (out-of-bounds read and system crash) via a crafted ext4\n image because balloc.c and ialloc.c do not validate bitmap block numbers\n (bsc#1087095)\n- CVE-2018-1000200: Prevent NULL pointer dereference which could have resulted\n in an out of memory (OOM) killing of large mlocked processes (bsc#1090150)\n- CVE-2018-1130: NULL pointer dereference in dccp_write_xmit() function that\n allowed a local user to cause a denial of service by a number of certain\n crafted system calls (bsc#1092904)\n- CVE-2018-5803: Prevent error in the \u0027_sctp_make_chunk()\u0027 function when\n handling SCTP packets length that could have been exploited to cause a kernel\n crash (bnc#1083900)\n- CVE-2018-7492: Prevent NULL pointer dereference in the net/rds/rdma.c\n __rds_rdma_map() function that allowed local attackers to cause a system panic\n and a denial-of-service, related to RDS_GET_MR and RDS_GET_MR_FOR_DEST\n (bsc#1082962)\n- CVE-2018-8781: The udl_fb_mmap function had an integer-overflow vulnerability\n allowing local users with access to the udldrmfb driver to obtain full read and\n write permissions on kernel physical pages, resulting in a code execution in\n kernel space (bsc#1090643)\n- CVE-2018-10124: The kill_something_info function in kernel/signal.c might\n have allowed local users to cause a denial of service via an INT_MIN argument\n (bnc#1089752)\n- CVE-2018-10087: The kernel_wait4 function in kernel/exit.c might have allowed\n local users to cause a denial of service by triggering an attempted use of the\n-INT_MIN value (bnc#1089608)\n- CVE-2017-5715: Prevent unauthorized disclosure of information to an attacker\n with local user access caused by speculative execution and indirect branch\n prediction (bsc#1068032)\n\nThe following non-security bugs were fixed:\n\n- Fix copy_in_user() declaration (bsc#1052766).\n- 1wire: family module autoload fails because of upper/lower case mismatch (bsc#1051510).\n- 8021q: fix a memory leak for VLAN 0 device (networking-stable-18_01_12).\n- 8139too: Use disable_irq_nosync() in rtl8139_poll_controller() (networking-stable-18_05_15).\n- 8139too: revisit napi_complete_done() usage (networking-stable-17_10_09).\n- 9p/trans_virtio: discard zero-length reply (bsc#1052766).\n- ACPI / APEI: Replace ioremap_page_range() with fixmap (bsc#1051510).\n- ACPI / LPSS: Add missing prv_offset setting for byt/cht PWM devices (bsc#1051510).\n- ACPI / NUMA: ia64: Parse all entries of SRAT memory affinity table (bnc#1088796).\n- ACPI / bus: Do not call _STA on battery devices with unmet dependencies (bsc#1051510).\n- ACPI / button: make module loadable when booted in non-ACPI mode (bsc#1051510).\n- ACPI / hotplug / PCI: Check presence of slot itself in get_slot_status() (bsc#1051510).\n- ACPI / scan: Initialize watchdog before PNP (bsc#1073960).\n- ACPI / scan: Send change uevent with offine environmental data (bsc#1082485).\n- ACPI / scan: Use acpi_bus_get_status() to initialize ACPI_TYPE_DEVICE devs (bsc#1051510).\n- ACPI / video: Add quirk to force acpi-video backlight on Samsung 670Z5E (bsc#1051510).\n- ACPI / video: Default lcd_only to true on Win8-ready and newer machines (bsc#1051510).\n- ACPI / video: Only default only_lcd to true on Win8-ready _desktops_ (bsc#1051510).\n- ACPI / watchdog: Prefer iTCO_wdt on Lenovo Z50-70 (bsc#1051510).\n- ACPI / watchdog: properly initialize resources (bsc#1051510).\n- ACPI: EC: Fix debugfs_create_*() usage (bsc#1051510).\n- ACPI: acpi_pad: Fix memory leak in power saving threads (bsc#1051510).\n- ACPI: processor_perflib: Do not send _PPC change notification if not ready (bsc#1051510).\n- ACPI: sysfs: Make ACPI GPE mask kernel parameter cover all GPEs (bsc#1051510).\n- ACPICA: ACPI 6.0A: Changes to the NFIT ACPI table (bsc#1091424).\n- ACPICA: Events: add a return on failure from acpi_hw_register_read (bsc#1051510).\n- ACPICA: Fix memory leak on unusual memory leak (bsc#1051510).\n- ACPICA: acpi: acpica: fix acpi operand cache leak in nseval.c (bsc#1051510).\n- ALSA: aloop: Add missing cable lock to ctl API callbacks (bsc#1051510).\n- ALSA: aloop: Mark paused device as inactive (bsc#1051510).\n- ALSA: asihpi: Hardening for potential Spectre v1 (bsc#1051510).\n- ALSA: caiaq: Add yet more sanity checks for invalid EPs (bsc#1051510).\n- ALSA: control: Hardening for potential Spectre v1 (bsc#1051510).\n- ALSA: control: fix a redundant-copy issue (bsc#1051510).\n- ALSA: core: Report audio_tstamp in snd_pcm_sync_ptr (bsc#1051510).\n- ALSA: dice: fix OUI for TC group (bsc#1051510).\n- ALSA: dice: fix error path to destroy initialized stream data (bsc#1051510).\n- ALSA: dice: fix kernel NULL pointer dereference due to invalid calculation for array index (bsc#1051510).\n- ALSA: emu10k1: Fix kABI breakage (bsc#1093027).\n- ALSA: emu10k1: add a IOMMU workaround (bsc#1093027).\n- ALSA: emu10k1: add optional debug printouts with DMA addresses (bsc#1093027).\n- ALSA: emu10k1: make sure synth DMA pages are allocated with DMA functions (bsc#1093027).\n- ALSA: emu10k1: remove reserved_page (bsc#1093027).\n- ALSA: emu10k1: use dma_set_mask_and_coherent() (bsc#1093027).\n- ALSA: hda - Fix incorrect usage of IS_REACHABLE() (bsc#1051510).\n- ALSA: hda - Handle kzalloc() failure in snd_hda_attach_pcm_stream() (bsc#1051510).\n- ALSA: hda - New VIA controller suppor no-snoop path (bsc#1051510).\n- ALSA: hda - Skip jack and others for non-existing PCM streams (bsc#1051510).\n- ALSA: hda/ca0132 - use ARRAY_SIZE (bsc#1051510).\n- ALSA: hda/ca0132: Add DSP Volume set and New mixers for SBZ + R3Di (bsc#1096696).\n- ALSA: hda/ca0132: Add PCI region2 iomap for SBZ (bsc#1096696).\n- ALSA: hda/ca0132: Add dsp setup + gpio functions for r3di (bsc#1096696).\n- ALSA: hda/ca0132: Add extra exit functions for R3Di and SBZ (bsc#1096696).\n- ALSA: hda/ca0132: Add new control changes for SBZ + R3Di (bsc#1096696).\n- ALSA: hda/ca0132: Add pincfg for SBZ + R3Di, add fp hp auto-detect (bsc#1096696).\n- ALSA: hda/ca0132: Delete pointless assignments to struct auto_pin_cfg fields (bsc#1051510).\n- ALSA: hda/ca0132: Delete redundant UNSOL event requests (bsc#1051510).\n- ALSA: hda/ca0132: Do not test for QUIRK_NONE (bsc#1051510).\n- ALSA: hda/ca0132: Fix DMic data rate for Alienware M17x R4 (bsc#1051510).\n- ALSA: hda/ca0132: R3Di and SBZ quirk entires + alt firmware loading (bsc#1096696).\n- ALSA: hda/ca0132: Restore PCM Analog Mic-In2 (bsc#1051510).\n- ALSA: hda/ca0132: Restore behavior of QUIRK_ALIENWARE (bsc#1051510).\n- ALSA: hda/ca0132: add alt_select_in/out for R3Di + SBZ (bsc#1096696).\n- ALSA: hda/ca0132: add ca0132_alt_set_vipsource (bsc#1096696).\n- ALSA: hda/ca0132: add dsp setup related commands for the sbz (bsc#1096696).\n- ALSA: hda/ca0132: add extra init functions for r3di + sbz (bsc#1096696).\n- ALSA: hda/ca0132: add the ability to set src_id on scp commands (bsc#1096696).\n- ALSA: hda/ca0132: constify parameter table for effects (bsc#1096696).\n- ALSA: hda/ca0132: constify read-only members of string array (bsc#1096696).\n- ALSA: hda/ca0132: constify templates for control element set (bsc#1096696).\n- ALSA: hda/ca0132: fix array_size.cocci warnings (bsc#1096696).\n- ALSA: hda/ca0132: fix build failure when a local macro is defined (bsc#1051510).\n- ALSA: hda/ca0132: make array ca0132_alt_chmaps static (bsc#1051510).\n- ALSA: hda/ca0132: merge strings just for printk (bsc#1096696).\n- ALSA: hda/ca0132: update core functions for sbz + r3di (bsc#1096696).\n- ALSA: hda/conexant - Add fixup for HP Z2 G4 workstation (bsc#1092975).\n- ALSA: hda/conexant - Add hp-mic-fix model string (bsc#1092975).\n- ALSA: hda/realtek - Add a quirk for FSC ESPRIMO U9210 (bsc#1051510).\n- ALSA: hda/realtek - Add shutup hint (bsc#1051510).\n- ALSA: hda/realtek - Add some fixes for ALC233 (bsc#1051510).\n- ALSA: hda/realtek - Clevo P950ER ALC1220 Fixup (bsc#1051510).\n- ALSA: hda/realtek - Enable mic-mute hotkey for several Lenovo AIOs (bsc#1051510).\n- ALSA: hda/realtek - Fix pop noise on Lenovo P50 and co (bsc#1051510).\n- ALSA: hda/realtek - Fix the problem of two front mics on more machines (bsc#1051510).\n- ALSA: hda/realtek - Fixup for HP x360 laptops with BandO speakers (bsc#1096705).\n- ALSA: hda/realtek - Fixup mute led on HP Spectre x360 (bsc#1096705).\n- ALSA: hda/realtek - Refactor alc269_fixup_hp_mute_led_mic*() (bsc#1096705).\n- ALSA: hda/realtek - Update ALC255 depop optimize (bsc#1051510).\n- ALSA: hda/realtek - adjust the location of one mic (bsc#1051510).\n- ALSA: hda/realtek - change the location for one of two front mics (bsc#1051510).\n- ALSA: hda/realtek - set PINCFG_HEADSET_MIC to parse_flags (bsc#1051510).\n- ALSA: hda: Add ASRock H81M-HDS to the power_save blacklist (bsc#1051510).\n- ALSA: hda: Add Clevo W35xSS_370SS to the power_save blacklist (bsc#1051510).\n- ALSA: hda: Add Gigabyte P55A-UD3 and Z87-D3HP to the power_save blacklist (bsc#1051510).\n- ALSA: hda: Add Icelake PCI ID (bsc#1051510).\n- ALSA: hda: Add Intel NUC5i7RY to the power_save blacklist (bsc#1051510).\n- ALSA: hda: Add Intel NUC7i3BNB to the power_save blacklist (bsc#1051510).\n- ALSA: hda: Add Lenovo C50 All in one to the power_save blacklist (bsc#1051510).\n- ALSA: hda: Hardening for potential Spectre v1 (bsc#1051510).\n- ALSA: hda: add dock and led support for HP EliteBook 830 G5 (bsc#1051510).\n- ALSA: hda: add dock and led support for HP ProBook 640 G4 (bsc#1051510).\n- ALSA: hdspm: Hardening for potential Spectre v1 (bsc#1051510).\n- ALSA: hiface: Add sanity checks for invalid EPs (bsc#1051510).\n- ALSA: line6: Add yet more sanity checks for invalid EPs (bsc#1051510).\n- ALSA: line6: Use correct endpoint type for midi output (bsc#1051510).\n- ALSA: line6: add support for POD HD DESKTOP (bsc#1051510).\n- ALSA: line6: add support for POD HD500X (bsc#1051510).\n- ALSA: line6: remove unnecessary initialization to PODHD500X (bsc#1051510).\n- ALSA: opl3: Hardening for potential Spectre v1 (bsc#1051510).\n- ALSA: pcm: Avoid potential races between OSS ioctls and read/write (bsc#1051510).\n- ALSA: pcm: Check PCM state at xfern compat ioctl (bsc#1051510).\n- ALSA: pcm: Fix UAF at PCM release via PCM timer access (bsc#1051510).\n- ALSA: pcm: Fix endless loop for XRUN recovery in OSS emulation (bsc#1051510).\n- ALSA: pcm: Fix mutex unbalance in OSS emulation ioctls (bsc#1051510).\n- ALSA: pcm: Return -EBUSY for OSS ioctls changing busy streams (bsc#1051510).\n- ALSA: pcm: potential uninitialized return values (bsc#1051510).\n- ALSA: rawmidi: Fix missing input substream checks in compat ioctls (bsc#1051510).\n- ALSA: rme9652: Hardening for potential Spectre v1 (bsc#1051510).\n- ALSA: seq: Fix UBSAN warning at SNDRV_SEQ_IOCTL_QUERY_NEXT_CLIENT ioctl (bsc#1051510).\n- ALSA: seq: Fix races at MIDI encoding in snd_virmidi_output_trigger() (bsc#1051510).\n- ALSA: seq: oss: Fix unbalanced use lock for synth MIDI device (bsc#1051510).\n- ALSA: seq: oss: Hardening for potential Spectre v1 (bsc#1051510).\n- ALSA: timer: Fix UBSAN warning at SNDRV_TIMER_IOCTL_NEXT_DEVICE ioctl (bsc#1051510).\n- ALSA: timer: Fix pause event notification (bsc#1051510).\n- ALSA: usb-audio: Add \u0027Keep Interface\u0027 control (bsc#1089467).\n- ALSA: usb-audio: Add a quirk for Nura\u0027s first gen headset (bsc#1051510).\n- ALSA: usb-audio: Add keep_iface flag (bsc#1089467).\n- ALSA: usb-audio: Add native DSD support for Luxman DA-06 (bsc#1051510).\n- ALSA: usb-audio: Add native DSD support for Mytek DACs (bsc#1051510).\n- ALSA: usb-audio: Add native DSD support for TEAC UD-301 (bsc#1051510).\n- ALSA: usb-audio: Add sample rate quirk for Plantronics C310/C520-M (bsc#1051510).\n- ALSA: usb-audio: Add sample rate quirk for Plantronics P610 (bsc#1051510).\n- ALSA: usb-audio: Add sanity checks for invalid EPs (bsc#1051510).\n- ALSA: usb-audio: Allow to override the longname string (bsc#1091678).\n- ALSA: usb-audio: Apply vendor ID matching for sample rate quirk (bsc#1051510).\n- ALSA: usb-audio: Avoid superfluous usb_set_interface() calls (bsc#1089467).\n- ALSA: usb-audio: Change the semantics of the enable option (bsc#1051510).\n- ALSA: usb-audio: Disable the quirk for Nura headset (bsc#1051510).\n- ALSA: usb-audio: FIX native DSD support for TEAC UD-501 DAC (bsc#1051510).\n- ALSA: usb-audio: Generic DSD detection for XMOS-based implementations (bsc#1051510).\n- ALSA: usb-audio: Give proper vendor/product name for Dell WD15 Dock (bsc#1091678).\n- ALSA: usb-audio: Initialize Dell Dock playback volumes (bsc#1089467).\n- ALSA: usb-audio: Integrate native DSD support for ITF-USB based DACs (bsc#1051510).\n- ALSA: usb-audio: Remove explicitly listed Mytek devices (bsc#1051510).\n- ALSA: usb-audio: Skip broken EU on Dell dock USB-audio (bsc#1090658).\n- ALSA: usb-audio: Support changing input on Sound Blaster E1 (bsc#1051510).\n- ALSA: usb-audio: add boot quirk for Axe-Fx III (bsc#1051510).\n- ALSA: usb-audio: add more quirks for DSD interfaces (bsc#1051510).\n- ALSA: usb-audio: simplify set_sync_ep_implicit_fb_quirk (bsc#1051510).\n- ALSA: usb: mixer: volume quirk for CM102-A+/102S+ (bsc#1051510).\n- ALSA: usx2y: Add sanity checks for invalid EPs (bsc#1051510).\n- ALSA: usx2y: Fix invalid stream URBs (bsc#1051510).\n- ALSA: vmaster: Propagate slave error (bsc#1051510).\n- ASoC: Intel: Skylake: Disable clock gating during firmware and library download (bsc#1051510).\n- ASoC: Intel: cht_bsw_rt5645: Analog Mic support (bsc#1051510).\n- ASoC: Intel: sst: remove redundant variable dma_dev_name (bsc#1051510).\n- ASoC: adau17x1: Handling of DSP_RUN register during fw setup (bsc#1051510).\n- ASoC: cirrus: i2s: Fix LRCLK configuration (bsc#1051510).\n- ASoC: cirrus: i2s: Fix {TX|RX}LinCtrlData setup (bsc#1051510).\n- ASoC: cs35l35: Add use_single_rw to regmap config (bsc#1051510).\n- ASoC: dapm: delete dapm_kcontrol_data paths list before freeing it (bsc#1051510).\n- ASoC: fsl_esai: Fix divisor calculation failure at lower ratio (bsc#1051510).\n- ASoC: hdmi-codec: Fix module unloading caused kernel crash (bsc#1051510).\n- ASoC: hdmi-codec: fix spelling mistake: \u0027deteced\u0027 -\u003e \u0027detected\u0027 (bsc#1051510).\n- ASoC: hdmi-codec: remove multi detection support (bsc#1051510).\n- ASoC: omap: Remove OMAP_MUX dependency from Nokia N810 audio support (bsc#1051510).\n- ASoC: rockchip: Fix dai_name for HDMI codec (bsc#1051510).\n- ASoC: rockchip: rk3288-hdmi-analog: Select needed codecs (bsc#1051510).\n- ASoC: rsnd: mark PM functions __maybe_unused (bsc#1051510).\n- ASoC: rt5514: Add the missing register in the readable table (bsc#1051510).\n- ASoC: samsung: i2s: Ensure the RCLK rate is properly determined (bsc#1051510).\n- ASoC: samsung: odroid: Drop requirement of clocks in the sound node (bsc#1051510).\n- ASoC: samsung: odroid: Fix 32000 sample rate handling (bsc#1051510).\n- ASoC: samsung: odroid: Fix EPLL frequency values (bsc#1051510).\n- ASoC: ssm2602: Replace reg_default_raw with reg_default (bsc#1051510).\n- ASoC: topology: Check widget kcontrols before deref (bsc#1051510).\n- ASoC: topology: Check widget kcontrols before deref (bsc#1051510).\n- ASoC: topology: Fix bugs of freeing soc topology (bsc#1051510).\n- ASoC: topology: Fix kcontrol name string handling (bsc#1051510).\n- ASoC: topology: create TLV data for dapm widgets (bsc#1051510).\n- ASoC: topology: fix some tiny memory leaks (bsc#1051510).\n- Bluetooth: Add a new 04ca:3015 QCA_ROME device (bsc#1051510).\n- Bluetooth: Apply QCA Rome patches for some ATH3012 models (bsc#1082504).\n- Bluetooth: Fix missing encryption refresh on Security Request (bsc#1051510).\n- Bluetooth: Set HCI_QUIRK_SIMULTANEOUS_DISCOVERY for BTUSB_QCA_ROME (bsc#1051510).\n- Bluetooth: btrtl: Fix a error code in rtl_load_config() (bsc#1051510).\n- Bluetooth: btusb: Add Dell XPS 13 9360 to btusb_needs_reset_resume_table (bsc#1051510).\n- Bluetooth: btusb: Add USB ID 7392:a611 for Edimax EW-7611ULB (bsc#1051510).\n- Bluetooth: btusb: Add device ID for RTL8822BE (bsc#1051510).\n- Bluetooth: btusb: Only check needs_reset_resume DMI table for QCA rome chipsets (bsc#1051510).\n- Bluetooth: btusb: add ID for LiteOn 04ca:3016 (bsc#1051510).\n- Bluetooth: hci_bcm: Add 6 new ACPI HIDs (bsc#1051510).\n- Bluetooth: hci_bcm: Add active_low irq polarity quirk for Asus T100CHI (bsc#1051510).\n- Bluetooth: hci_bcm: Add support for BCM2E72 (bsc#1051510).\n- Bluetooth: hci_bcm: Add support for MINIX Z83-4 based devices (bsc#1051510).\n- Bluetooth: hci_bcm: Fix setting of irq trigger type (bsc#1051510).\n- Bluetooth: hci_bcm: Handle empty packet after firmware loading (bsc#1051510).\n- Bluetooth: hci_bcm: Make bcm_request_irq fail if no IRQ resource (bsc#1051510).\n- Bluetooth: hci_bcm: Remove DMI quirk for the MINIX Z83-4 (bsc#1051510).\n- Bluetooth: hci_bcm: Treat Interrupt ACPI resources as always being active-low (bsc#1051510).\n- Bluetooth: hci_qca: Avoid missing rampatch failure with userspace fw loader (bsc#1051510).\n- Btrfs: fix copy_items() return value when logging an inode (bsc#1097105).\n- Btrfs: fix xattr loss after power failure (bsc#1097105).\n- Btrfs: use btrfs_op instead of bio_op in __btrfs_map_block (bsc#1099918).\n- Correct bug reference in the patch (bnc#1095155)\n- Delete patches.arch/powerpc64-ftrace-Use-the-generic-version-of-ftrace_r.patch (bsc#1088804).\n- Downgrade printk level for MMC SDHCI host version error (bsc#1097941).\n- Fix kABI breakage due to acpi_ec gpe field change (bsc#1051510).\n- Fix kABI breakage due to snd_usb_audio_quirk profile_name addition (bsc#1091678).\n- Fix kABI breakage due to sound/timer.h inclusion (bsc#1051510).\n- Fix kABI breakage for iwl_fw_runtime_ops change (bsc#1051510).\n- Fix kABI breakage for iwlwifi (bsc#1051510).\n- Fix kABI breakage of iio_buffer (bsc#1051510).\n- Fix kABI incompatibility by snd_pcm_oss_runtime.rw_ref addition (bsc#1051510).\n- Fix the build error in adau17x1 soc driver (bsc#1051510)\n- Fix the build of da9063_wdt module (bsc#1100843) Backport the missing prerequisite commit, move the previous fixes into the sorted section and refresh.\n- GFS2: Take inode off order_write list when setting jdata flag (bsc#1052766).\n- HID: add backlight level quirk for Asus ROG laptops (bsc#1101324).\n- HID: cp2112: fix broken gpio_direction_input callback (bsc#1051510).\n- HID: debug: check length before copy_to_user() (bsc#1051510).\n- HID: hiddev: fix potential Spectre v1 (bsc#1051510).\n- HID: hidraw: Fix crash on HIDIOCGFEATURE with a destroyed device (bsc#1051510).\n- HID: i2c-hid: Fix \u0027incomplete report\u0027 noise (bsc#1051510).\n- HID: i2c-hid: fix size check and type usage (bsc#1051510).\n- HID: intel-ish-hid: Enable Gemini Lake ish driver (bsc#1073765,).\n- HID: intel-ish-hid: use put_device() instead of kfree() (bsc#1051510).\n- HID: intel_ish-hid: ipc: register more pm callbacks to support hibernation (bsc#1051510).\n- HID: lenovo: Add support for IBM/Lenovo Scrollpoint mice (bsc#1051510).\n- HID: roccat: prevent an out of bounds read in kovaplus_profile_activated() (bsc#1051510).\n- HID: wacom: Add support for One by Wacom (CTL-472 / CTL-672) (bsc#1100633).\n- HID: wacom: Correct logical maximum Y for 2nd-gen Intuos Pro large (bsc#1051510).\n- HID: wacom: Correct touch maximum XY of 2nd-gen Intuos (bsc#1051510).\n- HID: wacom: EKR: ensure devres groups at higher indexes are released (bsc#1051510).\n- HID: wacom: Fix reporting of touch toggle (WACOM_HID_WD_MUTE_DEVICE) events (bsc#1051510).\n- HID: wacom: Release device resource data obtained by devres_alloc() (bsc#1051510).\n- HID: wacom: bluetooth: send exit report for recent Bluetooth devices (bsc#1051510).\n- IB/Hfi1: Read CCE Revision register to verify the device is responsive (bsc#1096793).\n- IB/core: Generate GID change event regardless of RoCE GID table property (bsc#1046306).\n- IB/core: Refer to RoCE port property instead of GID table property (bsc#1046306).\n- IB/cq: Do not force IB_POLL_DIRECT poll context for ib_process_cq_direct (bsc#1046306).\n- IB/hfi1 Use correct type for num_user_context (bsc#1096793).\n- IB/hfi1: Add a safe wrapper for _rcd_get_by_index (bsc#1096793).\n- IB/hfi1: Add tx_opcode_stats like the opcode_stats (bsc#1096793).\n- IB/hfi1: Complete check for locally terminated smp (bsc#1096793).\n- IB/hfi1: Compute BTH only for RDMA_WRITE_LAST/SEND_LAST packet (bsc#1096793).\n- IB/hfi1: Convert PortXmitWait/PortVLXmitWait counters to flit times (bsc#1096793).\n- IB/hfi1: Create common functions for affinity CPU mask operations (bsc#1096793).\n- IB/hfi1: Do not allocate PIO send contexts for VNIC (bsc#1096793).\n- IB/hfi1: Do not modify num_user_contexts module parameter (bsc#1096793).\n- IB/hfi1: Do not override given pcie_pset value (bsc#1096793).\n- IB/hfi1: Ensure VL index is within bounds (bsc#1096793).\n- IB/hfi1: Fix NULL pointer dereference when invalid num_vls is used (bsc#1060463).\n- IB/hfi1: Fix a wrapping test to insure the correct timeout (bsc#1096793).\n- IB/hfi1: Fix for early release of sdma context (bsc#1096793).\n- IB/hfi1: Fix handling of FECN marked multicast packet (bsc#1060463).\n- IB/hfi1: Fix loss of BECN with AHG (bsc#1096793).\n- IB/hfi1: Fix memory leak in exception path in get_irq_affinity() (bsc#1096793).\n- IB/hfi1: Fix serdes loopback set-up (bsc#1096793).\n- IB/hfi1: Handle initial value of 0 for CCTI setting (bsc#1096793).\n- IB/hfi1: Inline common calculation (bsc#1096793).\n- IB/hfi1: Insure int mask for in-kernel receive contexts is clear (bsc#1096793).\n- IB/hfi1: Look up ibport using a pointer in receive path (bsc#1096793).\n- IB/hfi1: Optimize kthread pointer locking when queuing CQ entries (bsc#1096793).\n- IB/hfi1: Optimize packet type comparison using 9B and bypass code paths (bsc#1096793).\n- IB/hfi1: Prevent LNI hang when LCB can\u0027t obtain lanes (bsc#1096793).\n- IB/hfi1: Prohibit invalid Init to Armed state transition (bsc#1096793).\n- IB/hfi1: Race condition between user notification and driver state (bsc#1096793).\n- IB/hfi1: Re-order IRQ cleanup to address driver cleanup race (bsc#1060463).\n- IB/hfi1: Refactor assign_ctxt() IOCTL (bsc#1096793).\n- IB/hfi1: Refactor get_base_info (bsc#1096793).\n- IB/hfi1: Refactor get_ctxt_info (bsc#1096793).\n- IB/hfi1: Refactor get_user() IOCTLs (bsc#1096793).\n- IB/hfi1: Refactor hfi_user_exp_rcv_clear() IOCTLs (bsc#1096793).\n- IB/hfi1: Refactor hfi_user_exp_rcv_invalid() IOCTLs (bsc#1096793).\n- IB/hfi1: Refactor hfi_user_exp_rcv_setup() IOCTL (bsc#1096793).\n- IB/hfi1: Remove unused hfi1_cpulist variables (bsc#1096793).\n- IB/hfi1: Reorder incorrect send context disable (bsc#1096793).\n- IB/hfi1: Return correct value for device state (bsc#1096793).\n- IB/hfi1: Send \u0027reboot\u0027 as planned down remote reason (bsc#1096793).\n- IB/hfi1: Set port number for errorinfo MAD response (bsc#1096793).\n- IB/hfi1: Show fault stats in both TX and RX directions (bsc#1096793).\n- IB/hfi1: Update HFI to use the latest PCI API (bsc#1096793).\n- IB/hfi1: Use after free race condition in send context error path (bsc#1096793).\n- IB/hfi1: Validate PKEY for incoming GSI MAD packets (bsc#1096793).\n- IB/ipoib: Avoid memory leak if the SA returns a different DGID (bsc#1046307).\n- IB/ipoib: Change number of TX wqe to 64 (bsc#1096793).\n- IB/ipoib: Fix for notify send CQ failure messages (bsc#1096793).\n- IB/ipoib: Fix for potential no-carrier state (bsc#1046307).\n- IB/ipoib: Get rid of the tx_outstanding variable in all modes (bsc#1096793).\n- IB/ipoib: Use NAPI in UD/TX flows (bsc#1096793).\n- IB/mlx4: Fix integer overflow when calculating optimal MTT size (bsc#1071218).\n- IB/mlx4: Move mlx4_uverbs_ex_query_device_resp to include/uapi/ (bsc#1071218).\n- IB/mlx5: Enable ECN capable bits for UD RoCE v2 QPs (bsc#1046305).\n- IB/mlx5: Respect new UMR capabilities (bsc#1093205).\n- IB/mlx5: Set the default active rate and width to QDR and 4X (bsc#1046305).\n- IB/mlx5: Use unlimited rate when static rate is not supported (bsc#1046305).\n- IB/mlx5:: pr_err() and mlx5_ib_dbg() strings should end with newlines (bsc#1093205).\n- IB/rdmavt: Add trace for RNRNAK timer (bsc#1096793).\n- IB/rdmavt: Allocate CQ memory on the correct node (bsc#1058717).\n- IB/rdmavt: No need to cancel RNRNAK retry timer when it is running (bsc#1096793).\n- IB/rdmavt: Use correct numa node for SRQ allocation (bsc#1096793).\n- IB/srp: Fix completion vector assignment algorithm (bsc#1046306).\n- IB/srp: Fix srp_abort() (bsc#1046306).\n- IB/srpt: Fix an out-of-bounds stack access in srpt_zerolength_write() (bsc#1046306).\n- IB/uverbs: Fix validating mandatory attributes (bsc#1046306).\n- IB/{hfi1, qib}: Add handling of kernel restart (bsc#1096793).\n- IB/{hfi1, rdmavt}: Fix memory leak in hfi1_alloc_devdata() upon failure (bsc#1096793).\n- IB/{rdmavt,hfi1}: Change hrtimer add to use pinned version (bsc#1096793).\n- Input: ALPS - fix TrackStick detection on Thinkpad L570 and Latitude 7370 (bsc#1051510).\n- Input: atmel_mxt_ts - add touchpad button mapping for Samsung Chromebook Pro (bsc#1051510).\n- Input: atmel_mxt_ts - fix the firmware update (bsc#1051510).\n- Input: elan_i2c - add ELAN0612 (Lenovo v330 14IKB) ACPI ID (bsc#1051510).\n- Input: elan_i2c - add ELAN0618 (Lenovo v330 15IKB) ACPI ID (bsc#1051510).\n- Input: elan_i2c_smbus - fix corrupted stack (bsc#1051510).\n- Input: elan_i2c_smbus - fix more potential stack buffer overflows (bsc#1051510).\n- Input: elantech - enable middle button of touchpads on ThinkPad P52 (bsc#1051510).\n- Input: elantech - fix V4 report decoding for module with middle key (bsc#1051510).\n- Input: goodix - add new ACPI id for GPD Win 2 touch screen (bsc#1051510).\n- Input: goodix - disable IRQs while suspended (bsc#1051510).\n- Input: i8042 - add Lenovo ThinkPad L460 to i8042 reset list (bsc#1051510).\n- Input: i8042 - enable MUX on Sony VAIO VGN-CS series to fix touchpad (bsc#1051510).\n- Input: leds - fix out of bound access (bsc#1051510).\n- Input: synaptics - Lenovo Carbon X1 Gen5 (2017) devices should use RMI (bsc#1051510).\n- Input: synaptics - Lenovo Thinkpad X1 Carbon G5 (2017) with Elantech trackpoints should use RMI (bsc#1051510).\n- Input: synaptics - add Intertouch support on X1 Carbon 6th and X280 (bsc#1051510).\n- Input: synaptics - add Lenovo 80 series ids to SMBus (bsc#1051510).\n- Input: synaptics - reset the ABS_X/Y fuzz after initializing MT axes (bsc#1051510).\n- Input: synaptics-rmi4 - fix an unchecked out of memory error path (bsc#1051510).\n- Input: synaptics: Add intertouch blacklist for Thinkpad Helix (bsc#1090457).\n- Input: xpad - add GPD Win 2 Controller USB IDs (bsc#1051510).\n- Input: xpad - fix GPD Win 2 controller name (bsc#1051510).\n- Input: xpad - sync supported devices with 360Controller (bsc#1051510).\n- Input: xpad - sync supported devices with XBCD (bsc#1051510).\n- KABI protect struct nd_region ().\n- KABI: hide ftrace_enabled in paca (bsc#1088804).\n- KEYS: DNS: limit the length of option strings (networking-stable-18_04_26).\n- KEYS: Use individual pages in big_key for crypto buffers (bsc#1051510).\n- KVM: MMU: consider host cache mode in MMIO page check (bsc#1087213).\n- KVM: PPC: Book3S HV: Fix ppc_breakpoint_available compile error (bsc#1061840).\n- KVM: PPC: Book3S HV: Handle migration with POWER9 disabled DAWR (bsc#1061840).\n- KVM: PPC: Book3S HV: Return error from h_set_dabr() on POWER9 (bsc#1061840).\n- KVM: PPC: Book3S HV: Return error from h_set_mode(SET_DAWR) on POWER9 (bsc#1061840).\n- KVM: PPC: Book3S HV: trace_tlbie must not be called in realmode (bsc#1061840).\n- MD: Free bioset when md_run fails (bsc#1093023).\n- Move upstreamed ideapad-laptop patch to sorted section (bsc#1093035)\n- NET: usb: qmi_wwan: add support for ublox R410M PID 0x90b2 (bsc#1090888).\n- NFC: fix device-allocation error return (bsc#1051510).\n- NFC: llcp: Limit size of SDP URI (bsc#1051510).\n- NFC: pn533: do not send USB data off of the stack (bsc#1051510).\n- NFS: Revert \u0027NFS: Move the flock open mode check into nfs_flock()\u0027 (bsc#1098983).\n- NFSv4: Revert commit 5f83d86cf531d (\u0027NFSv4.x: Fix wraparound issues..\u0027) (git-fixes).\n- PCI/ASPM: Add L1 Substates definitions (bsc#1051510).\n- PCI/ASPM: Calculate LTR_L1.2_THRESHOLD from device characteristics (bsc#1051510).\n- PCI/DPC: Do not enable DPC if AER control is not allowed by the BIOS (bsc#1093184).\n- PCI/PME: Handle invalid data when reading Root Status (bsc#1051510).\n- PCI: Add ACS quirk for Intel 300 series (bsc#1051510).\n- PCI: Add ACS quirk for Intel 7th and 8th Gen mobile (bsc#1051510).\n- PCI: Add function 1 DMA alias quirk for Highpoint RocketRAID 644L (bsc#1051510).\n- PCI: Add function 1 DMA alias quirk for Marvell 88SE9220 (bsc#1051510).\n- PCI: Add function 1 DMA alias quirk for Marvell 9128 (bsc#1051510).\n- PCI: Create SR-IOV virtfn/physfn links before attaching driver (bsc#1051510).\n- PCI: Detach driver before procfs and sysfs teardown on device remove (bsc#1051510).\n- PCI: Mark Broadcom HT1100 and HT2000 Root Port Extended Tags as broken (bsc#1051510).\n- PCI: Remove messages about reassigning resources (bsc#1051510).\n- PCI: Restore config space on runtime resume despite being unbound (bsc#1051510).\n- PCI: aardvark: Fix PCIe Max Read Request Size setting (bsc#1051510).\n- PCI: aardvark: Fix logic in advk_pcie_{rd,wr}_conf() (bsc#1051510).\n- PCI: aardvark: Set PIO_ADDR_LS correctly in advk_pcie_rd_conf() (bsc#1051510).\n- PCI: aardvark: Use ISR1 instead of ISR0 interrupt in legacy irq mode (bsc#1051510).\n- PCI: designware-ep: Fix find_first_zero_bit() usage (bsc#1051510).\n- PCI: hv: Fix a __local_bh_enable_ip warning in hv_compose_msi_msg() (bnc#1094541).\n- PCI: pciehp: Clear Presence Detect and Data Link Layer Status Changed on resume (bsc#1051510).\n- PCI: shpchp: Enable bridge bus mastering if MSI is enabled (bsc#1051510).\n- PM / OPP: Add missing of_node_put(np) (bsc#1051510).\n- PM / OPP: Call notifier without holding opp_table-\u003elock (bsc#1051510).\n- PM / OPP: Move error message to debug level (bsc#1051510).\n- PM / devfreq: Fix potential NULL pointer dereference in governor_store (bsc#1051510).\n- PM / s2idle: Clear the events_check_enabled flag (bsc#1051510).\n- PM / wakeirq: Fix unbalanced IRQ enable for wakeirq (bsc#1051510).\n- PM: docs: Drop an excess character from devices.rst (bsc#1051510).\n- Pass x86 as architecture on x86_64 and i386 (bsc#1093118).\n- Preliminary series sort\n- RDMA/bnxt_re: Fix broken RoCE driver due to recent L2 driver changes (bsc#1086283).\n- RDMA/bnxt_re: Remove redundant bnxt_qplib_disable_nq() call (bsc#1086283).\n- RDMA/core: Avoid that ib_drain_qp() triggers an out-of-bounds stack access (bsc#1046306).\n- RDMA/core: Reduce poll batch for direct cq polling (bsc#1046306).\n- RDMA/i40iw: Avoid panic when reading back the IRQ affinity hint (bsc#1084001).\n- RDMA/mlx4: Fix uABI structure layouts for 32/64 compat (bsc#1071218).\n- RDMA/mlx5: Fix crash while accessing garbage pointer and freed memory (bsc#1046305).\n- RDMA/mlx5: Protect from NULL pointer derefence (bsc#1046305).\n- RDMA/ocrdma: Fix permissions for OCRDMA_RESET_STATS (bsc#1058513).\n- RDMA/rxe: Fix an out-of-bounds read (bsc#1050662).\n- RDMA/ucma: Allow resolving address w/o specifying source address (bsc#1046306).\n- RDMA/ucma: Introduce safer rdma_addr_size() variants (bsc#1046306).\n- RDMAVT: Fix synchronization around percpu_ref (bsc#1058717).\n- RDS: Check cmsg_len before dereferencing CMSG_DATA (networking-stable-17_12_31).\n- README.BRANCH: add Takashi as co-maintainer\n- Re-sort some patches to match SLE15\n- Refresh patches.suse/btrfs-use-kvzalloc-to-allocate-btrfs_fs_info.patch - Fixed References (bsc#1062897). \n- Remove the old fallback for iTCO/WDAT conflict (bsc#1073960) Now the upstream fix is included, so let\u0027s rip off the old trickery.\n- Revert \u0027Bluetooth: btusb: Fix quirk for Atheros 1525/QCA6174\u0027 (bsc#1051510).\n- Revert \u0027Remove patces for bug 1087405 due to regression\u0027 This reverts commit f91a2ea5192d9e933c41600da5d1543155df381c.\n- Revert \u0027ath10k: send (re)assoc peer command when NSS changed\u0027 (bsc#1051510).\n- Revert \u0027drm/i915/edp: Allow alternate fixed mode for eDP if available.\u0027 (bsc#1093604).\n- Revert \u0027kernel-binary: do not package extract-cert when not signing modules\u0027 This reverts commit 10a8bc496a553b8069d490a8ae7508bdb19f58d9.\n- Revert \u0027rt2800: use TXOP_BACKOFF for probe frames\u0027 (bsc#1051510).\n- Revert \u0027scsi: core: return BLK_STS_OK for DID_OK in __scsi_error_from_host_byte()\u0027 (bsc#1099918).\n- Sort series.conf\n- USB: Accept bulk endpoints with 1024-byte maxpacket (bsc#1092888).\n- USB: serial: pl2303: new device id for Chilitag (bsc#1087092).\n- USB: serial: simple: add Motorola Tetra driver (bsc#1087092).\n- USB:fix USB3 devices behind USB3 hubs not resuming at hibernate thaw (bsc#1090888).\n- Update patches.fixes/vti-fix-use-after-free-in-vti_tunnel_xmit-vti6_tnl_x.patch (bsc#1076830 networking-stable-17_10_09).\n- Update patches.suse/ceph-quota-add-counter-for-snaprealms-with-quota.patch (bsc#1089115).\n- Update patches.suse/ceph-quota-add-initial-infrastructure-to-support-cephfs-quotas.patch (bsc#1089115).\n- Update patches.suse/ceph-quota-cache-inode-pointer-in-ceph_snap_realm.patch (bsc#1089115).\n- Update patches.suse/ceph-quota-don-t-allow-cross-quota-renames.patch (bsc#1089115).\n- Update patches.suse/ceph-quota-support-for-ceph-quota-max_bytes.patch (bsc#1089115).\n- Update patches.suse/ceph-quota-support-for-ceph-quota-max_files.patch (bsc#1089115).\n- Update patches.suse/ceph-quota-update-mds-when-max_bytes-is-approaching.patch (bsc#1089115).\n- Update for above change patches.drivers/0003-md-cluster-Suspend-writes-in-RAID10-if-within-range.patch (bsc#1093023).\n- Update patches.suse/ceph-don-t-check-quota-for-snap-inode.patch (bsc#1089115).\n- Update patches.suse/ceph-fix-root-quota-realm-check.patch (bsc#1089115).\n- X.509: fix BUG_ON() when hash algorithm is unsupported (bsc#1051510).\n- X.509: fix NULL dereference when restricting key with unsupported_sig (bsc#1051510).\n- X.509: fix comparisons of -\u003epkey_algo (bsc#1051510).\n- X.509: reject invalid BIT STRING for subjectPublicKey (bsc#1051510).\n- acpi, nfit: quiet invalid block-aperture-region warnings (bsc#1091781).\n- acpi, nfit: rework NVDIMM leaf method detection (bsc#1091782).\n- acpi: Add helper for deactivating memory region (bsc#1100132).\n- acpi: nfit: Add support for detect platform CPU cache flush on power loss (bsc#1091424).\n- acpi: nfit: add persistent memory control flag for nd_region (bsc#1091424).\n- adding missing rcu_read_unlock in ipxip6_rcv (networking-stable-17_12_31).\n- af_netlink: ensure that NLMSG_DONE never fails in dumps (networking-stable-17_11_20).\n- afs: Connect up the CB.ProbeUuid (bsc#1052766).\n- afs: Fix missing error handling in afs_write_end() (bsc#1052766).\n- amd-xgbe: Add pre/post auto-negotiation phy hooks (networking-stable-18_04_26).\n- amd-xgbe: Improve KR auto-negotiation and training (networking-stable-18_04_26).\n- amd-xgbe: Only use the SFP supported transceiver signals (networking-stable-18_04_26).\n- amd-xgbe: Restore PCI interrupt enablement setting on resume (networking-stable-18_03_07).\n- apparmor: fix dangling symlinks to policy rawdata after replacement (bsc#1095893).\n- apparmor: fix display of .ns_name for containers (bsc#1095893).\n- apparmor: fix logging of the existence test for signals (bsc#1095893).\n- apparmor: fix memory leak on buffer on error exit path (bsc#1095893).\n- arch/*: Kconfig: fix documentation for NMI watchdog (bsc#1099918).\n- arm/arm64: smccc: Add SMCCC-specific return codes (bsc#1085308).\n- arm64: Add \u0027ssbd\u0027 command-line option (bsc#1085308).\n- arm64: Add ARCH_WORKAROUND_2 probing (bsc#1085308).\n- arm64: Add per-cpu infrastructure to call ARCH_WORKAROUND_2 (bsc#1085308).\n- arm64: Call ARCH_WORKAROUND_2 on transitions between EL0 and EL1 (bsc#1085308).\n- arm64: alternatives: Add dynamic patching feature (bsc#1085308).\n- arm64: fix endianness annotation for __apply_alternatives()/get_alt_insn() (bsc#1085308).\n- arm64: ssbd: Add global mitigation state accessor (bsc#1085308).\n- arm64: ssbd: Add prctl interface for per-thread mitigation (bsc#1085308).\n- arm64: ssbd: Introduce thread flag to control userspace mitigation (bsc#1085308).\n- arm64: ssbd: Restore mitigation status on CPU resume (bsc#1085308).\n- arm64: ssbd: Skip apply_ssbd if not using dynamic mitigation (bsc#1085308).\n- arp: fix arp_filter on l3slave devices (networking-stable-18_04_10).\n- ath10k: Fix kernel panic while using worker (ath10k_sta_rc_update_wk) (bsc#1051510).\n- ath10k: correct target assert problem due to CE5 stuck (bsc#1051510).\n- ath10k: search all IEs for variant before falling back (bsc#1051510).\n- ath9k: fix crash in spectral scan (bsc#1051510).\n- auxdisplay: fix broken menu (bsc#1051510).\n- auxdisplay: img-ascii-lcd: Only build on archs that have IOMEM (bsc#1051510).\n- auxdisplay: img-ascii-lcd: add missing MODULE_DESCRIPTION/AUTHOR/LICENSE (bsc#1051510).\n- backlight: as3711_bl: Fix Device Tree node lookup (bsc#1051510).\n- backlight: max8925_bl: Fix Device Tree node lookup (bsc#1051510).\n- backlight: tdo24m: Fix the SPI CS between transfers (bsc#1051510).\n- backlight: tps65217_bl: Fix Device Tree node lookup (bsc#1051510).\n- bcache: Add __printf annotation to __bch_check_keys() (bsc#1093023).