Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2015-8709 (GCVE-0-2015-8709)
Vulnerability from cvelistv5
Published
2016-02-08 02:00
Modified
2024-08-06 08:29
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
kernel/ptrace.c in the Linux kernel through 4.4.1 mishandles uid and gid mappings, which allows local users to gain privileges by establishing a user namespace, waiting for a root process to enter that namespace with an unsafe uid or gid, and then using the ptrace system call. NOTE: the vendor states "there is no kernel bug here.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T08:29:20.934Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "SUSE-SU-2016:1038",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00031.html"
},
{
"name": "SUSE-SU-2016:1033",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00027.html"
},
{
"name": "SUSE-SU-2016:1034",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00028.html"
},
{
"name": "[linux-kernel] 20151226 [PATCH] ptrace: being capable wrt a process requires mapped uids/gids",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lkml.org/lkml/2015/12/25/71"
},
{
"name": "SUSE-SU-2016:1035",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00029.html"
},
{
"name": "[linux-kernel] 20160106 Re: [PATCH] ptrace: being capable wrt a process requires mapped uids/gids",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://marc.info/?l=linux-kernel\u0026m=145204641422813\u0026w=2"
},
{
"name": "SUSE-SU-2016:1764",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00005.html"
},
{
"name": "SUSE-SU-2016:1031",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00025.html"
},
{
"name": "SUSE-SU-2016:1019",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00019.html"
},
{
"name": "[oss-security] 20151231 Re: CVE Request: Linux kernel: privilege escalation in user namespaces",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2015/12/31/5"
},
{
"name": "[oss-security] 20151217 CVE Request: Linux kernel: privilege escalation in user namespaces",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2015/12/17/12"
},
{
"name": "SUSE-SU-2016:1037",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00030.html"
},
{
"name": "SUSE-SU-2016:1045",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00036.html"
},
{
"name": "[linux-kernel] 20160106 Re: [PATCH] ptrace: being capable wrt a process requires mapped uids/gids",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://marc.info/?l=linux-kernel\u0026m=145204362722256\u0026w=2"
},
{
"name": "FEDORA-2016-5d43766e33",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-February/176484.html"
},
{
"name": "SUSE-SU-2016:1032",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00026.html"
},
{
"name": "SUSE-SU-2016:1039",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00032.html"
},
{
"name": "SUSE-SU-2016:1041",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00034.html"
},
{
"name": "SUSE-SU-2016:1046",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00037.html"
},
{
"name": "79899",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/79899"
},
{
"name": "1034899",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1034899"
},
{
"name": "openSUSE-SU-2016:1008",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00015.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1295287"
},
{
"name": "DSA-3434",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2016/dsa-3434"
},
{
"name": "SUSE-SU-2016:1040",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00033.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2015-12-17T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "kernel/ptrace.c in the Linux kernel through 4.4.1 mishandles uid and gid mappings, which allows local users to gain privileges by establishing a user namespace, waiting for a root process to enter that namespace with an unsafe uid or gid, and then using the ptrace system call. NOTE: the vendor states \"there is no kernel bug here."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-11-03T18:57:01",
"orgId": "79363d38-fa19-49d1-9214-5f28da3f3ac5",
"shortName": "debian"
},
"references": [
{
"name": "SUSE-SU-2016:1038",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00031.html"
},
{
"name": "SUSE-SU-2016:1033",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00027.html"
},
{
"name": "SUSE-SU-2016:1034",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00028.html"
},
{
"name": "[linux-kernel] 20151226 [PATCH] ptrace: being capable wrt a process requires mapped uids/gids",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lkml.org/lkml/2015/12/25/71"
},
{
"name": "SUSE-SU-2016:1035",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00029.html"
},
{
"name": "[linux-kernel] 20160106 Re: [PATCH] ptrace: being capable wrt a process requires mapped uids/gids",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://marc.info/?l=linux-kernel\u0026m=145204641422813\u0026w=2"
},
{
"name": "SUSE-SU-2016:1764",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00005.html"
},
{
"name": "SUSE-SU-2016:1031",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00025.html"
},
{
"name": "SUSE-SU-2016:1019",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00019.html"
},
{
"name": "[oss-security] 20151231 Re: CVE Request: Linux kernel: privilege escalation in user namespaces",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2015/12/31/5"
},
{
"name": "[oss-security] 20151217 CVE Request: Linux kernel: privilege escalation in user namespaces",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2015/12/17/12"
},
{
"name": "SUSE-SU-2016:1037",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00030.html"
},
{
"name": "SUSE-SU-2016:1045",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00036.html"
},
{
"name": "[linux-kernel] 20160106 Re: [PATCH] ptrace: being capable wrt a process requires mapped uids/gids",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://marc.info/?l=linux-kernel\u0026m=145204362722256\u0026w=2"
},
{
"name": "FEDORA-2016-5d43766e33",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-February/176484.html"
},
{
"name": "SUSE-SU-2016:1032",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00026.html"
},
{
"name": "SUSE-SU-2016:1039",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00032.html"
},
{
"name": "SUSE-SU-2016:1041",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00034.html"
},
{
"name": "SUSE-SU-2016:1046",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00037.html"
},
{
"name": "79899",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/79899"
},
{
"name": "1034899",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1034899"
},
{
"name": "openSUSE-SU-2016:1008",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00015.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1295287"
},
{
"name": "DSA-3434",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2016/dsa-3434"
},
{
"name": "SUSE-SU-2016:1040",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00033.html"
}
],
"tags": [
"disputed"
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@debian.org",
"ID": "CVE-2015-8709",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** DISPUTED ** kernel/ptrace.c in the Linux kernel through 4.4.1 mishandles uid and gid mappings, which allows local users to gain privileges by establishing a user namespace, waiting for a root process to enter that namespace with an unsafe uid or gid, and then using the ptrace system call. NOTE: the vendor states \"there is no kernel bug here.\""
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "SUSE-SU-2016:1038",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00031.html"
},
{
"name": "SUSE-SU-2016:1033",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00027.html"
},
{
"name": "SUSE-SU-2016:1034",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00028.html"
},
{
"name": "[linux-kernel] 20151226 [PATCH] ptrace: being capable wrt a process requires mapped uids/gids",
"refsource": "MLIST",
"url": "https://lkml.org/lkml/2015/12/25/71"
},
{
"name": "SUSE-SU-2016:1035",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00029.html"
},
{
"name": "[linux-kernel] 20160106 Re: [PATCH] ptrace: being capable wrt a process requires mapped uids/gids",
"refsource": "MLIST",
"url": "http://marc.info/?l=linux-kernel\u0026m=145204641422813\u0026w=2"
},
{
"name": "SUSE-SU-2016:1764",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00005.html"
},
{
"name": "SUSE-SU-2016:1031",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00025.html"
},
{
"name": "SUSE-SU-2016:1019",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00019.html"
},
{
"name": "[oss-security] 20151231 Re: CVE Request: Linux kernel: privilege escalation in user namespaces",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2015/12/31/5"
},
{
"name": "[oss-security] 20151217 CVE Request: Linux kernel: privilege escalation in user namespaces",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2015/12/17/12"
},
{
"name": "SUSE-SU-2016:1037",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00030.html"
},
{
"name": "SUSE-SU-2016:1045",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00036.html"
},
{
"name": "[linux-kernel] 20160106 Re: [PATCH] ptrace: being capable wrt a process requires mapped uids/gids",
"refsource": "MLIST",
"url": "http://marc.info/?l=linux-kernel\u0026m=145204362722256\u0026w=2"
},
{
"name": "FEDORA-2016-5d43766e33",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-February/176484.html"
},
{
"name": "SUSE-SU-2016:1032",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00026.html"
},
{
"name": "SUSE-SU-2016:1039",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00032.html"
},
{
"name": "SUSE-SU-2016:1041",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00034.html"
},
{
"name": "SUSE-SU-2016:1046",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00037.html"
},
{
"name": "79899",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/79899"
},
{
"name": "1034899",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1034899"
},
{
"name": "openSUSE-SU-2016:1008",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00015.html"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1295287",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1295287"
},
{
"name": "DSA-3434",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2016/dsa-3434"
},
{
"name": "SUSE-SU-2016:1040",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00033.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "79363d38-fa19-49d1-9214-5f28da3f3ac5",
"assignerShortName": "debian",
"cveId": "CVE-2015-8709",
"datePublished": "2016-02-08T02:00:00",
"dateReserved": "2015-12-31T00:00:00",
"dateUpdated": "2024-08-06T08:29:20.934Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"nvd": "{\"cve\":{\"id\":\"CVE-2015-8709\",\"sourceIdentifier\":\"security@debian.org\",\"published\":\"2016-02-08T03:59:05.887\",\"lastModified\":\"2025-04-12T10:46:40.837\",\"vulnStatus\":\"Deferred\",\"cveTags\":[{\"sourceIdentifier\":\"security@debian.org\",\"tags\":[\"disputed\"]}],\"descriptions\":[{\"lang\":\"en\",\"value\":\"kernel/ptrace.c in the Linux kernel through 4.4.1 mishandles uid and gid mappings, which allows local users to gain privileges by establishing a user namespace, waiting for a root process to enter that namespace with an unsafe uid or gid, and then using the ptrace system call. NOTE: the vendor states \\\"there is no kernel bug here.\"},{\"lang\":\"es\",\"value\":\"** DISPUTADA ** kernel/ptrace.c en el kernel de Linux hasta la versi\u00f3n 4.4.1 no maneja correctamente el mapeo uid y gid, lo que permite a usuarios locales obtener privilegios estableciendo un espacio de nombres de usuario, a la espera de un proceso root para entrar ese espacio de nombres con un uid o gid inseguro, y despu\u00e9s utilizando la llamada al sistema ptrace. NOTA: el vendedor afirma \\\"no hay ning\u00fan error en el kernel aqu\u00ed\\\".\"}],\"metrics\":{\"cvssMetricV30\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.0\",\"vectorString\":\"CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":7.0,\"baseSeverity\":\"HIGH\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"HIGH\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.0,\"impactScore\":5.9}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:L/AC:M/Au:N/C:C/I:C/A:C\",\"baseScore\":6.9,\"accessVector\":\"LOCAL\",\"accessComplexity\":\"MEDIUM\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"COMPLETE\",\"integrityImpact\":\"COMPLETE\",\"availabilityImpact\":\"COMPLETE\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":3.4,\"impactScore\":10.0,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-264\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"4.4.1\",\"matchCriteriaId\":\"EDD97C46-E284-47DB-B96A-3B8D5013F2F7\"}]}]}],\"references\":[{\"url\":\"http://lists.fedoraproject.org/pipermail/package-announce/2016-February/176484.html\",\"source\":\"security@debian.org\"},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00015.html\",\"source\":\"security@debian.org\"},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00019.html\",\"source\":\"security@debian.org\"},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00025.html\",\"source\":\"security@debian.org\"},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00026.html\",\"source\":\"security@debian.org\"},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00027.html\",\"source\":\"security@debian.org\"},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00028.html\",\"source\":\"security@debian.org\"},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00029.html\",\"source\":\"security@debian.org\"},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00030.html\",\"source\":\"security@debian.org\"},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00031.html\",\"source\":\"security@debian.org\"},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00032.html\",\"source\":\"security@debian.org\"},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00033.html\",\"source\":\"security@debian.org\"},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00034.html\",\"source\":\"security@debian.org\"},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00036.html\",\"source\":\"security@debian.org\"},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00037.html\",\"source\":\"security@debian.org\"},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00005.html\",\"source\":\"security@debian.org\"},{\"url\":\"http://marc.info/?l=linux-kernel\u0026m=145204362722256\u0026w=2\",\"source\":\"security@debian.org\"},{\"url\":\"http://marc.info/?l=linux-kernel\u0026m=145204641422813\u0026w=2\",\"source\":\"security@debian.org\"},{\"url\":\"http://www.debian.org/security/2016/dsa-3434\",\"source\":\"security@debian.org\"},{\"url\":\"http://www.openwall.com/lists/oss-security/2015/12/17/12\",\"source\":\"security@debian.org\"},{\"url\":\"http://www.openwall.com/lists/oss-security/2015/12/31/5\",\"source\":\"security@debian.org\"},{\"url\":\"http://www.securityfocus.com/bid/79899\",\"source\":\"security@debian.org\"},{\"url\":\"http://www.securitytracker.com/id/1034899\",\"source\":\"security@debian.org\"},{\"url\":\"https://bugzilla.redhat.com/show_bug.cgi?id=1295287\",\"source\":\"security@debian.org\"},{\"url\":\"https://lkml.org/lkml/2015/12/25/71\",\"source\":\"security@debian.org\"},{\"url\":\"http://lists.fedoraproject.org/pipermail/package-announce/2016-February/176484.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00015.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00019.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00025.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00026.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00027.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00028.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00029.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00030.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00031.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00032.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00033.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00034.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00036.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00037.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00005.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://marc.info/?l=linux-kernel\u0026m=145204362722256\u0026w=2\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://marc.info/?l=linux-kernel\u0026m=145204641422813\u0026w=2\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.debian.org/security/2016/dsa-3434\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.openwall.com/lists/oss-security/2015/12/17/12\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.openwall.com/lists/oss-security/2015/12/31/5\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securityfocus.com/bid/79899\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securitytracker.com/id/1034899\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://bugzilla.redhat.com/show_bug.cgi?id=1295287\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lkml.org/lkml/2015/12/25/71\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}"
}
}
suse-su-2016:1040-1
Vulnerability from csaf_suse
Published
2016-04-14 14:30
Modified
2016-04-14 14:30
Summary
Security update for Linux Kernel Live Patch 4
Notes
Title of the patch
Security update for Linux Kernel Live Patch 4
Description of the patch
This update for the Linux Kernel 3.12.39-47.1 fixes the following issues:
- CVE-2016-2384: A malicious USB device could cause a kernel crash in
the alsa usb-audio driver. (bsc#967773)
- CVE-2015-8812: A flaw was found in the CXGB3 kernel driver when
the network was considered congested. The kernel would incorrectly
misinterpret the congestion as an error condition and incorrectly
free/clean up the skb. When the device would then send the skb's queued,
these structures would be referenced and may panic the system or allow
an attacker to escalate privileges in a use-after-free scenario. (bsc#966683)
- CVE-2016-0774: A pipe buffer state corruption after unsuccessful atomic
read from pipe was fixed (bsc#964732).
- CVE-2015-8709: kernel/ptrace.c in the Linux kernel mishandled uid and
gid mappings, which allowed local users to gain privileges by establishing
a user namespace, waiting for a root process to enter that namespace
with an unsafe uid or gid, and then using the ptrace system call. NOTE:
the vendor states 'there is no kernel bug here.' (bsc#960563)
Patchnames
SUSE-SLE-Live-Patching-12-2016-615
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for Linux Kernel Live Patch 4",
"title": "Title of the patch"
},
{
"category": "description",
"text": "\nThis update for the Linux Kernel 3.12.39-47.1 fixes the following issues:\n\n- CVE-2016-2384: A malicious USB device could cause a kernel crash in\n the alsa usb-audio driver. (bsc#967773)\n\n- CVE-2015-8812: A flaw was found in the CXGB3 kernel driver when\n the network was considered congested. The kernel would incorrectly\n misinterpret the congestion as an error condition and incorrectly\n free/clean up the skb. When the device would then send the skb\u0027s queued,\n these structures would be referenced and may panic the system or allow\n an attacker to escalate privileges in a use-after-free scenario. (bsc#966683)\n\n- CVE-2016-0774: A pipe buffer state corruption after unsuccessful atomic\n read from pipe was fixed (bsc#964732).\n\n- CVE-2015-8709: kernel/ptrace.c in the Linux kernel mishandled uid and\n gid mappings, which allowed local users to gain privileges by establishing\n a user namespace, waiting for a root process to enter that namespace\n with an unsafe uid or gid, and then using the ptrace system call. NOTE:\n the vendor states \u0027there is no kernel bug here.\u0027 (bsc#960563)\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-SLE-Live-Patching-12-2016-615",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2016_1040-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2016:1040-1",
"url": "https://www.suse.com/support/update/announcement/2016/suse-su-20161040-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2016:1040-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2016-April/002010.html"
},
{
"category": "self",
"summary": "SUSE Bug 960563",
"url": "https://bugzilla.suse.com/960563"
},
{
"category": "self",
"summary": "SUSE Bug 964732",
"url": "https://bugzilla.suse.com/964732"
},
{
"category": "self",
"summary": "SUSE Bug 966683",
"url": "https://bugzilla.suse.com/966683"
},
{
"category": "self",
"summary": "SUSE Bug 967773",
"url": "https://bugzilla.suse.com/967773"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-8709 page",
"url": "https://www.suse.com/security/cve/CVE-2015-8709/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-8812 page",
"url": "https://www.suse.com/security/cve/CVE-2015-8812/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-0774 page",
"url": "https://www.suse.com/security/cve/CVE-2016-0774/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-2384 page",
"url": "https://www.suse.com/security/cve/CVE-2016-2384/"
}
],
"title": "Security update for Linux Kernel Live Patch 4",
"tracking": {
"current_release_date": "2016-04-14T14:30:35Z",
"generator": {
"date": "2016-04-14T14:30:35Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2016:1040-1",
"initial_release_date": "2016-04-14T14:30:35Z",
"revision_history": [
{
"date": "2016-04-14T14:30:35Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "kgraft-patch-3_12_39-47-default-6-2.1.x86_64",
"product": {
"name": "kgraft-patch-3_12_39-47-default-6-2.1.x86_64",
"product_id": "kgraft-patch-3_12_39-47-default-6-2.1.x86_64"
}
},
{
"category": "product_version",
"name": "kgraft-patch-3_12_39-47-xen-6-2.1.x86_64",
"product": {
"name": "kgraft-patch-3_12_39-47-xen-6-2.1.x86_64",
"product_id": "kgraft-patch-3_12_39-47-xen-6-2.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Live Patching 12",
"product": {
"name": "SUSE Linux Enterprise Live Patching 12",
"product_id": "SUSE Linux Enterprise Live Patching 12",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-live-patching:12"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-3_12_39-47-default-6-2.1.x86_64 as component of SUSE Linux Enterprise Live Patching 12",
"product_id": "SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_39-47-default-6-2.1.x86_64"
},
"product_reference": "kgraft-patch-3_12_39-47-default-6-2.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-3_12_39-47-xen-6-2.1.x86_64 as component of SUSE Linux Enterprise Live Patching 12",
"product_id": "SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_39-47-xen-6-2.1.x86_64"
},
"product_reference": "kgraft-patch-3_12_39-47-xen-6-2.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 12"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2015-8709",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-8709"
}
],
"notes": [
{
"category": "general",
"text": "kernel/ptrace.c in the Linux kernel through 4.4.1 mishandles uid and gid mappings, which allows local users to gain privileges by establishing a user namespace, waiting for a root process to enter that namespace with an unsafe uid or gid, and then using the ptrace system call. NOTE: the vendor states \"there is no kernel bug here.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_39-47-default-6-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_39-47-xen-6-2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-8709",
"url": "https://www.suse.com/security/cve/CVE-2015-8709"
},
{
"category": "external",
"summary": "SUSE Bug 1010933 for CVE-2015-8709",
"url": "https://bugzilla.suse.com/1010933"
},
{
"category": "external",
"summary": "SUSE Bug 959709 for CVE-2015-8709",
"url": "https://bugzilla.suse.com/959709"
},
{
"category": "external",
"summary": "SUSE Bug 960561 for CVE-2015-8709",
"url": "https://bugzilla.suse.com/960561"
},
{
"category": "external",
"summary": "SUSE Bug 960563 for CVE-2015-8709",
"url": "https://bugzilla.suse.com/960563"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_39-47-default-6-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_39-47-xen-6-2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_39-47-default-6-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_39-47-xen-6-2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-04-14T14:30:35Z",
"details": "moderate"
}
],
"title": "CVE-2015-8709"
},
{
"cve": "CVE-2015-8812",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-8812"
}
],
"notes": [
{
"category": "general",
"text": "drivers/infiniband/hw/cxgb3/iwch_cm.c in the Linux kernel before 4.5 does not properly identify error conditions, which allows remote attackers to execute arbitrary code or cause a denial of service (use-after-free) via crafted packets.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_39-47-default-6-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_39-47-xen-6-2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-8812",
"url": "https://www.suse.com/security/cve/CVE-2015-8812"
},
{
"category": "external",
"summary": "SUSE Bug 1020452 for CVE-2015-8812",
"url": "https://bugzilla.suse.com/1020452"
},
{
"category": "external",
"summary": "SUSE Bug 1115893 for CVE-2015-8812",
"url": "https://bugzilla.suse.com/1115893"
},
{
"category": "external",
"summary": "SUSE Bug 966437 for CVE-2015-8812",
"url": "https://bugzilla.suse.com/966437"
},
{
"category": "external",
"summary": "SUSE Bug 966683 for CVE-2015-8812",
"url": "https://bugzilla.suse.com/966683"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_39-47-default-6-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_39-47-xen-6-2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_39-47-default-6-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_39-47-xen-6-2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-04-14T14:30:35Z",
"details": "moderate"
}
],
"title": "CVE-2015-8812"
},
{
"cve": "CVE-2016-0774",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-0774"
}
],
"notes": [
{
"category": "general",
"text": "The (1) pipe_read and (2) pipe_write implementations in fs/pipe.c in a certain Linux kernel backport in the linux package before 3.2.73-2+deb7u3 on Debian wheezy and the kernel package before 3.10.0-229.26.2 on Red Hat Enterprise Linux (RHEL) 7.1 do not properly consider the side effects of failed __copy_to_user_inatomic and __copy_from_user_inatomic calls, which allows local users to cause a denial of service (system crash) or possibly gain privileges via a crafted application, aka an \"I/O vector array overrun.\" NOTE: this vulnerability exists because of an incorrect fix for CVE-2015-1805.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_39-47-default-6-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_39-47-xen-6-2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-0774",
"url": "https://www.suse.com/security/cve/CVE-2016-0774"
},
{
"category": "external",
"summary": "SUSE Bug 917839 for CVE-2016-0774",
"url": "https://bugzilla.suse.com/917839"
},
{
"category": "external",
"summary": "SUSE Bug 964730 for CVE-2016-0774",
"url": "https://bugzilla.suse.com/964730"
},
{
"category": "external",
"summary": "SUSE Bug 964732 for CVE-2016-0774",
"url": "https://bugzilla.suse.com/964732"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_39-47-default-6-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_39-47-xen-6-2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_39-47-default-6-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_39-47-xen-6-2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-04-14T14:30:35Z",
"details": "moderate"
}
],
"title": "CVE-2016-0774"
},
{
"cve": "CVE-2016-2384",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-2384"
}
],
"notes": [
{
"category": "general",
"text": "Double free vulnerability in the snd_usbmidi_create function in sound/usb/midi.c in the Linux kernel before 4.5 allows physically proximate attackers to cause a denial of service (panic) or possibly have unspecified other impact via vectors involving an invalid USB descriptor.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_39-47-default-6-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_39-47-xen-6-2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-2384",
"url": "https://www.suse.com/security/cve/CVE-2016-2384"
},
{
"category": "external",
"summary": "SUSE Bug 1020452 for CVE-2016-2384",
"url": "https://bugzilla.suse.com/1020452"
},
{
"category": "external",
"summary": "SUSE Bug 966693 for CVE-2016-2384",
"url": "https://bugzilla.suse.com/966693"
},
{
"category": "external",
"summary": "SUSE Bug 967773 for CVE-2016-2384",
"url": "https://bugzilla.suse.com/967773"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_39-47-default-6-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_39-47-xen-6-2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_39-47-default-6-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_39-47-xen-6-2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-04-14T14:30:35Z",
"details": "low"
}
],
"title": "CVE-2016-2384"
}
]
}
suse-su-2016:1039-1
Vulnerability from csaf_suse
Published
2016-04-14 14:31
Modified
2016-04-14 14:31
Summary
Security update for Linux Kernel Live Patch 9
Notes
Title of the patch
Security update for Linux Kernel Live Patch 9
Description of the patch
This update for the Linux Kernel 3.12.51-52.31.1 fixes the following issues:
- CVE-2016-2384: A malicious USB device could cause a kernel crash in
the alsa usb-audio driver. (bsc#967773)
- CVE-2015-8812: A flaw was found in the CXGB3 kernel driver when
the network was considered congested. The kernel would incorrectly
misinterpret the congestion as an error condition and incorrectly
free/clean up the skb. When the device would then send the skb's queued,
these structures would be referenced and may panic the system or allow
an attacker to escalate privileges in a use-after-free scenario. (bsc#966683)
- CVE-2016-0774: A pipe buffer state corruption after unsuccessful atomic
read from pipe was fixed (bsc#964732).
- CVE-2015-8709: kernel/ptrace.c in the Linux kernel mishandled uid and
gid mappings, which allowed local users to gain privileges by establishing
a user namespace, waiting for a root process to enter that namespace
with an unsafe uid or gid, and then using the ptrace system call. NOTE:
the vendor states 'there is no kernel bug here.' (bsc#960563)
Patchnames
SUSE-SLE-Live-Patching-12-2016-619
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for Linux Kernel Live Patch 9",
"title": "Title of the patch"
},
{
"category": "description",
"text": "\nThis update for the Linux Kernel 3.12.51-52.31.1 fixes the following issues:\n\n- CVE-2016-2384: A malicious USB device could cause a kernel crash in\n the alsa usb-audio driver. (bsc#967773)\n\n- CVE-2015-8812: A flaw was found in the CXGB3 kernel driver when\n the network was considered congested. The kernel would incorrectly\n misinterpret the congestion as an error condition and incorrectly\n free/clean up the skb. When the device would then send the skb\u0027s queued,\n these structures would be referenced and may panic the system or allow\n an attacker to escalate privileges in a use-after-free scenario. (bsc#966683)\n\n- CVE-2016-0774: A pipe buffer state corruption after unsuccessful atomic\n read from pipe was fixed (bsc#964732).\n\n- CVE-2015-8709: kernel/ptrace.c in the Linux kernel mishandled uid and\n gid mappings, which allowed local users to gain privileges by establishing\n a user namespace, waiting for a root process to enter that namespace\n with an unsafe uid or gid, and then using the ptrace system call. NOTE:\n the vendor states \u0027there is no kernel bug here.\u0027 (bsc#960563)\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-SLE-Live-Patching-12-2016-619",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2016_1039-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2016:1039-1",
"url": "https://www.suse.com/support/update/announcement/2016/suse-su-20161039-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2016:1039-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2016-April/002009.html"
},
{
"category": "self",
"summary": "SUSE Bug 960563",
"url": "https://bugzilla.suse.com/960563"
},
{
"category": "self",
"summary": "SUSE Bug 964732",
"url": "https://bugzilla.suse.com/964732"
},
{
"category": "self",
"summary": "SUSE Bug 966683",
"url": "https://bugzilla.suse.com/966683"
},
{
"category": "self",
"summary": "SUSE Bug 967773",
"url": "https://bugzilla.suse.com/967773"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-8709 page",
"url": "https://www.suse.com/security/cve/CVE-2015-8709/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-8812 page",
"url": "https://www.suse.com/security/cve/CVE-2015-8812/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-0774 page",
"url": "https://www.suse.com/security/cve/CVE-2016-0774/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-2384 page",
"url": "https://www.suse.com/security/cve/CVE-2016-2384/"
}
],
"title": "Security update for Linux Kernel Live Patch 9",
"tracking": {
"current_release_date": "2016-04-14T14:31:21Z",
"generator": {
"date": "2016-04-14T14:31:21Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2016:1039-1",
"initial_release_date": "2016-04-14T14:31:21Z",
"revision_history": [
{
"date": "2016-04-14T14:31:21Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "kgraft-patch-3_12_51-52_31-default-4-2.1.x86_64",
"product": {
"name": "kgraft-patch-3_12_51-52_31-default-4-2.1.x86_64",
"product_id": "kgraft-patch-3_12_51-52_31-default-4-2.1.x86_64"
}
},
{
"category": "product_version",
"name": "kgraft-patch-3_12_51-52_31-xen-4-2.1.x86_64",
"product": {
"name": "kgraft-patch-3_12_51-52_31-xen-4-2.1.x86_64",
"product_id": "kgraft-patch-3_12_51-52_31-xen-4-2.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Live Patching 12",
"product": {
"name": "SUSE Linux Enterprise Live Patching 12",
"product_id": "SUSE Linux Enterprise Live Patching 12",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-live-patching:12"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-3_12_51-52_31-default-4-2.1.x86_64 as component of SUSE Linux Enterprise Live Patching 12",
"product_id": "SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_51-52_31-default-4-2.1.x86_64"
},
"product_reference": "kgraft-patch-3_12_51-52_31-default-4-2.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-3_12_51-52_31-xen-4-2.1.x86_64 as component of SUSE Linux Enterprise Live Patching 12",
"product_id": "SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_51-52_31-xen-4-2.1.x86_64"
},
"product_reference": "kgraft-patch-3_12_51-52_31-xen-4-2.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 12"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2015-8709",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-8709"
}
],
"notes": [
{
"category": "general",
"text": "kernel/ptrace.c in the Linux kernel through 4.4.1 mishandles uid and gid mappings, which allows local users to gain privileges by establishing a user namespace, waiting for a root process to enter that namespace with an unsafe uid or gid, and then using the ptrace system call. NOTE: the vendor states \"there is no kernel bug here.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_51-52_31-default-4-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_51-52_31-xen-4-2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-8709",
"url": "https://www.suse.com/security/cve/CVE-2015-8709"
},
{
"category": "external",
"summary": "SUSE Bug 1010933 for CVE-2015-8709",
"url": "https://bugzilla.suse.com/1010933"
},
{
"category": "external",
"summary": "SUSE Bug 959709 for CVE-2015-8709",
"url": "https://bugzilla.suse.com/959709"
},
{
"category": "external",
"summary": "SUSE Bug 960561 for CVE-2015-8709",
"url": "https://bugzilla.suse.com/960561"
},
{
"category": "external",
"summary": "SUSE Bug 960563 for CVE-2015-8709",
"url": "https://bugzilla.suse.com/960563"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_51-52_31-default-4-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_51-52_31-xen-4-2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_51-52_31-default-4-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_51-52_31-xen-4-2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-04-14T14:31:21Z",
"details": "moderate"
}
],
"title": "CVE-2015-8709"
},
{
"cve": "CVE-2015-8812",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-8812"
}
],
"notes": [
{
"category": "general",
"text": "drivers/infiniband/hw/cxgb3/iwch_cm.c in the Linux kernel before 4.5 does not properly identify error conditions, which allows remote attackers to execute arbitrary code or cause a denial of service (use-after-free) via crafted packets.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_51-52_31-default-4-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_51-52_31-xen-4-2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-8812",
"url": "https://www.suse.com/security/cve/CVE-2015-8812"
},
{
"category": "external",
"summary": "SUSE Bug 1020452 for CVE-2015-8812",
"url": "https://bugzilla.suse.com/1020452"
},
{
"category": "external",
"summary": "SUSE Bug 1115893 for CVE-2015-8812",
"url": "https://bugzilla.suse.com/1115893"
},
{
"category": "external",
"summary": "SUSE Bug 966437 for CVE-2015-8812",
"url": "https://bugzilla.suse.com/966437"
},
{
"category": "external",
"summary": "SUSE Bug 966683 for CVE-2015-8812",
"url": "https://bugzilla.suse.com/966683"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_51-52_31-default-4-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_51-52_31-xen-4-2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_51-52_31-default-4-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_51-52_31-xen-4-2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-04-14T14:31:21Z",
"details": "moderate"
}
],
"title": "CVE-2015-8812"
},
{
"cve": "CVE-2016-0774",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-0774"
}
],
"notes": [
{
"category": "general",
"text": "The (1) pipe_read and (2) pipe_write implementations in fs/pipe.c in a certain Linux kernel backport in the linux package before 3.2.73-2+deb7u3 on Debian wheezy and the kernel package before 3.10.0-229.26.2 on Red Hat Enterprise Linux (RHEL) 7.1 do not properly consider the side effects of failed __copy_to_user_inatomic and __copy_from_user_inatomic calls, which allows local users to cause a denial of service (system crash) or possibly gain privileges via a crafted application, aka an \"I/O vector array overrun.\" NOTE: this vulnerability exists because of an incorrect fix for CVE-2015-1805.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_51-52_31-default-4-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_51-52_31-xen-4-2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-0774",
"url": "https://www.suse.com/security/cve/CVE-2016-0774"
},
{
"category": "external",
"summary": "SUSE Bug 917839 for CVE-2016-0774",
"url": "https://bugzilla.suse.com/917839"
},
{
"category": "external",
"summary": "SUSE Bug 964730 for CVE-2016-0774",
"url": "https://bugzilla.suse.com/964730"
},
{
"category": "external",
"summary": "SUSE Bug 964732 for CVE-2016-0774",
"url": "https://bugzilla.suse.com/964732"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_51-52_31-default-4-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_51-52_31-xen-4-2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_51-52_31-default-4-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_51-52_31-xen-4-2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-04-14T14:31:21Z",
"details": "moderate"
}
],
"title": "CVE-2016-0774"
},
{
"cve": "CVE-2016-2384",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-2384"
}
],
"notes": [
{
"category": "general",
"text": "Double free vulnerability in the snd_usbmidi_create function in sound/usb/midi.c in the Linux kernel before 4.5 allows physically proximate attackers to cause a denial of service (panic) or possibly have unspecified other impact via vectors involving an invalid USB descriptor.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_51-52_31-default-4-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_51-52_31-xen-4-2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-2384",
"url": "https://www.suse.com/security/cve/CVE-2016-2384"
},
{
"category": "external",
"summary": "SUSE Bug 1020452 for CVE-2016-2384",
"url": "https://bugzilla.suse.com/1020452"
},
{
"category": "external",
"summary": "SUSE Bug 966693 for CVE-2016-2384",
"url": "https://bugzilla.suse.com/966693"
},
{
"category": "external",
"summary": "SUSE Bug 967773 for CVE-2016-2384",
"url": "https://bugzilla.suse.com/967773"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_51-52_31-default-4-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_51-52_31-xen-4-2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_51-52_31-default-4-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_51-52_31-xen-4-2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-04-14T14:31:21Z",
"details": "low"
}
],
"title": "CVE-2016-2384"
}
]
}
suse-su-2016:1033-1
Vulnerability from csaf_suse
Published
2016-04-14 11:44
Modified
2016-04-14 11:44
Summary
Security update for Linux Kernel Live Patch 3 for SP 1
Notes
Title of the patch
Security update for Linux Kernel Live Patch 3 for SP 1
Description of the patch
This update for the Linux Kernel 3.12.53-60.30.1 fixes the following issues:
- CVE-2016-2384: A malicious USB device could cause a kernel crash in
the alsa usb-audio driver. (bsc#967773)
- CVE-2015-8812: A flaw was found in the CXGB3 kernel driver when
the network was considered congested. The kernel would incorrectly
misinterpret the congestion as an error condition and incorrectly
free/clean up the skb. When the device would then send the skb's queued,
these structures would be referenced and may panic the system or allow
an attacker to escalate privileges in a use-after-free scenario. (bsc#966683)
- CVE-2016-0774: A pipe buffer state corruption after unsuccessful atomic
read from pipe was fixed (bsc#964732).
- CVE-2015-8709: kernel/ptrace.c in the Linux kernel mishandled uid and
gid mappings, which allowed local users to gain privileges by establishing
a user namespace, waiting for a root process to enter that namespace
with an unsafe uid or gid, and then using the ptrace system call. NOTE:
the vendor states 'there is no kernel bug here.' (bsc#960563)
Patchnames
SUSE-SLE-Live-Patching-12-2016-613
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for Linux Kernel Live Patch 3 for SP 1",
"title": "Title of the patch"
},
{
"category": "description",
"text": "\nThis update for the Linux Kernel 3.12.53-60.30.1 fixes the following issues:\n\n- CVE-2016-2384: A malicious USB device could cause a kernel crash in\n the alsa usb-audio driver. (bsc#967773)\n\n- CVE-2015-8812: A flaw was found in the CXGB3 kernel driver when\n the network was considered congested. The kernel would incorrectly\n misinterpret the congestion as an error condition and incorrectly\n free/clean up the skb. When the device would then send the skb\u0027s queued,\n these structures would be referenced and may panic the system or allow\n an attacker to escalate privileges in a use-after-free scenario. (bsc#966683)\n\n- CVE-2016-0774: A pipe buffer state corruption after unsuccessful atomic\n read from pipe was fixed (bsc#964732).\n\n- CVE-2015-8709: kernel/ptrace.c in the Linux kernel mishandled uid and\n gid mappings, which allowed local users to gain privileges by establishing\n a user namespace, waiting for a root process to enter that namespace\n with an unsafe uid or gid, and then using the ptrace system call. NOTE:\n the vendor states \u0027there is no kernel bug here.\u0027 (bsc#960563)\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-SLE-Live-Patching-12-2016-613",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2016_1033-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2016:1033-1",
"url": "https://www.suse.com/support/update/announcement/2016/suse-su-20161033-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2016:1033-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2016-April/002004.html"
},
{
"category": "self",
"summary": "SUSE Bug 960563",
"url": "https://bugzilla.suse.com/960563"
},
{
"category": "self",
"summary": "SUSE Bug 964732",
"url": "https://bugzilla.suse.com/964732"
},
{
"category": "self",
"summary": "SUSE Bug 966683",
"url": "https://bugzilla.suse.com/966683"
},
{
"category": "self",
"summary": "SUSE Bug 967773",
"url": "https://bugzilla.suse.com/967773"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-8709 page",
"url": "https://www.suse.com/security/cve/CVE-2015-8709/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-8812 page",
"url": "https://www.suse.com/security/cve/CVE-2015-8812/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-0774 page",
"url": "https://www.suse.com/security/cve/CVE-2016-0774/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-2384 page",
"url": "https://www.suse.com/security/cve/CVE-2016-2384/"
}
],
"title": "Security update for Linux Kernel Live Patch 3 for SP 1",
"tracking": {
"current_release_date": "2016-04-14T11:44:55Z",
"generator": {
"date": "2016-04-14T11:44:55Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2016:1033-1",
"initial_release_date": "2016-04-14T11:44:55Z",
"revision_history": [
{
"date": "2016-04-14T11:44:55Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "kgraft-patch-3_12_53-60_30-default-2-2.1.x86_64",
"product": {
"name": "kgraft-patch-3_12_53-60_30-default-2-2.1.x86_64",
"product_id": "kgraft-patch-3_12_53-60_30-default-2-2.1.x86_64"
}
},
{
"category": "product_version",
"name": "kgraft-patch-3_12_53-60_30-xen-2-2.1.x86_64",
"product": {
"name": "kgraft-patch-3_12_53-60_30-xen-2-2.1.x86_64",
"product_id": "kgraft-patch-3_12_53-60_30-xen-2-2.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Live Patching 12",
"product": {
"name": "SUSE Linux Enterprise Live Patching 12",
"product_id": "SUSE Linux Enterprise Live Patching 12",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-live-patching:12"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-3_12_53-60_30-default-2-2.1.x86_64 as component of SUSE Linux Enterprise Live Patching 12",
"product_id": "SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_53-60_30-default-2-2.1.x86_64"
},
"product_reference": "kgraft-patch-3_12_53-60_30-default-2-2.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-3_12_53-60_30-xen-2-2.1.x86_64 as component of SUSE Linux Enterprise Live Patching 12",
"product_id": "SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_53-60_30-xen-2-2.1.x86_64"
},
"product_reference": "kgraft-patch-3_12_53-60_30-xen-2-2.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 12"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2015-8709",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-8709"
}
],
"notes": [
{
"category": "general",
"text": "kernel/ptrace.c in the Linux kernel through 4.4.1 mishandles uid and gid mappings, which allows local users to gain privileges by establishing a user namespace, waiting for a root process to enter that namespace with an unsafe uid or gid, and then using the ptrace system call. NOTE: the vendor states \"there is no kernel bug here.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_53-60_30-default-2-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_53-60_30-xen-2-2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-8709",
"url": "https://www.suse.com/security/cve/CVE-2015-8709"
},
{
"category": "external",
"summary": "SUSE Bug 1010933 for CVE-2015-8709",
"url": "https://bugzilla.suse.com/1010933"
},
{
"category": "external",
"summary": "SUSE Bug 959709 for CVE-2015-8709",
"url": "https://bugzilla.suse.com/959709"
},
{
"category": "external",
"summary": "SUSE Bug 960561 for CVE-2015-8709",
"url": "https://bugzilla.suse.com/960561"
},
{
"category": "external",
"summary": "SUSE Bug 960563 for CVE-2015-8709",
"url": "https://bugzilla.suse.com/960563"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_53-60_30-default-2-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_53-60_30-xen-2-2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_53-60_30-default-2-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_53-60_30-xen-2-2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-04-14T11:44:55Z",
"details": "moderate"
}
],
"title": "CVE-2015-8709"
},
{
"cve": "CVE-2015-8812",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-8812"
}
],
"notes": [
{
"category": "general",
"text": "drivers/infiniband/hw/cxgb3/iwch_cm.c in the Linux kernel before 4.5 does not properly identify error conditions, which allows remote attackers to execute arbitrary code or cause a denial of service (use-after-free) via crafted packets.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_53-60_30-default-2-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_53-60_30-xen-2-2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-8812",
"url": "https://www.suse.com/security/cve/CVE-2015-8812"
},
{
"category": "external",
"summary": "SUSE Bug 1020452 for CVE-2015-8812",
"url": "https://bugzilla.suse.com/1020452"
},
{
"category": "external",
"summary": "SUSE Bug 1115893 for CVE-2015-8812",
"url": "https://bugzilla.suse.com/1115893"
},
{
"category": "external",
"summary": "SUSE Bug 966437 for CVE-2015-8812",
"url": "https://bugzilla.suse.com/966437"
},
{
"category": "external",
"summary": "SUSE Bug 966683 for CVE-2015-8812",
"url": "https://bugzilla.suse.com/966683"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_53-60_30-default-2-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_53-60_30-xen-2-2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_53-60_30-default-2-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_53-60_30-xen-2-2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-04-14T11:44:55Z",
"details": "moderate"
}
],
"title": "CVE-2015-8812"
},
{
"cve": "CVE-2016-0774",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-0774"
}
],
"notes": [
{
"category": "general",
"text": "The (1) pipe_read and (2) pipe_write implementations in fs/pipe.c in a certain Linux kernel backport in the linux package before 3.2.73-2+deb7u3 on Debian wheezy and the kernel package before 3.10.0-229.26.2 on Red Hat Enterprise Linux (RHEL) 7.1 do not properly consider the side effects of failed __copy_to_user_inatomic and __copy_from_user_inatomic calls, which allows local users to cause a denial of service (system crash) or possibly gain privileges via a crafted application, aka an \"I/O vector array overrun.\" NOTE: this vulnerability exists because of an incorrect fix for CVE-2015-1805.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_53-60_30-default-2-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_53-60_30-xen-2-2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-0774",
"url": "https://www.suse.com/security/cve/CVE-2016-0774"
},
{
"category": "external",
"summary": "SUSE Bug 917839 for CVE-2016-0774",
"url": "https://bugzilla.suse.com/917839"
},
{
"category": "external",
"summary": "SUSE Bug 964730 for CVE-2016-0774",
"url": "https://bugzilla.suse.com/964730"
},
{
"category": "external",
"summary": "SUSE Bug 964732 for CVE-2016-0774",
"url": "https://bugzilla.suse.com/964732"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_53-60_30-default-2-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_53-60_30-xen-2-2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_53-60_30-default-2-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_53-60_30-xen-2-2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-04-14T11:44:55Z",
"details": "moderate"
}
],
"title": "CVE-2016-0774"
},
{
"cve": "CVE-2016-2384",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-2384"
}
],
"notes": [
{
"category": "general",
"text": "Double free vulnerability in the snd_usbmidi_create function in sound/usb/midi.c in the Linux kernel before 4.5 allows physically proximate attackers to cause a denial of service (panic) or possibly have unspecified other impact via vectors involving an invalid USB descriptor.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_53-60_30-default-2-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_53-60_30-xen-2-2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-2384",
"url": "https://www.suse.com/security/cve/CVE-2016-2384"
},
{
"category": "external",
"summary": "SUSE Bug 1020452 for CVE-2016-2384",
"url": "https://bugzilla.suse.com/1020452"
},
{
"category": "external",
"summary": "SUSE Bug 966693 for CVE-2016-2384",
"url": "https://bugzilla.suse.com/966693"
},
{
"category": "external",
"summary": "SUSE Bug 967773 for CVE-2016-2384",
"url": "https://bugzilla.suse.com/967773"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_53-60_30-default-2-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_53-60_30-xen-2-2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_53-60_30-default-2-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_53-60_30-xen-2-2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-04-14T11:44:55Z",
"details": "low"
}
],
"title": "CVE-2016-2384"
}
]
}
suse-su-2016:1035-1
Vulnerability from csaf_suse
Published
2016-04-14 11:44
Modified
2016-04-14 11:44
Summary
Security update for Linux Kernel Live Patch 2 for SP 1
Notes
Title of the patch
Security update for Linux Kernel Live Patch 2 for SP 1
Description of the patch
This update for the Linux Kernel 3.12.51-60.25.1 fixes the following issues:
- CVE-2016-2384: A malicious USB device could cause a kernel crash in
the alsa usb-audio driver. (bsc#967773)
- CVE-2015-8812: A flaw was found in the CXGB3 kernel driver when
the network was considered congested. The kernel would incorrectly
misinterpret the congestion as an error condition and incorrectly
free/clean up the skb. When the device would then send the skb's queued,
these structures would be referenced and may panic the system or allow
an attacker to escalate privileges in a use-after-free scenario. (bsc#966683)
- CVE-2016-0774: A pipe buffer state corruption after unsuccessful atomic
read from pipe was fixed (bsc#964732).
- CVE-2015-8709: kernel/ptrace.c in the Linux kernel mishandled uid and
gid mappings, which allowed local users to gain privileges by establishing
a user namespace, waiting for a root process to enter that namespace
with an unsafe uid or gid, and then using the ptrace system call. NOTE:
the vendor states 'there is no kernel bug here.' (bsc#960563)
Patchnames
SUSE-SLE-Live-Patching-12-2016-612
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for Linux Kernel Live Patch 2 for SP 1",
"title": "Title of the patch"
},
{
"category": "description",
"text": "\nThis update for the Linux Kernel 3.12.51-60.25.1 fixes the following issues:\n\n- CVE-2016-2384: A malicious USB device could cause a kernel crash in\n the alsa usb-audio driver. (bsc#967773)\n\n- CVE-2015-8812: A flaw was found in the CXGB3 kernel driver when\n the network was considered congested. The kernel would incorrectly\n misinterpret the congestion as an error condition and incorrectly\n free/clean up the skb. When the device would then send the skb\u0027s queued,\n these structures would be referenced and may panic the system or allow\n an attacker to escalate privileges in a use-after-free scenario. (bsc#966683)\n\n- CVE-2016-0774: A pipe buffer state corruption after unsuccessful atomic\n read from pipe was fixed (bsc#964732).\n\n- CVE-2015-8709: kernel/ptrace.c in the Linux kernel mishandled uid and\n gid mappings, which allowed local users to gain privileges by establishing\n a user namespace, waiting for a root process to enter that namespace\n with an unsafe uid or gid, and then using the ptrace system call. NOTE:\n the vendor states \u0027there is no kernel bug here.\u0027 (bsc#960563)\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-SLE-Live-Patching-12-2016-612",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2016_1035-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2016:1035-1",
"url": "https://www.suse.com/support/update/announcement/2016/suse-su-20161035-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2016:1035-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2016-April/002006.html"
},
{
"category": "self",
"summary": "SUSE Bug 960563",
"url": "https://bugzilla.suse.com/960563"
},
{
"category": "self",
"summary": "SUSE Bug 964732",
"url": "https://bugzilla.suse.com/964732"
},
{
"category": "self",
"summary": "SUSE Bug 966683",
"url": "https://bugzilla.suse.com/966683"
},
{
"category": "self",
"summary": "SUSE Bug 967773",
"url": "https://bugzilla.suse.com/967773"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-8709 page",
"url": "https://www.suse.com/security/cve/CVE-2015-8709/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-8812 page",
"url": "https://www.suse.com/security/cve/CVE-2015-8812/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-0774 page",
"url": "https://www.suse.com/security/cve/CVE-2016-0774/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-2384 page",
"url": "https://www.suse.com/security/cve/CVE-2016-2384/"
}
],
"title": "Security update for Linux Kernel Live Patch 2 for SP 1",
"tracking": {
"current_release_date": "2016-04-14T11:44:46Z",
"generator": {
"date": "2016-04-14T11:44:46Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2016:1035-1",
"initial_release_date": "2016-04-14T11:44:46Z",
"revision_history": [
{
"date": "2016-04-14T11:44:46Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "kgraft-patch-3_12_51-60_25-default-3-2.1.x86_64",
"product": {
"name": "kgraft-patch-3_12_51-60_25-default-3-2.1.x86_64",
"product_id": "kgraft-patch-3_12_51-60_25-default-3-2.1.x86_64"
}
},
{
"category": "product_version",
"name": "kgraft-patch-3_12_51-60_25-xen-3-2.1.x86_64",
"product": {
"name": "kgraft-patch-3_12_51-60_25-xen-3-2.1.x86_64",
"product_id": "kgraft-patch-3_12_51-60_25-xen-3-2.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Live Patching 12",
"product": {
"name": "SUSE Linux Enterprise Live Patching 12",
"product_id": "SUSE Linux Enterprise Live Patching 12",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-live-patching:12"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-3_12_51-60_25-default-3-2.1.x86_64 as component of SUSE Linux Enterprise Live Patching 12",
"product_id": "SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_51-60_25-default-3-2.1.x86_64"
},
"product_reference": "kgraft-patch-3_12_51-60_25-default-3-2.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-3_12_51-60_25-xen-3-2.1.x86_64 as component of SUSE Linux Enterprise Live Patching 12",
"product_id": "SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_51-60_25-xen-3-2.1.x86_64"
},
"product_reference": "kgraft-patch-3_12_51-60_25-xen-3-2.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 12"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2015-8709",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-8709"
}
],
"notes": [
{
"category": "general",
"text": "kernel/ptrace.c in the Linux kernel through 4.4.1 mishandles uid and gid mappings, which allows local users to gain privileges by establishing a user namespace, waiting for a root process to enter that namespace with an unsafe uid or gid, and then using the ptrace system call. NOTE: the vendor states \"there is no kernel bug here.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_51-60_25-default-3-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_51-60_25-xen-3-2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-8709",
"url": "https://www.suse.com/security/cve/CVE-2015-8709"
},
{
"category": "external",
"summary": "SUSE Bug 1010933 for CVE-2015-8709",
"url": "https://bugzilla.suse.com/1010933"
},
{
"category": "external",
"summary": "SUSE Bug 959709 for CVE-2015-8709",
"url": "https://bugzilla.suse.com/959709"
},
{
"category": "external",
"summary": "SUSE Bug 960561 for CVE-2015-8709",
"url": "https://bugzilla.suse.com/960561"
},
{
"category": "external",
"summary": "SUSE Bug 960563 for CVE-2015-8709",
"url": "https://bugzilla.suse.com/960563"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_51-60_25-default-3-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_51-60_25-xen-3-2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_51-60_25-default-3-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_51-60_25-xen-3-2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-04-14T11:44:46Z",
"details": "moderate"
}
],
"title": "CVE-2015-8709"
},
{
"cve": "CVE-2015-8812",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-8812"
}
],
"notes": [
{
"category": "general",
"text": "drivers/infiniband/hw/cxgb3/iwch_cm.c in the Linux kernel before 4.5 does not properly identify error conditions, which allows remote attackers to execute arbitrary code or cause a denial of service (use-after-free) via crafted packets.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_51-60_25-default-3-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_51-60_25-xen-3-2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-8812",
"url": "https://www.suse.com/security/cve/CVE-2015-8812"
},
{
"category": "external",
"summary": "SUSE Bug 1020452 for CVE-2015-8812",
"url": "https://bugzilla.suse.com/1020452"
},
{
"category": "external",
"summary": "SUSE Bug 1115893 for CVE-2015-8812",
"url": "https://bugzilla.suse.com/1115893"
},
{
"category": "external",
"summary": "SUSE Bug 966437 for CVE-2015-8812",
"url": "https://bugzilla.suse.com/966437"
},
{
"category": "external",
"summary": "SUSE Bug 966683 for CVE-2015-8812",
"url": "https://bugzilla.suse.com/966683"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_51-60_25-default-3-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_51-60_25-xen-3-2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_51-60_25-default-3-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_51-60_25-xen-3-2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-04-14T11:44:46Z",
"details": "moderate"
}
],
"title": "CVE-2015-8812"
},
{
"cve": "CVE-2016-0774",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-0774"
}
],
"notes": [
{
"category": "general",
"text": "The (1) pipe_read and (2) pipe_write implementations in fs/pipe.c in a certain Linux kernel backport in the linux package before 3.2.73-2+deb7u3 on Debian wheezy and the kernel package before 3.10.0-229.26.2 on Red Hat Enterprise Linux (RHEL) 7.1 do not properly consider the side effects of failed __copy_to_user_inatomic and __copy_from_user_inatomic calls, which allows local users to cause a denial of service (system crash) or possibly gain privileges via a crafted application, aka an \"I/O vector array overrun.\" NOTE: this vulnerability exists because of an incorrect fix for CVE-2015-1805.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_51-60_25-default-3-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_51-60_25-xen-3-2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-0774",
"url": "https://www.suse.com/security/cve/CVE-2016-0774"
},
{
"category": "external",
"summary": "SUSE Bug 917839 for CVE-2016-0774",
"url": "https://bugzilla.suse.com/917839"
},
{
"category": "external",
"summary": "SUSE Bug 964730 for CVE-2016-0774",
"url": "https://bugzilla.suse.com/964730"
},
{
"category": "external",
"summary": "SUSE Bug 964732 for CVE-2016-0774",
"url": "https://bugzilla.suse.com/964732"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_51-60_25-default-3-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_51-60_25-xen-3-2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_51-60_25-default-3-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_51-60_25-xen-3-2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-04-14T11:44:46Z",
"details": "moderate"
}
],
"title": "CVE-2016-0774"
},
{
"cve": "CVE-2016-2384",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-2384"
}
],
"notes": [
{
"category": "general",
"text": "Double free vulnerability in the snd_usbmidi_create function in sound/usb/midi.c in the Linux kernel before 4.5 allows physically proximate attackers to cause a denial of service (panic) or possibly have unspecified other impact via vectors involving an invalid USB descriptor.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_51-60_25-default-3-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_51-60_25-xen-3-2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-2384",
"url": "https://www.suse.com/security/cve/CVE-2016-2384"
},
{
"category": "external",
"summary": "SUSE Bug 1020452 for CVE-2016-2384",
"url": "https://bugzilla.suse.com/1020452"
},
{
"category": "external",
"summary": "SUSE Bug 966693 for CVE-2016-2384",
"url": "https://bugzilla.suse.com/966693"
},
{
"category": "external",
"summary": "SUSE Bug 967773 for CVE-2016-2384",
"url": "https://bugzilla.suse.com/967773"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_51-60_25-default-3-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_51-60_25-xen-3-2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_51-60_25-default-3-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_51-60_25-xen-3-2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-04-14T11:44:46Z",
"details": "low"
}
],
"title": "CVE-2016-2384"
}
]
}
suse-su-2016:1019-1
Vulnerability from csaf_suse
Published
2016-04-12 15:48
Modified
2016-04-12 15:48
Summary
Security update for the Linux Kernel
Notes
Title of the patch
Security update for the Linux Kernel
Description of the patch
The SUSE Linux Enterprise 12 SP1 kernel was updated to 3.12.57 to receive various security and bugfixes.
The following security bugs were fixed:
- CVE-2015-8812: A flaw was found in the CXGB3 kernel driver when
the network was considered congested. The kernel would incorrectly
misinterpret the congestion as an error condition and incorrectly
free/clean up the skb. When the device would then send the skb's queued,
these structures would be referenced and may panic the system or allow
an attacker to escalate privileges in a use-after-free scenario. (bsc#966437)
- CVE-2015-8816: A malicious USB device could cause a kernel crash in the USB hub driver. (bnc#968010).
- CVE-2016-2143: On zSeries a fork of a large process could have caused memory corruption due to incorrect page table handling. (bnc#970504)
- CVE-2016-2184: A malicious USB device could cause a kernel crash in the alsa usb-audio driver. (bsc#971125).
- CVE-2016-2384: A malicious USB device could cause a kernel crash in the alsa usb-audio driver. (bsc#966693)
- CVE-2016-2782: A malicious USB device could cause a kernel crash in the usb visor driver. (bnc#968670).
- CVE-2016-3139: A malicious USB device could cause a kernel crash in the wacom driver. (bnc#970909).
- CVE-2016-3156: Removal of ipv4 interfaces with a large number of IP addresses was taking very long. (bsc#971360).
- CVE-2015-8709: kernel/ptrace.c in the Linux kernel mishandled uid and
gid mappings, which allowed local users to gain privileges by establishing
a user namespace, waiting for a root process to enter that namespace
with an unsafe uid or gid, and then using the ptrace system call. NOTE:
the vendor states 'there is no kernel bug here (bnc#960561).
The following non-security bugs were fixed:
- aacraid: Refresh patches.drivers/0005-aacraid-MSI-x-support.patch. (boo#970249)
- acpi: processor: Introduce apic_id in struct processor to save parsed APIC id (bsc#959463).
- alsa: rawmidi: Make snd_rawmidi_transmit() race-free (bsc#968018).
- alsa: seq: Fix leak of pool buffer at concurrent writes (bsc#968018).
- btrfs: Account data space in more proper timing: (bsc#963193).
- btrfs: Add handler for invalidate page (bsc#963193).
- btrfs: check prepare_uptodate_page() error code earlier (bnc#966910).
- btrfs: delayed_ref: Add new function to record reserved space into delayed ref (bsc#963193).
- btrfs: delayed_ref: release and free qgroup reserved at proper timing (bsc#963193).
- btrfs: extent_io: Introduce needed structure for recoding set/clear bits (bsc#963193).
- btrfs: extent_io: Introduce new function clear_record_extent_bits() (bsc#963193).
- btrfs: extent_io: Introduce new function set_record_extent_bits (bsc#963193).
- btrfs: extent-tree: Add new version of btrfs_check_data_free_space and btrfs_free_reserved_data_space (bsc#963193).
- btrfs: extent-tree: Add new version of btrfs_delalloc_reserve/release_space (bsc#963193).
- btrfs: extent-tree: Switch to new check_data_free_space and free_reserved_data_space (bsc#963193).
- btrfs: extent-tree: Switch to new delalloc space reserve and release (bsc#963193).
- btrfs: fallocate: Added a prerequisite patch and rebased the chunks that had previously been taken from it. Fixes a warning we had in fs/btrfs/file.c.
- btrfs: fallocate: Add support to accurate qgroup reserve (bsc#963193).
- btrfs: fix invalid page accesses in extent_same (dedup) ioctl (bnc#968230).
- btrfs: fix page reading in extent_same ioctl leading to csum errors (bnc#968230).
- btrfs: fix warning in backref walking (bnc#966278).
- btrfs: qgroup: Add handler for NOCOW and inline (bsc#963193).
- btrfs: qgroup: Add new trace point for qgroup data reserve (bsc#963193).
- btrfs: qgroup: Avoid calling btrfs_free_reserved_data_space in clear_bit_hook (bsc#963193).
- btrfs: qgroup: Check if qgroup reserved space leaked (bsc#963193).
- btrfs: qgroup: Cleanup old inaccurate facilities (bsc#963193).
- btrfs: qgroup: Fix a race in delayed_ref which leads to abort trans (bsc#963193).
- btrfs: qgroup: Fix a rebase bug which will cause qgroup double free (bsc#963193).
- btrfs: qgroup: Fix dead judgement on qgroup_rescan_leaf() return value (bsc#969439).
- btrfs: qgroup: Introduce btrfs_qgroup_reserve_data function (bsc#963193).
- btrfs: qgroup: Introduce functions to release/free qgroup reserve data space (bsc#963193).
- btrfs: qgroup: Introduce new functions to reserve/free metadata (bsc#963193).
- btrfs: qgroup: Use new metadata reservation (bsc#963193).
- dcache: use IS_ROOT to decide where dentry is hashed (bsc#949752).
- dmapi: fix dm_open_by_handle_rvp taking an extra ref to mnt (bsc#967292).
- drivers/base/memory.c: fix kernel warning during memory hotplug on ppc64 (bsc#963827).
- drivers: hv: Allow for MMIO claims that span ACPI _CRS records (bnc#965924).
- drivers: hv: Define the channel type for Hyper-V PCI Express pass-through (bnc#965924).
- drivers: hv: Export a function that maps Linux CPU num onto Hyper-V proc num (bnc#965924).
- drivers: hv: Export the API to invoke a hypercall on Hyper-V (bnc#965924).
- drivers: hv: kvp: fix IP Failover.
- drivers: pci:hv: New paravirtual PCI front-end for Hyper-V VMs (bnc#965924).
- drivers: xen-blkfront: only talk_to_blkback() when in XenbusStateInitialising (bsc#957986 fate#320625).
- drivers: xen-blkfront: move talk_to_blkback to a more suitable place (bsc#957986 fate#320625).
- e1000e: Avoid divide by zero error (bsc#968643).
- e1000e: fix division by zero on jumbo MTUs (bsc#968643).
- e1000e: Fix tight loop implementation of systime read algorithm (bsc#968643).
- efi: Ignore efivar_validate kabi failures -- it's an EFI internal function.
- fix: print ext4 mountopt data_err=abort correctly (bsc#969735).
- Fix problem with setting ACL on directories (bsc#867251).
- fs/proc_namespace.c: simplify testing nsp and nsp->mnt_ns (bug#963960).
- futex: Drop refcount if requeue_pi() acquired the rtmutex (bug#960174).
- hv: Lock access to hyperv_mmio resource tree (bnc#965924).
- hv: Make a function to free mmio regions through vmbus (bnc#965924).
- hv: Reverse order of resources in hyperv_mmio (bnc#965924).
- hv: Track allocations of children of hv_vmbus in private resource tree (bnc#965924).
- hv: Use new vmbus_mmio_free() from client drivers (bnc#965924).
- hwmon: (coretemp) Increase maximum core to 128 (bsc#970160)
- ibmvnic: Fix ibmvnic_capability struct (fate#320253).
- intel_pstate: Use del_timer_sync in intel_pstate_cpu_stop (bsc#967650).
- ipv6: mld: fix add_grhead skb_over_panic for devs with large MTUs (bsc#956852).
- kabi: Preserve checksum of kvm_x86_ops (bsc#969112).
- kabi: protect struct acpi_processor signature (bsc#959463).
- kgr: fix reversion of a patch already reverted by a replace_all patch (fate#313296).
- kvm: SVM: add rdmsr support for AMD event registers (bsc#968448).
- kvm: x86: Check dest_map->vector to match eoi signals for rtc (bsc#966471).
- kvm: x86: Convert ioapic->rtc_status.dest_map to a struct (bsc#966471).
- kvm: x86: store IOAPIC-handled vectors in each VCPU (bsc#966471).
- kvm: x86: Track irq vectors in ioapic->rtc_status.dest_map (bsc#966471).
- libata: Revert 'libata: Align ata_device's id on a cacheline'.
- libceph: fix scatterlist last_piece calculation (bsc#963746).
- lpfc: Fix kmalloc overflow in LPFC driver at large core count (bsc#969690).
- memcg: do not hang on OOM when killed by userspace OOM access to memory reserves (bnc#969571).
- mld, igmp: Fix reserved tailroom calculation (bsc#956852).
- namespaces: Re-introduce task_nsproxy() helper (bug#963960).
- namespaces: Use task_lock and not rcu to protect nsproxy (bug#963960).
- net: core: Correct an over-stringent device loop detection (bsc#945219).
- net: irda: Fix use-after-free in irtty_open() (bnc#967903).
- net: Revert 'net/ipv6: add sysctl option accept_ra_min_hop_limit'.
- nfs4: treat lock owners as opaque values (bnc#968141).
- nfs: Background flush should not be low priority (bsc#955308).
- nfsd: fix nfsd_setattr return code for HSM (bsc#969992).
- nfs: do not use STABLE writes during writeback (bnc#816099).
- nfs: Fix handling of re-write-before-commit for mmapped NFS pages (bsc#964201).
- nvme: default to 4k device page size (bsc#967047).
- nvme: special case AEN requests (bsc#965087).
- pci: Add global pci_lock_rescan_remove() (bnc#965924).
- pci: allow access to VPD attributes with size 0 (bsc#959146).
- pciback: Check PF instead of VF for PCI_COMMAND_MEMORY.
- pciback: Save the number of MSI-X entries to be copied later.
- pci: Blacklist vpd access for buggy devices (bsc#959146).
- pci: Determine actual VPD size on first access (bsc#959146).
- pci: Export symbols required for loadable host driver modules (bnc#965924).
- pci: pciehp: Disable link notification across slot reset (bsc#967651).
- pci: pciehp: Do not check adapter or latch status while disabling (bsc#967651).
- pci: pciehp: Do not disable the link permanently during removal (bsc#967651).
- pci: pciehp: Ensure very fast hotplug events are also processed (bsc#967651).
- pci: Update VPD definitions (bsc#959146).
- perf, nmi: Fix unknown NMI warning (bsc#968512).
- proc: Fix ptrace-based permission checks for accessing task maps.
- pv6: Revert 'ipv6: tcp: add rcu locking in tcp_v6_send_synack()' (bnc#961257).
- qla2xxx: Remove unavailable firmware files (bsc#943645).
- rbd: do not log miscompare as an error (bsc#970062).
- resources: Set type in __request_region() (bnc#965924).
- rpm/kernel-binary.spec.in: Sync the main and -base package dependencies (bsc#965830#c51).
- rpm/kernel-module-subpackage: Fix obsoleting dropped flavors (bsc#968253)
- scsi_dh_alua: Do not block request queue if workqueue is active (bsc#960458).
- scsi: fix soft lockup in scsi_remove_target() on module removal (bsc#965199).
- scsi: proper state checking and module refcount handling in scsi_device_get (boo#966831).
- series.conf: add section comments
- supported.conf: Add e1000e (emulated by VMware) to -base (bsc#968074)
- supported.conf: Add Hyper-V modules to -base (bsc#965830)
- supported.conf: Add isofs to -base (bsc#969655).
- supported.conf: Add more qemu device driver (bsc#968234)
- supported.conf: Add mptspi and mptsas to -base (bsc#968206)
- supported.conf: Add the qemu scsi driver (sym53c8xx) to -base (bsc#967802)
- supported.conf: Add tulip to -base for Hyper-V (bsc#968234)
- supported.conf: Add virtio-rng (bsc#966026)
- supported.conf: Add xen-blkfront.
- supported.conf: Add xfs to -base (bsc#965891)
- supported.conf: Fix usb-common path usb-common moved to its own subdirectory in kernel v3.16, and we backported that change to SLE12.
- tcp: Restore RFC5961-compliant behavior for SYN packets (bsc#966864).
- usb: Quiet down false peer failure messages (bnc#960629).
- x86: export x86_msi (bnc#965924).
- xen: Add /etc/modprobe.d/50-xen.conf selecting Xen frontend driver implementation (bsc#957986, bsc#956084, bsc#961658).
- xen-blkfront: allow building in our Xen environment (bsc#957986 fate#320625).
- xen, blkfront: factor out flush-related checks from do_blkif_request() (bsc#957986 fate#320625).
- xen-blkfront: fix accounting of reqs when migrating (bsc#957986 fate#320625).
- xen/blkfront: Fix crash if backend does not follow the right states (bsc#957986 fate#320625).
- xen-blkfront: improve aproximation of required grants per request (bsc#957986 fate#320625).
- xen/blkfront: improve protection against issuing unsupported REQ_FUA (bsc#957986 fate#320625).
- xen/blkfront: remove redundant flush_op (bsc#957986 fate#320625).
- xen-blkfront: remove type check from blkfront_setup_discard (bsc#957986 fate#320625).
- xen-blkfront: Silence pfn maybe-uninitialized warning (bsc#957986 fate#320625).
- xen: block: xen-blkfront: Fix possible NULL ptr dereference (bsc#957986 fate#320625).
- xen: Refresh patches.xen/xen3-patch-2.6.33 (detect NX support early).
- xen: Refresh patches.xen/xen-vscsi-large-requests (gsc#966094).
- xen: Update Xen config files (enable upstream block frontend).
- xen: Update Xen patches to 3.12.55.
- xen-vscsi-large-requests: Fix resource collision for racing request maps and unmaps (bsc#966094).
- xfs/dmapi: drop lock over synchronous XFS_SEND_DATA events (bsc#969993).
- xfs/dmapi: propertly send postcreate event (bsc#967299).