\n- bcache: Annotate switch fall-through (bsc#1093023).\n- bcache: Fix a compiler warning in bcache_device_init() (bsc#1093023).\n- bcache: Fix indentation (bsc#1093023).\n- bcache: Fix kernel-doc warnings (bsc#1093023).\n- bcache: Fix, improve efficiency of closure_sync() (bsc#1093023).\n- bcache: Reduce the number of sparse complaints about lock imbalances (bsc#1093023).\n- bcache: Remove an unused variable (bsc#1093023).\n- bcache: Suppress more warnings about set-but-not-used variables (bsc#1093023).\n- bcache: Use PTR_ERR_OR_ZERO() (bsc#1093023).\n- bcache: add CACHE_SET_IO_DISABLE to struct cache_set flags (bsc#1093023).\n- bcache: add backing_request_endio() for bi_end_io (bsc#1093023).\n- bcache: add io_disable to struct cached_dev (bsc#1093023).\n- bcache: add journal statistic (bsc#1093023).\n- bcache: add stop_when_cache_set_failed option to backing device (bsc#1093023).\n- bcache: add wait_for_kthread_stop() in bch_allocator_thread() (bsc#1093023).\n- bcache: allow quick writeback when backing idle (bsc#1093023).\n- bcache: closures: move control bits one bit right (bsc#1093023).\n- bcache: comment on direct access to bvec table (bsc#1093023).\n- bcache: correct flash only vols (check all uuids) (bsc#1093023).\n- bcache: count backing device I/O error for writeback I/O (bsc#1093023).\n- bcache: fix cached_dev-\u003ecount usage for bch_cache_set_error() (bsc#1093023).\n- bcache: fix error return value in memory shrink (bsc#1093023).\n- bcache: fix for allocator and register thread race (bsc#1093023).\n- bcache: fix for data collapse after re-attaching an attached device (bsc#1093023).\n- bcache: fix high CPU occupancy during journal (bsc#1093023).\n- bcache: fix inaccurate io state for detached bcache devices (bsc#1093023).\n- bcache: fix incorrect sysfs output value of strip size (bsc#1093023).\n- bcache: fix kcrashes with fio in RAID5 backend dev (bsc#1093023).\n- bcache: fix misleading error message in bch_count_io_errors() (bsc#1093023).\n- bcache: fix unmatched generic_end_io_acct() and generic_start_io_acct() (bsc#1093023).\n- bcache: fix using of loop variable in memory shrink (bsc#1093023).\n- bcache: fix writeback target calc on large devices (bsc#1093023).\n- bcache: fix wrong return value in bch_debug_init() (bsc#1093023).\n- bcache: mark closure_sync() __sched (bsc#1093023).\n- bcache: move closure debug file into debug directory (bsc#1093023).\n- bcache: properly set task state in bch_writeback_thread() (bsc#1093023).\n- bcache: quit dc-\u003ewriteback_thread when BCACHE_DEV_DETACHING is set (bsc#1093023).\n- bcache: reduce cache_set devices iteration by devices_max_used (bsc#1093023).\n- bcache: ret IOERR when read meets metadata error (bsc#1093023).\n- bcache: return 0 from bch_debug_init() if CONFIG_DEBUG_FS=n (bsc#1093023).\n- bcache: return attach error when no cache set exist (bsc#1093023).\n- bcache: segregate flash only volume write streams (bsc#1093023).\n- bcache: set CACHE_SET_IO_DISABLE in bch_cached_dev_error() (bsc#1093023).\n- bcache: set dc-\u003eio_disable to true in conditional_stop_bcache_device() (bsc#1093023).\n- bcache: set error_limit correctly (bsc#1093023).\n- bcache: set writeback_rate_update_seconds in range [1, 60] seconds (bsc#1093023).\n- bcache: stop dc-\u003ewriteback_rate_update properly (bsc#1093023).\n- bcache: stop writeback thread after detaching (bsc#1093023).\n- bcache: store disk name in struct cache and struct cached_dev (bsc#1093023).\n- bcache: use pr_info() to inform duplicated CACHE_SET_IO_DISABLE set (bsc#1093023).\n- bcache: writeback: properly order backing device IO (bsc#1093023).\n- bdi: Fix oops in wb_workfn() (bsc#1052766).\n- bdi: wake up concurrent wb_shutdown() callers (bsc#1052766).\n- be2net: Fix HW stall issue in Lancer (bsc#1086288).\n- be2net: Fix error detection logic for BE3 (bsc#1050252).\n- be2net: Handle transmit completion errors in Lancer (bsc#1086288).\n- bfq-iosched: ensure to clear bic/bfqq pointers when preparing request (bsc#1052766).\n- bfq: Re-enable auto-loading when built as a module (bsc#1099918).\n- bio-integrity: move the bio integrity profile check earlier in bio_integrity_prep (bsc#1093023).\n- bitmap: fix memset optimization on big-endian systems (bsc#1051510).\n- bitops: Introduce assign_bit() (bsc#1093023).\n- blacklist.conf: blacklist further commits not needed (bsc#1085933, bsc#1085938, bsc#1085939)\n- blacklist.conf: blacklist tools specific change bsc#1085941\n- blk-mq-debugfs: fix device sched directory for default scheduler (bsc#1099918).\n- blk-mq: do not keep offline CPUs mapped to hctx 0 (bsc#1099918).\n- blk-mq: make sure hctx-\u003enext_cpu is set correctly (bsc#1099918).\n- blk-mq: make sure that correct hctx-\u003enext_cpu is set (bsc#1099918).\n- blk-mq: reinit q-\u003etag_set_list entry only after grace period (bsc#1099918).\n- blk-mq: simplify queue mapping and schedule with each possisble CPU (bsc#1099918).\n- block, bfq: add missing invocations of bfqg_stats_update_io_add/remove (bsc#1099918).\n- block, bfq: fix occurrences of request finish method\u0027s old name (bsc#1099918).\n- block, bfq: put async queues for root bfq groups too (bsc#1052766).\n- block/loop: fix deadlock after loop_set_status (bsc#1052766).\n- block/swim: Remove extra put_disk() call from error path (bsc#1099918).\n- block: Add comment to submit_bio_wait() (bsc#1093023).\n- block: Fix __bio_integrity_endio() documentation (bsc#1099918).\n- block: Fix cloning of requests with a special payload (bsc#1099918).\n- block: Set BIO_TRACE_COMPLETION on new bio during split (bsc#1052766).\n- block: cope with WRITE ZEROES failing in blkdev_issue_zeroout() (bsc#1099918).\n- block: factor out __blkdev_issue_zero_pages() (bsc#1099918).\n- block: sed-opal: Fix a couple off by one bugs (bsc#1099918).\n- bnx2x: Collect the device debug information during Tx timeout (bsc#1086323).\n- bnx2x: Deprecate pci_get_bus_and_slot() (bsc#1086323).\n- bnx2x: Replace doorbell barrier() with wmb() (bsc#1086323).\n- bnx2x: Use NETIF_F_GRO_HW (bsc#1086323).\n- bnx2x: Use pci_ari_enabled() instead of local copy (bsc#1086323).\n- bnx2x: fix slowpath null crash (bsc#1086323).\n- bnx2x: fix spelling mistake: \u0027registeration\u0027 -\u003e \u0027registration\u0027 (bsc#1086323).\n- bnx2x: use the right constant (bsc#1086323).\n- bnxt_en: Add BCM5745X NPAR device IDs (bsc#1086282).\n- bnxt_en: Add IRQ remapping logic (bsc#1086282).\n- bnxt_en: Add TC to hardware QoS queue mapping logic (bsc#1086282).\n- bnxt_en: Add ULP calls to stop and restart IRQs (bsc#1086282).\n- bnxt_en: Add cache line size setting to optimize performance (bsc#1086282).\n- bnxt_en: Add extended port statistics support (bsc#1086282).\n- bnxt_en: Add support for ndo_set_vf_trust (bsc#1086282).\n- bnxt_en: Add the new firmware API to query hardware resources (bsc#1086282).\n- bnxt_en: Adjust default rings for multi-port NICs (bsc#1086282).\n- bnxt_en: Always forward VF MAC address to the PF (bsc#1086282).\n- bnxt_en: Change IRQ assignment for RDMA driver (bsc#1086282).\n- bnxt_en: Check max_tx_scheduler_inputs value from firmware (bsc#1086282).\n- bnxt_en: Check the lengths of encapsulated firmware responses (bsc#1086282).\n- bnxt_en: Check unsupported speeds in bnxt_update_link() on PF only (bsc#1086282).\n- bnxt_en: Display function level rx/tx_discard_pkts via ethtool (bsc#1086282).\n- bnxt_en: Do not allow VF to read EEPROM (bsc#1086282).\n- bnxt_en: Do not reserve rings on VF when min rings were not provisioned by PF (bsc#1086282).\n- bnxt_en: Do not set firmware time from VF driver on older firmware (bsc#1086282).\n- bnxt_en: Eliminate duplicate barriers on weakly-ordered archs (bsc#1086282).\n- bnxt_en: Expand bnxt_check_rings() to check all resources (bsc#1086282).\n- bnxt_en: Fix NULL pointer dereference at bnxt_free_irq() (bsc#1086282).\n- bnxt_en: Fix ethtool -x crash when device is down (bsc#1086282).\n- bnxt_en: Fix firmware message delay loop regression (bsc#1086282).\n- bnxt_en: Fix regressions when setting up MQPRIO TX rings (bsc#1086282).\n- bnxt_en: Fix vnic accounting in the bnxt_check_rings() path (bsc#1086282).\n- bnxt_en: Forward VF MAC address to the PF (bsc#1086282).\n- bnxt_en: Ignore src port field in decap filter nodes (bsc#1050242).\n- bnxt_en: Implement new method for the PF to assign SRIOV resources (bsc#1086282).\n- bnxt_en: Implement new method to reserve rings (bsc#1086282).\n- bnxt_en: Improve resource accounting for SRIOV (bsc#1086282).\n- bnxt_en: Improve ring allocation logic (bsc#1086282).\n- bnxt_en: Improve valid bit checking in firmware response message (bsc#1086282).\n- bnxt_en: Include additional hardware port statistics in ethtool -S (bsc#1086282).\n- bnxt_en: Increase RING_IDLE minimum threshold to 50 (bsc#1086282).\n- bnxt_en: Need to include RDMA rings in bnxt_check_rings() (bsc#1086282).\n- bnxt_en: Pass complete VLAN TCI to the stack (bsc#1086282).\n- bnxt_en: Read phy eeprom A2h address only when optical diagnostics is supported (bsc#1086282).\n- bnxt_en: Refactor bnxt_close_nic() (bsc#1086282).\n- bnxt_en: Refactor bnxt_need_reserve_rings() (bsc#1086282).\n- bnxt_en: Refactor hardware resource data structures (bsc#1086282).\n- bnxt_en: Refactor the functions to reserve hardware rings (bsc#1086282).\n- bnxt_en: Remap TC to hardware queues when configuring PFC (bsc#1086282).\n- bnxt_en: Reserve RSS and L2 contexts for VF (bsc#1086282).\n- bnxt_en: Reserve completion rings and MSIX for bnxt_re RDMA driver (bsc#1086282).\n- bnxt_en: Reserve resources for RFS (bsc#1086282).\n- bnxt_en: Reserve rings at driver open if none was reserved at probe time (bsc#1086282).\n- bnxt_en: Reserve rings in bnxt_set_channels() if device is down (bsc#1086282).\n- bnxt_en: Restore MSIX after disabling SRIOV (bsc#1086282).\n- bnxt_en: Set initial default RX and TX ring numbers the same in combined mode (bsc#1086282).\n- bnxt_en: Simplify ring alloc/free error messages (bsc#1086282).\n- bnxt_en: Support max-mtu with VF-reps (bsc#1086282).\n- bnxt_en: Update firmware interface to 1.9.0 (bsc#1086282).\n- bnxt_en: Update firmware interface to 1.9.1.15 (bsc#1086282).\n- bnxt_en: Use a dedicated VNIC mode for RDMA (bsc#1086282).\n- bnxt_en: close and open NIC, only when the interface is in running state (bsc#1086282).\n- bnxt_en: do not allow wildcard matches for L2 flows (bsc#1050242).\n- bnxt_en: export a common switchdev PARENT_ID for all reps of an adapter (bsc#1086282).\n- bnxt_en: fix clear flags in ethtool reset handling (bsc#1050242).\n- bnxt_en: reduce timeout on initial HWRM calls (bsc#1086282).\n- bonding: discard lowest hash bit for 802.3ad layer3+4 (networking-stable-17_11_20).\n- bonding: do not set slave_dev npinfo before slave_enable_netpoll in bond_enslave (networking-stable-18_04_26).\n- bonding: fix the err path for dev hwaddr sync in bond_enslave (networking-stable-18_04_10).\n- bonding: move dev_mc_sync after master_upper_dev_link in bond_enslave (networking-stable-18_04_10).\n- bonding: process the err returned by dev_set_allmulti properly in bond_enslave (networking-stable-18_04_10).\n- bonding: send learning packets for vlans on slave (networking-stable-18_05_15).\n- bpf, ppc64: fix out of bounds access in tail call (bsc#1083647).\n- bpf, x64: fix memleak when not converging after image (bsc#1083647).\n- bpf: add schedule points in percpu arrays management (bsc#1083647).\n- bpf: fix bpf_skb_adjust_net/bpf_skb_proto_xlat to deal with gso sctp skbs (bsc#1076830).\n- bpf: fix mlock precharge on arraymaps (bsc#1083647).\n- bpf: make bnxt compatible w/ bpf_xdp_adjust_tail (bsc#1086282).\n- bpf: properly enforce index mask to prevent out-of-bounds speculation (bsc#1098425).\n- brcmfmac: Fix check for ISO3166 code (bsc#1051510).\n- brd: fix overflow in __brd_direct_access (bsc#1052766).\n- bridge: check iface upper dev when setting master via ioctl (networking-stable-18_05_15).\n- Btrfs: Take trans lock before access running trans in check_delayed_ref (bsc#1097105).\n- Btrfs: return error value if create_io_em failed in cow_file_range (bsc#1097105).\n- can: af_can: can_pernet_init(): add missing error handling for kzalloc returning NULL (bsc#1051510).\n- can: af_can: can_rcv(): replace WARN_ONCE by pr_warn_once (bsc#1051510).\n- can: af_can: canfd_rcv(): replace WARN_ONCE by pr_warn_once (bsc#1051510).\n- can: c_can: do not indicate triple sampling support for D_CAN (bsc#1051510).\n- can: cc770: Fix queue stall and dropped RTR reply (bsc#1051510).\n- can: cc770: Fix stalls on rt-linux, remove redundant IRQ ack (bsc#1051510).\n- can: cc770: Fix use after free in cc770_tx_interrupt() (bsc#1051510).\n- can: ems_usb: cancel urb on -EPIPE and -EPROTO (bsc#1051510).\n- can: esd_usb2: Fix can_dlc value for received RTR, frames (bsc#1051510).\n- can: esd_usb2: cancel urb on -EPIPE and -EPROTO (bsc#1051510).\n- can: flex_can: Correct the checking for frame length in flexcan_start_xmit() (bsc#1051510).\n- can: flexcan: fix VF610 state transition issue (bsc#1051510).\n- can: flexcan: fix i.MX28 state transition issue (bsc#1051510).\n- can: flexcan: fix i.MX6 state transition issue (bsc#1051510).\n- can: flexcan: fix p1010 state transition issue (bsc#1051510).\n- can: flexcan: fix state transition regression (bsc#1051510).\n- can: flexcan: implement error passive state quirk (bsc#1051510).\n- can: flexcan: rename legacy error state quirk (bsc#1051510).\n- can: gs_usb: fix busy loop if no more TX context is available (bsc#1051510).\n- can: gs_usb: fix return value of the \u0027set_bittiming\u0027 callback (bsc#1051510).\n- can: hi311x: Acquire SPI lock on -\u003edo_get_berr_counter (bsc#1051510).\n- can: hi311x: Work around TX complete interrupt erratum (bsc#1051510).\n- can: ifi: Check core revision upon probe (bsc#1051510).\n- can: ifi: Fix transmitter delay calculation (bsc#1051510).\n- can: ifi: Repair the error handling (bsc#1051510).\n- can: kvaser_usb: Correct return value in printout (bsc#1051510).\n- can: kvaser_usb: Fix comparison bug in kvaser_usb_read_bulk_callback() (bsc#1051510).\n- can: kvaser_usb: Ignore CMD_FLUSH_QUEUE_REPLY messages (bsc#1051510).\n- can: kvaser_usb: Increase correct stats counter in kvaser_usb_rx_can_msg() (bsc#1051510).\n- can: kvaser_usb: cancel urb on -EPIPE and -EPROTO (bsc#1051510).\n- can: kvaser_usb: free buf in error paths (bsc#1051510).\n- can: kvaser_usb: ratelimit errors if incomplete messages are received (bsc#1051510).\n- can: mcba_usb: cancel urb on -EPROTO (bsc#1051510).\n- can: mcba_usb: fix device disconnect bug (bsc#1051510).\n- can: peak/pci: fix potential bug when probe() fails (bsc#1051510).\n- can: peak/pcie_fd: fix echo_skb is occupied! bug (bsc#1051510).\n- can: peak/pcie_fd: fix potential bug in restarting tx queue (bsc#1051510).\n- can: peak/pcie_fd: remove useless code when interface starts (bsc#1051510).\n- can: peak: Add support for new PCIe/M2 CAN FD interfaces (bsc#1051510).\n- can: peak: fix potential bug in packet fragmentation (bsc#1051510).\n- can: sun4i: fix loopback mode (bsc#1051510).\n- can: sun4i: handle overrun in RX FIFO (bsc#1051510).\n- can: ti_hecc: Fix napi poll return value for repoll (bsc#1051510).\n- can: usb_8dev: cancel urb on -EPIPE and -EPROTO (bsc#1051510).\n- can: vxcan: improve handling of missing peer name attribute (bsc#1051510).\n- cdc_ether: flag the Cinterion AHS8 modem by gemalto as WWAN (networking-stable-18_04_13).\n- cdrom: information leak in cdrom_ioctl_media_changed() (bsc#1051510).\n- ceph: adding protection for showing cap reservation info (bsc#1089115).\n- ceph: always update atime/mtime/ctime for new inode (bsc#1089115).\n- ceph: change variable name to follow common rule (bsc#1089115).\n- ceph: check if mds create snaprealm when setting quota (bsc#1089115).\n- ceph: do not wait on writeback when there is no more dirty pages (bsc#1089115).\n- ceph: filter out used flags when printing unused open flags (bsc#1089115).\n- ceph: fix alignment of rasize (bsc#1098236).\n- ceph: fix dentry leak in splice_dentry() (bsc#1098236).\n- ceph: fix invalid point dereference for error case in mdsc destroy (bsc#1089115).\n- ceph: fix rsize/wsize capping in ceph_direct_read_write() (bsc#1089115).\n- ceph: fix st_nlink stat for directories (bsc#1093904).\n- ceph: fix use-after-free in ceph_statfs() (bsc#1098236).\n- ceph: fix wrong check for the case of updating link count (bsc#1098236).\n- ceph: keep consistent semantic in fscache related option combination (bsc#1089115).\n- ceph: mark the cap cache as unreclaimable (bsc#1089115).\n- ceph: optimize mds session register (bsc#1089115).\n- ceph: optimize memory usage (bsc#1089115).\n- ceph: optimizing cap allocation (bsc#1089115).\n- ceph: optimizing cap reservation (bsc#1089115).\n- ceph: prevent i_version from going back (bsc#1098236).\n- ceph: quota: report root dir quota usage in statfs (bsc#1089115).\n- ceph: release unreserved caps if having enough available caps (bsc#1089115).\n- ceph: return proper bool type to caller instead of pointer (bsc#1089115).\n- ceph: support file lock on directory (bsc#1098236).\n- ceph: use seq_show_option for string type options (bsc#1089115).\n- cfg80211: clear wep keys after disconnection (bsc#1051510).\n- cfg80211: further limit wiphy names to 64 bytes (bsc#1051510).\n- cfg80211: limit wiphy names to 128 bytes (bsc#1051510).\n- cgroup: Fix deadlock in cpu hotplug path (Git-fixes).\n- cgroup: Reinit cgroup_taskset structure before cgroup_migrate_execute() returns (Git-fixes).\n- cifs: Check for timeout on Negotiate stage (bsc#1091171).\n- cifs: silence compiler warnings showing up with gcc-8.0.0 (bsc#1090734).\n- config: arm64: enable Spectre-v4 per-thread mitigation\n- coresight: Fix disabling of CoreSight TPIU (bsc#1051510).\n- cpufreq: intel_pstate: Add HWP boost utility and sched util hooks (bsc#1066110).\n- cpufreq: intel_pstate: Fix scaling max/min limits with Turbo 3.0 (bsc#1051510).\n- cpufreq: intel_pstate: HWP boost performance on IO wakeup (bsc#1066110).\n- cpufreq: intel_pstate: New sysfs entry to control HWP boost (bsc#1066110).\n- cpufreq: intel_pstate: enable boost for Skylake Xeon (bsc#1066110).\n- cpufreq: schedutil: Avoid using invalid next_freq (git-fixes).\n- cpuidle: fix broadcast control when broadcast can not be entered (Git-fixes).\n- cros_ec: fix nul-termination for firmware build info (bsc#1051510).\n- crypto: AF_ALG - remove SGL terminator indicator when chaining (bsc#1051510).\n- crypto: aes-generic - build with -Os on gcc-7+ (bsc#1051510).\n- crypto: aes-generic - fix aes-generic regression on powerpc (bsc#1051510).\n- crypto: af_alg - fix possible uninit-value in alg_bind() (bsc#1051510).\n- crypto: ahash - Fix early termination in hash walk (bsc#1051510).\n- crypto: arm,arm64 - Fix random regeneration of S_shipped (bsc#1051510).\n- crypto: atmel-aes - fix the keys zeroing on errors (bsc#1051510).\n- crypto: caam - Fix null dereference at error path (bsc#1051510).\n- crypto: caam - fix DMA mapping dir for generated IV (bsc#1051510).\n- crypto: caam - fix IV DMA mapping and updating (bsc#1051510).\n- crypto: caam - fix incorrect define (bsc#1051510).\n- crypto: caam - strip input zeros from RSA input buffer (bsc#1051510).\n- crypto: caam/qi - fix IV DMA mapping and updating (bsc#1051510).\n- crypto: caam/qi - fix IV DMA mapping and updating (bsc#1051510).\n- crypto: ccp - Fix sparse, use plain integer as NULL pointer (git-fixes 200664d5237f).\n- crypto: drbg - set freed buffers to NULL (bsc#1051510).\n- crypto: lrw - Free rctx-\u003eext with kzfree (bsc#1051510).\n- crypto: omap-sham - fix memleak (bsc#1051510).\n- crypto: qat - remove unused and redundant pointer vf_info (bsc#1051510).\n- crypto: sunxi-ss - Add MODULE_ALIAS to sun4i-ss (bsc#1051510).\n- crypto: vmx - Remove overly verbose printk from AES XTS init (bsc#1051510).\n- crypto: vmx - Remove overly verbose printk from AES init routines (bsc#1051510).\n- crypto: x86/cast5-avx - fix ECB encryption when long sg follows short one (bsc#1051510).\n- cxgb4: Correct ntuple mask validation for hash filters (bsc#1064802 bsc#1066129).\n- cxgb4: fix error return code in adap_init0() (bsc#1064802 bsc#1066129).\n- cxgb4: fix offset in collecting TX rate limit info (bsc#1073513).\n- cxgb4vf: Fix SGE FL buffer initialization logic for 64K pages (bsc#1046542).\n- dax, dm: allow device-mapper to operate without dax support (bsc#1093023).\n- dax: check for QUEUE_FLAG_DAX in bdev_dax_supported() (bsc#1101315).\n- dccp: do not restart ccid2_hc_tx_rto_expire() if sk in closed state (networking-stable-18_01_28).\n- dccp: fix tasklet usage (networking-stable-18_05_15).\n- delayacct: Account blkio completion on the correct task (bsc#1052766).\n- dell_rbu: make firmware payload memory uncachable (bsc#1087978).\n- device-dax: allow MAP_SYNC to succeed (bsc#1052766).\n- devlink: Remove redundant free on error path (networking-stable-18_03_28).\n- direct-io: Prevent NULL pointer access in submit_page_section (bsc#1052766).\n- disable patches.drivers/s390-qeth-use-Read-device-to-query-hypervisor-for-MA.patch Backport of mainline commit b7493e91c11a (\u0027s390/qeth: use Read device to query hypervisor for MAC\u0027) changes assigned MAC address (and breaks networking) on one of our machines and it\u0027s not clear which address is actually correct (bsc#1094575).\n- dlm: fix a clerical error when set SCTP_NODELAY (bsc#1091594).\n- dlm: make sctp_connect_to_sock() return in specified time (bsc#1080542).\n- dlm: remove O_NONBLOCK flag in sctp_connect_to_sock (bsc#1080542).\n- dm btree: fix serious bug in btree_split_beneath() (bsc#1093023).\n- dm bufio: add missed destroys of client mutex (bsc#1093023).\n- dm bufio: check result of register_shrinker() (bsc#1093023).\n- dm bufio: delete outdated comment (bsc#1093023).\n- dm bufio: do not embed a bio in the dm_buffer structure (bsc#1093023).\n- dm bufio: eliminate unnecessary labels in dm_bufio_client_create() (bsc#1093023).\n- dm bufio: fix buffer alignment (bsc#1093023).\n- dm bufio: fix integer overflow when limiting maximum cache size (bsc#1093023).\n- dm bufio: fix shrinker scans when (nr_to_scan lower than retain_target) (bsc#1093023).\n- dm bufio: get rid of slab cache name allocations (bsc#1093023).\n- dm bufio: move dm-bufio.h to include/linux/ (bsc#1093023).\n- dm bufio: relax alignment constraint on slab cache (bsc#1093023).\n- dm bufio: remove code that merges slab caches (bsc#1093023).\n- dm bufio: reorder fields in dm_buffer structure (bsc#1093023).\n- dm bufio: support non-power-of-two block sizes (bsc#1093023).\n- dm bufio: use REQ_OP_READ and REQ_OP_WRITE (bsc#1093023).\n- dm bufio: use slab cache for dm_buffer structure allocations (bsc#1093023).\n- dm cache background tracker: limit amount of background work that may be issued at once (bsc#1093023).\n- dm cache policy smq: allocate cache blocks in order (bsc#1093023).\n- dm cache policy smq: change max background work from 10240 to 4096 blocks (bsc#1093023).\n- dm cache policy smq: handle races with queuing background_work (bsc#1093023).\n- dm cache policy smq: take origin idle status into account when queuing writebacks (bsc#1093023).\n- dm cache: convert dm_cache_metadata.ref_count from atomic_t to refcount_t (bsc#1093023).\n- dm cache: fix race condition in the writeback mode overwrite_bio optimisation (bsc#1093023).\n- dm cache: lift common migration preparation code to alloc_migration() (bsc#1093023).\n- dm cache: pass cache structure to mode functions (bsc#1093023).\n- dm cache: remove all obsolete writethrough-specific code (bsc#1093023).\n- dm cache: remove usused deferred_cells member from struct cache (bsc#1093023).\n- dm cache: simplify get_per_bio_data() by removing data_size argument (bsc#1093023).\n- dm cache: submit writethrough writes in parallel to origin and cache (bsc#1093023).\n- dm crypt: allow unaligned bv_offset (bsc#1093023).\n- dm crypt: fix crash by adding missing check for auth key size (bsc#1093023).\n- dm crypt: fix error return code in crypt_ctr() (bsc#1093023).\n- dm crypt: fix memory leak in crypt_ctr_cipher_old() (bsc#1093023).\n- dm crypt: limit the number of allocated pages (bsc#1093023).\n- dm crypt: reject sector_size feature if device length is not aligned to it (bsc#1093023).\n- dm crypt: remove BIOSET_NEED_RESCUER flag (bsc#1093023).\n- dm crypt: wipe kernel key copy after IV initialization (bsc#1093023).\n- dm flakey: check for null arg_name in parse_features() (bsc#1093023).\n- dm integrity: allow unaligned bv_offset (bsc#1093023).\n- dm integrity: count and display checksum failures (bsc#1093023).\n- dm integrity: do not check integrity for failed read operations (bsc#1093023).\n- dm integrity: do not store cipher request on the stack (bsc#1093023).\n- dm integrity: fail early if required HMAC key is not available (bsc#1093023).\n- dm integrity: make blk_integrity_profile structure const (bsc#1093023).\n- dm integrity: optimize writing dm-bufio buffers that are partially changed (bsc#1093023).\n- dm integrity: use init_completion instead of COMPLETION_INITIALIZER_ONSTACK (bsc#1093023).\n- dm integrity: use kvfree for kvmalloc\u0027d memory (bsc#1099918).\n- dm io: remove BIOSET_NEED_RESCUER flag from bios bioset (bsc#1093023).\n- dm ioctl: constify ioctl lookup table (bsc#1093023).\n- dm log writes: add support for DAX (bsc#1093023).\n- dm log writes: add support for inline data buffers (bsc#1093023).\n- dm log writes: do not use all the cpu while waiting to log blocks (bsc#1093023).\n- dm log writes: fix \u003e512b sectorsize support (bsc#1093023).\n- dm log writes: fix max length used for kstrndup (bsc#1093023).\n- dm log writes: record metadata flag for better flags record (bsc#1093023).\n- dm mpath: fix bio-based multipath queue_if_no_path handling (bsc#1099918).\n- dm raid: add component device size checks to avoid runtime failure (bsc#1093023).\n- dm raid: avoid passing array_in_sync variable to raid_status() callees (bsc#1093023).\n- dm raid: bump target version to reflect numerous fixes (bsc#1093023).\n- dm raid: consume sizes after md_finish_reshape() completes changing them (bsc#1093023).\n- dm raid: correct resizing state relative to reshape space in ctr (bsc#1093023).\n- dm raid: display a consistent copy of the MD status via raid_status() (bsc#1093023).\n- dm raid: do not use \u0027const\u0027 in function return (bsc#1099918).\n- dm raid: ensure \u0027a\u0027 chars during reshape (bsc#1093023).\n- dm raid: fix deadlock caused by premature md_stop_writes() (bsc#1093023).\n- dm raid: fix incorrect status output at the end of a \u0027recover\u0027 process (bsc#1093023).\n- dm raid: fix incorrect sync_ratio when degraded (bsc#1093023).\n- dm raid: fix nosync status (bsc#1093023).\n- dm raid: fix panic when attempting to force a raid to sync (bsc#1093023).\n- dm raid: fix parse_raid_params() variable range issue (bsc#1093023).\n- dm raid: fix raid set size revalidation (bsc#1093023).\n- dm raid: fix raid_resume() to keep raid set frozen as needed (bsc#1093023).\n- dm raid: fix rs_get_progress() synchronization state/ratio (bsc#1093023).\n- dm raid: make raid_sets symbol static (bsc#1093023).\n- dm raid: simplify rs_get_progress() (bsc#1093023).\n- dm raid: small cleanup and remove unsed \u0027struct raid_set\u0027 member (bsc#1093023).\n- dm raid: stop keeping raid set frozen altogether (bsc#1093023).\n- dm raid: use rs_is_raid*() (bsc#1093023).\n- dm raid: validate current raid sets redundancy (bsc#1093023).\n- dm rq: do not update rq partially in each ending bio (bsc#1093023).\n- dm rq: make dm-sq requeuing behavior consistent with dm-mq behavior (bsc#1093023).\n- dm space map metadata: use ARRAY_SIZE (bsc#1093023).\n- dm stripe: get rid of a Variable Length Array (VLA) (bsc#1093023).\n- dm table: fix regression from improper dm_dev_internal.count refcount_t conversion (bsc#1093023).\n- dm thin metadata: THIN_MAX_CONCURRENT_LOCKS should be 6 (bsc#1093023).\n- dm thin: fix trailing semicolon in __remap_and_issue_shared_cell (bsc#1093023).\n- dm zoned: avoid triggering reclaim from inside dmz_map() (bsc#1099918).\n- dm zoned: ignore last smaller runt zone (bsc#1093023).\n- dm-crypt: do not clear bvec-\u003ebv_page in crypt_free_buffer_pages() (bsc#1093023).\n- dm-crypt: do not mess with BIP_BLOCK_INTEGRITY (bsc#1093023).\n- dm-raid: fix a race condition in request handling (bsc#1093023).\n- dm: backfill missing calls to mutex_destroy() (bsc#1093023).\n- dm: clear all discard attributes in queue_limits when discards are disabled (bsc#1093023).\n- dm: convert DM printk macros to pr level macros (bsc#1099918).\n- dm: convert dm_dev_internal.count from atomic_t to refcount_t (bsc#1093023).\n- dm: convert table_device.count from atomic_t to refcount_t (bsc#1093023).\n- dm: correctly handle chained bios in dec_pending() (bsc#1093023).\n- dm: discard support requires all targets in a table support discards (bsc#1093023).\n- dm: do not set \u0027discards_supported\u0027 in targets that do not need it (bsc#1093023).\n- dm: ensure bio submission follows a depth-first tree walk (bsc#1093023).\n- dm: ensure bio-based DM\u0027s bioset and io_pool support targets\u0027 maximum IOs (bsc#1093023).\n- dm: fix __send_changing_extent_only() to send first bio and chain remainder (bsc#1093023).\n- dm: fix comment above dm_accept_partial_bio (bsc#1093023).\n- dm: fix printk() rate limiting code (bsc#1099918).\n- dm: fix various targets to dm_register_target after module __init resources created (bsc#1093023).\n- dm: limit the max bio size as BIO_MAX_PAGES * PAGE_SIZE (bsc#1093023).\n- dm: move dm_table_destroy() to same header as dm_table_create() (bsc#1093023).\n- dm: remove BIOSET_NEED_RESCUER based dm_offload infrastructure (bsc#1093023).\n- dm: remove stale comment blocks (bsc#1093023).\n- dm: remove unused \u0027num_write_bios\u0027 target interface (bsc#1093023).\n- dm: remove unused macro DM_MOD_NAME_SIZE (bsc#1093023).\n- dm: rename \u0027bio\u0027 member of dm_io structure to \u0027orig_bio\u0027 (bsc#1093023).\n- dm: safely allocate multiple bioset bios (bsc#1093023).\n- dm: set QUEUE_FLAG_DAX accordingly in dm_table_set_restrictions() (bsc#1093023).\n- dm: simplify start of block stats accounting for bio-based (bsc#1093023).\n- dm: small cleanup in dm_get_md() (bsc#1093023).\n- dm: use bio_split() when splitting out the already processed bio (bsc#1099918).\n- dmaengine: at_hdmac: fix potential NULL pointer dereference in atc_prep_dma_interleaved (bsc#1051510).\n- dmaengine: at_xdmac: fix rare residue corruption (bsc#1051510).\n- dmaengine: dmatest: fix container_of member in dmatest_callback (bsc#1051510).\n- dmaengine: dmatest: move callback wait queue to thread context (bsc#1051510).\n- dmaengine: dmatest: warn user when dma test times out (bsc#1051510).\n- dmaengine: edma: Align the memcpy acnt array size with the transfer (bsc#1051510).\n- dmaengine: ioat: Fix error handling path (bsc#1051510).\n- dmaengine: jz4740: disable/unprepare clk if probe fails (bsc#1051510).\n- dmaengine: ti-dma-crossbar: Correct am335x/am43xx mux value type (bsc#1051510).\n- dmaengine: ti-dma-crossbar: Fix event mapping for TPCC_EVT_MUX_60_63 (bsc#1051510).\n- dmaengine: ti-dma-crossbar: Fix possible race condition with dma_inuse (bsc#1051510).\n- docs: disable KASLR when debugging kernel (bsc#1051510).\n- dpaa_eth: increment the RX dropped counter when needed (networking-stable-18_03_28).\n- dpaa_eth: remove duplicate increment of the tx_errors counter (networking-stable-18_03_28).\n- dpaa_eth: remove duplicate initialization (networking-stable-18_03_28).\n- drbd: Fix drbd_request_prepare() discard handling (bsc#1099918).\n- driver core: Do not ignore class_dir_create_and_add() failure (bsc#1051510).\n- driver core: Move device_links_purge() after bus_remove_device() (bsc#1099918).\n- drivers/infiniband/core/verbs.c: fix build with gcc-4.4.4 (bsc#1046306).\n- drivers/infiniband/ulp/srpt/ib_srpt.c: fix build with gcc-4.4.4 (bsc#1046306).\n- drivers: net: bnx2x: use setup_timer() helper (bsc#1086323).\n- drm/amd/powerplay: Fix enum mismatch (bsc#1051510).\n- drm/amdgpu/sdma: fix mask in emit_pipeline_sync (bsc#1051510).\n- drm/amdgpu/si: implement get/set pcie_lanes asic callback (bsc#1051510).\n- drm/amdgpu: Add APU support in vi_set_uvd_clocks (bsc#1051510).\n- drm/amdgpu: Add APU support in vi_set_vce_clocks (bsc#1051510).\n- drm/amdgpu: Add an ATPX quirk for hybrid laptop (bsc#1051510).\n- drm/amdgpu: Fix PCIe lane width calculation (bsc#1051510).\n- drm/amdgpu: Fix always_valid bos multiple LRU insertions (bsc#1051510).\n- drm/amdgpu: Fix deadlock on runtime suspend (bsc#1051510).\n- drm/amdgpu: Use kvmalloc_array for allocating VRAM manager nodes array (bsc#1051510).\n- drm/amdgpu: adjust timeout for ib_ring_tests(v2) (bsc#1051510).\n- drm/amdgpu: disable GFX ring and disable PQ wptr in hw_fini (bsc#1051510).\n- drm/amdgpu: set COMPUTE_PGM_RSRC1 for SGPR/VGPR clearing shaders (bsc#1051510).\n- drm/amdkfd: fix clock counter retrieval for node without GPU (bsc#1051510).\n- drm/armada: fix leak of crtc structure (bsc#1051510).\n- drm/ast: Fixed 1280x800 Display Issue (bsc#1051510).\n- drm/atmel-hlcdc: check stride values in the first plane (bsc#1051510).\n- drm/atomic: Clean old_state/new_state in drm_atomic_state_default_clear() (bsc#1051510).\n- drm/atomic: Clean private obj old_state/new_state in drm_atomic_state_default_clear() (bsc#1051510).\n- drm/bridge: analogix dp: Fix runtime PM state in get_modes() callback (bsc#1051510).\n- drm/bridge: tc358767: do no fail on hi-res displays (bsc#1051510).\n- drm/bridge: tc358767: filter out too high modes (bsc#1051510).\n- drm/bridge: tc358767: fix 1-lane behavior (bsc#1051510).\n- drm/bridge: tc358767: fix AUXDATAn registers access (bsc#1051510).\n- drm/bridge: tc358767: fix DP0_MISC register set (bsc#1051510).\n- drm/bridge: tc358767: fix timing calculations (bsc#1051510).\n- drm/bridge: vga-dac: Fix edid memory leak (bsc#1051510).\n- drm/dumb-buffers: Integer overflow in drm_mode_create_ioctl() (bsc#1051510).\n- drm/exynos/dsi: mask frame-done interrupt (bsc#1051510).\n- drm/exynos: Allow DRM_EXYNOS on s5pv210 (bsc#1051510).\n- drm/exynos: Fix default value for zpos plane property (bsc#1051510).\n- drm/exynos: fix comparison to bitshift when dealing with a mask (bsc#1051510).\n- drm/exynos: g2d: use monotonic timestamps (bsc#1051510).\n- drm/fsl-dcu: enable IRQ before drm_atomic_helper_resume() (bsc#1051510).\n- drm/hisilicon: Ensure LDI regs are properly configured (bsc#1051510).\n- drm/i915/audio: Fix audio detection issue on GLK (bsc#1051510).\n- drm/i915/audio: set minimum CD clock to twice the BCLK (bsc#1095265).\n- drm/i915/bios: filter out invalid DDC pins from VBT child devices (bsc#1051510).\n- drm/i915/execlists: Use rmb() to order CSB reads (bsc#1051510).\n- drm/i915/gen9: Add WaClearHIZ_WM_CHICKEN3 for bxt and glk (bsc#1051510).\n- drm/i915/glk: Add MODULE_FIRMWARE for Geminilake (bsc#1095265).\n- drm/i915/gvt: fix memory leak of a cmd_entry struct on error exit path (bsc#1051510).\n- drm/i915/gvt: throw error on unhandled vfio ioctls (bsc#1051510).\n- drm/i915/lvds: Move acpi lid notification registration to registration phase (bsc#1051510).\n- drm/i915/psr: Chase psr.enabled only under the psr.lock (bsc#1051510).\n- drm/i915/userptr: reject zero user_size (bsc#1051510).\n- drm/i915: Adjust eDP\u0027s logical vco in a reliable place (bsc#1095265).\n- drm/i915: Apply batch location restrictions before pinning (bsc#1051510).\n- drm/i915: Call i915_perf_fini() on init_hw error unwind (bsc#1051510).\n- drm/i915: Disable LVDS on Radiant P845 (bsc#1051510).\n- drm/i915: Do no use kfree() to free a kmem_cache_alloc() return value (bsc#1051510).\n- drm/i915: Do not request a bug report for unsafe module parameters (bsc#1051510).\n- drm/i915: Enable display WA#1183 from its correct spot (bsc#1051510).\n- drm/i915: Enable provoking vertex fix on Gen9 systems (bsc#1051510).\n- drm/i915: Fix LSPCON TMDS output buffer enabling from low-power state (bsc#1051510).\n- drm/i915: Fix context ban and hang accounting for client (bsc#1051510).\n- drm/i915: Fix drm:intel_enable_lvds ERROR message in kernel log (bsc#1051510).\n- drm/i915: Remove stale asserts from i915_gem_find_active_request() (bsc#1051510).\n- drm/i915: Remove stale asserts from i915_gem_find_active_request() (bsc#1051510).\n- drm/i915: Remove unbannable context spam from reset (bsc#1051510).\n- drm/i915: Restore planes after load detection (bsc#1051510).\n- drm/i915: Restore planes after load detection (bsc#1051510).\n- drm/i915: Try GGTT mmapping whole object as partial (bsc#1051510).\n- drm/imx: move arming of the vblank event to atomic_flush (bsc#1051510).\n- drm/meson: Fix an un-handled error path in \u0027meson_drv_bind_master()\u0027 (bsc#1051510).\n- drm/meson: Fix some error handling paths in \u0027meson_drv_bind_master()\u0027 (bsc#1051510).\n- drm/meson: fix vsync buffer update (bsc#1051510).\n- drm/msm/dsi: use correct enum in dsi_get_cmd_fmt (bsc#1051510).\n- drm/msm: Fix possible null dereference on failure of get_pages() (bsc#1051510).\n- drm/msm: do not deref error pointer in the msm_fbdev_create error path (bsc#1100209).\n- drm/msm: fix leak in failed get_pages (bsc#1051510).\n- drm/nouveau/bar/gf100: add config option to limit BAR2 to 16MiB (bsc#1095094).\n- drm/nouveau/bios/iccsense: rails for power sensors have a mask of 0xf8 for version 0x10 (bsc#1095094).\n- drm/nouveau/bios/init: add a new devinit script interpreter entry-point (bsc#1095094).\n- drm/nouveau/bios/init: add or/link args separate from output path (bsc#1095094).\n- drm/nouveau/bios/init: bump script offset to 32-bits (bsc#1095094).\n- drm/nouveau/bios/init: remove internal use of nvbios_init.bios (bsc#1095094).\n- drm/nouveau/bios/init: rename \u0027crtc\u0027 to \u0027head\u0027 (bsc#1095094).\n- drm/nouveau/bios/init: rename nvbios_init() to nvbios_devinit() (bsc#1095094).\n- drm/nouveau/bios/volt: Parse min and max for Version 0x40 (bsc#1095094).\n- drm/nouveau/bios: Demote missing fp table message to NV_DEBUG (bsc#1095094).\n- drm/nouveau/bl: fix backlight regression (bsc#1095094).\n- drm/nouveau/devinit: use new devinit script interpreter entry-point (bsc#1095094).\n- drm/nouveau/disp/dp: determine a failsafe link training rate (bsc#1095094).\n- drm/nouveau/disp/dp: determine link bandwidth requirements from head state (bsc#1095094).\n- drm/nouveau/disp/dp: no need for lt_state except during manual link training (bsc#1095094).\n- drm/nouveau/disp/dp: only check for re-train when the link is active (bsc#1095094).\n- drm/nouveau/disp/dp: remove DP_PWR method (bsc#1095094).\n- drm/nouveau/disp/dp: store current link configuration in nvkm_ior (bsc#1095094).\n- drm/nouveau/disp/dp: train link only when actively displaying an image (bsc#1095094).\n- drm/nouveau/disp/dp: use cached link configuration when checking link status (bsc#1095094).\n- drm/nouveau/disp/dp: use new devinit script interpreter entry-point (bsc#1095094).\n- drm/nouveau/disp/g84-: Extend NVKM HDMI power control method to set InfoFrames (bsc#1095094).\n- drm/nouveau/disp/g84-: port OR HDMI control to nvkm_ior (bsc#1095094).\n- drm/nouveau/disp/g84-gt200: Use supplied HDMI InfoFrames (bsc#1095094).\n- drm/nouveau/disp/g94-: port OR DP drive setting control to nvkm_ior (bsc#1095094).\n- drm/nouveau/disp/g94-: port OR DP lane mapping to nvkm_ior (bsc#1095094).\n- drm/nouveau/disp/g94-: port OR DP link power control to nvkm_ior (bsc#1095094).\n- drm/nouveau/disp/g94-: port OR DP link setup to nvkm_ior (bsc#1095094).\n- drm/nouveau/disp/g94-: port OR DP training pattern control to nvkm_ior (bsc#1095094).\n- drm/nouveau/disp/gf119-: avoid creating non-existent heads (bsc#1095094).\n- drm/nouveau/disp/gf119-: port OR DP VCPI control to nvkm_ior (bsc#1095094).\n- drm/nouveau/disp/gf119: Use supplied HDMI InfoFrames (bsc#1095094).\n- drm/nouveau/disp/gf119: add missing drive vfunc ptr (bsc#1095094).\n- drm/nouveau/disp/gk104-: Use supplied HDMI InfoFrames (bsc#1095094).\n- drm/nouveau/disp/gm200-: allow non-identity mapping of SOR != macro links (bsc#1095094).\n- drm/nouveau/disp/gt215-: port HDA ELD controls to nvkm_ior (bsc#1095094).\n- drm/nouveau/disp/gt215: Use supplied HDMI InfoFrames (bsc#1095094).\n- drm/nouveau/disp/nv04: avoid creation of output paths (bsc#1095094).\n- drm/nouveau/disp/nv50-: avoid creating ORs that are not present on HW (bsc#1095094).\n- drm/nouveau/disp/nv50-: execute supervisor on its own workqueue (bsc#1095094).\n- drm/nouveau/disp/nv50-: fetch head/OR state at beginning of supervisor (bsc#1095094).\n- drm/nouveau/disp/nv50-: implement a common supervisor 1.0 (bsc#1095094).\n- drm/nouveau/disp/nv50-: implement a common supervisor 2.0 (bsc#1095094).\n- drm/nouveau/disp/nv50-: implement a common supervisor 2.1 (bsc#1095094).\n- drm/nouveau/disp/nv50-: implement a common supervisor 2.2 (bsc#1095094).\n- drm/nouveau/disp/nv50-: implement a common supervisor 3.0 (bsc#1095094).\n- drm/nouveau/disp/nv50-: port OR manual sink detection to nvkm_ior (bsc#1095094).\n- drm/nouveau/disp/nv50-: port OR power state control to nvkm_ior (bsc#1095094).\n- drm/nouveau/disp/nv50-gt21x: remove workaround for dp-\u003etmds hotplug issues (bsc#1095094).\n- drm/nouveau/disp: Add mechanism to convert HDMI InfoFrames to hardware format (bsc#1095094).\n- drm/nouveau/disp: Silence DCB warnings (bsc#1095094).\n- drm/nouveau/disp: add tv encoders to output resource mapping (bsc#1095094).\n- drm/nouveau/disp: common implementation of scanoutpos method in nvkm_head (bsc#1095094).\n- drm/nouveau/disp: delay output path / connector construction until oneinit() (bsc#1095094).\n- drm/nouveau/disp: fork off some new hw-specific implementations (bsc#1095094).\n- drm/nouveau/disp: identity-map display paths to output resources (bsc#1095094).\n- drm/nouveau/disp: introduce acquire/release display path methods (bsc#1095094).\n- drm/nouveau/disp: introduce input/output resource abstraction (bsc#1095094).\n- drm/nouveau/disp: introduce object to track per-head functions/state (bsc#1095094).\n- drm/nouveau/disp: move vblank_{get,put} methods into nvkm_head (bsc#1095094).\n- drm/nouveau/disp: remove hw-specific customisation of output paths (bsc#1095094).\n- drm/nouveau/disp: rename nvkm_output to nvkm_outp (bsc#1095094).\n- drm/nouveau/disp: rename nvkm_output_dp to nvkm_dp (bsc#1095094).\n- drm/nouveau/disp: s/nvkm_connector/nvkm_conn/ (bsc#1095094).\n- drm/nouveau/disp: shuffle functions around (bsc#1095094).\n- drm/nouveau/falcon: use a more reasonable msgqueue timeout value (bsc#1095094).\n- drm/nouveau/fb/gf100-: zero mmu debug buffers (bsc#1095094).\n- drm/nouveau/fb/ram/nv40-: use new devinit script interpreter entry-point (bsc#1095094).\n- drm/nouveau/fbcon: fix oops without fbdev emulation (bsc#1094751).\n- drm/nouveau/hwmon: Add config for all sensors and their settings (bsc#1095094).\n- drm/nouveau/hwmon: Add nouveau_hwmon_ops structure with .is_visible/.read_string (bsc#1095094).\n- drm/nouveau/hwmon: Change permissions to numeric (bsc#1095094).\n- drm/nouveau/hwmon: Remove old code, add .write/.read operations (bsc#1095094).\n- drm/nouveau/hwmon: expose the auto_point and pwm_min/max attrs (bsc#1095094).\n- drm/nouveau/kms/nv04-nv40: improve overlay error detection, fix pitch setting (bsc#1095094).\n- drm/nouveau/kms/nv04-nv40: prevent undisplayable framebuffers from creation (bsc#1095094).\n- drm/nouveau/kms/nv04-nv4x: fix exposed format list (bsc#1095094).\n- drm/nouveau/kms/nv04: use new devinit script interpreter entry-point (bsc#1095094).\n- drm/nouveau/kms/nv10-nv40: add NV21 support to overlay (bsc#1095094).\n- drm/nouveau/mc/gf100: add pmu to reset mask (bsc#1095094).\n- drm/nouveau/mpeg: print more debug info when rejecting dma objects (bsc#1095094).\n- drm/nouveau/pmu/fuc: do not use movw directly anymore (bsc#1051510).\n- drm/nouveau/pmu/gt215-: abstract detection of whether reset is needed (bsc#1095094).\n- drm/nouveau/pmu/gt215: fix reset (bsc#1095094).\n- drm/nouveau/tegra: Do not leave GPU in reset (bsc#1095094).\n- drm/nouveau/tegra: Skip manual unpowergating when not necessary (bsc#1095094).\n- drm/nouveau/therm/gm200: Added (bsc#1095094).\n- drm/nouveau/therm: fix spelling mistake on array thresolds (bsc#1095094).\n- drm/nouveau/tmr: remove nvkm_timer_alarm_cancel() (bsc#1095094).\n- drm/nouveau: Clean up nv50_head_atomic_check_mode() and fix blankus calculation (bsc#1095094).\n- drm/nouveau: Convert nouveau to use new iterator macros, v2 (bsc#1095094).\n- drm/nouveau: Drop drm_vblank_cleanup (bsc#1095094).\n- drm/nouveau: Enable stereoscopic 3D output over HDMI (bsc#1095094).\n- drm/nouveau: Fix deadlock in nv50_mstm_register_connector() (bsc#1051510).\n- drm/nouveau: Fix deadlock on runtime suspend (bsc#1051510).\n- drm/nouveau: Fix merge commit (bsc#1095094).\n- drm/nouveau: Handle drm_atomic_helper_swap_state failure (bsc#1095094).\n- drm/nouveau: Handle frame-packing mode geometry and timing effects (bsc#1095094).\n- drm/nouveau: Pass mode-dependent AVI and Vendor HDMI InfoFrames to NVKM (bsc#1095094).\n- drm/nouveau: Skip vga_fini on non-PCI device (bsc#1095094).\n- drm/nouveau: Use the drm_driver.dumb_destroy default (bsc#1095094).\n- drm/nouveau: silence suspend/resume debugging messages (bsc#1095094).\n- drm/nouveau: use drm_for_each_connector_iter() (bsc#1095094).\n- drm/omap: DMM: Check for DMM readiness after successful transaction commit (bsc#1051510).\n- drm/omap: fix possible NULL ref issue in tiler_reserve_2d (bsc#1051510).\n- drm/omap: fix uninitialized ret variable (bsc#1051510).\n- drm/omap: handle alloc failures in omap_connector (bsc#1051510).\n- drm/omap: silence unititialized variable warning (bsc#1051510).\n- drm/panel: simple: Fix the bus format for the Ontat panel (bsc#1051510).\n- drm/psr: Fix missed entry in PSR setup time table (bsc#1051510).\n- drm/qxl: Call qxl_bo_unref outside atomic context (bsc#1051510).\n- drm/radeon: Fix PCIe lane width calculation (bsc#1051510).\n- drm/radeon: Fix deadlock on runtime suspend (bsc#1051510).\n- drm/radeon: add PX quirk for Asus K73TK (bsc#1051510).\n- drm/radeon: make MacBook Pro d3_delay quirk more generic (bsc#1051510).\n- drm/rockchip: Clear all interrupts before requesting the IRQ (bsc#1051510).\n- drm/rockchip: Respect page offset for PRIME mmap calls (bsc#1051510).\n- drm/rockchip: dw-mipi-dsi: fix possible un-balanced runtime PM enable (bsc#1051510).\n- drm/sun4i: Fix dclk_set_phase (bsc#1051510).\n- drm/sun4i: Fix error path handling (bsc#1051510).\n- drm/tegra: Shutdown on driver unbind (bsc#1051510).\n- drm/tilcdc: ensure nonatomic iowrite64 is not used (bsc#1051510).\n- drm/vc4: Fix memory leak during BO teardown (bsc#1051510).\n- drm/vc4: Fix scaling of uni-planar formats (bsc#1051510).\n- drm/virtio: fix vq wait_event condition (bsc#1051510).\n- drm/vmwgfx: Fix 32-bit VMW_PORT_HB_[IN|OUT] macros (bsc#1051510).\n- drm/vmwgfx: Fix a buffer object leak (bsc#1051510).\n- drm/vmwgfx: Set dmabuf_size when vmw_dmabuf_init is successful (bsc#1051510).\n- drm/vmwgfx: Unpin the screen object backup buffer when not used (bsc#1051510).\n- drm: Allow determining if current task is output poll worker (bsc#1051510).\n- drm: Match sysfs name in link removal to link creation (bsc#1051510).\n- drm: bridge: dw-hdmi: Fix overflow workaround for Amlogic Meson GX SoCs (bsc#1051510).\n- drm: nouveau: remove dead code and pointless local lut storage (bsc#1095094).\n- drm: rcar-du: lvds: Fix LVDS startup on R-Car Gen2 (bsc#1051510).\n- drm: rcar-du: lvds: Fix LVDS startup on R-Car Gen3 (bsc#1051510).\n- drm: set FMODE_UNSIGNED_OFFSET for drm files (bsc#1051510).\n- e1000e: Ignore TSYNCRXCTL when getting I219 clock attributes (bsc#1075876).\n- eCryptfs: do not pass up plaintext names when using filename encryption (bsc#1052766).\n- earlycon: Use a pointer table to fix __earlycon_table stride (bsc#1099918).\n- efi/esrt: Use memunmap() instead of kfree() to free the remapping (bsc#1051510).\n- emulex/benet: Constify *be_misconfig_evt_port_state (bsc#1086288).\n- ethernet/broadcom: Use zeroing memory allocator than allocator/memset (bsc#1086282).\n- ethernet: Use octal not symbolic permissions (bsc#1086288).\n- ethtool: do not print warning for applications using legacy API (networking-stable-18_01_12).\n- etnaviv: fix gem object list corruption (bsc#1051510).\n- etnaviv: fix submit error path (bsc#1051510).\n- ext4: add bounds checking to ext4_xattr_find_entry() (bsc#1052766).\n- ext4: do not update checksum of new initialized bitmaps (bsc#1052766).\n- ext4: eliminate sleep from shutdown ioctl (bsc#1052766).\n- ext4: fix hole length detection in ext4_ind_map_blocks() (bsc#1090953).\n- ext4: fix offset overflow on 32-bit archs in ext4_iomap_begin() (bsc#1079747).\n- ext4: fix unsupported feature message formatting (bsc#1098435).\n- ext4: move call to ext4_error() into ext4_xattr_check_block() (bsc#1052766).\n- ext4: pass -ESHUTDOWN code to jbd2 layer (bsc#1052766).\n- ext4: prevent right-shifting extents beyond EXT_MAX_BLOCKS (bsc#1052766).\n- ext4: protect i_disksize update by i_data_sem in direct write path (bsc#1052766).\n- ext4: set h_journal if there is a failure starting a reserved handle (bsc#1052766).\n- ext4: shutdown should not prevent get_write_access (bsc#1052766).\n- extcon: intel-cht-wc: Set direction and drv flags for V5 boost GPIO (bsc#1051510).\n- f2fs: avoid hungtask when GC encrypted block if io_bits is set (bsc#1052766).\n- f2fs: expose some sectors to user in inline data or dentry case (bsc#1052766).\n- f2fs: fix a panic caused by NULL flush_cmd_control (bsc#1086400).\n- f2fs: fix heap mode to reset it back (bsc#1052766).\n- f2fs: fix to clear CP_TRIMMED_FLAG (bsc#1052766).\n- f2fs: fix to wake up all sleeping flusher (bsc#1099918).\n- fanotify: fix logic of events on child (bsc#1052766).\n- fbdev: controlfb: Add missing modes to fix out of bounds access (bsc#1051510).\n- fealnx: Fix building error on MIPS (networking-stable-17_11_20).\n- fib_semantics: Do not match route with mismatching tclassid (networking-stable-18_03_07).\n- firewire-ohci: work around oversized DMA reads on JMicron controllers (bsc#1051510).\n- firmware: add helper to unregister pm ops (bsc#1085937).\n- firmware: always enable the reboot notifier (bsc#1085937).\n- firmware: dmi_scan: Fix UUID length safety check (bsc#1051510).\n- firmware: dmi_scan: Fix handling of empty DMI strings (bsc#1051510).\n- firmware: fix capturing errors on fw_cache_init() on early init (bsc#1085937).\n- firmware: fix checking for return values for fw_add_devm_name() (bsc#1051510).\n- firmware: fix detecting error on register_reboot_notifier() (bsc#1085936).\n- firmware: move kill_requests_without_uevent() up above (bsc#1085937).\n- firmware: provide helpers for registering the syfs loader (bsc#1085937).\n- firmware: share fw fallback killing on reboot/suspend (bsc#1085937).\n- flow_dissector: properly cap thoff field (networking-stable-18_01_28).\n- fs/aio: Add explicit RCU grace period when freeing kioctx (bsc#1088722).\n- fs/aio: Use RCU accessors for kioctx_table-\u003etable[] (bsc#1088722).\n- fs/binfmt_misc.c: do not allow offset overflow (bsc#1099142).\n- fs/fat/inode.c: fix sb_rdonly() change (bsc#1052766).\n- fs/reiserfs/journal.c: add missing resierfs_warning() arg (bsc#1052766).\n- fsnotify: Fix fsnotify_mark_connector race (bsc#1052766).\n- fsnotify: Hide kABI changes in fsnotify_mark_connector (bsc#1052766).\n- ftrace: Fix selftest goto location on error (bsc#1099918).\n- fuse: fix READDIRPLUS skipping an entry (bsc#1088690).\n- geneve: Fix function matching VNI and tunnel ID on big-endian (bsc#1051510).\n- geneve: fix fill_info when link down (bsc#1051510).\n- gfs2: Fix debugfs glocks dump (bsc#1052766).\n- gpio: No NULL owner (bsc#1051510).\n- gpio: ath79: add missing MODULE_DESCRIPTION/LICENSE (bsc#1051510).\n- gpio: davinci: Assign first bank regs for unbanked case (bsc#1051510).\n- gpio: fix \u0027gpio-line-names\u0027 property retrieval (bsc#1051510).\n- gpio: fix aspeed_gpio unmask irq (bsc#1051510).\n- gpio: fix error path in lineevent_create (bsc#1051510).\n- gpio: iop: add missing MODULE_DESCRIPTION/AUTHOR/LICENSE (bsc#1051510).\n- gpio: label descriptors using the device name (bsc#1051510).\n- gpio: stmpe: i2c transfer are forbiden in atomic context (bsc#1051510).\n- gpioib: do not free unrequested descriptors (bsc#1051510).\n- gpu: ipu-v3: pre: fix device node leak in ipu_pre_lookup_by_phandle (bsc#1051510).\n- gpu: ipu-v3: prg: avoid possible array underflow (bsc#1051510).\n- gpu: ipu-v3: prg: fix device node leak in ipu_prg_lookup_by_phandle (bsc#1051510).\n- hdlc_ppp: carrier detect ok, do not turn off negotiation (networking-stable-18_03_07).\n- hv_netvsc: Fix a network regression after ifdown/ifup (bsc#1094420).\n- hwmon: (ina2xx) Fix access to uninitialized mutex (bsc#1051510).\n- hwmon: (ina2xx) Make calibration register value fixed (bsc#1051510).\n- hwmon: (jc42) optionally try to disable the SMBUS timeout (bsc#1051510).\n- hwmon: (nct6775) Fix writing pwmX_mode (bsc#1051510).\n- hwmon: (pmbus/adm1275) Accept negative page register values (bsc#1051510).\n- hwmon: (pmbus/max8688) Accept negative page register values (bsc#1051510).\n- hwtracing: stm: fix build error on some arches (bsc#1051510).\n- i2c: designware: fix poll-after-enable regression (bsc#1051510).\n- i2c: i801: Restore configuration at shutdown (bsc#1051510).\n- i2c: i801: Save register SMBSLVCMD value only once (bsc#1051510).\n- i2c: ismt: Separate I2C block read from SMBus block read (bsc#1051510).\n- i2c: mv64xxx: Apply errata delay only in standard mode (bsc#1051510).\n- i2c: pmcmsp: fix error return from master_xfer (bsc#1051510).\n- i2c: pmcmsp: return message count on master_xfer success (bsc#1051510).\n- i2c: viperboard: return message count on master_xfer success (bsc#1051510).\n- i40e: Close client on suspend and restore client MSIx on resume (bsc#1088821).\n- i40e: Do not allow use more TC queue pairs than MSI-X vectors exist (bsc#1094978).\n- i40e: Fix attach VF to VM issue (bsc#1056658 bsc#1056662).\n- i40e: Fix the number of queues available to be mapped for use (bsc#1094978).\n- i40e: program fragmented IPv4 filter input set (bsc#1056658 bsc#1056662).\n- i40evf: Do not schedule reset_task when device is being removed (bsc#1056658 bsc#1056662).\n- i40evf: do not rely on netif_running() outside rtnl_lock() (bsc#1056658 bsc#1056662).\n- i40evf: ignore link up if not running (bsc#1056658 bsc#1056662).\n- i40iw: Zero-out consumer key on allocate stag for FMR (bsc#1058659).\n- ibmvnic: Check CRQ command return codes (bsc#1094840).\n- ibmvnic: Create separate initialization routine for resets (bsc#1094840).\n- ibmvnic: Fix non-fatal firmware error reset (bsc#1093990).\n- ibmvnic: Fix partial success login retries (bsc#1094840).\n- ibmvnic: Fix statistics buffers memory leak (bsc#1093990).\n- ibmvnic: Free coherent DMA memory if FW map failed (bsc#1093990).\n- ibmvnic: Handle error case when setting link state (bsc#1094840).\n- ibmvnic: Introduce active CRQ state (bsc#1094840).\n- ibmvnic: Introduce hard reset recovery (bsc#1094840).\n- ibmvnic: Mark NAPI flag as disabled when released (bsc#1094840).\n- ibmvnic: Only do H_EOI for mobility events (bsc#1094356).\n- ibmvnic: Return error code if init interrupted by transport event (bsc#1094840).\n- ibmvnic: Set resetting state at earliest possible point (bsc#1094840).\n- ide: Make ide_cdrom_prep_fs() initialize the sense buffer pointer (bsc#1099918).\n- ide: ide-atapi: fix compile error with defining macro DEBUG (bsc#1099918).\n- ide:ide-cd: fix kernel panic resulting from missing scsi_req_init (bsc#1099918).\n- idr: fix invalid ptr dereference on item delete (bsc#1051510).\n- ieee802154: 6lowpan: fix possible NULL deref in lowpan_device_event() (networking-stable-18_03_28).\n- igb: Allow to remove administratively set MAC on VFs (bsc#1056651).\n- igb: Clear TXSTMP when ptp_tx_work() is timeout (bsc#1056651).\n- igb: Fix a test with HWTSTAMP_TX_ON (bsc#1056651 bsc#1056643).\n- iio: ABI: Fix name of timestamp sysfs file (bsc#1051510).\n- iio: ad7793: Fix the serial interface reset (bsc#1051510).\n- iio: ad7793: implement IIO_CHAN_INFO_SAMP_FREQ (bsc#1051510).\n- iio: ad_sigma_delta: Implement a dedicated reset function (bsc#1051510).\n- iio: adc/accel: Fix up module licenses (bsc#1051510).\n- iio: adc: cpcap: fix incorrect validation (bsc#1051510).\n- iio: adc: mcp320x: Fix oops on module unload (bsc#1051510).\n- iio: adc: mcp320x: Fix readout of negative voltages (bsc#1051510).\n- iio: adc: meson-saradc: fix the bit_idx of the adc_en clock (bsc#1051510).\n- iio: adc: stm32: fix scan of multiple channels with DMA (bsc#1051510).\n- iio: adc: ti-ads1015: add 10% to conversion wait time (bsc#1051510).\n- iio: adc: twl4030: Disable the vusb3v1 rugulator in the error handling path of \u0027twl4030_madc_probe()\u0027 (bsc#1051510).\n- iio: adc: twl4030: Fix an error handling path in \u0027twl4030_madc_probe()\u0027 (bsc#1051510).\n- iio: adis_lib: Initialize trigger before requesting interrupt (bsc#1051510).\n- iio: buffer: check if a buffer has been set up when poll is called (bsc#1051510).\n- iio: buffer: fix the function signature to match implementation (bsc#1051510).\n- iio: core: Return error for failed read_reg (bsc#1051510).\n- iio: fix kernel-doc build errors (bsc#1051510).\n- iio: health: max30102: Add power enable parameter to get_temp function (bsc#1051510).\n- iio: health: max30102: Temperature should be in milli Celsius (bsc#1051510).\n- iio: imu: st_lsm6dsx: fix endianness in st_lsm6dsx_read_oneshot() (bsc#1051510).\n- iio: st_pressure: st_accel: Initialise sensor platform data properly (bsc#1051510).\n- iio: st_pressure: st_accel: pass correct platform data to init (bsc#1051510).\n- iio: trigger: stm32-timer: fix get/set down count direction (bsc#1051510).\n- iio: trigger: stm32-timer: fix get/set down count direction (bsc#1051510).\n- iio: trigger: stm32-timer: preset shouldn\u0027t be buffered (bsc#1051510).\n- iio:buffer: make length types match kfifo types (bsc#1051510).\n- iio:kfifo_buf: check for uint overflow (bsc#1051510).\n- ima: Fallback to the builtin hash algorithm (bsc#1091686).\n- infiniband: drop unknown function from core_priv.h (bsc#1046306).\n- init: fix false positives in W+X checking (bsc#1093721).\n- initial support (display-only) for GP108 (bsc#1095094).\n- intel_th: Use correct device when freeing buffers (bsc#1051510).\n- iommu/amd: Take into account that alloc_dev_data() may return NULL (bsc#975772).\n- iommu/vt-d: Clear pasid table entry when memory unbound (bsc#1087214).\n- iommu/vt-d: Fix race condition in add_unmap() (bsc#1096790, bsc#1097034).\n- iov_iter: fix memory leak in pipe_get_pages_alloc() (bsc#1092710).\n- iov_iter: fix return type of __pipe_get_pages() (bsc#1092710).\n- ip6_gre: better validate user provided tunnel names (networking-stable-18_04_10).\n- ip6_gre: fix device features for ioctl setup (networking-stable-17_12_31).\n- ip6_gre: init dev-\u003emtu and dev-\u003ehard_header_len correctly (networking-stable-18_01_28).\n- ip6_gre: ip6gre_tap device should keep dst (networking-stable-17_10_09).\n- ip6_gre: only increase err_count for some certain type icmpv6 in ip6gre_err (networking-stable-17_11_14).\n- ip6_gre: skb_push ipv6hdr before packing the header in ip6gre_header (networking-stable-17_10_09).\n- ip6_tunnel: better validate user provided tunnel names (networking-stable-18_04_10).\n- ip6_tunnel: disable dst caching if tunnel is dual-stack (networking-stable-18_01_12).\n- ip6_tunnel: do not allow loading ip6_tunnel if ipv6 is disabled in cmdline (networking-stable-17_10_09).\n- ip6_vti: adjust vti mtu according to mtu of lower device (bsc#1082869).\n- ip6mr: fix stale iterator (networking-stable-18_02_06).\n- ip6mr: only set ip6mr_table from setsockopt when ip6mr_new_table succeeds (git-fixes).\n- ip_gre: fix IFLA_MTU ignored on NEWLINK (bsc#1076830).\n- ip_tunnel: better validate user provided tunnel names (networking-stable-18_04_10).\n- ipip: only increase err_count for some certain type icmp in ipip_err (networking-stable-17_11_14).\n- ipv4: Fix use-after-free when flushing FIB tables (networking-stable-17_12_31).\n- ipv4: Make neigh lookup keys for loopback/point-to-point devices be INADDR_ANY (networking-stable-18_01_28).\n- ipv4: fix fnhe usage by non-cached routes (networking-stable-18_05_15).\n- ipv4: fix memory leaks in udp_sendmsg, ping_v4_sendmsg (networking-stable-18_05_15).\n- ipv4: igmp: guard against silly MTU values (bsc#1082869).\n- ipv6 sit: work around bogus gcc-8 -Wrestrict warning (networking-stable-18_03_07).\n- ipv6: Fix getsockopt() for sockets with default IPV6_AUTOFLOWLABEL (git-fixes).\n- ipv6: add RTA_TABLE and RTA_PREFSRC to rtm_ipv6_policy (networking-stable-18_04_26).\n- ipv6: fix access to non-linear packet in ndisc_fill_redirect_hdr_option() (networking-stable-18_03_28).\n- ipv6: fix udpv6 sendmsg crash caused by too small MTU (networking-stable-18_01_28).\n- ipv6: flowlabel: do not leave opt-\u003etot_len with garbage (networking-stable-17_11_14).\n- ipv6: mcast: better catch silly mtu values (networking-stable-17_12_31).\n- ipv6: old_dport should be a __be16 in __ip6_datagram_connect() (networking-stable-18_03_28).\n- ipv6: omit traffic class when calculating flow hash (bsc#1095042).\n- ipv6: sit: better validate user provided tunnel names (networking-stable-18_04_10).\n- ipv6: sr: fix NULL pointer dereference in seg6_do_srh_encap()- v4 pkts (git-fixes).\n- ipv6: sr: fix NULL pointer dereference when setting encap source address (networking-stable-18_03_28).\n- ipv6: sr: fix TLVs not being copied using setsockopt (networking-stable-18_01_12).\n- ipv6: sr: fix scheduling in RCU when creating seg6 lwtunnel state (networking-stable-18_03_28).\n- ipv6: sr: fix seg6 encap performances with TSO enabled (networking-stable-18_04_10).\n- ipv6: the entire IPv6 header chain must fit the first fragment (networking-stable-18_04_10).\n- irqchip/gic-v3-its: Ensure nr_ites \u003e= nr_lpis (bsc#1098401).\n- isdn: eicon: fix a missing-check bug (bsc#1051510).\n- iw_cxgb4: Atomically flush per QP HW CQEs (bsc#1046543).\n- iw_cxgb4: Fix an error handling path in \u0027c4iw_get_dma_mr()\u0027 (bsc#1064802 bsc#1066129).\n- iw_cxgb4: print mapped ports correctly (bsc#1046543).\n- iwlmvm: tdls: Check TDLS channel switch support (bsc#1051510).\n- iwlwifi: add a bunch of new 9000 PCI IDs (1051510).\n- iwlwifi: add shared clock PHY config flag for some devices (bsc#1051510).\n- iwlwifi: avoid collecting firmware dump if not loaded (bsc#1051510).\n- iwlwifi: fix non_shared_ant for 9000 devices (bsc#1051510).\n- iwlwifi: fw: harden page loading code (bsc#1051510).\n- iwlwifi: mvm: Correctly set IGTK for AP (bsc#1051510).\n- iwlwifi: mvm: Correctly set the tid for mcast queue (bsc#1051510).\n- iwlwifi: mvm: Direct multicast frames to the correct station (bsc#1051510).\n- iwlwifi: mvm: Fix channel switch for count 0 and 1 (bsc#1051510).\n- iwlwifi: mvm: Increase session protection time after CS (bsc#1051510).\n- iwlwifi: mvm: always init rs with 20mhz bandwidth rates (bsc#1051510).\n- iwlwifi: mvm: clear tx queue id when unreserving aggregation queue (bsc#1051510).\n- iwlwifi: mvm: do not warn in queue sync on RF-kill (bsc#1051510).\n- iwlwifi: mvm: fix \u0027failed to remove key\u0027 message (bsc#1051510).\n- iwlwifi: mvm: fix IBSS for devices that support station type API (bsc#1051510).\n- iwlwifi: mvm: fix TSO with highly fragmented SKBs (bsc#1051510).\n- iwlwifi: mvm: fix TX of CCMP 256 (bsc#1051510).\n- iwlwifi: mvm: fix array out of bounds reference (bsc#1051510).\n- iwlwifi: mvm: fix assert 0x2B00 on older FWs (bsc#1051510).\n- iwlwifi: mvm: fix error checking for multi/broadcast sta (bsc#1051510).\n- iwlwifi: mvm: fix race in queue notification wait (bsc#1051510).\n- iwlwifi: mvm: fix security bug in PN checking (bsc#1051510).\n- iwlwifi: mvm: honor the max_amsdu_subframes limit (bsc#1051510).\n- iwlwifi: mvm: make sure internal station has a valid id (bsc#1051510).\n- iwlwifi: mvm: remove DQA non-STA client mode special case (bsc#1051510).\n- iwlwifi: mvm: set the correct tid when we flush the MCAST sta (bsc#1051510).\n- iwlwifi: pcie: compare with number of IRQs requested for, not number of CPUs (bsc#1051510).\n- ixgbe: do not set RXDCTL.RLPML for 82599 (bsc#1056657).\n- ixgbe: prevent ptp_rx_hang from running when in FILTER_ALL mode (bsc#1056657 bsc#1056653).\n- jbd2: if the journal is aborted then do not allow update of the log tail (bsc#1052766).\n- jffs2_kill_sb(): deal with failed allocations (bsc#1052766).\n- kABI: protect ife_tlv_meta_decode (kabi).\n- kABI: protect struct cstate (kabi).\n- kABI: protect struct ipv6_pinfo (kabi).\n- kABI: protect tap_create_cdev (kabi).\n- kabi protect struct acpi_nfit_desc (bsc#1091424).\n- kabi/severities: Ignore kABI incompatibility for meson drm The symbols are used only between meson modules, so mostly internal.\n- kabi/severities: Ignore removed bugs.c symbols The second wave of SSBD patches drops those symbols and we can ignore them from kABI because nothing external should use them - they were exported only for kvm.\n- kabi/severities: add \u0027drivers/md/bcache/* PASS\u0027 for above change.\n- kabi/severities: add nvdimm internal symbols to kabi ignore list\n- kabi: add struct bpf_map back (References: bsc#1098425).\n- kcm: lock lower socket in kcm_attach (networking-stable-18_03_28).\n- kconfig: Avoid format overflow warning from GCC 8.1 (bsc#1051510).\n- kconfig: Do not leak main menus during parsing (bsc#1051510).\n- kconfig: Fix automatic menu creation mem leak (bsc#1051510).\n- kconfig: Fix expr_free() E_NOT leak (bsc#1051510).\n- kernel-binary: also default klp_symbols to 0 here.\n- kernel-binary: pass ARCH= to kernel build Recent kernel does not save CONFIG_64BIT so it has to be specified by arch.\n- kernel-binary: pass MAKE_ARGS to install script as well.\n- kernel-{binary,docs}.spec sort dependencies.\n- kernel/acct.c: fix the acct-\u003eneedcheck check in check_free_space() (Git-fixes).\n- kernel/async.c: revert \u0027async: simplify lowest_in_progress()\u0027 (Git-fixes).\n- kernel/relay.c: limit kmalloc size to KMALLOC_MAX_SIZE (bsc#1051510).\n- kernel/relay.c: revert \u0027kernel/relay.c: fix potential memory leak\u0027 (Git-fixes).\n- kernel/signal.c: protect the SIGNAL_UNKILLABLE tasks from !sig_kernel_only() signals (Git-fixes).\n- kernel/signal.c: protect the traced SIGNAL_UNKILLABLE tasks from SIGKILL (Git-fixes).\n- kernel/signal.c: remove the no longer needed SIGNAL_UNKILLABLE check in complete_signal() (Git-fixes).\n- kexec: export PG_swapbacked to VMCOREINFO (bsc#1088354).\n- kexec_file: do not add extra alignment to efi memmap (bsc#1089268).\n- klp_symbols: make --klp-symbols argument semantic sane It selects build of klp symbols and defaults to off\n- kmod: fix wait on recursive loop (bsc#1099792).\n- kmod: reduce atomic operations on kmod_concurrent and simplify (bsc#1099792).\n- kmod: throttle kmod thread limit (bsc#1099792).\n- kobject: do not use WARN for registration failures (bsc#1051510).\n- kvm: Introduce nopvspin kernel parameter (bsc#1056427).\n- kvm: nVMX: Enforce cpl=0 for VMX instructions (bsc#1099183).\n- l2tp: check sockaddr length in pppol2tp_connect() (networking-stable-18_04_26).\n- l2tp: do not accept arbitrary sockets (bsc#1076830).\n- lan78xx: Crash in lan78xx_writ_reg (Workqueue: events lan78xx_deferred_multicast_write) (networking-stable-18_04_10).\n- leds: pm8058: Silence pointer to integer size warning (bsc#1051510).\n- lib/kobject: Join string literals back (bsc#1051510).\n- lib/string_helpers: Add missed declaration of struct task_struct (bsc#1099918).\n- lib/test_bitmap.c: fix bitmap optimisation tests to report errors correctly (bsc#1051510).\n- libata: Apply NOLPM quirk for SanDisk SD7UB3Q*G1001 SSDs (bsc#1051510).\n- libata: Blacklist some Sandisk SSDs for NCQ (bsc#1051510).\n- libata: Drop SanDisk SD7UB3Q*G1001 NOLPM quirk (bsc#1051510).\n- libata: blacklist Micron 500IT SSD with MU01 firmware (bsc#1051510).\n- libata: zpodd: make arrays cdb static, reduces object code size (bsc#1051510).\n- libata: zpodd: small read overflow in eject_tray() (bsc#1051510).\n- libceph, ceph: change permission for readonly debugfs entries (bsc#1089115).\n- libceph: adding missing message types to ceph_msg_type_name() (bsc#1089115).\n- libceph: fix misjudgement of maximum monitor number (bsc#1089115).\n- libceph: reschedule a tick in finish_hunting() (bsc#1089115).\n- libceph: un-backoff on tick when we have a authenticated session (bsc#1089115).\n- libceph: validate con-\u003estate at the top of try_write() (bsc#1089115).\n- libnvdimm, btt: add a couple of missing kernel-doc lines (bsc#1087210).\n- libnvdimm, btt: clean up warning and error messages (bsc#1087205).\n- libnvdimm, btt: fix format string warnings (bsc#1087205).\n- libnvdimm, dimm: handle EACCES failures from label reads ().\n- libnvdimm, label: change min label storage size per UEFI 2.7 (bsc#1091666).\n- libnvdimm, namespace: use a safe lookup for dimm device name (bsc#1095321).\n- libnvdimm, nfit: fix persistence domain reporting (bsc#1091424).\n- libnvdimm, pmem: Add sysfs notifications to badblocks ().\n- libnvdimm, pmem: Do not flush power-fail protected CPU caches (bsc#1091424).\n- libnvdimm, pmem: Unconditionally deep flush on *sync (bsc#1091424).\n- libnvdimm, region, pmem: fix \u0027badblocks\u0027 sysfs_get_dirent() reference lifetime ().\n- libnvdimm, region: hide persistence_domain when unknown (bsc#1091424).\n- libnvdimm: expose platform persistence attribute for nd_region (bsc#1091424).\n- libnvdimm: re-enable deep flush for pmem devices via fsync() (bsc#1091424).\n- llc: better deal with too small mtu (networking-stable-18_05_15).\n- llc: fix NULL pointer deref for SOCK_ZAPPED (networking-stable-18_04_26).\n- llc: hold llc_sap before release_sock() (networking-stable-18_04_26).\n- lock_parent() needs to recheck if dentry got __dentry_kill\u0027ed under it (bsc#1052766).\n- locking/atomics, dm-integrity: Convert ACCESS_ONCE() to READ_ONCE()/WRITE_ONCE() (bsc#1093023).\n- locking/atomics: COCCINELLE/treewide: Convert trivial ACCESS_ONCE() patterns to READ_ONCE()/WRITE_ONCE() (bsc#1093023).\n- locking/qspinlock: Ensure node is initialised before updating prev-\u003enext (bsc#1050549).\n- locking/qspinlock: Ensure node-\u003ecount is updated before initialising node (bsc#1050549).\n- locking: Remove smp_read_barrier_depends() from queued_spin_lock_slowpath() (bsc#1050549).\n- loop: handle short DIO reads (bsc#1052766).\n- lsm: fix smack_inode_removexattr and xattr_getsecurity memleak (bsc#1051510).\n- mac80211: Adjust SAE authentication timeout (bsc#1051510).\n- mac80211: Do not disconnect on invalid operating class (bsc#1051510).\n- mac80211: Fix condition validating WMM IE (bsc#1051510).\n- mac80211: Fix sending ADDBA response for an ongoing session (bsc#1051510).\n- mac80211: Fix setting TX power on monitor interfaces (bsc#1051510).\n- mac80211: drop frames with unexpected DS bits from fast-rx to slow path (bsc#1051510).\n- mac80211: mesh: fix wrong mesh TTL offset calculation (bsc#1051510).\n- mac80211: round IEEE80211_TX_STATUS_HEADROOM up to multiple of 4 (bsc#1051510).\n- mac80211: use timeout from the AddBA response instead of the request (bsc#1051510).\n- macros.kernel-source: Fix building non-x86 KMPs\n- macros.kernel-source: define linux_arch for KMPs (boo#1098050). CONFIG_64BIT is no longer defined so KMP spec files need to include %{?linux_make_arch} in any make call to build modules or descent into the kernel directory for any reason.\n- macros.kernel-source: ignore errors when using make to print kernel release There is no way to handle the errors anyway and including the error into package version does not give good results.\n- macvlan: filter out unsupported feature flags (networking-stable-18_03_28).\n- macvlan: fix memory hole in macvlan_dev (bsc#1099918).\n- macvlan: remove unused fields in struct macvlan_dev (bsc#1099918).\n- mailbox: bcm-flexrm-mailbox: Fix FlexRM ring flush sequence (bsc#1051510).\n- mailbox: bcm-flexrm-mailbox: Fix mask used in CMPL_START_ADDR_VALUE() (bsc#1051510).\n- mailbox: mailbox-test: do not rely on rx_buffer content to signal data ready (bsc#1051510).\n- mbcache: initialize entry-\u003ee_referenced in mb_cache_entry_create() (bsc#1052766).\n- md-cluster: choose correct label when clustered layout is not supported (bsc#1093023).\n- md-cluster: do not update recovery_offset for faulty device (bsc#1093023).\n- md-cluster: make function cluster_check_sync_size static (bsc#1093023).\n- md-multipath: Use seq_putc() in multipath_status() (bsc#1093023).\n- md/bitmap: clear BITMAP_WRITE_ERROR bit before writing it to sb (bsc#1093023).\n- md/bitmap: copy correct data for bitmap super (bsc#1093023).\n- md/bitmap: revert a patch (bsc#1093023).\n- md/r5cache: call mddev_lock/unlock() in r5c_journal_mode_show (bsc#1093023).\n- md/r5cache: fix io_unit handling in r5l_log_endio() (bsc#1093023).\n- md/r5cache: move mddev_lock() out of r5c_journal_mode_set() (bsc#1093023).\n- md/r5cache: print more info of log recovery (bsc#1093023).\n- md/raid0: attach correct cgroup info in bio (bsc#1093023).\n- md/raid1,raid10: silence warning about wait-within-wait (bsc#1093023).\n- md/raid1/10: add missed blk plug (bsc#1093023).\n- md/raid1: Fix trailing semicolon (bsc#1093023).\n- md/raid1: exit sync request if MD_RECOVERY_INTR is set (bsc#1093023).\n- md/raid1: fix NULL pointer dereference (bsc#1093023).\n- md/raid5: cap worker count (bsc#1093023).\n- md/raid5: correct degraded calculation in raid5_error (bsc#1093023).\n- md/raid5: simplify uninitialization of shrinker (bsc#1093023).\n- md: Delete gendisk before cleaning up the request queue (bsc#1093023).\n- md: allow metadata update while suspending (bsc#1093023).\n- md: always hold reconfig_mutex when calling mddev_suspend() (bsc#1093023).\n- md: be cautious about using -\u003ecurr_resync_completed for -\u003erecovery_offset (bsc#1093023).\n- md: do not call bitmap_create() while array is quiesced (bsc#1093023).\n- md: do not check MD_SB_CHANGE_CLEAN in md_allow_write (bsc#1093023).\n- md: document lifetime of internal rdev pointer (bsc#1093023).\n- md: fix a potential deadlock of raid5/raid10 reshape (bsc#1093023).\n- md: fix a race condition for flush request handling (bsc#1093023).\n- md: fix deadlock error in recent patch (bsc#1093023).