Patchnames
SUSE-SLE-DESKTOP-12-SP1-2016-600,SUSE-SLE-Live-Patching-12-2016-600,SUSE-SLE-Module-Public-Cloud-12-2016-600,SUSE-SLE-SDK-12-SP1-2016-600,SUSE-SLE-SERVER-12-SP1-2016-600,SUSE-SLE-WE-12-SP1-2016-600
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for the Linux Kernel",
"title": "Title of the patch"
},
{
"category": "description",
"text": "\nThe SUSE Linux Enterprise 12 SP1 kernel was updated to 3.12.57 to receive various security and bugfixes.\n\nThe following security bugs were fixed:\n\n- CVE-2015-8812: A flaw was found in the CXGB3 kernel driver when\n the network was considered congested. The kernel would incorrectly\n misinterpret the congestion as an error condition and incorrectly\n free/clean up the skb. When the device would then send the skb\u0027s queued,\n these structures would be referenced and may panic the system or allow\n an attacker to escalate privileges in a use-after-free scenario. (bsc#966437)\n- CVE-2015-8816: A malicious USB device could cause a kernel crash in the USB hub driver. (bnc#968010).\n- CVE-2016-2143: On zSeries a fork of a large process could have caused memory corruption due to incorrect page table handling. (bnc#970504)\n- CVE-2016-2184: A malicious USB device could cause a kernel crash in the alsa usb-audio driver. (bsc#971125).\n- CVE-2016-2384: A malicious USB device could cause a kernel crash in the alsa usb-audio driver. (bsc#966693)\n- CVE-2016-2782: A malicious USB device could cause a kernel crash in the usb visor driver. (bnc#968670).\n- CVE-2016-3139: A malicious USB device could cause a kernel crash in the wacom driver. (bnc#970909).\n- CVE-2016-3156: Removal of ipv4 interfaces with a large number of IP addresses was taking very long. (bsc#971360).\n- CVE-2015-8709: kernel/ptrace.c in the Linux kernel mishandled uid and\n gid mappings, which allowed local users to gain privileges by establishing\n a user namespace, waiting for a root process to enter that namespace\n with an unsafe uid or gid, and then using the ptrace system call. NOTE:\n the vendor states \u0027there is no kernel bug here (bnc#960561).\n\nThe following non-security bugs were fixed:\n- aacraid: Refresh patches.drivers/0005-aacraid-MSI-x-support.patch. (boo#970249)\n- acpi: processor: Introduce apic_id in struct processor to save parsed APIC id (bsc#959463).\n- alsa: rawmidi: Make snd_rawmidi_transmit() race-free (bsc#968018).\n- alsa: seq: Fix leak of pool buffer at concurrent writes (bsc#968018).\n- btrfs: Account data space in more proper timing: (bsc#963193).\n- btrfs: Add handler for invalidate page (bsc#963193).\n- btrfs: check prepare_uptodate_page() error code earlier (bnc#966910).\n- btrfs: delayed_ref: Add new function to record reserved space into delayed ref (bsc#963193).\n- btrfs: delayed_ref: release and free qgroup reserved at proper timing (bsc#963193).\n- btrfs: extent_io: Introduce needed structure for recoding set/clear bits (bsc#963193).\n- btrfs: extent_io: Introduce new function clear_record_extent_bits() (bsc#963193).\n- btrfs: extent_io: Introduce new function set_record_extent_bits (bsc#963193).\n- btrfs: extent-tree: Add new version of btrfs_check_data_free_space and btrfs_free_reserved_data_space (bsc#963193).\n- btrfs: extent-tree: Add new version of btrfs_delalloc_reserve/release_space (bsc#963193).\n- btrfs: extent-tree: Switch to new check_data_free_space and free_reserved_data_space (bsc#963193).\n- btrfs: extent-tree: Switch to new delalloc space reserve and release (bsc#963193).\n- btrfs: fallocate: Added a prerequisite patch and rebased the chunks that had previously been taken from it. Fixes a warning we had in fs/btrfs/file.c.\n- btrfs: fallocate: Add support to accurate qgroup reserve (bsc#963193).\n- btrfs: fix invalid page accesses in extent_same (dedup) ioctl (bnc#968230).\n- btrfs: fix page reading in extent_same ioctl leading to csum errors (bnc#968230).\n- btrfs: fix warning in backref walking (bnc#966278).\n- btrfs: qgroup: Add handler for NOCOW and inline (bsc#963193).\n- btrfs: qgroup: Add new trace point for qgroup data reserve (bsc#963193).\n- btrfs: qgroup: Avoid calling btrfs_free_reserved_data_space in clear_bit_hook (bsc#963193).\n- btrfs: qgroup: Check if qgroup reserved space leaked (bsc#963193).\n- btrfs: qgroup: Cleanup old inaccurate facilities (bsc#963193).\n- btrfs: qgroup: Fix a race in delayed_ref which leads to abort trans (bsc#963193).\n- btrfs: qgroup: Fix a rebase bug which will cause qgroup double free (bsc#963193).\n- btrfs: qgroup: Fix dead judgement on qgroup_rescan_leaf() return value (bsc#969439).\n- btrfs: qgroup: Introduce btrfs_qgroup_reserve_data function (bsc#963193).\n- btrfs: qgroup: Introduce functions to release/free qgroup reserve data space (bsc#963193).\n- btrfs: qgroup: Introduce new functions to reserve/free metadata (bsc#963193).\n- btrfs: qgroup: Use new metadata reservation (bsc#963193).\n- dcache: use IS_ROOT to decide where dentry is hashed (bsc#949752).\n- dmapi: fix dm_open_by_handle_rvp taking an extra ref to mnt (bsc#967292).\n- drivers/base/memory.c: fix kernel warning during memory hotplug on ppc64 (bsc#963827).\n- drivers: hv: Allow for MMIO claims that span ACPI _CRS records (bnc#965924).\n- drivers: hv: Define the channel type for Hyper-V PCI Express pass-through (bnc#965924).\n- drivers: hv: Export a function that maps Linux CPU num onto Hyper-V proc num (bnc#965924).\n- drivers: hv: Export the API to invoke a hypercall on Hyper-V (bnc#965924).\n- drivers: hv: kvp: fix IP Failover.\n- drivers: pci:hv: New paravirtual PCI front-end for Hyper-V VMs (bnc#965924).\n- drivers: xen-blkfront: only talk_to_blkback() when in XenbusStateInitialising (bsc#957986 fate#320625).\n- drivers: xen-blkfront: move talk_to_blkback to a more suitable place (bsc#957986 fate#320625).\n- e1000e: Avoid divide by zero error (bsc#968643).\n- e1000e: fix division by zero on jumbo MTUs (bsc#968643).\n- e1000e: Fix tight loop implementation of systime read algorithm (bsc#968643).\n- efi: Ignore efivar_validate kabi failures -- it\u0027s an EFI internal function.\n- fix: print ext4 mountopt data_err=abort correctly (bsc#969735).\n- Fix problem with setting ACL on directories (bsc#867251).\n- fs/proc_namespace.c: simplify testing nsp and nsp-\u003emnt_ns (bug#963960).\n- futex: Drop refcount if requeue_pi() acquired the rtmutex (bug#960174).\n- hv: Lock access to hyperv_mmio resource tree (bnc#965924).\n- hv: Make a function to free mmio regions through vmbus (bnc#965924).\n- hv: Reverse order of resources in hyperv_mmio (bnc#965924).\n- hv: Track allocations of children of hv_vmbus in private resource tree (bnc#965924).\n- hv: Use new vmbus_mmio_free() from client drivers (bnc#965924).\n- hwmon: (coretemp) Increase maximum core to 128 (bsc#970160)\n- ibmvnic: Fix ibmvnic_capability struct (fate#320253).\n- intel_pstate: Use del_timer_sync in intel_pstate_cpu_stop (bsc#967650).\n- ipv6: mld: fix add_grhead skb_over_panic for devs with large MTUs (bsc#956852).\n- kabi: Preserve checksum of kvm_x86_ops (bsc#969112).\n- kabi: protect struct acpi_processor signature (bsc#959463).\n- kgr: fix reversion of a patch already reverted by a replace_all patch (fate#313296).\n- kvm: SVM: add rdmsr support for AMD event registers (bsc#968448).\n- kvm: x86: Check dest_map-\u003evector to match eoi signals for rtc (bsc#966471).\n- kvm: x86: Convert ioapic-\u003ertc_status.dest_map to a struct (bsc#966471).\n- kvm: x86: store IOAPIC-handled vectors in each VCPU (bsc#966471).\n- kvm: x86: Track irq vectors in ioapic-\u003ertc_status.dest_map (bsc#966471).\n- libata: Revert \u0027libata: Align ata_device\u0027s id on a cacheline\u0027.\n- libceph: fix scatterlist last_piece calculation (bsc#963746).\n- lpfc: Fix kmalloc overflow in LPFC driver at large core count (bsc#969690).\n- memcg: do not hang on OOM when killed by userspace OOM access to memory reserves (bnc#969571).\n- mld, igmp: Fix reserved tailroom calculation (bsc#956852).\n- namespaces: Re-introduce task_nsproxy() helper (bug#963960).\n- namespaces: Use task_lock and not rcu to protect nsproxy (bug#963960).\n- net: core: Correct an over-stringent device loop detection (bsc#945219).\n- net: irda: Fix use-after-free in irtty_open() (bnc#967903).\n- net: Revert \u0027net/ipv6: add sysctl option accept_ra_min_hop_limit\u0027.\n- nfs4: treat lock owners as opaque values (bnc#968141).\n- nfs: Background flush should not be low priority (bsc#955308).\n- nfsd: fix nfsd_setattr return code for HSM (bsc#969992).\n- nfs: do not use STABLE writes during writeback (bnc#816099).\n- nfs: Fix handling of re-write-before-commit for mmapped NFS pages (bsc#964201).\n- nvme: default to 4k device page size (bsc#967047).\n- nvme: special case AEN requests (bsc#965087).\n- pci: Add global pci_lock_rescan_remove() (bnc#965924).\n- pci: allow access to VPD attributes with size 0 (bsc#959146).\n- pciback: Check PF instead of VF for PCI_COMMAND_MEMORY.\n- pciback: Save the number of MSI-X entries to be copied later.\n- pci: Blacklist vpd access for buggy devices (bsc#959146).\n- pci: Determine actual VPD size on first access (bsc#959146).\n- pci: Export symbols required for loadable host driver modules (bnc#965924).\n- pci: pciehp: Disable link notification across slot reset (bsc#967651).\n- pci: pciehp: Do not check adapter or latch status while disabling (bsc#967651).\n- pci: pciehp: Do not disable the link permanently during removal (bsc#967651).\n- pci: pciehp: Ensure very fast hotplug events are also processed (bsc#967651).\n- pci: Update VPD definitions (bsc#959146).\n- perf, nmi: Fix unknown NMI warning (bsc#968512).\n- proc: Fix ptrace-based permission checks for accessing task maps.\n- pv6: Revert \u0027ipv6: tcp: add rcu locking in tcp_v6_send_synack()\u0027 (bnc#961257).\n- qla2xxx: Remove unavailable firmware files (bsc#943645).\n- rbd: do not log miscompare as an error (bsc#970062).\n- resources: Set type in __request_region() (bnc#965924).\n- rpm/kernel-binary.spec.in: Sync the main and -base package dependencies (bsc#965830#c51).\n- rpm/kernel-module-subpackage: Fix obsoleting dropped flavors (bsc#968253)\n- scsi_dh_alua: Do not block request queue if workqueue is active (bsc#960458).\n- scsi: fix soft lockup in scsi_remove_target() on module removal (bsc#965199).\n- scsi: proper state checking and module refcount handling in scsi_device_get (boo#966831).\n- series.conf: add section comments\n- supported.conf: Add e1000e (emulated by VMware) to -base (bsc#968074)\n- supported.conf: Add Hyper-V modules to -base (bsc#965830)\n- supported.conf: Add isofs to -base (bsc#969655).\n- supported.conf: Add more qemu device driver (bsc#968234)\n- supported.conf: Add mptspi and mptsas to -base (bsc#968206)\n- supported.conf: Add the qemu scsi driver (sym53c8xx) to -base (bsc#967802)\n- supported.conf: Add tulip to -base for Hyper-V (bsc#968234)\n- supported.conf: Add virtio-rng (bsc#966026)\n- supported.conf: Add xen-blkfront.\n- supported.conf: Add xfs to -base (bsc#965891)\n- supported.conf: Fix usb-common path usb-common moved to its own subdirectory in kernel v3.16, and we backported that change to SLE12.\n- tcp: Restore RFC5961-compliant behavior for SYN packets (bsc#966864).\n- usb: Quiet down false peer failure messages (bnc#960629).\n- x86: export x86_msi (bnc#965924).\n- xen: Add /etc/modprobe.d/50-xen.conf selecting Xen frontend driver implementation (bsc#957986, bsc#956084, bsc#961658).\n- xen-blkfront: allow building in our Xen environment (bsc#957986 fate#320625).\n- xen, blkfront: factor out flush-related checks from do_blkif_request() (bsc#957986 fate#320625).\n- xen-blkfront: fix accounting of reqs when migrating (bsc#957986 fate#320625).\n- xen/blkfront: Fix crash if backend does not follow the right states (bsc#957986 fate#320625).\n- xen-blkfront: improve aproximation of required grants per request (bsc#957986 fate#320625).\n- xen/blkfront: improve protection against issuing unsupported REQ_FUA (bsc#957986 fate#320625).\n- xen/blkfront: remove redundant flush_op (bsc#957986 fate#320625).\n- xen-blkfront: remove type check from blkfront_setup_discard (bsc#957986 fate#320625).\n- xen-blkfront: Silence pfn maybe-uninitialized warning (bsc#957986 fate#320625).\n- xen: block: xen-blkfront: Fix possible NULL ptr dereference (bsc#957986 fate#320625).\n- xen: Refresh patches.xen/xen3-patch-2.6.33 (detect NX support early).\n- xen: Refresh patches.xen/xen-vscsi-large-requests (gsc#966094).\n- xen: Update Xen config files (enable upstream block frontend).\n- xen: Update Xen patches to 3.12.55.\n- xen-vscsi-large-requests: Fix resource collision for racing request maps and unmaps (bsc#966094).\n- xfs/dmapi: drop lock over synchronous XFS_SEND_DATA events (bsc#969993).\n- xfs/dmapi: propertly send postcreate event (bsc#967299).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-SLE-DESKTOP-12-SP1-2016-600,SUSE-SLE-Live-Patching-12-2016-600,SUSE-SLE-Module-Public-Cloud-12-2016-600,SUSE-SLE-SDK-12-SP1-2016-600,SUSE-SLE-SERVER-12-SP1-2016-600,SUSE-SLE-WE-12-SP1-2016-600",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2016_1019-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2016:1019-1",
"url": "https://www.suse.com/support/update/announcement/2016/suse-su-20161019-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2016:1019-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2016-April/001996.html"
},
{
"category": "self",
"summary": "SUSE Bug 816099",
"url": "https://bugzilla.suse.com/816099"
},
{
"category": "self",
"summary": "SUSE Bug 867251",
"url": "https://bugzilla.suse.com/867251"
},
{
"category": "self",
"summary": "SUSE Bug 875631",
"url": "https://bugzilla.suse.com/875631"
},
{
"category": "self",
"summary": "SUSE Bug 880007",
"url": "https://bugzilla.suse.com/880007"
},
{
"category": "self",
"summary": "SUSE Bug 943645",
"url": "https://bugzilla.suse.com/943645"
},
{
"category": "self",
"summary": "SUSE Bug 944749",
"url": "https://bugzilla.suse.com/944749"
},
{
"category": "self",
"summary": "SUSE Bug 945219",
"url": "https://bugzilla.suse.com/945219"
},
{
"category": "self",
"summary": "SUSE Bug 949752",
"url": "https://bugzilla.suse.com/949752"
},
{
"category": "self",
"summary": "SUSE Bug 955308",
"url": "https://bugzilla.suse.com/955308"
},
{
"category": "self",
"summary": "SUSE Bug 956084",
"url": "https://bugzilla.suse.com/956084"
},
{
"category": "self",
"summary": "SUSE Bug 956852",
"url": "https://bugzilla.suse.com/956852"
},
{
"category": "self",
"summary": "SUSE Bug 957986",
"url": "https://bugzilla.suse.com/957986"
},
{
"category": "self",
"summary": "SUSE Bug 959146",
"url": "https://bugzilla.suse.com/959146"
},
{
"category": "self",
"summary": "SUSE Bug 959257",
"url": "https://bugzilla.suse.com/959257"
},
{
"category": "self",
"summary": "SUSE Bug 959463",
"url": "https://bugzilla.suse.com/959463"
},
{
"category": "self",
"summary": "SUSE Bug 959709",
"url": "https://bugzilla.suse.com/959709"
},
{
"category": "self",
"summary": "SUSE Bug 960174",
"url": "https://bugzilla.suse.com/960174"
},
{
"category": "self",
"summary": "SUSE Bug 960458",
"url": "https://bugzilla.suse.com/960458"
},
{
"category": "self",
"summary": "SUSE Bug 960561",
"url": "https://bugzilla.suse.com/960561"
},
{
"category": "self",
"summary": "SUSE Bug 960629",
"url": "https://bugzilla.suse.com/960629"
},
{
"category": "self",
"summary": "SUSE Bug 961257",
"url": "https://bugzilla.suse.com/961257"
},
{
"category": "self",
"summary": "SUSE Bug 961500",
"url": "https://bugzilla.suse.com/961500"
},
{
"category": "self",
"summary": "SUSE Bug 961516",
"url": "https://bugzilla.suse.com/961516"
},
{
"category": "self",
"summary": "SUSE Bug 961588",
"url": "https://bugzilla.suse.com/961588"
},
{
"category": "self",
"summary": "SUSE Bug 961658",
"url": "https://bugzilla.suse.com/961658"
},
{
"category": "self",
"summary": "SUSE Bug 963193",
"url": "https://bugzilla.suse.com/963193"
},
{
"category": "self",
"summary": "SUSE Bug 963746",
"url": "https://bugzilla.suse.com/963746"
},
{
"category": "self",
"summary": "SUSE Bug 963765",
"url": "https://bugzilla.suse.com/963765"
},
{
"category": "self",
"summary": "SUSE Bug 963827",
"url": "https://bugzilla.suse.com/963827"
},
{
"category": "self",
"summary": "SUSE Bug 963960",
"url": "https://bugzilla.suse.com/963960"
},
{
"category": "self",
"summary": "SUSE Bug 964201",
"url": "https://bugzilla.suse.com/964201"
},
{
"category": "self",
"summary": "SUSE Bug 964730",
"url": "https://bugzilla.suse.com/964730"
},
{
"category": "self",
"summary": "SUSE Bug 965087",
"url": "https://bugzilla.suse.com/965087"
},
{
"category": "self",
"summary": "SUSE Bug 965199",
"url": "https://bugzilla.suse.com/965199"
},
{
"category": "self",
"summary": "SUSE Bug 965830",
"url": "https://bugzilla.suse.com/965830"
},
{
"category": "self",
"summary": "SUSE Bug 965891",
"url": "https://bugzilla.suse.com/965891"
},
{
"category": "self",
"summary": "SUSE Bug 965924",
"url": "https://bugzilla.suse.com/965924"
},
{
"category": "self",
"summary": "SUSE Bug 966026",
"url": "https://bugzilla.suse.com/966026"
},
{
"category": "self",
"summary": "SUSE Bug 966094",
"url": "https://bugzilla.suse.com/966094"
},
{
"category": "self",
"summary": "SUSE Bug 966278",
"url": "https://bugzilla.suse.com/966278"
},
{
"category": "self",
"summary": "SUSE Bug 966437",
"url": "https://bugzilla.suse.com/966437"
},
{
"category": "self",
"summary": "SUSE Bug 966471",
"url": "https://bugzilla.suse.com/966471"
},
{
"category": "self",
"summary": "SUSE Bug 966693",
"url": "https://bugzilla.suse.com/966693"
},
{
"category": "self",
"summary": "SUSE Bug 966831",
"url": "https://bugzilla.suse.com/966831"
},
{
"category": "self",
"summary": "SUSE Bug 966864",
"url": "https://bugzilla.suse.com/966864"
},
{
"category": "self",
"summary": "SUSE Bug 966910",
"url": "https://bugzilla.suse.com/966910"
},
{
"category": "self",
"summary": "SUSE Bug 967047",
"url": "https://bugzilla.suse.com/967047"
},
{
"category": "self",
"summary": "SUSE Bug 967292",
"url": "https://bugzilla.suse.com/967292"
},
{
"category": "self",
"summary": "SUSE Bug 967299",
"url": "https://bugzilla.suse.com/967299"
},
{
"category": "self",
"summary": "SUSE Bug 967650",
"url": "https://bugzilla.suse.com/967650"
},
{
"category": "self",
"summary": "SUSE Bug 967651",
"url": "https://bugzilla.suse.com/967651"
},
{
"category": "self",
"summary": "SUSE Bug 967802",
"url": "https://bugzilla.suse.com/967802"
},
{
"category": "self",
"summary": "SUSE Bug 967903",
"url": "https://bugzilla.suse.com/967903"
},
{
"category": "self",
"summary": "SUSE Bug 968010",
"url": "https://bugzilla.suse.com/968010"
},
{
"category": "self",
"summary": "SUSE Bug 968018",
"url": "https://bugzilla.suse.com/968018"
},
{
"category": "self",
"summary": "SUSE Bug 968074",
"url": "https://bugzilla.suse.com/968074"
},
{
"category": "self",
"summary": "SUSE Bug 968141",
"url": "https://bugzilla.suse.com/968141"
},
{
"category": "self",
"summary": "SUSE Bug 968206",
"url": "https://bugzilla.suse.com/968206"
},
{
"category": "self",
"summary": "SUSE Bug 968230",
"url": "https://bugzilla.suse.com/968230"
},
{
"category": "self",
"summary": "SUSE Bug 968234",
"url": "https://bugzilla.suse.com/968234"
},
{
"category": "self",
"summary": "SUSE Bug 968253",
"url": "https://bugzilla.suse.com/968253"
},
{
"category": "self",
"summary": "SUSE Bug 968448",
"url": "https://bugzilla.suse.com/968448"
},
{
"category": "self",
"summary": "SUSE Bug 968512",
"url": "https://bugzilla.suse.com/968512"
},
{
"category": "self",
"summary": "SUSE Bug 968643",
"url": "https://bugzilla.suse.com/968643"
},
{
"category": "self",
"summary": "SUSE Bug 968670",
"url": "https://bugzilla.suse.com/968670"
},
{
"category": "self",
"summary": "SUSE Bug 969112",
"url": "https://bugzilla.suse.com/969112"
},
{
"category": "self",
"summary": "SUSE Bug 969439",
"url": "https://bugzilla.suse.com/969439"
},
{
"category": "self",
"summary": "SUSE Bug 969571",
"url": "https://bugzilla.suse.com/969571"
},
{
"category": "self",
"summary": "SUSE Bug 969655",
"url": "https://bugzilla.suse.com/969655"
},
{
"category": "self",
"summary": "SUSE Bug 969690",
"url": "https://bugzilla.suse.com/969690"
},
{
"category": "self",
"summary": "SUSE Bug 969735",
"url": "https://bugzilla.suse.com/969735"
},
{
"category": "self",
"summary": "SUSE Bug 969992",
"url": "https://bugzilla.suse.com/969992"
},
{
"category": "self",
"summary": "SUSE Bug 969993",
"url": "https://bugzilla.suse.com/969993"
},
{
"category": "self",
"summary": "SUSE Bug 970062",
"url": "https://bugzilla.suse.com/970062"
},
{
"category": "self",
"summary": "SUSE Bug 970160",
"url": "https://bugzilla.suse.com/970160"
},
{
"category": "self",
"summary": "SUSE Bug 970249",
"url": "https://bugzilla.suse.com/970249"
},
{
"category": "self",
"summary": "SUSE Bug 970909",
"url": "https://bugzilla.suse.com/970909"
},
{
"category": "self",
"summary": "SUSE Bug 971125",
"url": "https://bugzilla.suse.com/971125"
},
{
"category": "self",
"summary": "SUSE Bug 971360",
"url": "https://bugzilla.suse.com/971360"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-8709 page",
"url": "https://www.suse.com/security/cve/CVE-2015-8709/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-8812 page",
"url": "https://www.suse.com/security/cve/CVE-2015-8812/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-8816 page",
"url": "https://www.suse.com/security/cve/CVE-2015-8816/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-2143 page",
"url": "https://www.suse.com/security/cve/CVE-2016-2143/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-2184 page",
"url": "https://www.suse.com/security/cve/CVE-2016-2184/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-2384 page",
"url": "https://www.suse.com/security/cve/CVE-2016-2384/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-2782 page",
"url": "https://www.suse.com/security/cve/CVE-2016-2782/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-3139 page",
"url": "https://www.suse.com/security/cve/CVE-2016-3139/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-3156 page",
"url": "https://www.suse.com/security/cve/CVE-2016-3156/"
}
],
"title": "Security update for the Linux Kernel",
"tracking": {
"current_release_date": "2016-04-12T15:48:36Z",
"generator": {
"date": "2016-04-12T15:48:36Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2016:1019-1",
"initial_release_date": "2016-04-12T15:48:36Z",
"revision_history": [
{
"date": "2016-04-12T15:48:36Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "kernel-devel-3.12.57-60.35.1.noarch",
"product": {
"name": "kernel-devel-3.12.57-60.35.1.noarch",
"product_id": "kernel-devel-3.12.57-60.35.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-macros-3.12.57-60.35.1.noarch",
"product": {
"name": "kernel-macros-3.12.57-60.35.1.noarch",
"product_id": "kernel-macros-3.12.57-60.35.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-source-3.12.57-60.35.1.noarch",
"product": {
"name": "kernel-source-3.12.57-60.35.1.noarch",
"product_id": "kernel-source-3.12.57-60.35.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-docs-3.12.57-60.35.3.noarch",
"product": {
"name": "kernel-docs-3.12.57-60.35.3.noarch",
"product_id": "kernel-docs-3.12.57-60.35.3.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-obs-build-3.12.57-60.35.1.ppc64le",
"product": {
"name": "kernel-obs-build-3.12.57-60.35.1.ppc64le",
"product_id": "kernel-obs-build-3.12.57-60.35.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-default-3.12.57-60.35.1.ppc64le",
"product": {
"name": "kernel-default-3.12.57-60.35.1.ppc64le",
"product_id": "kernel-default-3.12.57-60.35.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-default-base-3.12.57-60.35.1.ppc64le",
"product": {
"name": "kernel-default-base-3.12.57-60.35.1.ppc64le",
"product_id": "kernel-default-base-3.12.57-60.35.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-default-devel-3.12.57-60.35.1.ppc64le",
"product": {
"name": "kernel-default-devel-3.12.57-60.35.1.ppc64le",
"product_id": "kernel-default-devel-3.12.57-60.35.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-syms-3.12.57-60.35.1.ppc64le",
"product": {
"name": "kernel-syms-3.12.57-60.35.1.ppc64le",
"product_id": "kernel-syms-3.12.57-60.35.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-obs-build-3.12.57-60.35.1.s390x",
"product": {
"name": "kernel-obs-build-3.12.57-60.35.1.s390x",
"product_id": "kernel-obs-build-3.12.57-60.35.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-default-3.12.57-60.35.1.s390x",
"product": {
"name": "kernel-default-3.12.57-60.35.1.s390x",
"product_id": "kernel-default-3.12.57-60.35.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-default-base-3.12.57-60.35.1.s390x",
"product": {
"name": "kernel-default-base-3.12.57-60.35.1.s390x",
"product_id": "kernel-default-base-3.12.57-60.35.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-default-devel-3.12.57-60.35.1.s390x",
"product": {
"name": "kernel-default-devel-3.12.57-60.35.1.s390x",
"product_id": "kernel-default-devel-3.12.57-60.35.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-default-man-3.12.57-60.35.1.s390x",
"product": {
"name": "kernel-default-man-3.12.57-60.35.1.s390x",
"product_id": "kernel-default-man-3.12.57-60.35.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-syms-3.12.57-60.35.1.s390x",
"product": {
"name": "kernel-syms-3.12.57-60.35.1.s390x",
"product_id": "kernel-syms-3.12.57-60.35.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-default-3.12.57-60.35.1.x86_64",
"product": {
"name": "kernel-default-3.12.57-60.35.1.x86_64",
"product_id": "kernel-default-3.12.57-60.35.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-devel-3.12.57-60.35.1.x86_64",
"product": {
"name": "kernel-default-devel-3.12.57-60.35.1.x86_64",
"product_id": "kernel-default-devel-3.12.57-60.35.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-extra-3.12.57-60.35.1.x86_64",
"product": {
"name": "kernel-default-extra-3.12.57-60.35.1.x86_64",
"product_id": "kernel-default-extra-3.12.57-60.35.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-syms-3.12.57-60.35.1.x86_64",
"product": {
"name": "kernel-syms-3.12.57-60.35.1.x86_64",
"product_id": "kernel-syms-3.12.57-60.35.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-xen-3.12.57-60.35.1.x86_64",
"product": {
"name": "kernel-xen-3.12.57-60.35.1.x86_64",
"product_id": "kernel-xen-3.12.57-60.35.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-xen-devel-3.12.57-60.35.1.x86_64",
"product": {
"name": "kernel-xen-devel-3.12.57-60.35.1.x86_64",
"product_id": "kernel-xen-devel-3.12.57-60.35.1.x86_64"
}
},
{
"category": "product_version",
"name": "kgraft-patch-3_12_57-60_35-default-1-2.3.x86_64",
"product": {
"name": "kgraft-patch-3_12_57-60_35-default-1-2.3.x86_64",
"product_id": "kgraft-patch-3_12_57-60_35-default-1-2.3.x86_64"
}
},
{
"category": "product_version",
"name": "kgraft-patch-3_12_57-60_35-xen-1-2.3.x86_64",
"product": {
"name": "kgraft-patch-3_12_57-60_35-xen-1-2.3.x86_64",
"product_id": "kgraft-patch-3_12_57-60_35-xen-1-2.3.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-ec2-3.12.57-60.35.1.x86_64",
"product": {
"name": "kernel-ec2-3.12.57-60.35.1.x86_64",
"product_id": "kernel-ec2-3.12.57-60.35.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-ec2-devel-3.12.57-60.35.1.x86_64",
"product": {
"name": "kernel-ec2-devel-3.12.57-60.35.1.x86_64",
"product_id": "kernel-ec2-devel-3.12.57-60.35.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-ec2-extra-3.12.57-60.35.1.x86_64",
"product": {
"name": "kernel-ec2-extra-3.12.57-60.35.1.x86_64",
"product_id": "kernel-ec2-extra-3.12.57-60.35.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-obs-build-3.12.57-60.35.1.x86_64",
"product": {
"name": "kernel-obs-build-3.12.57-60.35.1.x86_64",
"product_id": "kernel-obs-build-3.12.57-60.35.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-base-3.12.57-60.35.1.x86_64",
"product": {
"name": "kernel-default-base-3.12.57-60.35.1.x86_64",
"product_id": "kernel-default-base-3.12.57-60.35.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-xen-base-3.12.57-60.35.1.x86_64",
"product": {
"name": "kernel-xen-base-3.12.57-60.35.1.x86_64",
"product_id": "kernel-xen-base-3.12.57-60.35.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Desktop 12 SP1",
"product": {
"name": "SUSE Linux Enterprise Desktop 12 SP1",
"product_id": "SUSE Linux Enterprise Desktop 12 SP1",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sled:12:sp1"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Live Patching 12",
"product": {
"name": "SUSE Linux Enterprise Live Patching 12",
"product_id": "SUSE Linux Enterprise Live Patching 12",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-live-patching:12"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Module for Public Cloud 12",
"product": {
"name": "SUSE Linux Enterprise Module for Public Cloud 12",
"product_id": "SUSE Linux Enterprise Module for Public Cloud 12",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-public-cloud:12"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Software Development Kit 12 SP1",
"product": {
"name": "SUSE Linux Enterprise Software Development Kit 12 SP1",
"product_id": "SUSE Linux Enterprise Software Development Kit 12 SP1",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-sdk:12:sp1"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 12 SP1",
"product": {
"name": "SUSE Linux Enterprise Server 12 SP1",
"product_id": "SUSE Linux Enterprise Server 12 SP1",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles:12:sp1"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP Applications 12 SP1",
"product": {
"name": "SUSE Linux Enterprise Server for SAP Applications 12 SP1",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP1",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles_sap:12:sp1"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Workstation Extension 12 SP1",
"product": {
"name": "SUSE Linux Enterprise Workstation Extension 12 SP1",
"product_id": "SUSE Linux Enterprise Workstation Extension 12 SP1",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-we:12:sp1"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-3.12.57-60.35.1.x86_64 as component of SUSE Linux Enterprise Desktop 12 SP1",
"product_id": "SUSE Linux Enterprise Desktop 12 SP1:kernel-default-3.12.57-60.35.1.x86_64"
},
"product_reference": "kernel-default-3.12.57-60.35.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Desktop 12 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-3.12.57-60.35.1.x86_64 as component of SUSE Linux Enterprise Desktop 12 SP1",
"product_id": "SUSE Linux Enterprise Desktop 12 SP1:kernel-default-devel-3.12.57-60.35.1.x86_64"
},
"product_reference": "kernel-default-devel-3.12.57-60.35.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Desktop 12 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-extra-3.12.57-60.35.1.x86_64 as component of SUSE Linux Enterprise Desktop 12 SP1",
"product_id": "SUSE Linux Enterprise Desktop 12 SP1:kernel-default-extra-3.12.57-60.35.1.x86_64"
},
"product_reference": "kernel-default-extra-3.12.57-60.35.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Desktop 12 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-devel-3.12.57-60.35.1.noarch as component of SUSE Linux Enterprise Desktop 12 SP1",
"product_id": "SUSE Linux Enterprise Desktop 12 SP1:kernel-devel-3.12.57-60.35.1.noarch"
},
"product_reference": "kernel-devel-3.12.57-60.35.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Desktop 12 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-macros-3.12.57-60.35.1.noarch as component of SUSE Linux Enterprise Desktop 12 SP1",
"product_id": "SUSE Linux Enterprise Desktop 12 SP1:kernel-macros-3.12.57-60.35.1.noarch"
},
"product_reference": "kernel-macros-3.12.57-60.35.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Desktop 12 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-source-3.12.57-60.35.1.noarch as component of SUSE Linux Enterprise Desktop 12 SP1",
"product_id": "SUSE Linux Enterprise Desktop 12 SP1:kernel-source-3.12.57-60.35.1.noarch"
},
"product_reference": "kernel-source-3.12.57-60.35.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Desktop 12 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-3.12.57-60.35.1.x86_64 as component of SUSE Linux Enterprise Desktop 12 SP1",
"product_id": "SUSE Linux Enterprise Desktop 12 SP1:kernel-syms-3.12.57-60.35.1.x86_64"
},
"product_reference": "kernel-syms-3.12.57-60.35.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Desktop 12 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-xen-3.12.57-60.35.1.x86_64 as component of SUSE Linux Enterprise Desktop 12 SP1",
"product_id": "SUSE Linux Enterprise Desktop 12 SP1:kernel-xen-3.12.57-60.35.1.x86_64"
},
"product_reference": "kernel-xen-3.12.57-60.35.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Desktop 12 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-xen-devel-3.12.57-60.35.1.x86_64 as component of SUSE Linux Enterprise Desktop 12 SP1",
"product_id": "SUSE Linux Enterprise Desktop 12 SP1:kernel-xen-devel-3.12.57-60.35.1.x86_64"
},
"product_reference": "kernel-xen-devel-3.12.57-60.35.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Desktop 12 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-3_12_57-60_35-default-1-2.3.x86_64 as component of SUSE Linux Enterprise Live Patching 12",
"product_id": "SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_57-60_35-default-1-2.3.x86_64"
},
"product_reference": "kgraft-patch-3_12_57-60_35-default-1-2.3.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-3_12_57-60_35-xen-1-2.3.x86_64 as component of SUSE Linux Enterprise Live Patching 12",
"product_id": "SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_57-60_35-xen-1-2.3.x86_64"
},
"product_reference": "kgraft-patch-3_12_57-60_35-xen-1-2.3.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-ec2-3.12.57-60.35.1.x86_64 as component of SUSE Linux Enterprise Module for Public Cloud 12",
"product_id": "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.57-60.35.1.x86_64"
},
"product_reference": "kernel-ec2-3.12.57-60.35.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Public Cloud 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-ec2-devel-3.12.57-60.35.1.x86_64 as component of SUSE Linux Enterprise Module for Public Cloud 12",
"product_id": "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.57-60.35.1.x86_64"
},
"product_reference": "kernel-ec2-devel-3.12.57-60.35.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Public Cloud 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-ec2-extra-3.12.57-60.35.1.x86_64 as component of SUSE Linux Enterprise Module for Public Cloud 12",
"product_id": "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.57-60.35.1.x86_64"
},
"product_reference": "kernel-ec2-extra-3.12.57-60.35.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Public Cloud 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-docs-3.12.57-60.35.3.noarch as component of SUSE Linux Enterprise Software Development Kit 12 SP1",
"product_id": "SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-docs-3.12.57-60.35.3.noarch"
},
"product_reference": "kernel-docs-3.12.57-60.35.3.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 12 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-obs-build-3.12.57-60.35.1.ppc64le as component of SUSE Linux Enterprise Software Development Kit 12 SP1",
"product_id": "SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-obs-build-3.12.57-60.35.1.ppc64le"
},
"product_reference": "kernel-obs-build-3.12.57-60.35.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 12 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-obs-build-3.12.57-60.35.1.s390x as component of SUSE Linux Enterprise Software Development Kit 12 SP1",
"product_id": "SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-obs-build-3.12.57-60.35.1.s390x"
},
"product_reference": "kernel-obs-build-3.12.57-60.35.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 12 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-obs-build-3.12.57-60.35.1.x86_64 as component of SUSE Linux Enterprise Software Development Kit 12 SP1",
"product_id": "SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-obs-build-3.12.57-60.35.1.x86_64"
},
"product_reference": "kernel-obs-build-3.12.57-60.35.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 12 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-3.12.57-60.35.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP1",
"product_id": "SUSE Linux Enterprise Server 12 SP1:kernel-default-3.12.57-60.35.1.ppc64le"
},
"product_reference": "kernel-default-3.12.57-60.35.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-3.12.57-60.35.1.s390x as component of SUSE Linux Enterprise Server 12 SP1",
"product_id": "SUSE Linux Enterprise Server 12 SP1:kernel-default-3.12.57-60.35.1.s390x"
},
"product_reference": "kernel-default-3.12.57-60.35.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-3.12.57-60.35.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP1",
"product_id": "SUSE Linux Enterprise Server 12 SP1:kernel-default-3.12.57-60.35.1.x86_64"
},
"product_reference": "kernel-default-3.12.57-60.35.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-base-3.12.57-60.35.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP1",
"product_id": "SUSE Linux Enterprise Server 12 SP1:kernel-default-base-3.12.57-60.35.1.ppc64le"
},
"product_reference": "kernel-default-base-3.12.57-60.35.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-base-3.12.57-60.35.1.s390x as component of SUSE Linux Enterprise Server 12 SP1",
"product_id": "SUSE Linux Enterprise Server 12 SP1:kernel-default-base-3.12.57-60.35.1.s390x"
},
"product_reference": "kernel-default-base-3.12.57-60.35.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-base-3.12.57-60.35.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP1",
"product_id": "SUSE Linux Enterprise Server 12 SP1:kernel-default-base-3.12.57-60.35.1.x86_64"
},
"product_reference": "kernel-default-base-3.12.57-60.35.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-3.12.57-60.35.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP1",
"product_id": "SUSE Linux Enterprise Server 12 SP1:kernel-default-devel-3.12.57-60.35.1.ppc64le"
},
"product_reference": "kernel-default-devel-3.12.57-60.35.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-3.12.57-60.35.1.s390x as component of SUSE Linux Enterprise Server 12 SP1",
"product_id": "SUSE Linux Enterprise Server 12 SP1:kernel-default-devel-3.12.57-60.35.1.s390x"
},
"product_reference": "kernel-default-devel-3.12.57-60.35.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-3.12.57-60.35.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP1",
"product_id": "SUSE Linux Enterprise Server 12 SP1:kernel-default-devel-3.12.57-60.35.1.x86_64"
},
"product_reference": "kernel-default-devel-3.12.57-60.35.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-man-3.12.57-60.35.1.s390x as component of SUSE Linux Enterprise Server 12 SP1",
"product_id": "SUSE Linux Enterprise Server 12 SP1:kernel-default-man-3.12.57-60.35.1.s390x"
},
"product_reference": "kernel-default-man-3.12.57-60.35.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-devel-3.12.57-60.35.1.noarch as component of SUSE Linux Enterprise Server 12 SP1",
"product_id": "SUSE Linux Enterprise Server 12 SP1:kernel-devel-3.12.57-60.35.1.noarch"
},
"product_reference": "kernel-devel-3.12.57-60.35.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-macros-3.12.57-60.35.1.noarch as component of SUSE Linux Enterprise Server 12 SP1",
"product_id": "SUSE Linux Enterprise Server 12 SP1:kernel-macros-3.12.57-60.35.1.noarch"
},
"product_reference": "kernel-macros-3.12.57-60.35.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-source-3.12.57-60.35.1.noarch as component of SUSE Linux Enterprise Server 12 SP1",
"product_id": "SUSE Linux Enterprise Server 12 SP1:kernel-source-3.12.57-60.35.1.noarch"
},
"product_reference": "kernel-source-3.12.57-60.35.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-3.12.57-60.35.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP1",
"product_id": "SUSE Linux Enterprise Server 12 SP1:kernel-syms-3.12.57-60.35.1.ppc64le"
},
"product_reference": "kernel-syms-3.12.57-60.35.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-3.12.57-60.35.1.s390x as component of SUSE Linux Enterprise Server 12 SP1",
"product_id": "SUSE Linux Enterprise Server 12 SP1:kernel-syms-3.12.57-60.35.1.s390x"
},
"product_reference": "kernel-syms-3.12.57-60.35.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-3.12.57-60.35.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP1",
"product_id": "SUSE Linux Enterprise Server 12 SP1:kernel-syms-3.12.57-60.35.1.x86_64"
},
"product_reference": "kernel-syms-3.12.57-60.35.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-xen-3.12.57-60.35.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP1",
"product_id": "SUSE Linux Enterprise Server 12 SP1:kernel-xen-3.12.57-60.35.1.x86_64"
},
"product_reference": "kernel-xen-3.12.57-60.35.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-xen-base-3.12.57-60.35.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP1",
"product_id": "SUSE Linux Enterprise Server 12 SP1:kernel-xen-base-3.12.57-60.35.1.x86_64"
},
"product_reference": "kernel-xen-base-3.12.57-60.35.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-xen-devel-3.12.57-60.35.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP1",
"product_id": "SUSE Linux Enterprise Server 12 SP1:kernel-xen-devel-3.12.57-60.35.1.x86_64"
},
"product_reference": "kernel-xen-devel-3.12.57-60.35.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-3.12.57-60.35.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP1",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.57-60.35.1.ppc64le"
},
"product_reference": "kernel-default-3.12.57-60.35.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-3.12.57-60.35.1.s390x as component of SUSE Linux Enterprise Server for SAP Applications 12 SP1",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.57-60.35.1.s390x"
},
"product_reference": "kernel-default-3.12.57-60.35.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-3.12.57-60.35.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP1",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.57-60.35.1.x86_64"
},
"product_reference": "kernel-default-3.12.57-60.35.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-base-3.12.57-60.35.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP1",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.57-60.35.1.ppc64le"
},
"product_reference": "kernel-default-base-3.12.57-60.35.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-base-3.12.57-60.35.1.s390x as component of SUSE Linux Enterprise Server for SAP Applications 12 SP1",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.57-60.35.1.s390x"
},
"product_reference": "kernel-default-base-3.12.57-60.35.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-base-3.12.57-60.35.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP1",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.57-60.35.1.x86_64"
},
"product_reference": "kernel-default-base-3.12.57-60.35.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-3.12.57-60.35.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP1",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.57-60.35.1.ppc64le"
},
"product_reference": "kernel-default-devel-3.12.57-60.35.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-3.12.57-60.35.1.s390x as component of SUSE Linux Enterprise Server for SAP Applications 12 SP1",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.57-60.35.1.s390x"
},
"product_reference": "kernel-default-devel-3.12.57-60.35.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-3.12.57-60.35.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP1",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.57-60.35.1.x86_64"
},
"product_reference": "kernel-default-devel-3.12.57-60.35.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-man-3.12.57-60.35.1.s390x as component of SUSE Linux Enterprise Server for SAP Applications 12 SP1",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-man-3.12.57-60.35.1.s390x"
},
"product_reference": "kernel-default-man-3.12.57-60.35.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-devel-3.12.57-60.35.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 12 SP1",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.57-60.35.1.noarch"
},
"product_reference": "kernel-devel-3.12.57-60.35.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-macros-3.12.57-60.35.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 12 SP1",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.57-60.35.1.noarch"
},
"product_reference": "kernel-macros-3.12.57-60.35.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-source-3.12.57-60.35.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 12 SP1",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.57-60.35.1.noarch"
},
"product_reference": "kernel-source-3.12.57-60.35.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-3.12.57-60.35.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP1",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.57-60.35.1.ppc64le"
},
"product_reference": "kernel-syms-3.12.57-60.35.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-3.12.57-60.35.1.s390x as component of SUSE Linux Enterprise Server for SAP Applications 12 SP1",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.57-60.35.1.s390x"
},
"product_reference": "kernel-syms-3.12.57-60.35.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-3.12.57-60.35.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP1",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.57-60.35.1.x86_64"
},
"product_reference": "kernel-syms-3.12.57-60.35.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-xen-3.12.57-60.35.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP1",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.57-60.35.1.x86_64"
},
"product_reference": "kernel-xen-3.12.57-60.35.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-xen-base-3.12.57-60.35.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP1",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.57-60.35.1.x86_64"
},
"product_reference": "kernel-xen-base-3.12.57-60.35.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-xen-devel-3.12.57-60.35.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP1",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.57-60.35.1.x86_64"
},
"product_reference": "kernel-xen-devel-3.12.57-60.35.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-extra-3.12.57-60.35.1.x86_64 as component of SUSE Linux Enterprise Workstation Extension 12 SP1",
"product_id": "SUSE Linux Enterprise Workstation Extension 12 SP1:kernel-default-extra-3.12.57-60.35.1.x86_64"
},
"product_reference": "kernel-default-extra-3.12.57-60.35.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Workstation Extension 12 SP1"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2015-8709",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-8709"
}
],
"notes": [
{
"category": "general",
"text": "kernel/ptrace.c in the Linux kernel through 4.4.1 mishandles uid and gid mappings, which allows local users to gain privileges by establishing a user namespace, waiting for a root process to enter that namespace with an unsafe uid or gid, and then using the ptrace system call. NOTE: the vendor states \"there is no kernel bug here.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12 SP1:kernel-default-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-default-devel-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-default-extra-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-devel-3.12.57-60.35.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-macros-3.12.57-60.35.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-source-3.12.57-60.35.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-syms-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-xen-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-xen-devel-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_57-60_35-default-1-2.3.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_57-60_35-xen-1-2.3.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-3.12.57-60.35.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-3.12.57-60.35.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-base-3.12.57-60.35.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-base-3.12.57-60.35.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-base-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-devel-3.12.57-60.35.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-devel-3.12.57-60.35.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-devel-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-man-3.12.57-60.35.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-devel-3.12.57-60.35.1.noarch",
"SUSE Linux Enterprise Server 12 SP1:kernel-macros-3.12.57-60.35.1.noarch",
"SUSE Linux Enterprise Server 12 SP1:kernel-source-3.12.57-60.35.1.noarch",
"SUSE Linux Enterprise Server 12 SP1:kernel-syms-3.12.57-60.35.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-syms-3.12.57-60.35.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-syms-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-xen-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-xen-base-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-xen-devel-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.57-60.35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.57-60.35.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.57-60.35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.57-60.35.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.57-60.35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.57-60.35.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-man-3.12.57-60.35.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.57-60.35.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.57-60.35.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.57-60.35.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.57-60.35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.57-60.35.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-docs-3.12.57-60.35.3.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-obs-build-3.12.57-60.35.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-obs-build-3.12.57-60.35.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-obs-build-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP1:kernel-default-extra-3.12.57-60.35.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-8709",
"url": "https://www.suse.com/security/cve/CVE-2015-8709"
},
{
"category": "external",
"summary": "SUSE Bug 1010933 for CVE-2015-8709",
"url": "https://bugzilla.suse.com/1010933"
},
{
"category": "external",
"summary": "SUSE Bug 959709 for CVE-2015-8709",
"url": "https://bugzilla.suse.com/959709"
},
{
"category": "external",
"summary": "SUSE Bug 960561 for CVE-2015-8709",
"url": "https://bugzilla.suse.com/960561"
},
{
"category": "external",
"summary": "SUSE Bug 960563 for CVE-2015-8709",
"url": "https://bugzilla.suse.com/960563"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12 SP1:kernel-default-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-default-devel-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-default-extra-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-devel-3.12.57-60.35.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-macros-3.12.57-60.35.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-source-3.12.57-60.35.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-syms-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-xen-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-xen-devel-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_57-60_35-default-1-2.3.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_57-60_35-xen-1-2.3.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-3.12.57-60.35.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-3.12.57-60.35.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-base-3.12.57-60.35.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-base-3.12.57-60.35.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-base-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-devel-3.12.57-60.35.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-devel-3.12.57-60.35.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-devel-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-man-3.12.57-60.35.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-devel-3.12.57-60.35.1.noarch",
"SUSE Linux Enterprise Server 12 SP1:kernel-macros-3.12.57-60.35.1.noarch",
"SUSE Linux Enterprise Server 12 SP1:kernel-source-3.12.57-60.35.1.noarch",
"SUSE Linux Enterprise Server 12 SP1:kernel-syms-3.12.57-60.35.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-syms-3.12.57-60.35.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-syms-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-xen-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-xen-base-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-xen-devel-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.57-60.35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.57-60.35.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.57-60.35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.57-60.35.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.57-60.35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.57-60.35.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-man-3.12.57-60.35.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.57-60.35.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.57-60.35.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.57-60.35.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.57-60.35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.57-60.35.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-docs-3.12.57-60.35.3.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-obs-build-3.12.57-60.35.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-obs-build-3.12.57-60.35.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-obs-build-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP1:kernel-default-extra-3.12.57-60.35.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Desktop 12 SP1:kernel-default-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-default-devel-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-default-extra-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-devel-3.12.57-60.35.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-macros-3.12.57-60.35.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-source-3.12.57-60.35.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-syms-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-xen-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-xen-devel-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_57-60_35-default-1-2.3.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_57-60_35-xen-1-2.3.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-3.12.57-60.35.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-3.12.57-60.35.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-base-3.12.57-60.35.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-base-3.12.57-60.35.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-base-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-devel-3.12.57-60.35.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-devel-3.12.57-60.35.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-devel-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-man-3.12.57-60.35.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-devel-3.12.57-60.35.1.noarch",
"SUSE Linux Enterprise Server 12 SP1:kernel-macros-3.12.57-60.35.1.noarch",
"SUSE Linux Enterprise Server 12 SP1:kernel-source-3.12.57-60.35.1.noarch",
"SUSE Linux Enterprise Server 12 SP1:kernel-syms-3.12.57-60.35.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-syms-3.12.57-60.35.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-syms-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-xen-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-xen-base-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-xen-devel-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.57-60.35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.57-60.35.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.57-60.35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.57-60.35.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.57-60.35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.57-60.35.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-man-3.12.57-60.35.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.57-60.35.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.57-60.35.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.57-60.35.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.57-60.35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.57-60.35.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-docs-3.12.57-60.35.3.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-obs-build-3.12.57-60.35.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-obs-build-3.12.57-60.35.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-obs-build-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP1:kernel-default-extra-3.12.57-60.35.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-04-12T15:48:36Z",
"details": "moderate"
}
],
"title": "CVE-2015-8709"
},
{
"cve": "CVE-2015-8812",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-8812"
}
],
"notes": [
{
"category": "general",
"text": "drivers/infiniband/hw/cxgb3/iwch_cm.c in the Linux kernel before 4.5 does not properly identify error conditions, which allows remote attackers to execute arbitrary code or cause a denial of service (use-after-free) via crafted packets.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12 SP1:kernel-default-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-default-devel-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-default-extra-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-devel-3.12.57-60.35.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-macros-3.12.57-60.35.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-source-3.12.57-60.35.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-syms-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-xen-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-xen-devel-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_57-60_35-default-1-2.3.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_57-60_35-xen-1-2.3.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-3.12.57-60.35.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-3.12.57-60.35.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-base-3.12.57-60.35.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-base-3.12.57-60.35.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-base-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-devel-3.12.57-60.35.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-devel-3.12.57-60.35.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-devel-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-man-3.12.57-60.35.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-devel-3.12.57-60.35.1.noarch",
"SUSE Linux Enterprise Server 12 SP1:kernel-macros-3.12.57-60.35.1.noarch",
"SUSE Linux Enterprise Server 12 SP1:kernel-source-3.12.57-60.35.1.noarch",
"SUSE Linux Enterprise Server 12 SP1:kernel-syms-3.12.57-60.35.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-syms-3.12.57-60.35.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-syms-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-xen-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-xen-base-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-xen-devel-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.57-60.35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.57-60.35.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.57-60.35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.57-60.35.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.57-60.35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.57-60.35.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-man-3.12.57-60.35.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.57-60.35.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.57-60.35.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.57-60.35.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.57-60.35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.57-60.35.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-docs-3.12.57-60.35.3.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-obs-build-3.12.57-60.35.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-obs-build-3.12.57-60.35.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-obs-build-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP1:kernel-default-extra-3.12.57-60.35.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-8812",
"url": "https://www.suse.com/security/cve/CVE-2015-8812"
},
{
"category": "external",
"summary": "SUSE Bug 1020452 for CVE-2015-8812",
"url": "https://bugzilla.suse.com/1020452"
},
{
"category": "external",
"summary": "SUSE Bug 1115893 for CVE-2015-8812",
"url": "https://bugzilla.suse.com/1115893"
},
{
"category": "external",
"summary": "SUSE Bug 966437 for CVE-2015-8812",
"url": "https://bugzilla.suse.com/966437"
},
{
"category": "external",
"summary": "SUSE Bug 966683 for CVE-2015-8812",
"url": "https://bugzilla.suse.com/966683"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12 SP1:kernel-default-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-default-devel-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-default-extra-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-devel-3.12.57-60.35.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-macros-3.12.57-60.35.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-source-3.12.57-60.35.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-syms-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-xen-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-xen-devel-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_57-60_35-default-1-2.3.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_57-60_35-xen-1-2.3.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-3.12.57-60.35.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-3.12.57-60.35.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-base-3.12.57-60.35.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-base-3.12.57-60.35.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-base-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-devel-3.12.57-60.35.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-devel-3.12.57-60.35.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-devel-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-man-3.12.57-60.35.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-devel-3.12.57-60.35.1.noarch",
"SUSE Linux Enterprise Server 12 SP1:kernel-macros-3.12.57-60.35.1.noarch",
"SUSE Linux Enterprise Server 12 SP1:kernel-source-3.12.57-60.35.1.noarch",
"SUSE Linux Enterprise Server 12 SP1:kernel-syms-3.12.57-60.35.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-syms-3.12.57-60.35.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-syms-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-xen-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-xen-base-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-xen-devel-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.57-60.35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.57-60.35.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.57-60.35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.57-60.35.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.57-60.35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.57-60.35.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-man-3.12.57-60.35.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.57-60.35.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.57-60.35.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.57-60.35.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.57-60.35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.57-60.35.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-docs-3.12.57-60.35.3.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-obs-build-3.12.57-60.35.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-obs-build-3.12.57-60.35.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-obs-build-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP1:kernel-default-extra-3.12.57-60.35.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Desktop 12 SP1:kernel-default-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-default-devel-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-default-extra-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-devel-3.12.57-60.35.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-macros-3.12.57-60.35.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-source-3.12.57-60.35.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-syms-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-xen-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-xen-devel-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_57-60_35-default-1-2.3.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_57-60_35-xen-1-2.3.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-3.12.57-60.35.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-3.12.57-60.35.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-base-3.12.57-60.35.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-base-3.12.57-60.35.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-base-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-devel-3.12.57-60.35.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-devel-3.12.57-60.35.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-devel-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-man-3.12.57-60.35.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-devel-3.12.57-60.35.1.noarch",
"SUSE Linux Enterprise Server 12 SP1:kernel-macros-3.12.57-60.35.1.noarch",
"SUSE Linux Enterprise Server 12 SP1:kernel-source-3.12.57-60.35.1.noarch",
"SUSE Linux Enterprise Server 12 SP1:kernel-syms-3.12.57-60.35.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-syms-3.12.57-60.35.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-syms-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-xen-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-xen-base-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-xen-devel-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.57-60.35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.57-60.35.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.57-60.35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.57-60.35.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.57-60.35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.57-60.35.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-man-3.12.57-60.35.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.57-60.35.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.57-60.35.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.57-60.35.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.57-60.35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.57-60.35.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-docs-3.12.57-60.35.3.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-obs-build-3.12.57-60.35.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-obs-build-3.12.57-60.35.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-obs-build-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP1:kernel-default-extra-3.12.57-60.35.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-04-12T15:48:36Z",
"details": "moderate"
}
],
"title": "CVE-2015-8812"
},
{
"cve": "CVE-2015-8816",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-8816"
}
],
"notes": [
{
"category": "general",
"text": "The hub_activate function in drivers/usb/core/hub.c in the Linux kernel before 4.3.5 does not properly maintain a hub-interface data structure, which allows physically proximate attackers to cause a denial of service (invalid memory access and system crash) or possibly have unspecified other impact by unplugging a USB hub device.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12 SP1:kernel-default-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-default-devel-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-default-extra-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-devel-3.12.57-60.35.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-macros-3.12.57-60.35.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-source-3.12.57-60.35.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-syms-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-xen-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-xen-devel-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_57-60_35-default-1-2.3.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_57-60_35-xen-1-2.3.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-3.12.57-60.35.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-3.12.57-60.35.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-base-3.12.57-60.35.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-base-3.12.57-60.35.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-base-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-devel-3.12.57-60.35.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-devel-3.12.57-60.35.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-devel-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-man-3.12.57-60.35.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-devel-3.12.57-60.35.1.noarch",
"SUSE Linux Enterprise Server 12 SP1:kernel-macros-3.12.57-60.35.1.noarch",
"SUSE Linux Enterprise Server 12 SP1:kernel-source-3.12.57-60.35.1.noarch",
"SUSE Linux Enterprise Server 12 SP1:kernel-syms-3.12.57-60.35.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-syms-3.12.57-60.35.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-syms-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-xen-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-xen-base-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-xen-devel-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.57-60.35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.57-60.35.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.57-60.35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.57-60.35.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.57-60.35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.57-60.35.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-man-3.12.57-60.35.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.57-60.35.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.57-60.35.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.57-60.35.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.57-60.35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.57-60.35.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-docs-3.12.57-60.35.3.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-obs-build-3.12.57-60.35.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-obs-build-3.12.57-60.35.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-obs-build-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP1:kernel-default-extra-3.12.57-60.35.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-8816",
"url": "https://www.suse.com/security/cve/CVE-2015-8816"
},
{
"category": "external",
"summary": "SUSE Bug 1020452 for CVE-2015-8816",
"url": "https://bugzilla.suse.com/1020452"
},
{
"category": "external",
"summary": "SUSE Bug 968010 for CVE-2015-8816",
"url": "https://bugzilla.suse.com/968010"
},
{
"category": "external",
"summary": "SUSE Bug 979064 for CVE-2015-8816",
"url": "https://bugzilla.suse.com/979064"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12 SP1:kernel-default-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-default-devel-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-default-extra-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-devel-3.12.57-60.35.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-macros-3.12.57-60.35.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-source-3.12.57-60.35.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-syms-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-xen-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-xen-devel-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_57-60_35-default-1-2.3.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_57-60_35-xen-1-2.3.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-3.12.57-60.35.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-3.12.57-60.35.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-base-3.12.57-60.35.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-base-3.12.57-60.35.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-base-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-devel-3.12.57-60.35.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-devel-3.12.57-60.35.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-devel-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-man-3.12.57-60.35.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-devel-3.12.57-60.35.1.noarch",
"SUSE Linux Enterprise Server 12 SP1:kernel-macros-3.12.57-60.35.1.noarch",
"SUSE Linux Enterprise Server 12 SP1:kernel-source-3.12.57-60.35.1.noarch",
"SUSE Linux Enterprise Server 12 SP1:kernel-syms-3.12.57-60.35.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-syms-3.12.57-60.35.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-syms-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-xen-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-xen-base-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-xen-devel-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.57-60.35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.57-60.35.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.57-60.35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.57-60.35.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.57-60.35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.57-60.35.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-man-3.12.57-60.35.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.57-60.35.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.57-60.35.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.57-60.35.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.57-60.35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.57-60.35.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-docs-3.12.57-60.35.3.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-obs-build-3.12.57-60.35.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-obs-build-3.12.57-60.35.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-obs-build-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP1:kernel-default-extra-3.12.57-60.35.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Desktop 12 SP1:kernel-default-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-default-devel-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-default-extra-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-devel-3.12.57-60.35.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-macros-3.12.57-60.35.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-source-3.12.57-60.35.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-syms-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-xen-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-xen-devel-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_57-60_35-default-1-2.3.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_57-60_35-xen-1-2.3.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-3.12.57-60.35.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-3.12.57-60.35.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-base-3.12.57-60.35.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-base-3.12.57-60.35.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-base-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-devel-3.12.57-60.35.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-devel-3.12.57-60.35.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-devel-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-man-3.12.57-60.35.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-devel-3.12.57-60.35.1.noarch",
"SUSE Linux Enterprise Server 12 SP1:kernel-macros-3.12.57-60.35.1.noarch",
"SUSE Linux Enterprise Server 12 SP1:kernel-source-3.12.57-60.35.1.noarch",
"SUSE Linux Enterprise Server 12 SP1:kernel-syms-3.12.57-60.35.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-syms-3.12.57-60.35.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-syms-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-xen-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-xen-base-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-xen-devel-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.57-60.35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.57-60.35.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.57-60.35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.57-60.35.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.57-60.35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.57-60.35.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-man-3.12.57-60.35.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.57-60.35.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.57-60.35.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.57-60.35.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.57-60.35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.57-60.35.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-docs-3.12.57-60.35.3.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-obs-build-3.12.57-60.35.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-obs-build-3.12.57-60.35.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-obs-build-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP1:kernel-default-extra-3.12.57-60.35.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-04-12T15:48:36Z",
"details": "low"
}
],
"title": "CVE-2015-8816"
},
{
"cve": "CVE-2016-2143",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-2143"
}
],
"notes": [
{
"category": "general",
"text": "The fork implementation in the Linux kernel before 4.5 on s390 platforms mishandles the case of four page-table levels, which allows local users to cause a denial of service (system crash) or possibly have unspecified other impact via a crafted application, related to arch/s390/include/asm/mmu_context.h and arch/s390/include/asm/pgalloc.h.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12 SP1:kernel-default-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-default-devel-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-default-extra-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-devel-3.12.57-60.35.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-macros-3.12.57-60.35.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-source-3.12.57-60.35.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-syms-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-xen-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-xen-devel-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_57-60_35-default-1-2.3.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_57-60_35-xen-1-2.3.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-3.12.57-60.35.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-3.12.57-60.35.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-base-3.12.57-60.35.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-base-3.12.57-60.35.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-base-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-devel-3.12.57-60.35.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-devel-3.12.57-60.35.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-devel-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-man-3.12.57-60.35.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-devel-3.12.57-60.35.1.noarch",
"SUSE Linux Enterprise Server 12 SP1:kernel-macros-3.12.57-60.35.1.noarch",
"SUSE Linux Enterprise Server 12 SP1:kernel-source-3.12.57-60.35.1.noarch",
"SUSE Linux Enterprise Server 12 SP1:kernel-syms-3.12.57-60.35.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-syms-3.12.57-60.35.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-syms-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-xen-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-xen-base-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-xen-devel-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.57-60.35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.57-60.35.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.57-60.35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.57-60.35.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.57-60.35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.57-60.35.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-man-3.12.57-60.35.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.57-60.35.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.57-60.35.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.57-60.35.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.57-60.35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.57-60.35.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-docs-3.12.57-60.35.3.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-obs-build-3.12.57-60.35.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-obs-build-3.12.57-60.35.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-obs-build-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP1:kernel-default-extra-3.12.57-60.35.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-2143",
"url": "https://www.suse.com/security/cve/CVE-2016-2143"
},
{
"category": "external",
"summary": "SUSE Bug 1115893 for CVE-2016-2143",
"url": "https://bugzilla.suse.com/1115893"
},
{
"category": "external",
"summary": "SUSE Bug 970504 for CVE-2016-2143",
"url": "https://bugzilla.suse.com/970504"
},
{
"category": "external",
"summary": "SUSE Bug 993872 for CVE-2016-2143",
"url": "https://bugzilla.suse.com/993872"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12 SP1:kernel-default-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-default-devel-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-default-extra-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-devel-3.12.57-60.35.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-macros-3.12.57-60.35.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-source-3.12.57-60.35.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-syms-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-xen-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-xen-devel-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_57-60_35-default-1-2.3.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_57-60_35-xen-1-2.3.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-3.12.57-60.35.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-3.12.57-60.35.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-base-3.12.57-60.35.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-base-3.12.57-60.35.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-base-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-devel-3.12.57-60.35.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-devel-3.12.57-60.35.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-devel-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-man-3.12.57-60.35.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-devel-3.12.57-60.35.1.noarch",
"SUSE Linux Enterprise Server 12 SP1:kernel-macros-3.12.57-60.35.1.noarch",
"SUSE Linux Enterprise Server 12 SP1:kernel-source-3.12.57-60.35.1.noarch",
"SUSE Linux Enterprise Server 12 SP1:kernel-syms-3.12.57-60.35.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-syms-3.12.57-60.35.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-syms-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-xen-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-xen-base-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-xen-devel-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.57-60.35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.57-60.35.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.57-60.35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.57-60.35.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.57-60.35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.57-60.35.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-man-3.12.57-60.35.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.57-60.35.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.57-60.35.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.57-60.35.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.57-60.35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.57-60.35.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-docs-3.12.57-60.35.3.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-obs-build-3.12.57-60.35.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-obs-build-3.12.57-60.35.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-obs-build-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP1:kernel-default-extra-3.12.57-60.35.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Desktop 12 SP1:kernel-default-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-default-devel-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-default-extra-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-devel-3.12.57-60.35.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-macros-3.12.57-60.35.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-source-3.12.57-60.35.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-syms-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-xen-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-xen-devel-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_57-60_35-default-1-2.3.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_57-60_35-xen-1-2.3.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-3.12.57-60.35.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-3.12.57-60.35.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-base-3.12.57-60.35.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-base-3.12.57-60.35.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-base-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-devel-3.12.57-60.35.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-devel-3.12.57-60.35.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-devel-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-man-3.12.57-60.35.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-devel-3.12.57-60.35.1.noarch",
"SUSE Linux Enterprise Server 12 SP1:kernel-macros-3.12.57-60.35.1.noarch",
"SUSE Linux Enterprise Server 12 SP1:kernel-source-3.12.57-60.35.1.noarch",
"SUSE Linux Enterprise Server 12 SP1:kernel-syms-3.12.57-60.35.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-syms-3.12.57-60.35.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-syms-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-xen-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-xen-base-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-xen-devel-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.57-60.35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.57-60.35.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.57-60.35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.57-60.35.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.57-60.35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.57-60.35.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-man-3.12.57-60.35.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.57-60.35.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.57-60.35.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.57-60.35.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.57-60.35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.57-60.35.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-docs-3.12.57-60.35.3.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-obs-build-3.12.57-60.35.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-obs-build-3.12.57-60.35.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-obs-build-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP1:kernel-default-extra-3.12.57-60.35.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-04-12T15:48:36Z",
"details": "important"
}
],
"title": "CVE-2016-2143"
},
{
"cve": "CVE-2016-2184",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-2184"
}
],
"notes": [
{
"category": "general",
"text": "The create_fixed_stream_quirk function in sound/usb/quirks.c in the snd-usb-audio driver in the Linux kernel before 4.5.1 allows physically proximate attackers to cause a denial of service (NULL pointer dereference or double free, and system crash) via a crafted endpoints value in a USB device descriptor.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12 SP1:kernel-default-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-default-devel-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-default-extra-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-devel-3.12.57-60.35.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-macros-3.12.57-60.35.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-source-3.12.57-60.35.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-syms-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-xen-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-xen-devel-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_57-60_35-default-1-2.3.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_57-60_35-xen-1-2.3.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-3.12.57-60.35.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-3.12.57-60.35.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-base-3.12.57-60.35.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-base-3.12.57-60.35.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-base-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-devel-3.12.57-60.35.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-devel-3.12.57-60.35.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-devel-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-man-3.12.57-60.35.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-devel-3.12.57-60.35.1.noarch",
"SUSE Linux Enterprise Server 12 SP1:kernel-macros-3.12.57-60.35.1.noarch",
"SUSE Linux Enterprise Server 12 SP1:kernel-source-3.12.57-60.35.1.noarch",
"SUSE Linux Enterprise Server 12 SP1:kernel-syms-3.12.57-60.35.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-syms-3.12.57-60.35.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-syms-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-xen-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-xen-base-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-xen-devel-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.57-60.35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.57-60.35.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.57-60.35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.57-60.35.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.57-60.35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.57-60.35.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-man-3.12.57-60.35.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.57-60.35.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.57-60.35.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.57-60.35.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.57-60.35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.57-60.35.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-docs-3.12.57-60.35.3.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-obs-build-3.12.57-60.35.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-obs-build-3.12.57-60.35.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-obs-build-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP1:kernel-default-extra-3.12.57-60.35.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-2184",
"url": "https://www.suse.com/security/cve/CVE-2016-2184"
},
{
"category": "external",
"summary": "SUSE Bug 1020452 for CVE-2016-2184",
"url": "https://bugzilla.suse.com/1020452"
},
{
"category": "external",
"summary": "SUSE Bug 971125 for CVE-2016-2184",
"url": "https://bugzilla.suse.com/971125"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12 SP1:kernel-default-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-default-devel-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-default-extra-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-devel-3.12.57-60.35.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-macros-3.12.57-60.35.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-source-3.12.57-60.35.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-syms-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-xen-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-xen-devel-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_57-60_35-default-1-2.3.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_57-60_35-xen-1-2.3.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-3.12.57-60.35.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-3.12.57-60.35.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-base-3.12.57-60.35.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-base-3.12.57-60.35.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-base-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-devel-3.12.57-60.35.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-devel-3.12.57-60.35.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-devel-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-man-3.12.57-60.35.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-devel-3.12.57-60.35.1.noarch",
"SUSE Linux Enterprise Server 12 SP1:kernel-macros-3.12.57-60.35.1.noarch",
"SUSE Linux Enterprise Server 12 SP1:kernel-source-3.12.57-60.35.1.noarch",
"SUSE Linux Enterprise Server 12 SP1:kernel-syms-3.12.57-60.35.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-syms-3.12.57-60.35.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-syms-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-xen-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-xen-base-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-xen-devel-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.57-60.35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.57-60.35.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.57-60.35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.57-60.35.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.57-60.35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.57-60.35.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-man-3.12.57-60.35.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.57-60.35.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.57-60.35.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.57-60.35.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.57-60.35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.57-60.35.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-docs-3.12.57-60.35.3.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-obs-build-3.12.57-60.35.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-obs-build-3.12.57-60.35.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-obs-build-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP1:kernel-default-extra-3.12.57-60.35.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Desktop 12 SP1:kernel-default-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-default-devel-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-default-extra-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-devel-3.12.57-60.35.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-macros-3.12.57-60.35.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-source-3.12.57-60.35.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-syms-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-xen-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-xen-devel-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_57-60_35-default-1-2.3.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_57-60_35-xen-1-2.3.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-3.12.57-60.35.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-3.12.57-60.35.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-base-3.12.57-60.35.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-base-3.12.57-60.35.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-base-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-devel-3.12.57-60.35.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-devel-3.12.57-60.35.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-devel-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-man-3.12.57-60.35.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-devel-3.12.57-60.35.1.noarch",
"SUSE Linux Enterprise Server 12 SP1:kernel-macros-3.12.57-60.35.1.noarch",
"SUSE Linux Enterprise Server 12 SP1:kernel-source-3.12.57-60.35.1.noarch",
"SUSE Linux Enterprise Server 12 SP1:kernel-syms-3.12.57-60.35.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-syms-3.12.57-60.35.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-syms-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-xen-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-xen-base-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-xen-devel-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.57-60.35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.57-60.35.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.57-60.35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.57-60.35.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.57-60.35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.57-60.35.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-man-3.12.57-60.35.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.57-60.35.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.57-60.35.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.57-60.35.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.57-60.35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.57-60.35.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-docs-3.12.57-60.35.3.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-obs-build-3.12.57-60.35.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-obs-build-3.12.57-60.35.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-obs-build-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP1:kernel-default-extra-3.12.57-60.35.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-04-12T15:48:36Z",
"details": "low"
}
],
"title": "CVE-2016-2184"
},
{
"cve": "CVE-2016-2384",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-2384"
}
],
"notes": [
{
"category": "general",
"text": "Double free vulnerability in the snd_usbmidi_create function in sound/usb/midi.c in the Linux kernel before 4.5 allows physically proximate attackers to cause a denial of service (panic) or possibly have unspecified other impact via vectors involving an invalid USB descriptor.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12 SP1:kernel-default-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-default-devel-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-default-extra-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-devel-3.12.57-60.35.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-macros-3.12.57-60.35.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-source-3.12.57-60.35.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-syms-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-xen-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-xen-devel-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_57-60_35-default-1-2.3.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_57-60_35-xen-1-2.3.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-3.12.57-60.35.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-3.12.57-60.35.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-base-3.12.57-60.35.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-base-3.12.57-60.35.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-base-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-devel-3.12.57-60.35.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-devel-3.12.57-60.35.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-devel-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-man-3.12.57-60.35.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-devel-3.12.57-60.35.1.noarch",
"SUSE Linux Enterprise Server 12 SP1:kernel-macros-3.12.57-60.35.1.noarch",
"SUSE Linux Enterprise Server 12 SP1:kernel-source-3.12.57-60.35.1.noarch",
"SUSE Linux Enterprise Server 12 SP1:kernel-syms-3.12.57-60.35.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-syms-3.12.57-60.35.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-syms-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-xen-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-xen-base-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-xen-devel-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.57-60.35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.57-60.35.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.57-60.35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.57-60.35.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.57-60.35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.57-60.35.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-man-3.12.57-60.35.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.57-60.35.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.57-60.35.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.57-60.35.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.57-60.35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.57-60.35.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-docs-3.12.57-60.35.3.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-obs-build-3.12.57-60.35.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-obs-build-3.12.57-60.35.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-obs-build-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP1:kernel-default-extra-3.12.57-60.35.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-2384",
"url": "https://www.suse.com/security/cve/CVE-2016-2384"
},
{
"category": "external",
"summary": "SUSE Bug 1020452 for CVE-2016-2384",
"url": "https://bugzilla.suse.com/1020452"
},
{
"category": "external",
"summary": "SUSE Bug 966693 for CVE-2016-2384",
"url": "https://bugzilla.suse.com/966693"
},
{
"category": "external",
"summary": "SUSE Bug 967773 for CVE-2016-2384",
"url": "https://bugzilla.suse.com/967773"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12 SP1:kernel-default-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-default-devel-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-default-extra-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-devel-3.12.57-60.35.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-macros-3.12.57-60.35.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-source-3.12.57-60.35.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-syms-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-xen-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-xen-devel-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_57-60_35-default-1-2.3.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_57-60_35-xen-1-2.3.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-3.12.57-60.35.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-3.12.57-60.35.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-base-3.12.57-60.35.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-base-3.12.57-60.35.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-base-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-devel-3.12.57-60.35.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-devel-3.12.57-60.35.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-devel-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-man-3.12.57-60.35.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-devel-3.12.57-60.35.1.noarch",
"SUSE Linux Enterprise Server 12 SP1:kernel-macros-3.12.57-60.35.1.noarch",
"SUSE Linux Enterprise Server 12 SP1:kernel-source-3.12.57-60.35.1.noarch",
"SUSE Linux Enterprise Server 12 SP1:kernel-syms-3.12.57-60.35.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-syms-3.12.57-60.35.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-syms-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-xen-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-xen-base-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-xen-devel-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.57-60.35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.57-60.35.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.57-60.35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.57-60.35.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.57-60.35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.57-60.35.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-man-3.12.57-60.35.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.57-60.35.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.57-60.35.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.57-60.35.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.57-60.35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.57-60.35.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-docs-3.12.57-60.35.3.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-obs-build-3.12.57-60.35.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-obs-build-3.12.57-60.35.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-obs-build-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP1:kernel-default-extra-3.12.57-60.35.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Desktop 12 SP1:kernel-default-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-default-devel-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-default-extra-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-devel-3.12.57-60.35.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-macros-3.12.57-60.35.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-source-3.12.57-60.35.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-syms-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-xen-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-xen-devel-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_57-60_35-default-1-2.3.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_57-60_35-xen-1-2.3.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-3.12.57-60.35.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-3.12.57-60.35.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-base-3.12.57-60.35.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-base-3.12.57-60.35.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-base-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-devel-3.12.57-60.35.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-devel-3.12.57-60.35.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-devel-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-man-3.12.57-60.35.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-devel-3.12.57-60.35.1.noarch",
"SUSE Linux Enterprise Server 12 SP1:kernel-macros-3.12.57-60.35.1.noarch",
"SUSE Linux Enterprise Server 12 SP1:kernel-source-3.12.57-60.35.1.noarch",
"SUSE Linux Enterprise Server 12 SP1:kernel-syms-3.12.57-60.35.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-syms-3.12.57-60.35.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-syms-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-xen-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-xen-base-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-xen-devel-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.57-60.35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.57-60.35.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.57-60.35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.57-60.35.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.57-60.35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.57-60.35.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-man-3.12.57-60.35.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.57-60.35.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.57-60.35.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.57-60.35.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.57-60.35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.57-60.35.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-docs-3.12.57-60.35.3.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-obs-build-3.12.57-60.35.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-obs-build-3.12.57-60.35.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-obs-build-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP1:kernel-default-extra-3.12.57-60.35.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-04-12T15:48:36Z",
"details": "low"
}
],
"title": "CVE-2016-2384"
},
{
"cve": "CVE-2016-2782",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-2782"
}
],
"notes": [
{
"category": "general",
"text": "The treo_attach function in drivers/usb/serial/visor.c in the Linux kernel before 4.5 allows physically proximate attackers to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact by inserting a USB device that lacks a (1) bulk-in or (2) interrupt-in endpoint.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12 SP1:kernel-default-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-default-devel-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-default-extra-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-devel-3.12.57-60.35.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-macros-3.12.57-60.35.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-source-3.12.57-60.35.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-syms-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-xen-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-xen-devel-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_57-60_35-default-1-2.3.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_57-60_35-xen-1-2.3.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-3.12.57-60.35.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-3.12.57-60.35.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-base-3.12.57-60.35.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-base-3.12.57-60.35.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-base-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-devel-3.12.57-60.35.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-devel-3.12.57-60.35.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-devel-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-man-3.12.57-60.35.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-devel-3.12.57-60.35.1.noarch",
"SUSE Linux Enterprise Server 12 SP1:kernel-macros-3.12.57-60.35.1.noarch",
"SUSE Linux Enterprise Server 12 SP1:kernel-source-3.12.57-60.35.1.noarch",
"SUSE Linux Enterprise Server 12 SP1:kernel-syms-3.12.57-60.35.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-syms-3.12.57-60.35.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-syms-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-xen-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-xen-base-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-xen-devel-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.57-60.35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.57-60.35.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.57-60.35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.57-60.35.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.57-60.35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.57-60.35.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-man-3.12.57-60.35.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.57-60.35.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.57-60.35.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.57-60.35.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.57-60.35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.57-60.35.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-docs-3.12.57-60.35.3.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-obs-build-3.12.57-60.35.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-obs-build-3.12.57-60.35.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-obs-build-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP1:kernel-default-extra-3.12.57-60.35.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-2782",
"url": "https://www.suse.com/security/cve/CVE-2016-2782"
},
{
"category": "external",
"summary": "SUSE Bug 1020452 for CVE-2016-2782",
"url": "https://bugzilla.suse.com/1020452"
},
{
"category": "external",
"summary": "SUSE Bug 961512 for CVE-2016-2782",
"url": "https://bugzilla.suse.com/961512"
},
{
"category": "external",
"summary": "SUSE Bug 968670 for CVE-2016-2782",
"url": "https://bugzilla.suse.com/968670"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12 SP1:kernel-default-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-default-devel-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-default-extra-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-devel-3.12.57-60.35.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-macros-3.12.57-60.35.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-source-3.12.57-60.35.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-syms-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-xen-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-xen-devel-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_57-60_35-default-1-2.3.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_57-60_35-xen-1-2.3.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-3.12.57-60.35.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-3.12.57-60.35.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-base-3.12.57-60.35.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-base-3.12.57-60.35.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-base-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-devel-3.12.57-60.35.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-devel-3.12.57-60.35.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-devel-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-man-3.12.57-60.35.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-devel-3.12.57-60.35.1.noarch",
"SUSE Linux Enterprise Server 12 SP1:kernel-macros-3.12.57-60.35.1.noarch",
"SUSE Linux Enterprise Server 12 SP1:kernel-source-3.12.57-60.35.1.noarch",
"SUSE Linux Enterprise Server 12 SP1:kernel-syms-3.12.57-60.35.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-syms-3.12.57-60.35.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-syms-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-xen-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-xen-base-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-xen-devel-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.57-60.35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.57-60.35.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.57-60.35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.57-60.35.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.57-60.35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.57-60.35.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-man-3.12.57-60.35.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.57-60.35.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.57-60.35.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.57-60.35.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.57-60.35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.57-60.35.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-docs-3.12.57-60.35.3.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-obs-build-3.12.57-60.35.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-obs-build-3.12.57-60.35.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-obs-build-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP1:kernel-default-extra-3.12.57-60.35.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Desktop 12 SP1:kernel-default-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-default-devel-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-default-extra-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-devel-3.12.57-60.35.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-macros-3.12.57-60.35.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-source-3.12.57-60.35.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-syms-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-xen-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-xen-devel-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_57-60_35-default-1-2.3.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_57-60_35-xen-1-2.3.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-3.12.57-60.35.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-3.12.57-60.35.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-base-3.12.57-60.35.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-base-3.12.57-60.35.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-base-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-devel-3.12.57-60.35.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-devel-3.12.57-60.35.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-devel-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-man-3.12.57-60.35.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-devel-3.12.57-60.35.1.noarch",
"SUSE Linux Enterprise Server 12 SP1:kernel-macros-3.12.57-60.35.1.noarch",
"SUSE Linux Enterprise Server 12 SP1:kernel-source-3.12.57-60.35.1.noarch",
"SUSE Linux Enterprise Server 12 SP1:kernel-syms-3.12.57-60.35.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-syms-3.12.57-60.35.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-syms-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-xen-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-xen-base-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-xen-devel-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.57-60.35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.57-60.35.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.57-60.35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.57-60.35.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.57-60.35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.57-60.35.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-man-3.12.57-60.35.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.57-60.35.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.57-60.35.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.57-60.35.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.57-60.35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.57-60.35.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-docs-3.12.57-60.35.3.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-obs-build-3.12.57-60.35.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-obs-build-3.12.57-60.35.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-obs-build-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP1:kernel-default-extra-3.12.57-60.35.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-04-12T15:48:36Z",
"details": "moderate"
}
],
"title": "CVE-2016-2782"
},
{
"cve": "CVE-2016-3139",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-3139"
}
],
"notes": [
{
"category": "general",
"text": "The wacom_probe function in drivers/input/tablet/wacom_sys.c in the Linux kernel before 3.17 allows physically proximate attackers to cause a denial of service (NULL pointer dereference and system crash) via a crafted endpoints value in a USB device descriptor.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12 SP1:kernel-default-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-default-devel-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-default-extra-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-devel-3.12.57-60.35.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-macros-3.12.57-60.35.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-source-3.12.57-60.35.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-syms-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-xen-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-xen-devel-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_57-60_35-default-1-2.3.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_57-60_35-xen-1-2.3.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-3.12.57-60.35.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-3.12.57-60.35.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-base-3.12.57-60.35.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-base-3.12.57-60.35.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-base-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-devel-3.12.57-60.35.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-devel-3.12.57-60.35.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-devel-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-man-3.12.57-60.35.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-devel-3.12.57-60.35.1.noarch",
"SUSE Linux Enterprise Server 12 SP1:kernel-macros-3.12.57-60.35.1.noarch",
"SUSE Linux Enterprise Server 12 SP1:kernel-source-3.12.57-60.35.1.noarch",
"SUSE Linux Enterprise Server 12 SP1:kernel-syms-3.12.57-60.35.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-syms-3.12.57-60.35.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-syms-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-xen-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-xen-base-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-xen-devel-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.57-60.35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.57-60.35.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.57-60.35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.57-60.35.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.57-60.35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.57-60.35.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-man-3.12.57-60.35.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.57-60.35.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.57-60.35.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.57-60.35.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.57-60.35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.57-60.35.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-docs-3.12.57-60.35.3.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-obs-build-3.12.57-60.35.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-obs-build-3.12.57-60.35.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-obs-build-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP1:kernel-default-extra-3.12.57-60.35.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-3139",
"url": "https://www.suse.com/security/cve/CVE-2016-3139"
},
{
"category": "external",
"summary": "SUSE Bug 1020452 for CVE-2016-3139",
"url": "https://bugzilla.suse.com/1020452"
},
{
"category": "external",
"summary": "SUSE Bug 970909 for CVE-2016-3139",
"url": "https://bugzilla.suse.com/970909"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12 SP1:kernel-default-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-default-devel-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-default-extra-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-devel-3.12.57-60.35.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-macros-3.12.57-60.35.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-source-3.12.57-60.35.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-syms-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-xen-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-xen-devel-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_57-60_35-default-1-2.3.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_57-60_35-xen-1-2.3.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-3.12.57-60.35.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-3.12.57-60.35.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-base-3.12.57-60.35.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-base-3.12.57-60.35.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-base-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-devel-3.12.57-60.35.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-devel-3.12.57-60.35.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-devel-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-man-3.12.57-60.35.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-devel-3.12.57-60.35.1.noarch",
"SUSE Linux Enterprise Server 12 SP1:kernel-macros-3.12.57-60.35.1.noarch",
"SUSE Linux Enterprise Server 12 SP1:kernel-source-3.12.57-60.35.1.noarch",
"SUSE Linux Enterprise Server 12 SP1:kernel-syms-3.12.57-60.35.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-syms-3.12.57-60.35.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-syms-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-xen-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-xen-base-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-xen-devel-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.57-60.35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.57-60.35.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.57-60.35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.57-60.35.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.57-60.35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.57-60.35.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-man-3.12.57-60.35.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.57-60.35.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.57-60.35.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.57-60.35.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.57-60.35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.57-60.35.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-docs-3.12.57-60.35.3.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-obs-build-3.12.57-60.35.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-obs-build-3.12.57-60.35.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-obs-build-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP1:kernel-default-extra-3.12.57-60.35.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Desktop 12 SP1:kernel-default-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-default-devel-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-default-extra-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-devel-3.12.57-60.35.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-macros-3.12.57-60.35.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-source-3.12.57-60.35.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-syms-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-xen-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-xen-devel-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_57-60_35-default-1-2.3.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_57-60_35-xen-1-2.3.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-3.12.57-60.35.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-3.12.57-60.35.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-base-3.12.57-60.35.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-base-3.12.57-60.35.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-base-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-devel-3.12.57-60.35.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-devel-3.12.57-60.35.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-devel-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-man-3.12.57-60.35.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-devel-3.12.57-60.35.1.noarch",
"SUSE Linux Enterprise Server 12 SP1:kernel-macros-3.12.57-60.35.1.noarch",
"SUSE Linux Enterprise Server 12 SP1:kernel-source-3.12.57-60.35.1.noarch",
"SUSE Linux Enterprise Server 12 SP1:kernel-syms-3.12.57-60.35.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-syms-3.12.57-60.35.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-syms-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-xen-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-xen-base-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-xen-devel-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.57-60.35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.57-60.35.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.57-60.35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.57-60.35.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.57-60.35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.57-60.35.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-man-3.12.57-60.35.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.57-60.35.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.57-60.35.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.57-60.35.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.57-60.35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.57-60.35.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-docs-3.12.57-60.35.3.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-obs-build-3.12.57-60.35.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-obs-build-3.12.57-60.35.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-obs-build-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP1:kernel-default-extra-3.12.57-60.35.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-04-12T15:48:36Z",
"details": "low"
}
],
"title": "CVE-2016-3139"
},
{
"cve": "CVE-2016-3156",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-3156"
}
],
"notes": [
{
"category": "general",
"text": "The IPv4 implementation in the Linux kernel before 4.5.2 mishandles destruction of device objects, which allows guest OS users to cause a denial of service (host OS networking outage) by arranging for a large number of IP addresses.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12 SP1:kernel-default-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-default-devel-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-default-extra-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-devel-3.12.57-60.35.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-macros-3.12.57-60.35.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-source-3.12.57-60.35.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-syms-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-xen-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-xen-devel-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_57-60_35-default-1-2.3.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_57-60_35-xen-1-2.3.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-3.12.57-60.35.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-3.12.57-60.35.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-base-3.12.57-60.35.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-base-3.12.57-60.35.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-base-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-devel-3.12.57-60.35.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-devel-3.12.57-60.35.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-devel-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-man-3.12.57-60.35.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-devel-3.12.57-60.35.1.noarch",
"SUSE Linux Enterprise Server 12 SP1:kernel-macros-3.12.57-60.35.1.noarch",
"SUSE Linux Enterprise Server 12 SP1:kernel-source-3.12.57-60.35.1.noarch",
"SUSE Linux Enterprise Server 12 SP1:kernel-syms-3.12.57-60.35.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-syms-3.12.57-60.35.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-syms-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-xen-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-xen-base-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-xen-devel-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.57-60.35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.57-60.35.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.57-60.35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.57-60.35.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.57-60.35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.57-60.35.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-man-3.12.57-60.35.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.57-60.35.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.57-60.35.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.57-60.35.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.57-60.35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.57-60.35.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-docs-3.12.57-60.35.3.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-obs-build-3.12.57-60.35.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-obs-build-3.12.57-60.35.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-obs-build-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP1:kernel-default-extra-3.12.57-60.35.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-3156",
"url": "https://www.suse.com/security/cve/CVE-2016-3156"
},
{
"category": "external",
"summary": "SUSE Bug 1020452 for CVE-2016-3156",
"url": "https://bugzilla.suse.com/1020452"
},
{
"category": "external",
"summary": "SUSE Bug 971360 for CVE-2016-3156",
"url": "https://bugzilla.suse.com/971360"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12 SP1:kernel-default-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-default-devel-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-default-extra-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-devel-3.12.57-60.35.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-macros-3.12.57-60.35.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-source-3.12.57-60.35.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-syms-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-xen-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-xen-devel-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_57-60_35-default-1-2.3.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_57-60_35-xen-1-2.3.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-3.12.57-60.35.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-3.12.57-60.35.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-base-3.12.57-60.35.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-base-3.12.57-60.35.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-base-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-devel-3.12.57-60.35.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-devel-3.12.57-60.35.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-devel-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-man-3.12.57-60.35.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-devel-3.12.57-60.35.1.noarch",
"SUSE Linux Enterprise Server 12 SP1:kernel-macros-3.12.57-60.35.1.noarch",
"SUSE Linux Enterprise Server 12 SP1:kernel-source-3.12.57-60.35.1.noarch",
"SUSE Linux Enterprise Server 12 SP1:kernel-syms-3.12.57-60.35.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-syms-3.12.57-60.35.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-syms-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-xen-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-xen-base-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-xen-devel-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.57-60.35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.57-60.35.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.57-60.35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.57-60.35.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.57-60.35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.57-60.35.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-man-3.12.57-60.35.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.57-60.35.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.57-60.35.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.57-60.35.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.57-60.35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.57-60.35.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-docs-3.12.57-60.35.3.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-obs-build-3.12.57-60.35.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-obs-build-3.12.57-60.35.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-obs-build-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP1:kernel-default-extra-3.12.57-60.35.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Desktop 12 SP1:kernel-default-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-default-devel-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-default-extra-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-devel-3.12.57-60.35.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-macros-3.12.57-60.35.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-source-3.12.57-60.35.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-syms-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-xen-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-xen-devel-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_57-60_35-default-1-2.3.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_57-60_35-xen-1-2.3.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-3.12.57-60.35.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-3.12.57-60.35.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-base-3.12.57-60.35.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-base-3.12.57-60.35.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-base-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-devel-3.12.57-60.35.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-devel-3.12.57-60.35.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-devel-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-man-3.12.57-60.35.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-devel-3.12.57-60.35.1.noarch",
"SUSE Linux Enterprise Server 12 SP1:kernel-macros-3.12.57-60.35.1.noarch",
"SUSE Linux Enterprise Server 12 SP1:kernel-source-3.12.57-60.35.1.noarch",
"SUSE Linux Enterprise Server 12 SP1:kernel-syms-3.12.57-60.35.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-syms-3.12.57-60.35.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-syms-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-xen-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-xen-base-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-xen-devel-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.57-60.35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.57-60.35.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.57-60.35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.57-60.35.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.57-60.35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.57-60.35.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-man-3.12.57-60.35.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.57-60.35.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.57-60.35.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.57-60.35.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.57-60.35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.57-60.35.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-docs-3.12.57-60.35.3.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-obs-build-3.12.57-60.35.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-obs-build-3.12.57-60.35.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-obs-build-3.12.57-60.35.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP1:kernel-default-extra-3.12.57-60.35.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-04-12T15:48:36Z",
"details": "low"
}
],
"title": "CVE-2016-3156"
}
]
}
suse-su-2017:0575-1
Vulnerability from csaf_suse
Published
2017-02-28 12:17
Modified
2017-02-28 12:17
Summary
Security update for the Linux Kernel
Notes
Title of the patch
Security update for the Linux Kernel
Description of the patch
The SUSE Linux Enterprise 12 SP2 kernel was updated to 4.4.49 to receive various security and bugfixes.