\n- md: fix two problems with setting the \u0027re-add\u0027 device state (bsc#1098176).\n- md: forbid a RAID5 from having both a bitmap and a journal (bsc#1093023).\n- md: free unused memory after bitmap resize (bsc#1093023).\n- md: limit mdstat resync progress to max_sectors (bsc#1093023).\n- md: move suspend_hi/lo handling into core md code (bsc#1093023).\n- md: only allow remove_and_add_spares when no sync_thread running (bsc#1093023).\n- md: raid10: remove VLAIS (bsc#1093023).\n- md: raid10: remove a couple of redundant variables and initializations (bsc#1093023).\n- md: raid5: avoid string overflow warning (bsc#1093023).\n- md: release allocated bitset sync_set (bsc#1093023).\n- md: remove redundant variable q (bsc#1093023).\n- md: remove special meaning of -\u003equiesce(.., 2) (bsc#1093023).\n- md: rename some drivers/md/ files to have an \u0027md-\u0027 prefix (bsc#1093023).\n- md: replace seq_release_private with seq_release (bsc#1093023).\n- md: separate request handling (bsc#1093023).\n- md: use TASK_IDLE instead of blocking signals (bsc#1093023).\n- md: use lockdep_assert_held (bsc#1093023).\n- md: use mddev_suspend/resume instead of -\u003equiesce() (bsc#1093023).\n- media: atomisp_fops.c: disable atomisp_compat_ioctl32 (bsc#1051510).\n- media: au0828: add VIDEO_V4L2 dependency (bsc#1051510).\n- media: cx231xx: Add support for AverMedia DVD EZMaker 7 (bsc#1051510).\n- media: cx23885: Override 888 ImpactVCBe crystal frequency (bsc#1051510).\n- media: cx23885: Set subdev host data to clk_freq pointer (bsc#1051510).\n- media: dmxdev: fix error code for invalid ioctls (bsc#1051510).\n- media: dvb_frontend: fix locking issues at dvb_frontend_get_event() (bsc#1051510).\n- media: em28xx: Add Hauppauge SoloHD/DualHD bulk models (bsc#1051510).\n- media: em28xx: USB bulk packet size fix (bsc#1051510).\n- media: lgdt3306a: Fix a double kfree on i2c device remove (bsc#1051510).\n- media: lgdt3306a: Fix module count mismatch on usb unplug (bsc#1051510).\n- media: smiapp: fix timeout checking in smiapp_read_nvm (bsc#1099918).\n- media: uvcvideo: Support realtek\u0027s UVC 1.5 device (bsc#1099109).\n- media: v4l2-compat-ioctl32: do not oops on overlay (bsc#1051510).\n- media: v4l2-compat-ioctl32: prevent go past max size (bsc#1051510).\n- media: videobuf2-core: do not go out of the buffer range (bsc#1051510).\n- media: vivid: check if the cec_adapter is valid (bsc#1051510).\n- mei: me: add cannon point device ids ().\n- mei: me: add cannon point device ids for 4th device ().\n- mei: remove dev_err message on an unsupported ioctl (bsc#1051510).\n- mfd: cros ec: spi: Do not send first message too soon (bsc#1051510).\n- mfd: intel-lpss: Fix Intel Cannon Lake LPSS I2C input clock (bsc#1051510).\n- mfd: intel-lpss: Program REMAP register in PIO mode (bsc#1051510).\n- mkspec: only build docs for default variant kernel.\n- mlxsw: spectrum: Disable MAC learning for ovs port (networking-stable-17_12_31).\n- mlxsw: spectrum: Forbid linking to devices that have uppers FIX (stable-fixes).\n- mlxsw: spectrum: Prevent mirred-related crash on removal (networking-stable-17_10_09).\n- mlxsw: spectrum: Relax sanity checks during enslavement (networking-stable-18_01_12).\n- mlxsw: spectrum_buffers: Set a minimum quota for CPU port traffic (networking-stable-18_03_28).\n- mlxsw: spectrum_router: Do not log an error on missing neighbor (networking-stable-18_01_28).\n- mlxsw: spectrum_router: Fix NULL pointer deref (networking-stable-18_01_12).\n- mlxsw: spectrum_router: Fix error path in mlxsw_sp_vr_create (networking-stable-18_03_07).\n- mlxsw: spectrum_router: Simplify a piece of code (networking-stable-18_01_12).\n- mlxsw: spectrum_switchdev: Check success of FDB add operation (networking-stable-18_03_07).\n- mm, oom_reaper: skip mm structs with mmu notifiers (bsc#1099918).\n- mm, page_alloc: do not break __GFP_THISNODE by zonelist reset (bsc#1079152, VM Functionality).\n- mm, percpu: add support for __GFP_NOWARN flag (bsc#1089753).\n- mm, slab: reschedule cache_reap() on the same CPU (VM Functionality, bsc#1097796).\n- mm, swap: fix false error message in __swp_swapcount() (VM Functionality, bsc#1098043).\n- mm, swap: fix race between swap count continuation operations (VM Functionality, bsc#1097373). mm, swap: fix race between swap count continuation operations - KABI fix (VM Functionality, bsc#1097373).\n- mm, thp: do not cause memcg oom for thp (bnc#1089663).\n- mm/fadvise: discard partial page if endbyte is also EOF (bsc#1052766).\n- mm/filemap.c: fix NULL pointer in page_cache_tree_insert() (bsc#1052766).\n- mm/huge_memory.c: __split_huge_page() use atomic ClearPageDirty() (VM Functionality, bsc#1097800).\n- mm/khugepaged.c: convert VM_BUG_ON() to collapse fail (VM Functionality, bsc#1097468).\n- mm/ksm.c: fix inconsistent accounting of zero pages (VM Functionality, bsc#1097780).\n- mm/mempolicy.c: avoid use uninitialized preferred_node (VM Functionality, bsc#1097465).\n- mm/page_owner: fix recursion bug after changing skip entries (VM Functionality, bsc#1097472).\n- mm/pkeys, powerpc, x86: Provide an empty vma_pkey() in linux/pkeys.h (bsc#1078248).\n- mm/pkeys, x86, powerpc: Display pkey in smaps if arch supports pkeys (bsc#1078248).\n- mm/pkeys: Add an empty arch_pkeys_enabled() (bsc#1078248).\n- mm/pkeys: Remove include of asm/mmu_context.h from pkeys.h (bsc#1078248).\n- mm/shmem: do not wait for lock_page() in shmem_unused_huge_shrink() (bnc#1089667).\n- mm/thp: do not wait for lock_page() in deferred_split_scan() (VM Functionality, bsc#1097470).\n- mm: Fix memory size alignment in devm_memremap_pages_release() (VM Functionality, bsc#1097439).\n- mm: fix device-dax pud write-faults triggered by get_user_pages() (bsc#1052766).\n- mm: fix the NULL mapping case in __isolate_lru_page() (bnc#971975 VM -- git fixes).\n- mmc: dw_mmc: exynos: fix the suspend/resume issue for exynos5433 (bsc#1051510).\n- mmc: jz4740: Fix race condition in IRQ mask update (bsc#1051510).\n- mmc: sdhci-iproc: add SDHCI_QUIRK2_HOST_OFF_CARD_ON for cygnus (bsc#1051510).\n- mmc: sdhci-iproc: fix 32bit writes for TRANSFER_MODE register (bsc#1051510).\n- mmc: sdhci-iproc: remove hard coded mmc cap 1.8v (bsc#1051510).\n- mmc: sdhci-pci: Fix voltage switch for some Intel host controllers (bsc#1051510).\n- mmc: sdhci-pci: Only do AMD tuning for HS200 (bsc#1051510).\n- mq-deadline: Enable auto-loading when built as module (bsc#1099918).\n- mremap: Remove LATENCY_LIMIT from mremap to reduce the number of TLB shootdowns (bnc#1095115).\n- mtd: cmdlinepart: Update comment for introduction of OFFSET_CONTINUOUS (bsc#1099918).\n- mtd: jedec_probe: Fix crash in jedec_read_mfr() (bsc#1099918).\n- mtd: nand: fsl_ifc: Fix eccstat array overflow for IFC ver \u003e= 2.0.0 (bsc#1099918).\n- mtd: partitions: add helper for deleting partition (bsc#1099918).\n- mtd: partitions: remove sysfs files when deleting all master\u0027s partitions (bsc#1099918).\n- mtd: ubi: wl: Fix error return code in ubi_wl_init() (bsc#1051510).\n- mwifiex: pcie: tighten a check in mwifiex_pcie_process_event_ready() (bsc#1051510).\n- n_tty: Access echo_* variables carefully (bsc#1051510).\n- n_tty: Fix stall at n_tty_receive_char_special() (bsc#1051510).\n- n_tty: fix EXTPROC vs ICANON interaction with TIOCINQ (aka FIONREAD) (bnc#1094825).\n- nbd: do not start req until after the dead connection logic (bsc#1099918).\n- nbd: fix -ERESTARTSYS handling (bsc#1099918).\n- nbd: fix nbd device deletion (bsc#1099918).\n- nbd: fix return value in error handling path (bsc#1099918).\n- nbd: wait uninterruptible for the dead timeout (bsc#1099918).\n- net sched actions: fix refcnt leak in skbmod (networking-stable-18_05_15).\n- net sched actions: return explicit error when tunnel_key mode is not specified (bsc#1056787).\n- net/ipv6: Fix route leaking between VRFs (networking-stable-18_04_10).\n- net/ipv6: Increment OUTxxx counters after netfilter hook (networking-stable-18_04_10).\n- net/iucv: Free memory obtained by kzalloc (networking-stable-18_03_28).\n- net/mlx4_en: Fix an error handling path in \u0027mlx4_en_init_netdev()\u0027 (networking-stable-18_05_15).\n- net/mlx4_en: Verify coalescing parameters are in range (networking-stable-18_05_15).\n- net/mlx5: E-Switch, Include VF RDMA stats in vport statistics (networking-stable-18_05_15).\n- net/mlx5: Eliminate query xsrq dead code (bsc#1046303).\n- net/mlx5: Fix build break when CONFIG_SMP=n (bsc#1046303).\n- net/mlx5: Fix mlx5_get_vector_affinity function (bsc#1046303).\n- net/mlx5e: Allow offloading ipv4 header re-write for icmp (bsc#1046303).\n- net/mlx5e: Do not reset Receive Queue params on every type change (bsc#1046303).\n- net/mlx5e: Err if asked to offload TC match on frag being first (networking-stable-18_05_15).\n- net/mlx5e: Fixed sleeping inside atomic context (bsc#1046303).\n- net/mlx5e: Remove unused define MLX5_MPWRQ_STRIDES_PER_PAGE (bsc#1046303).\n- net/mlx5e: TX, Use correct counter in dma_map error flow (networking-stable-18_05_15).\n- net/sched: cls_u32: fix cls_u32 on filter replace (networking-stable-18_03_07).\n- net/sched: fix NULL dereference in the error path of tcf_bpf_init() (bsc#1056787).\n- net/sched: fix NULL dereference in the error path of tunnel_key_init() (bsc#1056787).\n- net/sched: fix NULL dereference on the error path of tcf_skbmod_init() (bsc#1056787).\n- net/sctp: Always set scope_id in sctp_inet6_skb_msgname (networking-stable-17_11_20).\n- net/unix: do not show information about sockets from other namespaces (networking-stable-17_11_14).\n- net/usb/qmi_wwan.c: Add USB id for lt4120 modem (bsc#1087092).\n- net: Allow neigh contructor functions ability to modify the primary_key (networking-stable-18_01_28).\n- net: Fix hlist corruptions in inet_evict_bucket() (networking-stable-18_03_28).\n- net: Only honor ifindex in IP_PKTINFO if non-0 (networking-stable-18_03_28).\n- net: Set sk_prot_creator when cloning sockets to the right proto (networking-stable-17_10_09).\n- net: af_packet: fix race in PACKET_{R|T}X_RING (networking-stable-18_04_26).\n- net: bonding: Fix transmit load balancing in balance-alb mode if specified by sysfs (networking-stable-17_10_09).\n- net: bonding: fix tlb_dynamic_lb default value (networking-stable-17_10_09).\n- net: bridge: fix early call to br_stp_change_bridge_id and plug newlink leaks (networking-stable-17_12_31).\n- net: bridge: fix returning of vlan range op errors (networking-stable-17_11_14).\n- net: core: fix module type in sock_diag_bind (networking-stable-18_01_12).\n- net: dsa: bcm_sf2: Clear IDDQ_GLOBAL_PWR bit for PHY (networking-stable-17_12_31).\n- net: dsa: check master device before put (networking-stable-17_11_14).\n- net: dsa: mv88e6xxx: lock mutex when freeing IRQs (networking-stable-17_10_09).\n- net: emac: Fix napi poll list corruption (networking-stable-17_10_09).\n- net: ethernet: arc: Fix a potential memory leak if an optional regulator is deferred (networking-stable-18_03_28).\n- net: ethernet: sun: niu set correct packet size in skb (networking-stable-18_05_15).\n- net: ethernet: ti: cpsw: add check for in-band mode setting with RGMII PHY interface (networking-stable-18_03_28).\n- net: ethernet: ti: cpsw: fix net watchdog timeout (networking-stable-18_03_07).\n- net: ethernet: ti: cpsw: fix packet leaking in dual_mac mode (networking-stable-18_05_15).\n- net: ethernet: ti: cpsw: fix tx vlan priority mapping (networking-stable-18_04_26).\n- net: ethtool: Add missing kernel doc for FEC parameters (bsc#1046540).\n- net: fec: Fix unbalanced PM runtime calls (networking-stable-18_03_28).\n- net: fec: defer probe if regulator is not ready (networking-stable-18_01_12).\n- net: fec: free/restore resource in related probe error pathes (networking-stable-18_01_12).\n- net: fec: restore dev_id in the cases of probe error (networking-stable-18_01_12).\n- net: fec: unmap the xmit buffer that are not transferred by DMA (networking-stable-17_12_31).\n- net: fix deadlock while clearing neighbor proxy table (networking-stable-18_04_26).\n- net: fix possible out-of-bound read in skb_network_protocol() (networking-stable-18_04_10).\n- net: fool proof dev_valid_name() (networking-stable-18_04_10).\n- net: igmp: Use correct source address on IGMPv3 reports (networking-stable-17_12_31).\n- net: igmp: add a missing rcu locking section (git-fixes).\n- net: igmp: fix source address check for IGMPv3 reports (git-fixes).\n- net: ipv4: avoid unused variable warning for sysctl (git-fixes).\n- net: ipv4: do not allow setting net.ipv4.route.min_pmtu below 68 (networking-stable-18_03_07).\n- net: ipv6: keep sk status consistent after datagram connect failure (networking-stable-18_03_28).\n- net: mvmdio: disable/unprepare clocks in EPROBE_DEFER case (networking-stable-17_12_31).\n- net: phy: Fix mask value write on gmii2rgmii converter speed register (networking-stable-17_10_09).\n- net: phy: Tell caller result of phy_change() (networking-stable-18_03_28).\n- net: phy: fix phy_start to consider PHY_IGNORE_INTERRUPT (networking-stable-18_03_07).\n- net: phy: marvell: Limit 88m1101 autoneg errata to 88E1145 as well (networking-stable-17_12_31).\n- net: phy: micrel: ksz9031: reconfigure autoneg after phy autoneg workaround (networking-stable-17_12_31).\n- net: qcom/emac: specify the correct size when mapping a DMA buffer (networking-stable-17_10_09).\n- net: qdisc_pkt_len_init() should be more robust (networking-stable-18_01_28).\n- net: qlge: use memmove instead of skb_copy_to_linear_data (bsc#1050529 bsc#1086319).\n- net: realtek: r8169: implement set_link_ksettings() (networking-stable-17_12_12).\n- net: reevalulate autoflowlabel setting after sysctl setting (networking-stable-17_12_31).\n- net: remove hlist_nulls_add_tail_rcu() (networking-stable-17_12_12).\n- net: sched: fix error path in tcf_proto_create() when modules are not configured (networking-stable-18_05_15).\n- net: sched: ife: check on metadata length (networking-stable-18_04_26).\n- net: sched: ife: handle malformed tlv length (networking-stable-18_04_26).\n- net: sched: ife: signal not finding metaid (networking-stable-18_04_26).\n- net: sched: report if filter is too large to dump (networking-stable-18_03_07).\n- net: stmmac: enable EEE in MII, GMII or RGMII only (networking-stable-18_01_12).\n- net: support compat 64-bit time in {s,g}etsockopt (networking-stable-18_05_15).\n- net: systemport: Correct IPG length settings (networking-stable-17_11_20).\n- net: systemport: Rewrite __bcm_sysport_tx_reclaim() (networking-stable-18_03_28).\n- net: tcp: close sock if net namespace is exiting (networking-stable-18_01_28).\n- net: validate attribute sizes in neigh_dump_table() (networking-stable-18_04_26).\n- net: vrf: Add support for sends to local broadcast address (networking-stable-18_01_28).\n- net_sched: fq: take care of throttled flows before reuse (networking-stable-18_05_15).\n- netfilter/ipvs: clear ipvs_property flag when SKB net namespace changed (networking-stable-17_11_20).\n- netfilter: use skb_to_full_sk in ip6_route_me_harder (bsc#1076830).\n- netlink: avoid a double skb free in genlmsg_mcast() (git-fixes).\n- netlink: do not proceed if dump\u0027s start() errs (networking-stable-17_10_09).\n- netlink: do not set cb_running if dump\u0027s start() errs (networking-stable-17_11_14).\n- netlink: ensure to loop over all netns in genlmsg_multicast_allns() (networking-stable-18_03_07).\n- netlink: extack needs to be reset each time through loop (networking-stable-18_01_28).\n- netlink: make sure nladdr has correct size in netlink_connect() (networking-stable-18_04_10).\n- netlink: put module reference if dump start fails (git-fixes).\n- netlink: reset extack earlier in netlink_rcv_skb (networking-stable-18_01_28).\n- nfit-test: Add platform cap support from ACPI 6.2a to test (bsc#1091424).\n- nfit: skip region registration for incomplete control regions (bsc#1091666).\n- nfp: use full 40 bits of the NSP buffer address (bsc#1055968).\n- nl80211: relax ht operation checks for mesh (bsc#1051510).\n- nubus: Avoid array underflow and overflow (bsc#1099918).\n- nubus: Fix up header split (bsc#1099918).\n- nvme-fabrics: allow duplicate connections to the discovery controller (bsc#1098706).\n- nvme-fabrics: allow internal passthrough command on deleting controllers (bsc#1098706).\n- nvme-fabrics: centralize discovery controller defaults (bsc#1098706).\n- nvme-fabrics: fix and refine state checks in __nvmf_check_ready (bsc#1098706).\n- nvme-fabrics: handle the admin-only case properly in nvmf_check_ready (bsc#1098706).\n- nvme-fabrics: refactor queue ready check (bsc#1098706).\n- nvme-fabrics: remove unnecessary controller subnqn validation (bsc#1098706).\n- nvme-fc: change controllers first connect to use reconnect path (bsc#1098706).\n- nvme-fc: fix nulling of queue data on reconnect (bsc#1098706).\n- nvme-fc: release io queues to allow fast fail (bsc#1098706).\n- nvme-fc: remove reinit_request routine (bsc#1098706).\n- nvme-fc: remove setting DNR on exception conditions (bsc#1098706).\n- nvme-multipath: fix sysfs dangerously created links (bsc#1096529).\n- nvme-rdma: Fix command completion race at error recovery (bsc#1099041).\n- nvme-rdma: correctly check for target keyed sgl support (bsc#1099041).\n- nvme-rdma: do not override opts-\u003equeue_size (bsc#1099041).\n- nvme-rdma: fix error flow during mapping request data (bsc#1099041).\n- nvme-rdma: fix possible double free condition when failing to create a controller (bsc#1099041).\n- nvme/multipath: Fix multipath disabled naming collisions (bsc#1098706).\n- nvme: Set integrity flag for user passthrough commands (bsc#1098706).\n- nvme: Skip checking heads without namespaces (bsc#1098706).\n- nvme: Use admin command effects for admin commands (bsc#1098706).\n- nvme: add quirk to force medium priority for SQ creation ().\n- nvme: allow duplicate controller if prior controller being deleted (bsc#1098706).\n- nvme: check return value of init_srcu_struct function (bsc#1098706).\n- nvme: do not send keep-alives to the discovery controller ().\n- nvme: expand nvmf_check_if_ready checks (bsc#1098706).\n- nvme: fix NULL pointer dereference in nvme_init_subsystem (bsc#1098706).\n- nvme: fix extended data LBA supported setting ().\n- nvme: fix lockdep warning in nvme_mpath_clear_current_path ().\n- nvme: fix potential memory leak in option parsing (bsc#1098706).\n- nvme: move init of keep_alive work item to controller initialization (bsc#1098706).\n- nvme: target: fix buffer overflow ().\n- nvmet-fc: increase LS buffer count per fc port (bsc#1098706).\n- nvmet: fix space padding in serial number ().\n- nvmet: switch loopback target state to connecting when resetting (bsc#1098706).\n- objtool, perf: Fix GCC 8 -Wrestrict error (Fix gcc 8 restrict error).\n- ocfs2/acl: use \u0027ip_xattr_sem\u0027 to protect getting extended attribute (bsc#1052766).\n- ocfs2/dlm: Fix up kABI in dlm_ctxt (bsc#1052766).\n- ocfs2/dlm: wait for dlm recovery done when migrating all lock resources (bsc#1052766).\n- ocfs2: return -EROFS to mount.ocfs2 if inode block is invalid (bsc#1052766).\n- of: overlay: validate offset from property fixups (bsc#1051510).\n- of: platform: stop accessing invalid dev in of_platform_device_destroy (bsc#1051510).\n- of: unittest: for strings, account for trailing \\0 in property length field (bsc#1051510).\n- omapdrm: panel: fix compatible vendor string for td028ttec1 (bsc#1051510).\n- openvswitch: Do not swap table in nlattr_set() after OVS_ATTR_NESTED is found (networking-stable-18_05_15).\n- ovl: Put upperdentry if ovl_check_origin() fails (bsc#1088704).\n- ovl: Return -ENOMEM if an allocation fails ovl_lookup() (bsc#1096065).\n- ovl: fix failure to fsync lower dir (bsc#108871).\n- ovl: fix lookup with middle layer opaque dir and absolute path redirects (bsc#1090605).\n- p54: do not unregister leds when they are not initialized (bsc#1051510).\n- parport_pc: Add support for WCH CH382L PCI-E single parallel port card (bsc#1051510).\n- partitions/msdos: Unable to mount UFS 44bsd partitions (bsc#1051510).\n- pinctrl/amd: Fix build dependency on pinmux code (bsc#1051510).\n- pinctrl/amd: save pin registers over suspend/resume (bsc#1051510).\n- pinctrl: adi2: Fix Kconfig build problem (bsc#1051510).\n- pinctrl: armada-37xx: Fix direction_output() callback behavior (bsc#1051510).\n- pinctrl: artpec6: dt: add missing pin group uart5nocts (bsc#1051510).\n- pinctrl: baytrail: Enable glitch filter for GPIOs used as interrupts (bsc#1051510).\n- pinctrl: denverton: Fix UART2 RTS pin mode (bsc#1051510).\n- pinctrl: pxa: pxa2xx: add missing MODULE_DESCRIPTION/AUTHOR/LICENSE (bsc#1051510).\n- pinctrl: rockchip: enable clock when reading pin direction register (bsc#1051510).\n- pinctrl: samsung: Fix NULL pointer exception on external interrupts on S3C24xx (bsc#1051510).\n- pinctrl: samsung: Fix invalid register offset used for Exynos5433 external interrupts (bsc#1051510).\n- pinctrl: sh-pfc: r8a7795-es1: Fix MOD_SEL1 bit[25:24] to 0x3 when using STP_ISEN_1_D (bsc#1051510).\n- pinctrl: sh-pfc: r8a7796: Fix MOD_SEL register pin assignment for SSI pins group (bsc#1051510).\n- pinctrl: sunxi: Fix A64 UART mux value (bsc#1051510).\n- pinctrl: sunxi: Fix A80 interrupt pin bank (bsc#1051510).\n- pinctrl: sx150x: Add a static gpio/pinctrl pin range mapping (bsc#1051510).\n- pinctrl: sx150x: Register pinctrl before adding the gpiochip (bsc#1051510).\n- pinctrl: sx150x: Unregister the pinctrl on release (bsc#1051510).\n- pipe: fix off-by-one error when checking buffer limits (bsc#1051510).\n- pktcdvd: Fix a recently introduced NULL pointer dereference (bsc#1099918).\n- pktcdvd: Fix pkt_setup_dev() error path (bsc#1099918).\n- platform/chrome: Use proper protocol transfer function (bsc#1051510).\n- platform/chrome: cros_ec_lpc: remove redundant pointer request (bsc#1051510).\n- platform/x86: asus-wireless: Fix NULL pointer dereference (bsc#1051510).\n- platform/x86: asus-wmi: Fix NULL pointer dereference (bsc#1051510).\n- platform/x86: fujitsu-laptop: Support Lifebook U7x7 hotkeys (bsc#1087284).\n- platform/x86: ideapad-laptop: Add MIIX 720-12IKB to no_hw_rfkill (bsc#1093035).\n- platform/x86: ideapad-laptop: Apply no_hw_rfkill to Y20-15IKBM, too (bsc#1098626).\n- platform/x86: thinkpad_acpi: suppress warning about palm detection (bsc#1051510).\n- power: supply: ab8500_charger: Bail out in case of error in \u0027ab8500_charger_init_hw_registers()\u0027 (bsc#1051510).\n- power: supply: ab8500_charger: Fix an error handling path (bsc#1051510).\n- power: supply: axp288_charger: Properly stop work on probe-error / remove (bsc#1051510).\n- powerpc/64s/idle: avoid sync for KVM state when waking from idle (bsc#1061840).\n- powerpc/64s: Fix mce accounting for powernv (bsc#1094244).\n- powerpc/fadump: Do not use hugepages when fadump is active (bsc#1092772).\n- powerpc/fadump: exclude memory holes while reserving memory in second kernel (bsc#1092772).\n- powerpc/kvm: Fix guest boot failure on Power9 since DAWR changes (bsc#1061840).\n- powerpc/kvm: Fix lockups when running KVM guests on Power8 (bsc#1061840).\n- powerpc/livepatch: Fix KABI breaker in stacktrace.c (bsc#1071995 bsc#1072856 bsc#1087458 bsc#1089664 bsc#1089669).\n- powerpc/livepatch: Fix build error with kprobes disabled (bsc#1071995).\n- powerpc/mm: Fix thread_pkey_regs_init() (bsc#1078248, git-fixes).\n- powerpc/perf: Add blacklisted events for Power9 DD2.1 (bsc1056686).\n- powerpc/perf: Add blacklisted events for Power9 DD2.2 (bsc1056686).\n- powerpc/perf: Fix kernel address leak via sampling registers (bsc1056686).\n- powerpc/perf: Infrastructure to support addition of blacklisted events (bsc1056686).\n- powerpc/perf: Prevent kernel address leak to userspace via BHRB buffer (bsc1056686).\n- powerpc/perf: Prevent kernel address leak via perf_get_data_addr() (bsc1056686).\n- powerpc/perf: fix bug references.\n- powerpc/pkeys: Detach execute_only key on !PROT_EXEC (bsc#1078248, git-fixes).\n- powerpc/pkeys: Drop private VM_PKEY definitions (bsc#1078248).\n- powerpc/ptrace: Fix enforcement of DAWR constraints (bsc#1099918).\n- powerpc/xmon: Also setup debugger hooks when single-stepping (bsc#1072829).\n- powerpc64/ftrace: Add a field in paca to disable ftrace in unsafe code paths (bsc#1088804).\n- powerpc64/ftrace: Add helpers to hard disable ftrace (bsc#1088804).\n- powerpc64/ftrace: Delay enabling ftrace on secondary cpus (bsc#1088804).\n- powerpc64/ftrace: Disable ftrace during hotplug (bsc#1088804).\n- powerpc64/ftrace: Disable ftrace during kvm guest entry/exit (bsc#1088804).\n- powerpc64/ftrace: Rearrange #ifdef sections in ftrace.h (bsc#1088804).\n- powerpc64/ftrace: Use the generic version of ftrace_replace_code() (bsc#1088804).\n- powerpc64/kexec: Hard disable ftrace before switching to the new kernel (bsc#1088804).\n- powerpc64/module: Tighten detection of mcount call sites with -mprofile-kernel (bsc#1088804).\n- powerpc: Machine check interrupt is a non-maskable interrupt (bsc#1094244).\n- ppp: avoid loop in xmit recursion detection code (networking-stable-18_03_28).\n- ppp: fix race in ppp device destruction (networking-stable-17_11_14).\n- ppp: prevent unregistered channels from connecting to PPP units (networking-stable-18_03_07).\n- ppp: unlock all_ppp_mutex before registering device (networking-stable-18_01_28).\n- pppoe: check sockaddr length in pppoe_connect() (networking-stable-18_04_26).\n- pppoe: take -\u003eneeded_headroom of lower device into account on xmit (networking-stable-18_01_28).\n- pptp: remove a buggy dst release in pptp_connect() (networking-stable-18_04_10).\n- printk: fix possible reuse of va_list variable (bsc#1100602).\n- procfs: add tunable for fd/fdinfo dentry retention (bsc#1086652).\n- ptr_ring: add barriers (networking-stable-17_12_31).\n- pty: cancel pty slave port buf\u0027s work in tty_release (bsc#1051510).\n- pwm: lpss: platform: Save/restore the ctrl register over a suspend/resume (bsc#1051510).\n- pwm: rcar: Fix a condition to prevent mismatch value setting to duty (bsc#1051510).\n- pwm: stmpe: Fix wrong register offset for hwpwm=2 case (bsc#1051510).\n- qed: Fix l2 initializations over iWARP personality (bsc#1050536 bsc#1050545).\n- qed: Fix non TCP packets should be dropped on iWARP ll2 connection (bsc#1050545).\n- qed: Free RoCE ILT Memory on rmmod qedr (bsc#1050536 bsc#1050545).\n- qed: Use after free in qed_rdma_free() (bsc#1050536 bsc#1050545).\n- qede: Fix gfp flags sent to rdma event node allocation (bsc#1050538 bsc#1050545).\n- qede: Fix qedr link update (bsc#1050538 bsc#1050545).\n- qla2xxx: Mask off Scope bits in retry delay (bsc#1068054).\n- qmi_wwan: Add missing skb_reset_mac_header-call (networking-stable-17_11_20).\n- qmi_wwan: Add support for Quectel EP06 (networking-stable-18_02_06).\n- qmi_wwan: do not steal interfaces from class drivers (bsc#1092888).\n- r8169: fix powering up RTL8168h (bsc#1051510).\n- r8169: fix setting driver_data after register_netdev (bsc#1051510).\n- radeon: hide pointless #warning when compile testing (bsc#1051510).\n- radix tree test suite: add item_delete_rcu() (bsc#1095467).\n- radix tree test suite: fix compilation issue (bsc#1095467).\n- radix tree test suite: fix mapshift build target (bsc#1095467).\n- radix tree test suite: multi-order iteration race (bsc#1095467).\n- radix tree: fix multi-order iteration race (bsc#1095467).\n- raid10: check bio in r10buf_pool_free to void NULL pointer dereference (bsc#1098174).\n- raid1: copy write hint from master bio to behind bio (bsc#1093023).\n- raid1: prevent freeze_array/wait_all_barriers deadlock (bsc#1093023).\n- raid1: remove obsolete code in raid1_write_request (bsc#1093023).\n- raid5-ppl: PPL support for disks with write-back cache enabled (bsc#1093023).\n- raid5-ppl: fix handling flush requests (bsc#1093023).\n- raid5: Set R5_Expanded on parity devices as well as data (bsc#1093023).\n- raid5: remove raid5_build_block (bsc#1093023).\n- raid: remove tile specific raid6 implementation (bsc#1093023).\n- random: crng_reseed() should lock the crng instance that it is modifying (bsc#1051510).\n- random: use a different mixing algorithm for add_device_randomness() (bsc#1051510).\n- random: use a tighter cap in credit_entropy_bits_safe() (bsc#1051510).\n- rbd: use GFP_NOIO for parent stat and data requests (bsc#1093728).\n- rds: Incorrect reference counting in TCP socket creation (bsc#1076830).\n- rds: MP-RDS may use an invalid c_path (networking-stable-18_04_13).\n- rds: do not leak kernel memory to user land (networking-stable-18_05_15).\n- regulator: Do not return or expect -errno from of_map_mode() (bsc#1099029).\n- regulator: cpcap: Fix standby mode (bsc#1051510).\n- regulator: gpio: Fix some error handling paths in \u0027gpio_regulator_probe()\u0027 (bsc#1091960).\n- regulator: of: Add a missing \u0027of_node_put()\u0027 in an error handling path of \u0027of_regulator_match()\u0027 (bsc#1051510).\n- resource: fix integer overflow at reallocation (bsc#1086739).\n- restore cond_resched() in shrink_dcache_parent() (bsc#1098599).\n- rfkill: gpio: fix memory leak in probe error path (bsc#1051510).\n- rhashtable: Fix rhlist duplicates insertion (bsc#1051510).\n- rmdir(),rename(): do shrink_dcache_parent() only on success (bsc#1100340).\n- rocker: fix possible null pointer dereference in rocker_router_fib_event_work (networking-stable-18_02_06).\n- route: check sysctl_fib_multipath_use_neigh earlier than hash (networking-stable-18_04_10).\n- rpm/config.sh: Fixup BUGZILLA_PRODUCT variable\n- rpm/kernel-docs.spec.in: Fix and cleanup for 4.13 doc build (bsc#1048129) The whole DocBook stuff has been deleted. The PDF build still non-working thus the sub-packaging disabled so far.\n- rpm/kernel-source.changes.old: Add pre-SLE15 history (bsc#1098995).\n- rpm/modules.fips include module list from dracut\n- rt2x00: do not pause queue unconditionally on error path (bsc#1051510).\n- rtc-opal: Fix handling of firmware error codes, prevent busy loops (bsc#1051510).\n- rtc: hctosys: Ensure system time does not overflow time_t (bsc#1051510).\n- rtc: pcf8563: fix output clock rate (bsc#1051510).\n- rtc: pl031: make interrupt optional (bsc#1051510).\n- rtc: snvs: Fix usage of snvs_rtc_enable (bsc#1051510).\n- rtc: tx4939: avoid unintended sign extension on a 24 bit shift (bsc#1051510).\n- rtl8187: Fix NULL pointer dereference in priv-\u003econf_mutex (bsc#1051510).\n- rtlwifi: rtl8192cu: Remove variable self-assignment in rf.c (bsc#1051510).\n- rxrpc: Fix send in rxrpc_send_data_packet() (networking-stable-18_03_07).\n- s390/archrandom: Reconsider s390 arch random implementation (bnc#1096753, LTC#168037).\n- s390/archrandom: Rework arch random implementation (bnc#1096753, LTC#168037).\n- s390/cio: update chpid descriptor after resource accessibility event (bnc#1093148, LTC#167307).\n- s390/cpum_sf: ensure sample frequency of perf event attributes is non-zero (bnc#1096753, LTC#168037).\n- s390/dasd: fix IO error for newly defined devices (bnc#1093148, LTC#167307).\n- s390/qdio: do not merge ERROR output buffers (bsc#1099715).\n- s390/qdio: fix access to uninitialized qdio_q fields (bnc#1096753, LTC#168037).\n- s390/qeth: do not dump control cmd twice (bsc#1099715).\n- s390/qeth: fix IPA command submission race (networking-stable-18_03_07).\n- s390/qeth: fix IPA command submission race (bsc#1099715).\n- s390/qeth: fix MAC address update sequence (bnc#1093148, LTC#167307).\n- s390/qeth: fix overestimated count of buffer elements (bsc#1099715).\n- s390/qeth: fix overestimated count of buffer elements (networking-stable-18_03_07).\n- s390/qeth: free netdevice when removing a card (networking-stable-18_03_28).\n- s390/qeth: free netdevice when removing a card (bsc#1099715).\n- s390/qeth: lock read device while queueing next buffer (bsc#1099715).\n- s390/qeth: lock read device while queueing next buffer (networking-stable-18_03_28).\n- s390/qeth: translate SETVLAN/DELVLAN errors (bnc#1093148, LTC#167307).\n- s390/qeth: use Read device to query hypervisor for MAC (bsc#1061024).\n- s390/qeth: when thread completes, wake up all waiters (bsc#1099715).\n- s390/qeth: when thread completes, wake up all waiters (networking-stable-18_03_28).\n- s390/uprobes: implement arch_uretprobe_is_alive() (bnc#1093148, LTC#167307).\n- s390/zcrypt: Fix CCA and EP11 CPRB processing failure memory leak (bnc#1096753, LTC#168037).\n- sch_netem: fix skb leak in netem_enqueue() (networking-stable-18_03_28).\n- sched/numa: Stagger NUMA balancing scan periods for new threads (Automatic NUMA Balancing ()).\n- sched: Make resched_cpu() unconditional (Git-fixes).\n- sched: Stop resched_cpu() from sending IPIs to offline CPUs (Git-fixes).\n- sched: Stop switched_to_rt() from sending IPIs to offline CPUs (Git-fixes).\n- scripts/git_sort/git_sort.py:\n- scripts/git_sort/git_sort.py: add Viro\u0027s vfs git\n- scsi: core: return BLK_STS_OK for DID_OK in __scsi_error_from_host_byte() (bsc#1099918).\n- scsi: ipr: Format HCAM overlay ID 0x41 (bsc#1097961).\n- scsi: ipr: new IOASC update (bsc#1097961).\n- scsi: lpfc: Add per io channel NVME IO statistics (bsc#1088866).\n- scsi: lpfc: Change IO submit return to EBUSY if remote port is recovering (bsc#1088866).\n- scsi: lpfc: Comment cleanup regarding Broadcom copyright header (bsc#1088866).\n- scsi: lpfc: Correct fw download error message (bsc#1088866).\n- scsi: lpfc: Correct missing remoteport registration during link bounces (bsc#1088866).\n- scsi: lpfc: Correct target queue depth application changes (bsc#1088866).\n- scsi: lpfc: Driver NVME load fails when CPU cnt \u003e WQ resource cnt (bsc#1088866).\n- scsi: lpfc: Enhance log messages when reporting CQE errors (bsc#1088866).\n- scsi: lpfc: Enlarge nvmet asynchronous receive buffer counts (bsc#1088866).\n- scsi: lpfc: Fix 16gb hbas failing cq create (bsc#1093290).\n- scsi: lpfc: Fix Abort request WQ selection (bsc#1088866).\n- scsi: lpfc: Fix MDS diagnostics failure (Rx andlt; Tx) (bsc#1088866).\n- scsi: lpfc: Fix NULL pointer access in lpfc_nvme_info_show (bsc#1088866).\n- scsi: lpfc: Fix NULL pointer reference when resetting adapter (bsc#1088866).\n- scsi: lpfc: Fix crash in blk_mq layer when executing modprobe -r lpfc (bsc#1088866).\n- scsi: lpfc: Fix driver not recovering NVME rports during target link faults (bsc#1088866).\n- scsi: lpfc: Fix lingering lpfc_wq resource after driver unload (bsc#1088866).\n- scsi: lpfc: Fix multiple PRLI completion error path (bsc#1088866).\n- scsi: lpfc: Fix nvme remoteport registration race conditions (bsc#1088866).\n- scsi: lpfc: Fix port initialization failure (bsc#1093290).\n- scsi: lpfc: Fix up log messages and stats counters in IO submit code path (bsc#1088866).\n- scsi: lpfc: Handle new link fault code returned by adapter firmware (bsc#1088866).\n- scsi: lpfc: correct oversubscription of nvme io requests for an adapter (bsc#1088866).\n- scsi: lpfc: enhance LE data structure copies to hardware (bsc#1088866).\n- scsi: lpfc: fix spelling mistakes: \u0027mabilbox\u0027 and \u0027maibox\u0027 (bsc#1088866).\n- scsi: lpfc: update driver version to 12.0.0.2 (bsc#1088866).\n- scsi: lpfc: update driver version to 12.0.0.3 (bsc#1088866).\n- scsi: lpfc: update driver version to 12.0.0.4 (bsc#1088866).\n- scsi: qla2xxx: Add FC-NVMe abort processing (bsc#1084570).\n- scsi: qla2xxx: Add changes for devloss timeout in driver (bsc#1084570).\n- scsi: qla2xxx: Cleanup code to improve FC-NVMe error handling (bsc#1084570).\n- scsi: qla2xxx: Delete session for nport id change (bsc#1077338).\n- scsi: qla2xxx: Fix Async GPN_FT for FCP and FC-NVMe scan (bsc#1084570).\n- scsi: qla2xxx: Fix FC-NVMe IO abort during driver reset (bsc#1084570).\n- scsi: qla2xxx: Fix n2n_ae flag to prevent dev_loss on PDB change (bsc#1084570).\n- scsi: qla2xxx: Fix retry for PRLI RJT with reason of BUSY (bsc#1084570).\n- scsi: qla2xxx: Fix small memory leak in qla2x00_probe_one on probe failure (bsc#1077338).\n- scsi: qla2xxx: Remove nvme_done_list (bsc#1084570).\n- scsi: qla2xxx: Remove unneeded message and minor cleanup for FC-NVMe (bsc#1084570).\n- scsi: qla2xxx: Restore ZIO threshold setting (bsc#1084570).\n- scsi: qla2xxx: Return busy if rport going away (bsc#1084570).\n- scsi: qla2xxx: Set IIDMA and fcport state before qla_nvme_register_remote() (bsc#1084570).\n- scsi: qla2xxx: Update driver version to 10.00.00.06-k (bsc#1084570).\n- scsi: raid_class: Add \u0027JBOD\u0027 RAID level (bsc#1093023).\n- scsi: sg: mitigate read/write abuse (bsc#1101296).\n- scsi: target: fix crash with iscsi target and dvd (bsc#1099918).\n- sctp: delay the authentication for the duplicated cookie-echo chunk (networking-stable-18_05_15).\n- sctp: do not check port in sctp_inet6_cmp_addr (networking-stable-18_04_26).\n- sctp: do not leak kernel memory to user space (networking-stable-18_04_10).\n- sctp: do not retransmit upon FragNeeded if PMTU discovery is disabled (networking-stable-18_01_12).\n- sctp: fix dst refcnt leak in sctp_v6_get_dst() (networking-stable-18_03_07).\n- sctp: fix the handling of ICMP Frag Needed for too small MTUs (networking-stable-18_01_12).\n- sctp: fix the issue that the cookie-ack with auth can\u0027t get processed (networking-stable-18_05_15).\n- sctp: full support for ipv6 ip_nonlocal_bind and IP_FREEBIND (networking-stable-17_11_14).\n- sctp: handle two v4 addrs comparison in sctp_inet6_cmp_addr (git-fixes).