The following security bugs were fixed:
- CVE-2016-7117: Use-after-free vulnerability in the __sys_recvmmsg function in
net/socket.c in the Linux kernel allowed remote attackers to execute arbitrary
code via vectors involving a recvmmsg system call that was mishandled during
error processing (bnc#1003077).
- CVE-2017-5576: Integer overflow in the vc4_get_bcl function in
drivers/gpu/drm/vc4/vc4_gem.c in the VideoCore DRM driver in the Linux kernel
allowed local users to cause a denial of service or possibly have unspecified
other impact via a crafted size value in a VC4_SUBMIT_CL ioctl call
(bnc#1021294).
- CVE-2017-5577: The vc4_get_bcl function in drivers/gpu/drm/vc4/vc4_gem.c in
the VideoCore DRM driver in the Linux kernel did not set an errno value upon
certain overflow detections, which allowed local users to cause a denial of
service (incorrect pointer dereference and OOPS) via inconsistent size values
in a VC4_SUBMIT_CL ioctl call (bnc#1021294).
- CVE-2017-5551: The simple_set_acl function in fs/posix_acl.c in the Linux
kernel preserved the setgid bit during a setxattr call involving a tmpfs
filesystem, which allowed local users to gain group privileges by leveraging
the existence of a setgid program with restrictions on execute permissions.
(bnc#1021258).
- CVE-2017-2583: The load_segment_descriptor implementation in
arch/x86/kvm/emulate.c in the Linux kernel improperly emulated a 'MOV SS,
NULL selector' instruction, which allowed guest OS users to cause a denial of
service (guest OS crash) or gain guest OS privileges via a crafted
application (bnc#1020602).
- CVE-2017-2584: arch/x86/kvm/emulate.c in the Linux kernel allowed local users
to obtain sensitive information from kernel memory or cause a denial of
service (use-after-free) via a crafted application that leverages instruction
emulation for fxrstor, fxsave, sgdt, and sidt (bnc#1019851).
- CVE-2015-8709: kernel/ptrace.c in the Linux kernel mishandled uid and gid
mappings, which allowed local users to gain privileges by establishing a user
namespace, waiting for a root process to enter that namespace with an unsafe
uid or gid, and then using the ptrace system call. NOTE: the vendor states
'there is no kernel bug here' (bnc#1010933).
- CVE-2016-9806: Race condition in the netlink_dump function in
net/netlink/af_netlink.c in the Linux kernel allowed local users to cause a
denial of service (double free) or possibly have unspecified other impact via
a crafted application that made sendmsg system calls, leading to a free
operation associated with a new dump that started earlier than anticipated
(bnc#1013540).
- CVE-2017-5897: fixed a bug in the Linux kernel IPv6 implementation which
allowed remote attackers to trigger an out-of-bounds access, leading to a
denial-of-service attack (bnc#1023762).
- CVE-2017-5970: Fixed a possible denial-of-service that could have been
triggered by sending bad IP options on a socket (bsc#1024938).
- CVE-2017-5986: an application could have triggered a BUG_ON() in
sctp_wait_for_sndbuf() if the socket TX buffer was full, a thread was waiting
on it to queue more data, and meanwhile another thread peeled off the
association being used by the first thread (bsc#1025235).
The following non-security bugs were fixed:
- 8250: fintek: rename IRQ_MODE macro (boo#1009546).
- acpi: nfit, libnvdimm: fix / harden ars_status output length handling (bsc#1023175).
- acpi: nfit: fix bus vs dimm confusion in xlat_status (bsc#1023175).
- acpi: nfit: validate ars_status output buffer size (bsc#1023175).
- arm64: numa: fix incorrect log for memory-less node (bsc#1019631).
- asoc: cht_bsw_rt5645: Fix leftover kmalloc (bsc#1010690).
- asoc: rt5670: add HS ground control (bsc#1016250).
- bcache: Make gc wakeup sane, remove set_task_state() (bsc#1021260).
- bcache: partition support: add 16 minors per bcacheN device (bsc#1019784).
- blk-mq: Allow timeouts to run while queue is freezing (bsc#1020817).
- blk-mq: Always schedule hctx->next_cpu (bsc#1020817).
- blk-mq: Avoid memory reclaim when remapping queues (bsc#1020817).
- blk-mq: Fix failed allocation path when mapping queues (bsc#1020817).
- blk-mq: do not overwrite rq->mq_ctx (bsc#1020817).
- blk-mq: improve warning for running a queue on the wrong CPU (bsc#1020817).
- block: Change extern inline to static inline (bsc#1023175).
- bluetooth: btmrvl: fix hung task warning dump (bsc#1018813).
- bnx2x: Correct ringparam estimate when DOWN (bsc#1020214).
- brcmfmac: Change error print on wlan0 existence (bsc#1000092).
- btrfs: add support for RENAME_EXCHANGE and RENAME_WHITEOUT (bsc#1020975).
- btrfs: bugfix: handle FS_IOC32_{GETFLAGS,SETFLAGS,GETVERSION} in btrfs_ioctl (bsc#1018100).
- btrfs: fix btrfs_compat_ioctl failures on non-compat ioctls (bsc#1018100).
- btrfs: fix inode leak on failure to setup whiteout inode in rename (bsc#1020975).
- btrfs: fix lockdep warning about log_mutex (bsc#1021455).
- btrfs: fix lockdep warning on deadlock against an inode's log mutex (bsc#1021455).
- btrfs: fix number of transaction units for renames with whiteout (bsc#1020975).
- btrfs: increment ctx->pos for every emitted or skipped dirent in readdir (bsc#981709).
- btrfs: incremental send, fix invalid paths for rename operations (bsc#1018316).
- btrfs: incremental send, fix premature rmdir operations (bsc#1018316).
- btrfs: pin log earlier when renaming (bsc#1020975).
- btrfs: pin logs earlier when doing a rename exchange operation (bsc#1020975).
- btrfs: remove old tree_root dirent processing in btrfs_real_readdir() (bsc#981709).
- btrfs: send, add missing error check for calls to path_loop() (bsc#1018316).
- btrfs: send, avoid incorrect leaf accesses when sending utimes operations (bsc#1018316).
- btrfs: send, fix failure to move directories with the same name around (bsc#1018316).
- btrfs: send, fix invalid leaf accesses due to incorrect utimes operations (bsc#1018316).
- btrfs: send, fix warning due to late freeing of orphan_dir_info structures (bsc#1018316).
- btrfs: test_check_exists: Fix infinite loop when searching for free space entries (bsc#987192).
- btrfs: unpin log if rename operation fails (bsc#1020975).
- btrfs: unpin logs if rename exchange operation fails (bsc#1020975).
- ceph: fix bad endianness handling in parse_reply_info_extra (bsc#1020488).
- clk: xgene: Add PMD clock (bsc#1019351).
- clk: xgene: Do not call __pa on ioremaped address (bsc#1019351).
- clk: xgene: Remove CLK_IS_ROOT (bsc#1019351).
- config: enable CONFIG_OCFS2_DEBUG_MASKLOG for ocfs2 (bsc#1015038)
- config: enable Ceph kernel client modules for ppc64le
- config: enable Ceph kernel client modules for s390x
- crypto: FIPS - allow tests to be disabled in FIPS mode (bsc#1018913).
- crypto: drbg - do not call drbg_instantiate in healt test (bsc#1018913).
- crypto: drbg - remove FIPS 140-2 continuous test (bsc#1018913).
- crypto: qat - fix bar discovery for c62x (bsc#1021251).
- crypto: qat - zero esram only for DH85x devices (bsc#1021248).
- crypto: rsa - allow keys >= 2048 bits in FIPS mode (bsc#1018913).
- crypto: xts - consolidate sanity check for keys (bsc#1018913).
- crypto: xts - fix compile errors (bsc#1018913).
- cxl: fix potential NULL dereference in free_adapter() (bsc#1016517).
- dax: fix deadlock with DAX 4k holes (bsc#1012829).
- dax: fix device-dax region base (bsc#1023175).
- device-dax: check devm_nsio_enable() return value (bsc#1023175).
- device-dax: fail all private mapping attempts (bsc#1023175).
- device-dax: fix percpu_ref_exit ordering (bsc#1023175).
- driver core: fix race between creating/querying glue dir and its cleanup (bnc#1008742).
- drivers: hv: Introduce a policy for controlling channel affinity.
- drivers: hv: balloon: Add logging for dynamic memory operations.
- drivers: hv: balloon: Disable hot add when CONFIG_MEMORY_HOTPLUG is not set.
- drivers: hv: balloon: Fix info request to show max page count.
- drivers: hv: balloon: Use available memory value in pressure report.
- drivers: hv: balloon: account for gaps in hot add regions.
- drivers: hv: balloon: keep track of where ha_region starts.
- drivers: hv: balloon: replace ha_region_mutex with spinlock.
- drivers: hv: cleanup vmbus_open() for wrap around mappings.
- drivers: hv: do not leak memory in vmbus_establish_gpadl().
- drivers: hv: get rid of id in struct vmbus_channel.
- drivers: hv: get rid of redundant messagecount in create_gpadl_header().
- drivers: hv: get rid of timeout in vmbus_open().
- drivers: hv: make VMBus bus ids persistent.
- drivers: hv: ring_buffer: count on wrap around mappings in get_next_pkt_raw() (v2).
- drivers: hv: ring_buffer: use wrap around mappings in hv_copy{from, to}_ringbuffer().
- drivers: hv: ring_buffer: wrap around mappings for ring buffers.
- drivers: hv: utils: Check VSS daemon is listening before a hot backup.
- drivers: hv: utils: Continue to poll VSS channel after handling requests.
- drivers: hv: utils: Fix the mapping between host version and protocol to use.
- drivers: hv: utils: reduce HV_UTIL_NEGO_TIMEOUT timeout.
- drivers: hv: vmbus: Base host signaling strictly on the ring state.
- drivers: hv: vmbus: Enable explicit signaling policy for NIC channels.
- drivers: hv: vmbus: Implement a mechanism to tag the channel for low latency.
- drivers: hv: vmbus: Make mmio resource local.
- drivers: hv: vmbus: On the read path cleanup the logic to interrupt the host.
- drivers: hv: vmbus: On write cleanup the logic to interrupt the host.
- drivers: hv: vmbus: Reduce the delay between retries in vmbus_post_msg().
- drivers: hv: vmbus: finally fix hv_need_to_signal_on_read().
- drivers: hv: vmbus: fix the race when querying and updating the percpu list.
- drivers: hv: vmbus: suppress some 'hv_vmbus: Unknown GUID' warnings.
- drivers: hv: vss: Improve log messages.
- drivers: hv: vss: Operation timeouts should match host expectation.
- drivers: net: phy: mdio-xgene: Add hardware dependency (bsc#1019351).
- drivers: net: phy: xgene: Fix 'remove' function (bsc#1019351).
- drivers: net: xgene: Add change_mtu function (bsc#1019351).
- drivers: net: xgene: Add flow control configuration (bsc#1019351).
- drivers: net: xgene: Add flow control initialization (bsc#1019351).
- drivers: net: xgene: Add helper function (bsc#1019351).
- drivers: net: xgene: Add support for Jumbo frame (bsc#1019351).
- drivers: net: xgene: Configure classifier with pagepool (bsc#1019351).
- drivers: net: xgene: Fix MSS programming (bsc#1019351).
- drivers: net: xgene: fix build after change_mtu function change (bsc#1019351).
- drivers: net: xgene: fix: Coalescing values for v2 hardware (bsc#1019351).
- drivers: net: xgene: fix: Disable coalescing on v1 hardware (bsc#1019351).
- drivers: net: xgene: fix: RSS for non-TCP/UDP (bsc#1019351).
- drivers: net: xgene: fix: Use GPIO to get link status (bsc#1019351).
- drivers: net: xgene: uninitialized variable in xgene_enet_free_pagepool() (bsc#1019351).
- drm: Delete previous two fixes for i915 (bsc#1019061). These upstream fixes brought some regressions, so better to revert for now.
- drm: Disable patches.drivers/drm-i915-Exit-cherryview_irq_handler-after-one-pass The patch seems leading to the instability on Wyse box (bsc#1015367).
- drm: Fix broken VT switch with video=1366x768 option (bsc#1018358).
- drm: Use u64 for intermediate dotclock calculations (bnc#1006472).
- drm: i915: Do not init hpd polling for vlv and chv from runtime_suspend() (bsc#1014120).
- drm: i915: Fix PCODE polling during CDCLK change notification (bsc#1015367).
- drm: i915: Fix watermarks for VLV/CHV (bsc#1011176).
- drm: i915: Force VDD off on the new power seqeuencer before starting to use it (bsc#1009674).
- drm: i915: Mark CPU cache as dirty when used for rendering (bsc#1015367).
- drm: i915: Mark i915_hpd_poll_init_work as static (bsc#1014120).
- drm: i915: Prevent PPS stealing from a normal DP port on VLV/CHV (bsc#1019061).
- drm: i915: Prevent enabling hpd polling in late suspend (bsc#1014120).
- drm: i915: Restore PPS HW state from the encoder resume hook (bsc#1019061).
- drm: i915: Workaround for DP DPMS D3 on Dell monitor (bsc#1019061).
- drm: vc4: Fix an integer overflow in temporary allocation layout (bsc#1021294).
- drm: vc4: Return -EINVAL on the overflow checks failing (bsc#1021294).
- drm: virtio-gpu: get the fb from the plane state for atomic updates (bsc#1023101).
- edac: xgene: Fix spelling mistake in error messages (bsc#1019351).
- efi: libstub: Move Graphics Output Protocol handling to generic code (bnc#974215).
- fbcon: Fix vc attr at deinit (bsc#1000619).
- fs: nfs: avoid including 'mountproto=' with no protocol in /proc/mounts (bsc#1019260).
- gpio: xgene: make explicitly non-modular (bsc#1019351).
- hv: acquire vmbus_connection.channel_mutex in vmbus_free_channels().
- hv: change clockevents unbind tactics.
- hv: do not reset hv_context.tsc_page on crash.
- hv_netvsc: Add handler for physical link speed change.
- hv_netvsc: Add query for initial physical link speed.
- hv_netvsc: Implement batching of receive completions.
- hv_netvsc: Revert 'make inline functions static'.
- hv_netvsc: Revert 'report vmbus name in ethtool'.
- hv_netvsc: add ethtool statistics for tx packet issues.
- hv_netvsc: count multicast packets received.
- hv_netvsc: dev hold/put reference to VF.
- hv_netvsc: fix a race between netvsc_send() and netvsc_init_buf().
- hv_netvsc: fix comments.
- hv_netvsc: fix rtnl locking in callback.
- hv_netvsc: improve VF device matching.
- hv_netvsc: init completion during alloc.
- hv_netvsc: make RSS hash key static.
- hv_netvsc: make device_remove void.
- hv_netvsc: make inline functions static.
- hv_netvsc: make netvsc_destroy_buf void.
- hv_netvsc: make variable local.
- hv_netvsc: rearrange start_xmit.
- hv_netvsc: refactor completion function.
- hv_netvsc: remove VF in flight counters.
- hv_netvsc: remove excessive logging on MTU change.
- hv_netvsc: report vmbus name in ethtool.
- hv_netvsc: simplify callback event code.
- hv_netvsc: style cleanups.
- hv_netvsc: use ARRAY_SIZE() for NDIS versions.
- hv_netvsc: use RCU to protect vf_netdev.
- hv_netvsc: use consume_skb.
- hv_netvsc: use kcalloc.
- hyperv: Fix spelling of HV_UNKOWN.
- i2c: designware-baytrail: Disallow the CPU to enter C6 or C7 while holding the punit semaphore (bsc#1011913).
- i2c: designware: Implement support for SMBus block read and write (bsc#1019351).
- i2c: designware: fix wrong Tx/Rx FIFO for ACPI (bsc#1019351).
- i2c: xgene: Fix missing code of DTB support (bsc#1019351).
- i40e: Be much more verbose about what we can and cannot offload (bsc#985561).
- ibmveth: calculate gso_segs for large packets (bsc#1019148).
- ibmveth: check return of skb_linearize in ibmveth_start_xmit (bsc#1019148).
- ibmveth: consolidate kmalloc of array, memset 0 to kcalloc (bsc#1019148).
- ibmveth: set correct gso_size and gso_type (bsc#1019148).
- igb: Workaround for igb i210 firmware issue (bsc#1009911).
- igb: add i211 to i210 PHY workaround (bsc#1009911).
- input: i8042: Trust firmware a bit more when probing on X86 (bsc#1011660).
- intel_idle: Add KBL support (bsc#1016884).
- ip6_gre: fix ip6gre_err() invalid reads (CVE-2017-5897, bsc#1023762).
- ipc: msg, make msgrcv work with LONG_MIN (bnc#1005918).
- iwlwifi: Expose the default fallback ucode API to module info (boo#1021082, boo#1023884).
- kgraft: iscsi-target: Do not block kGraft in iscsi_np kthread (bsc#1010612).
- kgraft: xen: Do not block kGraft in xenbus kthread (bsc#1017410).
- libnvdimm: pfn: fix align attribute (bsc#1023175).
- mailbox: xgene-slimpro: Fix wrong test for devm_kzalloc (bsc#1019351).
- md linear: fix a race between linear_add() and linear_congested() (bsc#1018446).
- md-cluster: convert the completion to wait queue.
- md-cluster: protect md_find_rdev_nr_rcu with rcu lock.
- md: ensure md devices are freed before module is unloaded (bsc#1022304).
- md: fix refcount problem on mddev when stopping array (bsc#1022304).
- misc: genwqe: ensure zero initialization.
- mm: do not loop on GFP_REPEAT high order requests if there is no reclaim progress (bnc#1013000).
- mm: memcg: do not retry precharge charges (bnc#1022559).
- mm: page_alloc: fix check for NULL preferred_zone (bnc#971975 VM performance -- page allocator).
- mm: page_alloc: fix fast-path race with cpuset update or removal (bnc#971975 VM performance -- page allocator).
- mm: page_alloc: fix premature OOM when racing with cpuset mems update (bnc#971975 VM performance -- page allocator).
- mm: page_alloc: keep pcp count and list contents in sync if struct page is corrupted (bnc#971975 VM performance -- page allocator).
- mm: page_alloc: move cpuset seqcount checking to slowpath (bnc#971975 VM performance -- page allocator).
- mmc: sdhci-of-arasan: Remove no-hispd and no-cmd23 quirks for sdhci-arasan4.9a (bsc#1019351).
- mwifiex: add missing check for PCIe8997 chipset (bsc#1018813).
- mwifiex: fix IBSS data path issue (bsc#1018813).
- mwifiex: fix PCIe register information for 8997 chipset (bsc#1018813).
- net: af_iucv: do not use paged skbs for TX on HiperSockets (bnc#1020945, LTC#150566).
- net: ethernet: apm: xgene: use phydev from struct net_device (bsc#1019351).
- net: ethtool: Initialize buffer when querying device channel settings (bsc#969479).
- net: hyperv: avoid uninitialized variable.
- net: implement netif_cond_dbg macro (bsc#1019168).
- net: remove useless memset's in drivers get_stats64 (bsc#1019351).
- net: xgene: avoid bogus maybe-uninitialized warning (bsc#1019351).
- net: xgene: fix backward compatibility fix (bsc#1019351).
- net: xgene: fix error handling during reset (bsc#1019351).
- net: xgene: move xgene_cle_ptree_ewdn data off stack (bsc#1019351).
- netvsc: Remove mistaken udp.h inclusion.
- netvsc: add rcu_read locking to netvsc callback.
- netvsc: fix checksum on UDP IPV6.
- netvsc: reduce maximum GSO size.
- nfit: fail DSMs that return non-zero status by default (bsc#1023175).
- nfsv4: Cap the transport reconnection timer at 1/2 lease period (bsc#1014410).
- nfsv4: Cleanup the setting of the nfs4 lease period (bsc#1014410).
- nvdimm: kabi protect nd_cmd_out_size() (bsc#1023175).
- nvme: apply DELAY_BEFORE_CHK_RDY quirk at probe time too (bsc#1020685).
- ocfs2: fix deadlock on mmapped page in ocfs2_write_begin_nolock() (bnc#921494).
- pci: Add devm_request_pci_bus_resources() (bsc#1019351).
- pci: generic: Fix pci_remap_iospace() failure path (bsc#1019630).
- pci: hv: Allocate physically contiguous hypercall params buffer.
- pci: hv: Fix hv_pci_remove() for hot-remove.
- pci: hv: Handle hv_pci_generic_compl() error case.
- pci: hv: Handle vmbus_sendpacket() failure in hv_compose_msi_msg().
- pci: hv: Make unnecessarily global IRQ masking functions static.
- pci: hv: Remove the unused 'wrk' in struct hv_pcibus_device.
- pci: hv: Use list_move_tail() instead of list_del() + list_add_tail().
- pci: hv: Use pci_function_description in struct definitions.
- pci: hv: Use the correct buffer size in new_pcichild_device().
- pci: hv: Use zero-length array in struct pci_packet.
- pci: include header file (bsc#964944).
- pci: xgene: Add local struct device pointers (bsc#1019351).
- pci: xgene: Add register accessors (bsc#1019351).
- pci: xgene: Free bridge resource list on failure (bsc#1019351).
- pci: xgene: Make explicitly non-modular (bsc#1019351).
- pci: xgene: Pass struct xgene_pcie_port to setup functions (bsc#1019351).
- pci: xgene: Remove unused platform data (bsc#1019351).
- pci: xgene: Request host bridge window resources (bsc#1019351).
- perf: xgene: Remove bogus IS_ERR() check (bsc#1019351).
- phy: xgene: rename 'enum phy_mode' to 'enum xgene_phy_mode' (bsc#1019351).
- power: reset: xgene-reboot: Unmap region obtained by of_iomap (bsc#1019351).
- powerpc: fadump: Fix the race in crash_fadump() (bsc#1022971).
- qeth: check not more than 16 SBALEs on the completion queue (bnc#1009718, LTC#148203).
- raid1: Fix a regression observed during the rebuilding of degraded MDRAID VDs (bsc#1020048).
- raid1: ignore discard error (bsc#1017164).
- reiserfs: fix race in prealloc discard (bsc#987576).
- rpm: kernel-binary.spec.in: Export a make-stderr.log file (bsc#1012422)
- rpm: kernel-binary.spec.in: Fix installation of /etc/uefi/certs (bsc#1019594)
- rtc: cmos: Clear ACPI-driven alarms upon resume (bsc#1022429).
- rtc: cmos: Do not enable interrupts in the middle of the interrupt handler (bsc#1022429).
- rtc: cmos: Restore alarm after resume (bsc#1022429).
- rtc: cmos: avoid unused function warning (bsc#1022429).
- s390: Fix invalid domain response handling (bnc#1009718).
- s390: cpuinfo: show maximum thread id (bnc#1009718, LTC#148580).
- s390: sysinfo: show partition extended name and UUID if available (bnc#1009718, LTC#150160).
- s390: time: LPAR offset handling (bnc#1009718, LTC#146920).
- s390: time: move PTFF definitions (bnc#1009718, LTC#146920).
- sched: Allow hotplug notifiers to be setup early (bnc#1022476).
- sched: Make wake_up_nohz_cpu() handle CPUs going offline (bnc#1022476).
- sched: core, x86/topology: Fix NUMA in package topology bug (bnc#1022476).
- sched: core: Fix incorrect utilization accounting when switching to fair class (bnc#1022476).
- sched: core: Fix set_user_nice() (bnc#1022476).
- sched: cputime: Add steal time support to full dynticks CPU time accounting (bnc#1022476).
- sched: cputime: Fix prev steal time accouting during CPU hotplug (bnc#1022476).
- sched: deadline: Always calculate end of period on sched_yield() (bnc#1022476).
- sched: deadline: Fix a bug in dl_overflow() (bnc#1022476).
- sched: deadline: Fix lock pinning warning during CPU hotplug (bnc#1022476).
- sched: deadline: Fix wrap-around in DL heap (bnc#1022476).
- sched: fair: Avoid using decay_load_missed() with a negative value (bnc#1022476).
- sched: fair: Fix fixed point arithmetic width for shares and effective load (bnc#1022476).
- sched: fair: Fix load_above_capacity fixed point arithmetic width (bnc#1022476).
- sched: fair: Fix min_vruntime tracking (bnc#1022476).
- sched: fair: Fix the wrong throttled clock time for cfs_rq_clock_task() (bnc#1022476).
- sched: fair: Improve PELT stuff some more (bnc#1022476).
- sched: rt, sched/dl: Do not push if task's scheduling class was changed (bnc#1022476).
- sched: rt: Fix PI handling vs. sched_setscheduler() (bnc#1022476).
- sched: rt: Kick RT bandwidth timer immediately on start up (bnc#1022476).
- scsi: Add 'AIX VDASD' to blacklist (bsc#1006469).
- scsi: Modify HITACHI OPEN-V blacklist entry (bsc#1006469).
- scsi: bfa: Increase requested firmware version to 3.2.5.1 (bsc#1013273).
- scsi: storvsc: Payload buffer incorrectly sized for 32 bit kernels.
- scsi_dh_alua: uninitialized variable in alua_rtpg() (bsc#1012910).
- sctp: avoid BUG_ON on sctp_wait_for_sndbuf (CVE-2017-5986, bsc#1025235).
- sd: always scan VPD pages if thin provisioning is enabled (bsc#1013792).
- serial: 8250: Integrate Fintek into 8250_base (boo#1016979). Update config files to change CONFIG_SERIAL_8250_FINTEK to boolean accordingly, too. Also, the corresponding entry got removed from supported.conf.
- serial: 8250_fintek: fix the mismatched IRQ mode (boo#1009546).
- serial: Update metadata for serial fixes (bsc#1013001)
- ses: Fix SAS device detection in enclosure (bsc#1016403).
- sfc: reduce severity of PIO buffer alloc failures (bsc#1019168).
- sfc: refactor debug-or-warnings printks (bsc#1019168).
- sunrpc: Fix reconnection timeouts (bsc#1014410).
- sunrpc: Limit the reconnect backoff timer to the max RPC message timeout (bsc#1014410).
- supported.conf: Support Marvell WiFi/BT SDIO and pinctrl-cherrytrail (bsc#1018813)
- supported.conf: delete xilinx/ll_temac (bsc#1011602)
- target: add XCOPY target/segment desc sense codes (bsc#991273).
- target: bounds check XCOPY segment descriptor list (bsc#991273).
- target: bounds check XCOPY total descriptor list length (bsc#991273).
- target: check XCOPY segment descriptor CSCD IDs (bsc#1017170).
- target: check for XCOPY parameter truncation (bsc#991273).
- target: return UNSUPPORTED TARGET/SEGMENT DESC TYPE CODE sense (bsc#991273).
- target: simplify XCOPY wwn->se_dev lookup helper (bsc#991273).
- target: support XCOPY requests without parameters (bsc#991273).
- target: use XCOPY TOO MANY TARGET DESCRIPTORS sense (bsc#991273).
- target: use XCOPY segment descriptor CSCD IDs (bsc#1017170).
- tools: hv: Enable network manager for bonding scripts on RHEL.
- tools: hv: fix a compile warning in snprintf.
- tools: hv: kvp: configurable external scripts path.
- tools: hv: kvp: ensure kvp device fd is closed on exec.
- tools: hv: remove unnecessary header files and netlink related code.
- tools: hv: remove unnecessary link flag.
- tty: n_hdlc, fix lockdep false positive (bnc#1015840).
- uvcvideo: uvc_scan_fallback() for webcams with broken chain (bsc#1021474).
- vmbus: make sysfs names consistent with PCI.
- x86: MCE: Dump MCE to dmesg if no consumers (bsc#1013994).
- x86: hyperv: Handle unknown NMIs on one CPU when unknown_nmi_panic.
- xfs: don't allow di_size with high bit set (bsc#1024234).
- xfs: exclude never-released buffers from buftarg I/O accounting (bsc#1024508).
- xfs: fix broken multi-fsb buffer logging (bsc#1024081).
- xfs: fix buffer overflow dm_get_dirattrs/dm_get_dirattrs2 (bsc#989056).
- xfs: fix up xfs_swap_extent_forks inline extent handling (bsc#1023888).
- xfs: track and serialize in-flight async buffers against unmount (bsc#1024508).
- xfs: track and serialize in-flight async buffers against unmount - kABI (bsc#1024508).
Patchnames
SUSE-OpenStack-Cloud-Magnum-Orchestration-7-2017-300,SUSE-SLE-DESKTOP-12-SP2-2017-300,SUSE-SLE-HA-12-SP2-2017-300,SUSE-SLE-Live-Patching-12-2017-300,SUSE-SLE-RPI-12-SP2-2017-300,SUSE-SLE-SDK-12-SP2-2017-300,SUSE-SLE-SERVER-12-SP2-2017-300,SUSE-SLE-WE-12-SP2-2017-300
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for the Linux Kernel",
"title": "Title of the patch"
},
{
"category": "description",
"text": "\nThe SUSE Linux Enterprise 12 SP2 kernel was updated to 4.4.49 to receive various security and bugfixes.\n\n\nThe following security bugs were fixed:\n\n- CVE-2016-7117: Use-after-free vulnerability in the __sys_recvmmsg function in\n net/socket.c in the Linux kernel allowed remote attackers to execute arbitrary\n code via vectors involving a recvmmsg system call that was mishandled during\n error processing (bnc#1003077).\n- CVE-2017-5576: Integer overflow in the vc4_get_bcl function in\n drivers/gpu/drm/vc4/vc4_gem.c in the VideoCore DRM driver in the Linux kernel\n allowed local users to cause a denial of service or possibly have unspecified\n other impact via a crafted size value in a VC4_SUBMIT_CL ioctl call\n (bnc#1021294).\n- CVE-2017-5577: The vc4_get_bcl function in drivers/gpu/drm/vc4/vc4_gem.c in\n the VideoCore DRM driver in the Linux kernel did not set an errno value upon\n certain overflow detections, which allowed local users to cause a denial of\n service (incorrect pointer dereference and OOPS) via inconsistent size values\n in a VC4_SUBMIT_CL ioctl call (bnc#1021294).\n- CVE-2017-5551: The simple_set_acl function in fs/posix_acl.c in the Linux\n kernel preserved the setgid bit during a setxattr call involving a tmpfs\n filesystem, which allowed local users to gain group privileges by leveraging\n the existence of a setgid program with restrictions on execute permissions.\n (bnc#1021258).\n- CVE-2017-2583: The load_segment_descriptor implementation in\n arch/x86/kvm/emulate.c in the Linux kernel improperly emulated a \u0027MOV SS,\n NULL selector\u0027 instruction, which allowed guest OS users to cause a denial of\n service (guest OS crash) or gain guest OS privileges via a crafted\n application (bnc#1020602).\n- CVE-2017-2584: arch/x86/kvm/emulate.c in the Linux kernel allowed local users\n to obtain sensitive information from kernel memory or cause a denial of\n service (use-after-free) via a crafted application that leverages instruction\n emulation for fxrstor, fxsave, sgdt, and sidt (bnc#1019851).\n- CVE-2015-8709: kernel/ptrace.c in the Linux kernel mishandled uid and gid\n mappings, which allowed local users to gain privileges by establishing a user\n namespace, waiting for a root process to enter that namespace with an unsafe\n uid or gid, and then using the ptrace system call. NOTE: the vendor states\n \u0027there is no kernel bug here\u0027 (bnc#1010933).\n- CVE-2016-9806: Race condition in the netlink_dump function in\n net/netlink/af_netlink.c in the Linux kernel allowed local users to cause a\n denial of service (double free) or possibly have unspecified other impact via\n a crafted application that made sendmsg system calls, leading to a free\n operation associated with a new dump that started earlier than anticipated\n (bnc#1013540).\n- CVE-2017-5897: fixed a bug in the Linux kernel IPv6 implementation which\n allowed remote attackers to trigger an out-of-bounds access, leading to a\n denial-of-service attack (bnc#1023762).\n- CVE-2017-5970: Fixed a possible denial-of-service that could have been\n triggered by sending bad IP options on a socket (bsc#1024938).\n- CVE-2017-5986: an application could have triggered a BUG_ON() in\n sctp_wait_for_sndbuf() if the socket TX buffer was full, a thread was waiting\n on it to queue more data, and meanwhile another thread peeled off the\n association being used by the first thread (bsc#1025235).\n\nThe following non-security bugs were fixed:\n\n- 8250: fintek: rename IRQ_MODE macro (boo#1009546).\n- acpi: nfit, libnvdimm: fix / harden ars_status output length handling (bsc#1023175).\n- acpi: nfit: fix bus vs dimm confusion in xlat_status (bsc#1023175).\n- acpi: nfit: validate ars_status output buffer size (bsc#1023175).\n- arm64: numa: fix incorrect log for memory-less node (bsc#1019631).\n- asoc: cht_bsw_rt5645: Fix leftover kmalloc (bsc#1010690).\n- asoc: rt5670: add HS ground control (bsc#1016250).\n- bcache: Make gc wakeup sane, remove set_task_state() (bsc#1021260).\n- bcache: partition support: add 16 minors per bcacheN device (bsc#1019784).\n- blk-mq: Allow timeouts to run while queue is freezing (bsc#1020817).\n- blk-mq: Always schedule hctx-\u003enext_cpu (bsc#1020817).\n- blk-mq: Avoid memory reclaim when remapping queues (bsc#1020817).\n- blk-mq: Fix failed allocation path when mapping queues (bsc#1020817).\n- blk-mq: do not overwrite rq-\u003emq_ctx (bsc#1020817).\n- blk-mq: improve warning for running a queue on the wrong CPU (bsc#1020817).\n- block: Change extern inline to static inline (bsc#1023175).\n- bluetooth: btmrvl: fix hung task warning dump (bsc#1018813).\n- bnx2x: Correct ringparam estimate when DOWN (bsc#1020214).\n- brcmfmac: Change error print on wlan0 existence (bsc#1000092).\n- btrfs: add support for RENAME_EXCHANGE and RENAME_WHITEOUT (bsc#1020975).\n- btrfs: bugfix: handle FS_IOC32_{GETFLAGS,SETFLAGS,GETVERSION} in btrfs_ioctl (bsc#1018100).\n- btrfs: fix btrfs_compat_ioctl failures on non-compat ioctls (bsc#1018100).\n- btrfs: fix inode leak on failure to setup whiteout inode in rename (bsc#1020975).\n- btrfs: fix lockdep warning about log_mutex (bsc#1021455).\n- btrfs: fix lockdep warning on deadlock against an inode\u0027s log mutex (bsc#1021455).\n- btrfs: fix number of transaction units for renames with whiteout (bsc#1020975).\n- btrfs: increment ctx-\u003epos for every emitted or skipped dirent in readdir (bsc#981709).\n- btrfs: incremental send, fix invalid paths for rename operations (bsc#1018316).\n- btrfs: incremental send, fix premature rmdir operations (bsc#1018316).\n- btrfs: pin log earlier when renaming (bsc#1020975).\n- btrfs: pin logs earlier when doing a rename exchange operation (bsc#1020975).\n- btrfs: remove old tree_root dirent processing in btrfs_real_readdir() (bsc#981709).\n- btrfs: send, add missing error check for calls to path_loop() (bsc#1018316).\n- btrfs: send, avoid incorrect leaf accesses when sending utimes operations (bsc#1018316).\n- btrfs: send, fix failure to move directories with the same name around (bsc#1018316).\n- btrfs: send, fix invalid leaf accesses due to incorrect utimes operations (bsc#1018316).\n- btrfs: send, fix warning due to late freeing of orphan_dir_info structures (bsc#1018316).\n- btrfs: test_check_exists: Fix infinite loop when searching for free space entries (bsc#987192).\n- btrfs: unpin log if rename operation fails (bsc#1020975).\n- btrfs: unpin logs if rename exchange operation fails (bsc#1020975).\n- ceph: fix bad endianness handling in parse_reply_info_extra (bsc#1020488).\n- clk: xgene: Add PMD clock (bsc#1019351).\n- clk: xgene: Do not call __pa on ioremaped address (bsc#1019351).\n- clk: xgene: Remove CLK_IS_ROOT (bsc#1019351).\n- config: enable CONFIG_OCFS2_DEBUG_MASKLOG for ocfs2 (bsc#1015038)\n- config: enable Ceph kernel client modules for ppc64le\n- config: enable Ceph kernel client modules for s390x\n- crypto: FIPS - allow tests to be disabled in FIPS mode (bsc#1018913).\n- crypto: drbg - do not call drbg_instantiate in healt test (bsc#1018913).\n- crypto: drbg - remove FIPS 140-2 continuous test (bsc#1018913).\n- crypto: qat - fix bar discovery for c62x (bsc#1021251).\n- crypto: qat - zero esram only for DH85x devices (bsc#1021248).\n- crypto: rsa - allow keys \u003e= 2048 bits in FIPS mode (bsc#1018913).\n- crypto: xts - consolidate sanity check for keys (bsc#1018913).\n- crypto: xts - fix compile errors (bsc#1018913).\n- cxl: fix potential NULL dereference in free_adapter() (bsc#1016517).\n- dax: fix deadlock with DAX 4k holes (bsc#1012829).\n- dax: fix device-dax region base (bsc#1023175).\n- device-dax: check devm_nsio_enable() return value (bsc#1023175).\n- device-dax: fail all private mapping attempts (bsc#1023175).\n- device-dax: fix percpu_ref_exit ordering (bsc#1023175).\n- driver core: fix race between creating/querying glue dir and its cleanup (bnc#1008742).\n- drivers: hv: Introduce a policy for controlling channel affinity.\n- drivers: hv: balloon: Add logging for dynamic memory operations.\n- drivers: hv: balloon: Disable hot add when CONFIG_MEMORY_HOTPLUG is not set.\n- drivers: hv: balloon: Fix info request to show max page count.\n- drivers: hv: balloon: Use available memory value in pressure report.\n- drivers: hv: balloon: account for gaps in hot add regions.\n- drivers: hv: balloon: keep track of where ha_region starts.\n- drivers: hv: balloon: replace ha_region_mutex with spinlock.\n- drivers: hv: cleanup vmbus_open() for wrap around mappings.\n- drivers: hv: do not leak memory in vmbus_establish_gpadl().\n- drivers: hv: get rid of id in struct vmbus_channel.\n- drivers: hv: get rid of redundant messagecount in create_gpadl_header().\n- drivers: hv: get rid of timeout in vmbus_open().\n- drivers: hv: make VMBus bus ids persistent.\n- drivers: hv: ring_buffer: count on wrap around mappings in get_next_pkt_raw() (v2).\n- drivers: hv: ring_buffer: use wrap around mappings in hv_copy{from, to}_ringbuffer().\n- drivers: hv: ring_buffer: wrap around mappings for ring buffers.\n- drivers: hv: utils: Check VSS daemon is listening before a hot backup.\n- drivers: hv: utils: Continue to poll VSS channel after handling requests.\n- drivers: hv: utils: Fix the mapping between host version and protocol to use.\n- drivers: hv: utils: reduce HV_UTIL_NEGO_TIMEOUT timeout.\n- drivers: hv: vmbus: Base host signaling strictly on the ring state.\n- drivers: hv: vmbus: Enable explicit signaling policy for NIC channels.\n- drivers: hv: vmbus: Implement a mechanism to tag the channel for low latency.\n- drivers: hv: vmbus: Make mmio resource local.\n- drivers: hv: vmbus: On the read path cleanup the logic to interrupt the host.\n- drivers: hv: vmbus: On write cleanup the logic to interrupt the host.\n- drivers: hv: vmbus: Reduce the delay between retries in vmbus_post_msg().\n- drivers: hv: vmbus: finally fix hv_need_to_signal_on_read().\n- drivers: hv: vmbus: fix the race when querying and updating the percpu list.\n- drivers: hv: vmbus: suppress some \u0027hv_vmbus: Unknown GUID\u0027 warnings.\n- drivers: hv: vss: Improve log messages.\n- drivers: hv: vss: Operation timeouts should match host expectation.\n- drivers: net: phy: mdio-xgene: Add hardware dependency (bsc#1019351).\n- drivers: net: phy: xgene: Fix \u0027remove\u0027 function (bsc#1019351).\n- drivers: net: xgene: Add change_mtu function (bsc#1019351).\n- drivers: net: xgene: Add flow control configuration (bsc#1019351).\n- drivers: net: xgene: Add flow control initialization (bsc#1019351).\n- drivers: net: xgene: Add helper function (bsc#1019351).\n- drivers: net: xgene: Add support for Jumbo frame (bsc#1019351).\n- drivers: net: xgene: Configure classifier with pagepool (bsc#1019351).\n- drivers: net: xgene: Fix MSS programming (bsc#1019351).\n- drivers: net: xgene: fix build after change_mtu function change (bsc#1019351).\n- drivers: net: xgene: fix: Coalescing values for v2 hardware (bsc#1019351).\n- drivers: net: xgene: fix: Disable coalescing on v1 hardware (bsc#1019351).\n- drivers: net: xgene: fix: RSS for non-TCP/UDP (bsc#1019351).\n- drivers: net: xgene: fix: Use GPIO to get link status (bsc#1019351).\n- drivers: net: xgene: uninitialized variable in xgene_enet_free_pagepool() (bsc#1019351).\n- drm: Delete previous two fixes for i915 (bsc#1019061). These upstream fixes brought some regressions, so better to revert for now.\n- drm: Disable patches.drivers/drm-i915-Exit-cherryview_irq_handler-after-one-pass The patch seems leading to the instability on Wyse box (bsc#1015367).\n- drm: Fix broken VT switch with video=1366x768 option (bsc#1018358).\n- drm: Use u64 for intermediate dotclock calculations (bnc#1006472).\n- drm: i915: Do not init hpd polling for vlv and chv from runtime_suspend() (bsc#1014120).\n- drm: i915: Fix PCODE polling during CDCLK change notification (bsc#1015367).\n- drm: i915: Fix watermarks for VLV/CHV (bsc#1011176).\n- drm: i915: Force VDD off on the new power seqeuencer before starting to use it (bsc#1009674).\n- drm: i915: Mark CPU cache as dirty when used for rendering (bsc#1015367).\n- drm: i915: Mark i915_hpd_poll_init_work as static (bsc#1014120).\n- drm: i915: Prevent PPS stealing from a normal DP port on VLV/CHV (bsc#1019061).\n- drm: i915: Prevent enabling hpd polling in late suspend (bsc#1014120).\n- drm: i915: Restore PPS HW state from the encoder resume hook (bsc#1019061).\n- drm: i915: Workaround for DP DPMS D3 on Dell monitor (bsc#1019061).\n- drm: vc4: Fix an integer overflow in temporary allocation layout (bsc#1021294).\n- drm: vc4: Return -EINVAL on the overflow checks failing (bsc#1021294).\n- drm: virtio-gpu: get the fb from the plane state for atomic updates (bsc#1023101).\n- edac: xgene: Fix spelling mistake in error messages (bsc#1019351).\n- efi: libstub: Move Graphics Output Protocol handling to generic code (bnc#974215).\n- fbcon: Fix vc attr at deinit (bsc#1000619).\n- fs: nfs: avoid including \u0027mountproto=\u0027 with no protocol in /proc/mounts (bsc#1019260).\n- gpio: xgene: make explicitly non-modular (bsc#1019351).\n- hv: acquire vmbus_connection.channel_mutex in vmbus_free_channels().\n- hv: change clockevents unbind tactics.\n- hv: do not reset hv_context.tsc_page on crash.\n- hv_netvsc: Add handler for physical link speed change.\n- hv_netvsc: Add query for initial physical link speed.\n- hv_netvsc: Implement batching of receive completions.\n- hv_netvsc: Revert \u0027make inline functions static\u0027.\n- hv_netvsc: Revert \u0027report vmbus name in ethtool\u0027.\n- hv_netvsc: add ethtool statistics for tx packet issues.\n- hv_netvsc: count multicast packets received.\n- hv_netvsc: dev hold/put reference to VF.\n- hv_netvsc: fix a race between netvsc_send() and netvsc_init_buf().\n- hv_netvsc: fix comments.\n- hv_netvsc: fix rtnl locking in callback.\n- hv_netvsc: improve VF device matching.\n- hv_netvsc: init completion during alloc.\n- hv_netvsc: make RSS hash key static.\n- hv_netvsc: make device_remove void.\n- hv_netvsc: make inline functions static.\n- hv_netvsc: make netvsc_destroy_buf void.\n- hv_netvsc: make variable local.\n- hv_netvsc: rearrange start_xmit.\n- hv_netvsc: refactor completion function.\n- hv_netvsc: remove VF in flight counters.\n- hv_netvsc: remove excessive logging on MTU change.\n- hv_netvsc: report vmbus name in ethtool.\n- hv_netvsc: simplify callback event code.\n- hv_netvsc: style cleanups.\n- hv_netvsc: use ARRAY_SIZE() for NDIS versions.\n- hv_netvsc: use RCU to protect vf_netdev.\n- hv_netvsc: use consume_skb.\n- hv_netvsc: use kcalloc.\n- hyperv: Fix spelling of HV_UNKOWN.\n- i2c: designware-baytrail: Disallow the CPU to enter C6 or C7 while holding the punit semaphore (bsc#1011913).\n- i2c: designware: Implement support for SMBus block read and write (bsc#1019351).\n- i2c: designware: fix wrong Tx/Rx FIFO for ACPI (bsc#1019351).\n- i2c: xgene: Fix missing code of DTB support (bsc#1019351).\n- i40e: Be much more verbose about what we can and cannot offload (bsc#985561).\n- ibmveth: calculate gso_segs for large packets (bsc#1019148).\n- ibmveth: check return of skb_linearize in ibmveth_start_xmit (bsc#1019148).\n- ibmveth: consolidate kmalloc of array, memset 0 to kcalloc (bsc#1019148).\n- ibmveth: set correct gso_size and gso_type (bsc#1019148).\n- igb: Workaround for igb i210 firmware issue (bsc#1009911).\n- igb: add i211 to i210 PHY workaround (bsc#1009911).\n- input: i8042: Trust firmware a bit more when probing on X86 (bsc#1011660).\n- intel_idle: Add KBL support (bsc#1016884).\n- ip6_gre: fix ip6gre_err() invalid reads (CVE-2017-5897, bsc#1023762).\n- ipc: msg, make msgrcv work with LONG_MIN (bnc#1005918).\n- iwlwifi: Expose the default fallback ucode API to module info (boo#1021082, boo#1023884).\n- kgraft: iscsi-target: Do not block kGraft in iscsi_np kthread (bsc#1010612).\n- kgraft: xen: Do not block kGraft in xenbus kthread (bsc#1017410).\n- libnvdimm: pfn: fix align attribute (bsc#1023175).\n- mailbox: xgene-slimpro: Fix wrong test for devm_kzalloc (bsc#1019351).\n- md linear: fix a race between linear_add() and linear_congested() (bsc#1018446).\n- md-cluster: convert the completion to wait queue.\n- md-cluster: protect md_find_rdev_nr_rcu with rcu lock.\n- md: ensure md devices are freed before module is unloaded (bsc#1022304).\n- md: fix refcount problem on mddev when stopping array (bsc#1022304).\n- misc: genwqe: ensure zero initialization.\n- mm: do not loop on GFP_REPEAT high order requests if there is no reclaim progress (bnc#1013000).\n- mm: memcg: do not retry precharge charges (bnc#1022559).\n- mm: page_alloc: fix check for NULL preferred_zone (bnc#971975 VM performance -- page allocator).\n- mm: page_alloc: fix fast-path race with cpuset update or removal (bnc#971975 VM performance -- page allocator).\n- mm: page_alloc: fix premature OOM when racing with cpuset mems update (bnc#971975 VM performance -- page allocator).\n- mm: page_alloc: keep pcp count and list contents in sync if struct page is corrupted (bnc#971975 VM performance -- page allocator).\n- mm: page_alloc: move cpuset seqcount checking to slowpath (bnc#971975 VM performance -- page allocator).\n- mmc: sdhci-of-arasan: Remove no-hispd and no-cmd23 quirks for sdhci-arasan4.9a (bsc#1019351).\n- mwifiex: add missing check for PCIe8997 chipset (bsc#1018813).\n- mwifiex: fix IBSS data path issue (bsc#1018813).\n- mwifiex: fix PCIe register information for 8997 chipset (bsc#1018813).\n- net: af_iucv: do not use paged skbs for TX on HiperSockets (bnc#1020945, LTC#150566).\n- net: ethernet: apm: xgene: use phydev from struct net_device (bsc#1019351).\n- net: ethtool: Initialize buffer when querying device channel settings (bsc#969479).\n- net: hyperv: avoid uninitialized variable.\n- net: implement netif_cond_dbg macro (bsc#1019168).\n- net: remove useless memset\u0027s in drivers get_stats64 (bsc#1019351).\n- net: xgene: avoid bogus maybe-uninitialized warning (bsc#1019351).\n- net: xgene: fix backward compatibility fix (bsc#1019351).\n- net: xgene: fix error handling during reset (bsc#1019351).\n- net: xgene: move xgene_cle_ptree_ewdn data off stack (bsc#1019351).\n- netvsc: Remove mistaken udp.h inclusion.\n- netvsc: add rcu_read locking to netvsc callback.\n- netvsc: fix checksum on UDP IPV6.\n- netvsc: reduce maximum GSO size.\n- nfit: fail DSMs that return non-zero status by default (bsc#1023175).\n- nfsv4: Cap the transport reconnection timer at 1/2 lease period (bsc#1014410).\n- nfsv4: Cleanup the setting of the nfs4 lease period (bsc#1014410).\n- nvdimm: kabi protect nd_cmd_out_size() (bsc#1023175).\n- nvme: apply DELAY_BEFORE_CHK_RDY quirk at probe time too (bsc#1020685).\n- ocfs2: fix deadlock on mmapped page in ocfs2_write_begin_nolock() (bnc#921494).\n- pci: Add devm_request_pci_bus_resources() (bsc#1019351).\n- pci: generic: Fix pci_remap_iospace() failure path (bsc#1019630).\n- pci: hv: Allocate physically contiguous hypercall params buffer.\n- pci: hv: Fix hv_pci_remove() for hot-remove.\n- pci: hv: Handle hv_pci_generic_compl() error case.\n- pci: hv: Handle vmbus_sendpacket() failure in hv_compose_msi_msg().\n- pci: hv: Make unnecessarily global IRQ masking functions static.\n- pci: hv: Remove the unused \u0027wrk\u0027 in struct hv_pcibus_device.\n- pci: hv: Use list_move_tail() instead of list_del() + list_add_tail().\n- pci: hv: Use pci_function_description in struct definitions.\n- pci: hv: Use the correct buffer size in new_pcichild_device().\n- pci: hv: Use zero-length array in struct pci_packet.\n- pci: include header file (bsc#964944).\n- pci: xgene: Add local struct device pointers (bsc#1019351).\n- pci: xgene: Add register accessors (bsc#1019351).\n- pci: xgene: Free bridge resource list on failure (bsc#1019351).\n- pci: xgene: Make explicitly non-modular (bsc#1019351).\n- pci: xgene: Pass struct xgene_pcie_port to setup functions (bsc#1019351).\n- pci: xgene: Remove unused platform data (bsc#1019351).\n- pci: xgene: Request host bridge window resources (bsc#1019351).\n- perf: xgene: Remove bogus IS_ERR() check (bsc#1019351).\n- phy: xgene: rename \u0027enum phy_mode\u0027 to \u0027enum xgene_phy_mode\u0027 (bsc#1019351).\n- power: reset: xgene-reboot: Unmap region obtained by of_iomap (bsc#1019351).\n- powerpc: fadump: Fix the race in crash_fadump() (bsc#1022971).\n- qeth: check not more than 16 SBALEs on the completion queue (bnc#1009718, LTC#148203).\n- raid1: Fix a regression observed during the rebuilding of degraded MDRAID VDs (bsc#1020048).\n- raid1: ignore discard error (bsc#1017164).\n- reiserfs: fix race in prealloc discard (bsc#987576).\n- rpm: kernel-binary.spec.in: Export a make-stderr.log file (bsc#1012422)\n- rpm: kernel-binary.spec.in: Fix installation of /etc/uefi/certs (bsc#1019594)\n- rtc: cmos: Clear ACPI-driven alarms upon resume (bsc#1022429).\n- rtc: cmos: Do not enable interrupts in the middle of the interrupt handler (bsc#1022429).\n- rtc: cmos: Restore alarm after resume (bsc#1022429).\n- rtc: cmos: avoid unused function warning (bsc#1022429).\n- s390: Fix invalid domain response handling (bnc#1009718).\n- s390: cpuinfo: show maximum thread id (bnc#1009718, LTC#148580).\n- s390: sysinfo: show partition extended name and UUID if available (bnc#1009718, LTC#150160).\n- s390: time: LPAR offset handling (bnc#1009718, LTC#146920).\n- s390: time: move PTFF definitions (bnc#1009718, LTC#146920).\n- sched: Allow hotplug notifiers to be setup early (bnc#1022476).\n- sched: Make wake_up_nohz_cpu() handle CPUs going offline (bnc#1022476).\n- sched: core, x86/topology: Fix NUMA in package topology bug (bnc#1022476).\n- sched: core: Fix incorrect utilization accounting when switching to fair class (bnc#1022476).\n- sched: core: Fix set_user_nice() (bnc#1022476).\n- sched: cputime: Add steal time support to full dynticks CPU time accounting (bnc#1022476).\n- sched: cputime: Fix prev steal time accouting during CPU hotplug (bnc#1022476).\n- sched: deadline: Always calculate end of period on sched_yield() (bnc#1022476).\n- sched: deadline: Fix a bug in dl_overflow() (bnc#1022476).\n- sched: deadline: Fix lock pinning warning during CPU hotplug (bnc#1022476).\n- sched: deadline: Fix wrap-around in DL heap (bnc#1022476).\n- sched: fair: Avoid using decay_load_missed() with a negative value (bnc#1022476).\n- sched: fair: Fix fixed point arithmetic width for shares and effective load (bnc#1022476).\n- sched: fair: Fix load_above_capacity fixed point arithmetic width (bnc#1022476).\n- sched: fair: Fix min_vruntime tracking (bnc#1022476).\n- sched: fair: Fix the wrong throttled clock time for cfs_rq_clock_task() (bnc#1022476).\n- sched: fair: Improve PELT stuff some more (bnc#1022476).\n- sched: rt, sched/dl: Do not push if task\u0027s scheduling class was changed (bnc#1022476).\n- sched: rt: Fix PI handling vs. sched_setscheduler() (bnc#1022476).\n- sched: rt: Kick RT bandwidth timer immediately on start up (bnc#1022476).\n- scsi: Add \u0027AIX VDASD\u0027 to blacklist (bsc#1006469).\n- scsi: Modify HITACHI OPEN-V blacklist entry (bsc#1006469).\n- scsi: bfa: Increase requested firmware version to 3.2.5.1 (bsc#1013273).\n- scsi: storvsc: Payload buffer incorrectly sized for 32 bit kernels.\n- scsi_dh_alua: uninitialized variable in alua_rtpg() (bsc#1012910).\n- sctp: avoid BUG_ON on sctp_wait_for_sndbuf (CVE-2017-5986, bsc#1025235).\n- sd: always scan VPD pages if thin provisioning is enabled (bsc#1013792).\n- serial: 8250: Integrate Fintek into 8250_base (boo#1016979). Update config files to change CONFIG_SERIAL_8250_FINTEK to boolean accordingly, too. Also, the corresponding entry got removed from supported.conf.\n- serial: 8250_fintek: fix the mismatched IRQ mode (boo#1009546).\n- serial: Update metadata for serial fixes (bsc#1013001)\n- ses: Fix SAS device detection in enclosure (bsc#1016403).\n- sfc: reduce severity of PIO buffer alloc failures (bsc#1019168).\n- sfc: refactor debug-or-warnings printks (bsc#1019168).\n- sunrpc: Fix reconnection timeouts (bsc#1014410).\n- sunrpc: Limit the reconnect backoff timer to the max RPC message timeout (bsc#1014410).\n- supported.conf: Support Marvell WiFi/BT SDIO and pinctrl-cherrytrail (bsc#1018813)\n- supported.conf: delete xilinx/ll_temac (bsc#1011602)\n- target: add XCOPY target/segment desc sense codes (bsc#991273).\n- target: bounds check XCOPY segment descriptor list (bsc#991273).\n- target: bounds check XCOPY total descriptor list length (bsc#991273).\n- target: check XCOPY segment descriptor CSCD IDs (bsc#1017170).\n- target: check for XCOPY parameter truncation (bsc#991273).\n- target: return UNSUPPORTED TARGET/SEGMENT DESC TYPE CODE sense (bsc#991273).\n- target: simplify XCOPY wwn-\u003ese_dev lookup helper (bsc#991273).\n- target: support XCOPY requests without parameters (bsc#991273).\n- target: use XCOPY TOO MANY TARGET DESCRIPTORS sense (bsc#991273).\n- target: use XCOPY segment descriptor CSCD IDs (bsc#1017170).\n- tools: hv: Enable network manager for bonding scripts on RHEL.\n- tools: hv: fix a compile warning in snprintf.\n- tools: hv: kvp: configurable external scripts path.\n- tools: hv: kvp: ensure kvp device fd is closed on exec.\n- tools: hv: remove unnecessary header files and netlink related code.\n- tools: hv: remove unnecessary link flag.\n- tty: n_hdlc, fix lockdep false positive (bnc#1015840).\n- uvcvideo: uvc_scan_fallback() for webcams with broken chain (bsc#1021474).\n- vmbus: make sysfs names consistent with PCI.\n- x86: MCE: Dump MCE to dmesg if no consumers (bsc#1013994).\n- x86: hyperv: Handle unknown NMIs on one CPU when unknown_nmi_panic.\n- xfs: don\u0027t allow di_size with high bit set (bsc#1024234).\n- xfs: exclude never-released buffers from buftarg I/O accounting (bsc#1024508).\n- xfs: fix broken multi-fsb buffer logging (bsc#1024081).\n- xfs: fix buffer overflow dm_get_dirattrs/dm_get_dirattrs2 (bsc#989056).\n- xfs: fix up xfs_swap_extent_forks inline extent handling (bsc#1023888).\n- xfs: track and serialize in-flight async buffers against unmount (bsc#1024508).\n- xfs: track and serialize in-flight async buffers against unmount - kABI (bsc#1024508).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-OpenStack-Cloud-Magnum-Orchestration-7-2017-300,SUSE-SLE-DESKTOP-12-SP2-2017-300,SUSE-SLE-HA-12-SP2-2017-300,SUSE-SLE-Live-Patching-12-2017-300,SUSE-SLE-RPI-12-SP2-2017-300,SUSE-SLE-SDK-12-SP2-2017-300,SUSE-SLE-SERVER-12-SP2-2017-300,SUSE-SLE-WE-12-SP2-2017-300",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2017_0575-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2017:0575-1",
"url": "https://www.suse.com/support/update/announcement/2017/suse-su-20170575-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2017:0575-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2017-February/002668.html"
},
{
"category": "self",
"summary": "SUSE Bug 1000092",
"url": "https://bugzilla.suse.com/1000092"
},
{
"category": "self",
"summary": "SUSE Bug 1000619",
"url": "https://bugzilla.suse.com/1000619"
},
{
"category": "self",
"summary": "SUSE Bug 1003077",
"url": "https://bugzilla.suse.com/1003077"
},
{
"category": "self",
"summary": "SUSE Bug 1005918",
"url": "https://bugzilla.suse.com/1005918"
},
{
"category": "self",
"summary": "SUSE Bug 1006469",
"url": "https://bugzilla.suse.com/1006469"
},
{
"category": "self",
"summary": "SUSE Bug 1006472",
"url": "https://bugzilla.suse.com/1006472"
},
{
"category": "self",
"summary": "SUSE Bug 1007729",
"url": "https://bugzilla.suse.com/1007729"
},
{
"category": "self",
"summary": "SUSE Bug 1008742",
"url": "https://bugzilla.suse.com/1008742"
},
{
"category": "self",
"summary": "SUSE Bug 1009546",
"url": "https://bugzilla.suse.com/1009546"
},
{
"category": "self",
"summary": "SUSE Bug 1009674",
"url": "https://bugzilla.suse.com/1009674"
},
{
"category": "self",
"summary": "SUSE Bug 1009718",
"url": "https://bugzilla.suse.com/1009718"
},
{
"category": "self",
"summary": "SUSE Bug 1009911",
"url": "https://bugzilla.suse.com/1009911"
},
{
"category": "self",
"summary": "SUSE Bug 1010612",
"url": "https://bugzilla.suse.com/1010612"
},
{
"category": "self",
"summary": "SUSE Bug 1010690",
"url": "https://bugzilla.suse.com/1010690"
},
{
"category": "self",
"summary": "SUSE Bug 1010933",
"url": "https://bugzilla.suse.com/1010933"
},
{
"category": "self",
"summary": "SUSE Bug 1011176",
"url": "https://bugzilla.suse.com/1011176"
},
{
"category": "self",
"summary": "SUSE Bug 1011602",
"url": "https://bugzilla.suse.com/1011602"
},
{
"category": "self",
"summary": "SUSE Bug 1011660",
"url": "https://bugzilla.suse.com/1011660"
},
{
"category": "self",
"summary": "SUSE Bug 1011913",
"url": "https://bugzilla.suse.com/1011913"
},
{
"category": "self",
"summary": "SUSE Bug 1012382",
"url": "https://bugzilla.suse.com/1012382"
},
{
"category": "self",
"summary": "SUSE Bug 1012422",
"url": "https://bugzilla.suse.com/1012422"
},
{
"category": "self",
"summary": "SUSE Bug 1012829",
"url": "https://bugzilla.suse.com/1012829"
},
{
"category": "self",
"summary": "SUSE Bug 1012910",
"url": "https://bugzilla.suse.com/1012910"
},
{
"category": "self",
"summary": "SUSE Bug 1013000",
"url": "https://bugzilla.suse.com/1013000"
},
{
"category": "self",
"summary": "SUSE Bug 1013001",
"url": "https://bugzilla.suse.com/1013001"
},
{
"category": "self",
"summary": "SUSE Bug 1013273",
"url": "https://bugzilla.suse.com/1013273"
},
{
"category": "self",
"summary": "SUSE Bug 1013540",
"url": "https://bugzilla.suse.com/1013540"
},
{
"category": "self",
"summary": "SUSE Bug 1013792",
"url": "https://bugzilla.suse.com/1013792"
},
{
"category": "self",
"summary": "SUSE Bug 1013994",
"url": "https://bugzilla.suse.com/1013994"
},
{
"category": "self",
"summary": "SUSE Bug 1014120",
"url": "https://bugzilla.suse.com/1014120"
},
{
"category": "self",
"summary": "SUSE Bug 1014410",
"url": "https://bugzilla.suse.com/1014410"
},
{
"category": "self",
"summary": "SUSE Bug 1015038",
"url": "https://bugzilla.suse.com/1015038"
},
{
"category": "self",
"summary": "SUSE Bug 1015367",
"url": "https://bugzilla.suse.com/1015367"
},
{
"category": "self",
"summary": "SUSE Bug 1015840",
"url": "https://bugzilla.suse.com/1015840"
},
{
"category": "self",
"summary": "SUSE Bug 1016250",
"url": "https://bugzilla.suse.com/1016250"
},
{
"category": "self",
"summary": "SUSE Bug 1016403",
"url": "https://bugzilla.suse.com/1016403"
},
{
"category": "self",
"summary": "SUSE Bug 1016517",
"url": "https://bugzilla.suse.com/1016517"
},
{
"category": "self",
"summary": "SUSE Bug 1016884",
"url": "https://bugzilla.suse.com/1016884"
},
{
"category": "self",
"summary": "SUSE Bug 1016979",
"url": "https://bugzilla.suse.com/1016979"
},
{
"category": "self",
"summary": "SUSE Bug 1017164",
"url": "https://bugzilla.suse.com/1017164"
},
{
"category": "self",
"summary": "SUSE Bug 1017170",
"url": "https://bugzilla.suse.com/1017170"
},
{
"category": "self",
"summary": "SUSE Bug 1017410",
"url": "https://bugzilla.suse.com/1017410"
},
{
"category": "self",
"summary": "SUSE Bug 1018100",
"url": "https://bugzilla.suse.com/1018100"
},
{
"category": "self",
"summary": "SUSE Bug 1018316",
"url": "https://bugzilla.suse.com/1018316"
},
{
"category": "self",
"summary": "SUSE Bug 1018358",
"url": "https://bugzilla.suse.com/1018358"
},
{
"category": "self",
"summary": "SUSE Bug 1018446",
"url": "https://bugzilla.suse.com/1018446"
},
{
"category": "self",
"summary": "SUSE Bug 1018813",
"url": "https://bugzilla.suse.com/1018813"
},
{
"category": "self",
"summary": "SUSE Bug 1018913",
"url": "https://bugzilla.suse.com/1018913"
},
{
"category": "self",
"summary": "SUSE Bug 1019061",
"url": "https://bugzilla.suse.com/1019061"
},
{
"category": "self",
"summary": "SUSE Bug 1019148",
"url": "https://bugzilla.suse.com/1019148"
},
{
"category": "self",
"summary": "SUSE Bug 1019168",
"url": "https://bugzilla.suse.com/1019168"
},
{
"category": "self",
"summary": "SUSE Bug 1019260",
"url": "https://bugzilla.suse.com/1019260"
},
{
"category": "self",
"summary": "SUSE Bug 1019351",
"url": "https://bugzilla.suse.com/1019351"
},
{
"category": "self",
"summary": "SUSE Bug 1019594",
"url": "https://bugzilla.suse.com/1019594"
},
{
"category": "self",
"summary": "SUSE Bug 1019630",
"url": "https://bugzilla.suse.com/1019630"
},
{
"category": "self",
"summary": "SUSE Bug 1019631",
"url": "https://bugzilla.suse.com/1019631"
},
{
"category": "self",
"summary": "SUSE Bug 1019784",
"url": "https://bugzilla.suse.com/1019784"
},
{
"category": "self",
"summary": "SUSE Bug 1019851",
"url": "https://bugzilla.suse.com/1019851"
},
{
"category": "self",
"summary": "SUSE Bug 1020048",
"url": "https://bugzilla.suse.com/1020048"
},
{
"category": "self",
"summary": "SUSE Bug 1020214",
"url": "https://bugzilla.suse.com/1020214"
},
{
"category": "self",
"summary": "SUSE Bug 1020488",
"url": "https://bugzilla.suse.com/1020488"
},
{
"category": "self",
"summary": "SUSE Bug 1020602",
"url": "https://bugzilla.suse.com/1020602"
},
{
"category": "self",
"summary": "SUSE Bug 1020685",
"url": "https://bugzilla.suse.com/1020685"
},
{
"category": "self",
"summary": "SUSE Bug 1020817",
"url": "https://bugzilla.suse.com/1020817"
},
{
"category": "self",
"summary": "SUSE Bug 1020945",
"url": "https://bugzilla.suse.com/1020945"
},
{
"category": "self",
"summary": "SUSE Bug 1020975",
"url": "https://bugzilla.suse.com/1020975"
},
{
"category": "self",
"summary": "SUSE Bug 1021082",
"url": "https://bugzilla.suse.com/1021082"
},
{
"category": "self",
"summary": "SUSE Bug 1021248",
"url": "https://bugzilla.suse.com/1021248"
},
{
"category": "self",
"summary": "SUSE Bug 1021251",
"url": "https://bugzilla.suse.com/1021251"
},
{
"category": "self",
"summary": "SUSE Bug 1021258",
"url": "https://bugzilla.suse.com/1021258"
},
{
"category": "self",
"summary": "SUSE Bug 1021260",
"url": "https://bugzilla.suse.com/1021260"
},
{
"category": "self",
"summary": "SUSE Bug 1021294",
"url": "https://bugzilla.suse.com/1021294"
},
{
"category": "self",
"summary": "SUSE Bug 1021455",
"url": "https://bugzilla.suse.com/1021455"
},
{
"category": "self",
"summary": "SUSE Bug 1021474",
"url": "https://bugzilla.suse.com/1021474"
},
{
"category": "self",
"summary": "SUSE Bug 1022304",
"url": "https://bugzilla.suse.com/1022304"
},
{
"category": "self",
"summary": "SUSE Bug 1022429",
"url": "https://bugzilla.suse.com/1022429"
},
{
"category": "self",
"summary": "SUSE Bug 1022476",
"url": "https://bugzilla.suse.com/1022476"
},
{
"category": "self",
"summary": "SUSE Bug 1022547",
"url": "https://bugzilla.suse.com/1022547"
},
{
"category": "self",
"summary": "SUSE Bug 1022559",
"url": "https://bugzilla.suse.com/1022559"
},
{
"category": "self",
"summary": "SUSE Bug 1022971",
"url": "https://bugzilla.suse.com/1022971"
},
{
"category": "self",
"summary": "SUSE Bug 1023101",
"url": "https://bugzilla.suse.com/1023101"
},
{
"category": "self",
"summary": "SUSE Bug 1023175",
"url": "https://bugzilla.suse.com/1023175"
},
{
"category": "self",
"summary": "SUSE Bug 1023762",
"url": "https://bugzilla.suse.com/1023762"
},
{
"category": "self",
"summary": "SUSE Bug 1023884",
"url": "https://bugzilla.suse.com/1023884"
},
{
"category": "self",
"summary": "SUSE Bug 1023888",
"url": "https://bugzilla.suse.com/1023888"
},
{
"category": "self",
"summary": "SUSE Bug 1024081",
"url": "https://bugzilla.suse.com/1024081"
},
{
"category": "self",
"summary": "SUSE Bug 1024234",
"url": "https://bugzilla.suse.com/1024234"
},
{
"category": "self",
"summary": "SUSE Bug 1024508",
"url": "https://bugzilla.suse.com/1024508"
},
{
"category": "self",
"summary": "SUSE Bug 1024938",
"url": "https://bugzilla.suse.com/1024938"
},
{
"category": "self",
"summary": "SUSE Bug 1025235",
"url": "https://bugzilla.suse.com/1025235"
},
{
"category": "self",
"summary": "SUSE Bug 921494",
"url": "https://bugzilla.suse.com/921494"
},
{
"category": "self",
"summary": "SUSE Bug 959709",
"url": "https://bugzilla.suse.com/959709"
},
{
"category": "self",
"summary": "SUSE Bug 964944",
"url": "https://bugzilla.suse.com/964944"
},
{
"category": "self",
"summary": "SUSE Bug 969476",
"url": "https://bugzilla.suse.com/969476"
},
{
"category": "self",
"summary": "SUSE Bug 969477",
"url": "https://bugzilla.suse.com/969477"
},
{
"category": "self",
"summary": "SUSE Bug 969479",
"url": "https://bugzilla.suse.com/969479"
},
{
"category": "self",
"summary": "SUSE Bug 971975",
"url": "https://bugzilla.suse.com/971975"
},
{
"category": "self",
"summary": "SUSE Bug 974215",
"url": "https://bugzilla.suse.com/974215"
},
{
"category": "self",
"summary": "SUSE Bug 981709",
"url": "https://bugzilla.suse.com/981709"
},
{
"category": "self",
"summary": "SUSE Bug 982783",
"url": "https://bugzilla.suse.com/982783"
},
{
"category": "self",
"summary": "SUSE Bug 985561",
"url": "https://bugzilla.suse.com/985561"
},
{
"category": "self",
"summary": "SUSE Bug 987192",
"url": "https://bugzilla.suse.com/987192"
},
{
"category": "self",
"summary": "SUSE Bug 987576",
"url": "https://bugzilla.suse.com/987576"
},
{
"category": "self",
"summary": "SUSE Bug 989056",
"url": "https://bugzilla.suse.com/989056"
},
{
"category": "self",
"summary": "SUSE Bug 991273",
"url": "https://bugzilla.suse.com/991273"
},
{
"category": "self",
"summary": "SUSE Bug 998106",
"url": "https://bugzilla.suse.com/998106"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-8709 page",
"url": "https://www.suse.com/security/cve/CVE-2015-8709/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-7117 page",
"url": "https://www.suse.com/security/cve/CVE-2016-7117/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-9806 page",
"url": "https://www.suse.com/security/cve/CVE-2016-9806/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-2583 page",
"url": "https://www.suse.com/security/cve/CVE-2017-2583/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-2584 page",
"url": "https://www.suse.com/security/cve/CVE-2017-2584/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-5551 page",
"url": "https://www.suse.com/security/cve/CVE-2017-5551/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-5576 page",
"url": "https://www.suse.com/security/cve/CVE-2017-5576/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-5577 page",
"url": "https://www.suse.com/security/cve/CVE-2017-5577/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-5897 page",
"url": "https://www.suse.com/security/cve/CVE-2017-5897/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-5970 page",
"url": "https://www.suse.com/security/cve/CVE-2017-5970/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-5986 page",
"url": "https://www.suse.com/security/cve/CVE-2017-5986/"
}
],
"title": "Security update for the Linux Kernel",
"tracking": {
"current_release_date": "2017-02-28T12:17:13Z",
"generator": {
"date": "2017-02-28T12:17:13Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2017:0575-1",
"initial_release_date": "2017-02-28T12:17:13Z",
"revision_history": [
{
"date": "2017-02-28T12:17:13Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "kernel-default-4.4.49-92.11.1.aarch64",
"product": {
"name": "kernel-default-4.4.49-92.11.1.aarch64",
"product_id": "kernel-default-4.4.49-92.11.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-default-base-4.4.49-92.11.1.aarch64",
"product": {
"name": "kernel-default-base-4.4.49-92.11.1.aarch64",
"product_id": "kernel-default-base-4.4.49-92.11.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-default-devel-4.4.49-92.11.1.aarch64",
"product": {
"name": "kernel-default-devel-4.4.49-92.11.1.aarch64",
"product_id": "kernel-default-devel-4.4.49-92.11.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-syms-4.4.49-92.11.1.aarch64",
"product": {
"name": "kernel-syms-4.4.49-92.11.1.aarch64",
"product_id": "kernel-syms-4.4.49-92.11.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-obs-build-4.4.49-92.11.1.aarch64",
"product": {
"name": "kernel-obs-build-4.4.49-92.11.1.aarch64",
"product_id": "kernel-obs-build-4.4.49-92.11.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-devel-4.4.49-92.11.1.noarch",
"product": {
"name": "kernel-devel-4.4.49-92.11.1.noarch",
"product_id": "kernel-devel-4.4.49-92.11.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-macros-4.4.49-92.11.1.noarch",
"product": {
"name": "kernel-macros-4.4.49-92.11.1.noarch",
"product_id": "kernel-macros-4.4.49-92.11.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-source-4.4.49-92.11.1.noarch",
"product": {
"name": "kernel-source-4.4.49-92.11.1.noarch",
"product_id": "kernel-source-4.4.49-92.11.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-docs-4.4.49-92.11.3.noarch",
"product": {
"name": "kernel-docs-4.4.49-92.11.3.noarch",
"product_id": "kernel-docs-4.4.49-92.11.3.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "cluster-md-kmp-default-4.4.49-92.11.1.ppc64le",
"product": {
"name": "cluster-md-kmp-default-4.4.49-92.11.1.ppc64le",
"product_id": "cluster-md-kmp-default-4.4.49-92.11.1.ppc64le"
}
},
{
"category": "product_version",
"name": "cluster-network-kmp-default-4.4.49-92.11.1.ppc64le",
"product": {
"name": "cluster-network-kmp-default-4.4.49-92.11.1.ppc64le",
"product_id": "cluster-network-kmp-default-4.4.49-92.11.1.ppc64le"
}
},
{
"category": "product_version",
"name": "dlm-kmp-default-4.4.49-92.11.1.ppc64le",
"product": {
"name": "dlm-kmp-default-4.4.49-92.11.1.ppc64le",
"product_id": "dlm-kmp-default-4.4.49-92.11.1.ppc64le"
}
},
{
"category": "product_version",
"name": "gfs2-kmp-default-4.4.49-92.11.1.ppc64le",
"product": {
"name": "gfs2-kmp-default-4.4.49-92.11.1.ppc64le",
"product_id": "gfs2-kmp-default-4.4.49-92.11.1.ppc64le"
}
},
{
"category": "product_version",
"name": "ocfs2-kmp-default-4.4.49-92.11.1.ppc64le",
"product": {
"name": "ocfs2-kmp-default-4.4.49-92.11.1.ppc64le",
"product_id": "ocfs2-kmp-default-4.4.49-92.11.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-obs-build-4.4.49-92.11.1.ppc64le",
"product": {
"name": "kernel-obs-build-4.4.49-92.11.1.ppc64le",
"product_id": "kernel-obs-build-4.4.49-92.11.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-default-4.4.49-92.11.1.ppc64le",
"product": {
"name": "kernel-default-4.4.49-92.11.1.ppc64le",
"product_id": "kernel-default-4.4.49-92.11.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-default-base-4.4.49-92.11.1.ppc64le",
"product": {
"name": "kernel-default-base-4.4.49-92.11.1.ppc64le",
"product_id": "kernel-default-base-4.4.49-92.11.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-default-devel-4.4.49-92.11.1.ppc64le",
"product": {
"name": "kernel-default-devel-4.4.49-92.11.1.ppc64le",
"product_id": "kernel-default-devel-4.4.49-92.11.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-syms-4.4.49-92.11.1.ppc64le",
"product": {
"name": "kernel-syms-4.4.49-92.11.1.ppc64le",
"product_id": "kernel-syms-4.4.49-92.11.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "cluster-md-kmp-default-4.4.49-92.11.1.s390x",
"product": {
"name": "cluster-md-kmp-default-4.4.49-92.11.1.s390x",
"product_id": "cluster-md-kmp-default-4.4.49-92.11.1.s390x"
}
},
{
"category": "product_version",
"name": "cluster-network-kmp-default-4.4.49-92.11.1.s390x",
"product": {
"name": "cluster-network-kmp-default-4.4.49-92.11.1.s390x",
"product_id": "cluster-network-kmp-default-4.4.49-92.11.1.s390x"
}
},
{
"category": "product_version",
"name": "dlm-kmp-default-4.4.49-92.11.1.s390x",
"product": {
"name": "dlm-kmp-default-4.4.49-92.11.1.s390x",
"product_id": "dlm-kmp-default-4.4.49-92.11.1.s390x"
}
},
{
"category": "product_version",
"name": "gfs2-kmp-default-4.4.49-92.11.1.s390x",
"product": {
"name": "gfs2-kmp-default-4.4.49-92.11.1.s390x",
"product_id": "gfs2-kmp-default-4.4.49-92.11.1.s390x"
}
},
{
"category": "product_version",
"name": "ocfs2-kmp-default-4.4.49-92.11.1.s390x",
"product": {
"name": "ocfs2-kmp-default-4.4.49-92.11.1.s390x",
"product_id": "ocfs2-kmp-default-4.4.49-92.11.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-obs-build-4.4.49-92.11.1.s390x",
"product": {
"name": "kernel-obs-build-4.4.49-92.11.1.s390x",
"product_id": "kernel-obs-build-4.4.49-92.11.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-default-4.4.49-92.11.1.s390x",
"product": {
"name": "kernel-default-4.4.49-92.11.1.s390x",
"product_id": "kernel-default-4.4.49-92.11.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-default-base-4.4.49-92.11.1.s390x",
"product": {
"name": "kernel-default-base-4.4.49-92.11.1.s390x",
"product_id": "kernel-default-base-4.4.49-92.11.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-default-devel-4.4.49-92.11.1.s390x",
"product": {
"name": "kernel-default-devel-4.4.49-92.11.1.s390x",
"product_id": "kernel-default-devel-4.4.49-92.11.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-default-man-4.4.49-92.11.1.s390x",
"product": {
"name": "kernel-default-man-4.4.49-92.11.1.s390x",
"product_id": "kernel-default-man-4.4.49-92.11.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-syms-4.4.49-92.11.1.s390x",
"product": {
"name": "kernel-syms-4.4.49-92.11.1.s390x",
"product_id": "kernel-syms-4.4.49-92.11.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-default-4.4.49-92.11.1.x86_64",
"product": {
"name": "kernel-default-4.4.49-92.11.1.x86_64",
"product_id": "kernel-default-4.4.49-92.11.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-devel-4.4.49-92.11.1.x86_64",
"product": {
"name": "kernel-default-devel-4.4.49-92.11.1.x86_64",
"product_id": "kernel-default-devel-4.4.49-92.11.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-extra-4.4.49-92.11.1.x86_64",
"product": {
"name": "kernel-default-extra-4.4.49-92.11.1.x86_64",
"product_id": "kernel-default-extra-4.4.49-92.11.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-syms-4.4.49-92.11.1.x86_64",
"product": {
"name": "kernel-syms-4.4.49-92.11.1.x86_64",
"product_id": "kernel-syms-4.4.49-92.11.1.x86_64"
}
},
{
"category": "product_version",
"name": "cluster-md-kmp-default-4.4.49-92.11.1.x86_64",
"product": {
"name": "cluster-md-kmp-default-4.4.49-92.11.1.x86_64",
"product_id": "cluster-md-kmp-default-4.4.49-92.11.1.x86_64"
}
},
{
"category": "product_version",
"name": "cluster-network-kmp-default-4.4.49-92.11.1.x86_64",
"product": {
"name": "cluster-network-kmp-default-4.4.49-92.11.1.x86_64",
"product_id": "cluster-network-kmp-default-4.4.49-92.11.1.x86_64"
}
},
{
"category": "product_version",
"name": "dlm-kmp-default-4.4.49-92.11.1.x86_64",
"product": {
"name": "dlm-kmp-default-4.4.49-92.11.1.x86_64",
"product_id": "dlm-kmp-default-4.4.49-92.11.1.x86_64"
}
},
{
"category": "product_version",
"name": "gfs2-kmp-default-4.4.49-92.11.1.x86_64",
"product": {
"name": "gfs2-kmp-default-4.4.49-92.11.1.x86_64",
"product_id": "gfs2-kmp-default-4.4.49-92.11.1.x86_64"
}
},
{
"category": "product_version",
"name": "ocfs2-kmp-default-4.4.49-92.11.1.x86_64",
"product": {
"name": "ocfs2-kmp-default-4.4.49-92.11.1.x86_64",
"product_id": "ocfs2-kmp-default-4.4.49-92.11.1.x86_64"
}
},
{
"category": "product_version",
"name": "kgraft-patch-4_4_49-92_11-default-1-6.1.x86_64",
"product": {
"name": "kgraft-patch-4_4_49-92_11-default-1-6.1.x86_64",
"product_id": "kgraft-patch-4_4_49-92_11-default-1-6.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-obs-build-4.4.49-92.11.1.x86_64",
"product": {
"name": "kernel-obs-build-4.4.49-92.11.1.x86_64",
"product_id": "kernel-obs-build-4.4.49-92.11.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-base-4.4.49-92.11.1.x86_64",
"product": {
"name": "kernel-default-base-4.4.49-92.11.1.x86_64",
"product_id": "kernel-default-base-4.4.49-92.11.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Desktop 12 SP2",
"product": {
"name": "SUSE Linux Enterprise Desktop 12 SP2",
"product_id": "SUSE Linux Enterprise Desktop 12 SP2",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sled:12:sp2"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise High Availability Extension 12 SP2",
"product": {
"name": "SUSE Linux Enterprise High Availability Extension 12 SP2",
"product_id": "SUSE Linux Enterprise High Availability Extension 12 SP2",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-ha:12:sp2"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Live Patching 12",
"product": {
"name": "SUSE Linux Enterprise Live Patching 12",
"product_id": "SUSE Linux Enterprise Live Patching 12",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-live-patching:12"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2",
"product": {
"name": "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2",
"product_id": "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles:12:sp2"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Software Development Kit 12 SP2",
"product": {
"name": "SUSE Linux Enterprise Software Development Kit 12 SP2",
"product_id": "SUSE Linux Enterprise Software Development Kit 12 SP2",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-sdk:12:sp2"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 12 SP2",
"product": {
"name": "SUSE Linux Enterprise Server 12 SP2",
"product_id": "SUSE Linux Enterprise Server 12 SP2",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles:12:sp2"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP Applications 12 SP2",
"product": {
"name": "SUSE Linux Enterprise Server for SAP Applications 12 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP2",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles_sap:12:sp2"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Workstation Extension 12 SP2",
"product": {
"name": "SUSE Linux Enterprise Workstation Extension 12 SP2",
"product_id": "SUSE Linux Enterprise Workstation Extension 12 SP2",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-we:12:sp2"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-4.4.49-92.11.1.x86_64 as component of SUSE Linux Enterprise Desktop 12 SP2",
"product_id": "SUSE Linux Enterprise Desktop 12 SP2:kernel-default-4.4.49-92.11.1.x86_64"
},
"product_reference": "kernel-default-4.4.49-92.11.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Desktop 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-4.4.49-92.11.1.x86_64 as component of SUSE Linux Enterprise Desktop 12 SP2",
"product_id": "SUSE Linux Enterprise Desktop 12 SP2:kernel-default-devel-4.4.49-92.11.1.x86_64"
},
"product_reference": "kernel-default-devel-4.4.49-92.11.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Desktop 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-extra-4.4.49-92.11.1.x86_64 as component of SUSE Linux Enterprise Desktop 12 SP2",
"product_id": "SUSE Linux Enterprise Desktop 12 SP2:kernel-default-extra-4.4.49-92.11.1.x86_64"
},
"product_reference": "kernel-default-extra-4.4.49-92.11.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Desktop 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-devel-4.4.49-92.11.1.noarch as component of SUSE Linux Enterprise Desktop 12 SP2",
"product_id": "SUSE Linux Enterprise Desktop 12 SP2:kernel-devel-4.4.49-92.11.1.noarch"
},
"product_reference": "kernel-devel-4.4.49-92.11.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Desktop 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-macros-4.4.49-92.11.1.noarch as component of SUSE Linux Enterprise Desktop 12 SP2",
"product_id": "SUSE Linux Enterprise Desktop 12 SP2:kernel-macros-4.4.49-92.11.1.noarch"
},
"product_reference": "kernel-macros-4.4.49-92.11.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Desktop 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-source-4.4.49-92.11.1.noarch as component of SUSE Linux Enterprise Desktop 12 SP2",
"product_id": "SUSE Linux Enterprise Desktop 12 SP2:kernel-source-4.4.49-92.11.1.noarch"
},
"product_reference": "kernel-source-4.4.49-92.11.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Desktop 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-4.4.49-92.11.1.x86_64 as component of SUSE Linux Enterprise Desktop 12 SP2",
"product_id": "SUSE Linux Enterprise Desktop 12 SP2:kernel-syms-4.4.49-92.11.1.x86_64"
},
"product_reference": "kernel-syms-4.4.49-92.11.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Desktop 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cluster-md-kmp-default-4.4.49-92.11.1.ppc64le as component of SUSE Linux Enterprise High Availability Extension 12 SP2",
"product_id": "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.49-92.11.1.ppc64le"
},
"product_reference": "cluster-md-kmp-default-4.4.49-92.11.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cluster-md-kmp-default-4.4.49-92.11.1.s390x as component of SUSE Linux Enterprise High Availability Extension 12 SP2",
"product_id": "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.49-92.11.1.s390x"
},
"product_reference": "cluster-md-kmp-default-4.4.49-92.11.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cluster-md-kmp-default-4.4.49-92.11.1.x86_64 as component of SUSE Linux Enterprise High Availability Extension 12 SP2",
"product_id": "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.49-92.11.1.x86_64"
},
"product_reference": "cluster-md-kmp-default-4.4.49-92.11.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cluster-network-kmp-default-4.4.49-92.11.1.ppc64le as component of SUSE Linux Enterprise High Availability Extension 12 SP2",
"product_id": "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.49-92.11.1.ppc64le"
},
"product_reference": "cluster-network-kmp-default-4.4.49-92.11.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cluster-network-kmp-default-4.4.49-92.11.1.s390x as component of SUSE Linux Enterprise High Availability Extension 12 SP2",
"product_id": "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.49-92.11.1.s390x"
},
"product_reference": "cluster-network-kmp-default-4.4.49-92.11.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cluster-network-kmp-default-4.4.49-92.11.1.x86_64 as component of SUSE Linux Enterprise High Availability Extension 12 SP2",
"product_id": "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.49-92.11.1.x86_64"
},
"product_reference": "cluster-network-kmp-default-4.4.49-92.11.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dlm-kmp-default-4.4.49-92.11.1.ppc64le as component of SUSE Linux Enterprise High Availability Extension 12 SP2",
"product_id": "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.49-92.11.1.ppc64le"
},
"product_reference": "dlm-kmp-default-4.4.49-92.11.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dlm-kmp-default-4.4.49-92.11.1.s390x as component of SUSE Linux Enterprise High Availability Extension 12 SP2",
"product_id": "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.49-92.11.1.s390x"
},
"product_reference": "dlm-kmp-default-4.4.49-92.11.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dlm-kmp-default-4.4.49-92.11.1.x86_64 as component of SUSE Linux Enterprise High Availability Extension 12 SP2",
"product_id": "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.49-92.11.1.x86_64"
},
"product_reference": "dlm-kmp-default-4.4.49-92.11.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gfs2-kmp-default-4.4.49-92.11.1.ppc64le as component of SUSE Linux Enterprise High Availability Extension 12 SP2",
"product_id": "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.49-92.11.1.ppc64le"
},
"product_reference": "gfs2-kmp-default-4.4.49-92.11.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gfs2-kmp-default-4.4.49-92.11.1.s390x as component of SUSE Linux Enterprise High Availability Extension 12 SP2",
"product_id": "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.49-92.11.1.s390x"
},
"product_reference": "gfs2-kmp-default-4.4.49-92.11.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gfs2-kmp-default-4.4.49-92.11.1.x86_64 as component of SUSE Linux Enterprise High Availability Extension 12 SP2",
"product_id": "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.49-92.11.1.x86_64"
},
"product_reference": "gfs2-kmp-default-4.4.49-92.11.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ocfs2-kmp-default-4.4.49-92.11.1.ppc64le as component of SUSE Linux Enterprise High Availability Extension 12 SP2",
"product_id": "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.49-92.11.1.ppc64le"
},
"product_reference": "ocfs2-kmp-default-4.4.49-92.11.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ocfs2-kmp-default-4.4.49-92.11.1.s390x as component of SUSE Linux Enterprise High Availability Extension 12 SP2",
"product_id": "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.49-92.11.1.s390x"
},
"product_reference": "ocfs2-kmp-default-4.4.49-92.11.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ocfs2-kmp-default-4.4.49-92.11.1.x86_64 as component of SUSE Linux Enterprise High Availability Extension 12 SP2",
"product_id": "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.49-92.11.1.x86_64"
},
"product_reference": "ocfs2-kmp-default-4.4.49-92.11.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-4_4_49-92_11-default-1-6.1.x86_64 as component of SUSE Linux Enterprise Live Patching 12",
"product_id": "SUSE Linux Enterprise Live Patching 12:kgraft-patch-4_4_49-92_11-default-1-6.1.x86_64"
},
"product_reference": "kgraft-patch-4_4_49-92_11-default-1-6.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-4.4.49-92.11.1.aarch64 as component of SUSE Linux Enterprise Server for Raspberry Pi 12 SP2",
"product_id": "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-default-4.4.49-92.11.1.aarch64"
},
"product_reference": "kernel-default-4.4.49-92.11.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-base-4.4.49-92.11.1.aarch64 as component of SUSE Linux Enterprise Server for Raspberry Pi 12 SP2",
"product_id": "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-default-base-4.4.49-92.11.1.aarch64"
},
"product_reference": "kernel-default-base-4.4.49-92.11.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-4.4.49-92.11.1.aarch64 as component of SUSE Linux Enterprise Server for Raspberry Pi 12 SP2",
"product_id": "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-default-devel-4.4.49-92.11.1.aarch64"
},
"product_reference": "kernel-default-devel-4.4.49-92.11.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-devel-4.4.49-92.11.1.noarch as component of SUSE Linux Enterprise Server for Raspberry Pi 12 SP2",
"product_id": "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-devel-4.4.49-92.11.1.noarch"
},
"product_reference": "kernel-devel-4.4.49-92.11.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-macros-4.4.49-92.11.1.noarch as component of SUSE Linux Enterprise Server for Raspberry Pi 12 SP2",
"product_id": "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-macros-4.4.49-92.11.1.noarch"
},
"product_reference": "kernel-macros-4.4.49-92.11.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-source-4.4.49-92.11.1.noarch as component of SUSE Linux Enterprise Server for Raspberry Pi 12 SP2",
"product_id": "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-source-4.4.49-92.11.1.noarch"
},
"product_reference": "kernel-source-4.4.49-92.11.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-4.4.49-92.11.1.aarch64 as component of SUSE Linux Enterprise Server for Raspberry Pi 12 SP2",
"product_id": "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-syms-4.4.49-92.11.1.aarch64"
},
"product_reference": "kernel-syms-4.4.49-92.11.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-docs-4.4.49-92.11.3.noarch as component of SUSE Linux Enterprise Software Development Kit 12 SP2",
"product_id": "SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-docs-4.4.49-92.11.3.noarch"
},
"product_reference": "kernel-docs-4.4.49-92.11.3.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-obs-build-4.4.49-92.11.1.aarch64 as component of SUSE Linux Enterprise Software Development Kit 12 SP2",
"product_id": "SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-obs-build-4.4.49-92.11.1.aarch64"
},
"product_reference": "kernel-obs-build-4.4.49-92.11.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-obs-build-4.4.49-92.11.1.ppc64le as component of SUSE Linux Enterprise Software Development Kit 12 SP2",
"product_id": "SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-obs-build-4.4.49-92.11.1.ppc64le"
},
"product_reference": "kernel-obs-build-4.4.49-92.11.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-obs-build-4.4.49-92.11.1.s390x as component of SUSE Linux Enterprise Software Development Kit 12 SP2",
"product_id": "SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-obs-build-4.4.49-92.11.1.s390x"
},
"product_reference": "kernel-obs-build-4.4.49-92.11.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-obs-build-4.4.49-92.11.1.x86_64 as component of SUSE Linux Enterprise Software Development Kit 12 SP2",
"product_id": "SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-obs-build-4.4.49-92.11.1.x86_64"
},
"product_reference": "kernel-obs-build-4.4.49-92.11.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-4.4.49-92.11.1.aarch64 as component of SUSE Linux Enterprise Server 12 SP2",
"product_id": "SUSE Linux Enterprise Server 12 SP2:kernel-default-4.4.49-92.11.1.aarch64"
},
"product_reference": "kernel-default-4.4.49-92.11.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-4.4.49-92.11.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP2",
"product_id": "SUSE Linux Enterprise Server 12 SP2:kernel-default-4.4.49-92.11.1.ppc64le"
},
"product_reference": "kernel-default-4.4.49-92.11.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-4.4.49-92.11.1.s390x as component of SUSE Linux Enterprise Server 12 SP2",
"product_id": "SUSE Linux Enterprise Server 12 SP2:kernel-default-4.4.49-92.11.1.s390x"
},
"product_reference": "kernel-default-4.4.49-92.11.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-4.4.49-92.11.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP2",
"product_id": "SUSE Linux Enterprise Server 12 SP2:kernel-default-4.4.49-92.11.1.x86_64"
},
"product_reference": "kernel-default-4.4.49-92.11.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-base-4.4.49-92.11.1.aarch64 as component of SUSE Linux Enterprise Server 12 SP2",
"product_id": "SUSE Linux Enterprise Server 12 SP2:kernel-default-base-4.4.49-92.11.1.aarch64"
},
"product_reference": "kernel-default-base-4.4.49-92.11.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-base-4.4.49-92.11.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP2",
"product_id": "SUSE Linux Enterprise Server 12 SP2:kernel-default-base-4.4.49-92.11.1.ppc64le"
},
"product_reference": "kernel-default-base-4.4.49-92.11.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-base-4.4.49-92.11.1.s390x as component of SUSE Linux Enterprise Server 12 SP2",
"product_id": "SUSE Linux Enterprise Server 12 SP2:kernel-default-base-4.4.49-92.11.1.s390x"
},
"product_reference": "kernel-default-base-4.4.49-92.11.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-base-4.4.49-92.11.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP2",
"product_id": "SUSE Linux Enterprise Server 12 SP2:kernel-default-base-4.4.49-92.11.1.x86_64"
},
"product_reference": "kernel-default-base-4.4.49-92.11.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-4.4.49-92.11.1.aarch64 as component of SUSE Linux Enterprise Server 12 SP2",
"product_id": "SUSE Linux Enterprise Server 12 SP2:kernel-default-devel-4.4.49-92.11.1.aarch64"
},
"product_reference": "kernel-default-devel-4.4.49-92.11.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-4.4.49-92.11.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP2",
"product_id": "SUSE Linux Enterprise Server 12 SP2:kernel-default-devel-4.4.49-92.11.1.ppc64le"
},
"product_reference": "kernel-default-devel-4.4.49-92.11.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-4.4.49-92.11.1.s390x as component of SUSE Linux Enterprise Server 12 SP2",
"product_id": "SUSE Linux Enterprise Server 12 SP2:kernel-default-devel-4.4.49-92.11.1.s390x"
},
"product_reference": "kernel-default-devel-4.4.49-92.11.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-4.4.49-92.11.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP2",
"product_id": "SUSE Linux Enterprise Server 12 SP2:kernel-default-devel-4.4.49-92.11.1.x86_64"
},
"product_reference": "kernel-default-devel-4.4.49-92.11.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-man-4.4.49-92.11.1.s390x as component of SUSE Linux Enterprise Server 12 SP2",
"product_id": "SUSE Linux Enterprise Server 12 SP2:kernel-default-man-4.4.49-92.11.1.s390x"
},
"product_reference": "kernel-default-man-4.4.49-92.11.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-devel-4.4.49-92.11.1.noarch as component of SUSE Linux Enterprise Server 12 SP2",
"product_id": "SUSE Linux Enterprise Server 12 SP2:kernel-devel-4.4.49-92.11.1.noarch"
},
"product_reference": "kernel-devel-4.4.49-92.11.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-macros-4.4.49-92.11.1.noarch as component of SUSE Linux Enterprise Server 12 SP2",
"product_id": "SUSE Linux Enterprise Server 12 SP2:kernel-macros-4.4.49-92.11.1.noarch"
},
"product_reference": "kernel-macros-4.4.49-92.11.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-source-4.4.49-92.11.1.noarch as component of SUSE Linux Enterprise Server 12 SP2",
"product_id": "SUSE Linux Enterprise Server 12 SP2:kernel-source-4.4.49-92.11.1.noarch"
},
"product_reference": "kernel-source-4.4.49-92.11.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-4.4.49-92.11.1.aarch64 as component of SUSE Linux Enterprise Server 12 SP2",
"product_id": "SUSE Linux Enterprise Server 12 SP2:kernel-syms-4.4.49-92.11.1.aarch64"
},
"product_reference": "kernel-syms-4.4.49-92.11.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-4.4.49-92.11.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP2",
"product_id": "SUSE Linux Enterprise Server 12 SP2:kernel-syms-4.4.49-92.11.1.ppc64le"
},
"product_reference": "kernel-syms-4.4.49-92.11.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-4.4.49-92.11.1.s390x as component of SUSE Linux Enterprise Server 12 SP2",
"product_id": "SUSE Linux Enterprise Server 12 SP2:kernel-syms-4.4.49-92.11.1.s390x"
},
"product_reference": "kernel-syms-4.4.49-92.11.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-4.4.49-92.11.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP2",
"product_id": "SUSE Linux Enterprise Server 12 SP2:kernel-syms-4.4.49-92.11.1.x86_64"
},
"product_reference": "kernel-syms-4.4.49-92.11.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-4.4.49-92.11.1.aarch64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.49-92.11.1.aarch64"
},
"product_reference": "kernel-default-4.4.49-92.11.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-4.4.49-92.11.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.49-92.11.1.ppc64le"
},
"product_reference": "kernel-default-4.4.49-92.11.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-4.4.49-92.11.1.s390x as component of SUSE Linux Enterprise Server for SAP Applications 12 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.49-92.11.1.s390x"
},
"product_reference": "kernel-default-4.4.49-92.11.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-4.4.49-92.11.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.49-92.11.1.x86_64"
},
"product_reference": "kernel-default-4.4.49-92.11.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-base-4.4.49-92.11.1.aarch64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.49-92.11.1.aarch64"
},
"product_reference": "kernel-default-base-4.4.49-92.11.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-base-4.4.49-92.11.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.49-92.11.1.ppc64le"
},
"product_reference": "kernel-default-base-4.4.49-92.11.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-base-4.4.49-92.11.1.s390x as component of SUSE Linux Enterprise Server for SAP Applications 12 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.49-92.11.1.s390x"
},
"product_reference": "kernel-default-base-4.4.49-92.11.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-base-4.4.49-92.11.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.49-92.11.1.x86_64"
},
"product_reference": "kernel-default-base-4.4.49-92.11.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-4.4.49-92.11.1.aarch64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.49-92.11.1.aarch64"
},
"product_reference": "kernel-default-devel-4.4.49-92.11.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-4.4.49-92.11.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.49-92.11.1.ppc64le"
},
"product_reference": "kernel-default-devel-4.4.49-92.11.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-4.4.49-92.11.1.s390x as component of SUSE Linux Enterprise Server for SAP Applications 12 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.49-92.11.1.s390x"
},
"product_reference": "kernel-default-devel-4.4.49-92.11.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-4.4.49-92.11.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.49-92.11.1.x86_64"
},
"product_reference": "kernel-default-devel-4.4.49-92.11.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-man-4.4.49-92.11.1.s390x as component of SUSE Linux Enterprise Server for SAP Applications 12 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-man-4.4.49-92.11.1.s390x"
},
"product_reference": "kernel-default-man-4.4.49-92.11.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-devel-4.4.49-92.11.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 12 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-devel-4.4.49-92.11.1.noarch"
},
"product_reference": "kernel-devel-4.4.49-92.11.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-macros-4.4.49-92.11.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 12 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-macros-4.4.49-92.11.1.noarch"
},
"product_reference": "kernel-macros-4.4.49-92.11.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-source-4.4.49-92.11.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 12 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-source-4.4.49-92.11.1.noarch"
},
"product_reference": "kernel-source-4.4.49-92.11.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-4.4.49-92.11.1.aarch64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.49-92.11.1.aarch64"
},
"product_reference": "kernel-syms-4.4.49-92.11.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-4.4.49-92.11.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.49-92.11.1.ppc64le"
},
"product_reference": "kernel-syms-4.4.49-92.11.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-4.4.49-92.11.1.s390x as component of SUSE Linux Enterprise Server for SAP Applications 12 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.49-92.11.1.s390x"
},
"product_reference": "kernel-syms-4.4.49-92.11.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-4.4.49-92.11.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.49-92.11.1.x86_64"
},
"product_reference": "kernel-syms-4.4.49-92.11.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-extra-4.4.49-92.11.1.x86_64 as component of SUSE Linux Enterprise Workstation Extension 12 SP2",
"product_id": "SUSE Linux Enterprise Workstation Extension 12 SP2:kernel-default-extra-4.4.49-92.11.1.x86_64"
},
"product_reference": "kernel-default-extra-4.4.49-92.11.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Workstation Extension 12 SP2"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2015-8709",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-8709"
}
],
"notes": [
{
"category": "general",
"text": "kernel/ptrace.c in the Linux kernel through 4.4.1 mishandles uid and gid mappings, which allows local users to gain privileges by establishing a user namespace, waiting for a root process to enter that namespace with an unsafe uid or gid, and then using the ptrace system call. NOTE: the vendor states \"there is no kernel bug here.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12 SP2:kernel-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:kernel-default-devel-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:kernel-default-extra-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:kernel-devel-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP2:kernel-macros-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP2:kernel-source-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP2:kernel-syms-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-4_4_49-92_11-default-1-6.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-base-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-base-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-base-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-base-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-devel-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-devel-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-devel-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-devel-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-man-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:kernel-devel-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server 12 SP2:kernel-macros-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server 12 SP2:kernel-source-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server 12 SP2:kernel-syms-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:kernel-syms-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:kernel-syms-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:kernel-syms-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-default-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-default-base-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-default-devel-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-devel-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-macros-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-source-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-syms-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-man-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-devel-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-macros-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-source-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-docs-4.4.49-92.11.3.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-obs-build-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-obs-build-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-obs-build-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-obs-build-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP2:kernel-default-extra-4.4.49-92.11.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-8709",