\n- sctp: potential read out of bounds in sctp_ulpevent_type_enabled() (networking-stable-17_10_09).\n- sctp: remove sctp_chunk_put from fail_mark err path in sctp_ulpevent_make_rcvmsg (networking-stable-18_05_15).\n- sctp: reset owner sk for data chunks on out queues when migrating a sock (networking-stable-17_11_14).\n- sctp: sctp_sockaddr_af must check minimal addr length for AF_INET6 (networking-stable-18_04_10).\n- sctp: use right member as the param of list_for_each_entry (git-fixes).\n- sctp: use the old asoc when making the cookie-ack chunk in dupcook_d (networking-stable-18_05_15).\n- sdhci: Advertise 2.0v supply on SDIO host controller (bsc#1051510).\n- selinux: KASAN: slab-out-of-bounds in xattr_getsecurity (bsc#1051510).\n- selinux: ensure the context is NUL terminated in security_context_to_sid_core() (bsc#1051510).\n- selinux: skip bounded transition processing if the policy isn\u0027t loaded (bsc#1051510).\n- serdev: fix memleak on module unload (bsc#1051510).\n- serdev: fix receive_buf return value when no callback (bsc#1051510).\n- serdev: fix registration of second slave (bsc#1051510).\n- serdev: ttyport: add missing open() error handling (bsc#1051510).\n- serdev: ttyport: add missing receive_buf sanity checks (bsc#1051510).\n- serdev: ttyport: enforce tty-driver open() requirement (bsc#1051510).\n- serdev: ttyport: fix NULL-deref on hangup (bsc#1051510).\n- serdev: ttyport: fix tty locking in close (bsc#1051510).\n- serial: 8250: Preserve DLD[7:4] for PORT_XR17V35X (bsc#1051510).\n- serial: 8250: omap: Fix idling of clocks for unused uarts (bsc#1051510).\n- serial: 8250_dw: Disable clock on error (bsc#1051510).\n- serial: 8250_fintek: Fix finding base_port with activated SuperIO (bsc#1051510).\n- serial: 8250_pci: Add Brainboxes UC-260 4 port serial device (bsc#1051510).\n- serial: altera: ensure port-\u003eregshift is honored consistently (bsc#1051510).\n- serial: arc_uart: Fix out-of-bounds access through DT alias (bsc#1051510).\n- serial: core: mark port as initialized in autoconfig (bsc#1051510).\n- serial: fsl_lpuart: Fix out-of-bounds access through DT alias (bsc#1051510).\n- serial: imx: Fix out-of-bounds access through serial port index (bsc#1051510).\n- serial: imx: Only wakeup via RTSDEN bit if the system has RTS/CTS (bsc#1051510).\n- serial: mxs-auart: Fix out-of-bounds access through serial port index (bsc#1051510).\n- serial: omap: Fix EFR write on RTS deassertion (bsc#1051510).\n- serial: samsung: Fix out-of-bounds access through serial port index (bsc#1051510).\n- serial: samsung: fix maxburst parameter for DMA transactions (bsc#1051510).\n- serial: sh-sci: Fix out-of-bounds access through DT alias (bsc#1051510).\n- serial: sh-sci: Stop using printk format %pCr (bsc#1051510).\n- serial: sh-sci: prevent lockup on full TTY buffers (bsc#1051510).\n- serial: xuartps: Fix out-of-bounds access through DT alias (bsc#1051510).\n- sget(): handle failures of register_shrinker() (bsc#1052766).\n- sh_eth: fix SH7757 GEther initialization (networking-stable-18_01_12).\n- sh_eth: fix TSU resource handling (networking-stable-18_01_12).\n- skbuff: Fix not waking applications when errors are enqueued (networking-stable-18_03_28).\n- sky2: Increase D3 delay to sky2 stops working after suspend (bsc#1051510).\n- slip: Check if rstate is initialized before uncompressing (networking-stable-18_04_13).\n- sock: free skb in skb_complete_tx_timestamp on error (networking-stable-17_12_31).\n- soreuseport: fix mem leak in reuseport_add_sock() (networking-stable-18_02_06).\n- spi: Fix scatterlist elements size in spi_map_buf (bsc#1051510).\n- spi: a3700: Fix clk prescaling for coefficient over 15 (bsc#1051510).\n- spi: a3700: Return correct value on timeout detection (bsc#1051510).\n- spi: armada-3700: Fix failing commands with quad-SPI (bsc#1051510).\n- spi: atmel: fixed spin_lock usage inside atmel_spi_remove (bsc#1051510).\n- spi: atmel: init FIFOs before spi enable (bsc#1051510).\n- spi: bcm-qspi: Fix use after free in bcm_qspi_probe() in error path (bsc#1051510).\n- spi: imx: do not access registers while clocks disabled (bsc#1051510).\n- spi: sh-msiof: Fix DMA transfer size check (bsc#1051510).\n- spi: spi-axi: fix potential use-after-free after deregistration (bsc#1051510).\n- spi: sun4i: disable clocks in the remove function (bsc#1051510).\n- spi: sun6i: disable/unprepare clocks on remove (bsc#1051510).\n- spi: xilinx: Detect stall with Unknown commands (bsc#1051510).\n- srcu: Provide ordering for CPU not involved in grace period (bsc#1052766).\n- staging: bcm2835-audio: Release resources on module_exit() (bsc#1051510).\n- staging: comedi: fix comedi_nsamples_left (bsc#1051510).\n- staging: comedi: ni_mio_common: ack ai fifo error interrupts (bsc#1051510).\n- staging: iio: ad5933: switch buffer mode to software (bsc#1051510).\n- staging: iio: ad7192: Fix - use the dedicated reset function avoiding dma from stack (bsc#1051510).\n- staging: iio: adc: ad7192: fix external frequency setting (bsc#1051510).\n- staging: rtl8192u: return -ENOMEM on failed allocation of priv-\u003eoldaddr (bsc#1051510).\n- staging: vchiq_2835_arm: Fix NULL ptr dereference in free_pagelist (bsc#1051510).\n- staging: wilc1000: Fix bssid buffer offset in Txq (bsc#1051510).\n- stm class: Fix a use-after-free (bsc#1051510).\n- stm class: Use vmalloc for the master map (bsc#1051510).\n- stmmac: reset last TSO segment size after device open (networking-stable-17_12_12).\n- strparser: Do not call mod_delayed_work with a timeout of LONG_MAX (networking-stable-18_04_26).\n- strparser: Fix incorrect strp-\u003eneed_bytes value (networking-stable-18_04_26).\n- strparser: Fix sign of err codes (networking-stable-18_04_10).\n- sunrpc: remove incorrect HMAC request initialization (bsc#1051510).\n- supported.conf: Remove external flag from iwlwifi modules (bsc#1093273)\n- supported.conf: fix folder of the driver module\n- swap: divide-by-zero when zero length swap file on ssd (bsc#1051510).\n- swiotlb: suppress warning when __GFP_NOWARN is set (bsc#1051510).\n- tap: reference to KVA of an unloaded module causes kernel panic (networking-stable-17_11_14).\n- target: transport should handle st FM/EOM/ILI reads (bsc#1081599).\n- tcp: do not read out-of-bounds opsize (networking-stable-18_04_26).\n- tcp: fix data delivery rate (networking-stable-17_10_09).\n- tcp: ignore Fast Open on repair mode (networking-stable-18_05_15).\n- tcp: md5: reject TCP_MD5SIG or TCP_MD5SIG_EXT on established sockets (networking-stable-18_04_26).\n- tcp: release sk_frag.page in tcp_disconnect (networking-stable-18_02_06).\n- tcp: revert F-RTO extension to detect more spurious timeouts (networking-stable-18_03_07).\n- tcp: revert F-RTO middle-box workaround (bsc#1076830).\n- tcp_bbr: fix to zero idle_restart only upon S/ACKed data (networking-stable-18_05_15).\n- tcp_bbr: record \u0027full bw reached\u0027 decision in new full_bw_reached bit (networking-stable-17_12_31).\n- tcp_bbr: reset full pipe detection on loss recovery undo (networking-stable-17_12_31).\n- tcp_bbr: reset long-term bandwidth sampling on loss recovery undo (networking-stable-17_12_31).\n- tcp_nv: fix division by zero in tcpnv_acked() (networking-stable-17_11_20).\n- team: Fix double free in error path (networking-stable-18_03_28).\n- team: avoid adding twice the same option to the event list (networking-stable-18_04_26).\n- team: fix netconsole setup over team (networking-stable-18_04_26).\n- team: move dev_mc_sync after master_upper_dev_link in team_port_add (networking-stable-18_04_10).\n- tee: check shm references are consistent in offset/size (bsc#1051510).\n- tee: shm: fix use-after-free via temporarily dropped reference (bsc#1051510).\n- test_firmware: fix missing unlock on error in config_num_requests_store() (bsc#1051510).\n- test_firmware: fix setting old custom fw path back on exit (bsc#1051510).\n- test_firmware: fix setting old custom fw path back on exit, second try (bsc#1051510).\n- tg3: APE heartbeat changes (bsc#1086286).\n- tg3: Add Macronix NVRAM support (bsc#1086286).\n- tg3: Fix vunmap() BUG_ON() triggered from tg3_free_consistent() (bsc#1086286).\n- tg3: prevent scheduling while atomic splat (bsc#1086286).\n- thermal/drivers/step_wise: Fix temperature regulation misbehavior (bsc#1051510).\n- thermal: bcm2835: Stop using printk format %pCr (bsc#1051510).\n- thermal: enable broadcom menu for arm64 bcm2835 (bsc#1095573).\n- thermal: exynos: Propagate error value from tmu_read() (bsc#1051510).\n- thermal: exynos: Reading temperature makes sense only when TMU is turned on (bsc#1051510).\n- thermal: imx: Fix race condition in imx_thermal_probe() (bsc#1051510).\n- thermal: int3400_thermal: fix error handling in int3400_thermal_probe() (bsc#1051510).\n- thermal: int3403_thermal: Fix NULL pointer deref on module load / probe (bsc#1051510).\n- thermal: power_allocator: fix one race condition issue for thermal_instances list (bsc#1051510).\n- thunderbolt: Prevent crash when ICM firmware is not running (bsc#1090888).\n- thunderbolt: Resume control channel after hibernation image is created (bsc#1051510).\n- thunderbolt: Serialize PCIe tunnel creation with PCI rescan (bsc#1090888).\n- thunderbolt: Wait a bit longer for ICM to authenticate the active NVM (bsc#1090888).\n- timekeeping: Eliminate the stale declaration of ktime_get_raw_and_real_ts64() (bsc#1099918).\n- timers: Invoke timer_start_debug() where it makes sense (Git-fixes).\n- timers: Reinitialize per cpu bases on hotplug (Git-fixes).\n- timers: Unconditionally check deferrable base (Git-fixes).\n- timers: Use deferrable base independent of base::nohz_active (Git-fixes).\n- tipc: add policy for TIPC_NLA_NET_ADDR (networking-stable-18_04_26).\n- tipc: fix a memory leak in tipc_nl_node_get_link() (networking-stable-18_01_28).\n- tipc: fix hanging poll() for stream sockets (networking-stable-17_12_31).\n- tipc: fix memory leak in tipc_accept_from_sock() (networking-stable-17_12_12).\n- tools headers: Restore READ_ONCE() C++ compatibility (bsc#1093023).\n- tools/lib/subcmd/pager.c: do not alias select() params (Fix gcc 8 restrict error).\n- tracing/uprobe_event: Fix strncpy corner case (bsc#1099918).\n- tracing: Fix converting enum\u0027s from the map in trace_event_eval_update() (bsc#1099918).\n- tracing: Fix missing tab for hwlat_detector print format (bsc#1099918).\n- tracing: Kconfig text fixes for CONFIG_HWLAT_TRACER (bsc#1099918).\n- tracing: Make the snapshot trigger work with instances (bsc#1099918).\n- tracing: probeevent: Fix to support minus offset from symbol (bsc#1099918).\n- tty fix oops when rmmod 8250 (bsc#1051510).\n- tty/serial: atmel: add new version check for usart (bsc#1051510).\n- tty/serial: atmel: use port-\u003ename as name in request_irq() (bsc#1051510).\n- tty: Avoid possible error pointer dereference at tty_ldisc_restore() (bsc#1051510).\n- tty: Do not call panic() at tty_ldisc_init() (bsc#1051510).\n- tty: Use __GFP_NOFAIL for tty_ldisc_get() (bsc#1051510).\n- tty: fix __tty_insert_flip_char regression (bsc#1051510).\n- tty: fix tty_ldisc_receive_buf() documentation (bsc#1051510).\n- tty: improve tty_insert_flip_char() fast path (bsc#1051510).\n- tty: improve tty_insert_flip_char() slow path (bsc#1051510).\n- tty: make n_tty_read() always abort if hangup is in progress (bsc#1051510).\n- tty: n_gsm: Allow ADM response in addition to UA for control dlci (bsc#1051510).\n- tty: n_gsm: Fix DLCI handling for ADM mode if debug and 2 is not set (bsc#1051510).\n- tty: n_gsm: Fix long delays with control frame timeouts in ADM mode (bsc#1051510).\n- tty: pl011: Avoid spuriously stuck-off interrupts (bsc#1051510).\n- tty: vt: fix up tabstops properly (bsc#1051510).\n- tun/tap: sanitize TUNSETSNDBUF input (networking-stable-17_11_14).\n- tun: allow positive return values on dev_get_valid_name() call (networking-stable-17_11_14).\n- tun: bail out from tun_get_user() if the skb is empty (networking-stable-17_10_09).\n- tun: call dev_get_valid_name() before register_netdevice() (networking-stable-17_11_14).\n- ubi: Fix error for write access (bsc#1051510).\n- ubi: Fix race condition between ubi volume creation and udev (bsc#1051510).\n- ubi: Reject MLC NAND (bsc#1051510).\n- ubi: block: Fix locking for idr_alloc/idr_remove (bsc#1051510).\n- ubi: fastmap: Cancel work upon detach (bsc#1051510).\n- ubi: fastmap: Cancel work upon detach (bsc#1051510).\n- ubi: fastmap: Do not flush fastmap work on detach (bsc#1051510).\n- ubi: fastmap: Erase outdated anchor PEBs during attach (bsc#1051510).\n- ubifs: Check ubifs_wbuf_sync() return code (bsc#1052766).\n- ubifs: free the encrypted symlink target (bsc#1052766).\n- udf: Avoid overflow when session starts at large offset (bsc#1052766).\n- udf: Fix leak of UTF-16 surrogates into encoded strings (bsc#1052766).\n- usb: core: Add quirk for HP v222w 16GB Mini (bsc#1090888).\n- usb: quirks: add control message delay for 1b1c:1b20 (bsc#1087092).\n- usb: typec: ucsi: Fix for incorrect status data issue (bsc#1100132).\n- usb: typec: ucsi: Increase command completion timeout value (bsc#1090888).\n- usb: typec: ucsi: acpi: Workaround for cache mode issue (bsc#1100132).\n- usb: xhci: Disable slot even when virt-dev is null (bsc#1085539).\n- usb: xhci: Fix potential memory leak in xhci_disable_slot() (bsc#1085539).\n- usb: xhci: Make some static functions global ().\n- usbip: usbip_host: delete device from busid_table after rebind (bsc#1096480).\n- usbip: usbip_host: fix NULL-ptr deref and use-after-free errors (bsc#1096480).\n- usbip: usbip_host: fix bad unlock balance during stub_probe() (bsc#1096480).\n- usbip: usbip_host: fix to hold parent lock for device_attach() calls (bsc#1096480).\n- usbip: usbip_host: run rebind from exit when module is removed (bsc#1096480).\n- usbip: vudc: fix null pointer dereference on udc-\u003elock (bsc#1087092).\n- userns: Do not fail follow_automount based on s_user_ns (bsc#1099918).\n- vfb: fix video mode and line_length being set when loaded (bsc#1100362).\n- vfio: Use get_user_pages_longterm correctly (bsc#1095337).\n- vfio: disable filesystem-dax page pinning (bsc#1095337).\n- vfio: platform: Fix reset module leak in error path (bsc#1099918).\n- vhost: Fix vhost_copy_to_user() (networking-stable-18_04_13).\n- vhost: correctly remove wait queue during poll failure (networking-stable-18_04_10).\n- vhost: fix vhost_vq_access_ok() log check (networking-stable-18_04_13).\n- vhost: validate log when IOTLB is enabled (networking-stable-18_04_10).\n- vhost_net: add missing lock nesting notation (networking-stable-18_04_10).\n- vhost_net: stop device during reset owner (networking-stable-18_02_06).\n- video/fbdev/stifb: Return -ENOMEM after a failed kzalloc() in stifb_init_fb() (bsc#1090888 bsc#1099966).\n- video/hdmi: Allow \u0027empty\u0027 HDMI infoframes (bsc#1051510).\n- video: fbdev/mmp: add MODULE_LICENSE (bsc#1051510).\n- video: fbdev: atmel_lcdfb: fix display-timings lookup (bsc#1051510).\n- video: fbdev: aty: do not leak uninitialized padding in clk to userspace (bsc#1051510).\n- video: fbdev: au1200fb: Release some resources if a memory allocation fails (bsc#1051510).\n- video: fbdev: au1200fb: Return an error code if a memory allocation fails (bsc#1051510).\n- virtio-gpu: fix ioctl and expose the fixed status to userspace (bsc#1100382).\n- virtio: add ability to iterate over vqs (bsc#1051510).\n- virtio: release virtio index when fail to device_register (bsc#1051510).\n- virtio_console: do not tie bufs to a vq (bsc#1051510).\n- virtio_console: drop custom control queue cleanup (bsc#1051510).\n- virtio_console: free buffers after reset (bsc#1051510).\n- virtio_console: move removal code (bsc#1051510).\n- virtio_console: reset on out of memory (bsc#1051510).\n- virtio_net: fix adding vids on big-endian (networking-stable-18_04_26).\n- virtio_net: split out ctrl buffer (networking-stable-18_04_26).\n- virtio_ring: fix num_free handling in error case (bsc#1051510).\n- vlan: Fix reading memory beyond skb-\u003etail in skb_vlan_tagged_multi (networking-stable-18_04_26).\n- vlan: also check phy_driver ts_info for vlan\u0027s real device (networking-stable-18_04_10).\n- vlan: fix a use-after-free in vlan_device_event() (networking-stable-17_11_20).\n- vmw_balloon: fix inflation with batching (bsc#1051510).\n- vmw_balloon: fixing double free when batching mode is off (bsc#1051510).\n- vmxnet3: avoid xmit reset due to a race in vmxnet3 (bsc#1091860).\n- vmxnet3: fix incorrect dereference when rxvlan is disabled (bsc#1091860).\n- vmxnet3: increase default rx ring sizes (bsc#1091860).\n- vmxnet3: repair memory leak (bsc#1051510).\n- vmxnet3: set the DMA mask before the first DMA map operation (bsc#1091860).\n- vmxnet3: use DMA memory barriers where required (bsc#1091860).\n- vmxnet3: use correct flag to indicate LRO feature (bsc#1091860).\n- vrf: Fix use after free and double free in vrf_finish_output (networking-stable-18_04_10).\n- vt6655: Fix a possible sleep-in-atomic bug in vt6655_suspend (bsc#1051510).\n- vt: change SGR 21 to follow the standards (bsc#1051510).\n- vt: prevent leaking uninitialized data to userspace via /dev/vcs* (bsc#1051510).\n- vti6: Change minimum MTU to IPV4_MIN_MTU, vti6 can carry IPv4 too (bsc#1082869).\n- vti6: Fix dev-\u003emax_mtu setting (bsc#1082869).\n- vti6: Keep set MTU on link creation or change, validate it (bsc#1082869).\n- vti6: Properly adjust vti6 MTU from MTU of lower device (bsc#1082869).\n- vti6: better validate user provided tunnel names (networking-stable-18_04_10).\n- vti: fix use after free in vti_tunnel_xmit/vti6_tnl_xmit (bsc#1076830).\n- vxlan: fix the issue that neigh proxy blocks all icmpv6 packets (networking-stable-17_11_20).\n- w1: mxc_w1: Enable clock before calling clk_get_rate() on it (bsc#1051510).\n- wait: add wait_event_killable_timeout() (bsc#1099792).\n- watchdog: da9063: Fix setting/changing timeout (bsc#1100843).\n- watchdog: da9063: Fix timeout handling during probe (bsc#1100843).\n- watchdog: da9063: Fix updating timeout value (bsc#1100843).\n- watchdog: f71808e_wdt: Fix WD_EN register read (bsc#1051510).\n- watchdog: f71808e_wdt: Fix magic close handling (bsc#1051510).\n- watchdog: sp5100_tco: Fix watchdog disable bit (bsc#1051510).\n- wcn36xx: Fix dynamic power saving (bsc#1051510).\n- wcn36xx: Introduce mutual exclusion of fw configuration (bsc#1051510).\n- wl1251: check return from call to wl1251_acx_arp_ip_filter (bsc#1051510).\n- workqueue: Allow retrieval of current task\u0027s work struct (bsc#1051510).\n- workqueue: use put_device() instead of kfree() (bsc#1051510).\n- x86,sched: Allow topologies where NUMA nodes share an LLC (bsc#1091158).\n- x86/cpu_entry_area: Map also trace_idt_table (bsc#1089878).\n- x86/intel_rdt: Add command line parameter to control L2_CDP ().\n- x86/intel_rdt: Add two new resources for L2 Code and Data Prioritization (CDP) ().\n- x86/intel_rdt: Enable L2 CDP in MSR IA32_L2_QOS_CFG ().\n- x86/intel_rdt: Enumerate L2 Code and Data Prioritization (CDP) feature ().\n- x86/mm: add a function to check if a pfn is UC/UC-/WC (bsc#1087213).\n- x86/pkeys: Add arch_pkeys_enabled() (bsc#1078248).\n- x86/pkeys: Move vma_pkey() into asm/pkeys.h (bsc#1078248).\n- x86/pti: do not report XenPV as vulnerable (bsc#1097551).\n- x86/setup: Do not reserve a crash kernel region if booted on Xen PV (bsc#1085626).\n- x86/stacktrace: Clarify the reliable success paths (bnc#1058115).\n- x86/stacktrace: Do not fail for ORC with regs on stack (bnc#1058115).\n- x86/stacktrace: Do not unwind after user regs (bnc#1058115).\n- x86/stacktrace: Enable HAVE_RELIABLE_STACKTRACE for the ORC unwinder (bnc#1058115).\n- x86/stacktrace: Remove STACKTRACE_DUMP_ONCE (bnc#1058115).\n- x86/tsc: Future-proof native_calibrate_tsc() (bsc#1074873).\n- x86/unwind/orc: Detect the end of the stack (bnc#1058115).\n- xen/acpi: off by one in read_acpi_id() (bnc#1065600).\n- xen/netfront: raise max number of slots in xennet_get_responses() (bnc#1076049).\n- xen: do not print error message in case of missing Xenstore entry (bnc#1065600).\n- xhci: Add port status decoder for tracing purposes ().\n- xhci: Fix USB ports for Dell Inspiron 5775 (bsc#1090888).\n- xhci: add definitions for all port link states ().\n- xhci: add port speed ID to portsc tracing ().\n- xhci: add port status tracing ().\n- xhci: fix endpoint context tracer output (bsc#1087092).\n- xhci: workaround for AMD Promontory disabled ports wakeup (bsc#1087092).\n- xhci: zero usb device slot_id member when disabling and freeing a xhci slot (bsc#1090888).\n- xprtrdma: Fix list corruption / DMAR errors during MR recovery (git-fixes).\n- xprtrdma: Return -ENOBUFS when no pages are available (git-fixes).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-SLE-Module-Basesystem-15-2018-1420,SUSE-SLE-Module-Development-Tools-15-2018-1420,SUSE-SLE-Module-Legacy-15-2018-1420,SUSE-SLE-Module-Live-Patching-15-2018-1420,SUSE-SLE-Product-HA-15-2018-1420,SUSE-SLE-Product-WE-15-2018-1420",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2018_2092-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2018:2092-1",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20182092-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2018:2092-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2018-July/004334.html"
},
{
"category": "self",
"summary": "SUSE Bug 1046303",
"url": "https://bugzilla.suse.com/1046303"
},
{
"category": "self",
"summary": "SUSE Bug 1046305",
"url": "https://bugzilla.suse.com/1046305"
},
{
"category": "self",
"summary": "SUSE Bug 1046306",
"url": "https://bugzilla.suse.com/1046306"
},
{
"category": "self",
"summary": "SUSE Bug 1046307",
"url": "https://bugzilla.suse.com/1046307"
},
{
"category": "self",
"summary": "SUSE Bug 1046540",
"url": "https://bugzilla.suse.com/1046540"
},
{
"category": "self",
"summary": "SUSE Bug 1046542",
"url": "https://bugzilla.suse.com/1046542"
},
{
"category": "self",
"summary": "SUSE Bug 1046543",
"url": "https://bugzilla.suse.com/1046543"
},
{
"category": "self",
"summary": "SUSE Bug 1048129",
"url": "https://bugzilla.suse.com/1048129"
},
{
"category": "self",
"summary": "SUSE Bug 1050242",
"url": "https://bugzilla.suse.com/1050242"
},
{
"category": "self",
"summary": "SUSE Bug 1050252",
"url": "https://bugzilla.suse.com/1050252"
},
{
"category": "self",
"summary": "SUSE Bug 1050529",
"url": "https://bugzilla.suse.com/1050529"
},
{
"category": "self",
"summary": "SUSE Bug 1050536",
"url": "https://bugzilla.suse.com/1050536"
},
{
"category": "self",
"summary": "SUSE Bug 1050538",
"url": "https://bugzilla.suse.com/1050538"
},
{
"category": "self",
"summary": "SUSE Bug 1050545",
"url": "https://bugzilla.suse.com/1050545"
},
{
"category": "self",
"summary": "SUSE Bug 1050549",
"url": "https://bugzilla.suse.com/1050549"
},
{
"category": "self",
"summary": "SUSE Bug 1050662",
"url": "https://bugzilla.suse.com/1050662"
},
{
"category": "self",
"summary": "SUSE Bug 1051510",
"url": "https://bugzilla.suse.com/1051510"
},
{
"category": "self",
"summary": "SUSE Bug 1052766",
"url": "https://bugzilla.suse.com/1052766"
},
{
"category": "self",
"summary": "SUSE Bug 1055968",
"url": "https://bugzilla.suse.com/1055968"
},
{
"category": "self",
"summary": "SUSE Bug 1056427",
"url": "https://bugzilla.suse.com/1056427"
},
{
"category": "self",
"summary": "SUSE Bug 1056643",
"url": "https://bugzilla.suse.com/1056643"
},
{
"category": "self",
"summary": "SUSE Bug 1056651",
"url": "https://bugzilla.suse.com/1056651"
},
{
"category": "self",
"summary": "SUSE Bug 1056653",
"url": "https://bugzilla.suse.com/1056653"
},
{
"category": "self",
"summary": "SUSE Bug 1056657",
"url": "https://bugzilla.suse.com/1056657"
},
{
"category": "self",
"summary": "SUSE Bug 1056658",
"url": "https://bugzilla.suse.com/1056658"
},
{
"category": "self",
"summary": "SUSE Bug 1056662",
"url": "https://bugzilla.suse.com/1056662"
},
{
"category": "self",
"summary": "SUSE Bug 1056686",
"url": "https://bugzilla.suse.com/1056686"
},
{
"category": "self",
"summary": "SUSE Bug 1056787",
"url": "https://bugzilla.suse.com/1056787"
},
{
"category": "self",
"summary": "SUSE Bug 1058115",
"url": "https://bugzilla.suse.com/1058115"
},
{
"category": "self",
"summary": "SUSE Bug 1058513",
"url": "https://bugzilla.suse.com/1058513"
},
{
"category": "self",
"summary": "SUSE Bug 1058659",
"url": "https://bugzilla.suse.com/1058659"
},
{
"category": "self",
"summary": "SUSE Bug 1058717",
"url": "https://bugzilla.suse.com/1058717"
},
{
"category": "self",
"summary": "SUSE Bug 1060463",
"url": "https://bugzilla.suse.com/1060463"
},
{
"category": "self",
"summary": "SUSE Bug 1061024",
"url": "https://bugzilla.suse.com/1061024"
},
{
"category": "self",
"summary": "SUSE Bug 1061840",
"url": "https://bugzilla.suse.com/1061840"
},
{
"category": "self",
"summary": "SUSE Bug 1062897",
"url": "https://bugzilla.suse.com/1062897"
},
{
"category": "self",
"summary": "SUSE Bug 1064802",
"url": "https://bugzilla.suse.com/1064802"
},
{
"category": "self",
"summary": "SUSE Bug 1065600",
"url": "https://bugzilla.suse.com/1065600"
},
{
"category": "self",
"summary": "SUSE Bug 1066110",
"url": "https://bugzilla.suse.com/1066110"
},
{
"category": "self",
"summary": "SUSE Bug 1066129",
"url": "https://bugzilla.suse.com/1066129"
},
{
"category": "self",
"summary": "SUSE Bug 1068032",
"url": "https://bugzilla.suse.com/1068032"
},
{
"category": "self",
"summary": "SUSE Bug 1068054",
"url": "https://bugzilla.suse.com/1068054"
},
{
"category": "self",
"summary": "SUSE Bug 1071218",
"url": "https://bugzilla.suse.com/1071218"
},
{
"category": "self",
"summary": "SUSE Bug 1071995",
"url": "https://bugzilla.suse.com/1071995"
},
{
"category": "self",
"summary": "SUSE Bug 1072829",
"url": "https://bugzilla.suse.com/1072829"
},
{
"category": "self",
"summary": "SUSE Bug 1072856",
"url": "https://bugzilla.suse.com/1072856"
},
{
"category": "self",
"summary": "SUSE Bug 1073513",
"url": "https://bugzilla.suse.com/1073513"
},
{
"category": "self",
"summary": "SUSE Bug 1073765",
"url": "https://bugzilla.suse.com/1073765"
},
{
"category": "self",
"summary": "SUSE Bug 1073960",
"url": "https://bugzilla.suse.com/1073960"
},
{
"category": "self",
"summary": "SUSE Bug 1074562",
"url": "https://bugzilla.suse.com/1074562"
},
{
"category": "self",
"summary": "SUSE Bug 1074578",
"url": "https://bugzilla.suse.com/1074578"
},
{
"category": "self",
"summary": "SUSE Bug 1074701",
"url": "https://bugzilla.suse.com/1074701"
},
{
"category": "self",
"summary": "SUSE Bug 1074741",
"url": "https://bugzilla.suse.com/1074741"
},
{
"category": "self",
"summary": "SUSE Bug 1074873",
"url": "https://bugzilla.suse.com/1074873"
},
{
"category": "self",
"summary": "SUSE Bug 1074919",
"url": "https://bugzilla.suse.com/1074919"
},
{
"category": "self",
"summary": "SUSE Bug 1075006",
"url": "https://bugzilla.suse.com/1075006"
},
{
"category": "self",
"summary": "SUSE Bug 1075007",
"url": "https://bugzilla.suse.com/1075007"
},
{
"category": "self",
"summary": "SUSE Bug 1075262",
"url": "https://bugzilla.suse.com/1075262"
},
{
"category": "self",
"summary": "SUSE Bug 1075419",
"url": "https://bugzilla.suse.com/1075419"
},
{
"category": "self",
"summary": "SUSE Bug 1075748",
"url": "https://bugzilla.suse.com/1075748"
},
{
"category": "self",
"summary": "SUSE Bug 1075876",
"url": "https://bugzilla.suse.com/1075876"
},
{
"category": "self",
"summary": "SUSE Bug 1076049",
"url": "https://bugzilla.suse.com/1076049"
},
{
"category": "self",
"summary": "SUSE Bug 1076115",
"url": "https://bugzilla.suse.com/1076115"
},
{
"category": "self",
"summary": "SUSE Bug 1076372",
"url": "https://bugzilla.suse.com/1076372"
},
{
"category": "self",
"summary": "SUSE Bug 1076830",
"url": "https://bugzilla.suse.com/1076830"
},
{
"category": "self",
"summary": "SUSE Bug 1077338",
"url": "https://bugzilla.suse.com/1077338"
},
{
"category": "self",
"summary": "SUSE Bug 1078248",
"url": "https://bugzilla.suse.com/1078248"
},
{
"category": "self",
"summary": "SUSE Bug 1078353",
"url": "https://bugzilla.suse.com/1078353"
},
{
"category": "self",
"summary": "SUSE Bug 1079152",
"url": "https://bugzilla.suse.com/1079152"
},
{
"category": "self",
"summary": "SUSE Bug 1079747",
"url": "https://bugzilla.suse.com/1079747"
},
{
"category": "self",
"summary": "SUSE Bug 1080039",
"url": "https://bugzilla.suse.com/1080039"
},
{
"category": "self",
"summary": "SUSE Bug 1080542",
"url": "https://bugzilla.suse.com/1080542"
},
{
"category": "self",
"summary": "SUSE Bug 1081599",
"url": "https://bugzilla.suse.com/1081599"
},
{
"category": "self",
"summary": "SUSE Bug 1082485",
"url": "https://bugzilla.suse.com/1082485"
},
{
"category": "self",
"summary": "SUSE Bug 1082504",
"url": "https://bugzilla.suse.com/1082504"
},
{
"category": "self",
"summary": "SUSE Bug 1082869",
"url": "https://bugzilla.suse.com/1082869"
},
{
"category": "self",
"summary": "SUSE Bug 1082962",
"url": "https://bugzilla.suse.com/1082962"
},
{
"category": "self",
"summary": "SUSE Bug 1083647",
"url": "https://bugzilla.suse.com/1083647"
},
{
"category": "self",
"summary": "SUSE Bug 1083900",
"url": "https://bugzilla.suse.com/1083900"
},
{
"category": "self",
"summary": "SUSE Bug 1084001",
"url": "https://bugzilla.suse.com/1084001"
},
{
"category": "self",
"summary": "SUSE Bug 1084570",
"url": "https://bugzilla.suse.com/1084570"
},
{
"category": "self",
"summary": "SUSE Bug 1085308",
"url": "https://bugzilla.suse.com/1085308"
},
{
"category": "self",
"summary": "SUSE Bug 1085539",
"url": "https://bugzilla.suse.com/1085539"
},
{
"category": "self",
"summary": "SUSE Bug 1085626",
"url": "https://bugzilla.suse.com/1085626"
},
{
"category": "self",
"summary": "SUSE Bug 1085933",
"url": "https://bugzilla.suse.com/1085933"
},
{
"category": "self",
"summary": "SUSE Bug 1085936",
"url": "https://bugzilla.suse.com/1085936"
},
{
"category": "self",
"summary": "SUSE Bug 1085937",
"url": "https://bugzilla.suse.com/1085937"
},
{
"category": "self",
"summary": "SUSE Bug 1085938",
"url": "https://bugzilla.suse.com/1085938"
},
{
"category": "self",
"summary": "SUSE Bug 1085939",
"url": "https://bugzilla.suse.com/1085939"
},
{
"category": "self",
"summary": "SUSE Bug 1085941",
"url": "https://bugzilla.suse.com/1085941"
},
{
"category": "self",
"summary": "SUSE Bug 1086282",
"url": "https://bugzilla.suse.com/1086282"
},
{
"category": "self",
"summary": "SUSE Bug 1086283",
"url": "https://bugzilla.suse.com/1086283"
},
{
"category": "self",
"summary": "SUSE Bug 1086286",
"url": "https://bugzilla.suse.com/1086286"
},
{
"category": "self",
"summary": "SUSE Bug 1086288",
"url": "https://bugzilla.suse.com/1086288"
},
{
"category": "self",
"summary": "SUSE Bug 1086319",
"url": "https://bugzilla.suse.com/1086319"
},
{
"category": "self",
"summary": "SUSE Bug 1086323",
"url": "https://bugzilla.suse.com/1086323"
},
{
"category": "self",
"summary": "SUSE Bug 1086400",
"url": "https://bugzilla.suse.com/1086400"
},
{
"category": "self",
"summary": "SUSE Bug 1086652",
"url": "https://bugzilla.suse.com/1086652"
},
{
"category": "self",
"summary": "SUSE Bug 1086739",
"url": "https://bugzilla.suse.com/1086739"
},
{
"category": "self",
"summary": "SUSE Bug 1087078",
"url": "https://bugzilla.suse.com/1087078"
},
{
"category": "self",
"summary": "SUSE Bug 1087082",
"url": "https://bugzilla.suse.com/1087082"
},
{
"category": "self",
"summary": "SUSE Bug 1087084",
"url": "https://bugzilla.suse.com/1087084"
},
{
"category": "self",
"summary": "SUSE Bug 1087092",
"url": "https://bugzilla.suse.com/1087092"
},
{
"category": "self",
"summary": "SUSE Bug 1087205",
"url": "https://bugzilla.suse.com/1087205"
},
{
"category": "self",
"summary": "SUSE Bug 1087210",
"url": "https://bugzilla.suse.com/1087210"
},
{
"category": "self",
"summary": "SUSE Bug 1087213",
"url": "https://bugzilla.suse.com/1087213"
},
{
"category": "self",
"summary": "SUSE Bug 1087214",
"url": "https://bugzilla.suse.com/1087214"
},
{
"category": "self",
"summary": "SUSE Bug 1087284",
"url": "https://bugzilla.suse.com/1087284"
},
{
"category": "self",
"summary": "SUSE Bug 1087405",
"url": "https://bugzilla.suse.com/1087405"
},
{
"category": "self",
"summary": "SUSE Bug 1087458",
"url": "https://bugzilla.suse.com/1087458"
},
{
"category": "self",
"summary": "SUSE Bug 1087939",
"url": "https://bugzilla.suse.com/1087939"
},
{
"category": "self",
"summary": "SUSE Bug 1087978",
"url": "https://bugzilla.suse.com/1087978"
},
{
"category": "self",
"summary": "SUSE Bug 1088354",
"url": "https://bugzilla.suse.com/1088354"
},
{
"category": "self",
"summary": "SUSE Bug 1088690",
"url": "https://bugzilla.suse.com/1088690"
},
{
"category": "self",
"summary": "SUSE Bug 1088704",
"url": "https://bugzilla.suse.com/1088704"
},
{
"category": "self",
"summary": "SUSE Bug 1088722",
"url": "https://bugzilla.suse.com/1088722"
},
{
"category": "self",
"summary": "SUSE Bug 1088796",
"url": "https://bugzilla.suse.com/1088796"
},
{
"category": "self",
"summary": "SUSE Bug 1088804",
"url": "https://bugzilla.suse.com/1088804"
},
{
"category": "self",
"summary": "SUSE Bug 1088821",
"url": "https://bugzilla.suse.com/1088821"
},
{
"category": "self",
"summary": "SUSE Bug 1088866",
"url": "https://bugzilla.suse.com/1088866"
},
{
"category": "self",
"summary": "SUSE Bug 1089115",
"url": "https://bugzilla.suse.com/1089115"
},
{
"category": "self",
"summary": "SUSE Bug 1089268",
"url": "https://bugzilla.suse.com/1089268"
},
{
"category": "self",
"summary": "SUSE Bug 1089467",
"url": "https://bugzilla.suse.com/1089467"
},
{
"category": "self",
"summary": "SUSE Bug 1089608",
"url": "https://bugzilla.suse.com/1089608"
},
{
"category": "self",
"summary": "SUSE Bug 1089663",
"url": "https://bugzilla.suse.com/1089663"
},
{
"category": "self",
"summary": "SUSE Bug 1089664",
"url": "https://bugzilla.suse.com/1089664"
},
{
"category": "self",
"summary": "SUSE Bug 1089667",
"url": "https://bugzilla.suse.com/1089667"
},
{
"category": "self",
"summary": "SUSE Bug 1089669",
"url": "https://bugzilla.suse.com/1089669"
},
{
"category": "self",
"summary": "SUSE Bug 1089752",
"url": "https://bugzilla.suse.com/1089752"
},
{
"category": "self",
"summary": "SUSE Bug 1089753",
"url": "https://bugzilla.suse.com/1089753"
},
{
"category": "self",
"summary": "SUSE Bug 1089878",
"url": "https://bugzilla.suse.com/1089878"
},
{
"category": "self",
"summary": "SUSE Bug 1090150",
"url": "https://bugzilla.suse.com/1090150"
},
{
"category": "self",
"summary": "SUSE Bug 1090457",
"url": "https://bugzilla.suse.com/1090457"
},
{
"category": "self",
"summary": "SUSE Bug 1090605",
"url": "https://bugzilla.suse.com/1090605"
},
{
"category": "self",
"summary": "SUSE Bug 1090643",
"url": "https://bugzilla.suse.com/1090643"
},
{
"category": "self",
"summary": "SUSE Bug 1090646",
"url": "https://bugzilla.suse.com/1090646"
},
{
"category": "self",
"summary": "SUSE Bug 1090658",
"url": "https://bugzilla.suse.com/1090658"
},
{
"category": "self",
"summary": "SUSE Bug 1090734",
"url": "https://bugzilla.suse.com/1090734"
},
{
"category": "self",
"summary": "SUSE Bug 1090888",
"url": "https://bugzilla.suse.com/1090888"
},
{
"category": "self",
"summary": "SUSE Bug 1090953",
"url": "https://bugzilla.suse.com/1090953"
},
{
"category": "self",
"summary": "SUSE Bug 1091158",
"url": "https://bugzilla.suse.com/1091158"
},
{
"category": "self",
"summary": "SUSE Bug 1091171",
"url": "https://bugzilla.suse.com/1091171"
},
{
"category": "self",
"summary": "SUSE Bug 1091424",
"url": "https://bugzilla.suse.com/1091424"
},
{
"category": "self",
"summary": "SUSE Bug 1091594",
"url": "https://bugzilla.suse.com/1091594"
},
{
"category": "self",
"summary": "SUSE Bug 1091666",
"url": "https://bugzilla.suse.com/1091666"
},
{
"category": "self",
"summary": "SUSE Bug 1091678",
"url": "https://bugzilla.suse.com/1091678"
},
{
"category": "self",
"summary": "SUSE Bug 1091686",
"url": "https://bugzilla.suse.com/1091686"
},
{
"category": "self",
"summary": "SUSE Bug 1091781",
"url": "https://bugzilla.suse.com/1091781"
},
{
"category": "self",
"summary": "SUSE Bug 1091782",
"url": "https://bugzilla.suse.com/1091782"
},
{
"category": "self",
"summary": "SUSE Bug 1091815",
"url": "https://bugzilla.suse.com/1091815"
},
{
"category": "self",
"summary": "SUSE Bug 1091860",
"url": "https://bugzilla.suse.com/1091860"
},
{
"category": "self",
"summary": "SUSE Bug 1091960",
"url": "https://bugzilla.suse.com/1091960"
},
{
"category": "self",
"summary": "SUSE Bug 1092100",
"url": "https://bugzilla.suse.com/1092100"
},
{
"category": "self",
"summary": "SUSE Bug 1092472",
"url": "https://bugzilla.suse.com/1092472"
},
{
"category": "self",
"summary": "SUSE Bug 1092710",
"url": "https://bugzilla.suse.com/1092710"
},
{
"category": "self",
"summary": "SUSE Bug 1092772",
"url": "https://bugzilla.suse.com/1092772"
},
{
"category": "self",
"summary": "SUSE Bug 1092888",
"url": "https://bugzilla.suse.com/1092888"
},
{
"category": "self",
"summary": "SUSE Bug 1092904",
"url": "https://bugzilla.suse.com/1092904"
},
{
"category": "self",
"summary": "SUSE Bug 1092975",
"url": "https://bugzilla.suse.com/1092975"
},
{
"category": "self",
"summary": "SUSE Bug 1093023",
"url": "https://bugzilla.suse.com/1093023"
},
{
"category": "self",
"summary": "SUSE Bug 1093027",
"url": "https://bugzilla.suse.com/1093027"
},
{
"category": "self",
"summary": "SUSE Bug 1093035",
"url": "https://bugzilla.suse.com/1093035"
},
{
"category": "self",
"summary": "SUSE Bug 1093118",
"url": "https://bugzilla.suse.com/1093118"
},
{
"category": "self",
"summary": "SUSE Bug 1093148",
"url": "https://bugzilla.suse.com/1093148"
},
{
"category": "self",
"summary": "SUSE Bug 1093158",
"url": "https://bugzilla.suse.com/1093158"
},
{
"category": "self",
"summary": "SUSE Bug 1093184",
"url": "https://bugzilla.suse.com/1093184"
},
{
"category": "self",
"summary": "SUSE Bug 1093205",
"url": "https://bugzilla.suse.com/1093205"
},
{
"category": "self",
"summary": "SUSE Bug 1093273",
"url": "https://bugzilla.suse.com/1093273"
},
{
"category": "self",
"summary": "SUSE Bug 1093290",
"url": "https://bugzilla.suse.com/1093290"
},
{
"category": "self",
"summary": "SUSE Bug 1093604",
"url": "https://bugzilla.suse.com/1093604"
},
{
"category": "self",
"summary": "SUSE Bug 1093641",
"url": "https://bugzilla.suse.com/1093641"
},
{
"category": "self",
"summary": "SUSE Bug 1093649",
"url": "https://bugzilla.suse.com/1093649"
},
{
"category": "self",
"summary": "SUSE Bug 1093653",
"url": "https://bugzilla.suse.com/1093653"
},
{
"category": "self",
"summary": "SUSE Bug 1093655",
"url": "https://bugzilla.suse.com/1093655"
},
{
"category": "self",
"summary": "SUSE Bug 1093657",
"url": "https://bugzilla.suse.com/1093657"
},
{
"category": "self",
"summary": "SUSE Bug 1093663",
"url": "https://bugzilla.suse.com/1093663"
},
{
"category": "self",
"summary": "SUSE Bug 1093721",
"url": "https://bugzilla.suse.com/1093721"
},
{
"category": "self",
"summary": "SUSE Bug 1093728",
"url": "https://bugzilla.suse.com/1093728"
},
{
"category": "self",
"summary": "SUSE Bug 1093904",
"url": "https://bugzilla.suse.com/1093904"
},
{
"category": "self",
"summary": "SUSE Bug 1093990",
"url": "https://bugzilla.suse.com/1093990"
},
{
"category": "self",
"summary": "SUSE Bug 1094244",
"url": "https://bugzilla.suse.com/1094244"
},
{
"category": "self",
"summary": "SUSE Bug 1094356",
"url": "https://bugzilla.suse.com/1094356"
},
{
"category": "self",
"summary": "SUSE Bug 1094420",
"url": "https://bugzilla.suse.com/1094420"
},
{
"category": "self",
"summary": "SUSE Bug 1094541",
"url": "https://bugzilla.suse.com/1094541"
},
{
"category": "self",
"summary": "SUSE Bug 1094575",
"url": "https://bugzilla.suse.com/1094575"
},
{
"category": "self",
"summary": "SUSE Bug 1094751",
"url": "https://bugzilla.suse.com/1094751"
},
{
"category": "self",
"summary": "SUSE Bug 1094825",
"url": "https://bugzilla.suse.com/1094825"
},
{
"category": "self",
"summary": "SUSE Bug 1094840",
"url": "https://bugzilla.suse.com/1094840"
},
{
"category": "self",
"summary": "SUSE Bug 1094912",
"url": "https://bugzilla.suse.com/1094912"
},
{
"category": "self",
"summary": "SUSE Bug 1094978",
"url": "https://bugzilla.suse.com/1094978"
},
{
"category": "self",
"summary": "SUSE Bug 1095042",
"url": "https://bugzilla.suse.com/1095042"
},
{
"category": "self",
"summary": "SUSE Bug 1095094",
"url": "https://bugzilla.suse.com/1095094"
},
{
"category": "self",
"summary": "SUSE Bug 1095115",
"url": "https://bugzilla.suse.com/1095115"
},
{
"category": "self",
"summary": "SUSE Bug 1095155",
"url": "https://bugzilla.suse.com/1095155"
},
{
"category": "self",
"summary": "SUSE Bug 1095265",
"url": "https://bugzilla.suse.com/1095265"
},
{
"category": "self",
"summary": "SUSE Bug 1095321",
"url": "https://bugzilla.suse.com/1095321"
},
{
"category": "self",
"summary": "SUSE Bug 1095337",
"url": "https://bugzilla.suse.com/1095337"
},
{
"category": "self",
"summary": "SUSE Bug 1095467",
"url": "https://bugzilla.suse.com/1095467"
},
{
"category": "self",
"summary": "SUSE Bug 1095573",
"url": "https://bugzilla.suse.com/1095573"
},
{
"category": "self",
"summary": "SUSE Bug 1095735",
"url": "https://bugzilla.suse.com/1095735"
},
{
"category": "self",
"summary": "SUSE Bug 1095893",
"url": "https://bugzilla.suse.com/1095893"
},
{
"category": "self",
"summary": "SUSE Bug 1096065",
"url": "https://bugzilla.suse.com/1096065"
},
{
"category": "self",
"summary": "SUSE Bug 1096480",
"url": "https://bugzilla.suse.com/1096480"
},
{
"category": "self",
"summary": "SUSE Bug 1096529",
"url": "https://bugzilla.suse.com/1096529"
},
{
"category": "self",
"summary": "SUSE Bug 1096696",
"url": "https://bugzilla.suse.com/1096696"
},
{
"category": "self",
"summary": "SUSE Bug 1096705",
"url": "https://bugzilla.suse.com/1096705"
},
{
"category": "self",
"summary": "SUSE Bug 1096728",
"url": "https://bugzilla.suse.com/1096728"
},
{
"category": "self",
"summary": "SUSE Bug 1096753",
"url": "https://bugzilla.suse.com/1096753"
},
{
"category": "self",
"summary": "SUSE Bug 1096790",
"url": "https://bugzilla.suse.com/1096790"
},
{
"category": "self",
"summary": "SUSE Bug 1096793",
"url": "https://bugzilla.suse.com/1096793"
},
{
"category": "self",
"summary": "SUSE Bug 1097034",
"url": "https://bugzilla.suse.com/1097034"
},
{
"category": "self",
"summary": "SUSE Bug 1097105",
"url": "https://bugzilla.suse.com/1097105"
},
{
"category": "self",
"summary": "SUSE Bug 1097234",
"url": "https://bugzilla.suse.com/1097234"
},
{
"category": "self",
"summary": "SUSE Bug 1097356",
"url": "https://bugzilla.suse.com/1097356"
},
{
"category": "self",
"summary": "SUSE Bug 1097373",
"url": "https://bugzilla.suse.com/1097373"
},
{
"category": "self",
"summary": "SUSE Bug 1097439",
"url": "https://bugzilla.suse.com/1097439"
},
{
"category": "self",
"summary": "SUSE Bug 1097465",
"url": "https://bugzilla.suse.com/1097465"
},
{
"category": "self",
"summary": "SUSE Bug 1097468",
"url": "https://bugzilla.suse.com/1097468"
},
{
"category": "self",
"summary": "SUSE Bug 1097470",
"url": "https://bugzilla.suse.com/1097470"
},
{
"category": "self",
"summary": "SUSE Bug 1097471",
"url": "https://bugzilla.suse.com/1097471"
},
{
"category": "self",
"summary": "SUSE Bug 1097472",
"url": "https://bugzilla.suse.com/1097472"
},
{
"category": "self",
"summary": "SUSE Bug 1097551",
"url": "https://bugzilla.suse.com/1097551"
},
{
"category": "self",
"summary": "SUSE Bug 1097780",
"url": "https://bugzilla.suse.com/1097780"
},
{
"category": "self",
"summary": "SUSE Bug 1097796",
"url": "https://bugzilla.suse.com/1097796"
},
{
"category": "self",
"summary": "SUSE Bug 1097800",
"url": "https://bugzilla.suse.com/1097800"
},
{
"category": "self",
"summary": "SUSE Bug 1097941",
"url": "https://bugzilla.suse.com/1097941"
},
{
"category": "self",
"summary": "SUSE Bug 1097961",
"url": "https://bugzilla.suse.com/1097961"
},
{
"category": "self",
"summary": "SUSE Bug 1098016",
"url": "https://bugzilla.suse.com/1098016"
},
{
"category": "self",
"summary": "SUSE Bug 1098043",
"url": "https://bugzilla.suse.com/1098043"
},
{
"category": "self",
"summary": "SUSE Bug 1098050",
"url": "https://bugzilla.suse.com/1098050"
},
{
"category": "self",
"summary": "SUSE Bug 1098174",
"url": "https://bugzilla.suse.com/1098174"
},
{
"category": "self",
"summary": "SUSE Bug 1098176",
"url": "https://bugzilla.suse.com/1098176"
},
{
"category": "self",
"summary": "SUSE Bug 1098236",
"url": "https://bugzilla.suse.com/1098236"
},
{
"category": "self",
"summary": "SUSE Bug 1098401",
"url": "https://bugzilla.suse.com/1098401"
},
{
"category": "self",
"summary": "SUSE Bug 1098425",
"url": "https://bugzilla.suse.com/1098425"
},
{
"category": "self",
"summary": "SUSE Bug 1098435",
"url": "https://bugzilla.suse.com/1098435"
},
{
"category": "self",
"summary": "SUSE Bug 1098599",
"url": "https://bugzilla.suse.com/1098599"
},
{
"category": "self",
"summary": "SUSE Bug 1098626",
"url": "https://bugzilla.suse.com/1098626"
},
{
"category": "self",
"summary": "SUSE Bug 1098706",
"url": "https://bugzilla.suse.com/1098706"
},
{
"category": "self",
"summary": "SUSE Bug 1098983",
"url": "https://bugzilla.suse.com/1098983"
},
{
"category": "self",
"summary": "SUSE Bug 1098995",
"url": "https://bugzilla.suse.com/1098995"
},
{
"category": "self",
"summary": "SUSE Bug 1099029",
"url": "https://bugzilla.suse.com/1099029"
},
{
"category": "self",
"summary": "SUSE Bug 1099041",
"url": "https://bugzilla.suse.com/1099041"
},
{
"category": "self",
"summary": "SUSE Bug 1099109",
"url": "https://bugzilla.suse.com/1099109"
},
{
"category": "self",
"summary": "SUSE Bug 1099142",
"url": "https://bugzilla.suse.com/1099142"
},
{
"category": "self",
"summary": "SUSE Bug 1099183",
"url": "https://bugzilla.suse.com/1099183"
},
{
"category": "self",
"summary": "SUSE Bug 1099715",
"url": "https://bugzilla.suse.com/1099715"
},
{
"category": "self",
"summary": "SUSE Bug 1099792",
"url": "https://bugzilla.suse.com/1099792"
},
{
"category": "self",
"summary": "SUSE Bug 1099918",
"url": "https://bugzilla.suse.com/1099918"
},
{
"category": "self",
"summary": "SUSE Bug 1099924",
"url": "https://bugzilla.suse.com/1099924"
},
{
"category": "self",
"summary": "SUSE Bug 1099966",
"url": "https://bugzilla.suse.com/1099966"
},
{
"category": "self",
"summary": "SUSE Bug 1100132",
"url": "https://bugzilla.suse.com/1100132"
},
{
"category": "self",
"summary": "SUSE Bug 1100209",
"url": "https://bugzilla.suse.com/1100209"
},
{
"category": "self",
"summary": "SUSE Bug 1100340",
"url": "https://bugzilla.suse.com/1100340"
},
{
"category": "self",
"summary": "SUSE Bug 1100362",
"url": "https://bugzilla.suse.com/1100362"
},
{
"category": "self",
"summary": "SUSE Bug 1100382",
"url": "https://bugzilla.suse.com/1100382"
},
{
"category": "self",
"summary": "SUSE Bug 1100394",
"url": "https://bugzilla.suse.com/1100394"
},
{
"category": "self",
"summary": "SUSE Bug 1100416",
"url": "https://bugzilla.suse.com/1100416"
},
{
"category": "self",
"summary": "SUSE Bug 1100418",
"url": "https://bugzilla.suse.com/1100418"
},
{
"category": "self",
"summary": "SUSE Bug 1100491",
"url": "https://bugzilla.suse.com/1100491"
},
{
"category": "self",
"summary": "SUSE Bug 1100602",
"url": "https://bugzilla.suse.com/1100602"
},
{
"category": "self",
"summary": "SUSE Bug 1100633",
"url": "https://bugzilla.suse.com/1100633"
},
{
"category": "self",
"summary": "SUSE Bug 1100843",
"url": "https://bugzilla.suse.com/1100843"
},
{
"category": "self",
"summary": "SUSE Bug 1101296",
"url": "https://bugzilla.suse.com/1101296"
},
{
"category": "self",
"summary": "SUSE Bug 1101315",
"url": "https://bugzilla.suse.com/1101315"
},
{
"category": "self",
"summary": "SUSE Bug 1101324",
"url": "https://bugzilla.suse.com/1101324"
},
{
"category": "self",
"summary": "SUSE Bug 971975",
"url": "https://bugzilla.suse.com/971975"
},
{
"category": "self",
"summary": "SUSE Bug 975772",
"url": "https://bugzilla.suse.com/975772"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-5715 page",
"url": "https://www.suse.com/security/cve/CVE-2017-5715/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-5753 page",
"url": "https://www.suse.com/security/cve/CVE-2017-5753/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-1000200 page",
"url": "https://www.suse.com/security/cve/CVE-2018-1000200/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-1000204 page",
"url": "https://www.suse.com/security/cve/CVE-2018-1000204/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-10087 page",
"url": "https://www.suse.com/security/cve/CVE-2018-10087/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-10124 page",
"url": "https://www.suse.com/security/cve/CVE-2018-10124/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-1092 page",
"url": "https://www.suse.com/security/cve/CVE-2018-1092/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-1093 page",
"url": "https://www.suse.com/security/cve/CVE-2018-1093/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-1094 page",
"url": "https://www.suse.com/security/cve/CVE-2018-1094/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-1118 page",
"url": "https://www.suse.com/security/cve/CVE-2018-1118/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-1120 page",
"url": "https://www.suse.com/security/cve/CVE-2018-1120/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-1130 page",
"url": "https://www.suse.com/security/cve/CVE-2018-1130/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-12233 page",
"url": "https://www.suse.com/security/cve/CVE-2018-12233/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-13053 page",
"url": "https://www.suse.com/security/cve/CVE-2018-13053/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-13405 page",
"url": "https://www.suse.com/security/cve/CVE-2018-13405/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-13406 page",
"url": "https://www.suse.com/security/cve/CVE-2018-13406/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-3639 page",
"url": "https://www.suse.com/security/cve/CVE-2018-3639/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-5803 page",
"url": "https://www.suse.com/security/cve/CVE-2018-5803/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-5848 page",
"url": "https://www.suse.com/security/cve/CVE-2018-5848/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-7492 page",
"url": "https://www.suse.com/security/cve/CVE-2018-7492/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-8781 page",
"url": "https://www.suse.com/security/cve/CVE-2018-8781/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-9385 page",
"url": "https://www.suse.com/security/cve/CVE-2018-9385/"
}
],
"title": "Security update for the Linux Kernel",
"tracking": {
"current_release_date": "2018-07-27T13:37:02Z",
"generator": {
"date": "2018-07-27T13:37:02Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2018:2092-1",
"initial_release_date": "2018-07-27T13:37:02Z",
"revision_history": [
{
"date": "2018-07-27T13:37:02Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "kernel-default-4.12.14-25.3.1.aarch64",
"product": {
"name": "kernel-default-4.12.14-25.3.1.aarch64",
"product_id": "kernel-default-4.12.14-25.3.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-default-devel-4.12.14-25.3.1.aarch64",
"product": {
"name": "kernel-default-devel-4.12.14-25.3.1.aarch64",
"product_id": "kernel-default-devel-4.12.14-25.3.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-obs-build-4.12.14-25.3.1.aarch64",
"product": {
"name": "kernel-obs-build-4.12.14-25.3.1.aarch64",
"product_id": "kernel-obs-build-4.12.14-25.3.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-syms-4.12.14-25.3.1.aarch64",
"product": {
"name": "kernel-syms-4.12.14-25.3.1.aarch64",
"product_id": "kernel-syms-4.12.14-25.3.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-vanilla-base-4.12.14-25.3.1.aarch64",
"product": {
"name": "kernel-vanilla-base-4.12.14-25.3.1.aarch64",
"product_id": "kernel-vanilla-base-4.12.14-25.3.1.aarch64"
}
},
{
"category": "product_version",
"name": "reiserfs-kmp-default-4.12.14-25.3.1.aarch64",
"product": {
"name": "reiserfs-kmp-default-4.12.14-25.3.1.aarch64",
"product_id": "reiserfs-kmp-default-4.12.14-25.3.1.aarch64"
}
},
{
"category": "product_version",
"name": "cluster-md-kmp-default-4.12.14-25.3.1.aarch64",
"product": {
"name": "cluster-md-kmp-default-4.12.14-25.3.1.aarch64",
"product_id": "cluster-md-kmp-default-4.12.14-25.3.1.aarch64"
}
},
{
"category": "product_version",
"name": "dlm-kmp-default-4.12.14-25.3.1.aarch64",
"product": {
"name": "dlm-kmp-default-4.12.14-25.3.1.aarch64",
"product_id": "dlm-kmp-default-4.12.14-25.3.1.aarch64"
}
},
{
"category": "product_version",
"name": "gfs2-kmp-default-4.12.14-25.3.1.aarch64",
"product": {
"name": "gfs2-kmp-default-4.12.14-25.3.1.aarch64",
"product_id": "gfs2-kmp-default-4.12.14-25.3.1.aarch64"
}
},
{
"category": "product_version",
"name": "ocfs2-kmp-default-4.12.14-25.3.1.aarch64",
"product": {
"name": "ocfs2-kmp-default-4.12.14-25.3.1.aarch64",
"product_id": "ocfs2-kmp-default-4.12.14-25.3.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-devel-4.12.14-25.3.1.noarch",
"product": {
"name": "kernel-devel-4.12.14-25.3.1.noarch",
"product_id": "kernel-devel-4.12.14-25.3.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-macros-4.12.14-25.3.1.noarch",
"product": {
"name": "kernel-macros-4.12.14-25.3.1.noarch",
"product_id": "kernel-macros-4.12.14-25.3.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-docs-4.12.14-25.3.1.noarch",
"product": {
"name": "kernel-docs-4.12.14-25.3.1.noarch",
"product_id": "kernel-docs-4.12.14-25.3.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-source-4.12.14-25.3.1.noarch",
"product": {
"name": "kernel-source-4.12.14-25.3.1.noarch",
"product_id": "kernel-source-4.12.14-25.3.1.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-default-4.12.14-25.3.1.ppc64le",
"product": {
"name": "kernel-default-4.12.14-25.3.1.ppc64le",
"product_id": "kernel-default-4.12.14-25.3.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-default-devel-4.12.14-25.3.1.ppc64le",
"product": {
"name": "kernel-default-devel-4.12.14-25.3.1.ppc64le",
"product_id": "kernel-default-devel-4.12.14-25.3.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-obs-build-4.12.14-25.3.1.ppc64le",
"product": {
"name": "kernel-obs-build-4.12.14-25.3.1.ppc64le",
"product_id": "kernel-obs-build-4.12.14-25.3.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-syms-4.12.14-25.3.1.ppc64le",
"product": {
"name": "kernel-syms-4.12.14-25.3.1.ppc64le",
"product_id": "kernel-syms-4.12.14-25.3.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-vanilla-base-4.12.14-25.3.1.ppc64le",
"product": {
"name": "kernel-vanilla-base-4.12.14-25.3.1.ppc64le",
"product_id": "kernel-vanilla-base-4.12.14-25.3.1.ppc64le"
}
},
{
"category": "product_version",
"name": "reiserfs-kmp-default-4.12.14-25.3.1.ppc64le",
"product": {
"name": "reiserfs-kmp-default-4.12.14-25.3.1.ppc64le",
"product_id": "reiserfs-kmp-default-4.12.14-25.3.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-default-livepatch-4.12.14-25.3.1.ppc64le",
"product": {
"name": "kernel-default-livepatch-4.12.14-25.3.1.ppc64le",
"product_id": "kernel-default-livepatch-4.12.14-25.3.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-livepatch-4_12_14-25_3-default-1-1.3.1.ppc64le",
"product": {
"name": "kernel-livepatch-4_12_14-25_3-default-1-1.3.1.ppc64le",
"product_id": "kernel-livepatch-4_12_14-25_3-default-1-1.3.1.ppc64le"
}
},
{
"category": "product_version",
"name": "cluster-md-kmp-default-4.12.14-25.3.1.ppc64le",
"product": {
"name": "cluster-md-kmp-default-4.12.14-25.3.1.ppc64le",
"product_id": "cluster-md-kmp-default-4.12.14-25.3.1.ppc64le"
}
},
{
"category": "product_version",
"name": "dlm-kmp-default-4.12.14-25.3.1.ppc64le",
"product": {
"name": "dlm-kmp-default-4.12.14-25.3.1.ppc64le",
"product_id": "dlm-kmp-default-4.12.14-25.3.1.ppc64le"
}
},
{
"category": "product_version",
"name": "gfs2-kmp-default-4.12.14-25.3.1.ppc64le",
"product": {
"name": "gfs2-kmp-default-4.12.14-25.3.1.ppc64le",
"product_id": "gfs2-kmp-default-4.12.14-25.3.1.ppc64le"
}
},
{
"category": "product_version",
"name": "ocfs2-kmp-default-4.12.14-25.3.1.ppc64le",
"product": {
"name": "ocfs2-kmp-default-4.12.14-25.3.1.ppc64le",
"product_id": "ocfs2-kmp-default-4.12.14-25.3.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-default-4.12.14-25.3.1.s390x",
"product": {
"name": "kernel-default-4.12.14-25.3.1.s390x",
"product_id": "kernel-default-4.12.14-25.3.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-default-devel-4.12.14-25.3.1.s390x",
"product": {
"name": "kernel-default-devel-4.12.14-25.3.1.s390x",
"product_id": "kernel-default-devel-4.12.14-25.3.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-default-man-4.12.14-25.3.1.s390x",
"product": {
"name": "kernel-default-man-4.12.14-25.3.1.s390x",
"product_id": "kernel-default-man-4.12.14-25.3.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-zfcpdump-4.12.14-25.3.1.s390x",
"product": {
"name": "kernel-zfcpdump-4.12.14-25.3.1.s390x",
"product_id": "kernel-zfcpdump-4.12.14-25.3.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-obs-build-4.12.14-25.3.1.s390x",
"product": {
"name": "kernel-obs-build-4.12.14-25.3.1.s390x",
"product_id": "kernel-obs-build-4.12.14-25.3.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-syms-4.12.14-25.3.1.s390x",
"product": {
"name": "kernel-syms-4.12.14-25.3.1.s390x",
"product_id": "kernel-syms-4.12.14-25.3.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-vanilla-base-4.12.14-25.3.1.s390x",
"product": {
"name": "kernel-vanilla-base-4.12.14-25.3.1.s390x",
"product_id": "kernel-vanilla-base-4.12.14-25.3.1.s390x"
}
},
{
"category": "product_version",
"name": "reiserfs-kmp-default-4.12.14-25.3.1.s390x",
"product": {
"name": "reiserfs-kmp-default-4.12.14-25.3.1.s390x",
"product_id": "reiserfs-kmp-default-4.12.14-25.3.1.s390x"
}
},
{
"category": "product_version",
"name": "cluster-md-kmp-default-4.12.14-25.3.1.s390x",
"product": {
"name": "cluster-md-kmp-default-4.12.14-25.3.1.s390x",
"product_id": "cluster-md-kmp-default-4.12.14-25.3.1.s390x"
}
},
{
"category": "product_version",
"name": "dlm-kmp-default-4.12.14-25.3.1.s390x",
"product": {
"name": "dlm-kmp-default-4.12.14-25.3.1.s390x",
"product_id": "dlm-kmp-default-4.12.14-25.3.1.s390x"
}
},
{
"category": "product_version",
"name": "gfs2-kmp-default-4.12.14-25.3.1.s390x",
"product": {
"name": "gfs2-kmp-default-4.12.14-25.3.1.s390x",
"product_id": "gfs2-kmp-default-4.12.14-25.3.1.s390x"
}
},
{
"category": "product_version",
"name": "ocfs2-kmp-default-4.12.14-25.3.1.s390x",
"product": {
"name": "ocfs2-kmp-default-4.12.14-25.3.1.s390x",
"product_id": "ocfs2-kmp-default-4.12.14-25.3.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-default-4.12.14-25.3.1.x86_64",
"product": {
"name": "kernel-default-4.12.14-25.3.1.x86_64",
"product_id": "kernel-default-4.12.14-25.3.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-devel-4.12.14-25.3.1.x86_64",
"product": {
"name": "kernel-default-devel-4.12.14-25.3.1.x86_64",
"product_id": "kernel-default-devel-4.12.14-25.3.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-obs-build-4.12.14-25.3.1.x86_64",
"product": {
"name": "kernel-obs-build-4.12.14-25.3.1.x86_64",
"product_id": "kernel-obs-build-4.12.14-25.3.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-syms-4.12.14-25.3.1.x86_64",
"product": {
"name": "kernel-syms-4.12.14-25.3.1.x86_64",
"product_id": "kernel-syms-4.12.14-25.3.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-vanilla-base-4.12.14-25.3.1.x86_64",
"product": {
"name": "kernel-vanilla-base-4.12.14-25.3.1.x86_64",
"product_id": "kernel-vanilla-base-4.12.14-25.3.1.x86_64"
}
},
{
"category": "product_version",
"name": "reiserfs-kmp-default-4.12.14-25.3.1.x86_64",
"product": {
"name": "reiserfs-kmp-default-4.12.14-25.3.1.x86_64",
"product_id": "reiserfs-kmp-default-4.12.14-25.3.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-livepatch-4.12.14-25.3.1.x86_64",
"product": {
"name": "kernel-default-livepatch-4.12.14-25.3.1.x86_64",
"product_id": "kernel-default-livepatch-4.12.14-25.3.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-livepatch-4_12_14-25_3-default-1-1.3.1.x86_64",
"product": {
"name": "kernel-livepatch-4_12_14-25_3-default-1-1.3.1.x86_64",
"product_id": "kernel-livepatch-4_12_14-25_3-default-1-1.3.1.x86_64"
}
},
{
"category": "product_version",
"name": "cluster-md-kmp-default-4.12.14-25.3.1.x86_64",
"product": {
"name": "cluster-md-kmp-default-4.12.14-25.3.1.x86_64",
"product_id": "cluster-md-kmp-default-4.12.14-25.3.1.x86_64"
}
},
{
"category": "product_version",
"name": "dlm-kmp-default-4.12.14-25.3.1.x86_64",
"product": {
"name": "dlm-kmp-default-4.12.14-25.3.1.x86_64",
"product_id": "dlm-kmp-default-4.12.14-25.3.1.x86_64"
}
},
{
"category": "product_version",
"name": "gfs2-kmp-default-4.12.14-25.3.1.x86_64",
"product": {
"name": "gfs2-kmp-default-4.12.14-25.3.1.x86_64",
"product_id": "gfs2-kmp-default-4.12.14-25.3.1.x86_64"
}
},
{
"category": "product_version",
"name": "ocfs2-kmp-default-4.12.14-25.3.1.x86_64",
"product": {
"name": "ocfs2-kmp-default-4.12.14-25.3.1.x86_64",
"product_id": "ocfs2-kmp-default-4.12.14-25.3.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-extra-4.12.14-25.3.1.x86_64",
"product": {
"name": "kernel-default-extra-4.12.14-25.3.1.x86_64",
"product_id": "kernel-default-extra-4.12.14-25.3.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Module for Basesystem 15",
"product": {
"name": "SUSE Linux Enterprise Module for Basesystem 15",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-basesystem:15"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Module for Development Tools 15",
"product": {
"name": "SUSE Linux Enterprise Module for Development Tools 15",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-development-tools:15"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Module for Legacy 15",
"product": {
"name": "SUSE Linux Enterprise Module for Legacy 15",
"product_id": "SUSE Linux Enterprise Module for Legacy 15",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-legacy:15"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Live Patching 15",
"product": {
"name": "SUSE Linux Enterprise Live Patching 15",
"product_id": "SUSE Linux Enterprise Live Patching 15",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-live-patching:15"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise High Availability Extension 15",
"product": {
"name": "SUSE Linux Enterprise High Availability Extension 15",
"product_id": "SUSE Linux Enterprise High Availability Extension 15",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-ha:15"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Workstation Extension 15",
"product": {
"name": "SUSE Linux Enterprise Workstation Extension 15",
"product_id": "SUSE Linux Enterprise Workstation Extension 15",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-we:15"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-4.12.14-25.3.1.aarch64 as component of SUSE Linux Enterprise Module for Basesystem 15",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.3.1.aarch64"
},
"product_reference": "kernel-default-4.12.14-25.3.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-4.12.14-25.3.1.ppc64le as component of SUSE Linux Enterprise Module for Basesystem 15",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.3.1.ppc64le"
},
"product_reference": "kernel-default-4.12.14-25.3.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-4.12.14-25.3.1.s390x as component of SUSE Linux Enterprise Module for Basesystem 15",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.3.1.s390x"
},
"product_reference": "kernel-default-4.12.14-25.3.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-4.12.14-25.3.1.x86_64 as component of SUSE Linux Enterprise Module for Basesystem 15",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.3.1.x86_64"
},
"product_reference": "kernel-default-4.12.14-25.3.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-4.12.14-25.3.1.aarch64 as component of SUSE Linux Enterprise Module for Basesystem 15",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.3.1.aarch64"
},
"product_reference": "kernel-default-devel-4.12.14-25.3.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-4.12.14-25.3.1.ppc64le as component of SUSE Linux Enterprise Module for Basesystem 15",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.3.1.ppc64le"
},
"product_reference": "kernel-default-devel-4.12.14-25.3.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-4.12.14-25.3.1.s390x as component of SUSE Linux Enterprise Module for Basesystem 15",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.3.1.s390x"
},
"product_reference": "kernel-default-devel-4.12.14-25.3.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-4.12.14-25.3.1.x86_64 as component of SUSE Linux Enterprise Module for Basesystem 15",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.3.1.x86_64"
},
"product_reference": "kernel-default-devel-4.12.14-25.3.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-man-4.12.14-25.3.1.s390x as component of SUSE Linux Enterprise Module for Basesystem 15",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-man-4.12.14-25.3.1.s390x"
},
"product_reference": "kernel-default-man-4.12.14-25.3.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-devel-4.12.14-25.3.1.noarch as component of SUSE Linux Enterprise Module for Basesystem 15",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15:kernel-devel-4.12.14-25.3.1.noarch"
},
"product_reference": "kernel-devel-4.12.14-25.3.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-macros-4.12.14-25.3.1.noarch as component of SUSE Linux Enterprise Module for Basesystem 15",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15:kernel-macros-4.12.14-25.3.1.noarch"
},
"product_reference": "kernel-macros-4.12.14-25.3.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-zfcpdump-4.12.14-25.3.1.s390x as component of SUSE Linux Enterprise Module for Basesystem 15",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15:kernel-zfcpdump-4.12.14-25.3.1.s390x"
},
"product_reference": "kernel-zfcpdump-4.12.14-25.3.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-docs-4.12.14-25.3.1.noarch as component of SUSE Linux Enterprise Module for Development Tools 15",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15:kernel-docs-4.12.14-25.3.1.noarch"
},
"product_reference": "kernel-docs-4.12.14-25.3.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-obs-build-4.12.14-25.3.1.aarch64 as component of SUSE Linux Enterprise Module for Development Tools 15",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.3.1.aarch64"
},
"product_reference": "kernel-obs-build-4.12.14-25.3.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-obs-build-4.12.14-25.3.1.ppc64le as component of SUSE Linux Enterprise Module for Development Tools 15",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.3.1.ppc64le"
},
"product_reference": "kernel-obs-build-4.12.14-25.3.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-obs-build-4.12.14-25.3.1.s390x as component of SUSE Linux Enterprise Module for Development Tools 15",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.3.1.s390x"
},
"product_reference": "kernel-obs-build-4.12.14-25.3.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-obs-build-4.12.14-25.3.1.x86_64 as component of SUSE Linux Enterprise Module for Development Tools 15",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.3.1.x86_64"
},
"product_reference": "kernel-obs-build-4.12.14-25.3.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-source-4.12.14-25.3.1.noarch as component of SUSE Linux Enterprise Module for Development Tools 15",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15:kernel-source-4.12.14-25.3.1.noarch"
},
"product_reference": "kernel-source-4.12.14-25.3.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-4.12.14-25.3.1.aarch64 as component of SUSE Linux Enterprise Module for Development Tools 15",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.3.1.aarch64"
},
"product_reference": "kernel-syms-4.12.14-25.3.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-4.12.14-25.3.1.ppc64le as component of SUSE Linux Enterprise Module for Development Tools 15",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.3.1.ppc64le"
},
"product_reference": "kernel-syms-4.12.14-25.3.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-4.12.14-25.3.1.s390x as component of SUSE Linux Enterprise Module for Development Tools 15",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.3.1.s390x"
},
"product_reference": "kernel-syms-4.12.14-25.3.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-4.12.14-25.3.1.x86_64 as component of SUSE Linux Enterprise Module for Development Tools 15",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.3.1.x86_64"
},
"product_reference": "kernel-syms-4.12.14-25.3.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-vanilla-base-4.12.14-25.3.1.aarch64 as component of SUSE Linux Enterprise Module for Development Tools 15",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.3.1.aarch64"
},
"product_reference": "kernel-vanilla-base-4.12.14-25.3.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-vanilla-base-4.12.14-25.3.1.ppc64le as component of SUSE Linux Enterprise Module for Development Tools 15",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.3.1.ppc64le"
},
"product_reference": "kernel-vanilla-base-4.12.14-25.3.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-vanilla-base-4.12.14-25.3.1.s390x as component of SUSE Linux Enterprise Module for Development Tools 15",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.3.1.s390x"
},
"product_reference": "kernel-vanilla-base-4.12.14-25.3.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-vanilla-base-4.12.14-25.3.1.x86_64 as component of SUSE Linux Enterprise Module for Development Tools 15",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.3.1.x86_64"
},
"product_reference": "kernel-vanilla-base-4.12.14-25.3.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "reiserfs-kmp-default-4.12.14-25.3.1.aarch64 as component of SUSE Linux Enterprise Module for Legacy 15",
"product_id": "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.3.1.aarch64"
},
"product_reference": "reiserfs-kmp-default-4.12.14-25.3.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Legacy 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "reiserfs-kmp-default-4.12.14-25.3.1.ppc64le as component of SUSE Linux Enterprise Module for Legacy 15",
"product_id": "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.3.1.ppc64le"
},
"product_reference": "reiserfs-kmp-default-4.12.14-25.3.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Legacy 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "reiserfs-kmp-default-4.12.14-25.3.1.s390x as component of SUSE Linux Enterprise Module for Legacy 15",
"product_id": "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.3.1.s390x"
},
"product_reference": "reiserfs-kmp-default-4.12.14-25.3.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Legacy 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "reiserfs-kmp-default-4.12.14-25.3.1.x86_64 as component of SUSE Linux Enterprise Module for Legacy 15",
"product_id": "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.3.1.x86_64"
},
"product_reference": "reiserfs-kmp-default-4.12.14-25.3.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Legacy 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-livepatch-4.12.14-25.3.1.ppc64le as component of SUSE Linux Enterprise Live Patching 15",
"product_id": "SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-25.3.1.ppc64le"
},
"product_reference": "kernel-default-livepatch-4.12.14-25.3.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-livepatch-4.12.14-25.3.1.x86_64 as component of SUSE Linux Enterprise Live Patching 15",
"product_id": "SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-25.3.1.x86_64"
},
"product_reference": "kernel-default-livepatch-4.12.14-25.3.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-livepatch-4_12_14-25_3-default-1-1.3.1.ppc64le as component of SUSE Linux Enterprise Live Patching 15",
"product_id": "SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-25_3-default-1-1.3.1.ppc64le"
},
"product_reference": "kernel-livepatch-4_12_14-25_3-default-1-1.3.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-livepatch-4_12_14-25_3-default-1-1.3.1.x86_64 as component of SUSE Linux Enterprise Live Patching 15",
"product_id": "SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-25_3-default-1-1.3.1.x86_64"
},
"product_reference": "kernel-livepatch-4_12_14-25_3-default-1-1.3.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cluster-md-kmp-default-4.12.14-25.3.1.aarch64 as component of SUSE Linux Enterprise High Availability Extension 15",
"product_id": "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.3.1.aarch64"
},
"product_reference": "cluster-md-kmp-default-4.12.14-25.3.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cluster-md-kmp-default-4.12.14-25.3.1.ppc64le as component of SUSE Linux Enterprise High Availability Extension 15",
"product_id": "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.3.1.ppc64le"
},
"product_reference": "cluster-md-kmp-default-4.12.14-25.3.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cluster-md-kmp-default-4.12.14-25.3.1.s390x as component of SUSE Linux Enterprise High Availability Extension 15",
"product_id": "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.3.1.s390x"
},
"product_reference": "cluster-md-kmp-default-4.12.14-25.3.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cluster-md-kmp-default-4.12.14-25.3.1.x86_64 as component of SUSE Linux Enterprise High Availability Extension 15",
"product_id": "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.3.1.x86_64"
},
"product_reference": "cluster-md-kmp-default-4.12.14-25.3.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dlm-kmp-default-4.12.14-25.3.1.aarch64 as component of SUSE Linux Enterprise High Availability Extension 15",
"product_id": "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.3.1.aarch64"
},
"product_reference": "dlm-kmp-default-4.12.14-25.3.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dlm-kmp-default-4.12.14-25.3.1.ppc64le as component of SUSE Linux Enterprise High Availability Extension 15",
"product_id": "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.3.1.ppc64le"