"url": "https://www.suse.com/security/cve/CVE-2015-8709"
},
{
"category": "external",
"summary": "SUSE Bug 1010933 for CVE-2015-8709",
"url": "https://bugzilla.suse.com/1010933"
},
{
"category": "external",
"summary": "SUSE Bug 959709 for CVE-2015-8709",
"url": "https://bugzilla.suse.com/959709"
},
{
"category": "external",
"summary": "SUSE Bug 960561 for CVE-2015-8709",
"url": "https://bugzilla.suse.com/960561"
},
{
"category": "external",
"summary": "SUSE Bug 960563 for CVE-2015-8709",
"url": "https://bugzilla.suse.com/960563"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12 SP2:kernel-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:kernel-default-devel-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:kernel-default-extra-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:kernel-devel-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP2:kernel-macros-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP2:kernel-source-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP2:kernel-syms-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-4_4_49-92_11-default-1-6.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-base-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-base-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-base-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-base-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-devel-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-devel-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-devel-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-devel-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-man-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:kernel-devel-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server 12 SP2:kernel-macros-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server 12 SP2:kernel-source-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server 12 SP2:kernel-syms-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:kernel-syms-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:kernel-syms-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:kernel-syms-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-default-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-default-base-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-default-devel-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-devel-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-macros-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-source-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-syms-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-man-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-devel-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-macros-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-source-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-docs-4.4.49-92.11.3.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-obs-build-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-obs-build-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-obs-build-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-obs-build-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP2:kernel-default-extra-4.4.49-92.11.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Desktop 12 SP2:kernel-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:kernel-default-devel-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:kernel-default-extra-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:kernel-devel-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP2:kernel-macros-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP2:kernel-source-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP2:kernel-syms-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-4_4_49-92_11-default-1-6.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-base-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-base-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-base-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-base-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-devel-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-devel-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-devel-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-devel-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-man-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:kernel-devel-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server 12 SP2:kernel-macros-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server 12 SP2:kernel-source-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server 12 SP2:kernel-syms-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:kernel-syms-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:kernel-syms-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:kernel-syms-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-default-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-default-base-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-default-devel-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-devel-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-macros-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-source-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-syms-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-man-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-devel-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-macros-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-source-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-docs-4.4.49-92.11.3.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-obs-build-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-obs-build-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-obs-build-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-obs-build-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP2:kernel-default-extra-4.4.49-92.11.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-02-28T12:17:13Z",
"details": "moderate"
}
],
"title": "CVE-2015-8709"
},
{
"cve": "CVE-2016-7117",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-7117"
}
],
"notes": [
{
"category": "general",
"text": "Use-after-free vulnerability in the __sys_recvmmsg function in net/socket.c in the Linux kernel before 4.5.2 allows remote attackers to execute arbitrary code via vectors involving a recvmmsg system call that is mishandled during error processing.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12 SP2:kernel-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:kernel-default-devel-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:kernel-default-extra-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:kernel-devel-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP2:kernel-macros-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP2:kernel-source-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP2:kernel-syms-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-4_4_49-92_11-default-1-6.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-base-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-base-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-base-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-base-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-devel-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-devel-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-devel-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-devel-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-man-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:kernel-devel-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server 12 SP2:kernel-macros-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server 12 SP2:kernel-source-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server 12 SP2:kernel-syms-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:kernel-syms-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:kernel-syms-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:kernel-syms-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-default-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-default-base-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-default-devel-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-devel-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-macros-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-source-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-syms-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-man-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-devel-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-macros-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-source-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-docs-4.4.49-92.11.3.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-obs-build-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-obs-build-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-obs-build-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-obs-build-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP2:kernel-default-extra-4.4.49-92.11.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-7117",
"url": "https://www.suse.com/security/cve/CVE-2016-7117"
},
{
"category": "external",
"summary": "SUSE Bug 1003077 for CVE-2016-7117",
"url": "https://bugzilla.suse.com/1003077"
},
{
"category": "external",
"summary": "SUSE Bug 1003253 for CVE-2016-7117",
"url": "https://bugzilla.suse.com/1003253"
},
{
"category": "external",
"summary": "SUSE Bug 1057478 for CVE-2016-7117",
"url": "https://bugzilla.suse.com/1057478"
},
{
"category": "external",
"summary": "SUSE Bug 1071943 for CVE-2016-7117",
"url": "https://bugzilla.suse.com/1071943"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12 SP2:kernel-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:kernel-default-devel-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:kernel-default-extra-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:kernel-devel-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP2:kernel-macros-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP2:kernel-source-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP2:kernel-syms-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-4_4_49-92_11-default-1-6.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-base-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-base-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-base-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-base-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-devel-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-devel-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-devel-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-devel-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-man-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:kernel-devel-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server 12 SP2:kernel-macros-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server 12 SP2:kernel-source-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server 12 SP2:kernel-syms-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:kernel-syms-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:kernel-syms-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:kernel-syms-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-default-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-default-base-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-default-devel-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-devel-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-macros-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-source-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-syms-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-man-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-devel-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-macros-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-source-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-docs-4.4.49-92.11.3.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-obs-build-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-obs-build-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-obs-build-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-obs-build-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP2:kernel-default-extra-4.4.49-92.11.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Desktop 12 SP2:kernel-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:kernel-default-devel-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:kernel-default-extra-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:kernel-devel-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP2:kernel-macros-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP2:kernel-source-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP2:kernel-syms-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-4_4_49-92_11-default-1-6.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-base-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-base-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-base-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-base-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-devel-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-devel-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-devel-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-devel-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-man-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:kernel-devel-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server 12 SP2:kernel-macros-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server 12 SP2:kernel-source-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server 12 SP2:kernel-syms-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:kernel-syms-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:kernel-syms-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:kernel-syms-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-default-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-default-base-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-default-devel-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-devel-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-macros-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-source-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-syms-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-man-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-devel-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-macros-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-source-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-docs-4.4.49-92.11.3.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-obs-build-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-obs-build-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-obs-build-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-obs-build-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP2:kernel-default-extra-4.4.49-92.11.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-02-28T12:17:13Z",
"details": "moderate"
}
],
"title": "CVE-2016-7117"
},
{
"cve": "CVE-2016-9806",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-9806"
}
],
"notes": [
{
"category": "general",
"text": "Race condition in the netlink_dump function in net/netlink/af_netlink.c in the Linux kernel before 4.6.3 allows local users to cause a denial of service (double free) or possibly have unspecified other impact via a crafted application that makes sendmsg system calls, leading to a free operation associated with a new dump that started earlier than anticipated.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12 SP2:kernel-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:kernel-default-devel-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:kernel-default-extra-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:kernel-devel-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP2:kernel-macros-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP2:kernel-source-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP2:kernel-syms-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-4_4_49-92_11-default-1-6.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-base-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-base-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-base-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-base-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-devel-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-devel-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-devel-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-devel-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-man-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:kernel-devel-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server 12 SP2:kernel-macros-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server 12 SP2:kernel-source-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server 12 SP2:kernel-syms-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:kernel-syms-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:kernel-syms-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:kernel-syms-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-default-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-default-base-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-default-devel-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-devel-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-macros-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-source-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-syms-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-man-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-devel-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-macros-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-source-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-docs-4.4.49-92.11.3.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-obs-build-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-obs-build-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-obs-build-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-obs-build-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP2:kernel-default-extra-4.4.49-92.11.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-9806",
"url": "https://www.suse.com/security/cve/CVE-2016-9806"
},
{
"category": "external",
"summary": "SUSE Bug 1013540 for CVE-2016-9806",
"url": "https://bugzilla.suse.com/1013540"
},
{
"category": "external",
"summary": "SUSE Bug 1017589 for CVE-2016-9806",
"url": "https://bugzilla.suse.com/1017589"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12 SP2:kernel-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:kernel-default-devel-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:kernel-default-extra-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:kernel-devel-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP2:kernel-macros-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP2:kernel-source-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP2:kernel-syms-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-4_4_49-92_11-default-1-6.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-base-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-base-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-base-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-base-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-devel-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-devel-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-devel-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-devel-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-man-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:kernel-devel-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server 12 SP2:kernel-macros-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server 12 SP2:kernel-source-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server 12 SP2:kernel-syms-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:kernel-syms-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:kernel-syms-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:kernel-syms-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-default-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-default-base-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-default-devel-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-devel-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-macros-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-source-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-syms-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-man-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-devel-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-macros-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-source-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-docs-4.4.49-92.11.3.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-obs-build-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-obs-build-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-obs-build-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-obs-build-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP2:kernel-default-extra-4.4.49-92.11.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Desktop 12 SP2:kernel-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:kernel-default-devel-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:kernel-default-extra-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:kernel-devel-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP2:kernel-macros-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP2:kernel-source-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP2:kernel-syms-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-4_4_49-92_11-default-1-6.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-base-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-base-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-base-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-base-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-devel-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-devel-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-devel-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-devel-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-man-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:kernel-devel-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server 12 SP2:kernel-macros-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server 12 SP2:kernel-source-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server 12 SP2:kernel-syms-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:kernel-syms-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:kernel-syms-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:kernel-syms-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-default-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-default-base-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-default-devel-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-devel-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-macros-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-source-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-syms-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-man-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-devel-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-macros-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-source-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-docs-4.4.49-92.11.3.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-obs-build-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-obs-build-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-obs-build-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-obs-build-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP2:kernel-default-extra-4.4.49-92.11.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-02-28T12:17:13Z",
"details": "important"
}
],
"title": "CVE-2016-9806"
},
{
"cve": "CVE-2017-2583",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-2583"
}
],
"notes": [
{
"category": "general",
"text": "The load_segment_descriptor implementation in arch/x86/kvm/emulate.c in the Linux kernel before 4.9.5 improperly emulates a \"MOV SS, NULL selector\" instruction, which allows guest OS users to cause a denial of service (guest OS crash) or gain guest OS privileges via a crafted application.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12 SP2:kernel-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:kernel-default-devel-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:kernel-default-extra-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:kernel-devel-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP2:kernel-macros-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP2:kernel-source-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP2:kernel-syms-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-4_4_49-92_11-default-1-6.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-base-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-base-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-base-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-base-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-devel-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-devel-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-devel-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-devel-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-man-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:kernel-devel-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server 12 SP2:kernel-macros-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server 12 SP2:kernel-source-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server 12 SP2:kernel-syms-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:kernel-syms-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:kernel-syms-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:kernel-syms-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-default-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-default-base-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-default-devel-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-devel-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-macros-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-source-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-syms-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-man-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-devel-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-macros-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-source-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-docs-4.4.49-92.11.3.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-obs-build-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-obs-build-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-obs-build-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-obs-build-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP2:kernel-default-extra-4.4.49-92.11.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-2583",
"url": "https://www.suse.com/security/cve/CVE-2017-2583"
},
{
"category": "external",
"summary": "SUSE Bug 1020602 for CVE-2017-2583",
"url": "https://bugzilla.suse.com/1020602"
},
{
"category": "external",
"summary": "SUSE Bug 1030573 for CVE-2017-2583",
"url": "https://bugzilla.suse.com/1030573"
},
{
"category": "external",
"summary": "SUSE Bug 1087082 for CVE-2017-2583",
"url": "https://bugzilla.suse.com/1087082"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12 SP2:kernel-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:kernel-default-devel-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:kernel-default-extra-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:kernel-devel-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP2:kernel-macros-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP2:kernel-source-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP2:kernel-syms-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-4_4_49-92_11-default-1-6.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-base-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-base-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-base-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-base-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-devel-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-devel-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-devel-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-devel-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-man-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:kernel-devel-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server 12 SP2:kernel-macros-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server 12 SP2:kernel-source-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server 12 SP2:kernel-syms-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:kernel-syms-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:kernel-syms-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:kernel-syms-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-default-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-default-base-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-default-devel-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-devel-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-macros-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-source-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-syms-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-man-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-devel-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-macros-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-source-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-docs-4.4.49-92.11.3.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-obs-build-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-obs-build-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-obs-build-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-obs-build-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP2:kernel-default-extra-4.4.49-92.11.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.4,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Desktop 12 SP2:kernel-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:kernel-default-devel-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:kernel-default-extra-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:kernel-devel-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP2:kernel-macros-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP2:kernel-source-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP2:kernel-syms-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-4_4_49-92_11-default-1-6.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-base-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-base-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-base-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-base-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-devel-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-devel-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-devel-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-devel-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-man-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:kernel-devel-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server 12 SP2:kernel-macros-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server 12 SP2:kernel-source-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server 12 SP2:kernel-syms-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:kernel-syms-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:kernel-syms-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:kernel-syms-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-default-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-default-base-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-default-devel-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-devel-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-macros-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-source-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-syms-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-man-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-devel-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-macros-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-source-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-docs-4.4.49-92.11.3.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-obs-build-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-obs-build-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-obs-build-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-obs-build-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP2:kernel-default-extra-4.4.49-92.11.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-02-28T12:17:13Z",
"details": "moderate"
}
],
"title": "CVE-2017-2583"
},
{
"cve": "CVE-2017-2584",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-2584"
}
],
"notes": [
{
"category": "general",
"text": "arch/x86/kvm/emulate.c in the Linux kernel through 4.9.3 allows local users to obtain sensitive information from kernel memory or cause a denial of service (use-after-free) via a crafted application that leverages instruction emulation for fxrstor, fxsave, sgdt, and sidt.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12 SP2:kernel-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:kernel-default-devel-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:kernel-default-extra-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:kernel-devel-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP2:kernel-macros-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP2:kernel-source-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP2:kernel-syms-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-4_4_49-92_11-default-1-6.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-base-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-base-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-base-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-base-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-devel-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-devel-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-devel-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-devel-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-man-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:kernel-devel-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server 12 SP2:kernel-macros-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server 12 SP2:kernel-source-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server 12 SP2:kernel-syms-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:kernel-syms-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:kernel-syms-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:kernel-syms-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-default-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-default-base-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-default-devel-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-devel-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-macros-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-source-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-syms-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-man-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-devel-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-macros-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-source-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-docs-4.4.49-92.11.3.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-obs-build-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-obs-build-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-obs-build-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-obs-build-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP2:kernel-default-extra-4.4.49-92.11.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-2584",
"url": "https://www.suse.com/security/cve/CVE-2017-2584"
},
{
"category": "external",
"summary": "SUSE Bug 1019851 for CVE-2017-2584",
"url": "https://bugzilla.suse.com/1019851"
},
{
"category": "external",
"summary": "SUSE Bug 1087082 for CVE-2017-2584",
"url": "https://bugzilla.suse.com/1087082"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12 SP2:kernel-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:kernel-default-devel-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:kernel-default-extra-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:kernel-devel-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP2:kernel-macros-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP2:kernel-source-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP2:kernel-syms-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-4_4_49-92_11-default-1-6.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-base-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-base-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-base-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-base-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-devel-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-devel-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-devel-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-devel-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-man-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:kernel-devel-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server 12 SP2:kernel-macros-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server 12 SP2:kernel-source-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server 12 SP2:kernel-syms-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:kernel-syms-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:kernel-syms-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:kernel-syms-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-default-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-default-base-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-default-devel-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-devel-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-macros-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-source-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-syms-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-man-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-devel-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-macros-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-source-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-docs-4.4.49-92.11.3.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-obs-build-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-obs-build-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-obs-build-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-obs-build-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP2:kernel-default-extra-4.4.49-92.11.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Desktop 12 SP2:kernel-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:kernel-default-devel-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:kernel-default-extra-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:kernel-devel-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP2:kernel-macros-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP2:kernel-source-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP2:kernel-syms-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-4_4_49-92_11-default-1-6.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-base-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-base-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-base-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-base-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-devel-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-devel-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-devel-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-devel-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-man-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:kernel-devel-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server 12 SP2:kernel-macros-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server 12 SP2:kernel-source-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server 12 SP2:kernel-syms-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:kernel-syms-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:kernel-syms-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:kernel-syms-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-default-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-default-base-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-default-devel-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-devel-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-macros-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-source-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-syms-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-man-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-devel-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-macros-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-source-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-docs-4.4.49-92.11.3.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-obs-build-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-obs-build-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-obs-build-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-obs-build-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP2:kernel-default-extra-4.4.49-92.11.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-02-28T12:17:13Z",
"details": "moderate"
}
],
"title": "CVE-2017-2584"
},
{
"cve": "CVE-2017-5551",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-5551"
}
],
"notes": [
{
"category": "general",
"text": "The simple_set_acl function in fs/posix_acl.c in the Linux kernel before 4.9.6 preserves the setgid bit during a setxattr call involving a tmpfs filesystem, which allows local users to gain group privileges by leveraging the existence of a setgid program with restrictions on execute permissions. NOTE: this vulnerability exists because of an incomplete fix for CVE-2016-7097.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12 SP2:kernel-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:kernel-default-devel-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:kernel-default-extra-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:kernel-devel-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP2:kernel-macros-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP2:kernel-source-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP2:kernel-syms-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-4_4_49-92_11-default-1-6.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-base-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-base-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-base-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-base-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-devel-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-devel-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-devel-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-devel-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-man-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:kernel-devel-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server 12 SP2:kernel-macros-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server 12 SP2:kernel-source-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server 12 SP2:kernel-syms-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:kernel-syms-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:kernel-syms-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:kernel-syms-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-default-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-default-base-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-default-devel-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-devel-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-macros-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-source-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-syms-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-man-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-devel-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-macros-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-source-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-docs-4.4.49-92.11.3.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-obs-build-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-obs-build-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-obs-build-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-obs-build-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP2:kernel-default-extra-4.4.49-92.11.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-5551",
"url": "https://www.suse.com/security/cve/CVE-2017-5551"
},
{
"category": "external",
"summary": "SUSE Bug 1021258 for CVE-2017-5551",
"url": "https://bugzilla.suse.com/1021258"
},
{
"category": "external",
"summary": "SUSE Bug 995968 for CVE-2017-5551",
"url": "https://bugzilla.suse.com/995968"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12 SP2:kernel-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:kernel-default-devel-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:kernel-default-extra-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:kernel-devel-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP2:kernel-macros-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP2:kernel-source-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP2:kernel-syms-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-4_4_49-92_11-default-1-6.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-base-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-base-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-base-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-base-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-devel-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-devel-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-devel-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-devel-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-man-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:kernel-devel-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server 12 SP2:kernel-macros-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server 12 SP2:kernel-source-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server 12 SP2:kernel-syms-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:kernel-syms-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:kernel-syms-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:kernel-syms-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-default-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-default-base-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-default-devel-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-devel-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-macros-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-source-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-syms-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-man-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-devel-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-macros-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-source-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-docs-4.4.49-92.11.3.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-obs-build-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-obs-build-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-obs-build-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-obs-build-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP2:kernel-default-extra-4.4.49-92.11.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Desktop 12 SP2:kernel-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:kernel-default-devel-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:kernel-default-extra-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:kernel-devel-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP2:kernel-macros-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP2:kernel-source-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP2:kernel-syms-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-4_4_49-92_11-default-1-6.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-base-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-base-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-base-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-base-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-devel-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-devel-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-devel-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-devel-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-man-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:kernel-devel-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server 12 SP2:kernel-macros-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server 12 SP2:kernel-source-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server 12 SP2:kernel-syms-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:kernel-syms-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:kernel-syms-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:kernel-syms-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-default-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-default-base-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-default-devel-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-devel-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-macros-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-source-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-syms-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-man-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-devel-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-macros-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-source-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-docs-4.4.49-92.11.3.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-obs-build-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-obs-build-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-obs-build-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-obs-build-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP2:kernel-default-extra-4.4.49-92.11.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-02-28T12:17:13Z",
"details": "moderate"
}
],
"title": "CVE-2017-5551"
},
{
"cve": "CVE-2017-5576",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-5576"
}
],
"notes": [
{
"category": "general",
"text": "Integer overflow in the vc4_get_bcl function in drivers/gpu/drm/vc4/vc4_gem.c in the VideoCore DRM driver in the Linux kernel before 4.9.7 allows local users to cause a denial of service or possibly have unspecified other impact via a crafted size value in a VC4_SUBMIT_CL ioctl call.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12 SP2:kernel-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:kernel-default-devel-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:kernel-default-extra-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:kernel-devel-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP2:kernel-macros-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP2:kernel-source-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP2:kernel-syms-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-4_4_49-92_11-default-1-6.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-base-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-base-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-base-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-base-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-devel-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-devel-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-devel-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-devel-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-man-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:kernel-devel-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server 12 SP2:kernel-macros-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server 12 SP2:kernel-source-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server 12 SP2:kernel-syms-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:kernel-syms-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:kernel-syms-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:kernel-syms-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-default-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-default-base-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-default-devel-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-devel-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-macros-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-source-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-syms-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-man-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-devel-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-macros-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-source-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-docs-4.4.49-92.11.3.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-obs-build-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-obs-build-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-obs-build-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-obs-build-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP2:kernel-default-extra-4.4.49-92.11.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-5576",
"url": "https://www.suse.com/security/cve/CVE-2017-5576"
},
{
"category": "external",
"summary": "SUSE Bug 1021294 for CVE-2017-5576",
"url": "https://bugzilla.suse.com/1021294"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12 SP2:kernel-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:kernel-default-devel-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:kernel-default-extra-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:kernel-devel-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP2:kernel-macros-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP2:kernel-source-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP2:kernel-syms-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-4_4_49-92_11-default-1-6.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-base-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-base-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-base-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-base-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-devel-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-devel-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-devel-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-devel-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-man-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:kernel-devel-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server 12 SP2:kernel-macros-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server 12 SP2:kernel-source-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server 12 SP2:kernel-syms-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:kernel-syms-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:kernel-syms-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:kernel-syms-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-default-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-default-base-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-default-devel-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-devel-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-macros-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-source-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-syms-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-man-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-devel-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-macros-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-source-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-docs-4.4.49-92.11.3.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-obs-build-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-obs-build-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-obs-build-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-obs-build-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP2:kernel-default-extra-4.4.49-92.11.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Desktop 12 SP2:kernel-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:kernel-default-devel-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:kernel-default-extra-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:kernel-devel-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP2:kernel-macros-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP2:kernel-source-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP2:kernel-syms-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-4_4_49-92_11-default-1-6.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-base-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-base-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-base-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-base-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-devel-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-devel-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-devel-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-devel-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-man-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:kernel-devel-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server 12 SP2:kernel-macros-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server 12 SP2:kernel-source-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server 12 SP2:kernel-syms-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:kernel-syms-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:kernel-syms-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:kernel-syms-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-default-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-default-base-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-default-devel-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-devel-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-macros-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-source-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-syms-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-man-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-devel-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-macros-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-source-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-docs-4.4.49-92.11.3.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-obs-build-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-obs-build-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-obs-build-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-obs-build-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP2:kernel-default-extra-4.4.49-92.11.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-02-28T12:17:13Z",
"details": "low"
}
],
"title": "CVE-2017-5576"
},
{
"cve": "CVE-2017-5577",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-5577"
}
],
"notes": [
{
"category": "general",
"text": "The vc4_get_bcl function in drivers/gpu/drm/vc4/vc4_gem.c in the VideoCore DRM driver in the Linux kernel before 4.9.7 does not set an errno value upon certain overflow detections, which allows local users to cause a denial of service (incorrect pointer dereference and OOPS) via inconsistent size values in a VC4_SUBMIT_CL ioctl call.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12 SP2:kernel-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:kernel-default-devel-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:kernel-default-extra-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:kernel-devel-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP2:kernel-macros-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP2:kernel-source-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP2:kernel-syms-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-4_4_49-92_11-default-1-6.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-base-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-base-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-base-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-base-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-devel-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-devel-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-devel-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-devel-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-man-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:kernel-devel-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server 12 SP2:kernel-macros-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server 12 SP2:kernel-source-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server 12 SP2:kernel-syms-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:kernel-syms-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:kernel-syms-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:kernel-syms-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-default-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-default-base-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-default-devel-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-devel-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-macros-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-source-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-syms-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-man-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-devel-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-macros-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-source-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-docs-4.4.49-92.11.3.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-obs-build-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-obs-build-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-obs-build-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-obs-build-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP2:kernel-default-extra-4.4.49-92.11.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-5577",
"url": "https://www.suse.com/security/cve/CVE-2017-5577"
},
{
"category": "external",
"summary": "SUSE Bug 1021294 for CVE-2017-5577",
"url": "https://bugzilla.suse.com/1021294"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12 SP2:kernel-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:kernel-default-devel-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:kernel-default-extra-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:kernel-devel-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP2:kernel-macros-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP2:kernel-source-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP2:kernel-syms-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-4_4_49-92_11-default-1-6.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-base-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-base-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-base-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-base-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-devel-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-devel-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-devel-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-devel-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-man-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:kernel-devel-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server 12 SP2:kernel-macros-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server 12 SP2:kernel-source-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server 12 SP2:kernel-syms-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:kernel-syms-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:kernel-syms-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:kernel-syms-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-default-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-default-base-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-default-devel-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-devel-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-macros-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-source-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-syms-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-man-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-devel-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-macros-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-source-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-docs-4.4.49-92.11.3.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-obs-build-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-obs-build-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-obs-build-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-obs-build-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP2:kernel-default-extra-4.4.49-92.11.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Desktop 12 SP2:kernel-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:kernel-default-devel-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:kernel-default-extra-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:kernel-devel-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP2:kernel-macros-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP2:kernel-source-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP2:kernel-syms-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-4_4_49-92_11-default-1-6.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-base-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-base-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-base-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-base-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-devel-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-devel-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-devel-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-devel-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-man-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:kernel-devel-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server 12 SP2:kernel-macros-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server 12 SP2:kernel-source-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server 12 SP2:kernel-syms-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:kernel-syms-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:kernel-syms-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:kernel-syms-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-default-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-default-base-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-default-devel-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-devel-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-macros-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-source-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-syms-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-man-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-devel-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-macros-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-source-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-docs-4.4.49-92.11.3.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-obs-build-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-obs-build-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-obs-build-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-obs-build-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP2:kernel-default-extra-4.4.49-92.11.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-02-28T12:17:13Z",
"details": "low"
}
],
"title": "CVE-2017-5577"
},
{
"cve": "CVE-2017-5897",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-5897"
}
],
"notes": [
{
"category": "general",
"text": "The ip6gre_err function in net/ipv6/ip6_gre.c in the Linux kernel allows remote attackers to have unspecified impact via vectors involving GRE flags in an IPv6 packet, which trigger an out-of-bounds access.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12 SP2:kernel-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:kernel-default-devel-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:kernel-default-extra-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:kernel-devel-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP2:kernel-macros-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP2:kernel-source-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP2:kernel-syms-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-4_4_49-92_11-default-1-6.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-base-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-base-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-base-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-base-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-devel-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-devel-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-devel-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-devel-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-man-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:kernel-devel-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server 12 SP2:kernel-macros-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server 12 SP2:kernel-source-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server 12 SP2:kernel-syms-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:kernel-syms-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:kernel-syms-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:kernel-syms-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-default-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-default-base-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-default-devel-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-devel-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-macros-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-source-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-syms-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-man-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-devel-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-macros-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-source-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-docs-4.4.49-92.11.3.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-obs-build-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-obs-build-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-obs-build-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-obs-build-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP2:kernel-default-extra-4.4.49-92.11.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-5897",
"url": "https://www.suse.com/security/cve/CVE-2017-5897"
},
{
"category": "external",
"summary": "SUSE Bug 1023762 for CVE-2017-5897",
"url": "https://bugzilla.suse.com/1023762"
},
{
"category": "external",
"summary": "SUSE Bug 1087082 for CVE-2017-5897",
"url": "https://bugzilla.suse.com/1087082"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12 SP2:kernel-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:kernel-default-devel-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:kernel-default-extra-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:kernel-devel-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP2:kernel-macros-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP2:kernel-source-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP2:kernel-syms-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-4_4_49-92_11-default-1-6.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-base-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-base-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-base-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-base-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-devel-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-devel-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-devel-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-devel-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-man-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:kernel-devel-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server 12 SP2:kernel-macros-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server 12 SP2:kernel-source-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server 12 SP2:kernel-syms-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:kernel-syms-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:kernel-syms-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:kernel-syms-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-default-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-default-base-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-default-devel-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-devel-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-macros-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-source-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-syms-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-man-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-devel-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-macros-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-source-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-docs-4.4.49-92.11.3.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-obs-build-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-obs-build-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-obs-build-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-obs-build-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP2:kernel-default-extra-4.4.49-92.11.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.7,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Desktop 12 SP2:kernel-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:kernel-default-devel-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:kernel-default-extra-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:kernel-devel-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP2:kernel-macros-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP2:kernel-source-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP2:kernel-syms-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-4_4_49-92_11-default-1-6.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-base-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-base-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-base-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-base-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-devel-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-devel-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-devel-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-devel-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-man-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:kernel-devel-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server 12 SP2:kernel-macros-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server 12 SP2:kernel-source-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server 12 SP2:kernel-syms-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:kernel-syms-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:kernel-syms-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:kernel-syms-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-default-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-default-base-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-default-devel-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-devel-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-macros-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-source-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-syms-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-man-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-devel-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-macros-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-source-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-docs-4.4.49-92.11.3.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-obs-build-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-obs-build-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-obs-build-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-obs-build-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP2:kernel-default-extra-4.4.49-92.11.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-02-28T12:17:13Z",
"details": "low"
}
],
"title": "CVE-2017-5897"
},
{
"cve": "CVE-2017-5970",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-5970"
}
],
"notes": [
{
"category": "general",
"text": "The ipv4_pktinfo_prepare function in net/ipv4/ip_sockglue.c in the Linux kernel through 4.9.9 allows attackers to cause a denial of service (system crash) via (1) an application that makes crafted system calls or possibly (2) IPv4 traffic with invalid IP options.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12 SP2:kernel-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:kernel-default-devel-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:kernel-default-extra-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:kernel-devel-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP2:kernel-macros-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP2:kernel-source-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP2:kernel-syms-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-4_4_49-92_11-default-1-6.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-base-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-base-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-base-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-base-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-devel-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-devel-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-devel-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-devel-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-man-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:kernel-devel-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server 12 SP2:kernel-macros-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server 12 SP2:kernel-source-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server 12 SP2:kernel-syms-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:kernel-syms-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:kernel-syms-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:kernel-syms-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-default-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-default-base-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-default-devel-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-devel-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-macros-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-source-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-syms-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-man-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-devel-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-macros-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-source-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-docs-4.4.49-92.11.3.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-obs-build-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-obs-build-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-obs-build-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-obs-build-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP2:kernel-default-extra-4.4.49-92.11.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-5970",
"url": "https://www.suse.com/security/cve/CVE-2017-5970"
},
{
"category": "external",
"summary": "SUSE Bug 1024938 for CVE-2017-5970",
"url": "https://bugzilla.suse.com/1024938"
},
{
"category": "external",
"summary": "SUSE Bug 1025013 for CVE-2017-5970",
"url": "https://bugzilla.suse.com/1025013"
},
{
"category": "external",
"summary": "SUSE Bug 1115893 for CVE-2017-5970",
"url": "https://bugzilla.suse.com/1115893"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12 SP2:kernel-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:kernel-default-devel-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:kernel-default-extra-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:kernel-devel-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP2:kernel-macros-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP2:kernel-source-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP2:kernel-syms-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-4_4_49-92_11-default-1-6.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-base-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-base-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-base-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-base-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-devel-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-devel-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-devel-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-devel-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-man-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:kernel-devel-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server 12 SP2:kernel-macros-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server 12 SP2:kernel-source-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server 12 SP2:kernel-syms-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:kernel-syms-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:kernel-syms-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:kernel-syms-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-default-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-default-base-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-default-devel-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-devel-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-macros-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-source-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-syms-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-man-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-devel-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-macros-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-source-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-docs-4.4.49-92.11.3.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-obs-build-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-obs-build-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-obs-build-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-obs-build-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP2:kernel-default-extra-4.4.49-92.11.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Desktop 12 SP2:kernel-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:kernel-default-devel-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:kernel-default-extra-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:kernel-devel-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP2:kernel-macros-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP2:kernel-source-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP2:kernel-syms-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-4_4_49-92_11-default-1-6.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-base-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-base-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-base-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-base-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-devel-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-devel-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-devel-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-devel-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-man-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:kernel-devel-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server 12 SP2:kernel-macros-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server 12 SP2:kernel-source-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server 12 SP2:kernel-syms-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:kernel-syms-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:kernel-syms-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:kernel-syms-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-default-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-default-base-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-default-devel-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-devel-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-macros-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-source-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-syms-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-man-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-devel-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-macros-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-source-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-docs-4.4.49-92.11.3.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-obs-build-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-obs-build-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-obs-build-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-obs-build-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP2:kernel-default-extra-4.4.49-92.11.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-02-28T12:17:13Z",
"details": "important"
}
],
"title": "CVE-2017-5970"
},
{
"cve": "CVE-2017-5986",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-5986"
}
],
"notes": [
{
"category": "general",
"text": "Race condition in the sctp_wait_for_sndbuf function in net/sctp/socket.c in the Linux kernel before 4.9.11 allows local users to cause a denial of service (assertion failure and panic) via a multithreaded application that peels off an association in a certain buffer-full state.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12 SP2:kernel-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:kernel-default-devel-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:kernel-default-extra-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:kernel-devel-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP2:kernel-macros-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP2:kernel-source-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP2:kernel-syms-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-4_4_49-92_11-default-1-6.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-base-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-base-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-base-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-base-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-devel-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-devel-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-devel-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-devel-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-man-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:kernel-devel-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server 12 SP2:kernel-macros-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server 12 SP2:kernel-source-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server 12 SP2:kernel-syms-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:kernel-syms-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:kernel-syms-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:kernel-syms-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-default-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-default-base-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-default-devel-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-devel-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-macros-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-source-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-syms-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-man-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-devel-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-macros-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-source-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-docs-4.4.49-92.11.3.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-obs-build-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-obs-build-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-obs-build-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-obs-build-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP2:kernel-default-extra-4.4.49-92.11.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-5986",
"url": "https://www.suse.com/security/cve/CVE-2017-5986"
},
{
"category": "external",
"summary": "SUSE Bug 1025235 for CVE-2017-5986",
"url": "https://bugzilla.suse.com/1025235"
},
{
"category": "external",
"summary": "SUSE Bug 1027066 for CVE-2017-5986",
"url": "https://bugzilla.suse.com/1027066"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12 SP2:kernel-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:kernel-default-devel-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:kernel-default-extra-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:kernel-devel-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP2:kernel-macros-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP2:kernel-source-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP2:kernel-syms-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-4_4_49-92_11-default-1-6.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-base-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-base-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-base-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-base-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-devel-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-devel-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-devel-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-devel-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-man-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:kernel-devel-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server 12 SP2:kernel-macros-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server 12 SP2:kernel-source-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server 12 SP2:kernel-syms-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:kernel-syms-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:kernel-syms-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:kernel-syms-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-default-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-default-base-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-default-devel-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-devel-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-macros-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-source-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-syms-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-man-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-devel-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-macros-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-source-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-docs-4.4.49-92.11.3.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-obs-build-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-obs-build-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-obs-build-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-obs-build-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP2:kernel-default-extra-4.4.49-92.11.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Desktop 12 SP2:kernel-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:kernel-default-devel-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:kernel-default-extra-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:kernel-devel-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP2:kernel-macros-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP2:kernel-source-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP2:kernel-syms-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-4_4_49-92_11-default-1-6.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-base-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-base-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-base-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-base-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-devel-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-devel-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-devel-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-devel-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-man-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:kernel-devel-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server 12 SP2:kernel-macros-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server 12 SP2:kernel-source-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server 12 SP2:kernel-syms-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:kernel-syms-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:kernel-syms-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:kernel-syms-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-default-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-default-base-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-default-devel-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-devel-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-macros-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-source-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-syms-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-man-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-devel-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-macros-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-source-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-docs-4.4.49-92.11.3.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-obs-build-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-obs-build-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-obs-build-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-obs-build-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP2:kernel-default-extra-4.4.49-92.11.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-02-28T12:17:13Z",
"details": "moderate"
}
],
"title": "CVE-2017-5986"
}
]
}
suse-su-2016:1032-1
Vulnerability from csaf_suse
Published
2016-04-14 11:42
Modified
2016-04-14 11:42
Summary
Security update for Linux Kernel Live Patch 1 for SP 1
Notes
Title of the patch
Security update for Linux Kernel Live Patch 1 for SP 1
Description of the patch
This update for the Linux Kernel 3.12.51-60.20.1 fixes the following issues:
- CVE-2016-2384: A malicious USB device could cause a kernel crash in
the alsa usb-audio driver. (bsc#967773)
- CVE-2015-8812: A flaw was found in the CXGB3 kernel driver when
the network was considered congested. The kernel would incorrectly
misinterpret the congestion as an error condition and incorrectly
free/clean up the skb. When the device would then send the skb's queued,
these structures would be referenced and may panic the system or allow
an attacker to escalate privileges in a use-after-free scenario. (bsc#966683)
- CVE-2016-0774: A pipe buffer state corruption after unsuccessful atomic
read from pipe was fixed (bsc#964732).