},
"product_reference": "dlm-kmp-default-4.12.14-25.3.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dlm-kmp-default-4.12.14-25.3.1.s390x as component of SUSE Linux Enterprise High Availability Extension 15",
"product_id": "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.3.1.s390x"
},
"product_reference": "dlm-kmp-default-4.12.14-25.3.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dlm-kmp-default-4.12.14-25.3.1.x86_64 as component of SUSE Linux Enterprise High Availability Extension 15",
"product_id": "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.3.1.x86_64"
},
"product_reference": "dlm-kmp-default-4.12.14-25.3.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gfs2-kmp-default-4.12.14-25.3.1.aarch64 as component of SUSE Linux Enterprise High Availability Extension 15",
"product_id": "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.3.1.aarch64"
},
"product_reference": "gfs2-kmp-default-4.12.14-25.3.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gfs2-kmp-default-4.12.14-25.3.1.ppc64le as component of SUSE Linux Enterprise High Availability Extension 15",
"product_id": "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.3.1.ppc64le"
},
"product_reference": "gfs2-kmp-default-4.12.14-25.3.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gfs2-kmp-default-4.12.14-25.3.1.s390x as component of SUSE Linux Enterprise High Availability Extension 15",
"product_id": "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.3.1.s390x"
},
"product_reference": "gfs2-kmp-default-4.12.14-25.3.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gfs2-kmp-default-4.12.14-25.3.1.x86_64 as component of SUSE Linux Enterprise High Availability Extension 15",
"product_id": "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.3.1.x86_64"
},
"product_reference": "gfs2-kmp-default-4.12.14-25.3.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ocfs2-kmp-default-4.12.14-25.3.1.aarch64 as component of SUSE Linux Enterprise High Availability Extension 15",
"product_id": "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.3.1.aarch64"
},
"product_reference": "ocfs2-kmp-default-4.12.14-25.3.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ocfs2-kmp-default-4.12.14-25.3.1.ppc64le as component of SUSE Linux Enterprise High Availability Extension 15",
"product_id": "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.3.1.ppc64le"
},
"product_reference": "ocfs2-kmp-default-4.12.14-25.3.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ocfs2-kmp-default-4.12.14-25.3.1.s390x as component of SUSE Linux Enterprise High Availability Extension 15",
"product_id": "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.3.1.s390x"
},
"product_reference": "ocfs2-kmp-default-4.12.14-25.3.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ocfs2-kmp-default-4.12.14-25.3.1.x86_64 as component of SUSE Linux Enterprise High Availability Extension 15",
"product_id": "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.3.1.x86_64"
},
"product_reference": "ocfs2-kmp-default-4.12.14-25.3.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-extra-4.12.14-25.3.1.x86_64 as component of SUSE Linux Enterprise Workstation Extension 15",
"product_id": "SUSE Linux Enterprise Workstation Extension 15:kernel-default-extra-4.12.14-25.3.1.x86_64"
},
"product_reference": "kernel-default-extra-4.12.14-25.3.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Workstation Extension 15"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2017-5715",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-5715"
}
],
"notes": [
{
"category": "general",
"text": "Systems with microprocessors utilizing speculative execution and indirect branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-25_3-default-1-1.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-25_3-default-1-1.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-man-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-devel-4.12.14-25.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-macros-4.12.14-25.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-zfcpdump-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-docs-4.12.14-25.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-source-4.12.14-25.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15:kernel-default-extra-4.12.14-25.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-5715",
"url": "https://www.suse.com/security/cve/CVE-2017-5715"
},
{
"category": "external",
"summary": "SUSE Bug 1068032 for CVE-2017-5715",
"url": "https://bugzilla.suse.com/1068032"
},
{
"category": "external",
"summary": "SUSE Bug 1074562 for CVE-2017-5715",
"url": "https://bugzilla.suse.com/1074562"
},
{
"category": "external",
"summary": "SUSE Bug 1074578 for CVE-2017-5715",
"url": "https://bugzilla.suse.com/1074578"
},
{
"category": "external",
"summary": "SUSE Bug 1074701 for CVE-2017-5715",
"url": "https://bugzilla.suse.com/1074701"
},
{
"category": "external",
"summary": "SUSE Bug 1074741 for CVE-2017-5715",
"url": "https://bugzilla.suse.com/1074741"
},
{
"category": "external",
"summary": "SUSE Bug 1074919 for CVE-2017-5715",
"url": "https://bugzilla.suse.com/1074919"
},
{
"category": "external",
"summary": "SUSE Bug 1075006 for CVE-2017-5715",
"url": "https://bugzilla.suse.com/1075006"
},
{
"category": "external",
"summary": "SUSE Bug 1075007 for CVE-2017-5715",
"url": "https://bugzilla.suse.com/1075007"
},
{
"category": "external",
"summary": "SUSE Bug 1075262 for CVE-2017-5715",
"url": "https://bugzilla.suse.com/1075262"
},
{
"category": "external",
"summary": "SUSE Bug 1075419 for CVE-2017-5715",
"url": "https://bugzilla.suse.com/1075419"
},
{
"category": "external",
"summary": "SUSE Bug 1076115 for CVE-2017-5715",
"url": "https://bugzilla.suse.com/1076115"
},
{
"category": "external",
"summary": "SUSE Bug 1076372 for CVE-2017-5715",
"url": "https://bugzilla.suse.com/1076372"
},
{
"category": "external",
"summary": "SUSE Bug 1076606 for CVE-2017-5715",
"url": "https://bugzilla.suse.com/1076606"
},
{
"category": "external",
"summary": "SUSE Bug 1078353 for CVE-2017-5715",
"url": "https://bugzilla.suse.com/1078353"
},
{
"category": "external",
"summary": "SUSE Bug 1080039 for CVE-2017-5715",
"url": "https://bugzilla.suse.com/1080039"
},
{
"category": "external",
"summary": "SUSE Bug 1087887 for CVE-2017-5715",
"url": "https://bugzilla.suse.com/1087887"
},
{
"category": "external",
"summary": "SUSE Bug 1087939 for CVE-2017-5715",
"url": "https://bugzilla.suse.com/1087939"
},
{
"category": "external",
"summary": "SUSE Bug 1088147 for CVE-2017-5715",
"url": "https://bugzilla.suse.com/1088147"
},
{
"category": "external",
"summary": "SUSE Bug 1089055 for CVE-2017-5715",
"url": "https://bugzilla.suse.com/1089055"
},
{
"category": "external",
"summary": "SUSE Bug 1091815 for CVE-2017-5715",
"url": "https://bugzilla.suse.com/1091815"
},
{
"category": "external",
"summary": "SUSE Bug 1095735 for CVE-2017-5715",
"url": "https://bugzilla.suse.com/1095735"
},
{
"category": "external",
"summary": "SUSE Bug 1102517 for CVE-2017-5715",
"url": "https://bugzilla.suse.com/1102517"
},
{
"category": "external",
"summary": "SUSE Bug 1105108 for CVE-2017-5715",
"url": "https://bugzilla.suse.com/1105108"
},
{
"category": "external",
"summary": "SUSE Bug 1126516 for CVE-2017-5715",
"url": "https://bugzilla.suse.com/1126516"
},
{
"category": "external",
"summary": "SUSE Bug 1173489 for CVE-2017-5715",
"url": "https://bugzilla.suse.com/1173489"
},
{
"category": "external",
"summary": "SUSE Bug 1178658 for CVE-2017-5715",
"url": "https://bugzilla.suse.com/1178658"
},
{
"category": "external",
"summary": "SUSE Bug 1201457 for CVE-2017-5715",
"url": "https://bugzilla.suse.com/1201457"
},
{
"category": "external",
"summary": "SUSE Bug 1201877 for CVE-2017-5715",
"url": "https://bugzilla.suse.com/1201877"
},
{
"category": "external",
"summary": "SUSE Bug 1203236 for CVE-2017-5715",
"url": "https://bugzilla.suse.com/1203236"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-25_3-default-1-1.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-25_3-default-1-1.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-man-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-devel-4.12.14-25.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-macros-4.12.14-25.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-zfcpdump-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-docs-4.12.14-25.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-source-4.12.14-25.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15:kernel-default-extra-4.12.14-25.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-25_3-default-1-1.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-25_3-default-1-1.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-man-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-devel-4.12.14-25.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-macros-4.12.14-25.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-zfcpdump-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-docs-4.12.14-25.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-source-4.12.14-25.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15:kernel-default-extra-4.12.14-25.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-07-27T13:37:02Z",
"details": "important"
}
],
"title": "CVE-2017-5715"
},
{
"cve": "CVE-2017-5753",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-5753"
}
],
"notes": [
{
"category": "general",
"text": "Systems with microprocessors utilizing speculative execution and branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-25_3-default-1-1.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-25_3-default-1-1.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-man-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-devel-4.12.14-25.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-macros-4.12.14-25.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-zfcpdump-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-docs-4.12.14-25.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-source-4.12.14-25.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15:kernel-default-extra-4.12.14-25.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-5753",
"url": "https://www.suse.com/security/cve/CVE-2017-5753"
},
{
"category": "external",
"summary": "SUSE Bug 1068032 for CVE-2017-5753",
"url": "https://bugzilla.suse.com/1068032"
},
{
"category": "external",
"summary": "SUSE Bug 1074562 for CVE-2017-5753",
"url": "https://bugzilla.suse.com/1074562"
},
{
"category": "external",
"summary": "SUSE Bug 1074578 for CVE-2017-5753",
"url": "https://bugzilla.suse.com/1074578"
},
{
"category": "external",
"summary": "SUSE Bug 1074701 for CVE-2017-5753",
"url": "https://bugzilla.suse.com/1074701"
},
{
"category": "external",
"summary": "SUSE Bug 1075006 for CVE-2017-5753",
"url": "https://bugzilla.suse.com/1075006"
},
{
"category": "external",
"summary": "SUSE Bug 1075419 for CVE-2017-5753",
"url": "https://bugzilla.suse.com/1075419"
},
{
"category": "external",
"summary": "SUSE Bug 1075748 for CVE-2017-5753",
"url": "https://bugzilla.suse.com/1075748"
},
{
"category": "external",
"summary": "SUSE Bug 1080039 for CVE-2017-5753",
"url": "https://bugzilla.suse.com/1080039"
},
{
"category": "external",
"summary": "SUSE Bug 1087084 for CVE-2017-5753",
"url": "https://bugzilla.suse.com/1087084"
},
{
"category": "external",
"summary": "SUSE Bug 1087939 for CVE-2017-5753",
"url": "https://bugzilla.suse.com/1087939"
},
{
"category": "external",
"summary": "SUSE Bug 1089055 for CVE-2017-5753",
"url": "https://bugzilla.suse.com/1089055"
},
{
"category": "external",
"summary": "SUSE Bug 1136865 for CVE-2017-5753",
"url": "https://bugzilla.suse.com/1136865"
},
{
"category": "external",
"summary": "SUSE Bug 1178658 for CVE-2017-5753",
"url": "https://bugzilla.suse.com/1178658"
},
{
"category": "external",
"summary": "SUSE Bug 1201877 for CVE-2017-5753",
"url": "https://bugzilla.suse.com/1201877"
},
{
"category": "external",
"summary": "SUSE Bug 1209547 for CVE-2017-5753",
"url": "https://bugzilla.suse.com/1209547"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-25_3-default-1-1.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-25_3-default-1-1.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-man-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-devel-4.12.14-25.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-macros-4.12.14-25.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-zfcpdump-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-docs-4.12.14-25.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-source-4.12.14-25.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15:kernel-default-extra-4.12.14-25.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-25_3-default-1-1.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-25_3-default-1-1.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-man-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-devel-4.12.14-25.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-macros-4.12.14-25.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-zfcpdump-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-docs-4.12.14-25.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-source-4.12.14-25.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15:kernel-default-extra-4.12.14-25.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-07-27T13:37:02Z",
"details": "important"
}
],
"title": "CVE-2017-5753"
},
{
"cve": "CVE-2018-1000200",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-1000200"
}
],
"notes": [
{
"category": "general",
"text": "The Linux Kernel versions 4.14, 4.15, and 4.16 has a null pointer dereference which can result in an out of memory (OOM) killing of large mlocked processes. The issue arises from an oom killed process\u0027s final thread calling exit_mmap(), which calls munlock_vma_pages_all() for mlocked vmas.This can happen synchronously with the oom reaper\u0027s unmap_page_range() since the vma\u0027s VM_LOCKED bit is cleared before munlocking (to determine if any other vmas share the memory and are mlocked).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-25_3-default-1-1.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-25_3-default-1-1.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-man-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-devel-4.12.14-25.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-macros-4.12.14-25.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-zfcpdump-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-docs-4.12.14-25.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-source-4.12.14-25.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15:kernel-default-extra-4.12.14-25.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-1000200",
"url": "https://www.suse.com/security/cve/CVE-2018-1000200"
},
{
"category": "external",
"summary": "SUSE Bug 1087082 for CVE-2018-1000200",
"url": "https://bugzilla.suse.com/1087082"
},
{
"category": "external",
"summary": "SUSE Bug 1090150 for CVE-2018-1000200",
"url": "https://bugzilla.suse.com/1090150"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-25_3-default-1-1.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-25_3-default-1-1.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-man-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-devel-4.12.14-25.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-macros-4.12.14-25.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-zfcpdump-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-docs-4.12.14-25.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-source-4.12.14-25.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15:kernel-default-extra-4.12.14-25.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-25_3-default-1-1.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-25_3-default-1-1.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-man-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-devel-4.12.14-25.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-macros-4.12.14-25.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-zfcpdump-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-docs-4.12.14-25.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-source-4.12.14-25.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15:kernel-default-extra-4.12.14-25.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-07-27T13:37:02Z",
"details": "moderate"
}
],
"title": "CVE-2018-1000200"
},
{
"cve": "CVE-2018-1000204",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-1000204"
}
],
"notes": [
{
"category": "general",
"text": "Linux Kernel version 3.18 to 4.16 incorrectly handles an SG_IO ioctl on /dev/sg0 with dxfer_direction=SG_DXFER_FROM_DEV and an empty 6-byte cmdp. This may lead to copying up to 1000 kernel heap pages to the userspace. This has been fixed upstream in https://github.com/torvalds/linux/commit/a45b599ad808c3c982fdcdc12b0b8611c2f92824 already. The problem has limited scope, as users don\u0027t usually have permissions to access SCSI devices. On the other hand, e.g. the Nero user manual suggests doing `chmod o+r+w /dev/sg*` to make the devices accessible. NOTE: third parties dispute the relevance of this report, noting that the requirement for an attacker to have both the CAP_SYS_ADMIN and CAP_SYS_RAWIO capabilities makes it \"virtually impossible to exploit.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-25_3-default-1-1.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-25_3-default-1-1.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-man-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-devel-4.12.14-25.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-macros-4.12.14-25.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-zfcpdump-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-docs-4.12.14-25.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-source-4.12.14-25.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15:kernel-default-extra-4.12.14-25.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-1000204",
"url": "https://www.suse.com/security/cve/CVE-2018-1000204"
},
{
"category": "external",
"summary": "SUSE Bug 1096728 for CVE-2018-1000204",
"url": "https://bugzilla.suse.com/1096728"
},
{
"category": "external",
"summary": "SUSE Bug 1105412 for CVE-2018-1000204",
"url": "https://bugzilla.suse.com/1105412"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-25_3-default-1-1.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-25_3-default-1-1.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-man-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-devel-4.12.14-25.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-macros-4.12.14-25.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-zfcpdump-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-docs-4.12.14-25.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-source-4.12.14-25.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15:kernel-default-extra-4.12.14-25.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.2,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-25_3-default-1-1.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-25_3-default-1-1.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-man-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-devel-4.12.14-25.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-macros-4.12.14-25.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-zfcpdump-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-docs-4.12.14-25.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-source-4.12.14-25.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15:kernel-default-extra-4.12.14-25.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-07-27T13:37:02Z",
"details": "moderate"
}
],
"title": "CVE-2018-1000204"
},
{
"cve": "CVE-2018-10087",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-10087"
}
],
"notes": [
{
"category": "general",
"text": "The kernel_wait4 function in kernel/exit.c in the Linux kernel before 4.13, when an unspecified architecture and compiler is used, might allow local users to cause a denial of service by triggering an attempted use of the -INT_MIN value.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-25_3-default-1-1.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-25_3-default-1-1.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-man-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-devel-4.12.14-25.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-macros-4.12.14-25.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-zfcpdump-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-docs-4.12.14-25.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-source-4.12.14-25.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15:kernel-default-extra-4.12.14-25.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-10087",
"url": "https://www.suse.com/security/cve/CVE-2018-10087"
},
{
"category": "external",
"summary": "SUSE Bug 1087082 for CVE-2018-10087",
"url": "https://bugzilla.suse.com/1087082"
},
{
"category": "external",
"summary": "SUSE Bug 1089608 for CVE-2018-10087",
"url": "https://bugzilla.suse.com/1089608"
},
{
"category": "external",
"summary": "SUSE Bug 1091815 for CVE-2018-10087",
"url": "https://bugzilla.suse.com/1091815"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-25_3-default-1-1.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-25_3-default-1-1.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-man-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-devel-4.12.14-25.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-macros-4.12.14-25.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-zfcpdump-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-docs-4.12.14-25.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-source-4.12.14-25.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15:kernel-default-extra-4.12.14-25.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-25_3-default-1-1.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-25_3-default-1-1.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-man-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-devel-4.12.14-25.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-macros-4.12.14-25.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-zfcpdump-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-docs-4.12.14-25.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-source-4.12.14-25.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15:kernel-default-extra-4.12.14-25.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-07-27T13:37:02Z",
"details": "low"
}
],
"title": "CVE-2018-10087"
},
{
"cve": "CVE-2018-10124",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-10124"
}
],
"notes": [
{
"category": "general",
"text": "The kill_something_info function in kernel/signal.c in the Linux kernel before 4.13, when an unspecified architecture and compiler is used, might allow local users to cause a denial of service via an INT_MIN argument.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-25_3-default-1-1.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-25_3-default-1-1.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-man-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-devel-4.12.14-25.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-macros-4.12.14-25.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-zfcpdump-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-docs-4.12.14-25.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-source-4.12.14-25.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15:kernel-default-extra-4.12.14-25.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-10124",
"url": "https://www.suse.com/security/cve/CVE-2018-10124"
},
{
"category": "external",
"summary": "SUSE Bug 1087082 for CVE-2018-10124",
"url": "https://bugzilla.suse.com/1087082"
},
{
"category": "external",
"summary": "SUSE Bug 1089752 for CVE-2018-10124",
"url": "https://bugzilla.suse.com/1089752"
},
{
"category": "external",
"summary": "SUSE Bug 1091815 for CVE-2018-10124",
"url": "https://bugzilla.suse.com/1091815"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-25_3-default-1-1.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-25_3-default-1-1.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-man-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-devel-4.12.14-25.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-macros-4.12.14-25.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-zfcpdump-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-docs-4.12.14-25.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-source-4.12.14-25.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15:kernel-default-extra-4.12.14-25.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-25_3-default-1-1.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-25_3-default-1-1.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-man-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-devel-4.12.14-25.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-macros-4.12.14-25.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-zfcpdump-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-docs-4.12.14-25.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-source-4.12.14-25.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15:kernel-default-extra-4.12.14-25.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-07-27T13:37:02Z",
"details": "moderate"
}
],
"title": "CVE-2018-10124"
},
{
"cve": "CVE-2018-1092",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-1092"
}
],
"notes": [
{
"category": "general",
"text": "The ext4_iget function in fs/ext4/inode.c in the Linux kernel through 4.15.15 mishandles the case of a root directory with a zero i_links_count, which allows attackers to cause a denial of service (ext4_process_freed_data NULL pointer dereference and OOPS) via a crafted ext4 image.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-25_3-default-1-1.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-25_3-default-1-1.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-man-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-devel-4.12.14-25.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-macros-4.12.14-25.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-zfcpdump-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-docs-4.12.14-25.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-source-4.12.14-25.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15:kernel-default-extra-4.12.14-25.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-1092",
"url": "https://www.suse.com/security/cve/CVE-2018-1092"
},
{
"category": "external",
"summary": "SUSE Bug 1087012 for CVE-2018-1092",
"url": "https://bugzilla.suse.com/1087012"
},
{
"category": "external",
"summary": "SUSE Bug 1087082 for CVE-2018-1092",
"url": "https://bugzilla.suse.com/1087082"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-25_3-default-1-1.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-25_3-default-1-1.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-man-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-devel-4.12.14-25.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-macros-4.12.14-25.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-zfcpdump-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-docs-4.12.14-25.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-source-4.12.14-25.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15:kernel-default-extra-4.12.14-25.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-25_3-default-1-1.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-25_3-default-1-1.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-man-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-devel-4.12.14-25.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-macros-4.12.14-25.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-zfcpdump-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-docs-4.12.14-25.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-source-4.12.14-25.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15:kernel-default-extra-4.12.14-25.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-07-27T13:37:02Z",
"details": "moderate"
}
],
"title": "CVE-2018-1092"
},
{
"cve": "CVE-2018-1093",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-1093"
}
],
"notes": [
{
"category": "general",
"text": "The ext4_valid_block_bitmap function in fs/ext4/balloc.c in the Linux kernel through 4.15.15 allows attackers to cause a denial of service (out-of-bounds read and system crash) via a crafted ext4 image because balloc.c and ialloc.c do not validate bitmap block numbers.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-25_3-default-1-1.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-25_3-default-1-1.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-man-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-devel-4.12.14-25.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-macros-4.12.14-25.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-zfcpdump-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-docs-4.12.14-25.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-source-4.12.14-25.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15:kernel-default-extra-4.12.14-25.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-1093",
"url": "https://www.suse.com/security/cve/CVE-2018-1093"
},
{
"category": "external",
"summary": "SUSE Bug 1087082 for CVE-2018-1093",
"url": "https://bugzilla.suse.com/1087082"
},
{
"category": "external",
"summary": "SUSE Bug 1087095 for CVE-2018-1093",
"url": "https://bugzilla.suse.com/1087095"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-25_3-default-1-1.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-25_3-default-1-1.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-man-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-devel-4.12.14-25.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-macros-4.12.14-25.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-zfcpdump-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-docs-4.12.14-25.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-source-4.12.14-25.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15:kernel-default-extra-4.12.14-25.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-25_3-default-1-1.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-25_3-default-1-1.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-man-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-devel-4.12.14-25.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-macros-4.12.14-25.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-zfcpdump-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-docs-4.12.14-25.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-source-4.12.14-25.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15:kernel-default-extra-4.12.14-25.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-07-27T13:37:02Z",
"details": "moderate"
}
],
"title": "CVE-2018-1093"
},
{
"cve": "CVE-2018-1094",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-1094"
}
],
"notes": [
{
"category": "general",
"text": "The ext4_fill_super function in fs/ext4/super.c in the Linux kernel through 4.15.15 does not always initialize the crc32c checksum driver, which allows attackers to cause a denial of service (ext4_xattr_inode_hash NULL pointer dereference and system crash) via a crafted ext4 image.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-25_3-default-1-1.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-25_3-default-1-1.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-man-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-devel-4.12.14-25.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-macros-4.12.14-25.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-zfcpdump-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-docs-4.12.14-25.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-source-4.12.14-25.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15:kernel-default-extra-4.12.14-25.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-1094",
"url": "https://www.suse.com/security/cve/CVE-2018-1094"
},
{
"category": "external",
"summary": "SUSE Bug 1087007 for CVE-2018-1094",
"url": "https://bugzilla.suse.com/1087007"
},
{
"category": "external",
"summary": "SUSE Bug 1087082 for CVE-2018-1094",
"url": "https://bugzilla.suse.com/1087082"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-25_3-default-1-1.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-25_3-default-1-1.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-man-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-devel-4.12.14-25.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-macros-4.12.14-25.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-zfcpdump-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-docs-4.12.14-25.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-source-4.12.14-25.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15:kernel-default-extra-4.12.14-25.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-25_3-default-1-1.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-25_3-default-1-1.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-man-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-devel-4.12.14-25.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-macros-4.12.14-25.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-zfcpdump-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-docs-4.12.14-25.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-source-4.12.14-25.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15:kernel-default-extra-4.12.14-25.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-07-27T13:37:02Z",
"details": "moderate"
}
],
"title": "CVE-2018-1094"
},
{
"cve": "CVE-2018-1118",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-1118"
}
],
"notes": [
{
"category": "general",
"text": "Linux kernel vhost since version 4.8 does not properly initialize memory in messages passed between virtual guests and the host operating system in the vhost/vhost.c:vhost_new_msg() function. This can allow local privileged users to read some kernel memory contents when reading from the /dev/vhost-net device file.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-25_3-default-1-1.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-25_3-default-1-1.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-man-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-devel-4.12.14-25.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-macros-4.12.14-25.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-zfcpdump-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-docs-4.12.14-25.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-source-4.12.14-25.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15:kernel-default-extra-4.12.14-25.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-1118",
"url": "https://www.suse.com/security/cve/CVE-2018-1118"
},
{
"category": "external",
"summary": "SUSE Bug 1087082 for CVE-2018-1118",
"url": "https://bugzilla.suse.com/1087082"
},
{
"category": "external",
"summary": "SUSE Bug 1092472 for CVE-2018-1118",
"url": "https://bugzilla.suse.com/1092472"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-25_3-default-1-1.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-25_3-default-1-1.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-man-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-devel-4.12.14-25.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-macros-4.12.14-25.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-zfcpdump-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-docs-4.12.14-25.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-source-4.12.14-25.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15:kernel-default-extra-4.12.14-25.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-25_3-default-1-1.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-25_3-default-1-1.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-man-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-devel-4.12.14-25.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-macros-4.12.14-25.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-zfcpdump-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-docs-4.12.14-25.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-source-4.12.14-25.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15:kernel-default-extra-4.12.14-25.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-07-27T13:37:02Z",
"details": "moderate"
}
],
"title": "CVE-2018-1118"
},
{
"cve": "CVE-2018-1120",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-1120"
}
],
"notes": [
{
"category": "general",