- CVE-2015-8709: kernel/ptrace.c in the Linux kernel mishandled uid and
gid mappings, which allowed local users to gain privileges by establishing
a user namespace, waiting for a root process to enter that namespace
with an unsafe uid or gid, and then using the ptrace system call. NOTE:
the vendor states 'there is no kernel bug here.' (bsc#960563)
Patchnames
SUSE-SLE-Live-Patching-12-2016-611
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for Linux Kernel Live Patch 1 for SP 1",
"title": "Title of the patch"
},
{
"category": "description",
"text": "\nThis update for the Linux Kernel 3.12.51-60.20.1 fixes the following issues:\n\n- CVE-2016-2384: A malicious USB device could cause a kernel crash in\n the alsa usb-audio driver. (bsc#967773)\n\n- CVE-2015-8812: A flaw was found in the CXGB3 kernel driver when\n the network was considered congested. The kernel would incorrectly\n misinterpret the congestion as an error condition and incorrectly\n free/clean up the skb. When the device would then send the skb\u0027s queued,\n these structures would be referenced and may panic the system or allow\n an attacker to escalate privileges in a use-after-free scenario. (bsc#966683)\n\n- CVE-2016-0774: A pipe buffer state corruption after unsuccessful atomic\n read from pipe was fixed (bsc#964732).\n\n- CVE-2015-8709: kernel/ptrace.c in the Linux kernel mishandled uid and\n gid mappings, which allowed local users to gain privileges by establishing\n a user namespace, waiting for a root process to enter that namespace\n with an unsafe uid or gid, and then using the ptrace system call. NOTE:\n the vendor states \u0027there is no kernel bug here.\u0027 (bsc#960563)\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-SLE-Live-Patching-12-2016-611",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2016_1032-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2016:1032-1",
"url": "https://www.suse.com/support/update/announcement/2016/suse-su-20161032-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2016:1032-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2016-April/002003.html"
},
{
"category": "self",
"summary": "SUSE Bug 960563",
"url": "https://bugzilla.suse.com/960563"
},
{
"category": "self",
"summary": "SUSE Bug 964732",
"url": "https://bugzilla.suse.com/964732"
},
{
"category": "self",
"summary": "SUSE Bug 966683",
"url": "https://bugzilla.suse.com/966683"
},
{
"category": "self",
"summary": "SUSE Bug 967773",
"url": "https://bugzilla.suse.com/967773"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-8709 page",
"url": "https://www.suse.com/security/cve/CVE-2015-8709/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-8812 page",
"url": "https://www.suse.com/security/cve/CVE-2015-8812/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-0774 page",
"url": "https://www.suse.com/security/cve/CVE-2016-0774/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-2384 page",
"url": "https://www.suse.com/security/cve/CVE-2016-2384/"
}
],
"title": "Security update for Linux Kernel Live Patch 1 for SP 1",
"tracking": {
"current_release_date": "2016-04-14T11:42:53Z",
"generator": {
"date": "2016-04-14T11:42:53Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2016:1032-1",
"initial_release_date": "2016-04-14T11:42:53Z",
"revision_history": [
{
"date": "2016-04-14T11:42:53Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "kgraft-patch-3_12_51-60_20-default-4-2.1.x86_64",
"product": {
"name": "kgraft-patch-3_12_51-60_20-default-4-2.1.x86_64",
"product_id": "kgraft-patch-3_12_51-60_20-default-4-2.1.x86_64"
}
},
{
"category": "product_version",
"name": "kgraft-patch-3_12_51-60_20-xen-4-2.1.x86_64",
"product": {
"name": "kgraft-patch-3_12_51-60_20-xen-4-2.1.x86_64",
"product_id": "kgraft-patch-3_12_51-60_20-xen-4-2.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Live Patching 12",
"product": {
"name": "SUSE Linux Enterprise Live Patching 12",
"product_id": "SUSE Linux Enterprise Live Patching 12",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-live-patching:12"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-3_12_51-60_20-default-4-2.1.x86_64 as component of SUSE Linux Enterprise Live Patching 12",
"product_id": "SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_51-60_20-default-4-2.1.x86_64"
},
"product_reference": "kgraft-patch-3_12_51-60_20-default-4-2.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-3_12_51-60_20-xen-4-2.1.x86_64 as component of SUSE Linux Enterprise Live Patching 12",
"product_id": "SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_51-60_20-xen-4-2.1.x86_64"
},
"product_reference": "kgraft-patch-3_12_51-60_20-xen-4-2.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 12"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2015-8709",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-8709"
}
],
"notes": [
{
"category": "general",
"text": "kernel/ptrace.c in the Linux kernel through 4.4.1 mishandles uid and gid mappings, which allows local users to gain privileges by establishing a user namespace, waiting for a root process to enter that namespace with an unsafe uid or gid, and then using the ptrace system call. NOTE: the vendor states \"there is no kernel bug here.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_51-60_20-default-4-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_51-60_20-xen-4-2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-8709",
"url": "https://www.suse.com/security/cve/CVE-2015-8709"
},
{
"category": "external",
"summary": "SUSE Bug 1010933 for CVE-2015-8709",
"url": "https://bugzilla.suse.com/1010933"
},
{
"category": "external",
"summary": "SUSE Bug 959709 for CVE-2015-8709",
"url": "https://bugzilla.suse.com/959709"
},
{
"category": "external",
"summary": "SUSE Bug 960561 for CVE-2015-8709",
"url": "https://bugzilla.suse.com/960561"
},
{
"category": "external",
"summary": "SUSE Bug 960563 for CVE-2015-8709",
"url": "https://bugzilla.suse.com/960563"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_51-60_20-default-4-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_51-60_20-xen-4-2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_51-60_20-default-4-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_51-60_20-xen-4-2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-04-14T11:42:53Z",
"details": "moderate"
}
],
"title": "CVE-2015-8709"
},
{
"cve": "CVE-2015-8812",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-8812"
}
],
"notes": [
{
"category": "general",
"text": "drivers/infiniband/hw/cxgb3/iwch_cm.c in the Linux kernel before 4.5 does not properly identify error conditions, which allows remote attackers to execute arbitrary code or cause a denial of service (use-after-free) via crafted packets.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_51-60_20-default-4-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_51-60_20-xen-4-2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-8812",
"url": "https://www.suse.com/security/cve/CVE-2015-8812"
},
{
"category": "external",
"summary": "SUSE Bug 1020452 for CVE-2015-8812",
"url": "https://bugzilla.suse.com/1020452"
},
{
"category": "external",
"summary": "SUSE Bug 1115893 for CVE-2015-8812",
"url": "https://bugzilla.suse.com/1115893"
},
{
"category": "external",
"summary": "SUSE Bug 966437 for CVE-2015-8812",
"url": "https://bugzilla.suse.com/966437"
},
{
"category": "external",
"summary": "SUSE Bug 966683 for CVE-2015-8812",
"url": "https://bugzilla.suse.com/966683"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_51-60_20-default-4-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_51-60_20-xen-4-2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_51-60_20-default-4-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_51-60_20-xen-4-2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-04-14T11:42:53Z",
"details": "moderate"
}
],
"title": "CVE-2015-8812"
},
{
"cve": "CVE-2016-0774",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-0774"
}
],
"notes": [
{
"category": "general",
"text": "The (1) pipe_read and (2) pipe_write implementations in fs/pipe.c in a certain Linux kernel backport in the linux package before 3.2.73-2+deb7u3 on Debian wheezy and the kernel package before 3.10.0-229.26.2 on Red Hat Enterprise Linux (RHEL) 7.1 do not properly consider the side effects of failed __copy_to_user_inatomic and __copy_from_user_inatomic calls, which allows local users to cause a denial of service (system crash) or possibly gain privileges via a crafted application, aka an \"I/O vector array overrun.\" NOTE: this vulnerability exists because of an incorrect fix for CVE-2015-1805.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_51-60_20-default-4-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_51-60_20-xen-4-2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-0774",
"url": "https://www.suse.com/security/cve/CVE-2016-0774"
},
{
"category": "external",
"summary": "SUSE Bug 917839 for CVE-2016-0774",
"url": "https://bugzilla.suse.com/917839"
},
{
"category": "external",
"summary": "SUSE Bug 964730 for CVE-2016-0774",
"url": "https://bugzilla.suse.com/964730"
},
{
"category": "external",
"summary": "SUSE Bug 964732 for CVE-2016-0774",
"url": "https://bugzilla.suse.com/964732"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_51-60_20-default-4-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_51-60_20-xen-4-2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_51-60_20-default-4-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_51-60_20-xen-4-2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-04-14T11:42:53Z",
"details": "moderate"
}
],
"title": "CVE-2016-0774"
},
{
"cve": "CVE-2016-2384",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-2384"
}
],
"notes": [
{
"category": "general",
"text": "Double free vulnerability in the snd_usbmidi_create function in sound/usb/midi.c in the Linux kernel before 4.5 allows physically proximate attackers to cause a denial of service (panic) or possibly have unspecified other impact via vectors involving an invalid USB descriptor.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_51-60_20-default-4-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_51-60_20-xen-4-2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-2384",
"url": "https://www.suse.com/security/cve/CVE-2016-2384"
},
{
"category": "external",
"summary": "SUSE Bug 1020452 for CVE-2016-2384",
"url": "https://bugzilla.suse.com/1020452"
},
{
"category": "external",
"summary": "SUSE Bug 966693 for CVE-2016-2384",
"url": "https://bugzilla.suse.com/966693"
},
{
"category": "external",
"summary": "SUSE Bug 967773 for CVE-2016-2384",
"url": "https://bugzilla.suse.com/967773"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_51-60_20-default-4-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_51-60_20-xen-4-2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_51-60_20-default-4-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_51-60_20-xen-4-2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-04-14T11:42:53Z",
"details": "low"
}
],
"title": "CVE-2016-2384"
}
]
}
suse-su-2016:1038-1
Vulnerability from csaf_suse
Published
2016-04-14 14:30
Modified
2016-04-14 14:30
Summary
Security update for Linux Kernel Live Patch 6
Notes
Title of the patch
Security update for Linux Kernel Live Patch 6
Description of the patch
This update for the Linux Kernel 3.12.44-52.10.1 fixes the following issues:
- CVE-2016-2384: A malicious USB device could cause a kernel crash in
the alsa usb-audio driver. (bsc#967773)
- CVE-2015-8812: A flaw was found in the CXGB3 kernel driver when
the network was considered congested. The kernel would incorrectly
misinterpret the congestion as an error condition and incorrectly
free/clean up the skb. When the device would then send the skb's queued,
these structures would be referenced and may panic the system or allow
an attacker to escalate privileges in a use-after-free scenario. (bsc#966683)
- CVE-2016-0774: A pipe buffer state corruption after unsuccessful atomic
read from pipe was fixed (bsc#964732).
- CVE-2015-8709: kernel/ptrace.c in the Linux kernel mishandled uid and
gid mappings, which allowed local users to gain privileges by establishing
a user namespace, waiting for a root process to enter that namespace
with an unsafe uid or gid, and then using the ptrace system call. NOTE:
the vendor states 'there is no kernel bug here.' (bsc#960563)
Patchnames
SUSE-SLE-Live-Patching-12-2016-616
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for Linux Kernel Live Patch 6",
"title": "Title of the patch"
},
{
"category": "description",
"text": "\nThis update for the Linux Kernel 3.12.44-52.10.1 fixes the following issues:\n\n- CVE-2016-2384: A malicious USB device could cause a kernel crash in\n the alsa usb-audio driver. (bsc#967773)\n\n- CVE-2015-8812: A flaw was found in the CXGB3 kernel driver when\n the network was considered congested. The kernel would incorrectly\n misinterpret the congestion as an error condition and incorrectly\n free/clean up the skb. When the device would then send the skb\u0027s queued,\n these structures would be referenced and may panic the system or allow\n an attacker to escalate privileges in a use-after-free scenario. (bsc#966683)\n\n- CVE-2016-0774: A pipe buffer state corruption after unsuccessful atomic\n read from pipe was fixed (bsc#964732).\n\n- CVE-2015-8709: kernel/ptrace.c in the Linux kernel mishandled uid and\n gid mappings, which allowed local users to gain privileges by establishing\n a user namespace, waiting for a root process to enter that namespace\n with an unsafe uid or gid, and then using the ptrace system call. NOTE:\n the vendor states \u0027there is no kernel bug here.\u0027 (bsc#960563)\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-SLE-Live-Patching-12-2016-616",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2016_1038-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2016:1038-1",
"url": "https://www.suse.com/support/update/announcement/2016/suse-su-20161038-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2016:1038-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2016-April/002008.html"
},
{
"category": "self",
"summary": "SUSE Bug 960563",
"url": "https://bugzilla.suse.com/960563"
},
{
"category": "self",
"summary": "SUSE Bug 964732",
"url": "https://bugzilla.suse.com/964732"
},
{
"category": "self",
"summary": "SUSE Bug 966683",
"url": "https://bugzilla.suse.com/966683"
},
{
"category": "self",
"summary": "SUSE Bug 967773",
"url": "https://bugzilla.suse.com/967773"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-8709 page",
"url": "https://www.suse.com/security/cve/CVE-2015-8709/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-8812 page",
"url": "https://www.suse.com/security/cve/CVE-2015-8812/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-0774 page",
"url": "https://www.suse.com/security/cve/CVE-2016-0774/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-2384 page",
"url": "https://www.suse.com/security/cve/CVE-2016-2384/"
}
],
"title": "Security update for Linux Kernel Live Patch 6",
"tracking": {
"current_release_date": "2016-04-14T14:30:47Z",
"generator": {
"date": "2016-04-14T14:30:47Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2016:1038-1",
"initial_release_date": "2016-04-14T14:30:47Z",
"revision_history": [
{
"date": "2016-04-14T14:30:47Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "kgraft-patch-3_12_44-52_10-default-5-2.1.x86_64",
"product": {
"name": "kgraft-patch-3_12_44-52_10-default-5-2.1.x86_64",
"product_id": "kgraft-patch-3_12_44-52_10-default-5-2.1.x86_64"
}
},
{
"category": "product_version",
"name": "kgraft-patch-3_12_44-52_10-xen-5-2.1.x86_64",
"product": {
"name": "kgraft-patch-3_12_44-52_10-xen-5-2.1.x86_64",
"product_id": "kgraft-patch-3_12_44-52_10-xen-5-2.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Live Patching 12",
"product": {
"name": "SUSE Linux Enterprise Live Patching 12",
"product_id": "SUSE Linux Enterprise Live Patching 12",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-live-patching:12"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-3_12_44-52_10-default-5-2.1.x86_64 as component of SUSE Linux Enterprise Live Patching 12",
"product_id": "SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_44-52_10-default-5-2.1.x86_64"
},
"product_reference": "kgraft-patch-3_12_44-52_10-default-5-2.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-3_12_44-52_10-xen-5-2.1.x86_64 as component of SUSE Linux Enterprise Live Patching 12",
"product_id": "SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_44-52_10-xen-5-2.1.x86_64"
},
"product_reference": "kgraft-patch-3_12_44-52_10-xen-5-2.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 12"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2015-8709",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-8709"
}
],
"notes": [
{
"category": "general",
"text": "kernel/ptrace.c in the Linux kernel through 4.4.1 mishandles uid and gid mappings, which allows local users to gain privileges by establishing a user namespace, waiting for a root process to enter that namespace with an unsafe uid or gid, and then using the ptrace system call. NOTE: the vendor states \"there is no kernel bug here.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_44-52_10-default-5-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_44-52_10-xen-5-2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-8709",
"url": "https://www.suse.com/security/cve/CVE-2015-8709"
},
{
"category": "external",
"summary": "SUSE Bug 1010933 for CVE-2015-8709",
"url": "https://bugzilla.suse.com/1010933"
},
{
"category": "external",
"summary": "SUSE Bug 959709 for CVE-2015-8709",
"url": "https://bugzilla.suse.com/959709"
},
{
"category": "external",
"summary": "SUSE Bug 960561 for CVE-2015-8709",
"url": "https://bugzilla.suse.com/960561"
},
{
"category": "external",
"summary": "SUSE Bug 960563 for CVE-2015-8709",
"url": "https://bugzilla.suse.com/960563"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_44-52_10-default-5-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_44-52_10-xen-5-2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_44-52_10-default-5-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_44-52_10-xen-5-2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-04-14T14:30:47Z",
"details": "moderate"
}
],
"title": "CVE-2015-8709"
},
{
"cve": "CVE-2015-8812",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-8812"
}
],
"notes": [
{
"category": "general",
"text": "drivers/infiniband/hw/cxgb3/iwch_cm.c in the Linux kernel before 4.5 does not properly identify error conditions, which allows remote attackers to execute arbitrary code or cause a denial of service (use-after-free) via crafted packets.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_44-52_10-default-5-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_44-52_10-xen-5-2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-8812",
"url": "https://www.suse.com/security/cve/CVE-2015-8812"
},
{
"category": "external",
"summary": "SUSE Bug 1020452 for CVE-2015-8812",
"url": "https://bugzilla.suse.com/1020452"
},
{
"category": "external",
"summary": "SUSE Bug 1115893 for CVE-2015-8812",
"url": "https://bugzilla.suse.com/1115893"
},
{
"category": "external",
"summary": "SUSE Bug 966437 for CVE-2015-8812",
"url": "https://bugzilla.suse.com/966437"
},
{
"category": "external",
"summary": "SUSE Bug 966683 for CVE-2015-8812",
"url": "https://bugzilla.suse.com/966683"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_44-52_10-default-5-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_44-52_10-xen-5-2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_44-52_10-default-5-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_44-52_10-xen-5-2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-04-14T14:30:47Z",
"details": "moderate"
}
],
"title": "CVE-2015-8812"
},
{
"cve": "CVE-2016-0774",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-0774"
}
],
"notes": [
{
"category": "general",
"text": "The (1) pipe_read and (2) pipe_write implementations in fs/pipe.c in a certain Linux kernel backport in the linux package before 3.2.73-2+deb7u3 on Debian wheezy and the kernel package before 3.10.0-229.26.2 on Red Hat Enterprise Linux (RHEL) 7.1 do not properly consider the side effects of failed __copy_to_user_inatomic and __copy_from_user_inatomic calls, which allows local users to cause a denial of service (system crash) or possibly gain privileges via a crafted application, aka an \"I/O vector array overrun.\" NOTE: this vulnerability exists because of an incorrect fix for CVE-2015-1805.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_44-52_10-default-5-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_44-52_10-xen-5-2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-0774",
"url": "https://www.suse.com/security/cve/CVE-2016-0774"
},
{
"category": "external",
"summary": "SUSE Bug 917839 for CVE-2016-0774",
"url": "https://bugzilla.suse.com/917839"
},
{
"category": "external",
"summary": "SUSE Bug 964730 for CVE-2016-0774",
"url": "https://bugzilla.suse.com/964730"
},
{
"category": "external",
"summary": "SUSE Bug 964732 for CVE-2016-0774",
"url": "https://bugzilla.suse.com/964732"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_44-52_10-default-5-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_44-52_10-xen-5-2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_44-52_10-default-5-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_44-52_10-xen-5-2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-04-14T14:30:47Z",
"details": "moderate"
}
],
"title": "CVE-2016-0774"
},
{
"cve": "CVE-2016-2384",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-2384"
}
],
"notes": [
{
"category": "general",
"text": "Double free vulnerability in the snd_usbmidi_create function in sound/usb/midi.c in the Linux kernel before 4.5 allows physically proximate attackers to cause a denial of service (panic) or possibly have unspecified other impact via vectors involving an invalid USB descriptor.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_44-52_10-default-5-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_44-52_10-xen-5-2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-2384",
"url": "https://www.suse.com/security/cve/CVE-2016-2384"
},
{
"category": "external",
"summary": "SUSE Bug 1020452 for CVE-2016-2384",
"url": "https://bugzilla.suse.com/1020452"
},
{
"category": "external",
"summary": "SUSE Bug 966693 for CVE-2016-2384",
"url": "https://bugzilla.suse.com/966693"
},
{
"category": "external",
"summary": "SUSE Bug 967773 for CVE-2016-2384",
"url": "https://bugzilla.suse.com/967773"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_44-52_10-default-5-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_44-52_10-xen-5-2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_44-52_10-default-5-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_44-52_10-xen-5-2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-04-14T14:30:47Z",
"details": "low"
}
],
"title": "CVE-2016-2384"
}
]
}
suse-su-2016:1037-1
Vulnerability from csaf_suse
Published
2016-04-14 14:31
Modified
2016-04-14 14:31
Summary
Security update for Linux Kernel Live Patch 7
Notes
Title of the patch
Security update for Linux Kernel Live Patch 7
Description of the patch
This update for the Linux Kernel 3.12.44-52.18.1 fixes the following issues:
- CVE-2016-2384: A malicious USB device could cause a kernel crash in
the alsa usb-audio driver. (bsc#967773)
- CVE-2015-8812: A flaw was found in the CXGB3 kernel driver when
the network was considered congested. The kernel would incorrectly
misinterpret the congestion as an error condition and incorrectly
free/clean up the skb. When the device would then send the skb's queued,
these structures would be referenced and may panic the system or allow
an attacker to escalate privileges in a use-after-free scenario. (bsc#966683)
- CVE-2016-0774: A pipe buffer state corruption after unsuccessful atomic
read from pipe was fixed (bsc#964732).
- CVE-2015-8709: kernel/ptrace.c in the Linux kernel mishandled uid and
gid mappings, which allowed local users to gain privileges by establishing
a user namespace, waiting for a root process to enter that namespace
with an unsafe uid or gid, and then using the ptrace system call. NOTE:
the vendor states 'there is no kernel bug here.' (bsc#960563)
Patchnames
SUSE-SLE-Live-Patching-12-2016-617
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for Linux Kernel Live Patch 7",
"title": "Title of the patch"
},
{
"category": "description",
"text": "\nThis update for the Linux Kernel 3.12.44-52.18.1 fixes the following issues:\n\n- CVE-2016-2384: A malicious USB device could cause a kernel crash in\n the alsa usb-audio driver. (bsc#967773)\n\n- CVE-2015-8812: A flaw was found in the CXGB3 kernel driver when\n the network was considered congested. The kernel would incorrectly\n misinterpret the congestion as an error condition and incorrectly\n free/clean up the skb. When the device would then send the skb\u0027s queued,\n these structures would be referenced and may panic the system or allow\n an attacker to escalate privileges in a use-after-free scenario. (bsc#966683)\n\n- CVE-2016-0774: A pipe buffer state corruption after unsuccessful atomic\n read from pipe was fixed (bsc#964732).\n\n- CVE-2015-8709: kernel/ptrace.c in the Linux kernel mishandled uid and\n gid mappings, which allowed local users to gain privileges by establishing\n a user namespace, waiting for a root process to enter that namespace\n with an unsafe uid or gid, and then using the ptrace system call. NOTE:\n the vendor states \u0027there is no kernel bug here.\u0027 (bsc#960563)\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-SLE-Live-Patching-12-2016-617",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2016_1037-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2016:1037-1",
"url": "https://www.suse.com/support/update/announcement/2016/suse-su-20161037-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2016:1037-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2016-April/002007.html"
},
{
"category": "self",
"summary": "SUSE Bug 960563",
"url": "https://bugzilla.suse.com/960563"
},
{
"category": "self",
"summary": "SUSE Bug 964732",
"url": "https://bugzilla.suse.com/964732"
},
{
"category": "self",
"summary": "SUSE Bug 966683",
"url": "https://bugzilla.suse.com/966683"
},
{
"category": "self",
"summary": "SUSE Bug 967773",
"url": "https://bugzilla.suse.com/967773"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-8709 page",
"url": "https://www.suse.com/security/cve/CVE-2015-8709/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-8812 page",
"url": "https://www.suse.com/security/cve/CVE-2015-8812/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-0774 page",
"url": "https://www.suse.com/security/cve/CVE-2016-0774/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-2384 page",
"url": "https://www.suse.com/security/cve/CVE-2016-2384/"
}
],
"title": "Security update for Linux Kernel Live Patch 7",
"tracking": {
"current_release_date": "2016-04-14T14:31:00Z",
"generator": {
"date": "2016-04-14T14:31:00Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2016:1037-1",
"initial_release_date": "2016-04-14T14:31:00Z",
"revision_history": [
{
"date": "2016-04-14T14:31:00Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "kgraft-patch-3_12_44-52_18-default-5-2.1.x86_64",
"product": {
"name": "kgraft-patch-3_12_44-52_18-default-5-2.1.x86_64",
"product_id": "kgraft-patch-3_12_44-52_18-default-5-2.1.x86_64"
}
},
{
"category": "product_version",
"name": "kgraft-patch-3_12_44-52_18-xen-5-2.1.x86_64",
"product": {
"name": "kgraft-patch-3_12_44-52_18-xen-5-2.1.x86_64",
"product_id": "kgraft-patch-3_12_44-52_18-xen-5-2.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Live Patching 12",
"product": {
"name": "SUSE Linux Enterprise Live Patching 12",
"product_id": "SUSE Linux Enterprise Live Patching 12",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-live-patching:12"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-3_12_44-52_18-default-5-2.1.x86_64 as component of SUSE Linux Enterprise Live Patching 12",
"product_id": "SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_44-52_18-default-5-2.1.x86_64"
},
"product_reference": "kgraft-patch-3_12_44-52_18-default-5-2.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-3_12_44-52_18-xen-5-2.1.x86_64 as component of SUSE Linux Enterprise Live Patching 12",
"product_id": "SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_44-52_18-xen-5-2.1.x86_64"
},
"product_reference": "kgraft-patch-3_12_44-52_18-xen-5-2.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 12"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2015-8709",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-8709"
}
],
"notes": [
{
"category": "general",
"text": "kernel/ptrace.c in the Linux kernel through 4.4.1 mishandles uid and gid mappings, which allows local users to gain privileges by establishing a user namespace, waiting for a root process to enter that namespace with an unsafe uid or gid, and then using the ptrace system call. NOTE: the vendor states \"there is no kernel bug here.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_44-52_18-default-5-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_44-52_18-xen-5-2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-8709",
"url": "https://www.suse.com/security/cve/CVE-2015-8709"
},
{
"category": "external",
"summary": "SUSE Bug 1010933 for CVE-2015-8709",
"url": "https://bugzilla.suse.com/1010933"
},
{
"category": "external",
"summary": "SUSE Bug 959709 for CVE-2015-8709",
"url": "https://bugzilla.suse.com/959709"
},
{
"category": "external",
"summary": "SUSE Bug 960561 for CVE-2015-8709",
"url": "https://bugzilla.suse.com/960561"
},
{
"category": "external",
"summary": "SUSE Bug 960563 for CVE-2015-8709",
"url": "https://bugzilla.suse.com/960563"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_44-52_18-default-5-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_44-52_18-xen-5-2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_44-52_18-default-5-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_44-52_18-xen-5-2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-04-14T14:31:00Z",
"details": "moderate"
}
],
"title": "CVE-2015-8709"
},
{
"cve": "CVE-2015-8812",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-8812"
}
],
"notes": [
{
"category": "general",
"text": "drivers/infiniband/hw/cxgb3/iwch_cm.c in the Linux kernel before 4.5 does not properly identify error conditions, which allows remote attackers to execute arbitrary code or cause a denial of service (use-after-free) via crafted packets.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_44-52_18-default-5-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_44-52_18-xen-5-2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-8812",
"url": "https://www.suse.com/security/cve/CVE-2015-8812"
},
{
"category": "external",
"summary": "SUSE Bug 1020452 for CVE-2015-8812",
"url": "https://bugzilla.suse.com/1020452"
},
{
"category": "external",
"summary": "SUSE Bug 1115893 for CVE-2015-8812",
"url": "https://bugzilla.suse.com/1115893"
},
{
"category": "external",
"summary": "SUSE Bug 966437 for CVE-2015-8812",
"url": "https://bugzilla.suse.com/966437"
},
{
"category": "external",
"summary": "SUSE Bug 966683 for CVE-2015-8812",
"url": "https://bugzilla.suse.com/966683"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_44-52_18-default-5-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_44-52_18-xen-5-2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_44-52_18-default-5-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_44-52_18-xen-5-2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-04-14T14:31:00Z",
"details": "moderate"
}
],
"title": "CVE-2015-8812"
},
{
"cve": "CVE-2016-0774",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-0774"
}
],
"notes": [
{
"category": "general",
"text": "The (1) pipe_read and (2) pipe_write implementations in fs/pipe.c in a certain Linux kernel backport in the linux package before 3.2.73-2+deb7u3 on Debian wheezy and the kernel package before 3.10.0-229.26.2 on Red Hat Enterprise Linux (RHEL) 7.1 do not properly consider the side effects of failed __copy_to_user_inatomic and __copy_from_user_inatomic calls, which allows local users to cause a denial of service (system crash) or possibly gain privileges via a crafted application, aka an \"I/O vector array overrun.\" NOTE: this vulnerability exists because of an incorrect fix for CVE-2015-1805.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_44-52_18-default-5-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_44-52_18-xen-5-2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-0774",
"url": "https://www.suse.com/security/cve/CVE-2016-0774"
},
{
"category": "external",
"summary": "SUSE Bug 917839 for CVE-2016-0774",
"url": "https://bugzilla.suse.com/917839"
},
{
"category": "external",
"summary": "SUSE Bug 964730 for CVE-2016-0774",
"url": "https://bugzilla.suse.com/964730"
},
{
"category": "external",
"summary": "SUSE Bug 964732 for CVE-2016-0774",
"url": "https://bugzilla.suse.com/964732"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_44-52_18-default-5-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_44-52_18-xen-5-2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_44-52_18-default-5-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_44-52_18-xen-5-2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-04-14T14:31:00Z",
"details": "moderate"
}
],
"title": "CVE-2016-0774"
},
{
"cve": "CVE-2016-2384",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-2384"
}
],
"notes": [
{
"category": "general",
"text": "Double free vulnerability in the snd_usbmidi_create function in sound/usb/midi.c in the Linux kernel before 4.5 allows physically proximate attackers to cause a denial of service (panic) or possibly have unspecified other impact via vectors involving an invalid USB descriptor.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_44-52_18-default-5-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_44-52_18-xen-5-2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-2384",
"url": "https://www.suse.com/security/cve/CVE-2016-2384"
},
{
"category": "external",
"summary": "SUSE Bug 1020452 for CVE-2016-2384",
"url": "https://bugzilla.suse.com/1020452"
},
{
"category": "external",
"summary": "SUSE Bug 966693 for CVE-2016-2384",
"url": "https://bugzilla.suse.com/966693"
},
{
"category": "external",
"summary": "SUSE Bug 967773 for CVE-2016-2384",
"url": "https://bugzilla.suse.com/967773"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_44-52_18-default-5-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_44-52_18-xen-5-2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_44-52_18-default-5-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_44-52_18-xen-5-2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-04-14T14:31:00Z",
"details": "low"
}
],
"title": "CVE-2016-2384"
}
]
}
suse-su-2016:1046-1
Vulnerability from csaf_suse
Published
2016-04-15 09:24
Modified
2016-04-15 09:24
Summary
Security update for Linux Kernel Live Patch 5
Notes
Title of the patch
Security update for Linux Kernel Live Patch 5
Description of the patch
This update for the Linux Kernel 3.12.43-52.6.1 fixes the following issues:
- CVE-2016-2384: A malicious USB device could cause a kernel crash in
the alsa usb-audio driver. (bsc#967773)
- CVE-2015-8812: A flaw was found in the CXGB3 kernel driver when
the network was considered congested. The kernel would incorrectly
misinterpret the congestion as an error condition and incorrectly
free/clean up the skb. When the device would then send the skb's queued,
these structures would be referenced and may panic the system or allow
an attacker to escalate privileges in a use-after-free scenario. (bsc#966683)
- CVE-2016-0774: A pipe buffer state corruption after unsuccessful atomic
read from pipe was fixed (bsc#964732).
- CVE-2015-8709: kernel/ptrace.c in the Linux kernel mishandled uid and
gid mappings, which allowed local users to gain privileges by establishing
a user namespace, waiting for a root process to enter that namespace
with an unsafe uid or gid, and then using the ptrace system call. NOTE:
the vendor states 'there is no kernel bug here.' (bsc#960563)
Patchnames
SUSE-SLE-Live-Patching-12-2016-623
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for Linux Kernel Live Patch 5",
"title": "Title of the patch"
},
{
"category": "description",
"text": "\nThis update for the Linux Kernel 3.12.43-52.6.1 fixes the following issues:\n\n- CVE-2016-2384: A malicious USB device could cause a kernel crash in\n the alsa usb-audio driver. (bsc#967773)\n\n- CVE-2015-8812: A flaw was found in the CXGB3 kernel driver when\n the network was considered congested. The kernel would incorrectly\n misinterpret the congestion as an error condition and incorrectly\n free/clean up the skb. When the device would then send the skb\u0027s queued,\n these structures would be referenced and may panic the system or allow\n an attacker to escalate privileges in a use-after-free scenario. (bsc#966683)\n\n- CVE-2016-0774: A pipe buffer state corruption after unsuccessful atomic\n read from pipe was fixed (bsc#964732).\n\n- CVE-2015-8709: kernel/ptrace.c in the Linux kernel mishandled uid and\n gid mappings, which allowed local users to gain privileges by establishing\n a user namespace, waiting for a root process to enter that namespace\n with an unsafe uid or gid, and then using the ptrace system call. NOTE:\n the vendor states \u0027there is no kernel bug here.\u0027 (bsc#960563)\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-SLE-Live-Patching-12-2016-623",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2016_1046-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2016:1046-1",
"url": "https://www.suse.com/support/update/announcement/2016/suse-su-20161046-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2016:1046-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2016-April/002013.html"
},
{
"category": "self",
"summary": "SUSE Bug 960563",
"url": "https://bugzilla.suse.com/960563"
},
{
"category": "self",
"summary": "SUSE Bug 964732",
"url": "https://bugzilla.suse.com/964732"
},
{
"category": "self",
"summary": "SUSE Bug 966683",
"url": "https://bugzilla.suse.com/966683"
},
{
"category": "self",
"summary": "SUSE Bug 967773",
"url": "https://bugzilla.suse.com/967773"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-8709 page",
"url": "https://www.suse.com/security/cve/CVE-2015-8709/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-8812 page",
"url": "https://www.suse.com/security/cve/CVE-2015-8812/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-0774 page",
"url": "https://www.suse.com/security/cve/CVE-2016-0774/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-2384 page",
"url": "https://www.suse.com/security/cve/CVE-2016-2384/"
}
],
"title": "Security update for Linux Kernel Live Patch 5",
"tracking": {
"current_release_date": "2016-04-15T09:24:19Z",
"generator": {
"date": "2016-04-15T09:24:19Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2016:1046-1",
"initial_release_date": "2016-04-15T09:24:19Z",
"revision_history": [
{
"date": "2016-04-15T09:24:19Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "kgraft-patch-3_12_43-52_6-default-6-2.1.x86_64",
"product": {
"name": "kgraft-patch-3_12_43-52_6-default-6-2.1.x86_64",
"product_id": "kgraft-patch-3_12_43-52_6-default-6-2.1.x86_64"
}
},
{
"category": "product_version",
"name": "kgraft-patch-3_12_43-52_6-xen-6-2.1.x86_64",
"product": {
"name": "kgraft-patch-3_12_43-52_6-xen-6-2.1.x86_64",
"product_id": "kgraft-patch-3_12_43-52_6-xen-6-2.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Live Patching 12",
"product": {
"name": "SUSE Linux Enterprise Live Patching 12",
"product_id": "SUSE Linux Enterprise Live Patching 12",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-live-patching:12"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-3_12_43-52_6-default-6-2.1.x86_64 as component of SUSE Linux Enterprise Live Patching 12",
"product_id": "SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_43-52_6-default-6-2.1.x86_64"
},
"product_reference": "kgraft-patch-3_12_43-52_6-default-6-2.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-3_12_43-52_6-xen-6-2.1.x86_64 as component of SUSE Linux Enterprise Live Patching 12",
"product_id": "SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_43-52_6-xen-6-2.1.x86_64"
},
"product_reference": "kgraft-patch-3_12_43-52_6-xen-6-2.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 12"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2015-8709",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-8709"
}
],
"notes": [
{
"category": "general",
"text": "kernel/ptrace.c in the Linux kernel through 4.4.1 mishandles uid and gid mappings, which allows local users to gain privileges by establishing a user namespace, waiting for a root process to enter that namespace with an unsafe uid or gid, and then using the ptrace system call. NOTE: the vendor states \"there is no kernel bug here.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_43-52_6-default-6-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_43-52_6-xen-6-2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-8709",
"url": "https://www.suse.com/security/cve/CVE-2015-8709"
},
{
"category": "external",
"summary": "SUSE Bug 1010933 for CVE-2015-8709",
"url": "https://bugzilla.suse.com/1010933"
},
{
"category": "external",
"summary": "SUSE Bug 959709 for CVE-2015-8709",
"url": "https://bugzilla.suse.com/959709"
},
{
"category": "external",
"summary": "SUSE Bug 960561 for CVE-2015-8709",
"url": "https://bugzilla.suse.com/960561"
},
{
"category": "external",
"summary": "SUSE Bug 960563 for CVE-2015-8709",
"url": "https://bugzilla.suse.com/960563"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_43-52_6-default-6-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_43-52_6-xen-6-2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_43-52_6-default-6-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_43-52_6-xen-6-2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-04-15T09:24:19Z",
"details": "moderate"
}
],
"title": "CVE-2015-8709"
},
{
"cve": "CVE-2015-8812",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-8812"
}
],
"notes": [
{
"category": "general",
"text": "drivers/infiniband/hw/cxgb3/iwch_cm.c in the Linux kernel before 4.5 does not properly identify error conditions, which allows remote attackers to execute arbitrary code or cause a denial of service (use-after-free) via crafted packets.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_43-52_6-default-6-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_43-52_6-xen-6-2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-8812",
"url": "https://www.suse.com/security/cve/CVE-2015-8812"
},
{
"category": "external",
"summary": "SUSE Bug 1020452 for CVE-2015-8812",
"url": "https://bugzilla.suse.com/1020452"
},
{
"category": "external",
"summary": "SUSE Bug 1115893 for CVE-2015-8812",
"url": "https://bugzilla.suse.com/1115893"
},
{
"category": "external",
"summary": "SUSE Bug 966437 for CVE-2015-8812",
"url": "https://bugzilla.suse.com/966437"
},
{
"category": "external",
"summary": "SUSE Bug 966683 for CVE-2015-8812",
"url": "https://bugzilla.suse.com/966683"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_43-52_6-default-6-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_43-52_6-xen-6-2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_43-52_6-default-6-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_43-52_6-xen-6-2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-04-15T09:24:19Z",
"details": "moderate"
}
],
"title": "CVE-2015-8812"
},
{
"cve": "CVE-2016-0774",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-0774"
}
],
"notes": [
{
"category": "general",
"text": "The (1) pipe_read and (2) pipe_write implementations in fs/pipe.c in a certain Linux kernel backport in the linux package before 3.2.73-2+deb7u3 on Debian wheezy and the kernel package before 3.10.0-229.26.2 on Red Hat Enterprise Linux (RHEL) 7.1 do not properly consider the side effects of failed __copy_to_user_inatomic and __copy_from_user_inatomic calls, which allows local users to cause a denial of service (system crash) or possibly gain privileges via a crafted application, aka an \"I/O vector array overrun.\" NOTE: this vulnerability exists because of an incorrect fix for CVE-2015-1805.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_43-52_6-default-6-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_43-52_6-xen-6-2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-0774",
"url": "https://www.suse.com/security/cve/CVE-2016-0774"
},
{
"category": "external",
"summary": "SUSE Bug 917839 for CVE-2016-0774",
"url": "https://bugzilla.suse.com/917839"
},
{
"category": "external",
"summary": "SUSE Bug 964730 for CVE-2016-0774",
"url": "https://bugzilla.suse.com/964730"
},
{
"category": "external",
"summary": "SUSE Bug 964732 for CVE-2016-0774",
"url": "https://bugzilla.suse.com/964732"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_43-52_6-default-6-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_43-52_6-xen-6-2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_43-52_6-default-6-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_43-52_6-xen-6-2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-04-15T09:24:19Z",
"details": "moderate"
}
],
"title": "CVE-2016-0774"
},
{
"cve": "CVE-2016-2384",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-2384"
}
],
"notes": [
{
"category": "general",
"text": "Double free vulnerability in the snd_usbmidi_create function in sound/usb/midi.c in the Linux kernel before 4.5 allows physically proximate attackers to cause a denial of service (panic) or possibly have unspecified other impact via vectors involving an invalid USB descriptor.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_43-52_6-default-6-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_43-52_6-xen-6-2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-2384",
"url": "https://www.suse.com/security/cve/CVE-2016-2384"
},
{
"category": "external",
"summary": "SUSE Bug 1020452 for CVE-2016-2384",
"url": "https://bugzilla.suse.com/1020452"
},
{
"category": "external",
"summary": "SUSE Bug 966693 for CVE-2016-2384",
"url": "https://bugzilla.suse.com/966693"
},
{
"category": "external",
"summary": "SUSE Bug 967773 for CVE-2016-2384",
"url": "https://bugzilla.suse.com/967773"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_43-52_6-default-6-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_43-52_6-xen-6-2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_43-52_6-default-6-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_43-52_6-xen-6-2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-04-15T09:24:19Z",
"details": "low"
}
],
"title": "CVE-2016-2384"
}
]
}
suse-su-2016:1031-1
Vulnerability from csaf_suse
Published
2016-04-14 11:41
Modified
2016-04-14 11:41
Summary
Security update for Linux Kernel Live Patch 0 for SP 1
Notes
Title of the patch
Security update for Linux Kernel Live Patch 0 for SP 1
Description of the patch
This update for the Linux Kernel 3.12.49-11.1 fixes the following issues:
- CVE-2016-2384: A malicious USB device could cause a kernel crash in
the alsa usb-audio driver. (bsc#967773)
- CVE-2015-8812: A flaw was found in the CXGB3 kernel driver when
the network was considered congested. The kernel would incorrectly
misinterpret the congestion as an error condition and incorrectly
free/clean up the skb. When the device would then send the skb's queued,
these structures would be referenced and may panic the system or allow
an attacker to escalate privileges in a use-after-free scenario. (bsc#966683)
- CVE-2016-0774: A pipe buffer state corruption after unsuccessful atomic
read from pipe was fixed (bsc#964732).
- CVE-2015-8709: kernel/ptrace.c in the Linux kernel mishandled uid and
gid mappings, which allowed local users to gain privileges by establishing
a user namespace, waiting for a root process to enter that namespace
with an unsafe uid or gid, and then using the ptrace system call. NOTE:
the vendor states 'there is no kernel bug here.' (bsc#960563)
Patchnames
SUSE-SLE-Live-Patching-12-2016-610
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for Linux Kernel Live Patch 0 for SP 1",
"title": "Title of the patch"
},
{
"category": "description",
"text": "\nThis update for the Linux Kernel 3.12.49-11.1 fixes the following issues:\n\n- CVE-2016-2384: A malicious USB device could cause a kernel crash in\n the alsa usb-audio driver. (bsc#967773)\n\n- CVE-2015-8812: A flaw was found in the CXGB3 kernel driver when\n the network was considered congested. The kernel would incorrectly\n misinterpret the congestion as an error condition and incorrectly\n free/clean up the skb. When the device would then send the skb\u0027s queued,\n these structures would be referenced and may panic the system or allow\n an attacker to escalate privileges in a use-after-free scenario. (bsc#966683)\n\n- CVE-2016-0774: A pipe buffer state corruption after unsuccessful atomic\n read from pipe was fixed (bsc#964732).\n\n- CVE-2015-8709: kernel/ptrace.c in the Linux kernel mishandled uid and\n gid mappings, which allowed local users to gain privileges by establishing\n a user namespace, waiting for a root process to enter that namespace\n with an unsafe uid or gid, and then using the ptrace system call. NOTE:\n the vendor states \u0027there is no kernel bug here.\u0027 (bsc#960563)\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-SLE-Live-Patching-12-2016-610",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2016_1031-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2016:1031-1",
"url": "https://www.suse.com/support/update/announcement/2016/suse-su-20161031-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2016:1031-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2016-April/002002.html"
},
{
"category": "self",
"summary": "SUSE Bug 960563",
"url": "https://bugzilla.suse.com/960563"
},
{
"category": "self",
"summary": "SUSE Bug 964732",
"url": "https://bugzilla.suse.com/964732"
},
{
"category": "self",
"summary": "SUSE Bug 966683",
"url": "https://bugzilla.suse.com/966683"
},
{
"category": "self",
"summary": "SUSE Bug 967773",
"url": "https://bugzilla.suse.com/967773"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-8709 page",
"url": "https://www.suse.com/security/cve/CVE-2015-8709/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-8812 page",
"url": "https://www.suse.com/security/cve/CVE-2015-8812/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-0774 page",
"url": "https://www.suse.com/security/cve/CVE-2016-0774/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-2384 page",
"url": "https://www.suse.com/security/cve/CVE-2016-2384/"
}
],
"title": "Security update for Linux Kernel Live Patch 0 for SP 1",
"tracking": {
"current_release_date": "2016-04-14T11:41:48Z",
"generator": {
"date": "2016-04-14T11:41:48Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2016:1031-1",
"initial_release_date": "2016-04-14T11:41:48Z",
"revision_history": [
{
"date": "2016-04-14T11:41:48Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "kgraft-patch-3_12_49-11-default-4-11.2.x86_64",
"product": {
"name": "kgraft-patch-3_12_49-11-default-4-11.2.x86_64",
"product_id": "kgraft-patch-3_12_49-11-default-4-11.2.x86_64"
}
},
{
"category": "product_version",
"name": "kgraft-patch-3_12_49-11-xen-4-11.2.x86_64",
"product": {
"name": "kgraft-patch-3_12_49-11-xen-4-11.2.x86_64",
"product_id": "kgraft-patch-3_12_49-11-xen-4-11.2.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Live Patching 12",
"product": {
"name": "SUSE Linux Enterprise Live Patching 12",
"product_id": "SUSE Linux Enterprise Live Patching 12",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-live-patching:12"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-3_12_49-11-default-4-11.2.x86_64 as component of SUSE Linux Enterprise Live Patching 12",
"product_id": "SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_49-11-default-4-11.2.x86_64"
},
"product_reference": "kgraft-patch-3_12_49-11-default-4-11.2.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-3_12_49-11-xen-4-11.2.x86_64 as component of SUSE Linux Enterprise Live Patching 12",
"product_id": "SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_49-11-xen-4-11.2.x86_64"
},
"product_reference": "kgraft-patch-3_12_49-11-xen-4-11.2.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 12"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2015-8709",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-8709"
}
],
"notes": [
{
"category": "general",
"text": "kernel/ptrace.c in the Linux kernel through 4.4.1 mishandles uid and gid mappings, which allows local users to gain privileges by establishing a user namespace, waiting for a root process to enter that namespace with an unsafe uid or gid, and then using the ptrace system call. NOTE: the vendor states \"there is no kernel bug here.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_49-11-default-4-11.2.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_49-11-xen-4-11.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-8709",
"url": "https://www.suse.com/security/cve/CVE-2015-8709"
},
{
"category": "external",
"summary": "SUSE Bug 1010933 for CVE-2015-8709",
"url": "https://bugzilla.suse.com/1010933"
},
{
"category": "external",
"summary": "SUSE Bug 959709 for CVE-2015-8709",
"url": "https://bugzilla.suse.com/959709"
},
{
"category": "external",
"summary": "SUSE Bug 960561 for CVE-2015-8709",
"url": "https://bugzilla.suse.com/960561"
},
{
"category": "external",
"summary": "SUSE Bug 960563 for CVE-2015-8709",
"url": "https://bugzilla.suse.com/960563"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_49-11-default-4-11.2.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_49-11-xen-4-11.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_49-11-default-4-11.2.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_49-11-xen-4-11.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-04-14T11:41:48Z",
"details": "moderate"
}
],
"title": "CVE-2015-8709"
},
{
"cve": "CVE-2015-8812",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-8812"
}
],
"notes": [
{
"category": "general",
"text": "drivers/infiniband/hw/cxgb3/iwch_cm.c in the Linux kernel before 4.5 does not properly identify error conditions, which allows remote attackers to execute arbitrary code or cause a denial of service (use-after-free) via crafted packets.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_49-11-default-4-11.2.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_49-11-xen-4-11.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-8812",
"url": "https://www.suse.com/security/cve/CVE-2015-8812"
},
{
"category": "external",
"summary": "SUSE Bug 1020452 for CVE-2015-8812",
"url": "https://bugzilla.suse.com/1020452"
},
{
"category": "external",
"summary": "SUSE Bug 1115893 for CVE-2015-8812",
"url": "https://bugzilla.suse.com/1115893"
},
{
"category": "external",
"summary": "SUSE Bug 966437 for CVE-2015-8812",
"url": "https://bugzilla.suse.com/966437"
},
{
"category": "external",
"summary": "SUSE Bug 966683 for CVE-2015-8812",
"url": "https://bugzilla.suse.com/966683"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_49-11-default-4-11.2.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_49-11-xen-4-11.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_49-11-default-4-11.2.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_49-11-xen-4-11.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-04-14T11:41:48Z",
"details": "moderate"
}
],
"title": "CVE-2015-8812"
},
{
"cve": "CVE-2016-0774",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-0774"
}
],
"notes": [
{
"category": "general",
"text": "The (1) pipe_read and (2) pipe_write implementations in fs/pipe.c in a certain Linux kernel backport in the linux package before 3.2.73-2+deb7u3 on Debian wheezy and the kernel package before 3.10.0-229.26.2 on Red Hat Enterprise Linux (RHEL) 7.1 do not properly consider the side effects of failed __copy_to_user_inatomic and __copy_from_user_inatomic calls, which allows local users to cause a denial of service (system crash) or possibly gain privileges via a crafted application, aka an \"I/O vector array overrun.\" NOTE: this vulnerability exists because of an incorrect fix for CVE-2015-1805.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_49-11-default-4-11.2.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_49-11-xen-4-11.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-0774",
"url": "https://www.suse.com/security/cve/CVE-2016-0774"
},
{
"category": "external",
"summary": "SUSE Bug 917839 for CVE-2016-0774",
"url": "https://bugzilla.suse.com/917839"
},
{
"category": "external",
"summary": "SUSE Bug 964730 for CVE-2016-0774",
"url": "https://bugzilla.suse.com/964730"
},
{
"category": "external",
"summary": "SUSE Bug 964732 for CVE-2016-0774",
"url": "https://bugzilla.suse.com/964732"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_49-11-default-4-11.2.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_49-11-xen-4-11.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_49-11-default-4-11.2.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_49-11-xen-4-11.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-04-14T11:41:48Z",
"details": "moderate"
}
],
"title": "CVE-2016-0774"
},
{
"cve": "CVE-2016-2384",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-2384"
}
],
"notes": [
{
"category": "general",
"text": "Double free vulnerability in the snd_usbmidi_create function in sound/usb/midi.c in the Linux kernel before 4.5 allows physically proximate attackers to cause a denial of service (panic) or possibly have unspecified other impact via vectors involving an invalid USB descriptor.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_49-11-default-4-11.2.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_49-11-xen-4-11.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-2384",
"url": "https://www.suse.com/security/cve/CVE-2016-2384"
},
{
"category": "external",
"summary": "SUSE Bug 1020452 for CVE-2016-2384",
"url": "https://bugzilla.suse.com/1020452"
},
{
"category": "external",
"summary": "SUSE Bug 966693 for CVE-2016-2384",
"url": "https://bugzilla.suse.com/966693"
},
{
"category": "external",
"summary": "SUSE Bug 967773 for CVE-2016-2384",
"url": "https://bugzilla.suse.com/967773"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_49-11-default-4-11.2.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_49-11-xen-4-11.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_49-11-default-4-11.2.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_49-11-xen-4-11.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-04-14T11:41:48Z",
"details": "low"
}
],
"title": "CVE-2016-2384"
}
]
}
suse-su-2016:0785-1
Vulnerability from csaf_suse
Published
2016-03-16 10:39
Modified
2016-03-16 10:39
Summary
Security update for the Linux Kernel
Notes
Title of the patch
Security update for the Linux Kernel
Description of the patch
The SUSE Linux Enterprise 12 kernel was updated to 3.12.55 to receive various security and bugfixes.
Features added:
- A improved XEN blkfront module was added, which allows more I/O bandwidth. (FATE#320625)
It is called xen-blkfront in PV, and xen-vbd-upstream in HVM mode.
The following security bugs were fixed:
- CVE-2013-7446: Use-after-free vulnerability in net/unix/af_unix.c in
the Linux kernel allowed local users to bypass intended AF_UNIX socket
permissions or cause a denial of service (panic) via crafted epoll_ctl
calls (bnc#955654).
- CVE-2015-5707: Integer overflow in the sg_start_req function in
drivers/scsi/sg.c in the Linux kernel allowed local users to cause a
denial of service or possibly have unspecified other impact via a large
iov_count value in a write request (bnc#940338).
- CVE-2015-8709: kernel/ptrace.c in the Linux kernel mishandled uid and
gid mappings, which allowed local users to gain privileges by establishing
a user namespace, waiting for a root process to enter that namespace
with an unsafe uid or gid, and then using the ptrace system call. NOTE:
the vendor states 'there is no kernel bug here' (bnc#959709 bnc#960561).
- CVE-2015-8767: net/sctp/sm_sideeffect.c in the Linux kernel did not
properly manage the relationship between a lock and a socket, which
allowed local users to cause a denial of service (deadlock) via a crafted
sctp_accept call (bnc#961509).
- CVE-2015-8785: The fuse_fill_write_pages function in fs/fuse/file.c
in the Linux kernel allowed local users to cause a denial of service
(infinite loop) via a writev system call that triggers a zero length
for the first segment of an iov (bnc#963765).
- CVE-2015-8812: A use-after-free flaw was found in the CXGB3 kernel
driver when the network was considered to be congested. This could be
used by local attackers to cause machine crashes or potentially code
executuon (bsc#966437).
- CVE-2016-0723: Race condition in the tty_ioctl function in
drivers/tty/tty_io.c in the Linux kernel allowed local users to obtain
sensitive information from kernel memory or cause a denial of service
(use-after-free and system crash) by making a TIOCGETD ioctl call during
processing of a TIOCSETD ioctl call (bnc#961500).
- CVE-2016-0774: A pipe buffer state corruption after unsuccessful atomic
read from pipe was fixed (bsc#964730).
- CVE-2016-2069: Race conditions in TLB syncing was fixed which could
leak to information leaks (bnc#963767).
- CVE-2016-2384: A double-free triggered by invalid USB descriptor in
ALSA usb-audio was fixed, which could be exploited by physical local
attackers to crash the kernel or gain code execution (bnc#966693).
The following non-security bugs were fixed:
- alsa: rawmidi: Make snd_rawmidi_transmit() race-free (bsc#968018).
- alsa: seq: Fix leak of pool buffer at concurrent writes (bsc#968018).
- be2net: fix some log messages (bnc#855062 FATE#315961, bnc#867583).
- block: xen-blkfront: Fix possible NULL ptr dereference (bsc#957986 fate#320625).
- btrfs: Add handler for invalidate page (bsc#963193).
- btrfs: check prepare_uptodate_page() error code earlier (bnc#966910).
- btrfs: delayed_ref: Add new function to record reserved space into delayed ref (bsc#963193).
- btrfs: delayed_ref: release and free qgroup reserved at proper timing (bsc#963193).
- btrfs: extent_io: Introduce needed structure for recoding set/clear bits (bsc#963193).
- btrfs: extent_io: Introduce new function clear_record_extent_bits() (bsc#963193).
- btrfs: extent_io: Introduce new function set_record_extent_bits (bsc#963193).
- btrfs: extent-tree: Add new version of btrfs_check_data_free_space and btrfs_free_reserved_data_space (bsc#963193).
- btrfs: extent-tree: Add new version of btrfs_delalloc_reserve/release_space (bsc#963193).
- btrfs: extent-tree: Switch to new check_data_free_space and free_reserved_data_space (bsc#963193).
- btrfs: extent-tree: Switch to new delalloc space reserve and release (bsc#963193).
- btrfs: fallocate: Add support to accurate qgroup reserve (bsc#963193).
- btrfs: fix deadlock between direct IO write and defrag/readpages (bnc#965344).
- btrfs: fix invalid page accesses in extent_same (dedup) ioctl (bnc#968230).
- btrfs: fix page reading in extent_same ioctl leading to csum errors (bnc#968230).
- btrfs: fix warning in backref walking (bnc#966278).
- btrfs: qgroup: Add handler for NOCOW and inline (bsc#963193).
- btrfs: qgroup: Add new trace point for qgroup data reserve (bsc#963193).
- btrfs: qgroup: Avoid calling btrfs_free_reserved_data_space in clear_bit_hook (bsc#963193).
- btrfs: qgroup: Check if qgroup reserved space leaked (bsc#963193).
- btrfs: qgroup: Cleanup old inaccurate facilities (bsc#963193).
- btrfs: qgroup: Fix a race in delayed_ref which leads to abort trans (bsc#963193).
- btrfs: qgroup: Fix a rebase bug which will cause qgroup double free (bsc#963193).
- btrfs: qgroup: Introduce btrfs_qgroup_reserve_data function (bsc#963193).
- btrfs: qgroup: Introduce functions to release/free qgroup reserve data space (bsc#963193).
- btrfs: qgroup: Introduce new functions to reserve/free metadata (bsc#963193).
- btrfs: qgroup: Use new metadata reservation (bsc#963193).
- btrfs: skip locking when searching commit root (bnc#963825).
- dcache: use IS_ROOT to decide where dentry is hashed (bsc#949752).
- documentation: Document kernel.panic_on_io_nmi sysctl (bsc#940946, bsc#937444).
- documentation: Fix build of PDF files in kernel-docs package Double the spaces for tex, and fix buildrequires for docbook.
- doc: Use fop for creating PDF files in kernel-docs package as some files still cannot be built with the default backend.
- driver core: Add BUS_NOTIFY_REMOVED_DEVICE event (bnc#962965).
- drivers: xen-blkfront: only talk_to_blkback() when in XenbusStateInitialising (bsc#957986 fate#320625).
- driver: xen-blkfront: move talk_to_blkback to a more suitable place (bsc#957986 fate#320625).
- ec2: updated kabi files and start tracking
- fs: Improve fairness when locking the per-superblock s_anon list (bsc#957525, bsc#941363).
- fs/proc_namespace.c: simplify testing nsp and nsp->mnt_ns (bug#963960).
- fuse: break infinite loop in fuse_fill_write_pages() (bsc#963765).
- futex: Drop refcount if requeue_pi() acquired the rtmutex (bug#960174).
- jbd2: Fix unreclaimed pages after truncate in data=journal mode (bsc#961516).
- kabi: Preserve checksum of kvm_x86_ops (bsc#969112).
- kABI: protect struct af_alg_type.
- kABI: protect struct crypto_ahash.
- kABI: reintroduce blk_rq_check_limits.
- kabi/severities: Fail on changes in kvm_x86_ops, needed by lttng-modules
- kernel: Change ASSIGN_ONCE(val, x) to WRITE_ONCE(x, val) (bsc#940946, bsc#937444).
- kernel: Provide READ_ONCE and ASSIGN_ONCE (bsc#940946, bsc#937444).
- kernel/watchdog.c: perform all-CPU backtrace in case of hard lockup (bsc#940946, bsc#937444).
- kexec: Fix race between panic() and crash_kexec() (bsc#940946, bsc#937444).
- kgr: do not print error for !abort_if_missing symbols (bnc#943989).
- kgr: do not use WQ_MEM_RECLAIM workqueue (bnc#963572).
- kgr: log when modifying kernel (fate#317827).
- kgr: mark some more missed kthreads (bnc#962336).
- kgr: usb/storage: do not emit thread awakened (bnc#899908).
- kvm: x86: Check dest_map->vector to match eoi signals for rtc (bsc#966471).
- kvm: x86: Convert ioapic->rtc_status.dest_map to a struct (bsc#966471).
- kvm: x86: store IOAPIC-handled vectors in each VCPU (bsc#966471).
- kvm: x86: Track irq vectors in ioapic->rtc_status.dest_map (bsc#966471).
- libceph: fix scatterlist last_piece calculation (bsc#963746).
- megaraid_sas: Chip reset if driver fails to get IOC ready (bsc#922071). Refresh the patch based on the actual upstream commit, and add the commit ID.
- mm/memory_hotplug.c: check for missing sections in test_pages_in_a_zone() (VM Functionality, bnc#961588).
- module: keep percpu symbols in module's symtab (bsc#962788).
- namespaces: Re-introduce task_nsproxy() helper (bug#963960).
- namespaces: Use task_lock and not rcu to protect nsproxy (bug#963960).
- net: core: Correct an over-stringent device loop detection (bsc#945219).
- nfs: Background flush should not be low priority (bsc#955308).
- nfsd: Do not start lockd when only NFSv4 is running (fate#316311).
- nfs: do not use STABLE writes during writeback (bnc#816099).
- nfs: Fix handling of re-write-before-commit for mmapped NFS pages (bsc#964201).
- nfs: Move nfsd patch to the right section
- nfsv4: Recovery of recalled read delegations is broken (bsc#956514).
- nmi: provide the option to issue an NMI back trace to every cpu but current (bsc#940946, bsc#937444).
- nmi: provide the option to issue an NMI back trace to every cpu but current (bsc#940946, bsc#937444).
- panic, x86: Allow CPUs to save registers even if looping in NMI context (bsc#940946, bsc#937444).
- panic, x86: Fix re-entrance problem due to panic on NMI (bsc#940946, bsc#937444).
- pci: allow access to VPD attributes with size 0 (bsc#959146).
- pciback: Check PF instead of VF for PCI_COMMAND_MEMORY.
- pciback: Save the number of MSI-X entries to be copied later.
- pci: Blacklist vpd access for buggy devices (bsc#959146).
- pci: Determine actual VPD size on first access (bsc#959146).
- pci: Update VPD definitions (bsc#959146).
- perf: Do not modify perf bias performance setting by default at boot (bnc#812259,bsc#959629).
- proc: Fix ptrace-based permission checks for accessing task maps.
- rpm/constraints.in: Bump disk space requirements up a bit Require 10GB on s390x, 20GB elsewhere.
- rpm/kernel-binary.spec.in: Fix build if no UEFI certs are installed
- rpm/kernel-binary.spec.in: Fix kernel-vanilla-devel dependency (bsc#959090)
- rpm/kernel-binary.spec.in: Fix paths in kernel-vanilla-devel (bsc#959090).
- rpm/kernel-binary.spec.in: Install libopenssl-devel for newer sign-file
- rpm/kernel-binary.spec.in: Sync the main and -base package dependencies (bsc#965830#c51).
- rpm/kernel-binary.spec.in: Use bzip compression to speed up build (bsc#962356)
- rpm/kernel-module-subpackage: Fix obsoleting dropped flavors (bsc#968253)
- rpm/kernel-source.spec.in: Install kernel-macros for kernel-source-vanilla (bsc#959090)
- rpm/kernel-spec-macros: Do not modify the release string in PTFs (bsc#963449)
- rpm/package-descriptions: Add kernel-zfcpdump and drop -desktop
- sched/fair: Disable tg load_avg/runnable_avg update for root_task_group (bnc#960227).
- sched/fair: Move cache hot load_avg/runnable_avg into separate cacheline (bnc#960227).
- sched: Fix race between task_group and sched_task_group (Automatic NUMA Balancing (fate#315482))
- scsi: Add sd_mod to initrd modules For some reason PowerVM backend can't work without sd_mod
- scsi_dh_alua: Do not block request queue if workqueue is active (bsc#960458).
- scsi: fix soft lockup in scsi_remove_target() on module removal (bsc#965199).
- scsi: restart list search after unlock in scsi_remove_target (bsc#959257).
- series.conf: add section comments
- supported.conf: Add e1000e (emulated by VMware) to -base (bsc#968074)
- supported.conf: Add Hyper-V modules to -base (bsc#965830)
- supported.conf: Add more QEMU and VMware drivers to -base (bsc#965840).
- supported.conf: Add more qemu device driver (bsc#968234)
- supported.conf: Add mptspi and mptsas to -base (bsc#968206)
- supported.conf: Add netfilter modules to base (bsc#950292)
- supported.conf: Add nls_iso8859-1 and nls_cp437 to -base (bsc#950292)
- supported.conf: Add the qemu scsi driver (sym53c8xx) to -base (bsc#967802)
- supported.conf: Add tulip to -base for Hyper-V (bsc#968234)
- supported.conf: Add vfat to -base to be able to mount the ESP (bsc#950292).
- supported.conf: Add virtio_{blk,net,scsi} to kernel-default-base (bsc#950292)
- supported.conf: Add virtio-rng (bsc#966026)
- supported.conf: Add xen-blkfront.
- supported.conf: Add xfs to -base (bsc#965891)
- supported.conf: Also add virtio_pci to kernel-default-base (bsc#950292).
- supported.conf: drop +external from ghash-clmulni-intel It was agreed that it does not make sense to maintain 'external' for this specific module. Furthermore it causes problems in rather ordinary VMware environments. (bsc#961971)
- supported.conf: Fix usb-common path usb-common moved to its own subdirectory in kernel v3.16, and we backported that change to SLE12.
- tcp: Restore RFC5961-compliant behavior for SYN packets (bsc#966864).
- usb: Quiet down false peer failure messages (bnc#960629).
- x86/apic: Introduce apic_extnmi command line parameter (bsc#940946, bsc#937444).
- x86/nmi: Save regs in crash dump on external NMI (bsc#940946, bsc#937444).
- x86/nmi: Save regs in crash dump on external NMI (bsc#940946, bsc#937444).
- xen: Add /etc/modprobe.d/50-xen.conf selecting Xen frontend driver implementation (bsc#957986, bsc#956084, bsc#961658).
- xen-blkfront: allow building in our Xen environment (bsc#957986 fate#320625).
- xen, blkfront: factor out flush-related checks from do_blkif_request() (bsc#957986 fate#320625).
- xen-blkfront: fix accounting of reqs when migrating (bsc#957986 fate#320625).
- xen/blkfront: Fix crash if backend does not follow the right states (bsc#957986 fate#320625).
- xen-blkfront: improve aproximation of required grants per request (bsc#957986 fate#320625).
- xen/blkfront: improve protection against issuing unsupported REQ_FUA (bsc#957986 fate#320625).
- xen/blkfront: remove redundant flush_op (bsc#957986 fate#320625).
- xen-blkfront: remove type check from blkfront_setup_discard (bsc#957986 fate#320625).
- xen-blkfront: Silence pfn maybe-uninitialized warning (bsc#957986 fate#320625).
- xen: Linux 3.12.52.
- xen: Refresh patches.xen/xen3-patch-3.9 (bsc#951155).
- xen: Refresh patches.xen/xen3-patch-3.9 (do not subvert NX protection during 1:1 mapping setup).
- xen-vscsi-large-requests: Fix resource collision for racing request maps and unmaps (bsc#966094).
- xen: Xen config files updated to enable upstream block frontend.
- xfs: add a few more verifier tests (bsc#947953).
- xfs: fix double free in xlog_recover_commit_trans (bsc#947953).
- xfs: recovery of XLOG_UNMOUNT_TRANS leaks memory (bsc#947953).
Patchnames
SUSE-SLE-DESKTOP-12-2016-460,SUSE-SLE-Live-Patching-12-2016-460,SUSE-SLE-Module-Public-Cloud-12-2016-460,SUSE-SLE-SDK-12-2016-460,SUSE-SLE-SERVER-12-2016-460,SUSE-SLE-WE-12-2016-460
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for the Linux Kernel",
"title": "Title of the patch"
},
{
"category": "description",
"text": "\nThe SUSE Linux Enterprise 12 kernel was updated to 3.12.55 to receive various security and bugfixes.\n\nFeatures added:\n- A improved XEN blkfront module was added, which allows more I/O bandwidth. (FATE#320625)\n It is called xen-blkfront in PV, and xen-vbd-upstream in HVM mode.\n\nThe following security bugs were fixed:\n- CVE-2013-7446: Use-after-free vulnerability in net/unix/af_unix.c in\n the Linux kernel allowed local users to bypass intended AF_UNIX socket\n permissions or cause a denial of service (panic) via crafted epoll_ctl\n calls (bnc#955654).\n- CVE-2015-5707: Integer overflow in the sg_start_req function in\n drivers/scsi/sg.c in the Linux kernel allowed local users to cause a\n denial of service or possibly have unspecified other impact via a large\n iov_count value in a write request (bnc#940338).\n- CVE-2015-8709: kernel/ptrace.c in the Linux kernel mishandled uid and\n gid mappings, which allowed local users to gain privileges by establishing\n a user namespace, waiting for a root process to enter that namespace\n with an unsafe uid or gid, and then using the ptrace system call. NOTE:\n the vendor states \u0027there is no kernel bug here\u0027 (bnc#959709 bnc#960561).\n- CVE-2015-8767: net/sctp/sm_sideeffect.c in the Linux kernel did not\n properly manage the relationship between a lock and a socket, which\n allowed local users to cause a denial of service (deadlock) via a crafted\n sctp_accept call (bnc#961509).\n- CVE-2015-8785: The fuse_fill_write_pages function in fs/fuse/file.c\n in the Linux kernel allowed local users to cause a denial of service\n (infinite loop) via a writev system call that triggers a zero length\n for the first segment of an iov (bnc#963765).\n- CVE-2015-8812: A use-after-free flaw was found in the CXGB3 kernel\n driver when the network was considered to be congested. This could be\n used by local attackers to cause machine crashes or potentially code\n executuon (bsc#966437).\n- CVE-2016-0723: Race condition in the tty_ioctl function in\n drivers/tty/tty_io.c in the Linux kernel allowed local users to obtain\n sensitive information from kernel memory or cause a denial of service\n (use-after-free and system crash) by making a TIOCGETD ioctl call during\n processing of a TIOCSETD ioctl call (bnc#961500).\n- CVE-2016-0774: A pipe buffer state corruption after unsuccessful atomic\n read from pipe was fixed (bsc#964730).\n- CVE-2016-2069: Race conditions in TLB syncing was fixed which could\n leak to information leaks (bnc#963767).\n- CVE-2016-2384: A double-free triggered by invalid USB descriptor in\n ALSA usb-audio was fixed, which could be exploited by physical local\n attackers to crash the kernel or gain code execution (bnc#966693).\n\nThe following non-security bugs were fixed:\n- alsa: rawmidi: Make snd_rawmidi_transmit() race-free (bsc#968018).\n- alsa: seq: Fix leak of pool buffer at concurrent writes (bsc#968018).\n- be2net: fix some log messages (bnc#855062 FATE#315961, bnc#867583).\n- block: xen-blkfront: Fix possible NULL ptr dereference (bsc#957986 fate#320625).\n- btrfs: Add handler for invalidate page (bsc#963193).\n- btrfs: check prepare_uptodate_page() error code earlier (bnc#966910).\n- btrfs: delayed_ref: Add new function to record reserved space into delayed ref (bsc#963193).\n- btrfs: delayed_ref: release and free qgroup reserved at proper timing (bsc#963193).\n- btrfs: extent_io: Introduce needed structure for recoding set/clear bits (bsc#963193).\n- btrfs: extent_io: Introduce new function clear_record_extent_bits() (bsc#963193).\n- btrfs: extent_io: Introduce new function set_record_extent_bits (bsc#963193).\n- btrfs: extent-tree: Add new version of btrfs_check_data_free_space and btrfs_free_reserved_data_space (bsc#963193).\n- btrfs: extent-tree: Add new version of btrfs_delalloc_reserve/release_space (bsc#963193).\n- btrfs: extent-tree: Switch to new check_data_free_space and free_reserved_data_space (bsc#963193).\n- btrfs: extent-tree: Switch to new delalloc space reserve and release (bsc#963193).\n- btrfs: fallocate: Add support to accurate qgroup reserve (bsc#963193).\n- btrfs: fix deadlock between direct IO write and defrag/readpages (bnc#965344).\n- btrfs: fix invalid page accesses in extent_same (dedup) ioctl (bnc#968230).\n- btrfs: fix page reading in extent_same ioctl leading to csum errors (bnc#968230).\n- btrfs: fix warning in backref walking (bnc#966278).\n- btrfs: qgroup: Add handler for NOCOW and inline (bsc#963193).\n- btrfs: qgroup: Add new trace point for qgroup data reserve (bsc#963193).\n- btrfs: qgroup: Avoid calling btrfs_free_reserved_data_space in clear_bit_hook (bsc#963193).\n- btrfs: qgroup: Check if qgroup reserved space leaked (bsc#963193).\n- btrfs: qgroup: Cleanup old inaccurate facilities (bsc#963193).\n- btrfs: qgroup: Fix a race in delayed_ref which leads to abort trans (bsc#963193).\n- btrfs: qgroup: Fix a rebase bug which will cause qgroup double free (bsc#963193).\n- btrfs: qgroup: Introduce btrfs_qgroup_reserve_data function (bsc#963193).\n- btrfs: qgroup: Introduce functions to release/free qgroup reserve data space (bsc#963193).\n- btrfs: qgroup: Introduce new functions to reserve/free metadata (bsc#963193).\n- btrfs: qgroup: Use new metadata reservation (bsc#963193).\n- btrfs: skip locking when searching commit root (bnc#963825).\n- dcache: use IS_ROOT to decide where dentry is hashed (bsc#949752).\n- documentation: Document kernel.panic_on_io_nmi sysctl (bsc#940946, bsc#937444).\n- documentation: Fix build of PDF files in kernel-docs package Double the spaces for tex, and fix buildrequires for docbook.\n- doc: Use fop for creating PDF files in kernel-docs package as some files still cannot be built with the default backend.\n- driver core: Add BUS_NOTIFY_REMOVED_DEVICE event (bnc#962965).\n- drivers: xen-blkfront: only talk_to_blkback() when in XenbusStateInitialising (bsc#957986 fate#320625).\n- driver: xen-blkfront: move talk_to_blkback to a more suitable place (bsc#957986 fate#320625).\n- ec2: updated kabi files and start tracking\n- fs: Improve fairness when locking the per-superblock s_anon list (bsc#957525, bsc#941363).\n- fs/proc_namespace.c: simplify testing nsp and nsp-\u003emnt_ns (bug#963960).\n- fuse: break infinite loop in fuse_fill_write_pages() (bsc#963765).\n- futex: Drop refcount if requeue_pi() acquired the rtmutex (bug#960174).\n- jbd2: Fix unreclaimed pages after truncate in data=journal mode (bsc#961516).\n- kabi: Preserve checksum of kvm_x86_ops (bsc#969112).\n- kABI: protect struct af_alg_type.\n- kABI: protect struct crypto_ahash.\n- kABI: reintroduce blk_rq_check_limits.\n- kabi/severities: Fail on changes in kvm_x86_ops, needed by lttng-modules\n- kernel: Change ASSIGN_ONCE(val, x) to WRITE_ONCE(x, val) (bsc#940946, bsc#937444).\n- kernel: Provide READ_ONCE and ASSIGN_ONCE (bsc#940946, bsc#937444).\n- kernel/watchdog.c: perform all-CPU backtrace in case of hard lockup (bsc#940946, bsc#937444).\n- kexec: Fix race between panic() and crash_kexec() (bsc#940946, bsc#937444).\n- kgr: do not print error for !abort_if_missing symbols (bnc#943989).\n- kgr: do not use WQ_MEM_RECLAIM workqueue (bnc#963572).\n- kgr: log when modifying kernel (fate#317827).\n- kgr: mark some more missed kthreads (bnc#962336).\n- kgr: usb/storage: do not emit thread awakened (bnc#899908).\n- kvm: x86: Check dest_map-\u003evector to match eoi signals for rtc (bsc#966471).\n- kvm: x86: Convert ioapic-\u003ertc_status.dest_map to a struct (bsc#966471).\n- kvm: x86: store IOAPIC-handled vectors in each VCPU (bsc#966471).\n- kvm: x86: Track irq vectors in ioapic-\u003ertc_status.dest_map (bsc#966471).\n- libceph: fix scatterlist last_piece calculation (bsc#963746).\n- megaraid_sas: Chip reset if driver fails to get IOC ready (bsc#922071). Refresh the patch based on the actual upstream commit, and add the commit ID.\n- mm/memory_hotplug.c: check for missing sections in test_pages_in_a_zone() (VM Functionality, bnc#961588).\n- module: keep percpu symbols in module\u0027s symtab (bsc#962788).\n- namespaces: Re-introduce task_nsproxy() helper (bug#963960).\n- namespaces: Use task_lock and not rcu to protect nsproxy (bug#963960).\n- net: core: Correct an over-stringent device loop detection (bsc#945219).\n- nfs: Background flush should not be low priority (bsc#955308).\n- nfsd: Do not start lockd when only NFSv4 is running (fate#316311).\n- nfs: do not use STABLE writes during writeback (bnc#816099).\n- nfs: Fix handling of re-write-before-commit for mmapped NFS pages (bsc#964201).\n- nfs: Move nfsd patch to the right section\n- nfsv4: Recovery of recalled read delegations is broken (bsc#956514).\n- nmi: provide the option to issue an NMI back trace to every cpu but current (bsc#940946, bsc#937444).\n- nmi: provide the option to issue an NMI back trace to every cpu but current (bsc#940946, bsc#937444).\n- panic, x86: Allow CPUs to save registers even if looping in NMI context (bsc#940946, bsc#937444).\n- panic, x86: Fix re-entrance problem due to panic on NMI (bsc#940946, bsc#937444).\n- pci: allow access to VPD attributes with size 0 (bsc#959146).\n- pciback: Check PF instead of VF for PCI_COMMAND_MEMORY.\n- pciback: Save the number of MSI-X entries to be copied later.\n- pci: Blacklist vpd access for buggy devices (bsc#959146).\n- pci: Determine actual VPD size on first access (bsc#959146).\n- pci: Update VPD definitions (bsc#959146).\n- perf: Do not modify perf bias performance setting by default at boot (bnc#812259,bsc#959629).\n- proc: Fix ptrace-based permission checks for accessing task maps.\n- rpm/constraints.in: Bump disk space requirements up a bit Require 10GB on s390x, 20GB elsewhere.\n- rpm/kernel-binary.spec.in: Fix build if no UEFI certs are installed\n- rpm/kernel-binary.spec.in: Fix kernel-vanilla-devel dependency (bsc#959090)\n- rpm/kernel-binary.spec.in: Fix paths in kernel-vanilla-devel (bsc#959090).\n- rpm/kernel-binary.spec.in: Install libopenssl-devel for newer sign-file\n- rpm/kernel-binary.spec.in: Sync the main and -base package dependencies (bsc#965830#c51).\n- rpm/kernel-binary.spec.in: Use bzip compression to speed up build (bsc#962356)\n- rpm/kernel-module-subpackage: Fix obsoleting dropped flavors (bsc#968253)\n- rpm/kernel-source.spec.in: Install kernel-macros for kernel-source-vanilla (bsc#959090)\n- rpm/kernel-spec-macros: Do not modify the release string in PTFs (bsc#963449)\n- rpm/package-descriptions: Add kernel-zfcpdump and drop -desktop\n- sched/fair: Disable tg load_avg/runnable_avg update for root_task_group (bnc#960227).\n- sched/fair: Move cache hot load_avg/runnable_avg into separate cacheline (bnc#960227).\n- sched: Fix race between task_group and sched_task_group (Automatic NUMA Balancing (fate#315482))\n- scsi: Add sd_mod to initrd modules For some reason PowerVM backend can\u0027t work without sd_mod\n- scsi_dh_alua: Do not block request queue if workqueue is active (bsc#960458).\n- scsi: fix soft lockup in scsi_remove_target() on module removal (bsc#965199).\n- scsi: restart list search after unlock in scsi_remove_target (bsc#959257).\n- series.conf: add section comments\n- supported.conf: Add e1000e (emulated by VMware) to -base (bsc#968074)\n- supported.conf: Add Hyper-V modules to -base (bsc#965830)\n- supported.conf: Add more QEMU and VMware drivers to -base (bsc#965840).\n- supported.conf: Add more qemu device driver (bsc#968234)\n- supported.conf: Add mptspi and mptsas to -base (bsc#968206)\n- supported.conf: Add netfilter modules to base (bsc#950292)\n- supported.conf: Add nls_iso8859-1 and nls_cp437 to -base (bsc#950292)\n- supported.conf: Add the qemu scsi driver (sym53c8xx) to -base (bsc#967802)\n- supported.conf: Add tulip to -base for Hyper-V (bsc#968234)\n- supported.conf: Add vfat to -base to be able to mount the ESP (bsc#950292).\n- supported.conf: Add virtio_{blk,net,scsi} to kernel-default-base (bsc#950292)\n- supported.conf: Add virtio-rng (bsc#966026)\n- supported.conf: Add xen-blkfront.\n- supported.conf: Add xfs to -base (bsc#965891)\n- supported.conf: Also add virtio_pci to kernel-default-base (bsc#950292).\n- supported.conf: drop +external from ghash-clmulni-intel It was agreed that it does not make sense to maintain \u0027external\u0027 for this specific module. Furthermore it causes problems in rather ordinary VMware environments. (bsc#961971)\n- supported.conf: Fix usb-common path usb-common moved to its own subdirectory in kernel v3.16, and we backported that change to SLE12.\n- tcp: Restore RFC5961-compliant behavior for SYN packets (bsc#966864).\n- usb: Quiet down false peer failure messages (bnc#960629).\n- x86/apic: Introduce apic_extnmi command line parameter (bsc#940946, bsc#937444).\n- x86/nmi: Save regs in crash dump on external NMI (bsc#940946, bsc#937444).\n- x86/nmi: Save regs in crash dump on external NMI (bsc#940946, bsc#937444).\n- xen: Add /etc/modprobe.d/50-xen.conf selecting Xen frontend driver implementation (bsc#957986, bsc#956084, bsc#961658).\n- xen-blkfront: allow building in our Xen environment (bsc#957986 fate#320625).\n- xen, blkfront: factor out flush-related checks from do_blkif_request() (bsc#957986 fate#320625).\n- xen-blkfront: fix accounting of reqs when migrating (bsc#957986 fate#320625).\n- xen/blkfront: Fix crash if backend does not follow the right states (bsc#957986 fate#320625).\n- xen-blkfront: improve aproximation of required grants per request (bsc#957986 fate#320625).\n- xen/blkfront: improve protection against issuing unsupported REQ_FUA (bsc#957986 fate#320625).\n- xen/blkfront: remove redundant flush_op (bsc#957986 fate#320625).\n- xen-blkfront: remove type check from blkfront_setup_discard (bsc#957986 fate#320625).\n- xen-blkfront: Silence pfn maybe-uninitialized warning (bsc#957986 fate#320625).\n- xen: Linux 3.12.52.\n- xen: Refresh patches.xen/xen3-patch-3.9 (bsc#951155).\n- xen: Refresh patches.xen/xen3-patch-3.9 (do not subvert NX protection during 1:1 mapping setup).\n- xen-vscsi-large-requests: Fix resource collision for racing request maps and unmaps (bsc#966094).\n- xen: Xen config files updated to enable upstream block frontend.\n- xfs: add a few more verifier tests (bsc#947953).\n- xfs: fix double free in xlog_recover_commit_trans (bsc#947953).\n- xfs: recovery of XLOG_UNMOUNT_TRANS leaks memory (bsc#947953).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-SLE-DESKTOP-12-2016-460,SUSE-SLE-Live-Patching-12-2016-460,SUSE-SLE-Module-Public-Cloud-12-2016-460,SUSE-SLE-SDK-12-2016-460,SUSE-SLE-SERVER-12-2016-460,SUSE-SLE-WE-12-2016-460",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2016_0785-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2016:0785-1",
"url": "https://www.suse.com/support/update/announcement/2016/suse-su-20160785-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2016:0785-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2016-March/001947.html"
},
{
"category": "self",
"summary": "SUSE Bug 812259",
"url": "https://bugzilla.suse.com/812259"
},
{
"category": "self",
"summary": "SUSE Bug 816099",
"url": "https://bugzilla.suse.com/816099"
},
{
"category": "self",
"summary": "SUSE Bug 855062",
"url": "https://bugzilla.suse.com/855062"
},
{
"category": "self",
"summary": "SUSE Bug 867583",
"url": "https://bugzilla.suse.com/867583"
},
{
"category": "self",
"summary": "SUSE Bug 884701",
"url": "https://bugzilla.suse.com/884701"
},
{
"category": "self",
"summary": "SUSE Bug 899908",
"url": "https://bugzilla.suse.com/899908"
},
{
"category": "self",
"summary": "SUSE Bug 922071",
"url": "https://bugzilla.suse.com/922071"
},
{
"category": "self",
"summary": "SUSE Bug 937444",
"url": "https://bugzilla.suse.com/937444"
},
{
"category": "self",
"summary": "SUSE Bug 940338",
"url": "https://bugzilla.suse.com/940338"
},
{
"category": "self",
"summary": "SUSE Bug 940946",
"url": "https://bugzilla.suse.com/940946"
},
{
"category": "self",
"summary": "SUSE Bug 941363",
"url": "https://bugzilla.suse.com/941363"
},
{
"category": "self",
"summary": "SUSE Bug 943989",
"url": "https://bugzilla.suse.com/943989"
},
{
"category": "self",
"summary": "SUSE Bug 945219",
"url": "https://bugzilla.suse.com/945219"
},
{
"category": "self",
"summary": "SUSE Bug 947953",
"url": "https://bugzilla.suse.com/947953"
},
{
"category": "self",
"summary": "SUSE Bug 949752",
"url": "https://bugzilla.suse.com/949752"
},
{
"category": "self",
"summary": "SUSE Bug 950292",
"url": "https://bugzilla.suse.com/950292"
},
{
"category": "self",
"summary": "SUSE Bug 951155",
"url": "https://bugzilla.suse.com/951155"
},
{
"category": "self",
"summary": "SUSE Bug 955308",
"url": "https://bugzilla.suse.com/955308"
},
{
"category": "self",
"summary": "SUSE Bug 955654",
"url": "https://bugzilla.suse.com/955654"
},
{
"category": "self",
"summary": "SUSE Bug 956084",
"url": "https://bugzilla.suse.com/956084"
},
{
"category": "self",
"summary": "SUSE Bug 956514",
"url": "https://bugzilla.suse.com/956514"
},
{
"category": "self",
"summary": "SUSE Bug 957525",
"url": "https://bugzilla.suse.com/957525"
},
{
"category": "self",
"summary": "SUSE Bug 957986",
"url": "https://bugzilla.suse.com/957986"
},
{
"category": "self",
"summary": "SUSE Bug 959090",
"url": "https://bugzilla.suse.com/959090"
},
{
"category": "self",
"summary": "SUSE Bug 959146",
"url": "https://bugzilla.suse.com/959146"
},
{
"category": "self",
"summary": "SUSE Bug 959257",
"url": "https://bugzilla.suse.com/959257"
},
{
"category": "self",
"summary": "SUSE Bug 959463",
"url": "https://bugzilla.suse.com/959463"
},
{
"category": "self",
"summary": "SUSE Bug 959629",
"url": "https://bugzilla.suse.com/959629"
},
{
"category": "self",
"summary": "SUSE Bug 959709",
"url": "https://bugzilla.suse.com/959709"
},
{
"category": "self",
"summary": "SUSE Bug 960174",
"url": "https://bugzilla.suse.com/960174"
},
{
"category": "self",
"summary": "SUSE Bug 960227",
"url": "https://bugzilla.suse.com/960227"
},
{
"category": "self",
"summary": "SUSE Bug 960458",
"url": "https://bugzilla.suse.com/960458"
},
{
"category": "self",
"summary": "SUSE Bug 960561",
"url": "https://bugzilla.suse.com/960561"
},
{
"category": "self",
"summary": "SUSE Bug 960629",
"url": "https://bugzilla.suse.com/960629"
},
{
"category": "self",
"summary": "SUSE Bug 961257",
"url": "https://bugzilla.suse.com/961257"
},
{
"category": "self",
"summary": "SUSE Bug 961500",
"url": "https://bugzilla.suse.com/961500"
},
{
"category": "self",
"summary": "SUSE Bug 961509",
"url": "https://bugzilla.suse.com/961509"
},
{
"category": "self",
"summary": "SUSE Bug 961516",
"url": "https://bugzilla.suse.com/961516"
},
{
"category": "self",
"summary": "SUSE Bug 961588",
"url": "https://bugzilla.suse.com/961588"
},
{
"category": "self",
"summary": "SUSE Bug 961658",
"url": "https://bugzilla.suse.com/961658"
},
{
"category": "self",
"summary": "SUSE Bug 961971",
"url": "https://bugzilla.suse.com/961971"
},
{
"category": "self",
"summary": "SUSE Bug 962336",
"url": "https://bugzilla.suse.com/962336"
},
{
"category": "self",
"summary": "SUSE Bug 962356",
"url": "https://bugzilla.suse.com/962356"
},
{
"category": "self",
"summary": "SUSE Bug 962788",
"url": "https://bugzilla.suse.com/962788"
},
{
"category": "self",
"summary": "SUSE Bug 962965",
"url": "https://bugzilla.suse.com/962965"
},
{
"category": "self",
"summary": "SUSE Bug 963193",
"url": "https://bugzilla.suse.com/963193"
},
{
"category": "self",
"summary": "SUSE Bug 963449",
"url": "https://bugzilla.suse.com/963449"
},
{
"category": "self",
"summary": "SUSE Bug 963572",
"url": "https://bugzilla.suse.com/963572"
},
{
"category": "self",
"summary": "SUSE Bug 963746",
"url": "https://bugzilla.suse.com/963746"
},
{
"category": "self",
"summary": "SUSE Bug 963765",
"url": "https://bugzilla.suse.com/963765"
},
{
"category": "self",
"summary": "SUSE Bug 963767",
"url": "https://bugzilla.suse.com/963767"
},
{
"category": "self",
"summary": "SUSE Bug 963825",
"url": "https://bugzilla.suse.com/963825"
},
{
"category": "self",
"summary": "SUSE Bug 963960",
"url": "https://bugzilla.suse.com/963960"
},
{
"category": "self",
"summary": "SUSE Bug 964201",
"url": "https://bugzilla.suse.com/964201"
},
{
"category": "self",
"summary": "SUSE Bug 964730",
"url": "https://bugzilla.suse.com/964730"
},
{
"category": "self",
"summary": "SUSE Bug 965199",
"url": "https://bugzilla.suse.com/965199"
},
{
"category": "self",
"summary": "SUSE Bug 965344",
"url": "https://bugzilla.suse.com/965344"
},
{
"category": "self",
"summary": "SUSE Bug 965830",
"url": "https://bugzilla.suse.com/965830"
},
{
"category": "self",
"summary": "SUSE Bug 965840",
"url": "https://bugzilla.suse.com/965840"
},
{
"category": "self",
"summary": "SUSE Bug 965891",
"url": "https://bugzilla.suse.com/965891"
},
{
"category": "self",
"summary": "SUSE Bug 966026",
"url": "https://bugzilla.suse.com/966026"
},
{
"category": "self",
"summary": "SUSE Bug 966094",
"url": "https://bugzilla.suse.com/966094"
},
{
"category": "self",
"summary": "SUSE Bug 966278",
"url": "https://bugzilla.suse.com/966278"
},
{
"category": "self",
"summary": "SUSE Bug 966437",
"url": "https://bugzilla.suse.com/966437"
},
{
"category": "self",
"summary": "SUSE Bug 966471",
"url": "https://bugzilla.suse.com/966471"
},
{
"category": "self",
"summary": "SUSE Bug 966693",
"url": "https://bugzilla.suse.com/966693"
},
{
"category": "self",
"summary": "SUSE Bug 966864",
"url": "https://bugzilla.suse.com/966864"
},
{
"category": "self",
"summary": "SUSE Bug 966910",
"url": "https://bugzilla.suse.com/966910"
},
{
"category": "self",
"summary": "SUSE Bug 967802",
"url": "https://bugzilla.suse.com/967802"
},
{
"category": "self",
"summary": "SUSE Bug 968018",
"url": "https://bugzilla.suse.com/968018"
},
{
"category": "self",
"summary": "SUSE Bug 968074",
"url": "https://bugzilla.suse.com/968074"
},
{
"category": "self",
"summary": "SUSE Bug 968206",
"url": "https://bugzilla.suse.com/968206"
},
{
"category": "self",
"summary": "SUSE Bug 968230",
"url": "https://bugzilla.suse.com/968230"
},
{
"category": "self",
"summary": "SUSE Bug 968234",
"url": "https://bugzilla.suse.com/968234"
},
{
"category": "self",
"summary": "SUSE Bug 968253",
"url": "https://bugzilla.suse.com/968253"
},
{
"category": "self",
"summary": "SUSE Bug 969112",
"url": "https://bugzilla.suse.com/969112"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-7446 page",
"url": "https://www.suse.com/security/cve/CVE-2013-7446/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-5707 page",
"url": "https://www.suse.com/security/cve/CVE-2015-5707/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-8709 page",
"url": "https://www.suse.com/security/cve/CVE-2015-8709/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-8767 page",
"url": "https://www.suse.com/security/cve/CVE-2015-8767/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-8785 page",
"url": "https://www.suse.com/security/cve/CVE-2015-8785/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-8812 page",
"url": "https://www.suse.com/security/cve/CVE-2015-8812/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-0723 page",
"url": "https://www.suse.com/security/cve/CVE-2016-0723/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-0774 page",
"url": "https://www.suse.com/security/cve/CVE-2016-0774/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-2069 page",
"url": "https://www.suse.com/security/cve/CVE-2016-2069/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-2384 page",
"url": "https://www.suse.com/security/cve/CVE-2016-2384/"
}
],
"title": "Security update for the Linux Kernel",
"tracking": {
"current_release_date": "2016-03-16T10:39:32Z",
"generator": {
"date": "2016-03-16T10:39:32Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2016:0785-1",
"initial_release_date": "2016-03-16T10:39:32Z",
"revision_history": [
{
"date": "2016-03-16T10:39:32Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "kernel-devel-3.12.55-52.42.1.noarch",
"product": {
"name": "kernel-devel-3.12.55-52.42.1.noarch",
"product_id": "kernel-devel-3.12.55-52.42.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-macros-3.12.55-52.42.1.noarch",
"product": {
"name": "kernel-macros-3.12.55-52.42.1.noarch",
"product_id": "kernel-macros-3.12.55-52.42.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-source-3.12.55-52.42.1.noarch",
"product": {
"name": "kernel-source-3.12.55-52.42.1.noarch",
"product_id": "kernel-source-3.12.55-52.42.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-docs-3.12.55-52.42.2.noarch",
"product": {
"name": "kernel-docs-3.12.55-52.42.2.noarch",
"product_id": "kernel-docs-3.12.55-52.42.2.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-obs-build-3.12.55-52.42.2.ppc64le",
"product": {
"name": "kernel-obs-build-3.12.55-52.42.2.ppc64le",
"product_id": "kernel-obs-build-3.12.55-52.42.2.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-default-3.12.55-52.42.1.ppc64le",
"product": {
"name": "kernel-default-3.12.55-52.42.1.ppc64le",
"product_id": "kernel-default-3.12.55-52.42.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-default-base-3.12.55-52.42.1.ppc64le",
"product": {
"name": "kernel-default-base-3.12.55-52.42.1.ppc64le",
"product_id": "kernel-default-base-3.12.55-52.42.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-default-devel-3.12.55-52.42.1.ppc64le",
"product": {
"name": "kernel-default-devel-3.12.55-52.42.1.ppc64le",
"product_id": "kernel-default-devel-3.12.55-52.42.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-syms-3.12.55-52.42.1.ppc64le",
"product": {
"name": "kernel-syms-3.12.55-52.42.1.ppc64le",
"product_id": "kernel-syms-3.12.55-52.42.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-obs-build-3.12.55-52.42.2.s390x",
"product": {
"name": "kernel-obs-build-3.12.55-52.42.2.s390x",
"product_id": "kernel-obs-build-3.12.55-52.42.2.s390x"
}
},
{
"category": "product_version",
"name": "kernel-default-3.12.55-52.42.1.s390x",
"product": {
"name": "kernel-default-3.12.55-52.42.1.s390x",
"product_id": "kernel-default-3.12.55-52.42.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-default-base-3.12.55-52.42.1.s390x",
"product": {
"name": "kernel-default-base-3.12.55-52.42.1.s390x",
"product_id": "kernel-default-base-3.12.55-52.42.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-default-devel-3.12.55-52.42.1.s390x",
"product": {
"name": "kernel-default-devel-3.12.55-52.42.1.s390x",
"product_id": "kernel-default-devel-3.12.55-52.42.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-default-man-3.12.55-52.42.1.s390x",
"product": {
"name": "kernel-default-man-3.12.55-52.42.1.s390x",
"product_id": "kernel-default-man-3.12.55-52.42.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-syms-3.12.55-52.42.1.s390x",
"product": {
"name": "kernel-syms-3.12.55-52.42.1.s390x",
"product_id": "kernel-syms-3.12.55-52.42.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-default-3.12.55-52.42.1.x86_64",
"product": {
"name": "kernel-default-3.12.55-52.42.1.x86_64",
"product_id": "kernel-default-3.12.55-52.42.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-devel-3.12.55-52.42.1.x86_64",
"product": {
"name": "kernel-default-devel-3.12.55-52.42.1.x86_64",
"product_id": "kernel-default-devel-3.12.55-52.42.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-extra-3.12.55-52.42.1.x86_64",
"product": {
"name": "kernel-default-extra-3.12.55-52.42.1.x86_64",
"product_id": "kernel-default-extra-3.12.55-52.42.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-syms-3.12.55-52.42.1.x86_64",
"product": {
"name": "kernel-syms-3.12.55-52.42.1.x86_64",
"product_id": "kernel-syms-3.12.55-52.42.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-xen-3.12.55-52.42.1.x86_64",
"product": {
"name": "kernel-xen-3.12.55-52.42.1.x86_64",
"product_id": "kernel-xen-3.12.55-52.42.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-xen-devel-3.12.55-52.42.1.x86_64",
"product": {
"name": "kernel-xen-devel-3.12.55-52.42.1.x86_64",
"product_id": "kernel-xen-devel-3.12.55-52.42.1.x86_64"
}
},
{
"category": "product_version",
"name": "kgraft-patch-3_12_55-52_42-default-1-2.1.x86_64",
"product": {
"name": "kgraft-patch-3_12_55-52_42-default-1-2.1.x86_64",
"product_id": "kgraft-patch-3_12_55-52_42-default-1-2.1.x86_64"
}
},
{
"category": "product_version",
"name": "kgraft-patch-3_12_55-52_42-xen-1-2.1.x86_64",
"product": {
"name": "kgraft-patch-3_12_55-52_42-xen-1-2.1.x86_64",
"product_id": "kgraft-patch-3_12_55-52_42-xen-1-2.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-ec2-3.12.55-52.42.1.x86_64",
"product": {
"name": "kernel-ec2-3.12.55-52.42.1.x86_64",
"product_id": "kernel-ec2-3.12.55-52.42.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-ec2-devel-3.12.55-52.42.1.x86_64",
"product": {
"name": "kernel-ec2-devel-3.12.55-52.42.1.x86_64",
"product_id": "kernel-ec2-devel-3.12.55-52.42.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-ec2-extra-3.12.55-52.42.1.x86_64",
"product": {
"name": "kernel-ec2-extra-3.12.55-52.42.1.x86_64",
"product_id": "kernel-ec2-extra-3.12.55-52.42.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-obs-build-3.12.55-52.42.2.x86_64",
"product": {
"name": "kernel-obs-build-3.12.55-52.42.2.x86_64",
"product_id": "kernel-obs-build-3.12.55-52.42.2.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-base-3.12.55-52.42.1.x86_64",
"product": {
"name": "kernel-default-base-3.12.55-52.42.1.x86_64",
"product_id": "kernel-default-base-3.12.55-52.42.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-xen-base-3.12.55-52.42.1.x86_64",
"product": {
"name": "kernel-xen-base-3.12.55-52.42.1.x86_64",
"product_id": "kernel-xen-base-3.12.55-52.42.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Desktop 12",
"product": {
"name": "SUSE Linux Enterprise Desktop 12",
"product_id": "SUSE Linux Enterprise Desktop 12",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sled:12"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Live Patching 12",
"product": {
"name": "SUSE Linux Enterprise Live Patching 12",
"product_id": "SUSE Linux Enterprise Live Patching 12",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-live-patching:12"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Module for Public Cloud 12",
"product": {
"name": "SUSE Linux Enterprise Module for Public Cloud 12",
"product_id": "SUSE Linux Enterprise Module for Public Cloud 12",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-public-cloud:12"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Software Development Kit 12",
"product": {
"name": "SUSE Linux Enterprise Software Development Kit 12",
"product_id": "SUSE Linux Enterprise Software Development Kit 12",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-sdk:12"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 12",
"product": {
"name": "SUSE Linux Enterprise Server 12",
"product_id": "SUSE Linux Enterprise Server 12",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles:12"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP Applications 12",
"product": {
"name": "SUSE Linux Enterprise Server for SAP Applications 12",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles_sap:12"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Workstation Extension 12",
"product": {
"name": "SUSE Linux Enterprise Workstation Extension 12",
"product_id": "SUSE Linux Enterprise Workstation Extension 12",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-we:12"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-3.12.55-52.42.1.x86_64 as component of SUSE Linux Enterprise Desktop 12",
"product_id": "SUSE Linux Enterprise Desktop 12:kernel-default-3.12.55-52.42.1.x86_64"
},
"product_reference": "kernel-default-3.12.55-52.42.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Desktop 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-3.12.55-52.42.1.x86_64 as component of SUSE Linux Enterprise Desktop 12",
"product_id": "SUSE Linux Enterprise Desktop 12:kernel-default-devel-3.12.55-52.42.1.x86_64"
},
"product_reference": "kernel-default-devel-3.12.55-52.42.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Desktop 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-extra-3.12.55-52.42.1.x86_64 as component of SUSE Linux Enterprise Desktop 12",
"product_id": "SUSE Linux Enterprise Desktop 12:kernel-default-extra-3.12.55-52.42.1.x86_64"
},
"product_reference": "kernel-default-extra-3.12.55-52.42.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Desktop 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-devel-3.12.55-52.42.1.noarch as component of SUSE Linux Enterprise Desktop 12",
"product_id": "SUSE Linux Enterprise Desktop 12:kernel-devel-3.12.55-52.42.1.noarch"
},
"product_reference": "kernel-devel-3.12.55-52.42.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Desktop 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-macros-3.12.55-52.42.1.noarch as component of SUSE Linux Enterprise Desktop 12",
"product_id": "SUSE Linux Enterprise Desktop 12:kernel-macros-3.12.55-52.42.1.noarch"
},
"product_reference": "kernel-macros-3.12.55-52.42.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Desktop 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-source-3.12.55-52.42.1.noarch as component of SUSE Linux Enterprise Desktop 12",
"product_id": "SUSE Linux Enterprise Desktop 12:kernel-source-3.12.55-52.42.1.noarch"
},
"product_reference": "kernel-source-3.12.55-52.42.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Desktop 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-3.12.55-52.42.1.x86_64 as component of SUSE Linux Enterprise Desktop 12",
"product_id": "SUSE Linux Enterprise Desktop 12:kernel-syms-3.12.55-52.42.1.x86_64"
},
"product_reference": "kernel-syms-3.12.55-52.42.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Desktop 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-xen-3.12.55-52.42.1.x86_64 as component of SUSE Linux Enterprise Desktop 12",
"product_id": "SUSE Linux Enterprise Desktop 12:kernel-xen-3.12.55-52.42.1.x86_64"
},
"product_reference": "kernel-xen-3.12.55-52.42.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Desktop 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-xen-devel-3.12.55-52.42.1.x86_64 as component of SUSE Linux Enterprise Desktop 12",
"product_id": "SUSE Linux Enterprise Desktop 12:kernel-xen-devel-3.12.55-52.42.1.x86_64"
},
"product_reference": "kernel-xen-devel-3.12.55-52.42.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Desktop 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-3_12_55-52_42-default-1-2.1.x86_64 as component of SUSE Linux Enterprise Live Patching 12",
"product_id": "SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_55-52_42-default-1-2.1.x86_64"
},
"product_reference": "kgraft-patch-3_12_55-52_42-default-1-2.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-3_12_55-52_42-xen-1-2.1.x86_64 as component of SUSE Linux Enterprise Live Patching 12",
"product_id": "SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_55-52_42-xen-1-2.1.x86_64"
},
"product_reference": "kgraft-patch-3_12_55-52_42-xen-1-2.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-ec2-3.12.55-52.42.1.x86_64 as component of SUSE Linux Enterprise Module for Public Cloud 12",
"product_id": "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.55-52.42.1.x86_64"
},
"product_reference": "kernel-ec2-3.12.55-52.42.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Public Cloud 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-ec2-devel-3.12.55-52.42.1.x86_64 as component of SUSE Linux Enterprise Module for Public Cloud 12",
"product_id": "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.55-52.42.1.x86_64"
},
"product_reference": "kernel-ec2-devel-3.12.55-52.42.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Public Cloud 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-ec2-extra-3.12.55-52.42.1.x86_64 as component of SUSE Linux Enterprise Module for Public Cloud 12",
"product_id": "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.55-52.42.1.x86_64"
},
"product_reference": "kernel-ec2-extra-3.12.55-52.42.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Public Cloud 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-docs-3.12.55-52.42.2.noarch as component of SUSE Linux Enterprise Software Development Kit 12",
"product_id": "SUSE Linux Enterprise Software Development Kit 12:kernel-docs-3.12.55-52.42.2.noarch"
},
"product_reference": "kernel-docs-3.12.55-52.42.2.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-obs-build-3.12.55-52.42.2.ppc64le as component of SUSE Linux Enterprise Software Development Kit 12",
"product_id": "SUSE Linux Enterprise Software Development Kit 12:kernel-obs-build-3.12.55-52.42.2.ppc64le"
},
"product_reference": "kernel-obs-build-3.12.55-52.42.2.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-obs-build-3.12.55-52.42.2.s390x as component of SUSE Linux Enterprise Software Development Kit 12",
"product_id": "SUSE Linux Enterprise Software Development Kit 12:kernel-obs-build-3.12.55-52.42.2.s390x"
},
"product_reference": "kernel-obs-build-3.12.55-52.42.2.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-obs-build-3.12.55-52.42.2.x86_64 as component of SUSE Linux Enterprise Software Development Kit 12",
"product_id": "SUSE Linux Enterprise Software Development Kit 12:kernel-obs-build-3.12.55-52.42.2.x86_64"
},
"product_reference": "kernel-obs-build-3.12.55-52.42.2.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-3.12.55-52.42.1.ppc64le as component of SUSE Linux Enterprise Server 12",
"product_id": "SUSE Linux Enterprise Server 12:kernel-default-3.12.55-52.42.1.ppc64le"
},
"product_reference": "kernel-default-3.12.55-52.42.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-3.12.55-52.42.1.s390x as component of SUSE Linux Enterprise Server 12",
"product_id": "SUSE Linux Enterprise Server 12:kernel-default-3.12.55-52.42.1.s390x"
},
"product_reference": "kernel-default-3.12.55-52.42.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-3.12.55-52.42.1.x86_64 as component of SUSE Linux Enterprise Server 12",
"product_id": "SUSE Linux Enterprise Server 12:kernel-default-3.12.55-52.42.1.x86_64"
},
"product_reference": "kernel-default-3.12.55-52.42.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-base-3.12.55-52.42.1.ppc64le as component of SUSE Linux Enterprise Server 12",
"product_id": "SUSE Linux Enterprise Server 12:kernel-default-base-3.12.55-52.42.1.ppc64le"
},
"product_reference": "kernel-default-base-3.12.55-52.42.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-base-3.12.55-52.42.1.s390x as component of SUSE Linux Enterprise Server 12",
"product_id": "SUSE Linux Enterprise Server 12:kernel-default-base-3.12.55-52.42.1.s390x"
},
"product_reference": "kernel-default-base-3.12.55-52.42.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-base-3.12.55-52.42.1.x86_64 as component of SUSE Linux Enterprise Server 12",
"product_id": "SUSE Linux Enterprise Server 12:kernel-default-base-3.12.55-52.42.1.x86_64"
},
"product_reference": "kernel-default-base-3.12.55-52.42.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-3.12.55-52.42.1.ppc64le as component of SUSE Linux Enterprise Server 12",
"product_id": "SUSE Linux Enterprise Server 12:kernel-default-devel-3.12.55-52.42.1.ppc64le"
},
"product_reference": "kernel-default-devel-3.12.55-52.42.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-3.12.55-52.42.1.s390x as component of SUSE Linux Enterprise Server 12",
"product_id": "SUSE Linux Enterprise Server 12:kernel-default-devel-3.12.55-52.42.1.s390x"
},
"product_reference": "kernel-default-devel-3.12.55-52.42.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-3.12.55-52.42.1.x86_64 as component of SUSE Linux Enterprise Server 12",
"product_id": "SUSE Linux Enterprise Server 12:kernel-default-devel-3.12.55-52.42.1.x86_64"
},
"product_reference": "kernel-default-devel-3.12.55-52.42.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-man-3.12.55-52.42.1.s390x as component of SUSE Linux Enterprise Server 12",
"product_id": "SUSE Linux Enterprise Server 12:kernel-default-man-3.12.55-52.42.1.s390x"
},
"product_reference": "kernel-default-man-3.12.55-52.42.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-devel-3.12.55-52.42.1.noarch as component of SUSE Linux Enterprise Server 12",
"product_id": "SUSE Linux Enterprise Server 12:kernel-devel-3.12.55-52.42.1.noarch"
},
"product_reference": "kernel-devel-3.12.55-52.42.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-macros-3.12.55-52.42.1.noarch as component of SUSE Linux Enterprise Server 12",
"product_id": "SUSE Linux Enterprise Server 12:kernel-macros-3.12.55-52.42.1.noarch"
},
"product_reference": "kernel-macros-3.12.55-52.42.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-source-3.12.55-52.42.1.noarch as component of SUSE Linux Enterprise Server 12",
"product_id": "SUSE Linux Enterprise Server 12:kernel-source-3.12.55-52.42.1.noarch"
},
"product_reference": "kernel-source-3.12.55-52.42.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-3.12.55-52.42.1.ppc64le as component of SUSE Linux Enterprise Server 12",
"product_id": "SUSE Linux Enterprise Server 12:kernel-syms-3.12.55-52.42.1.ppc64le"
},
"product_reference": "kernel-syms-3.12.55-52.42.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-3.12.55-52.42.1.s390x as component of SUSE Linux Enterprise Server 12",
"product_id": "SUSE Linux Enterprise Server 12:kernel-syms-3.12.55-52.42.1.s390x"
},
"product_reference": "kernel-syms-3.12.55-52.42.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-3.12.55-52.42.1.x86_64 as component of SUSE Linux Enterprise Server 12",
"product_id": "SUSE Linux Enterprise Server 12:kernel-syms-3.12.55-52.42.1.x86_64"
},
"product_reference": "kernel-syms-3.12.55-52.42.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-xen-3.12.55-52.42.1.x86_64 as component of SUSE Linux Enterprise Server 12",
"product_id": "SUSE Linux Enterprise Server 12:kernel-xen-3.12.55-52.42.1.x86_64"
},
"product_reference": "kernel-xen-3.12.55-52.42.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-xen-base-3.12.55-52.42.1.x86_64 as component of SUSE Linux Enterprise Server 12",
"product_id": "SUSE Linux Enterprise Server 12:kernel-xen-base-3.12.55-52.42.1.x86_64"
},
"product_reference": "kernel-xen-base-3.12.55-52.42.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-xen-devel-3.12.55-52.42.1.x86_64 as component of SUSE Linux Enterprise Server 12",
"product_id": "SUSE Linux Enterprise Server 12:kernel-xen-devel-3.12.55-52.42.1.x86_64"
},
"product_reference": "kernel-xen-devel-3.12.55-52.42.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-3.12.55-52.42.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-3.12.55-52.42.1.ppc64le"
},
"product_reference": "kernel-default-3.12.55-52.42.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-3.12.55-52.42.1.s390x as component of SUSE Linux Enterprise Server for SAP Applications 12",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-3.12.55-52.42.1.s390x"
},
"product_reference": "kernel-default-3.12.55-52.42.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-3.12.55-52.42.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-3.12.55-52.42.1.x86_64"
},
"product_reference": "kernel-default-3.12.55-52.42.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-base-3.12.55-52.42.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-base-3.12.55-52.42.1.ppc64le"
},
"product_reference": "kernel-default-base-3.12.55-52.42.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-base-3.12.55-52.42.1.s390x as component of SUSE Linux Enterprise Server for SAP Applications 12",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-base-3.12.55-52.42.1.s390x"
},
"product_reference": "kernel-default-base-3.12.55-52.42.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-base-3.12.55-52.42.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-base-3.12.55-52.42.1.x86_64"
},
"product_reference": "kernel-default-base-3.12.55-52.42.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-3.12.55-52.42.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-devel-3.12.55-52.42.1.ppc64le"
},
"product_reference": "kernel-default-devel-3.12.55-52.42.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-3.12.55-52.42.1.s390x as component of SUSE Linux Enterprise Server for SAP Applications 12",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-devel-3.12.55-52.42.1.s390x"
},
"product_reference": "kernel-default-devel-3.12.55-52.42.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-3.12.55-52.42.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-devel-3.12.55-52.42.1.x86_64"
},
"product_reference": "kernel-default-devel-3.12.55-52.42.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-man-3.12.55-52.42.1.s390x as component of SUSE Linux Enterprise Server for SAP Applications 12",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-man-3.12.55-52.42.1.s390x"
},
"product_reference": "kernel-default-man-3.12.55-52.42.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-devel-3.12.55-52.42.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 12",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12:kernel-devel-3.12.55-52.42.1.noarch"
},
"product_reference": "kernel-devel-3.12.55-52.42.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-macros-3.12.55-52.42.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 12",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12:kernel-macros-3.12.55-52.42.1.noarch"
},
"product_reference": "kernel-macros-3.12.55-52.42.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-source-3.12.55-52.42.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 12",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12:kernel-source-3.12.55-52.42.1.noarch"
},
"product_reference": "kernel-source-3.12.55-52.42.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-3.12.55-52.42.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12:kernel-syms-3.12.55-52.42.1.ppc64le"
},
"product_reference": "kernel-syms-3.12.55-52.42.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-3.12.55-52.42.1.s390x as component of SUSE Linux Enterprise Server for SAP Applications 12",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12:kernel-syms-3.12.55-52.42.1.s390x"
},
"product_reference": "kernel-syms-3.12.55-52.42.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-3.12.55-52.42.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12:kernel-syms-3.12.55-52.42.1.x86_64"
},
"product_reference": "kernel-syms-3.12.55-52.42.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-xen-3.12.55-52.42.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-3.12.55-52.42.1.x86_64"
},
"product_reference": "kernel-xen-3.12.55-52.42.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-xen-base-3.12.55-52.42.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-base-3.12.55-52.42.1.x86_64"
},
"product_reference": "kernel-xen-base-3.12.55-52.42.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-xen-devel-3.12.55-52.42.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-devel-3.12.55-52.42.1.x86_64"
},
"product_reference": "kernel-xen-devel-3.12.55-52.42.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-extra-3.12.55-52.42.1.x86_64 as component of SUSE Linux Enterprise Workstation Extension 12",
"product_id": "SUSE Linux Enterprise Workstation Extension 12:kernel-default-extra-3.12.55-52.42.1.x86_64"
},
"product_reference": "kernel-default-extra-3.12.55-52.42.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Workstation Extension 12"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2013-7446",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-7446"
}
],
"notes": [
{
"category": "general",
"text": "Use-after-free vulnerability in net/unix/af_unix.c in the Linux kernel before 4.3.3 allows local users to bypass intended AF_UNIX socket permissions or cause a denial of service (panic) via crafted epoll_ctl calls.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12:kernel-default-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Desktop 12:kernel-default-devel-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Desktop 12:kernel-default-extra-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Desktop 12:kernel-devel-3.12.55-52.42.1.noarch",
"SUSE Linux Enterprise Desktop 12:kernel-macros-3.12.55-52.42.1.noarch",
"SUSE Linux Enterprise Desktop 12:kernel-source-3.12.55-52.42.1.noarch",
"SUSE Linux Enterprise Desktop 12:kernel-syms-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Desktop 12:kernel-xen-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Desktop 12:kernel-xen-devel-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_55-52_42-default-1-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_55-52_42-xen-1-2.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server 12:kernel-default-3.12.55-52.42.1.ppc64le",
"SUSE Linux Enterprise Server 12:kernel-default-3.12.55-52.42.1.s390x",
"SUSE Linux Enterprise Server 12:kernel-default-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server 12:kernel-default-base-3.12.55-52.42.1.ppc64le",
"SUSE Linux Enterprise Server 12:kernel-default-base-3.12.55-52.42.1.s390x",
"SUSE Linux Enterprise Server 12:kernel-default-base-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server 12:kernel-default-devel-3.12.55-52.42.1.ppc64le",
"SUSE Linux Enterprise Server 12:kernel-default-devel-3.12.55-52.42.1.s390x",
"SUSE Linux Enterprise Server 12:kernel-default-devel-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server 12:kernel-default-man-3.12.55-52.42.1.s390x",
"SUSE Linux Enterprise Server 12:kernel-devel-3.12.55-52.42.1.noarch",
"SUSE Linux Enterprise Server 12:kernel-macros-3.12.55-52.42.1.noarch",
"SUSE Linux Enterprise Server 12:kernel-source-3.12.55-52.42.1.noarch",
"SUSE Linux Enterprise Server 12:kernel-syms-3.12.55-52.42.1.ppc64le",
"SUSE Linux Enterprise Server 12:kernel-syms-3.12.55-52.42.1.s390x",
"SUSE Linux Enterprise Server 12:kernel-syms-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server 12:kernel-xen-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server 12:kernel-xen-base-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server 12:kernel-xen-devel-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-3.12.55-52.42.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-3.12.55-52.42.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-base-3.12.55-52.42.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-base-3.12.55-52.42.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-base-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-devel-3.12.55-52.42.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-devel-3.12.55-52.42.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-devel-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-man-3.12.55-52.42.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-devel-3.12.55-52.42.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-macros-3.12.55-52.42.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-source-3.12.55-52.42.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-syms-3.12.55-52.42.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-syms-3.12.55-52.42.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-syms-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-base-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-devel-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12:kernel-docs-3.12.55-52.42.2.noarch",
"SUSE Linux Enterprise Software Development Kit 12:kernel-obs-build-3.12.55-52.42.2.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12:kernel-obs-build-3.12.55-52.42.2.s390x",
"SUSE Linux Enterprise Software Development Kit 12:kernel-obs-build-3.12.55-52.42.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 12:kernel-default-extra-3.12.55-52.42.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-7446",
"url": "https://www.suse.com/security/cve/CVE-2013-7446"
},
{
"category": "external",
"summary": "SUSE Bug 1020452 for CVE-2013-7446",
"url": "https://bugzilla.suse.com/1020452"
},
{
"category": "external",
"summary": "SUSE Bug 955654 for CVE-2013-7446",
"url": "https://bugzilla.suse.com/955654"
},
{
"category": "external",
"summary": "SUSE Bug 955837 for CVE-2013-7446",
"url": "https://bugzilla.suse.com/955837"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12:kernel-default-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Desktop 12:kernel-default-devel-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Desktop 12:kernel-default-extra-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Desktop 12:kernel-devel-3.12.55-52.42.1.noarch",
"SUSE Linux Enterprise Desktop 12:kernel-macros-3.12.55-52.42.1.noarch",
"SUSE Linux Enterprise Desktop 12:kernel-source-3.12.55-52.42.1.noarch",
"SUSE Linux Enterprise Desktop 12:kernel-syms-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Desktop 12:kernel-xen-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Desktop 12:kernel-xen-devel-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_55-52_42-default-1-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_55-52_42-xen-1-2.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server 12:kernel-default-3.12.55-52.42.1.ppc64le",
"SUSE Linux Enterprise Server 12:kernel-default-3.12.55-52.42.1.s390x",
"SUSE Linux Enterprise Server 12:kernel-default-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server 12:kernel-default-base-3.12.55-52.42.1.ppc64le",
"SUSE Linux Enterprise Server 12:kernel-default-base-3.12.55-52.42.1.s390x",
"SUSE Linux Enterprise Server 12:kernel-default-base-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server 12:kernel-default-devel-3.12.55-52.42.1.ppc64le",
"SUSE Linux Enterprise Server 12:kernel-default-devel-3.12.55-52.42.1.s390x",
"SUSE Linux Enterprise Server 12:kernel-default-devel-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server 12:kernel-default-man-3.12.55-52.42.1.s390x",
"SUSE Linux Enterprise Server 12:kernel-devel-3.12.55-52.42.1.noarch",
"SUSE Linux Enterprise Server 12:kernel-macros-3.12.55-52.42.1.noarch",
"SUSE Linux Enterprise Server 12:kernel-source-3.12.55-52.42.1.noarch",
"SUSE Linux Enterprise Server 12:kernel-syms-3.12.55-52.42.1.ppc64le",
"SUSE Linux Enterprise Server 12:kernel-syms-3.12.55-52.42.1.s390x",
"SUSE Linux Enterprise Server 12:kernel-syms-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server 12:kernel-xen-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server 12:kernel-xen-base-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server 12:kernel-xen-devel-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-3.12.55-52.42.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-3.12.55-52.42.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-base-3.12.55-52.42.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-base-3.12.55-52.42.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-base-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-devel-3.12.55-52.42.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-devel-3.12.55-52.42.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-devel-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-man-3.12.55-52.42.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-devel-3.12.55-52.42.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-macros-3.12.55-52.42.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-source-3.12.55-52.42.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-syms-3.12.55-52.42.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-syms-3.12.55-52.42.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-syms-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-base-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-devel-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12:kernel-docs-3.12.55-52.42.2.noarch",
"SUSE Linux Enterprise Software Development Kit 12:kernel-obs-build-3.12.55-52.42.2.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12:kernel-obs-build-3.12.55-52.42.2.s390x",
"SUSE Linux Enterprise Software Development Kit 12:kernel-obs-build-3.12.55-52.42.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 12:kernel-default-extra-3.12.55-52.42.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Desktop 12:kernel-default-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Desktop 12:kernel-default-devel-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Desktop 12:kernel-default-extra-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Desktop 12:kernel-devel-3.12.55-52.42.1.noarch",
"SUSE Linux Enterprise Desktop 12:kernel-macros-3.12.55-52.42.1.noarch",
"SUSE Linux Enterprise Desktop 12:kernel-source-3.12.55-52.42.1.noarch",
"SUSE Linux Enterprise Desktop 12:kernel-syms-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Desktop 12:kernel-xen-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Desktop 12:kernel-xen-devel-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_55-52_42-default-1-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_55-52_42-xen-1-2.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server 12:kernel-default-3.12.55-52.42.1.ppc64le",
"SUSE Linux Enterprise Server 12:kernel-default-3.12.55-52.42.1.s390x",
"SUSE Linux Enterprise Server 12:kernel-default-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server 12:kernel-default-base-3.12.55-52.42.1.ppc64le",
"SUSE Linux Enterprise Server 12:kernel-default-base-3.12.55-52.42.1.s390x",
"SUSE Linux Enterprise Server 12:kernel-default-base-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server 12:kernel-default-devel-3.12.55-52.42.1.ppc64le",
"SUSE Linux Enterprise Server 12:kernel-default-devel-3.12.55-52.42.1.s390x",
"SUSE Linux Enterprise Server 12:kernel-default-devel-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server 12:kernel-default-man-3.12.55-52.42.1.s390x",
"SUSE Linux Enterprise Server 12:kernel-devel-3.12.55-52.42.1.noarch",
"SUSE Linux Enterprise Server 12:kernel-macros-3.12.55-52.42.1.noarch",
"SUSE Linux Enterprise Server 12:kernel-source-3.12.55-52.42.1.noarch",
"SUSE Linux Enterprise Server 12:kernel-syms-3.12.55-52.42.1.ppc64le",
"SUSE Linux Enterprise Server 12:kernel-syms-3.12.55-52.42.1.s390x",
"SUSE Linux Enterprise Server 12:kernel-syms-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server 12:kernel-xen-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server 12:kernel-xen-base-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server 12:kernel-xen-devel-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-3.12.55-52.42.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-3.12.55-52.42.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-base-3.12.55-52.42.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-base-3.12.55-52.42.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-base-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-devel-3.12.55-52.42.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-devel-3.12.55-52.42.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-devel-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-man-3.12.55-52.42.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-devel-3.12.55-52.42.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-macros-3.12.55-52.42.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-source-3.12.55-52.42.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-syms-3.12.55-52.42.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-syms-3.12.55-52.42.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-syms-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-base-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-devel-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12:kernel-docs-3.12.55-52.42.2.noarch",
"SUSE Linux Enterprise Software Development Kit 12:kernel-obs-build-3.12.55-52.42.2.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12:kernel-obs-build-3.12.55-52.42.2.s390x",
"SUSE Linux Enterprise Software Development Kit 12:kernel-obs-build-3.12.55-52.42.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 12:kernel-default-extra-3.12.55-52.42.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-03-16T10:39:32Z",
"details": "moderate"
}
],
"title": "CVE-2013-7446"
},
{
"cve": "CVE-2015-5707",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-5707"
}
],
"notes": [
{
"category": "general",
"text": "Integer overflow in the sg_start_req function in drivers/scsi/sg.c in the Linux kernel 2.6.x through 4.x before 4.1 allows local users to cause a denial of service or possibly have unspecified other impact via a large iov_count value in a write request.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12:kernel-default-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Desktop 12:kernel-default-devel-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Desktop 12:kernel-default-extra-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Desktop 12:kernel-devel-3.12.55-52.42.1.noarch",
"SUSE Linux Enterprise Desktop 12:kernel-macros-3.12.55-52.42.1.noarch",
"SUSE Linux Enterprise Desktop 12:kernel-source-3.12.55-52.42.1.noarch",
"SUSE Linux Enterprise Desktop 12:kernel-syms-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Desktop 12:kernel-xen-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Desktop 12:kernel-xen-devel-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_55-52_42-default-1-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_55-52_42-xen-1-2.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server 12:kernel-default-3.12.55-52.42.1.ppc64le",
"SUSE Linux Enterprise Server 12:kernel-default-3.12.55-52.42.1.s390x",
"SUSE Linux Enterprise Server 12:kernel-default-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server 12:kernel-default-base-3.12.55-52.42.1.ppc64le",
"SUSE Linux Enterprise Server 12:kernel-default-base-3.12.55-52.42.1.s390x",
"SUSE Linux Enterprise Server 12:kernel-default-base-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server 12:kernel-default-devel-3.12.55-52.42.1.ppc64le",
"SUSE Linux Enterprise Server 12:kernel-default-devel-3.12.55-52.42.1.s390x",
"SUSE Linux Enterprise Server 12:kernel-default-devel-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server 12:kernel-default-man-3.12.55-52.42.1.s390x",
"SUSE Linux Enterprise Server 12:kernel-devel-3.12.55-52.42.1.noarch",
"SUSE Linux Enterprise Server 12:kernel-macros-3.12.55-52.42.1.noarch",
"SUSE Linux Enterprise Server 12:kernel-source-3.12.55-52.42.1.noarch",
"SUSE Linux Enterprise Server 12:kernel-syms-3.12.55-52.42.1.ppc64le",
"SUSE Linux Enterprise Server 12:kernel-syms-3.12.55-52.42.1.s390x",
"SUSE Linux Enterprise Server 12:kernel-syms-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server 12:kernel-xen-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server 12:kernel-xen-base-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server 12:kernel-xen-devel-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-3.12.55-52.42.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-3.12.55-52.42.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-base-3.12.55-52.42.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-base-3.12.55-52.42.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-base-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-devel-3.12.55-52.42.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-devel-3.12.55-52.42.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-devel-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-man-3.12.55-52.42.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-devel-3.12.55-52.42.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-macros-3.12.55-52.42.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-source-3.12.55-52.42.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-syms-3.12.55-52.42.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-syms-3.12.55-52.42.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-syms-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-base-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-devel-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12:kernel-docs-3.12.55-52.42.2.noarch",
"SUSE Linux Enterprise Software Development Kit 12:kernel-obs-build-3.12.55-52.42.2.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12:kernel-obs-build-3.12.55-52.42.2.s390x",
"SUSE Linux Enterprise Software Development Kit 12:kernel-obs-build-3.12.55-52.42.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 12:kernel-default-extra-3.12.55-52.42.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-5707",
"url": "https://www.suse.com/security/cve/CVE-2015-5707"
},
{
"category": "external",
"summary": "SUSE Bug 923755 for CVE-2015-5707",
"url": "https://bugzilla.suse.com/923755"
},
{
"category": "external",
"summary": "SUSE Bug 940338 for CVE-2015-5707",
"url": "https://bugzilla.suse.com/940338"
},
{
"category": "external",
"summary": "SUSE Bug 940342 for CVE-2015-5707",
"url": "https://bugzilla.suse.com/940342"
},
{
"category": "external",
"summary": "SUSE Bug 963994 for CVE-2015-5707",
"url": "https://bugzilla.suse.com/963994"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12:kernel-default-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Desktop 12:kernel-default-devel-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Desktop 12:kernel-default-extra-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Desktop 12:kernel-devel-3.12.55-52.42.1.noarch",
"SUSE Linux Enterprise Desktop 12:kernel-macros-3.12.55-52.42.1.noarch",
"SUSE Linux Enterprise Desktop 12:kernel-source-3.12.55-52.42.1.noarch",
"SUSE Linux Enterprise Desktop 12:kernel-syms-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Desktop 12:kernel-xen-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Desktop 12:kernel-xen-devel-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_55-52_42-default-1-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_55-52_42-xen-1-2.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server 12:kernel-default-3.12.55-52.42.1.ppc64le",
"SUSE Linux Enterprise Server 12:kernel-default-3.12.55-52.42.1.s390x",
"SUSE Linux Enterprise Server 12:kernel-default-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server 12:kernel-default-base-3.12.55-52.42.1.ppc64le",
"SUSE Linux Enterprise Server 12:kernel-default-base-3.12.55-52.42.1.s390x",
"SUSE Linux Enterprise Server 12:kernel-default-base-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server 12:kernel-default-devel-3.12.55-52.42.1.ppc64le",
"SUSE Linux Enterprise Server 12:kernel-default-devel-3.12.55-52.42.1.s390x",
"SUSE Linux Enterprise Server 12:kernel-default-devel-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server 12:kernel-default-man-3.12.55-52.42.1.s390x",
"SUSE Linux Enterprise Server 12:kernel-devel-3.12.55-52.42.1.noarch",
"SUSE Linux Enterprise Server 12:kernel-macros-3.12.55-52.42.1.noarch",
"SUSE Linux Enterprise Server 12:kernel-source-3.12.55-52.42.1.noarch",
"SUSE Linux Enterprise Server 12:kernel-syms-3.12.55-52.42.1.ppc64le",
"SUSE Linux Enterprise Server 12:kernel-syms-3.12.55-52.42.1.s390x",
"SUSE Linux Enterprise Server 12:kernel-syms-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server 12:kernel-xen-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server 12:kernel-xen-base-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server 12:kernel-xen-devel-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-3.12.55-52.42.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-3.12.55-52.42.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-base-3.12.55-52.42.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-base-3.12.55-52.42.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-base-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-devel-3.12.55-52.42.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-devel-3.12.55-52.42.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-devel-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-man-3.12.55-52.42.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-devel-3.12.55-52.42.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-macros-3.12.55-52.42.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-source-3.12.55-52.42.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-syms-3.12.55-52.42.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-syms-3.12.55-52.42.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-syms-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-base-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-devel-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12:kernel-docs-3.12.55-52.42.2.noarch",
"SUSE Linux Enterprise Software Development Kit 12:kernel-obs-build-3.12.55-52.42.2.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12:kernel-obs-build-3.12.55-52.42.2.s390x",
"SUSE Linux Enterprise Software Development Kit 12:kernel-obs-build-3.12.55-52.42.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 12:kernel-default-extra-3.12.55-52.42.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-03-16T10:39:32Z",
"details": "moderate"
}
],
"title": "CVE-2015-5707"
},
{
"cve": "CVE-2015-8709",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-8709"
}
],
"notes": [
{
"category": "general",
"text": "kernel/ptrace.c in the Linux kernel through 4.4.1 mishandles uid and gid mappings, which allows local users to gain privileges by establishing a user namespace, waiting for a root process to enter that namespace with an unsafe uid or gid, and then using the ptrace system call. NOTE: the vendor states \"there is no kernel bug here.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12:kernel-default-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Desktop 12:kernel-default-devel-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Desktop 12:kernel-default-extra-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Desktop 12:kernel-devel-3.12.55-52.42.1.noarch",
"SUSE Linux Enterprise Desktop 12:kernel-macros-3.12.55-52.42.1.noarch",
"SUSE Linux Enterprise Desktop 12:kernel-source-3.12.55-52.42.1.noarch",
"SUSE Linux Enterprise Desktop 12:kernel-syms-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Desktop 12:kernel-xen-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Desktop 12:kernel-xen-devel-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_55-52_42-default-1-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_55-52_42-xen-1-2.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server 12:kernel-default-3.12.55-52.42.1.ppc64le",
"SUSE Linux Enterprise Server 12:kernel-default-3.12.55-52.42.1.s390x",
"SUSE Linux Enterprise Server 12:kernel-default-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server 12:kernel-default-base-3.12.55-52.42.1.ppc64le",
"SUSE Linux Enterprise Server 12:kernel-default-base-3.12.55-52.42.1.s390x",
"SUSE Linux Enterprise Server 12:kernel-default-base-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server 12:kernel-default-devel-3.12.55-52.42.1.ppc64le",
"SUSE Linux Enterprise Server 12:kernel-default-devel-3.12.55-52.42.1.s390x",
"SUSE Linux Enterprise Server 12:kernel-default-devel-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server 12:kernel-default-man-3.12.55-52.42.1.s390x",
"SUSE Linux Enterprise Server 12:kernel-devel-3.12.55-52.42.1.noarch",
"SUSE Linux Enterprise Server 12:kernel-macros-3.12.55-52.42.1.noarch",
"SUSE Linux Enterprise Server 12:kernel-source-3.12.55-52.42.1.noarch",
"SUSE Linux Enterprise Server 12:kernel-syms-3.12.55-52.42.1.ppc64le",
"SUSE Linux Enterprise Server 12:kernel-syms-3.12.55-52.42.1.s390x",
"SUSE Linux Enterprise Server 12:kernel-syms-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server 12:kernel-xen-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server 12:kernel-xen-base-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server 12:kernel-xen-devel-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-3.12.55-52.42.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-3.12.55-52.42.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-base-3.12.55-52.42.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-base-3.12.55-52.42.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-base-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-devel-3.12.55-52.42.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-devel-3.12.55-52.42.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-devel-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-man-3.12.55-52.42.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-devel-3.12.55-52.42.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-macros-3.12.55-52.42.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-source-3.12.55-52.42.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-syms-3.12.55-52.42.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-syms-3.12.55-52.42.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-syms-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-base-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-devel-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12:kernel-docs-3.12.55-52.42.2.noarch",
"SUSE Linux Enterprise Software Development Kit 12:kernel-obs-build-3.12.55-52.42.2.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12:kernel-obs-build-3.12.55-52.42.2.s390x",
"SUSE Linux Enterprise Software Development Kit 12:kernel-obs-build-3.12.55-52.42.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 12:kernel-default-extra-3.12.55-52.42.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-8709",
"url": "https://www.suse.com/security/cve/CVE-2015-8709"
},
{
"category": "external",
"summary": "SUSE Bug 1010933 for CVE-2015-8709",
"url": "https://bugzilla.suse.com/1010933"
},
{
"category": "external",
"summary": "SUSE Bug 959709 for CVE-2015-8709",
"url": "https://bugzilla.suse.com/959709"
},
{
"category": "external",
"summary": "SUSE Bug 960561 for CVE-2015-8709",
"url": "https://bugzilla.suse.com/960561"
},
{
"category": "external",
"summary": "SUSE Bug 960563 for CVE-2015-8709",
"url": "https://bugzilla.suse.com/960563"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12:kernel-default-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Desktop 12:kernel-default-devel-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Desktop 12:kernel-default-extra-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Desktop 12:kernel-devel-3.12.55-52.42.1.noarch",
"SUSE Linux Enterprise Desktop 12:kernel-macros-3.12.55-52.42.1.noarch",
"SUSE Linux Enterprise Desktop 12:kernel-source-3.12.55-52.42.1.noarch",
"SUSE Linux Enterprise Desktop 12:kernel-syms-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Desktop 12:kernel-xen-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Desktop 12:kernel-xen-devel-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_55-52_42-default-1-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_55-52_42-xen-1-2.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server 12:kernel-default-3.12.55-52.42.1.ppc64le",
"SUSE Linux Enterprise Server 12:kernel-default-3.12.55-52.42.1.s390x",
"SUSE Linux Enterprise Server 12:kernel-default-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server 12:kernel-default-base-3.12.55-52.42.1.ppc64le",
"SUSE Linux Enterprise Server 12:kernel-default-base-3.12.55-52.42.1.s390x",
"SUSE Linux Enterprise Server 12:kernel-default-base-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server 12:kernel-default-devel-3.12.55-52.42.1.ppc64le",
"SUSE Linux Enterprise Server 12:kernel-default-devel-3.12.55-52.42.1.s390x",
"SUSE Linux Enterprise Server 12:kernel-default-devel-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server 12:kernel-default-man-3.12.55-52.42.1.s390x",
"SUSE Linux Enterprise Server 12:kernel-devel-3.12.55-52.42.1.noarch",
"SUSE Linux Enterprise Server 12:kernel-macros-3.12.55-52.42.1.noarch",
"SUSE Linux Enterprise Server 12:kernel-source-3.12.55-52.42.1.noarch",
"SUSE Linux Enterprise Server 12:kernel-syms-3.12.55-52.42.1.ppc64le",
"SUSE Linux Enterprise Server 12:kernel-syms-3.12.55-52.42.1.s390x",
"SUSE Linux Enterprise Server 12:kernel-syms-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server 12:kernel-xen-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server 12:kernel-xen-base-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server 12:kernel-xen-devel-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-3.12.55-52.42.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-3.12.55-52.42.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-base-3.12.55-52.42.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-base-3.12.55-52.42.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-base-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-devel-3.12.55-52.42.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-devel-3.12.55-52.42.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-devel-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-man-3.12.55-52.42.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-devel-3.12.55-52.42.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-macros-3.12.55-52.42.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-source-3.12.55-52.42.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-syms-3.12.55-52.42.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-syms-3.12.55-52.42.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-syms-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-base-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-devel-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12:kernel-docs-3.12.55-52.42.2.noarch",
"SUSE Linux Enterprise Software Development Kit 12:kernel-obs-build-3.12.55-52.42.2.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12:kernel-obs-build-3.12.55-52.42.2.s390x",
"SUSE Linux Enterprise Software Development Kit 12:kernel-obs-build-3.12.55-52.42.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 12:kernel-default-extra-3.12.55-52.42.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Desktop 12:kernel-default-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Desktop 12:kernel-default-devel-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Desktop 12:kernel-default-extra-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Desktop 12:kernel-devel-3.12.55-52.42.1.noarch",
"SUSE Linux Enterprise Desktop 12:kernel-macros-3.12.55-52.42.1.noarch",
"SUSE Linux Enterprise Desktop 12:kernel-source-3.12.55-52.42.1.noarch",
"SUSE Linux Enterprise Desktop 12:kernel-syms-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Desktop 12:kernel-xen-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Desktop 12:kernel-xen-devel-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_55-52_42-default-1-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_55-52_42-xen-1-2.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server 12:kernel-default-3.12.55-52.42.1.ppc64le",
"SUSE Linux Enterprise Server 12:kernel-default-3.12.55-52.42.1.s390x",
"SUSE Linux Enterprise Server 12:kernel-default-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server 12:kernel-default-base-3.12.55-52.42.1.ppc64le",
"SUSE Linux Enterprise Server 12:kernel-default-base-3.12.55-52.42.1.s390x",
"SUSE Linux Enterprise Server 12:kernel-default-base-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server 12:kernel-default-devel-3.12.55-52.42.1.ppc64le",
"SUSE Linux Enterprise Server 12:kernel-default-devel-3.12.55-52.42.1.s390x",
"SUSE Linux Enterprise Server 12:kernel-default-devel-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server 12:kernel-default-man-3.12.55-52.42.1.s390x",
"SUSE Linux Enterprise Server 12:kernel-devel-3.12.55-52.42.1.noarch",
"SUSE Linux Enterprise Server 12:kernel-macros-3.12.55-52.42.1.noarch",
"SUSE Linux Enterprise Server 12:kernel-source-3.12.55-52.42.1.noarch",
"SUSE Linux Enterprise Server 12:kernel-syms-3.12.55-52.42.1.ppc64le",
"SUSE Linux Enterprise Server 12:kernel-syms-3.12.55-52.42.1.s390x",
"SUSE Linux Enterprise Server 12:kernel-syms-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server 12:kernel-xen-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server 12:kernel-xen-base-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server 12:kernel-xen-devel-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-3.12.55-52.42.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-3.12.55-52.42.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-base-3.12.55-52.42.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-base-3.12.55-52.42.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-base-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-devel-3.12.55-52.42.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-devel-3.12.55-52.42.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-devel-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-man-3.12.55-52.42.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-devel-3.12.55-52.42.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-macros-3.12.55-52.42.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-source-3.12.55-52.42.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-syms-3.12.55-52.42.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-syms-3.12.55-52.42.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-syms-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-base-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-devel-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12:kernel-docs-3.12.55-52.42.2.noarch",
"SUSE Linux Enterprise Software Development Kit 12:kernel-obs-build-3.12.55-52.42.2.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12:kernel-obs-build-3.12.55-52.42.2.s390x",
"SUSE Linux Enterprise Software Development Kit 12:kernel-obs-build-3.12.55-52.42.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 12:kernel-default-extra-3.12.55-52.42.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-03-16T10:39:32Z",
"details": "moderate"
}
],
"title": "CVE-2015-8709"
},
{
"cve": "CVE-2015-8767",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-8767"
}
],
"notes": [
{
"category": "general",