"text": "A flaw was found affecting the Linux kernel before version 4.17. By mmap()ing a FUSE-backed file onto a process\u0027s memory containing command line arguments (or environment strings), an attacker can cause utilities from psutils or procps (such as ps, w) or any other program which makes a read() call to the /proc/\u003cpid\u003e/cmdline (or /proc/\u003cpid\u003e/environ) files to block indefinitely (denial of service) or for some controlled time (as a synchronization primitive for other attacks).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-25_3-default-1-1.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-25_3-default-1-1.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-man-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-devel-4.12.14-25.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-macros-4.12.14-25.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-zfcpdump-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-docs-4.12.14-25.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-source-4.12.14-25.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15:kernel-default-extra-4.12.14-25.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-1120",
"url": "https://www.suse.com/security/cve/CVE-2018-1120"
},
{
"category": "external",
"summary": "SUSE Bug 1087082 for CVE-2018-1120",
"url": "https://bugzilla.suse.com/1087082"
},
{
"category": "external",
"summary": "SUSE Bug 1092100 for CVE-2018-1120",
"url": "https://bugzilla.suse.com/1092100"
},
{
"category": "external",
"summary": "SUSE Bug 1093158 for CVE-2018-1120",
"url": "https://bugzilla.suse.com/1093158"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-25_3-default-1-1.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-25_3-default-1-1.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-man-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-devel-4.12.14-25.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-macros-4.12.14-25.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-zfcpdump-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-docs-4.12.14-25.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-source-4.12.14-25.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15:kernel-default-extra-4.12.14-25.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-25_3-default-1-1.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-25_3-default-1-1.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-man-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-devel-4.12.14-25.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-macros-4.12.14-25.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-zfcpdump-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-docs-4.12.14-25.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-source-4.12.14-25.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15:kernel-default-extra-4.12.14-25.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-07-27T13:37:02Z",
"details": "low"
}
],
"title": "CVE-2018-1120"
},
{
"cve": "CVE-2018-1130",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-1130"
}
],
"notes": [
{
"category": "general",
"text": "Linux kernel before version 4.16-rc7 is vulnerable to a null pointer dereference in dccp_write_xmit() function in net/dccp/output.c in that allows a local user to cause a denial of service by a number of certain crafted system calls.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-25_3-default-1-1.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-25_3-default-1-1.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-man-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-devel-4.12.14-25.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-macros-4.12.14-25.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-zfcpdump-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-docs-4.12.14-25.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-source-4.12.14-25.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15:kernel-default-extra-4.12.14-25.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-1130",
"url": "https://www.suse.com/security/cve/CVE-2018-1130"
},
{
"category": "external",
"summary": "SUSE Bug 1092904 for CVE-2018-1130",
"url": "https://bugzilla.suse.com/1092904"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-25_3-default-1-1.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-25_3-default-1-1.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-man-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-devel-4.12.14-25.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-macros-4.12.14-25.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-zfcpdump-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-docs-4.12.14-25.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-source-4.12.14-25.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15:kernel-default-extra-4.12.14-25.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-25_3-default-1-1.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-25_3-default-1-1.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-man-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-devel-4.12.14-25.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-macros-4.12.14-25.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-zfcpdump-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-docs-4.12.14-25.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-source-4.12.14-25.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15:kernel-default-extra-4.12.14-25.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-07-27T13:37:02Z",
"details": "moderate"
}
],
"title": "CVE-2018-1130"
},
{
"cve": "CVE-2018-12233",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-12233"
}
],
"notes": [
{
"category": "general",
"text": "In the ea_get function in fs/jfs/xattr.c in the Linux kernel through 4.17.1, a memory corruption bug in JFS can be triggered by calling setxattr twice with two different extended attribute names on the same file. This vulnerability can be triggered by an unprivileged user with the ability to create files and execute programs. A kmalloc call is incorrect, leading to slab-out-of-bounds in jfs_xattr.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-25_3-default-1-1.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-25_3-default-1-1.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-man-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-devel-4.12.14-25.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-macros-4.12.14-25.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-zfcpdump-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-docs-4.12.14-25.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-source-4.12.14-25.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15:kernel-default-extra-4.12.14-25.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-12233",
"url": "https://www.suse.com/security/cve/CVE-2018-12233"
},
{
"category": "external",
"summary": "SUSE Bug 1087082 for CVE-2018-12233",
"url": "https://bugzilla.suse.com/1087082"
},
{
"category": "external",
"summary": "SUSE Bug 1097234 for CVE-2018-12233",
"url": "https://bugzilla.suse.com/1097234"
},
{
"category": "external",
"summary": "SUSE Bug 1115893 for CVE-2018-12233",
"url": "https://bugzilla.suse.com/1115893"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-25_3-default-1-1.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-25_3-default-1-1.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-man-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-devel-4.12.14-25.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-macros-4.12.14-25.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-zfcpdump-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-docs-4.12.14-25.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-source-4.12.14-25.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15:kernel-default-extra-4.12.14-25.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-25_3-default-1-1.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-25_3-default-1-1.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-man-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-devel-4.12.14-25.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-macros-4.12.14-25.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-zfcpdump-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-docs-4.12.14-25.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-source-4.12.14-25.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15:kernel-default-extra-4.12.14-25.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-07-27T13:37:02Z",
"details": "moderate"
}
],
"title": "CVE-2018-12233"
},
{
"cve": "CVE-2018-13053",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-13053"
}
],
"notes": [
{
"category": "general",
"text": "The alarm_timer_nsleep function in kernel/time/alarmtimer.c in the Linux kernel through 4.17.3 has an integer overflow via a large relative timeout because ktime_add_safe is not used.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-25_3-default-1-1.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-25_3-default-1-1.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-man-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-devel-4.12.14-25.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-macros-4.12.14-25.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-zfcpdump-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-docs-4.12.14-25.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-source-4.12.14-25.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15:kernel-default-extra-4.12.14-25.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-13053",
"url": "https://www.suse.com/security/cve/CVE-2018-13053"
},
{
"category": "external",
"summary": "SUSE Bug 1099924 for CVE-2018-13053",
"url": "https://bugzilla.suse.com/1099924"
},
{
"category": "external",
"summary": "SUSE Bug 1115893 for CVE-2018-13053",
"url": "https://bugzilla.suse.com/1115893"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-25_3-default-1-1.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-25_3-default-1-1.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-man-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-devel-4.12.14-25.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-macros-4.12.14-25.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-zfcpdump-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-docs-4.12.14-25.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-source-4.12.14-25.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15:kernel-default-extra-4.12.14-25.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-25_3-default-1-1.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-25_3-default-1-1.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-man-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-devel-4.12.14-25.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-macros-4.12.14-25.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-zfcpdump-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-docs-4.12.14-25.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-source-4.12.14-25.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15:kernel-default-extra-4.12.14-25.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-07-27T13:37:02Z",
"details": "low"
}
],
"title": "CVE-2018-13053"
},
{
"cve": "CVE-2018-13405",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-13405"
}
],
"notes": [
{
"category": "general",
"text": "The inode_init_owner function in fs/inode.c in the Linux kernel through 3.16 allows local users to create files with an unintended group ownership, in a scenario where a directory is SGID to a certain group and is writable by a user who is not a member of that group. Here, the non-member can trigger creation of a plain file whose group ownership is that group. The intended behavior was that the non-member can trigger creation of a directory (but not a plain file) whose group ownership is that group. The non-member can escalate privileges by making the plain file executable and SGID.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-25_3-default-1-1.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-25_3-default-1-1.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-man-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-devel-4.12.14-25.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-macros-4.12.14-25.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-zfcpdump-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-docs-4.12.14-25.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-source-4.12.14-25.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15:kernel-default-extra-4.12.14-25.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-13405",
"url": "https://www.suse.com/security/cve/CVE-2018-13405"
},
{
"category": "external",
"summary": "SUSE Bug 1087082 for CVE-2018-13405",
"url": "https://bugzilla.suse.com/1087082"
},
{
"category": "external",
"summary": "SUSE Bug 1100416 for CVE-2018-13405",
"url": "https://bugzilla.suse.com/1100416"
},
{
"category": "external",
"summary": "SUSE Bug 1129735 for CVE-2018-13405",
"url": "https://bugzilla.suse.com/1129735"
},
{
"category": "external",
"summary": "SUSE Bug 1195161 for CVE-2018-13405",
"url": "https://bugzilla.suse.com/1195161"
},
{
"category": "external",
"summary": "SUSE Bug 1198702 for CVE-2018-13405",
"url": "https://bugzilla.suse.com/1198702"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-25_3-default-1-1.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-25_3-default-1-1.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-man-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-devel-4.12.14-25.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-macros-4.12.14-25.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-zfcpdump-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-docs-4.12.14-25.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-source-4.12.14-25.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15:kernel-default-extra-4.12.14-25.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-25_3-default-1-1.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-25_3-default-1-1.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-man-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-devel-4.12.14-25.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-macros-4.12.14-25.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-zfcpdump-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-docs-4.12.14-25.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-source-4.12.14-25.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15:kernel-default-extra-4.12.14-25.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-07-27T13:37:02Z",
"details": "moderate"
}
],
"title": "CVE-2018-13405"
},
{
"cve": "CVE-2018-13406",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-13406"
}
],
"notes": [
{
"category": "general",
"text": "An integer overflow in the uvesafb_setcmap function in drivers/video/fbdev/uvesafb.c in the Linux kernel before 4.17.4 could result in local attackers being able to crash the kernel or potentially elevate privileges because kmalloc_array is not used.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-25_3-default-1-1.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-25_3-default-1-1.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-man-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-devel-4.12.14-25.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-macros-4.12.14-25.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-zfcpdump-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-docs-4.12.14-25.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-source-4.12.14-25.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15:kernel-default-extra-4.12.14-25.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-13406",
"url": "https://www.suse.com/security/cve/CVE-2018-13406"
},
{
"category": "external",
"summary": "SUSE Bug 1098016 for CVE-2018-13406",
"url": "https://bugzilla.suse.com/1098016"
},
{
"category": "external",
"summary": "SUSE Bug 1100418 for CVE-2018-13406",
"url": "https://bugzilla.suse.com/1100418"
},
{
"category": "external",
"summary": "SUSE Bug 1115893 for CVE-2018-13406",
"url": "https://bugzilla.suse.com/1115893"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-25_3-default-1-1.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-25_3-default-1-1.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-man-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-devel-4.12.14-25.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-macros-4.12.14-25.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-zfcpdump-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-docs-4.12.14-25.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-source-4.12.14-25.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15:kernel-default-extra-4.12.14-25.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-25_3-default-1-1.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-25_3-default-1-1.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-man-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-devel-4.12.14-25.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-macros-4.12.14-25.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-zfcpdump-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-docs-4.12.14-25.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-source-4.12.14-25.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15:kernel-default-extra-4.12.14-25.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-07-27T13:37:02Z",
"details": "moderate"
}
],
"title": "CVE-2018-13406"
},
{
"cve": "CVE-2018-3639",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-3639"
}
],
"notes": [
{
"category": "general",
"text": "Systems with microprocessors utilizing speculative execution and speculative execution of memory reads before the addresses of all prior memory writes are known may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis, aka Speculative Store Bypass (SSB), Variant 4.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-25_3-default-1-1.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-25_3-default-1-1.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-man-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-devel-4.12.14-25.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-macros-4.12.14-25.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-zfcpdump-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-docs-4.12.14-25.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-source-4.12.14-25.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15:kernel-default-extra-4.12.14-25.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-3639",
"url": "https://www.suse.com/security/cve/CVE-2018-3639"
},
{
"category": "external",
"summary": "SUSE Bug 1074701 for CVE-2018-3639",
"url": "https://bugzilla.suse.com/1074701"
},
{
"category": "external",
"summary": "SUSE Bug 1085235 for CVE-2018-3639",
"url": "https://bugzilla.suse.com/1085235"
},
{
"category": "external",
"summary": "SUSE Bug 1085308 for CVE-2018-3639",
"url": "https://bugzilla.suse.com/1085308"
},
{
"category": "external",
"summary": "SUSE Bug 1087078 for CVE-2018-3639",
"url": "https://bugzilla.suse.com/1087078"
},
{
"category": "external",
"summary": "SUSE Bug 1087082 for CVE-2018-3639",
"url": "https://bugzilla.suse.com/1087082"
},
{
"category": "external",
"summary": "SUSE Bug 1092631 for CVE-2018-3639",
"url": "https://bugzilla.suse.com/1092631"
},
{
"category": "external",
"summary": "SUSE Bug 1092885 for CVE-2018-3639",
"url": "https://bugzilla.suse.com/1092885"
},
{
"category": "external",
"summary": "SUSE Bug 1094912 for CVE-2018-3639",
"url": "https://bugzilla.suse.com/1094912"
},
{
"category": "external",
"summary": "SUSE Bug 1098813 for CVE-2018-3639",
"url": "https://bugzilla.suse.com/1098813"
},
{
"category": "external",
"summary": "SUSE Bug 1100394 for CVE-2018-3639",
"url": "https://bugzilla.suse.com/1100394"
},
{
"category": "external",
"summary": "SUSE Bug 1102640 for CVE-2018-3639",
"url": "https://bugzilla.suse.com/1102640"
},
{
"category": "external",
"summary": "SUSE Bug 1105412 for CVE-2018-3639",
"url": "https://bugzilla.suse.com/1105412"
},
{
"category": "external",
"summary": "SUSE Bug 1111963 for CVE-2018-3639",
"url": "https://bugzilla.suse.com/1111963"
},
{
"category": "external",
"summary": "SUSE Bug 1172781 for CVE-2018-3639",
"url": "https://bugzilla.suse.com/1172781"
},
{
"category": "external",
"summary": "SUSE Bug 1172782 for CVE-2018-3639",
"url": "https://bugzilla.suse.com/1172782"
},
{
"category": "external",
"summary": "SUSE Bug 1172783 for CVE-2018-3639",
"url": "https://bugzilla.suse.com/1172783"
},
{
"category": "external",
"summary": "SUSE Bug 1173489 for CVE-2018-3639",
"url": "https://bugzilla.suse.com/1173489"
},
{
"category": "external",
"summary": "SUSE Bug 1178658 for CVE-2018-3639",
"url": "https://bugzilla.suse.com/1178658"
},
{
"category": "external",
"summary": "SUSE Bug 1201877 for CVE-2018-3639",
"url": "https://bugzilla.suse.com/1201877"
},
{
"category": "external",
"summary": "SUSE Bug 1215674 for CVE-2018-3639",
"url": "https://bugzilla.suse.com/1215674"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-25_3-default-1-1.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-25_3-default-1-1.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-man-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-devel-4.12.14-25.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-macros-4.12.14-25.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-zfcpdump-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-docs-4.12.14-25.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-source-4.12.14-25.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15:kernel-default-extra-4.12.14-25.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-25_3-default-1-1.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-25_3-default-1-1.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-man-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-devel-4.12.14-25.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-macros-4.12.14-25.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-zfcpdump-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-docs-4.12.14-25.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-source-4.12.14-25.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15:kernel-default-extra-4.12.14-25.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-07-27T13:37:02Z",
"details": "moderate"
}
],
"title": "CVE-2018-3639"
},
{
"cve": "CVE-2018-5803",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-5803"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux Kernel before version 4.15.8, 4.14.25, 4.9.87, 4.4.121, 4.1.51, and 3.2.102, an error in the \"_sctp_make_chunk()\" function (net/sctp/sm_make_chunk.c) when handling SCTP packets length can be exploited to cause a kernel crash.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-25_3-default-1-1.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-25_3-default-1-1.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-man-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-devel-4.12.14-25.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-macros-4.12.14-25.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-zfcpdump-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-docs-4.12.14-25.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-source-4.12.14-25.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15:kernel-default-extra-4.12.14-25.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-5803",
"url": "https://www.suse.com/security/cve/CVE-2018-5803"
},
{
"category": "external",
"summary": "SUSE Bug 1083900 for CVE-2018-5803",
"url": "https://bugzilla.suse.com/1083900"
},
{
"category": "external",
"summary": "SUSE Bug 1087082 for CVE-2018-5803",
"url": "https://bugzilla.suse.com/1087082"
},
{
"category": "external",
"summary": "SUSE Bug 1115893 for CVE-2018-5803",
"url": "https://bugzilla.suse.com/1115893"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-25_3-default-1-1.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-25_3-default-1-1.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-man-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-devel-4.12.14-25.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-macros-4.12.14-25.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-zfcpdump-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-docs-4.12.14-25.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-source-4.12.14-25.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15:kernel-default-extra-4.12.14-25.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-25_3-default-1-1.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-25_3-default-1-1.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-man-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-devel-4.12.14-25.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-macros-4.12.14-25.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-zfcpdump-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-docs-4.12.14-25.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-source-4.12.14-25.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15:kernel-default-extra-4.12.14-25.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-07-27T13:37:02Z",
"details": "moderate"
}
],
"title": "CVE-2018-5803"
},
{
"cve": "CVE-2018-5848",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-5848"
}
],
"notes": [
{
"category": "general",
"text": "In the function wmi_set_ie(), the length validation code does not handle unsigned integer overflow properly. As a result, a large value of the \u0027ie_len\u0027 argument can cause a buffer overflow in all Android releases from CAF (Android for MSM, Firefox OS for MSM, QRD Android) using the Linux Kernel.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-25_3-default-1-1.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-25_3-default-1-1.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-man-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-devel-4.12.14-25.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-macros-4.12.14-25.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-zfcpdump-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-docs-4.12.14-25.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-source-4.12.14-25.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15:kernel-default-extra-4.12.14-25.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-5848",
"url": "https://www.suse.com/security/cve/CVE-2018-5848"
},
{
"category": "external",
"summary": "SUSE Bug 1087082 for CVE-2018-5848",
"url": "https://bugzilla.suse.com/1087082"
},
{
"category": "external",
"summary": "SUSE Bug 1097356 for CVE-2018-5848",
"url": "https://bugzilla.suse.com/1097356"
},
{
"category": "external",
"summary": "SUSE Bug 1105412 for CVE-2018-5848",
"url": "https://bugzilla.suse.com/1105412"
},
{
"category": "external",
"summary": "SUSE Bug 1115339 for CVE-2018-5848",
"url": "https://bugzilla.suse.com/1115339"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-25_3-default-1-1.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-25_3-default-1-1.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-man-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-devel-4.12.14-25.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-macros-4.12.14-25.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-zfcpdump-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-docs-4.12.14-25.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-source-4.12.14-25.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15:kernel-default-extra-4.12.14-25.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-25_3-default-1-1.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-25_3-default-1-1.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-man-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-devel-4.12.14-25.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-macros-4.12.14-25.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-zfcpdump-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-docs-4.12.14-25.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-source-4.12.14-25.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15:kernel-default-extra-4.12.14-25.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-07-27T13:37:02Z",
"details": "moderate"
}
],
"title": "CVE-2018-5848"
},
{
"cve": "CVE-2018-7492",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-7492"
}
],
"notes": [
{
"category": "general",
"text": "A NULL pointer dereference was found in the net/rds/rdma.c __rds_rdma_map() function in the Linux kernel before 4.14.7 allowing local attackers to cause a system panic and a denial-of-service, related to RDS_GET_MR and RDS_GET_MR_FOR_DEST.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-25_3-default-1-1.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-25_3-default-1-1.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-man-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-devel-4.12.14-25.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-macros-4.12.14-25.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-zfcpdump-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-docs-4.12.14-25.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-source-4.12.14-25.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15:kernel-default-extra-4.12.14-25.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-7492",
"url": "https://www.suse.com/security/cve/CVE-2018-7492"
},
{
"category": "external",
"summary": "SUSE Bug 1082962 for CVE-2018-7492",
"url": "https://bugzilla.suse.com/1082962"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-25_3-default-1-1.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-25_3-default-1-1.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-man-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-devel-4.12.14-25.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-macros-4.12.14-25.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-zfcpdump-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-docs-4.12.14-25.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-source-4.12.14-25.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15:kernel-default-extra-4.12.14-25.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.2,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-25_3-default-1-1.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-25_3-default-1-1.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-man-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-devel-4.12.14-25.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-macros-4.12.14-25.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-zfcpdump-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-docs-4.12.14-25.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-source-4.12.14-25.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15:kernel-default-extra-4.12.14-25.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-07-27T13:37:02Z",
"details": "moderate"
}
],
"title": "CVE-2018-7492"
},
{
"cve": "CVE-2018-8781",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-8781"
}
],
"notes": [
{
"category": "general",
"text": "The udl_fb_mmap function in drivers/gpu/drm/udl/udl_fb.c at the Linux kernel version 3.4 and up to and including 4.15 has an integer-overflow vulnerability allowing local users with access to the udldrmfb driver to obtain full read and write permissions on kernel physical pages, resulting in a code execution in kernel space.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-25_3-default-1-1.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-25_3-default-1-1.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-man-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-devel-4.12.14-25.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-macros-4.12.14-25.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-zfcpdump-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-docs-4.12.14-25.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-source-4.12.14-25.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15:kernel-default-extra-4.12.14-25.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-8781",
"url": "https://www.suse.com/security/cve/CVE-2018-8781"
},
{
"category": "external",
"summary": "SUSE Bug 1087082 for CVE-2018-8781",
"url": "https://bugzilla.suse.com/1087082"
},
{
"category": "external",
"summary": "SUSE Bug 1090643 for CVE-2018-8781",
"url": "https://bugzilla.suse.com/1090643"
},
{
"category": "external",
"summary": "SUSE Bug 1090646 for CVE-2018-8781",
"url": "https://bugzilla.suse.com/1090646"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-25_3-default-1-1.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-25_3-default-1-1.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-man-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-devel-4.12.14-25.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-macros-4.12.14-25.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-zfcpdump-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-docs-4.12.14-25.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-source-4.12.14-25.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15:kernel-default-extra-4.12.14-25.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-25_3-default-1-1.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-25_3-default-1-1.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-man-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-devel-4.12.14-25.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-macros-4.12.14-25.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-zfcpdump-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-docs-4.12.14-25.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-source-4.12.14-25.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15:kernel-default-extra-4.12.14-25.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-07-27T13:37:02Z",
"details": "important"
}
],
"title": "CVE-2018-8781"
},
{
"cve": "CVE-2018-9385",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-9385"
}
],
"notes": [
{
"category": "general",
"text": "In driver_override_store of bus.c, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android kernel Android ID: A-74128061 References: Upstream kernel.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-25_3-default-1-1.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-25_3-default-1-1.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-man-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-devel-4.12.14-25.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-macros-4.12.14-25.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-zfcpdump-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-docs-4.12.14-25.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-source-4.12.14-25.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15:kernel-default-extra-4.12.14-25.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-9385",
"url": "https://www.suse.com/security/cve/CVE-2018-9385"
},
{
"category": "external",
"summary": "SUSE Bug 1100491 for CVE-2018-9385",
"url": "https://bugzilla.suse.com/1100491"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-25_3-default-1-1.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-25_3-default-1-1.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-man-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-devel-4.12.14-25.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-macros-4.12.14-25.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-zfcpdump-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-docs-4.12.14-25.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-source-4.12.14-25.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15:kernel-default-extra-4.12.14-25.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-25_3-default-1-1.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-25_3-default-1-1.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-man-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-devel-4.12.14-25.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-macros-4.12.14-25.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-zfcpdump-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-docs-4.12.14-25.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-source-4.12.14-25.3.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.3.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.3.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.3.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.3.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15:kernel-default-extra-4.12.14-25.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-07-27T13:37:02Z",
"details": "moderate"
}
],
"title": "CVE-2018-9385"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…