"text": "net/sctp/sm_sideeffect.c in the Linux kernel before 4.3 does not properly manage the relationship between a lock and a socket, which allows local users to cause a denial of service (deadlock) via a crafted sctp_accept call.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12:kernel-default-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Desktop 12:kernel-default-devel-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Desktop 12:kernel-default-extra-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Desktop 12:kernel-devel-3.12.55-52.42.1.noarch",
"SUSE Linux Enterprise Desktop 12:kernel-macros-3.12.55-52.42.1.noarch",
"SUSE Linux Enterprise Desktop 12:kernel-source-3.12.55-52.42.1.noarch",
"SUSE Linux Enterprise Desktop 12:kernel-syms-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Desktop 12:kernel-xen-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Desktop 12:kernel-xen-devel-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_55-52_42-default-1-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_55-52_42-xen-1-2.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server 12:kernel-default-3.12.55-52.42.1.ppc64le",
"SUSE Linux Enterprise Server 12:kernel-default-3.12.55-52.42.1.s390x",
"SUSE Linux Enterprise Server 12:kernel-default-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server 12:kernel-default-base-3.12.55-52.42.1.ppc64le",
"SUSE Linux Enterprise Server 12:kernel-default-base-3.12.55-52.42.1.s390x",
"SUSE Linux Enterprise Server 12:kernel-default-base-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server 12:kernel-default-devel-3.12.55-52.42.1.ppc64le",
"SUSE Linux Enterprise Server 12:kernel-default-devel-3.12.55-52.42.1.s390x",
"SUSE Linux Enterprise Server 12:kernel-default-devel-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server 12:kernel-default-man-3.12.55-52.42.1.s390x",
"SUSE Linux Enterprise Server 12:kernel-devel-3.12.55-52.42.1.noarch",
"SUSE Linux Enterprise Server 12:kernel-macros-3.12.55-52.42.1.noarch",
"SUSE Linux Enterprise Server 12:kernel-source-3.12.55-52.42.1.noarch",
"SUSE Linux Enterprise Server 12:kernel-syms-3.12.55-52.42.1.ppc64le",
"SUSE Linux Enterprise Server 12:kernel-syms-3.12.55-52.42.1.s390x",
"SUSE Linux Enterprise Server 12:kernel-syms-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server 12:kernel-xen-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server 12:kernel-xen-base-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server 12:kernel-xen-devel-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-3.12.55-52.42.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-3.12.55-52.42.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-base-3.12.55-52.42.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-base-3.12.55-52.42.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-base-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-devel-3.12.55-52.42.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-devel-3.12.55-52.42.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-devel-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-man-3.12.55-52.42.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-devel-3.12.55-52.42.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-macros-3.12.55-52.42.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-source-3.12.55-52.42.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-syms-3.12.55-52.42.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-syms-3.12.55-52.42.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-syms-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-base-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-devel-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12:kernel-docs-3.12.55-52.42.2.noarch",
"SUSE Linux Enterprise Software Development Kit 12:kernel-obs-build-3.12.55-52.42.2.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12:kernel-obs-build-3.12.55-52.42.2.s390x",
"SUSE Linux Enterprise Software Development Kit 12:kernel-obs-build-3.12.55-52.42.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 12:kernel-default-extra-3.12.55-52.42.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-8767",
"url": "https://www.suse.com/security/cve/CVE-2015-8767"
},
{
"category": "external",
"summary": "SUSE Bug 1020452 for CVE-2015-8767",
"url": "https://bugzilla.suse.com/1020452"
},
{
"category": "external",
"summary": "SUSE Bug 1115893 for CVE-2015-8767",
"url": "https://bugzilla.suse.com/1115893"
},
{
"category": "external",
"summary": "SUSE Bug 961509 for CVE-2015-8767",
"url": "https://bugzilla.suse.com/961509"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12:kernel-default-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Desktop 12:kernel-default-devel-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Desktop 12:kernel-default-extra-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Desktop 12:kernel-devel-3.12.55-52.42.1.noarch",
"SUSE Linux Enterprise Desktop 12:kernel-macros-3.12.55-52.42.1.noarch",
"SUSE Linux Enterprise Desktop 12:kernel-source-3.12.55-52.42.1.noarch",
"SUSE Linux Enterprise Desktop 12:kernel-syms-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Desktop 12:kernel-xen-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Desktop 12:kernel-xen-devel-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_55-52_42-default-1-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_55-52_42-xen-1-2.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server 12:kernel-default-3.12.55-52.42.1.ppc64le",
"SUSE Linux Enterprise Server 12:kernel-default-3.12.55-52.42.1.s390x",
"SUSE Linux Enterprise Server 12:kernel-default-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server 12:kernel-default-base-3.12.55-52.42.1.ppc64le",
"SUSE Linux Enterprise Server 12:kernel-default-base-3.12.55-52.42.1.s390x",
"SUSE Linux Enterprise Server 12:kernel-default-base-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server 12:kernel-default-devel-3.12.55-52.42.1.ppc64le",
"SUSE Linux Enterprise Server 12:kernel-default-devel-3.12.55-52.42.1.s390x",
"SUSE Linux Enterprise Server 12:kernel-default-devel-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server 12:kernel-default-man-3.12.55-52.42.1.s390x",
"SUSE Linux Enterprise Server 12:kernel-devel-3.12.55-52.42.1.noarch",
"SUSE Linux Enterprise Server 12:kernel-macros-3.12.55-52.42.1.noarch",
"SUSE Linux Enterprise Server 12:kernel-source-3.12.55-52.42.1.noarch",
"SUSE Linux Enterprise Server 12:kernel-syms-3.12.55-52.42.1.ppc64le",
"SUSE Linux Enterprise Server 12:kernel-syms-3.12.55-52.42.1.s390x",
"SUSE Linux Enterprise Server 12:kernel-syms-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server 12:kernel-xen-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server 12:kernel-xen-base-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server 12:kernel-xen-devel-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-3.12.55-52.42.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-3.12.55-52.42.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-base-3.12.55-52.42.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-base-3.12.55-52.42.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-base-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-devel-3.12.55-52.42.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-devel-3.12.55-52.42.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-devel-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-man-3.12.55-52.42.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-devel-3.12.55-52.42.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-macros-3.12.55-52.42.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-source-3.12.55-52.42.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-syms-3.12.55-52.42.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-syms-3.12.55-52.42.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-syms-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-base-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-devel-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12:kernel-docs-3.12.55-52.42.2.noarch",
"SUSE Linux Enterprise Software Development Kit 12:kernel-obs-build-3.12.55-52.42.2.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12:kernel-obs-build-3.12.55-52.42.2.s390x",
"SUSE Linux Enterprise Software Development Kit 12:kernel-obs-build-3.12.55-52.42.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 12:kernel-default-extra-3.12.55-52.42.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.2,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Desktop 12:kernel-default-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Desktop 12:kernel-default-devel-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Desktop 12:kernel-default-extra-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Desktop 12:kernel-devel-3.12.55-52.42.1.noarch",
"SUSE Linux Enterprise Desktop 12:kernel-macros-3.12.55-52.42.1.noarch",
"SUSE Linux Enterprise Desktop 12:kernel-source-3.12.55-52.42.1.noarch",
"SUSE Linux Enterprise Desktop 12:kernel-syms-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Desktop 12:kernel-xen-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Desktop 12:kernel-xen-devel-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_55-52_42-default-1-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_55-52_42-xen-1-2.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server 12:kernel-default-3.12.55-52.42.1.ppc64le",
"SUSE Linux Enterprise Server 12:kernel-default-3.12.55-52.42.1.s390x",
"SUSE Linux Enterprise Server 12:kernel-default-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server 12:kernel-default-base-3.12.55-52.42.1.ppc64le",
"SUSE Linux Enterprise Server 12:kernel-default-base-3.12.55-52.42.1.s390x",
"SUSE Linux Enterprise Server 12:kernel-default-base-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server 12:kernel-default-devel-3.12.55-52.42.1.ppc64le",
"SUSE Linux Enterprise Server 12:kernel-default-devel-3.12.55-52.42.1.s390x",
"SUSE Linux Enterprise Server 12:kernel-default-devel-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server 12:kernel-default-man-3.12.55-52.42.1.s390x",
"SUSE Linux Enterprise Server 12:kernel-devel-3.12.55-52.42.1.noarch",
"SUSE Linux Enterprise Server 12:kernel-macros-3.12.55-52.42.1.noarch",
"SUSE Linux Enterprise Server 12:kernel-source-3.12.55-52.42.1.noarch",
"SUSE Linux Enterprise Server 12:kernel-syms-3.12.55-52.42.1.ppc64le",
"SUSE Linux Enterprise Server 12:kernel-syms-3.12.55-52.42.1.s390x",
"SUSE Linux Enterprise Server 12:kernel-syms-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server 12:kernel-xen-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server 12:kernel-xen-base-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server 12:kernel-xen-devel-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-3.12.55-52.42.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-3.12.55-52.42.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-base-3.12.55-52.42.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-base-3.12.55-52.42.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-base-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-devel-3.12.55-52.42.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-devel-3.12.55-52.42.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-devel-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-man-3.12.55-52.42.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-devel-3.12.55-52.42.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-macros-3.12.55-52.42.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-source-3.12.55-52.42.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-syms-3.12.55-52.42.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-syms-3.12.55-52.42.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-syms-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-base-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-devel-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12:kernel-docs-3.12.55-52.42.2.noarch",
"SUSE Linux Enterprise Software Development Kit 12:kernel-obs-build-3.12.55-52.42.2.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12:kernel-obs-build-3.12.55-52.42.2.s390x",
"SUSE Linux Enterprise Software Development Kit 12:kernel-obs-build-3.12.55-52.42.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 12:kernel-default-extra-3.12.55-52.42.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-03-16T10:39:32Z",
"details": "low"
}
],
"title": "CVE-2015-8767"
},
{
"cve": "CVE-2015-8785",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-8785"
}
],
"notes": [
{
"category": "general",
"text": "The fuse_fill_write_pages function in fs/fuse/file.c in the Linux kernel before 4.4 allows local users to cause a denial of service (infinite loop) via a writev system call that triggers a zero length for the first segment of an iov.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12:kernel-default-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Desktop 12:kernel-default-devel-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Desktop 12:kernel-default-extra-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Desktop 12:kernel-devel-3.12.55-52.42.1.noarch",
"SUSE Linux Enterprise Desktop 12:kernel-macros-3.12.55-52.42.1.noarch",
"SUSE Linux Enterprise Desktop 12:kernel-source-3.12.55-52.42.1.noarch",
"SUSE Linux Enterprise Desktop 12:kernel-syms-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Desktop 12:kernel-xen-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Desktop 12:kernel-xen-devel-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_55-52_42-default-1-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_55-52_42-xen-1-2.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server 12:kernel-default-3.12.55-52.42.1.ppc64le",
"SUSE Linux Enterprise Server 12:kernel-default-3.12.55-52.42.1.s390x",
"SUSE Linux Enterprise Server 12:kernel-default-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server 12:kernel-default-base-3.12.55-52.42.1.ppc64le",
"SUSE Linux Enterprise Server 12:kernel-default-base-3.12.55-52.42.1.s390x",
"SUSE Linux Enterprise Server 12:kernel-default-base-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server 12:kernel-default-devel-3.12.55-52.42.1.ppc64le",
"SUSE Linux Enterprise Server 12:kernel-default-devel-3.12.55-52.42.1.s390x",
"SUSE Linux Enterprise Server 12:kernel-default-devel-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server 12:kernel-default-man-3.12.55-52.42.1.s390x",
"SUSE Linux Enterprise Server 12:kernel-devel-3.12.55-52.42.1.noarch",
"SUSE Linux Enterprise Server 12:kernel-macros-3.12.55-52.42.1.noarch",
"SUSE Linux Enterprise Server 12:kernel-source-3.12.55-52.42.1.noarch",
"SUSE Linux Enterprise Server 12:kernel-syms-3.12.55-52.42.1.ppc64le",
"SUSE Linux Enterprise Server 12:kernel-syms-3.12.55-52.42.1.s390x",
"SUSE Linux Enterprise Server 12:kernel-syms-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server 12:kernel-xen-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server 12:kernel-xen-base-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server 12:kernel-xen-devel-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-3.12.55-52.42.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-3.12.55-52.42.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-base-3.12.55-52.42.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-base-3.12.55-52.42.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-base-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-devel-3.12.55-52.42.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-devel-3.12.55-52.42.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-devel-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-man-3.12.55-52.42.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-devel-3.12.55-52.42.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-macros-3.12.55-52.42.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-source-3.12.55-52.42.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-syms-3.12.55-52.42.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-syms-3.12.55-52.42.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-syms-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-base-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-devel-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12:kernel-docs-3.12.55-52.42.2.noarch",
"SUSE Linux Enterprise Software Development Kit 12:kernel-obs-build-3.12.55-52.42.2.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12:kernel-obs-build-3.12.55-52.42.2.s390x",
"SUSE Linux Enterprise Software Development Kit 12:kernel-obs-build-3.12.55-52.42.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 12:kernel-default-extra-3.12.55-52.42.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-8785",
"url": "https://www.suse.com/security/cve/CVE-2015-8785"
},
{
"category": "external",
"summary": "SUSE Bug 1020452 for CVE-2015-8785",
"url": "https://bugzilla.suse.com/1020452"
},
{
"category": "external",
"summary": "SUSE Bug 963765 for CVE-2015-8785",
"url": "https://bugzilla.suse.com/963765"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12:kernel-default-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Desktop 12:kernel-default-devel-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Desktop 12:kernel-default-extra-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Desktop 12:kernel-devel-3.12.55-52.42.1.noarch",
"SUSE Linux Enterprise Desktop 12:kernel-macros-3.12.55-52.42.1.noarch",
"SUSE Linux Enterprise Desktop 12:kernel-source-3.12.55-52.42.1.noarch",
"SUSE Linux Enterprise Desktop 12:kernel-syms-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Desktop 12:kernel-xen-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Desktop 12:kernel-xen-devel-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_55-52_42-default-1-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_55-52_42-xen-1-2.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server 12:kernel-default-3.12.55-52.42.1.ppc64le",
"SUSE Linux Enterprise Server 12:kernel-default-3.12.55-52.42.1.s390x",
"SUSE Linux Enterprise Server 12:kernel-default-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server 12:kernel-default-base-3.12.55-52.42.1.ppc64le",
"SUSE Linux Enterprise Server 12:kernel-default-base-3.12.55-52.42.1.s390x",
"SUSE Linux Enterprise Server 12:kernel-default-base-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server 12:kernel-default-devel-3.12.55-52.42.1.ppc64le",
"SUSE Linux Enterprise Server 12:kernel-default-devel-3.12.55-52.42.1.s390x",
"SUSE Linux Enterprise Server 12:kernel-default-devel-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server 12:kernel-default-man-3.12.55-52.42.1.s390x",
"SUSE Linux Enterprise Server 12:kernel-devel-3.12.55-52.42.1.noarch",
"SUSE Linux Enterprise Server 12:kernel-macros-3.12.55-52.42.1.noarch",
"SUSE Linux Enterprise Server 12:kernel-source-3.12.55-52.42.1.noarch",
"SUSE Linux Enterprise Server 12:kernel-syms-3.12.55-52.42.1.ppc64le",
"SUSE Linux Enterprise Server 12:kernel-syms-3.12.55-52.42.1.s390x",
"SUSE Linux Enterprise Server 12:kernel-syms-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server 12:kernel-xen-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server 12:kernel-xen-base-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server 12:kernel-xen-devel-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-3.12.55-52.42.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-3.12.55-52.42.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-base-3.12.55-52.42.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-base-3.12.55-52.42.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-base-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-devel-3.12.55-52.42.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-devel-3.12.55-52.42.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-devel-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-man-3.12.55-52.42.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-devel-3.12.55-52.42.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-macros-3.12.55-52.42.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-source-3.12.55-52.42.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-syms-3.12.55-52.42.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-syms-3.12.55-52.42.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-syms-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-base-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-devel-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12:kernel-docs-3.12.55-52.42.2.noarch",
"SUSE Linux Enterprise Software Development Kit 12:kernel-obs-build-3.12.55-52.42.2.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12:kernel-obs-build-3.12.55-52.42.2.s390x",
"SUSE Linux Enterprise Software Development Kit 12:kernel-obs-build-3.12.55-52.42.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 12:kernel-default-extra-3.12.55-52.42.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.2,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Desktop 12:kernel-default-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Desktop 12:kernel-default-devel-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Desktop 12:kernel-default-extra-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Desktop 12:kernel-devel-3.12.55-52.42.1.noarch",
"SUSE Linux Enterprise Desktop 12:kernel-macros-3.12.55-52.42.1.noarch",
"SUSE Linux Enterprise Desktop 12:kernel-source-3.12.55-52.42.1.noarch",
"SUSE Linux Enterprise Desktop 12:kernel-syms-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Desktop 12:kernel-xen-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Desktop 12:kernel-xen-devel-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_55-52_42-default-1-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_55-52_42-xen-1-2.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server 12:kernel-default-3.12.55-52.42.1.ppc64le",
"SUSE Linux Enterprise Server 12:kernel-default-3.12.55-52.42.1.s390x",
"SUSE Linux Enterprise Server 12:kernel-default-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server 12:kernel-default-base-3.12.55-52.42.1.ppc64le",
"SUSE Linux Enterprise Server 12:kernel-default-base-3.12.55-52.42.1.s390x",
"SUSE Linux Enterprise Server 12:kernel-default-base-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server 12:kernel-default-devel-3.12.55-52.42.1.ppc64le",
"SUSE Linux Enterprise Server 12:kernel-default-devel-3.12.55-52.42.1.s390x",
"SUSE Linux Enterprise Server 12:kernel-default-devel-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server 12:kernel-default-man-3.12.55-52.42.1.s390x",
"SUSE Linux Enterprise Server 12:kernel-devel-3.12.55-52.42.1.noarch",
"SUSE Linux Enterprise Server 12:kernel-macros-3.12.55-52.42.1.noarch",
"SUSE Linux Enterprise Server 12:kernel-source-3.12.55-52.42.1.noarch",
"SUSE Linux Enterprise Server 12:kernel-syms-3.12.55-52.42.1.ppc64le",
"SUSE Linux Enterprise Server 12:kernel-syms-3.12.55-52.42.1.s390x",
"SUSE Linux Enterprise Server 12:kernel-syms-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server 12:kernel-xen-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server 12:kernel-xen-base-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server 12:kernel-xen-devel-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-3.12.55-52.42.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-3.12.55-52.42.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-base-3.12.55-52.42.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-base-3.12.55-52.42.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-base-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-devel-3.12.55-52.42.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-devel-3.12.55-52.42.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-devel-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-man-3.12.55-52.42.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-devel-3.12.55-52.42.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-macros-3.12.55-52.42.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-source-3.12.55-52.42.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-syms-3.12.55-52.42.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-syms-3.12.55-52.42.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-syms-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-base-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-devel-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12:kernel-docs-3.12.55-52.42.2.noarch",
"SUSE Linux Enterprise Software Development Kit 12:kernel-obs-build-3.12.55-52.42.2.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12:kernel-obs-build-3.12.55-52.42.2.s390x",
"SUSE Linux Enterprise Software Development Kit 12:kernel-obs-build-3.12.55-52.42.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 12:kernel-default-extra-3.12.55-52.42.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-03-16T10:39:32Z",
"details": "low"
}
],
"title": "CVE-2015-8785"
},
{
"cve": "CVE-2015-8812",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-8812"
}
],
"notes": [
{
"category": "general",
"text": "drivers/infiniband/hw/cxgb3/iwch_cm.c in the Linux kernel before 4.5 does not properly identify error conditions, which allows remote attackers to execute arbitrary code or cause a denial of service (use-after-free) via crafted packets.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12:kernel-default-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Desktop 12:kernel-default-devel-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Desktop 12:kernel-default-extra-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Desktop 12:kernel-devel-3.12.55-52.42.1.noarch",
"SUSE Linux Enterprise Desktop 12:kernel-macros-3.12.55-52.42.1.noarch",
"SUSE Linux Enterprise Desktop 12:kernel-source-3.12.55-52.42.1.noarch",
"SUSE Linux Enterprise Desktop 12:kernel-syms-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Desktop 12:kernel-xen-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Desktop 12:kernel-xen-devel-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_55-52_42-default-1-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_55-52_42-xen-1-2.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server 12:kernel-default-3.12.55-52.42.1.ppc64le",
"SUSE Linux Enterprise Server 12:kernel-default-3.12.55-52.42.1.s390x",
"SUSE Linux Enterprise Server 12:kernel-default-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server 12:kernel-default-base-3.12.55-52.42.1.ppc64le",
"SUSE Linux Enterprise Server 12:kernel-default-base-3.12.55-52.42.1.s390x",
"SUSE Linux Enterprise Server 12:kernel-default-base-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server 12:kernel-default-devel-3.12.55-52.42.1.ppc64le",
"SUSE Linux Enterprise Server 12:kernel-default-devel-3.12.55-52.42.1.s390x",
"SUSE Linux Enterprise Server 12:kernel-default-devel-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server 12:kernel-default-man-3.12.55-52.42.1.s390x",
"SUSE Linux Enterprise Server 12:kernel-devel-3.12.55-52.42.1.noarch",
"SUSE Linux Enterprise Server 12:kernel-macros-3.12.55-52.42.1.noarch",
"SUSE Linux Enterprise Server 12:kernel-source-3.12.55-52.42.1.noarch",
"SUSE Linux Enterprise Server 12:kernel-syms-3.12.55-52.42.1.ppc64le",
"SUSE Linux Enterprise Server 12:kernel-syms-3.12.55-52.42.1.s390x",
"SUSE Linux Enterprise Server 12:kernel-syms-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server 12:kernel-xen-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server 12:kernel-xen-base-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server 12:kernel-xen-devel-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-3.12.55-52.42.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-3.12.55-52.42.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-base-3.12.55-52.42.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-base-3.12.55-52.42.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-base-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-devel-3.12.55-52.42.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-devel-3.12.55-52.42.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-devel-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-man-3.12.55-52.42.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-devel-3.12.55-52.42.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-macros-3.12.55-52.42.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-source-3.12.55-52.42.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-syms-3.12.55-52.42.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-syms-3.12.55-52.42.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-syms-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-base-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-devel-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12:kernel-docs-3.12.55-52.42.2.noarch",
"SUSE Linux Enterprise Software Development Kit 12:kernel-obs-build-3.12.55-52.42.2.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12:kernel-obs-build-3.12.55-52.42.2.s390x",
"SUSE Linux Enterprise Software Development Kit 12:kernel-obs-build-3.12.55-52.42.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 12:kernel-default-extra-3.12.55-52.42.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-8812",
"url": "https://www.suse.com/security/cve/CVE-2015-8812"
},
{
"category": "external",
"summary": "SUSE Bug 1020452 for CVE-2015-8812",
"url": "https://bugzilla.suse.com/1020452"
},
{
"category": "external",
"summary": "SUSE Bug 1115893 for CVE-2015-8812",
"url": "https://bugzilla.suse.com/1115893"
},
{
"category": "external",
"summary": "SUSE Bug 966437 for CVE-2015-8812",
"url": "https://bugzilla.suse.com/966437"
},
{
"category": "external",
"summary": "SUSE Bug 966683 for CVE-2015-8812",
"url": "https://bugzilla.suse.com/966683"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12:kernel-default-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Desktop 12:kernel-default-devel-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Desktop 12:kernel-default-extra-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Desktop 12:kernel-devel-3.12.55-52.42.1.noarch",
"SUSE Linux Enterprise Desktop 12:kernel-macros-3.12.55-52.42.1.noarch",
"SUSE Linux Enterprise Desktop 12:kernel-source-3.12.55-52.42.1.noarch",
"SUSE Linux Enterprise Desktop 12:kernel-syms-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Desktop 12:kernel-xen-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Desktop 12:kernel-xen-devel-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_55-52_42-default-1-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_55-52_42-xen-1-2.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server 12:kernel-default-3.12.55-52.42.1.ppc64le",
"SUSE Linux Enterprise Server 12:kernel-default-3.12.55-52.42.1.s390x",
"SUSE Linux Enterprise Server 12:kernel-default-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server 12:kernel-default-base-3.12.55-52.42.1.ppc64le",
"SUSE Linux Enterprise Server 12:kernel-default-base-3.12.55-52.42.1.s390x",
"SUSE Linux Enterprise Server 12:kernel-default-base-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server 12:kernel-default-devel-3.12.55-52.42.1.ppc64le",
"SUSE Linux Enterprise Server 12:kernel-default-devel-3.12.55-52.42.1.s390x",
"SUSE Linux Enterprise Server 12:kernel-default-devel-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server 12:kernel-default-man-3.12.55-52.42.1.s390x",
"SUSE Linux Enterprise Server 12:kernel-devel-3.12.55-52.42.1.noarch",
"SUSE Linux Enterprise Server 12:kernel-macros-3.12.55-52.42.1.noarch",
"SUSE Linux Enterprise Server 12:kernel-source-3.12.55-52.42.1.noarch",
"SUSE Linux Enterprise Server 12:kernel-syms-3.12.55-52.42.1.ppc64le",
"SUSE Linux Enterprise Server 12:kernel-syms-3.12.55-52.42.1.s390x",
"SUSE Linux Enterprise Server 12:kernel-syms-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server 12:kernel-xen-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server 12:kernel-xen-base-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server 12:kernel-xen-devel-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-3.12.55-52.42.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-3.12.55-52.42.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-base-3.12.55-52.42.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-base-3.12.55-52.42.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-base-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-devel-3.12.55-52.42.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-devel-3.12.55-52.42.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-devel-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-man-3.12.55-52.42.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-devel-3.12.55-52.42.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-macros-3.12.55-52.42.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-source-3.12.55-52.42.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-syms-3.12.55-52.42.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-syms-3.12.55-52.42.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-syms-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-base-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-devel-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12:kernel-docs-3.12.55-52.42.2.noarch",
"SUSE Linux Enterprise Software Development Kit 12:kernel-obs-build-3.12.55-52.42.2.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12:kernel-obs-build-3.12.55-52.42.2.s390x",
"SUSE Linux Enterprise Software Development Kit 12:kernel-obs-build-3.12.55-52.42.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 12:kernel-default-extra-3.12.55-52.42.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Desktop 12:kernel-default-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Desktop 12:kernel-default-devel-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Desktop 12:kernel-default-extra-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Desktop 12:kernel-devel-3.12.55-52.42.1.noarch",
"SUSE Linux Enterprise Desktop 12:kernel-macros-3.12.55-52.42.1.noarch",
"SUSE Linux Enterprise Desktop 12:kernel-source-3.12.55-52.42.1.noarch",
"SUSE Linux Enterprise Desktop 12:kernel-syms-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Desktop 12:kernel-xen-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Desktop 12:kernel-xen-devel-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_55-52_42-default-1-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_55-52_42-xen-1-2.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server 12:kernel-default-3.12.55-52.42.1.ppc64le",
"SUSE Linux Enterprise Server 12:kernel-default-3.12.55-52.42.1.s390x",
"SUSE Linux Enterprise Server 12:kernel-default-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server 12:kernel-default-base-3.12.55-52.42.1.ppc64le",
"SUSE Linux Enterprise Server 12:kernel-default-base-3.12.55-52.42.1.s390x",
"SUSE Linux Enterprise Server 12:kernel-default-base-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server 12:kernel-default-devel-3.12.55-52.42.1.ppc64le",
"SUSE Linux Enterprise Server 12:kernel-default-devel-3.12.55-52.42.1.s390x",
"SUSE Linux Enterprise Server 12:kernel-default-devel-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server 12:kernel-default-man-3.12.55-52.42.1.s390x",
"SUSE Linux Enterprise Server 12:kernel-devel-3.12.55-52.42.1.noarch",
"SUSE Linux Enterprise Server 12:kernel-macros-3.12.55-52.42.1.noarch",
"SUSE Linux Enterprise Server 12:kernel-source-3.12.55-52.42.1.noarch",
"SUSE Linux Enterprise Server 12:kernel-syms-3.12.55-52.42.1.ppc64le",
"SUSE Linux Enterprise Server 12:kernel-syms-3.12.55-52.42.1.s390x",
"SUSE Linux Enterprise Server 12:kernel-syms-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server 12:kernel-xen-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server 12:kernel-xen-base-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server 12:kernel-xen-devel-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-3.12.55-52.42.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-3.12.55-52.42.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-base-3.12.55-52.42.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-base-3.12.55-52.42.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-base-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-devel-3.12.55-52.42.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-devel-3.12.55-52.42.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-devel-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-man-3.12.55-52.42.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-devel-3.12.55-52.42.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-macros-3.12.55-52.42.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-source-3.12.55-52.42.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-syms-3.12.55-52.42.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-syms-3.12.55-52.42.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-syms-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-base-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-devel-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12:kernel-docs-3.12.55-52.42.2.noarch",
"SUSE Linux Enterprise Software Development Kit 12:kernel-obs-build-3.12.55-52.42.2.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12:kernel-obs-build-3.12.55-52.42.2.s390x",
"SUSE Linux Enterprise Software Development Kit 12:kernel-obs-build-3.12.55-52.42.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 12:kernel-default-extra-3.12.55-52.42.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-03-16T10:39:32Z",
"details": "moderate"
}
],
"title": "CVE-2015-8812"
},
{
"cve": "CVE-2016-0723",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-0723"
}
],
"notes": [
{
"category": "general",
"text": "Race condition in the tty_ioctl function in drivers/tty/tty_io.c in the Linux kernel through 4.4.1 allows local users to obtain sensitive information from kernel memory or cause a denial of service (use-after-free and system crash) by making a TIOCGETD ioctl call during processing of a TIOCSETD ioctl call.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12:kernel-default-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Desktop 12:kernel-default-devel-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Desktop 12:kernel-default-extra-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Desktop 12:kernel-devel-3.12.55-52.42.1.noarch",
"SUSE Linux Enterprise Desktop 12:kernel-macros-3.12.55-52.42.1.noarch",
"SUSE Linux Enterprise Desktop 12:kernel-source-3.12.55-52.42.1.noarch",
"SUSE Linux Enterprise Desktop 12:kernel-syms-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Desktop 12:kernel-xen-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Desktop 12:kernel-xen-devel-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_55-52_42-default-1-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_55-52_42-xen-1-2.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server 12:kernel-default-3.12.55-52.42.1.ppc64le",
"SUSE Linux Enterprise Server 12:kernel-default-3.12.55-52.42.1.s390x",
"SUSE Linux Enterprise Server 12:kernel-default-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server 12:kernel-default-base-3.12.55-52.42.1.ppc64le",
"SUSE Linux Enterprise Server 12:kernel-default-base-3.12.55-52.42.1.s390x",
"SUSE Linux Enterprise Server 12:kernel-default-base-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server 12:kernel-default-devel-3.12.55-52.42.1.ppc64le",
"SUSE Linux Enterprise Server 12:kernel-default-devel-3.12.55-52.42.1.s390x",
"SUSE Linux Enterprise Server 12:kernel-default-devel-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server 12:kernel-default-man-3.12.55-52.42.1.s390x",
"SUSE Linux Enterprise Server 12:kernel-devel-3.12.55-52.42.1.noarch",
"SUSE Linux Enterprise Server 12:kernel-macros-3.12.55-52.42.1.noarch",
"SUSE Linux Enterprise Server 12:kernel-source-3.12.55-52.42.1.noarch",
"SUSE Linux Enterprise Server 12:kernel-syms-3.12.55-52.42.1.ppc64le",
"SUSE Linux Enterprise Server 12:kernel-syms-3.12.55-52.42.1.s390x",
"SUSE Linux Enterprise Server 12:kernel-syms-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server 12:kernel-xen-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server 12:kernel-xen-base-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server 12:kernel-xen-devel-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-3.12.55-52.42.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-3.12.55-52.42.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-base-3.12.55-52.42.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-base-3.12.55-52.42.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-base-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-devel-3.12.55-52.42.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-devel-3.12.55-52.42.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-devel-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-man-3.12.55-52.42.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-devel-3.12.55-52.42.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-macros-3.12.55-52.42.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-source-3.12.55-52.42.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-syms-3.12.55-52.42.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-syms-3.12.55-52.42.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-syms-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-base-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-devel-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12:kernel-docs-3.12.55-52.42.2.noarch",
"SUSE Linux Enterprise Software Development Kit 12:kernel-obs-build-3.12.55-52.42.2.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12:kernel-obs-build-3.12.55-52.42.2.s390x",
"SUSE Linux Enterprise Software Development Kit 12:kernel-obs-build-3.12.55-52.42.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 12:kernel-default-extra-3.12.55-52.42.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-0723",
"url": "https://www.suse.com/security/cve/CVE-2016-0723"
},
{
"category": "external",
"summary": "SUSE Bug 1020452 for CVE-2016-0723",
"url": "https://bugzilla.suse.com/1020452"
},
{
"category": "external",
"summary": "SUSE Bug 961500 for CVE-2016-0723",
"url": "https://bugzilla.suse.com/961500"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12:kernel-default-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Desktop 12:kernel-default-devel-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Desktop 12:kernel-default-extra-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Desktop 12:kernel-devel-3.12.55-52.42.1.noarch",
"SUSE Linux Enterprise Desktop 12:kernel-macros-3.12.55-52.42.1.noarch",
"SUSE Linux Enterprise Desktop 12:kernel-source-3.12.55-52.42.1.noarch",
"SUSE Linux Enterprise Desktop 12:kernel-syms-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Desktop 12:kernel-xen-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Desktop 12:kernel-xen-devel-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_55-52_42-default-1-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_55-52_42-xen-1-2.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server 12:kernel-default-3.12.55-52.42.1.ppc64le",
"SUSE Linux Enterprise Server 12:kernel-default-3.12.55-52.42.1.s390x",
"SUSE Linux Enterprise Server 12:kernel-default-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server 12:kernel-default-base-3.12.55-52.42.1.ppc64le",
"SUSE Linux Enterprise Server 12:kernel-default-base-3.12.55-52.42.1.s390x",
"SUSE Linux Enterprise Server 12:kernel-default-base-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server 12:kernel-default-devel-3.12.55-52.42.1.ppc64le",
"SUSE Linux Enterprise Server 12:kernel-default-devel-3.12.55-52.42.1.s390x",
"SUSE Linux Enterprise Server 12:kernel-default-devel-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server 12:kernel-default-man-3.12.55-52.42.1.s390x",
"SUSE Linux Enterprise Server 12:kernel-devel-3.12.55-52.42.1.noarch",
"SUSE Linux Enterprise Server 12:kernel-macros-3.12.55-52.42.1.noarch",
"SUSE Linux Enterprise Server 12:kernel-source-3.12.55-52.42.1.noarch",
"SUSE Linux Enterprise Server 12:kernel-syms-3.12.55-52.42.1.ppc64le",
"SUSE Linux Enterprise Server 12:kernel-syms-3.12.55-52.42.1.s390x",
"SUSE Linux Enterprise Server 12:kernel-syms-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server 12:kernel-xen-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server 12:kernel-xen-base-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server 12:kernel-xen-devel-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-3.12.55-52.42.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-3.12.55-52.42.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-base-3.12.55-52.42.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-base-3.12.55-52.42.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-base-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-devel-3.12.55-52.42.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-devel-3.12.55-52.42.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-devel-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-man-3.12.55-52.42.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-devel-3.12.55-52.42.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-macros-3.12.55-52.42.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-source-3.12.55-52.42.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-syms-3.12.55-52.42.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-syms-3.12.55-52.42.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-syms-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-base-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-devel-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12:kernel-docs-3.12.55-52.42.2.noarch",
"SUSE Linux Enterprise Software Development Kit 12:kernel-obs-build-3.12.55-52.42.2.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12:kernel-obs-build-3.12.55-52.42.2.s390x",
"SUSE Linux Enterprise Software Development Kit 12:kernel-obs-build-3.12.55-52.42.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 12:kernel-default-extra-3.12.55-52.42.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Desktop 12:kernel-default-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Desktop 12:kernel-default-devel-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Desktop 12:kernel-default-extra-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Desktop 12:kernel-devel-3.12.55-52.42.1.noarch",
"SUSE Linux Enterprise Desktop 12:kernel-macros-3.12.55-52.42.1.noarch",
"SUSE Linux Enterprise Desktop 12:kernel-source-3.12.55-52.42.1.noarch",
"SUSE Linux Enterprise Desktop 12:kernel-syms-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Desktop 12:kernel-xen-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Desktop 12:kernel-xen-devel-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_55-52_42-default-1-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_55-52_42-xen-1-2.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server 12:kernel-default-3.12.55-52.42.1.ppc64le",
"SUSE Linux Enterprise Server 12:kernel-default-3.12.55-52.42.1.s390x",
"SUSE Linux Enterprise Server 12:kernel-default-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server 12:kernel-default-base-3.12.55-52.42.1.ppc64le",
"SUSE Linux Enterprise Server 12:kernel-default-base-3.12.55-52.42.1.s390x",
"SUSE Linux Enterprise Server 12:kernel-default-base-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server 12:kernel-default-devel-3.12.55-52.42.1.ppc64le",
"SUSE Linux Enterprise Server 12:kernel-default-devel-3.12.55-52.42.1.s390x",
"SUSE Linux Enterprise Server 12:kernel-default-devel-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server 12:kernel-default-man-3.12.55-52.42.1.s390x",
"SUSE Linux Enterprise Server 12:kernel-devel-3.12.55-52.42.1.noarch",
"SUSE Linux Enterprise Server 12:kernel-macros-3.12.55-52.42.1.noarch",
"SUSE Linux Enterprise Server 12:kernel-source-3.12.55-52.42.1.noarch",
"SUSE Linux Enterprise Server 12:kernel-syms-3.12.55-52.42.1.ppc64le",
"SUSE Linux Enterprise Server 12:kernel-syms-3.12.55-52.42.1.s390x",
"SUSE Linux Enterprise Server 12:kernel-syms-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server 12:kernel-xen-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server 12:kernel-xen-base-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server 12:kernel-xen-devel-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-3.12.55-52.42.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-3.12.55-52.42.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-base-3.12.55-52.42.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-base-3.12.55-52.42.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-base-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-devel-3.12.55-52.42.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-devel-3.12.55-52.42.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-devel-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-man-3.12.55-52.42.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-devel-3.12.55-52.42.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-macros-3.12.55-52.42.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-source-3.12.55-52.42.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-syms-3.12.55-52.42.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-syms-3.12.55-52.42.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-syms-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-base-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-devel-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12:kernel-docs-3.12.55-52.42.2.noarch",
"SUSE Linux Enterprise Software Development Kit 12:kernel-obs-build-3.12.55-52.42.2.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12:kernel-obs-build-3.12.55-52.42.2.s390x",
"SUSE Linux Enterprise Software Development Kit 12:kernel-obs-build-3.12.55-52.42.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 12:kernel-default-extra-3.12.55-52.42.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-03-16T10:39:32Z",
"details": "low"
}
],
"title": "CVE-2016-0723"
},
{
"cve": "CVE-2016-0774",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-0774"
}
],
"notes": [
{
"category": "general",
"text": "The (1) pipe_read and (2) pipe_write implementations in fs/pipe.c in a certain Linux kernel backport in the linux package before 3.2.73-2+deb7u3 on Debian wheezy and the kernel package before 3.10.0-229.26.2 on Red Hat Enterprise Linux (RHEL) 7.1 do not properly consider the side effects of failed __copy_to_user_inatomic and __copy_from_user_inatomic calls, which allows local users to cause a denial of service (system crash) or possibly gain privileges via a crafted application, aka an \"I/O vector array overrun.\" NOTE: this vulnerability exists because of an incorrect fix for CVE-2015-1805.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12:kernel-default-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Desktop 12:kernel-default-devel-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Desktop 12:kernel-default-extra-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Desktop 12:kernel-devel-3.12.55-52.42.1.noarch",
"SUSE Linux Enterprise Desktop 12:kernel-macros-3.12.55-52.42.1.noarch",
"SUSE Linux Enterprise Desktop 12:kernel-source-3.12.55-52.42.1.noarch",
"SUSE Linux Enterprise Desktop 12:kernel-syms-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Desktop 12:kernel-xen-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Desktop 12:kernel-xen-devel-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_55-52_42-default-1-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_55-52_42-xen-1-2.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server 12:kernel-default-3.12.55-52.42.1.ppc64le",
"SUSE Linux Enterprise Server 12:kernel-default-3.12.55-52.42.1.s390x",
"SUSE Linux Enterprise Server 12:kernel-default-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server 12:kernel-default-base-3.12.55-52.42.1.ppc64le",
"SUSE Linux Enterprise Server 12:kernel-default-base-3.12.55-52.42.1.s390x",
"SUSE Linux Enterprise Server 12:kernel-default-base-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server 12:kernel-default-devel-3.12.55-52.42.1.ppc64le",
"SUSE Linux Enterprise Server 12:kernel-default-devel-3.12.55-52.42.1.s390x",
"SUSE Linux Enterprise Server 12:kernel-default-devel-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server 12:kernel-default-man-3.12.55-52.42.1.s390x",
"SUSE Linux Enterprise Server 12:kernel-devel-3.12.55-52.42.1.noarch",
"SUSE Linux Enterprise Server 12:kernel-macros-3.12.55-52.42.1.noarch",
"SUSE Linux Enterprise Server 12:kernel-source-3.12.55-52.42.1.noarch",
"SUSE Linux Enterprise Server 12:kernel-syms-3.12.55-52.42.1.ppc64le",
"SUSE Linux Enterprise Server 12:kernel-syms-3.12.55-52.42.1.s390x",
"SUSE Linux Enterprise Server 12:kernel-syms-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server 12:kernel-xen-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server 12:kernel-xen-base-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server 12:kernel-xen-devel-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-3.12.55-52.42.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-3.12.55-52.42.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-base-3.12.55-52.42.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-base-3.12.55-52.42.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-base-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-devel-3.12.55-52.42.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-devel-3.12.55-52.42.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-devel-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-man-3.12.55-52.42.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-devel-3.12.55-52.42.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-macros-3.12.55-52.42.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-source-3.12.55-52.42.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-syms-3.12.55-52.42.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-syms-3.12.55-52.42.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-syms-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-base-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-devel-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12:kernel-docs-3.12.55-52.42.2.noarch",
"SUSE Linux Enterprise Software Development Kit 12:kernel-obs-build-3.12.55-52.42.2.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12:kernel-obs-build-3.12.55-52.42.2.s390x",
"SUSE Linux Enterprise Software Development Kit 12:kernel-obs-build-3.12.55-52.42.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 12:kernel-default-extra-3.12.55-52.42.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-0774",
"url": "https://www.suse.com/security/cve/CVE-2016-0774"
},
{
"category": "external",
"summary": "SUSE Bug 917839 for CVE-2016-0774",
"url": "https://bugzilla.suse.com/917839"
},
{
"category": "external",
"summary": "SUSE Bug 964730 for CVE-2016-0774",
"url": "https://bugzilla.suse.com/964730"
},
{
"category": "external",
"summary": "SUSE Bug 964732 for CVE-2016-0774",
"url": "https://bugzilla.suse.com/964732"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12:kernel-default-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Desktop 12:kernel-default-devel-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Desktop 12:kernel-default-extra-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Desktop 12:kernel-devel-3.12.55-52.42.1.noarch",
"SUSE Linux Enterprise Desktop 12:kernel-macros-3.12.55-52.42.1.noarch",
"SUSE Linux Enterprise Desktop 12:kernel-source-3.12.55-52.42.1.noarch",
"SUSE Linux Enterprise Desktop 12:kernel-syms-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Desktop 12:kernel-xen-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Desktop 12:kernel-xen-devel-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_55-52_42-default-1-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_55-52_42-xen-1-2.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server 12:kernel-default-3.12.55-52.42.1.ppc64le",
"SUSE Linux Enterprise Server 12:kernel-default-3.12.55-52.42.1.s390x",
"SUSE Linux Enterprise Server 12:kernel-default-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server 12:kernel-default-base-3.12.55-52.42.1.ppc64le",
"SUSE Linux Enterprise Server 12:kernel-default-base-3.12.55-52.42.1.s390x",
"SUSE Linux Enterprise Server 12:kernel-default-base-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server 12:kernel-default-devel-3.12.55-52.42.1.ppc64le",
"SUSE Linux Enterprise Server 12:kernel-default-devel-3.12.55-52.42.1.s390x",
"SUSE Linux Enterprise Server 12:kernel-default-devel-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server 12:kernel-default-man-3.12.55-52.42.1.s390x",
"SUSE Linux Enterprise Server 12:kernel-devel-3.12.55-52.42.1.noarch",
"SUSE Linux Enterprise Server 12:kernel-macros-3.12.55-52.42.1.noarch",
"SUSE Linux Enterprise Server 12:kernel-source-3.12.55-52.42.1.noarch",
"SUSE Linux Enterprise Server 12:kernel-syms-3.12.55-52.42.1.ppc64le",
"SUSE Linux Enterprise Server 12:kernel-syms-3.12.55-52.42.1.s390x",
"SUSE Linux Enterprise Server 12:kernel-syms-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server 12:kernel-xen-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server 12:kernel-xen-base-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server 12:kernel-xen-devel-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-3.12.55-52.42.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-3.12.55-52.42.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-base-3.12.55-52.42.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-base-3.12.55-52.42.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-base-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-devel-3.12.55-52.42.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-devel-3.12.55-52.42.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-devel-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-man-3.12.55-52.42.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-devel-3.12.55-52.42.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-macros-3.12.55-52.42.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-source-3.12.55-52.42.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-syms-3.12.55-52.42.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-syms-3.12.55-52.42.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-syms-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-base-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-devel-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12:kernel-docs-3.12.55-52.42.2.noarch",
"SUSE Linux Enterprise Software Development Kit 12:kernel-obs-build-3.12.55-52.42.2.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12:kernel-obs-build-3.12.55-52.42.2.s390x",
"SUSE Linux Enterprise Software Development Kit 12:kernel-obs-build-3.12.55-52.42.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 12:kernel-default-extra-3.12.55-52.42.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Desktop 12:kernel-default-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Desktop 12:kernel-default-devel-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Desktop 12:kernel-default-extra-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Desktop 12:kernel-devel-3.12.55-52.42.1.noarch",
"SUSE Linux Enterprise Desktop 12:kernel-macros-3.12.55-52.42.1.noarch",
"SUSE Linux Enterprise Desktop 12:kernel-source-3.12.55-52.42.1.noarch",
"SUSE Linux Enterprise Desktop 12:kernel-syms-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Desktop 12:kernel-xen-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Desktop 12:kernel-xen-devel-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_55-52_42-default-1-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_55-52_42-xen-1-2.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server 12:kernel-default-3.12.55-52.42.1.ppc64le",
"SUSE Linux Enterprise Server 12:kernel-default-3.12.55-52.42.1.s390x",
"SUSE Linux Enterprise Server 12:kernel-default-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server 12:kernel-default-base-3.12.55-52.42.1.ppc64le",
"SUSE Linux Enterprise Server 12:kernel-default-base-3.12.55-52.42.1.s390x",
"SUSE Linux Enterprise Server 12:kernel-default-base-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server 12:kernel-default-devel-3.12.55-52.42.1.ppc64le",
"SUSE Linux Enterprise Server 12:kernel-default-devel-3.12.55-52.42.1.s390x",
"SUSE Linux Enterprise Server 12:kernel-default-devel-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server 12:kernel-default-man-3.12.55-52.42.1.s390x",
"SUSE Linux Enterprise Server 12:kernel-devel-3.12.55-52.42.1.noarch",
"SUSE Linux Enterprise Server 12:kernel-macros-3.12.55-52.42.1.noarch",
"SUSE Linux Enterprise Server 12:kernel-source-3.12.55-52.42.1.noarch",
"SUSE Linux Enterprise Server 12:kernel-syms-3.12.55-52.42.1.ppc64le",
"SUSE Linux Enterprise Server 12:kernel-syms-3.12.55-52.42.1.s390x",
"SUSE Linux Enterprise Server 12:kernel-syms-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server 12:kernel-xen-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server 12:kernel-xen-base-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server 12:kernel-xen-devel-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-3.12.55-52.42.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-3.12.55-52.42.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-base-3.12.55-52.42.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-base-3.12.55-52.42.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-base-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-devel-3.12.55-52.42.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-devel-3.12.55-52.42.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-devel-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-man-3.12.55-52.42.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-devel-3.12.55-52.42.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-macros-3.12.55-52.42.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-source-3.12.55-52.42.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-syms-3.12.55-52.42.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-syms-3.12.55-52.42.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-syms-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-base-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-devel-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12:kernel-docs-3.12.55-52.42.2.noarch",
"SUSE Linux Enterprise Software Development Kit 12:kernel-obs-build-3.12.55-52.42.2.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12:kernel-obs-build-3.12.55-52.42.2.s390x",
"SUSE Linux Enterprise Software Development Kit 12:kernel-obs-build-3.12.55-52.42.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 12:kernel-default-extra-3.12.55-52.42.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-03-16T10:39:32Z",
"details": "moderate"
}
],
"title": "CVE-2016-0774"
},
{
"cve": "CVE-2016-2069",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-2069"
}
],
"notes": [
{
"category": "general",
"text": "Race condition in arch/x86/mm/tlb.c in the Linux kernel before 4.4.1 allows local users to gain privileges by triggering access to a paging structure by a different CPU.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12:kernel-default-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Desktop 12:kernel-default-devel-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Desktop 12:kernel-default-extra-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Desktop 12:kernel-devel-3.12.55-52.42.1.noarch",
"SUSE Linux Enterprise Desktop 12:kernel-macros-3.12.55-52.42.1.noarch",
"SUSE Linux Enterprise Desktop 12:kernel-source-3.12.55-52.42.1.noarch",
"SUSE Linux Enterprise Desktop 12:kernel-syms-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Desktop 12:kernel-xen-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Desktop 12:kernel-xen-devel-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_55-52_42-default-1-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_55-52_42-xen-1-2.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server 12:kernel-default-3.12.55-52.42.1.ppc64le",
"SUSE Linux Enterprise Server 12:kernel-default-3.12.55-52.42.1.s390x",
"SUSE Linux Enterprise Server 12:kernel-default-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server 12:kernel-default-base-3.12.55-52.42.1.ppc64le",
"SUSE Linux Enterprise Server 12:kernel-default-base-3.12.55-52.42.1.s390x",
"SUSE Linux Enterprise Server 12:kernel-default-base-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server 12:kernel-default-devel-3.12.55-52.42.1.ppc64le",
"SUSE Linux Enterprise Server 12:kernel-default-devel-3.12.55-52.42.1.s390x",
"SUSE Linux Enterprise Server 12:kernel-default-devel-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server 12:kernel-default-man-3.12.55-52.42.1.s390x",
"SUSE Linux Enterprise Server 12:kernel-devel-3.12.55-52.42.1.noarch",
"SUSE Linux Enterprise Server 12:kernel-macros-3.12.55-52.42.1.noarch",
"SUSE Linux Enterprise Server 12:kernel-source-3.12.55-52.42.1.noarch",
"SUSE Linux Enterprise Server 12:kernel-syms-3.12.55-52.42.1.ppc64le",
"SUSE Linux Enterprise Server 12:kernel-syms-3.12.55-52.42.1.s390x",
"SUSE Linux Enterprise Server 12:kernel-syms-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server 12:kernel-xen-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server 12:kernel-xen-base-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server 12:kernel-xen-devel-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-3.12.55-52.42.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-3.12.55-52.42.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-base-3.12.55-52.42.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-base-3.12.55-52.42.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-base-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-devel-3.12.55-52.42.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-devel-3.12.55-52.42.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-devel-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-man-3.12.55-52.42.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-devel-3.12.55-52.42.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-macros-3.12.55-52.42.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-source-3.12.55-52.42.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-syms-3.12.55-52.42.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-syms-3.12.55-52.42.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-syms-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-base-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-devel-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12:kernel-docs-3.12.55-52.42.2.noarch",
"SUSE Linux Enterprise Software Development Kit 12:kernel-obs-build-3.12.55-52.42.2.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12:kernel-obs-build-3.12.55-52.42.2.s390x",
"SUSE Linux Enterprise Software Development Kit 12:kernel-obs-build-3.12.55-52.42.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 12:kernel-default-extra-3.12.55-52.42.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-2069",
"url": "https://www.suse.com/security/cve/CVE-2016-2069"
},
{
"category": "external",
"summary": "SUSE Bug 1020452 for CVE-2016-2069",
"url": "https://bugzilla.suse.com/1020452"
},
{
"category": "external",
"summary": "SUSE Bug 1115893 for CVE-2016-2069",
"url": "https://bugzilla.suse.com/1115893"
},
{
"category": "external",
"summary": "SUSE Bug 870618 for CVE-2016-2069",
"url": "https://bugzilla.suse.com/870618"
},
{
"category": "external",
"summary": "SUSE Bug 963767 for CVE-2016-2069",
"url": "https://bugzilla.suse.com/963767"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12:kernel-default-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Desktop 12:kernel-default-devel-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Desktop 12:kernel-default-extra-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Desktop 12:kernel-devel-3.12.55-52.42.1.noarch",
"SUSE Linux Enterprise Desktop 12:kernel-macros-3.12.55-52.42.1.noarch",
"SUSE Linux Enterprise Desktop 12:kernel-source-3.12.55-52.42.1.noarch",
"SUSE Linux Enterprise Desktop 12:kernel-syms-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Desktop 12:kernel-xen-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Desktop 12:kernel-xen-devel-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_55-52_42-default-1-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_55-52_42-xen-1-2.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server 12:kernel-default-3.12.55-52.42.1.ppc64le",
"SUSE Linux Enterprise Server 12:kernel-default-3.12.55-52.42.1.s390x",
"SUSE Linux Enterprise Server 12:kernel-default-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server 12:kernel-default-base-3.12.55-52.42.1.ppc64le",
"SUSE Linux Enterprise Server 12:kernel-default-base-3.12.55-52.42.1.s390x",
"SUSE Linux Enterprise Server 12:kernel-default-base-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server 12:kernel-default-devel-3.12.55-52.42.1.ppc64le",
"SUSE Linux Enterprise Server 12:kernel-default-devel-3.12.55-52.42.1.s390x",
"SUSE Linux Enterprise Server 12:kernel-default-devel-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server 12:kernel-default-man-3.12.55-52.42.1.s390x",
"SUSE Linux Enterprise Server 12:kernel-devel-3.12.55-52.42.1.noarch",
"SUSE Linux Enterprise Server 12:kernel-macros-3.12.55-52.42.1.noarch",
"SUSE Linux Enterprise Server 12:kernel-source-3.12.55-52.42.1.noarch",
"SUSE Linux Enterprise Server 12:kernel-syms-3.12.55-52.42.1.ppc64le",
"SUSE Linux Enterprise Server 12:kernel-syms-3.12.55-52.42.1.s390x",
"SUSE Linux Enterprise Server 12:kernel-syms-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server 12:kernel-xen-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server 12:kernel-xen-base-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server 12:kernel-xen-devel-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-3.12.55-52.42.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-3.12.55-52.42.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-base-3.12.55-52.42.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-base-3.12.55-52.42.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-base-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-devel-3.12.55-52.42.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-devel-3.12.55-52.42.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-devel-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-man-3.12.55-52.42.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-devel-3.12.55-52.42.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-macros-3.12.55-52.42.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-source-3.12.55-52.42.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-syms-3.12.55-52.42.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-syms-3.12.55-52.42.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-syms-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-base-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-devel-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12:kernel-docs-3.12.55-52.42.2.noarch",
"SUSE Linux Enterprise Software Development Kit 12:kernel-obs-build-3.12.55-52.42.2.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12:kernel-obs-build-3.12.55-52.42.2.s390x",
"SUSE Linux Enterprise Software Development Kit 12:kernel-obs-build-3.12.55-52.42.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 12:kernel-default-extra-3.12.55-52.42.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.4,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Desktop 12:kernel-default-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Desktop 12:kernel-default-devel-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Desktop 12:kernel-default-extra-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Desktop 12:kernel-devel-3.12.55-52.42.1.noarch",
"SUSE Linux Enterprise Desktop 12:kernel-macros-3.12.55-52.42.1.noarch",
"SUSE Linux Enterprise Desktop 12:kernel-source-3.12.55-52.42.1.noarch",
"SUSE Linux Enterprise Desktop 12:kernel-syms-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Desktop 12:kernel-xen-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Desktop 12:kernel-xen-devel-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_55-52_42-default-1-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_55-52_42-xen-1-2.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server 12:kernel-default-3.12.55-52.42.1.ppc64le",
"SUSE Linux Enterprise Server 12:kernel-default-3.12.55-52.42.1.s390x",
"SUSE Linux Enterprise Server 12:kernel-default-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server 12:kernel-default-base-3.12.55-52.42.1.ppc64le",
"SUSE Linux Enterprise Server 12:kernel-default-base-3.12.55-52.42.1.s390x",
"SUSE Linux Enterprise Server 12:kernel-default-base-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server 12:kernel-default-devel-3.12.55-52.42.1.ppc64le",
"SUSE Linux Enterprise Server 12:kernel-default-devel-3.12.55-52.42.1.s390x",
"SUSE Linux Enterprise Server 12:kernel-default-devel-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server 12:kernel-default-man-3.12.55-52.42.1.s390x",
"SUSE Linux Enterprise Server 12:kernel-devel-3.12.55-52.42.1.noarch",
"SUSE Linux Enterprise Server 12:kernel-macros-3.12.55-52.42.1.noarch",
"SUSE Linux Enterprise Server 12:kernel-source-3.12.55-52.42.1.noarch",
"SUSE Linux Enterprise Server 12:kernel-syms-3.12.55-52.42.1.ppc64le",
"SUSE Linux Enterprise Server 12:kernel-syms-3.12.55-52.42.1.s390x",
"SUSE Linux Enterprise Server 12:kernel-syms-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server 12:kernel-xen-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server 12:kernel-xen-base-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server 12:kernel-xen-devel-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-3.12.55-52.42.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-3.12.55-52.42.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-base-3.12.55-52.42.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-base-3.12.55-52.42.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-base-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-devel-3.12.55-52.42.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-devel-3.12.55-52.42.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-devel-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-man-3.12.55-52.42.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-devel-3.12.55-52.42.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-macros-3.12.55-52.42.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-source-3.12.55-52.42.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-syms-3.12.55-52.42.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-syms-3.12.55-52.42.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-syms-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-base-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-devel-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12:kernel-docs-3.12.55-52.42.2.noarch",
"SUSE Linux Enterprise Software Development Kit 12:kernel-obs-build-3.12.55-52.42.2.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12:kernel-obs-build-3.12.55-52.42.2.s390x",
"SUSE Linux Enterprise Software Development Kit 12:kernel-obs-build-3.12.55-52.42.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 12:kernel-default-extra-3.12.55-52.42.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-03-16T10:39:32Z",
"details": "low"
}
],
"title": "CVE-2016-2069"
},
{
"cve": "CVE-2016-2384",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-2384"
}
],
"notes": [
{
"category": "general",
"text": "Double free vulnerability in the snd_usbmidi_create function in sound/usb/midi.c in the Linux kernel before 4.5 allows physically proximate attackers to cause a denial of service (panic) or possibly have unspecified other impact via vectors involving an invalid USB descriptor.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12:kernel-default-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Desktop 12:kernel-default-devel-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Desktop 12:kernel-default-extra-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Desktop 12:kernel-devel-3.12.55-52.42.1.noarch",
"SUSE Linux Enterprise Desktop 12:kernel-macros-3.12.55-52.42.1.noarch",
"SUSE Linux Enterprise Desktop 12:kernel-source-3.12.55-52.42.1.noarch",
"SUSE Linux Enterprise Desktop 12:kernel-syms-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Desktop 12:kernel-xen-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Desktop 12:kernel-xen-devel-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_55-52_42-default-1-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_55-52_42-xen-1-2.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server 12:kernel-default-3.12.55-52.42.1.ppc64le",
"SUSE Linux Enterprise Server 12:kernel-default-3.12.55-52.42.1.s390x",
"SUSE Linux Enterprise Server 12:kernel-default-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server 12:kernel-default-base-3.12.55-52.42.1.ppc64le",
"SUSE Linux Enterprise Server 12:kernel-default-base-3.12.55-52.42.1.s390x",
"SUSE Linux Enterprise Server 12:kernel-default-base-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server 12:kernel-default-devel-3.12.55-52.42.1.ppc64le",
"SUSE Linux Enterprise Server 12:kernel-default-devel-3.12.55-52.42.1.s390x",
"SUSE Linux Enterprise Server 12:kernel-default-devel-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server 12:kernel-default-man-3.12.55-52.42.1.s390x",
"SUSE Linux Enterprise Server 12:kernel-devel-3.12.55-52.42.1.noarch",
"SUSE Linux Enterprise Server 12:kernel-macros-3.12.55-52.42.1.noarch",
"SUSE Linux Enterprise Server 12:kernel-source-3.12.55-52.42.1.noarch",
"SUSE Linux Enterprise Server 12:kernel-syms-3.12.55-52.42.1.ppc64le",
"SUSE Linux Enterprise Server 12:kernel-syms-3.12.55-52.42.1.s390x",
"SUSE Linux Enterprise Server 12:kernel-syms-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server 12:kernel-xen-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server 12:kernel-xen-base-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server 12:kernel-xen-devel-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-3.12.55-52.42.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-3.12.55-52.42.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-base-3.12.55-52.42.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-base-3.12.55-52.42.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-base-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-devel-3.12.55-52.42.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-devel-3.12.55-52.42.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-devel-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-man-3.12.55-52.42.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-devel-3.12.55-52.42.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-macros-3.12.55-52.42.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-source-3.12.55-52.42.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-syms-3.12.55-52.42.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-syms-3.12.55-52.42.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-syms-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-base-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-devel-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12:kernel-docs-3.12.55-52.42.2.noarch",
"SUSE Linux Enterprise Software Development Kit 12:kernel-obs-build-3.12.55-52.42.2.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12:kernel-obs-build-3.12.55-52.42.2.s390x",
"SUSE Linux Enterprise Software Development Kit 12:kernel-obs-build-3.12.55-52.42.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 12:kernel-default-extra-3.12.55-52.42.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-2384",
"url": "https://www.suse.com/security/cve/CVE-2016-2384"
},
{
"category": "external",
"summary": "SUSE Bug 1020452 for CVE-2016-2384",
"url": "https://bugzilla.suse.com/1020452"
},
{
"category": "external",
"summary": "SUSE Bug 966693 for CVE-2016-2384",
"url": "https://bugzilla.suse.com/966693"
},
{
"category": "external",
"summary": "SUSE Bug 967773 for CVE-2016-2384",
"url": "https://bugzilla.suse.com/967773"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12:kernel-default-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Desktop 12:kernel-default-devel-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Desktop 12:kernel-default-extra-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Desktop 12:kernel-devel-3.12.55-52.42.1.noarch",
"SUSE Linux Enterprise Desktop 12:kernel-macros-3.12.55-52.42.1.noarch",
"SUSE Linux Enterprise Desktop 12:kernel-source-3.12.55-52.42.1.noarch",
"SUSE Linux Enterprise Desktop 12:kernel-syms-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Desktop 12:kernel-xen-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Desktop 12:kernel-xen-devel-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_55-52_42-default-1-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_55-52_42-xen-1-2.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server 12:kernel-default-3.12.55-52.42.1.ppc64le",
"SUSE Linux Enterprise Server 12:kernel-default-3.12.55-52.42.1.s390x",
"SUSE Linux Enterprise Server 12:kernel-default-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server 12:kernel-default-base-3.12.55-52.42.1.ppc64le",
"SUSE Linux Enterprise Server 12:kernel-default-base-3.12.55-52.42.1.s390x",
"SUSE Linux Enterprise Server 12:kernel-default-base-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server 12:kernel-default-devel-3.12.55-52.42.1.ppc64le",
"SUSE Linux Enterprise Server 12:kernel-default-devel-3.12.55-52.42.1.s390x",
"SUSE Linux Enterprise Server 12:kernel-default-devel-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server 12:kernel-default-man-3.12.55-52.42.1.s390x",
"SUSE Linux Enterprise Server 12:kernel-devel-3.12.55-52.42.1.noarch",
"SUSE Linux Enterprise Server 12:kernel-macros-3.12.55-52.42.1.noarch",
"SUSE Linux Enterprise Server 12:kernel-source-3.12.55-52.42.1.noarch",
"SUSE Linux Enterprise Server 12:kernel-syms-3.12.55-52.42.1.ppc64le",
"SUSE Linux Enterprise Server 12:kernel-syms-3.12.55-52.42.1.s390x",
"SUSE Linux Enterprise Server 12:kernel-syms-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server 12:kernel-xen-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server 12:kernel-xen-base-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server 12:kernel-xen-devel-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-3.12.55-52.42.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-3.12.55-52.42.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-base-3.12.55-52.42.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-base-3.12.55-52.42.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-base-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-devel-3.12.55-52.42.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-devel-3.12.55-52.42.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-devel-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-man-3.12.55-52.42.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-devel-3.12.55-52.42.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-macros-3.12.55-52.42.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-source-3.12.55-52.42.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-syms-3.12.55-52.42.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-syms-3.12.55-52.42.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-syms-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-base-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-devel-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12:kernel-docs-3.12.55-52.42.2.noarch",
"SUSE Linux Enterprise Software Development Kit 12:kernel-obs-build-3.12.55-52.42.2.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12:kernel-obs-build-3.12.55-52.42.2.s390x",
"SUSE Linux Enterprise Software Development Kit 12:kernel-obs-build-3.12.55-52.42.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 12:kernel-default-extra-3.12.55-52.42.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Desktop 12:kernel-default-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Desktop 12:kernel-default-devel-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Desktop 12:kernel-default-extra-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Desktop 12:kernel-devel-3.12.55-52.42.1.noarch",
"SUSE Linux Enterprise Desktop 12:kernel-macros-3.12.55-52.42.1.noarch",
"SUSE Linux Enterprise Desktop 12:kernel-source-3.12.55-52.42.1.noarch",
"SUSE Linux Enterprise Desktop 12:kernel-syms-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Desktop 12:kernel-xen-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Desktop 12:kernel-xen-devel-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_55-52_42-default-1-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_55-52_42-xen-1-2.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server 12:kernel-default-3.12.55-52.42.1.ppc64le",
"SUSE Linux Enterprise Server 12:kernel-default-3.12.55-52.42.1.s390x",
"SUSE Linux Enterprise Server 12:kernel-default-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server 12:kernel-default-base-3.12.55-52.42.1.ppc64le",
"SUSE Linux Enterprise Server 12:kernel-default-base-3.12.55-52.42.1.s390x",
"SUSE Linux Enterprise Server 12:kernel-default-base-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server 12:kernel-default-devel-3.12.55-52.42.1.ppc64le",
"SUSE Linux Enterprise Server 12:kernel-default-devel-3.12.55-52.42.1.s390x",
"SUSE Linux Enterprise Server 12:kernel-default-devel-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server 12:kernel-default-man-3.12.55-52.42.1.s390x",
"SUSE Linux Enterprise Server 12:kernel-devel-3.12.55-52.42.1.noarch",
"SUSE Linux Enterprise Server 12:kernel-macros-3.12.55-52.42.1.noarch",
"SUSE Linux Enterprise Server 12:kernel-source-3.12.55-52.42.1.noarch",
"SUSE Linux Enterprise Server 12:kernel-syms-3.12.55-52.42.1.ppc64le",
"SUSE Linux Enterprise Server 12:kernel-syms-3.12.55-52.42.1.s390x",
"SUSE Linux Enterprise Server 12:kernel-syms-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server 12:kernel-xen-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server 12:kernel-xen-base-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server 12:kernel-xen-devel-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-3.12.55-52.42.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-3.12.55-52.42.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-base-3.12.55-52.42.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-base-3.12.55-52.42.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-base-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-devel-3.12.55-52.42.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-devel-3.12.55-52.42.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-devel-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-man-3.12.55-52.42.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-devel-3.12.55-52.42.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-macros-3.12.55-52.42.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-source-3.12.55-52.42.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-syms-3.12.55-52.42.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-syms-3.12.55-52.42.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-syms-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-base-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-devel-3.12.55-52.42.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12:kernel-docs-3.12.55-52.42.2.noarch",
"SUSE Linux Enterprise Software Development Kit 12:kernel-obs-build-3.12.55-52.42.2.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12:kernel-obs-build-3.12.55-52.42.2.s390x",
"SUSE Linux Enterprise Software Development Kit 12:kernel-obs-build-3.12.55-52.42.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 12:kernel-default-extra-3.12.55-52.42.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-03-16T10:39:32Z",
"details": "low"
}
],
"title": "CVE-2016-2384"
}
]
}
suse-su-2016:1041-1
Vulnerability from csaf_suse
Published
2016-04-14 14:31
Modified
2016-04-14 14:31
Summary
Security update for Linux Kernel Live Patch 8
Notes
Title of the patch
Security update for Linux Kernel Live Patch 8
Description of the patch
This update for the Linux Kernel 3.12.48-52.27.1 fixes the following issues:
- CVE-2016-2384: A malicious USB device could cause a kernel crash in
the alsa usb-audio driver. (bsc#967773)
- CVE-2015-8812: A flaw was found in the CXGB3 kernel driver when
the network was considered congested. The kernel would incorrectly
misinterpret the congestion as an error condition and incorrectly
free/clean up the skb. When the device would then send the skb's queued,
these structures would be referenced and may panic the system or allow
an attacker to escalate privileges in a use-after-free scenario. (bsc#966683)
- CVE-2016-0774: A pipe buffer state corruption after unsuccessful atomic
read from pipe was fixed (bsc#964732).
- CVE-2015-8709: kernel/ptrace.c in the Linux kernel mishandled uid and
gid mappings, which allowed local users to gain privileges by establishing
a user namespace, waiting for a root process to enter that namespace
with an unsafe uid or gid, and then using the ptrace system call. NOTE:
the vendor states 'there is no kernel bug here.' (bsc#960563)
Patchnames
SUSE-SLE-Live-Patching-12-2016-618
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for Linux Kernel Live Patch 8",
"title": "Title of the patch"
},
{
"category": "description",
"text": "\nThis update for the Linux Kernel 3.12.48-52.27.1 fixes the following issues:\n\n- CVE-2016-2384: A malicious USB device could cause a kernel crash in\n the alsa usb-audio driver. (bsc#967773)\n\n- CVE-2015-8812: A flaw was found in the CXGB3 kernel driver when\n the network was considered congested. The kernel would incorrectly\n misinterpret the congestion as an error condition and incorrectly\n free/clean up the skb. When the device would then send the skb\u0027s queued,\n these structures would be referenced and may panic the system or allow\n an attacker to escalate privileges in a use-after-free scenario. (bsc#966683)\n\n- CVE-2016-0774: A pipe buffer state corruption after unsuccessful atomic\n read from pipe was fixed (bsc#964732).\n\n- CVE-2015-8709: kernel/ptrace.c in the Linux kernel mishandled uid and\n gid mappings, which allowed local users to gain privileges by establishing\n a user namespace, waiting for a root process to enter that namespace\n with an unsafe uid or gid, and then using the ptrace system call. NOTE:\n the vendor states \u0027there is no kernel bug here.\u0027 (bsc#960563)\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-SLE-Live-Patching-12-2016-618",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2016_1041-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2016:1041-1",
"url": "https://www.suse.com/support/update/announcement/2016/suse-su-20161041-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2016:1041-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2016-April/002011.html"
},
{
"category": "self",
"summary": "SUSE Bug 960563",
"url": "https://bugzilla.suse.com/960563"
},
{
"category": "self",
"summary": "SUSE Bug 964732",
"url": "https://bugzilla.suse.com/964732"
},
{
"category": "self",
"summary": "SUSE Bug 966683",
"url": "https://bugzilla.suse.com/966683"
},
{
"category": "self",
"summary": "SUSE Bug 967773",
"url": "https://bugzilla.suse.com/967773"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-8709 page",
"url": "https://www.suse.com/security/cve/CVE-2015-8709/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-8812 page",
"url": "https://www.suse.com/security/cve/CVE-2015-8812/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-0774 page",
"url": "https://www.suse.com/security/cve/CVE-2016-0774/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-2384 page",
"url": "https://www.suse.com/security/cve/CVE-2016-2384/"
}
],
"title": "Security update for Linux Kernel Live Patch 8",
"tracking": {
"current_release_date": "2016-04-14T14:31:11Z",
"generator": {
"date": "2016-04-14T14:31:11Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2016:1041-1",
"initial_release_date": "2016-04-14T14:31:11Z",
"revision_history": [
{
"date": "2016-04-14T14:31:11Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "kgraft-patch-3_12_48-52_27-default-4-2.1.x86_64",
"product": {
"name": "kgraft-patch-3_12_48-52_27-default-4-2.1.x86_64",
"product_id": "kgraft-patch-3_12_48-52_27-default-4-2.1.x86_64"
}
},
{
"category": "product_version",
"name": "kgraft-patch-3_12_48-52_27-xen-4-2.1.x86_64",
"product": {
"name": "kgraft-patch-3_12_48-52_27-xen-4-2.1.x86_64",
"product_id": "kgraft-patch-3_12_48-52_27-xen-4-2.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Live Patching 12",
"product": {
"name": "SUSE Linux Enterprise Live Patching 12",
"product_id": "SUSE Linux Enterprise Live Patching 12",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-live-patching:12"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-3_12_48-52_27-default-4-2.1.x86_64 as component of SUSE Linux Enterprise Live Patching 12",
"product_id": "SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_48-52_27-default-4-2.1.x86_64"
},
"product_reference": "kgraft-patch-3_12_48-52_27-default-4-2.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-3_12_48-52_27-xen-4-2.1.x86_64 as component of SUSE Linux Enterprise Live Patching 12",
"product_id": "SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_48-52_27-xen-4-2.1.x86_64"
},
"product_reference": "kgraft-patch-3_12_48-52_27-xen-4-2.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 12"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2015-8709",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-8709"
}
],
"notes": [
{
"category": "general",
"text": "kernel/ptrace.c in the Linux kernel through 4.4.1 mishandles uid and gid mappings, which allows local users to gain privileges by establishing a user namespace, waiting for a root process to enter that namespace with an unsafe uid or gid, and then using the ptrace system call. NOTE: the vendor states \"there is no kernel bug here.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_48-52_27-default-4-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_48-52_27-xen-4-2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-8709",
"url": "https://www.suse.com/security/cve/CVE-2015-8709"
},
{
"category": "external",
"summary": "SUSE Bug 1010933 for CVE-2015-8709",
"url": "https://bugzilla.suse.com/1010933"
},
{
"category": "external",
"summary": "SUSE Bug 959709 for CVE-2015-8709",
"url": "https://bugzilla.suse.com/959709"
},
{
"category": "external",
"summary": "SUSE Bug 960561 for CVE-2015-8709",
"url": "https://bugzilla.suse.com/960561"
},
{
"category": "external",
"summary": "SUSE Bug 960563 for CVE-2015-8709",
"url": "https://bugzilla.suse.com/960563"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_48-52_27-default-4-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_48-52_27-xen-4-2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_48-52_27-default-4-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_48-52_27-xen-4-2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-04-14T14:31:11Z",
"details": "moderate"
}
],
"title": "CVE-2015-8709"
},
{
"cve": "CVE-2015-8812",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-8812"
}
],
"notes": [
{
"category": "general",
"text": "drivers/infiniband/hw/cxgb3/iwch_cm.c in the Linux kernel before 4.5 does not properly identify error conditions, which allows remote attackers to execute arbitrary code or cause a denial of service (use-after-free) via crafted packets.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_48-52_27-default-4-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_48-52_27-xen-4-2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-8812",
"url": "https://www.suse.com/security/cve/CVE-2015-8812"
},
{
"category": "external",
"summary": "SUSE Bug 1020452 for CVE-2015-8812",
"url": "https://bugzilla.suse.com/1020452"
},
{
"category": "external",
"summary": "SUSE Bug 1115893 for CVE-2015-8812",
"url": "https://bugzilla.suse.com/1115893"
},
{
"category": "external",
"summary": "SUSE Bug 966437 for CVE-2015-8812",
"url": "https://bugzilla.suse.com/966437"
},
{
"category": "external",
"summary": "SUSE Bug 966683 for CVE-2015-8812",
"url": "https://bugzilla.suse.com/966683"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_48-52_27-default-4-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_48-52_27-xen-4-2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_48-52_27-default-4-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_48-52_27-xen-4-2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-04-14T14:31:11Z",
"details": "moderate"
}
],
"title": "CVE-2015-8812"
},
{
"cve": "CVE-2016-0774",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-0774"
}
],
"notes": [
{
"category": "general",
"text": "The (1) pipe_read and (2) pipe_write implementations in fs/pipe.c in a certain Linux kernel backport in the linux package before 3.2.73-2+deb7u3 on Debian wheezy and the kernel package before 3.10.0-229.26.2 on Red Hat Enterprise Linux (RHEL) 7.1 do not properly consider the side effects of failed __copy_to_user_inatomic and __copy_from_user_inatomic calls, which allows local users to cause a denial of service (system crash) or possibly gain privileges via a crafted application, aka an \"I/O vector array overrun.\" NOTE: this vulnerability exists because of an incorrect fix for CVE-2015-1805.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_48-52_27-default-4-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_48-52_27-xen-4-2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-0774",
"url": "https://www.suse.com/security/cve/CVE-2016-0774"
},
{
"category": "external",
"summary": "SUSE Bug 917839 for CVE-2016-0774",
"url": "https://bugzilla.suse.com/917839"
},
{
"category": "external",
"summary": "SUSE Bug 964730 for CVE-2016-0774",
"url": "https://bugzilla.suse.com/964730"
},
{
"category": "external",
"summary": "SUSE Bug 964732 for CVE-2016-0774",
"url": "https://bugzilla.suse.com/964732"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_48-52_27-default-4-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_48-52_27-xen-4-2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_48-52_27-default-4-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_48-52_27-xen-4-2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-04-14T14:31:11Z",
"details": "moderate"
}
],
"title": "CVE-2016-0774"
},
{
"cve": "CVE-2016-2384",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-2384"
}
],
"notes": [
{
"category": "general",
"text": "Double free vulnerability in the snd_usbmidi_create function in sound/usb/midi.c in the Linux kernel before 4.5 allows physically proximate attackers to cause a denial of service (panic) or possibly have unspecified other impact via vectors involving an invalid USB descriptor.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_48-52_27-default-4-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_48-52_27-xen-4-2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-2384",
"url": "https://www.suse.com/security/cve/CVE-2016-2384"
},
{
"category": "external",
"summary": "SUSE Bug 1020452 for CVE-2016-2384",
"url": "https://bugzilla.suse.com/1020452"
},
{
"category": "external",
"summary": "SUSE Bug 966693 for CVE-2016-2384",
"url": "https://bugzilla.suse.com/966693"
},
{
"category": "external",
"summary": "SUSE Bug 967773 for CVE-2016-2384",
"url": "https://bugzilla.suse.com/967773"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_48-52_27-default-4-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_48-52_27-xen-4-2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_48-52_27-default-4-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_48-52_27-xen-4-2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-04-14T14:31:11Z",
"details": "low"
}
],
"title": "CVE-2016-2384"
}
]
}
suse-su-2016:1034-1
Vulnerability from csaf_suse
Published
2016-04-14 11:41
Modified
2016-04-14 11:41
Summary
Security update for Linux Kernel Live Patch 11
Notes
Title of the patch
Security update for Linux Kernel Live Patch 11
Description of the patch
This update for the Linux Kernel 3.12.51-52.39.1 fixes the following issues:
- CVE-2016-2384: A malicious USB device could cause a kernel crash in
the alsa usb-audio driver. (bsc#967773)
- CVE-2015-8812: A flaw was found in the CXGB3 kernel driver when
the network was considered congested. The kernel would incorrectly
misinterpret the congestion as an error condition and incorrectly
free/clean up the skb. When the device would then send the skb's queued,
these structures would be referenced and may panic the system or allow
an attacker to escalate privileges in a use-after-free scenario. (bsc#966683)
- CVE-2016-0774: A pipe buffer state corruption after unsuccessful atomic
read from pipe was fixed (bsc#964732).
- CVE-2015-8709: kernel/ptrace.c in the Linux kernel mishandled uid and
gid mappings, which allowed local users to gain privileges by establishing
a user namespace, waiting for a root process to enter that namespace
with an unsafe uid or gid, and then using the ptrace system call. NOTE:
the vendor states 'there is no kernel bug here.' (bsc#960563)
Patchnames
SUSE-SLE-Live-Patching-12-2016-609
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for Linux Kernel Live Patch 11",
"title": "Title of the patch"
},
{
"category": "description",
"text": "\nThis update for the Linux Kernel 3.12.51-52.39.1 fixes the following issues:\n\n- CVE-2016-2384: A malicious USB device could cause a kernel crash in\n the alsa usb-audio driver. (bsc#967773)\n\n- CVE-2015-8812: A flaw was found in the CXGB3 kernel driver when\n the network was considered congested. The kernel would incorrectly\n misinterpret the congestion as an error condition and incorrectly\n free/clean up the skb. When the device would then send the skb\u0027s queued,\n these structures would be referenced and may panic the system or allow\n an attacker to escalate privileges in a use-after-free scenario. (bsc#966683)\n\n- CVE-2016-0774: A pipe buffer state corruption after unsuccessful atomic\n read from pipe was fixed (bsc#964732).\n\n- CVE-2015-8709: kernel/ptrace.c in the Linux kernel mishandled uid and\n gid mappings, which allowed local users to gain privileges by establishing\n a user namespace, waiting for a root process to enter that namespace\n with an unsafe uid or gid, and then using the ptrace system call. NOTE:\n the vendor states \u0027there is no kernel bug here.\u0027 (bsc#960563)\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-SLE-Live-Patching-12-2016-609",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2016_1034-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2016:1034-1",
"url": "https://www.suse.com/support/update/announcement/2016/suse-su-20161034-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2016:1034-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2016-April/002005.html"
},
{
"category": "self",
"summary": "SUSE Bug 960563",
"url": "https://bugzilla.suse.com/960563"
},
{
"category": "self",
"summary": "SUSE Bug 964732",
"url": "https://bugzilla.suse.com/964732"
},
{
"category": "self",
"summary": "SUSE Bug 966683",
"url": "https://bugzilla.suse.com/966683"
},
{
"category": "self",
"summary": "SUSE Bug 967773",
"url": "https://bugzilla.suse.com/967773"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-8709 page",
"url": "https://www.suse.com/security/cve/CVE-2015-8709/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-8812 page",
"url": "https://www.suse.com/security/cve/CVE-2015-8812/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-0774 page",
"url": "https://www.suse.com/security/cve/CVE-2016-0774/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-2384 page",
"url": "https://www.suse.com/security/cve/CVE-2016-2384/"
}
],
"title": "Security update for Linux Kernel Live Patch 11",
"tracking": {
"current_release_date": "2016-04-14T11:41:11Z",
"generator": {
"date": "2016-04-14T11:41:11Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2016:1034-1",
"initial_release_date": "2016-04-14T11:41:11Z",
"revision_history": [
{
"date": "2016-04-14T11:41:11Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "kgraft-patch-3_12_51-52_39-default-3-2.1.x86_64",
"product": {
"name": "kgraft-patch-3_12_51-52_39-default-3-2.1.x86_64",
"product_id": "kgraft-patch-3_12_51-52_39-default-3-2.1.x86_64"
}
},
{
"category": "product_version",
"name": "kgraft-patch-3_12_51-52_39-xen-3-2.1.x86_64",
"product": {
"name": "kgraft-patch-3_12_51-52_39-xen-3-2.1.x86_64",
"product_id": "kgraft-patch-3_12_51-52_39-xen-3-2.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Live Patching 12",
"product": {
"name": "SUSE Linux Enterprise Live Patching 12",
"product_id": "SUSE Linux Enterprise Live Patching 12",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-live-patching:12"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-3_12_51-52_39-default-3-2.1.x86_64 as component of SUSE Linux Enterprise Live Patching 12",
"product_id": "SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_51-52_39-default-3-2.1.x86_64"
},
"product_reference": "kgraft-patch-3_12_51-52_39-default-3-2.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-3_12_51-52_39-xen-3-2.1.x86_64 as component of SUSE Linux Enterprise Live Patching 12",
"product_id": "SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_51-52_39-xen-3-2.1.x86_64"
},
"product_reference": "kgraft-patch-3_12_51-52_39-xen-3-2.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 12"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2015-8709",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-8709"
}
],
"notes": [
{
"category": "general",
"text": "kernel/ptrace.c in the Linux kernel through 4.4.1 mishandles uid and gid mappings, which allows local users to gain privileges by establishing a user namespace, waiting for a root process to enter that namespace with an unsafe uid or gid, and then using the ptrace system call. NOTE: the vendor states \"there is no kernel bug here.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_51-52_39-default-3-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_51-52_39-xen-3-2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-8709",
"url": "https://www.suse.com/security/cve/CVE-2015-8709"
},
{
"category": "external",
"summary": "SUSE Bug 1010933 for CVE-2015-8709",
"url": "https://bugzilla.suse.com/1010933"
},
{
"category": "external",
"summary": "SUSE Bug 959709 for CVE-2015-8709",
"url": "https://bugzilla.suse.com/959709"
},
{
"category": "external",
"summary": "SUSE Bug 960561 for CVE-2015-8709",
"url": "https://bugzilla.suse.com/960561"
},
{
"category": "external",
"summary": "SUSE Bug 960563 for CVE-2015-8709",
"url": "https://bugzilla.suse.com/960563"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_51-52_39-default-3-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_51-52_39-xen-3-2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_51-52_39-default-3-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_51-52_39-xen-3-2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-04-14T11:41:11Z",
"details": "moderate"
}
],
"title": "CVE-2015-8709"
},
{
"cve": "CVE-2015-8812",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-8812"
}
],
"notes": [
{
"category": "general",
"text": "drivers/infiniband/hw/cxgb3/iwch_cm.c in the Linux kernel before 4.5 does not properly identify error conditions, which allows remote attackers to execute arbitrary code or cause a denial of service (use-after-free) via crafted packets.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_51-52_39-default-3-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_51-52_39-xen-3-2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-8812",
"url": "https://www.suse.com/security/cve/CVE-2015-8812"
},
{
"category": "external",
"summary": "SUSE Bug 1020452 for CVE-2015-8812",
"url": "https://bugzilla.suse.com/1020452"
},
{
"category": "external",
"summary": "SUSE Bug 1115893 for CVE-2015-8812",
"url": "https://bugzilla.suse.com/1115893"
},
{
"category": "external",
"summary": "SUSE Bug 966437 for CVE-2015-8812",
"url": "https://bugzilla.suse.com/966437"
},
{
"category": "external",
"summary": "SUSE Bug 966683 for CVE-2015-8812",
"url": "https://bugzilla.suse.com/966683"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_51-52_39-default-3-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_51-52_39-xen-3-2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_51-52_39-default-3-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_51-52_39-xen-3-2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-04-14T11:41:11Z",
"details": "moderate"
}
],
"title": "CVE-2015-8812"
},
{
"cve": "CVE-2016-0774",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-0774"
}
],
"notes": [
{
"category": "general",
"text": "The (1) pipe_read and (2) pipe_write implementations in fs/pipe.c in a certain Linux kernel backport in the linux package before 3.2.73-2+deb7u3 on Debian wheezy and the kernel package before 3.10.0-229.26.2 on Red Hat Enterprise Linux (RHEL) 7.1 do not properly consider the side effects of failed __copy_to_user_inatomic and __copy_from_user_inatomic calls, which allows local users to cause a denial of service (system crash) or possibly gain privileges via a crafted application, aka an \"I/O vector array overrun.\" NOTE: this vulnerability exists because of an incorrect fix for CVE-2015-1805.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_51-52_39-default-3-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_51-52_39-xen-3-2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-0774",
"url": "https://www.suse.com/security/cve/CVE-2016-0774"
},
{
"category": "external",
"summary": "SUSE Bug 917839 for CVE-2016-0774",
"url": "https://bugzilla.suse.com/917839"
},
{
"category": "external",
"summary": "SUSE Bug 964730 for CVE-2016-0774",
"url": "https://bugzilla.suse.com/964730"
},
{
"category": "external",
"summary": "SUSE Bug 964732 for CVE-2016-0774",
"url": "https://bugzilla.suse.com/964732"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_51-52_39-default-3-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_51-52_39-xen-3-2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_51-52_39-default-3-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_51-52_39-xen-3-2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-04-14T11:41:11Z",
"details": "moderate"
}
],
"title": "CVE-2016-0774"
},
{
"cve": "CVE-2016-2384",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-2384"
}
],
"notes": [
{
"category": "general",
"text": "Double free vulnerability in the snd_usbmidi_create function in sound/usb/midi.c in the Linux kernel before 4.5 allows physically proximate attackers to cause a denial of service (panic) or possibly have unspecified other impact via vectors involving an invalid USB descriptor.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_51-52_39-default-3-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_51-52_39-xen-3-2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-2384",
"url": "https://www.suse.com/security/cve/CVE-2016-2384"
},
{
"category": "external",
"summary": "SUSE Bug 1020452 for CVE-2016-2384",
"url": "https://bugzilla.suse.com/1020452"
},
{
"category": "external",
"summary": "SUSE Bug 966693 for CVE-2016-2384",
"url": "https://bugzilla.suse.com/966693"
},
{
"category": "external",
"summary": "SUSE Bug 967773 for CVE-2016-2384",
"url": "https://bugzilla.suse.com/967773"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_51-52_39-default-3-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_51-52_39-xen-3-2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_51-52_39-default-3-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_51-52_39-xen-3-2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-04-14T11:41:11Z",
"details": "low"
}
],
"title": "CVE-2016-2384"
}
]
}
suse-su-2016:1045-1
Vulnerability from csaf_suse
Published
2016-04-15 09:23
Modified
2016-04-15 09:23
Summary
Security update for Linux Kernel Live Patch 10
Notes
Title of the patch
Security update for Linux Kernel Live Patch 10
Description of the patch
This update for the Linux Kernel 3.12.51-52.34.1 fixes the following issues:
- CVE-2016-2384: A malicious USB device could cause a kernel crash in
the alsa usb-audio driver. (bsc#967773)
- CVE-2015-8812: A flaw was found in the CXGB3 kernel driver when
the network was considered congested. The kernel would incorrectly
misinterpret the congestion as an error condition and incorrectly
free/clean up the skb. When the device would then send the skb's queued,
these structures would be referenced and may panic the system or allow
an attacker to escalate privileges in a use-after-free scenario. (bsc#966683)
- CVE-2016-0774: A pipe buffer state corruption after unsuccessful atomic
read from pipe was fixed (bsc#964732).
- CVE-2015-8709: kernel/ptrace.c in the Linux kernel mishandled uid and
gid mappings, which allowed local users to gain privileges by establishing
a user namespace, waiting for a root process to enter that namespace
with an unsafe uid or gid, and then using the ptrace system call. NOTE:
the vendor states 'there is no kernel bug here.' (bsc#960563)
Patchnames
SUSE-SLE-Live-Patching-12-2016-622
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for Linux Kernel Live Patch 10",
"title": "Title of the patch"
},
{
"category": "description",
"text": "\nThis update for the Linux Kernel 3.12.51-52.34.1 fixes the following issues:\n\n- CVE-2016-2384: A malicious USB device could cause a kernel crash in\n the alsa usb-audio driver. (bsc#967773)\n\n- CVE-2015-8812: A flaw was found in the CXGB3 kernel driver when\n the network was considered congested. The kernel would incorrectly\n misinterpret the congestion as an error condition and incorrectly\n free/clean up the skb. When the device would then send the skb\u0027s queued,\n these structures would be referenced and may panic the system or allow\n an attacker to escalate privileges in a use-after-free scenario. (bsc#966683)\n\n- CVE-2016-0774: A pipe buffer state corruption after unsuccessful atomic\n read from pipe was fixed (bsc#964732).\n\n- CVE-2015-8709: kernel/ptrace.c in the Linux kernel mishandled uid and\n gid mappings, which allowed local users to gain privileges by establishing\n a user namespace, waiting for a root process to enter that namespace\n with an unsafe uid or gid, and then using the ptrace system call. NOTE:\n the vendor states \u0027there is no kernel bug here.\u0027 (bsc#960563)\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-SLE-Live-Patching-12-2016-622",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2016_1045-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2016:1045-1",
"url": "https://www.suse.com/support/update/announcement/2016/suse-su-20161045-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2016:1045-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2016-April/002012.html"
},
{
"category": "self",
"summary": "SUSE Bug 960563",
"url": "https://bugzilla.suse.com/960563"
},
{
"category": "self",
"summary": "SUSE Bug 964732",
"url": "https://bugzilla.suse.com/964732"
},
{
"category": "self",
"summary": "SUSE Bug 966683",
"url": "https://bugzilla.suse.com/966683"
},
{
"category": "self",
"summary": "SUSE Bug 967773",
"url": "https://bugzilla.suse.com/967773"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-8709 page",
"url": "https://www.suse.com/security/cve/CVE-2015-8709/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-8812 page",
"url": "https://www.suse.com/security/cve/CVE-2015-8812/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-0774 page",
"url": "https://www.suse.com/security/cve/CVE-2016-0774/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-2384 page",
"url": "https://www.suse.com/security/cve/CVE-2016-2384/"
}
],
"title": "Security update for Linux Kernel Live Patch 10",
"tracking": {
"current_release_date": "2016-04-15T09:23:59Z",
"generator": {
"date": "2016-04-15T09:23:59Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2016:1045-1",
"initial_release_date": "2016-04-15T09:23:59Z",
"revision_history": [
{
"date": "2016-04-15T09:23:59Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "kgraft-patch-3_12_51-52_34-default-4-2.1.x86_64",
"product": {
"name": "kgraft-patch-3_12_51-52_34-default-4-2.1.x86_64",
"product_id": "kgraft-patch-3_12_51-52_34-default-4-2.1.x86_64"
}
},
{
"category": "product_version",
"name": "kgraft-patch-3_12_51-52_34-xen-4-2.1.x86_64",
"product": {
"name": "kgraft-patch-3_12_51-52_34-xen-4-2.1.x86_64",
"product_id": "kgraft-patch-3_12_51-52_34-xen-4-2.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Live Patching 12",
"product": {
"name": "SUSE Linux Enterprise Live Patching 12",
"product_id": "SUSE Linux Enterprise Live Patching 12",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-live-patching:12"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-3_12_51-52_34-default-4-2.1.x86_64 as component of SUSE Linux Enterprise Live Patching 12",
"product_id": "SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_51-52_34-default-4-2.1.x86_64"
},
"product_reference": "kgraft-patch-3_12_51-52_34-default-4-2.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-3_12_51-52_34-xen-4-2.1.x86_64 as component of SUSE Linux Enterprise Live Patching 12",
"product_id": "SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_51-52_34-xen-4-2.1.x86_64"
},
"product_reference": "kgraft-patch-3_12_51-52_34-xen-4-2.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 12"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2015-8709",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-8709"
}
],
"notes": [
{
"category": "general",
"text": "kernel/ptrace.c in the Linux kernel through 4.4.1 mishandles uid and gid mappings, which allows local users to gain privileges by establishing a user namespace, waiting for a root process to enter that namespace with an unsafe uid or gid, and then using the ptrace system call. NOTE: the vendor states \"there is no kernel bug here.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_51-52_34-default-4-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_51-52_34-xen-4-2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-8709",
"url": "https://www.suse.com/security/cve/CVE-2015-8709"
},
{
"category": "external",
"summary": "SUSE Bug 1010933 for CVE-2015-8709",
"url": "https://bugzilla.suse.com/1010933"
},
{
"category": "external",
"summary": "SUSE Bug 959709 for CVE-2015-8709",
"url": "https://bugzilla.suse.com/959709"
},
{
"category": "external",
"summary": "SUSE Bug 960561 for CVE-2015-8709",
"url": "https://bugzilla.suse.com/960561"
},
{
"category": "external",
"summary": "SUSE Bug 960563 for CVE-2015-8709",
"url": "https://bugzilla.suse.com/960563"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_51-52_34-default-4-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_51-52_34-xen-4-2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_51-52_34-default-4-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_51-52_34-xen-4-2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-04-15T09:23:59Z",
"details": "moderate"
}
],
"title": "CVE-2015-8709"
},
{
"cve": "CVE-2015-8812",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-8812"
}
],
"notes": [
{
"category": "general",
"text": "drivers/infiniband/hw/cxgb3/iwch_cm.c in the Linux kernel before 4.5 does not properly identify error conditions, which allows remote attackers to execute arbitrary code or cause a denial of service (use-after-free) via crafted packets.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_51-52_34-default-4-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_51-52_34-xen-4-2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-8812",
"url": "https://www.suse.com/security/cve/CVE-2015-8812"
},
{
"category": "external",
"summary": "SUSE Bug 1020452 for CVE-2015-8812",
"url": "https://bugzilla.suse.com/1020452"
},
{
"category": "external",
"summary": "SUSE Bug 1115893 for CVE-2015-8812",
"url": "https://bugzilla.suse.com/1115893"
},
{
"category": "external",
"summary": "SUSE Bug 966437 for CVE-2015-8812",
"url": "https://bugzilla.suse.com/966437"
},
{
"category": "external",
"summary": "SUSE Bug 966683 for CVE-2015-8812",
"url": "https://bugzilla.suse.com/966683"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_51-52_34-default-4-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_51-52_34-xen-4-2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_51-52_34-default-4-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_51-52_34-xen-4-2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-04-15T09:23:59Z",
"details": "moderate"
}
],
"title": "CVE-2015-8812"
},
{
"cve": "CVE-2016-0774",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-0774"
}
],
"notes": [
{
"category": "general",
"text": "The (1) pipe_read and (2) pipe_write implementations in fs/pipe.c in a certain Linux kernel backport in the linux package before 3.2.73-2+deb7u3 on Debian wheezy and the kernel package before 3.10.0-229.26.2 on Red Hat Enterprise Linux (RHEL) 7.1 do not properly consider the side effects of failed __copy_to_user_inatomic and __copy_from_user_inatomic calls, which allows local users to cause a denial of service (system crash) or possibly gain privileges via a crafted application, aka an \"I/O vector array overrun.\" NOTE: this vulnerability exists because of an incorrect fix for CVE-2015-1805.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_51-52_34-default-4-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_51-52_34-xen-4-2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-0774",
"url": "https://www.suse.com/security/cve/CVE-2016-0774"
},
{
"category": "external",
"summary": "SUSE Bug 917839 for CVE-2016-0774",
"url": "https://bugzilla.suse.com/917839"
},
{
"category": "external",
"summary": "SUSE Bug 964730 for CVE-2016-0774",
"url": "https://bugzilla.suse.com/964730"
},
{
"category": "external",
"summary": "SUSE Bug 964732 for CVE-2016-0774",
"url": "https://bugzilla.suse.com/964732"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_51-52_34-default-4-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_51-52_34-xen-4-2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_51-52_34-default-4-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_51-52_34-xen-4-2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-04-15T09:23:59Z",
"details": "moderate"
}
],
"title": "CVE-2016-0774"
},
{
"cve": "CVE-2016-2384",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-2384"
}
],
"notes": [
{
"category": "general",
"text": "Double free vulnerability in the snd_usbmidi_create function in sound/usb/midi.c in the Linux kernel before 4.5 allows physically proximate attackers to cause a denial of service (panic) or possibly have unspecified other impact via vectors involving an invalid USB descriptor.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_51-52_34-default-4-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_51-52_34-xen-4-2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-2384",
"url": "https://www.suse.com/security/cve/CVE-2016-2384"
},
{
"category": "external",
"summary": "SUSE Bug 1020452 for CVE-2016-2384",
"url": "https://bugzilla.suse.com/1020452"
},
{
"category": "external",
"summary": "SUSE Bug 966693 for CVE-2016-2384",
"url": "https://bugzilla.suse.com/966693"
},
{
"category": "external",
"summary": "SUSE Bug 967773 for CVE-2016-2384",
"url": "https://bugzilla.suse.com/967773"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_51-52_34-default-4-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_51-52_34-xen-4-2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_51-52_34-default-4-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_51-52_34-xen-4-2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-04-15T09:23:59Z",
"details": "low"
}
],
"title": "CVE-2016-2384"
}
]
}
suse-su-2016:1764-1
Vulnerability from csaf_suse
Published
2016-07-08 11:47
Modified
2016-07-08 11:47
Summary
Security update for the Linux Kernel
Notes
Title of the patch
Security update for the Linux Kernel
Description of the patch
The SUSE Linux Enterprise 12 SP1 Realtime kernel was updated to 3.12.58 to receive various security and bugfixes.
The following security bugs were fixed:
- CVE-2015-7566: The treo_attach function in drivers/usb/serial/visor.c
in the Linux kernel allowed physically proximate attackers to cause
a denial of service (NULL pointer dereference and system crash) or
possibly have unspecified other impact by inserting a USB device that
lacks a (1) bulk-in or (2) interrupt-in endpoint (bnc#961512).
- CVE-2015-8550: Xen, when used on a system providing PV backends,
allowed local guest OS administrators to cause a denial of service
(host OS crash) or gain privileges by writing to memory shared between
the frontend and backend, aka a double fetch vulnerability (bsc#957988).
- CVE-2015-8551: The PCI backend driver in Xen, when running on an x86
system, allowed local guest administrators to hit BUG conditions and
cause a denial of service (NULL pointer dereference and host OS crash)
by leveraging a system with access to a passed-through MSI or MSI-X
capable physical PCI device and a crafted sequence of XEN_PCI_OP_*
operations, aka 'Linux pciback missing sanity checks (bsc#957990).
- CVE-2015-8551: The pci backend driver in Xen, when running on an
x86 system and using Linux 3.1.x through 4.3.x as the driver domain,
allowed local guest administrators to hit BUG conditions and cause
a denial of service (NULL pointer dereference and host OS crash) by
leveraging a system with access to a passed-through MSI or MSI-X capable
physical PCI device and a crafted sequence of XEN_PCI_OP_* operations,
aka 'Linux pciback missing sanity checks (bnc#957990).
- CVE-2015-8552: The PCI backend driver in Xen, when running on an x86
system, allowed local guest administrators to generate a continuous
stream of WARN messages and cause a denial of service (disk consumption)
by leveraging a system with access to a passed-through MSI or MSI-X
capable physical PCI device and XEN_PCI_OP_enable_msi operations, aka
'Linux pciback missing sanity checks (bsc#957990).
- CVE-2015-8552: The pci backend driver in Xen, when running on an
x86 system and using Linux 3.1.x through 4.3.x as the driver domain,
allowed local guest administrators to generate a continuous stream
of WARN messages and cause a denial of service (disk consumption)
by leveraging a system with access to a passed-through MSI or MSI-X
capable physical PCI device and XEN_PCI_OP_enable_msi operations, aka
'Linux pciback missing sanity checks (bnc#957990).
- CVE-2015-8709: ** DISPUTED ** kernel/ptrace.c in the Linux kernel
mishandles uid and gid mappings, which allowed local users to gain
privileges by establishing a user namespace, waiting for a root process
to enter that namespace with an unsafe uid or gid, and then using the
ptrace system call. Upstream states that there is no kernel bug here
(bnc#960561).
- CVE-2015-8785: The fuse_fill_write_pages function in fs/fuse/file.c
allowed local users to cause a denial of service (infinite loop) via a
writev system call that triggers a zero length for the first segment of
an iov (bsc#963765).
- CVE-2015-8812: drivers/infiniband/hw/cxgb3/iwch_cm.c did not properly
identify error conditions, which allowed remote attackers to execute
arbitrary code or cause a denial of service (use-after-free) via crafted
packets (bsc#966437).
- CVE-2015-8816: The hub_activate function in drivers/usb/core/hub.c
did not properly maintain a hub-interface data structure, which allowed
physically proximate attackers to cause a denial of service (invalid
memory access and system crash) or possibly have unspecified other impact
by unplugging a USB hub device (bsc#968010).
- CVE-2015-8816: The hub_activate function in drivers/usb/core/hub.c in
the Linux kernel did not properly maintain a hub-interface data structure,
which allowed physically proximate attackers to cause a denial of service
(invalid memory access and system crash) or possibly have unspecified
other impact by unplugging a USB hub device (bnc#968010).
- CVE-2016-0723: Race condition in the tty_ioctl function in
drivers/tty/tty_io.c allowed local users to obtain sensitive information
from kernel memory or cause a denial of service (use-after-free and
system crash) by making a TIOCGETD ioctl call during processing of a
TIOCSETD ioctl call (bsc#961500).
- CVE-2016-2143: The fork implementation in the Linux kernel on
s390 platforms mishandles the case of four page-table levels,
which allowed local users to cause a denial of service (system
crash) or possibly have unspecified other impact via a crafted
application, related to arch/s390/include/asm/mmu_context.h and
arch/s390/include/asm/pgalloc.h. (bnc#970504)
- CVE-2016-2143: The fork implementation on s390 platforms mishandles
the case of four page-table levels, which allowed local users to cause a
denial of service (system crash) or possibly have unspecified other impact
via a crafted application, related to arch/s390/include/asm/mmu_context.h
and arch/s390/include/asm/pgalloc.h (bsc#970504).
- CVE-2016-2184: The create_fixed_stream_quirk function in
sound/usb/quirks.c in the snd-usb-audio driver allowed physically
proximate attackers to cause a denial of service (NULL pointer dereference
or double free, and system crash) via a crafted endpoints value in a
USB device descriptor (bsc#971125).
- CVE-2016-2184: The create_fixed_stream_quirk function in
sound/usb/quirks.c in the snd-usb-audio driver in the Linux kernel allowed
physically proximate attackers to cause a denial of service (NULL pointer
dereference or double free, and system crash) via a crafted endpoints
value in a USB device descriptor (bnc#971125).
- CVE-2016-2185: The ati_remote2_probe function in
drivers/input/misc/ati_remote2.c allowed physically proximate attackers
to cause a denial of service (NULL pointer dereference and system crash)
via a crafted endpoints value in a USB device descriptor (bsc#971124).
- CVE-2016-2185: The ati_remote2_probe function in
drivers/input/misc/ati_remote2.c in the Linux kernel allowed physically
proximate attackers to cause a denial of service (NULL pointer dereference
and system crash) via a crafted endpoints value in a USB device descriptor
(bnc#971124).
- CVE-2016-2186: The powermate_probe function in
drivers/input/misc/powermate.c allowed physically proximate attackers
to cause a denial of service (NULL pointer dereference and system crash)
via a crafted endpoints value in a USB device descriptor (bsc#970958).
- CVE-2016-2186: The powermate_probe function in
drivers/input/misc/powermate.c in the Linux kernel allowed physically
proximate attackers to cause a denial of service (NULL pointer dereference
and system crash) via a crafted endpoints value in a USB device descriptor
(bnc#970958).
- CVE-2016-2188: The iowarrior_probe function in
drivers/usb/misc/iowarrior.c allowed physically proximate attackers to
cause a denial of service (NULL pointer dereference and system crash)
via a crafted endpoints value in a USB device descriptor (bsc#970956).
- CVE-2016-2188: The iowarrior_probe function in
drivers/usb/misc/iowarrior.c in the Linux kernel allowed physically
proximate attackers to cause a denial of service (NULL pointer dereference
and system crash) via a crafted endpoints value in a USB device descriptor
(bnc#970956).
- CVE-2016-2384: Double free vulnerability in the snd_usbmidi_create
function in sound/usb/midi.c allowed physically proximate attackers to
cause a denial of service (panic) or possibly have unspecified other
impact via vectors involving an invalid USB descriptor (bsc#966693).
- CVE-2016-2782: The treo_attach function in drivers/usb/serial/visor.c
allowed physically proximate attackers to cause a denial of service
(NULL pointer dereference and system crash) or possibly have unspecified
other impact by inserting a USB device that lacks a (1) bulk-in or (2)
interrupt-in endpoint (bsc#968670).
- CVE-2016-3134: The netfilter subsystem in the Linux kernel did
not validate certain offset fields, which allowed local users to gain
privileges or cause a denial of service (heap memory corruption) via an
IPT_SO_SET_REPLACE setsockopt call (bnc#971126).
- CVE-2016-3136: The mct_u232_msr_to_state function in
drivers/usb/serial/mct_u232.c allowed physically proximate attackers to
cause a denial of service (NULL pointer dereference and system crash)
via a crafted USB device without two interrupt-in endpoint descriptors
(bsc#970955).
- CVE-2016-3136: The mct_u232_msr_to_state function in
drivers/usb/serial/mct_u232.c in the Linux kernel allowed physically
proximate attackers to cause a denial of service (NULL pointer dereference
and system crash) via a crafted USB device without two interrupt-in
endpoint descriptors (bnc#970955).
- CVE-2016-3137: drivers/usb/serial/cypress_m8.c allowed physically
proximate attackers to cause a denial of service (NULL pointer
dereference and system crash) via a USB device without both an
interrupt-in and an interrupt-out endpoint descriptor, related to the
cypress_generic_port_probe and cypress_open functions (bsc#970970).
- CVE-2016-3137: drivers/usb/serial/cypress_m8.c in the Linux kernel
allowed physically proximate attackers to cause a denial of service
(NULL pointer dereference and system crash) via a USB device without
both an interrupt-in and an interrupt-out endpoint descriptor, related
to the cypress_generic_port_probe and cypress_open functions (bnc#970970).
- CVE-2016-3138: The acm_probe function in drivers/usb/class/cdc-acm.c
allowed physically proximate attackers to cause a denial of service
(NULL pointer dereference and system crash) via a USB device without
both a control and a data endpoint descriptor (bsc#970911).
- CVE-2016-3138: The acm_probe function in drivers/usb/class/cdc-acm.c
in the Linux kernel allowed physically proximate attackers to cause a
denial of service (NULL pointer dereference and system crash) via a USB
device without both a control and a data endpoint descriptor (bnc#970911).
- CVE-2016-3139: The wacom_probe function in
drivers/input/tablet/wacom_sys.c in the Linux kernel allowed physically
proximate attackers to cause a denial of service (NULL pointer dereference
and system crash) via a crafted endpoints value in a USB device descriptor
(bnc#970909).
- CVE-2016-3140: The digi_port_init function in
drivers/usb/serial/digi_acceleport.c allowed physically proximate
attackers to cause a denial of service (NULL pointer dereference and
system crash) via a crafted endpoints value in a USB device descriptor
(bsc#970892).
- CVE-2016-3140: The digi_port_init function in
drivers/usb/serial/digi_acceleport.c in the Linux kernel allowed
physically proximate attackers to cause a denial of service (NULL pointer
dereference and system crash) via a crafted endpoints value in a USB
device descriptor (bnc#970892).
- CVE-2016-3156: The IPv4 implementation in the Linux kernel mishandles
destruction of device objects, which allowed guest OS users to cause a
denial of service (host OS networking outage) by arranging for a large
number of IP addresses (bnc#971360).
- CVE-2016-3156: The IPv4 implementation mishandled destruction of device
objects, which allowed guest OS users to cause a denial of service (host
OS networking outage) by arranging for a large number of IP addresses
(bsc#971360).
- CVE-2016-3689: The ims_pcu_parse_cdc_data function in
drivers/input/misc/ims-pcu.c allowed physically proximate attackers to
cause a denial of service (system crash) via a USB device without both
a master and a slave interface (bsc#971628).
- CVE-2016-3689: The ims_pcu_parse_cdc_data function in
drivers/input/misc/ims-pcu.c in the Linux kernel allowed physically
proximate attackers to cause a denial of service (system crash) via a
USB device without both a master and a slave interface (bnc#971628).
- CVE-2016-3707: A ICMP echo feature hooked to sysrq was removed, which
could have allowed remote attackers to reboot / halt the machine.
- CVE-2016-3951: Double free vulnerability in drivers/net/usb/cdc_ncm.c in
the Linux kernel allowed physically proximate attackers to cause a denial
of service (system crash) or possibly have unspecified other impact by
inserting a USB device with an invalid USB descriptor (bnc#974418).
The following non-security bugs were fixed:
- acpi: Disable ACPI table override when UEFI Secure Boot is enabled (bsc#970604).
- acpi: Disable APEI error injection if securelevel is set (bsc#972891).
- alsa: rawmidi: Make snd_rawmidi_transmit() race-free (bsc#968018).
- alsa: seq: Fix leak of pool buffer at concurrent writes (bsc#968018).
- alsa: timer: Call notifier in the same spinlock (bsc#973378).
- alsa: timer: Protect the whole snd_timer_close() with open race (bsc#973378).
- alsa: timer: Sync timer deletion at closing the system timer (bsc#973378).
- alsa: timer: Use mod_timer() for rearming the system timer (bsc#973378).
- apparmor: Skip proc ns files (bsc#959514).
- block: xen-blkfront: Fix possible NULL ptr dereference (bsc#957986 fate#320625).
- btrfs: Account data space in more proper timin: (bsc#963193).
- btrfs: Add handler for invalidate page (bsc#963193).
- Btrfs: check prepare_uptodate_page() error code earlier (bnc#966910).
- btrfs: delayed_ref: Add new function to record reserved space into delayed ref (bsc#963193).
- btrfs: delayed_ref: release and free qgroup reserved at proper timing (bsc#963193).
- btrfs: extent_io: Introduce needed structure for recoding set/clear bits (bsc#963193).
- btrfs: extent_io: Introduce new function clear_record_extent_bits() (bsc#963193).
- btrfs: extent_io: Introduce new function set_record_extent_bits (bsc#963193).
- btrfs: extent-tree: Add new version of btrfs_check_data_free_space and btrfs_free_reserved_data_space (bsc#963193).
- btrfs: extent-tree: Add new version of btrfs_delalloc_reserve/release_space (bsc#963193).
- btrfs: extent-tree: Switch to new check_data_free_space and free_reserved_data_space (bsc#963193).
- btrfs: extent-tree: Switch to new delalloc space reserve and release (bsc#963193).
- btrfs: fallocate: Add support to accurate qgroup reserve (bsc#963193).
- Btrfs: fix deadlock between direct IO reads and buffered writes (bsc#973855).
- Btrfs: fix invalid page accesses in extent_same (dedup) ioctl (bnc#968230).
- Btrfs: fix loading of orphan roots leading to BUG_ON (bsc#972844).
- Btrfs: fix page reading in extent_same ioctl leading to csum errors (bnc#968230).
- btrfs: handle non-fatal errors in btrfs_qgroup_inherit() (bsc#972951).
- btrfs: qgroup: Add handler for NOCOW and inline (bsc#963193).
- btrfs: qgroup: Add new trace point for qgroup data reserve (bsc#963193).
- btrfs: qgroup: Avoid calling btrfs_free_reserved_data_space in clear_bit_hook (bsc#963193).
- btrfs: qgroup: Check if qgroup reserved space leaked (bsc#963193).
- btrfs: qgroup: Cleanup old inaccurate facilities (bsc#963193).
- btrfs: qgroup: Fix a race in delayed_ref which leads to abort trans (bsc#963193).
- btrfs: qgroup: Fix a rebase bug which will cause qgroup double free (bsc#963193).
- btrfs: qgroup: Fix dead judgement on qgroup_rescan_leaf() return value (bsc#969439).
- btrfs: qgroup: Introduce btrfs_qgroup_reserve_data function (bsc#963193).
- btrfs: qgroup: Introduce functions to release/free qgroup reserve data space (bsc#963193).
- btrfs: qgroup: Introduce new functions to reserve/free metadata (bsc#963193).
- btrfs: qgroup: return EINVAL if level of parent is not higher than child's (bsc#972951).
- btrfs: qgroup: Use new metadata reservation (bsc#963193).
- Btrfs: teach backref walking about backrefs with underflowed offset values (bsc#975371).
- dasd: fix hanging system after LCU changes (bnc#968497, LTC#136671).
- dmapi: fix dm_open_by_handle_rvp taking an extra ref to mnt (bsc#967292).
- drivers/base/memory.c: fix kernel warning during memory hotplug on ppc64 (bsc#963827).
- drivers: hv: Allow for MMIO claims that span ACPI _CRS records (bnc#965924).
- drivers: hv: Define the channel type for Hyper-V pci Express pass-through (bnc#965924).
- drivers: hv: Export a function that maps Linux CPU num onto Hyper-V proc num (bnc#965924).
- drivers: hv: Export the API to invoke a hypercall on Hyper-V (bnc#965924).
- drivers: hv: kvp: fix IP Failover.
- drivers: pci:hv: New paravirtual pci front-end for Hyper-V VMs (bnc#965924).
- drivers: xen-blkfront: move talk_to_blkback to a more suitable place (bsc#957986 fate#320625).
- drivers: xen-blkfront: only talk_to_blkback() when in XenbusStateInitialising (bsc#957986 fate#320625).
- drm/core: Preserve the framebuffer after removing it (bsc#968812).
- drm/i915: do not warn if backlight unexpectedly enabled (boo#972068).
- drm/i915: set backlight duty cycle after backlight enable for gen4 (boo#972780).
- drm/radeon: fix-up some float to fixed conversion thinkos (bsc#968813).
- drm/radeon: use HDP_MEM_COHERENCY_FLUSH_CNTL for sdma as well (bsc#968813).
- e1000e: Avoid divide by zero error (bsc#968643).
- e1000e: fix division by zero on jumbo MTUs (bsc#968643).
- e1000e: Fix tight loop implementation of systime read algorithm (bsc#968643).
- ext4: fix: print ext4 mountopt data_err=abort correctly (bsc#969735).
- ext4: fix races between page faults and hole punching (bsc#972174).
- ext4: fix races of writeback with punch hole and zero range (bsc#972174).
- ext4: Fix softlockups in SEEK_HOLE and SEEK_DATA implementations (bsc#942262).
- Fix preemptible_lazy() unused function warning for compute flavor
- fs/pipe.c: skip file_update_time on frozen fs (bsc#975488).
- fs/proc_namespace.c: simplify testing nsp and nsp->mnt_ns (bug#963960).
- fs, seqfile: always allow oom killer (bnc#968687).
- fs, seq_file: fallback to vmalloc instead of oom kill processes (bnc#968687).
- futex: Drop refcount if requeue_pi() acquired the rtmutex (bug#960174).
- hv: Lock access to hyperv_mmio resource tree (bnc#965924).
- hv: Make a function to free mmio regions through vmbus (bnc#965924).
- hv: Reverse order of resources in hyperv_mmio (bnc#965924).
- hv: Track allocations of children of hv_vmbus in private resource tree (bnc#965924).
- hv: Use new vmbus_mmio_free() from client drivers (bnc#965924).
- hwmon: (coretemp) Increase maximum core to 128 (bsc#970160)
- hyperv: Add mainline tags to some hyperv patches
- ibmvnic: Fix ibmvnic_capability struct (fate#320253).
- ibmvscsi: Remove unsupported host config MAD (bsc#973556).
- Ignore efivar_validate kabi failures -- it's an EFI internal function.
- intel_pstate: Use del_timer_sync in intel_pstate_cpu_stop (bsc#967650).
- iommu/vt-d: Improve fault handler error messages (bsc#975772).
- iommu/vt-d: Ratelimit fault handler (bsc#975772).
- ipv6: make fib6 serial number per namespace (bsc#965319).
- ipv6: mld: fix add_grhead skb_over_panic for devs with large MTUs (bsc#956852).
- ipv6: per netns fib6 walkers (bsc#965319).
- ipv6: per netns FIB garbage collection (bsc#965319).
- ipv6: replace global gc_args with local variable (bsc#965319).
- kabi fix for patches.fixes/reduce-m_start-cost (bsc#966573).
- kabi: kgr, add reserved fields (fate#313296).
- kABI: kgr: fix subtle race with kgr_module_init(), going notifier and kgr_modify_kernel().
- kabi: Preserve checksum of kvm_x86_ops (bsc#969112).
- kABI: protect enum enclosure_component_type.
- kABI: protect function file_open_root.
- kABI: protect struct af_alg_type.
- kABI: protect struct crypto_ahash.
- kABI: protect struct dm_exception_store_type.
- kABI: protect struct fib_nh_exception.
- kABI: protect struct module.
- kabi: protect struct netns_ipv6 after FIB6 GC series (bsc#965319).
- kABI: protect struct rq.
- kABI: protect struct sched_class.
- kABI: protect struct scm_creds.
- kABI: protect struct user_struct.
- kabi/severities:
- kabi/severities: Fail on changes in kvm_x86_ops, needed by lttng-modules
- kgr: add kgraft annotations to kthreads' wait_event_freezable() API calls (fate#313296).
- kgr: add kgraft annotation to hwrng kthread (fate#313296).
- kgr: add objname to kgr_patch_fun struct (fate#313296).
- kgr: add sympos and objname to error and debug messages (fate#313296).
- kgr: add sympos as disambiguator field to kgr_patch_fun structure (fate#313296).
- kgr: add sympos to sysfs (fate#313296).
- kgr: add TAINT_KGRAFT (fate#313296).
- kgr: call kgr_init_ftrace_ops() only for loaded objects (fate#313296).
- kgr: change to kallsyms_on_each_symbol iterator (fate#313296).
- kgr: define pr_fmt and modify all pr_* messages (fate#313296).
- kgr: do not print error for !abort_if_missing symbols (bnc#943989).
- kgr: do not return and print an error only if the object is not loaded (fate#313296).
- kgr: do not use WQ_MEM_RECLAIM workqueue (bnc#963572).
- kgr: fix an asymmetric dealing with delayed module loading (fate#313296).
- kgr: fix redirection on s390x arch (bsc#903279).
- kgr: fix reversion of a patch already reverted by a replace_all patch (fate#313296).
- kgr: fix reversion of a patch already reverted by a replace_all patch (fate#313296).
- kgr: fix subtle race with kgr_module_init(), going notifier and kgr_modify_kernel() (fate#313296).
- kgr: handle btrfs kthreads (fate#313296 bnc#889207).
- kgr: kmemleak, really mark the kthread safe after an interrupt (fate#313296).
- kgr: kmemleak, really mark the kthread safe after an interrupt (fate#313296).
- kgr: log when modifying kernel (fate#317827).
- kgr: mark kernel unsupported upon patch revert (fate#313296).
- kgr: mark some more missed kthreads (bnc#962336).
- kgr: remove abort_if_missing flag (fate#313296).
- kgr: usb/storage: do not emit thread awakened (bnc#899908).
- kvm: SVM: add rdmsr support for AMD event registers (bsc#968448).
- kvm: x86: Check dest_map->vector to match eoi signals for rtc (bsc#966471).
- kvm: x86: Convert ioapic->rtc_status.dest_map to a struct (bsc#966471).
- kvm: x86: store IOAPIC-handled vectors in each VCPU (bsc#966471).
- kvm: x86: Track irq vectors in ioapic->rtc_status.dest_map (bsc#966471).
- libceph: fix scatterlist last_piece calculation (bsc#963746).
- lpfc: Fix kmalloc overflow in LPFC driver at large core count (bsc#969690).
- memcg: do not hang on OOM when killed by userspace OOM access to memory reserves (bnc#969571).
- mld, igmp: Fix reserved tailroom calculation (bsc#956852).
- mmc: Allow forward compatibility for eMMC (bnc#966054).
- mm: reduce m_start() cost.. (bsc#966573).
- namespaces: Re-introduce task_nsproxy() helper (bug#963960).
- namespaces: Use task_lock and not rcu to protect nsproxy (bug#963960).
- net: core: Correct an over-stringent device loop detection (bsc#945219).
- net: irda: Fix use-after-free in irtty_open() (bnc#967903).
- nfs4: treat lock owners as opaque values (bnc#968141).
- nfsd: fix nfsd_setattr return code for HSM (bsc#969992).
- nfs: Fix handling of re-write-before-commit for mmapped NFS pages (bsc#964201).
- nfs: fix high load average due to callback thread sleeping (bsc#971170).
- nfs: Fix problem with setting ACL on directories (bsc#967251).
- nfs-rdma: Fix for FMR leaks (bsc#908151).
- nfsv4.1: do not use machine credentials for CLOSE when using 'sec=sys' (bsc#972003).
- nvme: default to 4k device page size (bsc#967047).
- nvme: special case AEN requests (bsc#965087).
- pci: Add global pci_lock_rescan_remove() (bnc#965924).
- pci/AER: Fix aer_inject error codes (bsc#931448).
- pci/AER: Log actual error causes in aer_inject (bsc#931448).
- pci/AER: Log aer_inject error injections (bsc#931448).
- pci/AER: Use dev_warn() in aer_inject (bsc#931448).
- pci: allow access to VPD attributes with size '0' (bsc#959146).
- pciback: Check PF instead of VF for pci_COMMAND_MEMORY.
- pciback: Save the number of MSI-X entries to be copied later.
- pci: Blacklist vpd access for buggy devices (bsc#959146).
- pci: Determine actual VPD size on first access (bsc#959146).
- pci: Export symbols required for loadable host driver modules (bnc#965924).
- pci: pciehp: Disable link notification across slot reset (bsc#967651).
- pci: pciehp: Do not check adapter or latch status while disabling (bsc#967651).
- pci: pciehp: Do not disable the link permanently during removal (bsc#967651).
- pci: pciehp: Ensure very fast hotplug events are also processed (bsc#967651).
- pci: Update VPD definitions (bsc#959146).
- perf, nmi: Fix unknown NMI warning (bsc#968512).
- pipe: limit the per-user amount of pages allocated in pipes (bsc#970948).
- printk: fix scheduling while atomic bug while oom testing (bnc#965153)
- proc: Fix ptrace-based permission checks for accessing task maps.
- qla2xxx: Remove unavailable firmware files (bsc#943645).
- rbd: do not log miscompare as an error (bsc#970062).
- rbd: use GFP_NOIO consistently for request allocations (bsc#971159).
- RDMA/ocrdma: Avoid reporting wrong completions in case of error CQEs (bsc#908151).
- Remove now unneeded (thus harmful) -rt74 probe_wakeup_latency_hist_start() prototype fix.
- Remove superfluous Git-commit header from patches.fixes/0001-namespaces-Re-introduce-task_nsproxy-helper.patch.
- Remove VIOSRP_HOST_CONFIG_TYPE from ibmvstgt.c in patches.fixes/0001-ibmvscsi-remove-unsupported-host-config-mad.patch. as well.
- resources: Set type in __request_region() (bnc#965924).
- Restore kabi after lock-owner change.
- Restore try_get_online_cpus() lockdep annotation dropped by commit d1811e3c
- Revert 'libata: Align ata_device's id on a cacheline'.
- Revert 'net/ipv6: add sysctl option accept_ra_min_hop_limit'.
- rpm/kernel-binary.spec.in: Sync the main and -base package dependencies (bsc#965830#c51).
- rpm/kernel-module-subpackage: Fix obsoleting dropped flavors (bsc#968253)
- s390/compat: correct restore of high gprs on signal return (bnc#968497, LTC#137571).
- s390/pageattr: do a single TLB flush for change_page_attr (bsc#940413).
- s390/zcrypt: HWRNG registration cause kernel panic on CEX hotplug (bnc#968497, LTC#138409).
- scsi: Add intermediate STARGET_REMOVE state to scsi_target_state (bsc#970609).
- scsi: fix soft lockup in scsi_remove_target() on module removal (bsc#965199).
- scsi: proper state checking and module refcount handling in scsi_device_get (boo#966831).
- series.conf: add section comments
- SUNRPC: Fix large reads on NFS/RDMA (bsc#908151).
- SUNRPC: remove KERN_INFO from dprintk() call sites (bsc#908151).
- supported.conf: Add bridge.ko for OpenStack (bsc#971600)
- supported.conf:Add drivers/infiniband/hw/ocrdma/ocrdma.ko to supported.conf (bsc#964461)
- supported.conf: Add e1000e (emulated by VMware) to -base (bsc#968074)
- supported.conf: Add Hyper-V modules to -base (bsc#965830)
- supported.conf: Add isofs to -base (bsc#969655).
- supported.conf: Add more qemu device driver (bsc#968234)
- supported.conf: Add mptspi and mptsas to -base (bsc#968206)
- supported.conf: add pci-hyperv
- supported.conf: Add the qemu scsi driver (sym53c8xx) to -base (bsc#967802)
- supported.conf: Add tulip to -base for Hyper-V (bsc#968234)
- supported.conf: Add xen-blkfront.
- svcrdma: advertise the correct max payload (bsc#908151).
- svcrdma: Fence LOCAL_INV work requests (bsc#908151).
- svcrdma: fix offset calculation for non-page aligned sge entries (bsc#908151).
- svcrdma: fix printk when memory allocation fails (bsc#908151).
- svcrdma: refactor marshalling logic (bsc#908151).
- svcrdma: send_write() must not overflow the device's max sge (bsc#908151).
- target: Drop incorrect ABORT_TASK put for completed commands (bsc#962872).
- target: Fix LUN_RESET active I/O handling for ACK_KREF (bsc#962872).
- target: Fix LUN_RESET active TMR descriptor handling (bsc#962872).
- target: Fix race with SCF_SEND_DELAYED_TAS handling (bsc#962872).
- target: Fix remote-port TMR ABORT + se_cmd fabric stop (bsc#962872).
- target: Fix TAS handling for multi-session se_node_acls (bsc#962872).
- tcp: convert cached rtt from usec to jiffies when feeding initial rto (bsc#937086).
- tcp: Restore RFC5961-compliant behavior for SYN packets (bsc#966864).
- tracing: Fix probe_wakeup_latency_hist_start() prototype @stable-rt cf1dd658fc10b2c34988cd27942fac0d94cb4b5f removed 'success` from trace prototypes, but missed probe_wakeup_latency_hist_start().
- Update patches.drivers/drm-ast-Initialize-data-needed-to-map-fbdev-memory.patch (bnc#880007). Fix refs and upstream status.
- Update patches.suse/kgr-0102-add-TAINT_KGRAFT.patch (fate#313296 bsc#974406).
- usb: Quiet down false peer failure messages (bnc#960629).
- USB: usbip: fix potential out-of-bounds write (bnc#975945).
- x86: export x86_msi (bnc#965924).
- xen: Add /etc/modprobe.d/50-xen.conf selecting Xen frontend driver implementation (bsc#957986, bsc#956084, bsc#961658).
- xen-blkfront: allow building in our Xen environment (bsc#957986 fate#320625).
- xen, blkfront: factor out flush-related checks from do_blkif_request() (bsc#957986 fate#320625).
- xen-blkfront: fix accounting of reqs when migrating (bsc#957986 fate#320625).
- xen/blkfront: Fix crash if backend does not follow the right states (bsc#957986 fate#320625).
- xen-blkfront: improve aproximation of required grants per request (bsc#957986 fate#320625).
- xen/blkfront: improve protection against issuing unsupported REQ_FUA (bsc#957986 fate#320625).
- xen/blkfront: remove redundant flush_op (bsc#957986 fate#320625).
- xen-blkfront: remove type check from blkfront_setup_discard (bsc#957986 fate#320625).
- xen-blkfront: Silence pfn maybe-uninitialized warning (bsc#957986 fate#320625).
- xen-vscsi-large-requests: Fix resource collision for racing request maps and unmaps (bsc#966094).
- xfs/dmapi: drop lock over synchronous XFS_SEND_DATA events (bsc#969993).
- xfs/dmapi: propertly send postcreate event (bsc#967299).
- xprtrdma: Allocate missing pagelist (bsc#908151).
- xprtrdma: Avoid deadlock when credit window is reset (bsc#908151).
- xprtrdma: Disconnect on registration failure (bsc#908151).
- xprtrdma: Ensure ia->ri_id->qp is not NULL when reconnecting (bsc#908151).
- xprtrdma: Fall back to MTHCAFMR when FRMR is not supported (bsc#908151).
- xprtrdma: Limit work done by completion handler (bsc#908151).
- xprtrdma: Make rpcrdma_ep_destroy() return void (bsc#908151).
- xprtrdma: mind the device's max fast register page list depth (bsc#908151).
- xprtrdma: mount reports 'Invalid mount option' if memreg mode not supported (bsc#908151).
- xprtrdma: Reduce the number of hardway buffer allocations (bsc#908151).
- xprtrdma: Remove BOUNCEBUFFERS memory registration mode (bsc#908151).
- xprtrdma: Remove BUG_ON() call sites (bsc#908151).
- xprtrdma: Remove MEMWINDOWS registration modes (bsc#908151).
- xprtrdma: Remove REGISTER memory registration mode (bsc#908151).
- xprtrdma: Remove Tavor MTU setting (bsc#908151).
- xprtrdma: Reset connection timeout after successful reconnect (bsc#908151).
- xprtrdma: RPC/RDMA must invoke xprt_wake_pending_tasks() in process context (bsc#908151).
- xprtrdma: Simplify rpcrdma_deregister_external() synopsis (bsc#908151).
- xprtrdma: Split the completion queue (bsc#908151).
- xprtrdma: Use macros for reconnection timeout constants (bsc#908151).
- xprtrmda: Reduce calls to ib_poll_cq() in completion handlers (bsc#908151).
- xprtrmda: Reduce lock contention in completion handlers (bsc#908151).
Patchnames
SUSE-SLE-RT-12-SP1-2016-1038
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for the Linux Kernel",
"title": "Title of the patch"
},
{
"category": "description",
"text": "\nThe SUSE Linux Enterprise 12 SP1 Realtime kernel was updated to 3.12.58 to receive various security and bugfixes.\n\nThe following security bugs were fixed:\n- CVE-2015-7566: The treo_attach function in drivers/usb/serial/visor.c\n in the Linux kernel allowed physically proximate attackers to cause\n a denial of service (NULL pointer dereference and system crash) or\n possibly have unspecified other impact by inserting a USB device that\n lacks a (1) bulk-in or (2) interrupt-in endpoint (bnc#961512).\n- CVE-2015-8550: Xen, when used on a system providing PV backends,\n allowed local guest OS administrators to cause a denial of service\n (host OS crash) or gain privileges by writing to memory shared between\n the frontend and backend, aka a double fetch vulnerability (bsc#957988).\n- CVE-2015-8551: The PCI backend driver in Xen, when running on an x86\n system, allowed local guest administrators to hit BUG conditions and\n cause a denial of service (NULL pointer dereference and host OS crash)\n by leveraging a system with access to a passed-through MSI or MSI-X\n capable physical PCI device and a crafted sequence of XEN_PCI_OP_*\n operations, aka \u0027Linux pciback missing sanity checks (bsc#957990).\n- CVE-2015-8551: The pci backend driver in Xen, when running on an\n x86 system and using Linux 3.1.x through 4.3.x as the driver domain,\n allowed local guest administrators to hit BUG conditions and cause\n a denial of service (NULL pointer dereference and host OS crash) by\n leveraging a system with access to a passed-through MSI or MSI-X capable\n physical PCI device and a crafted sequence of XEN_PCI_OP_* operations,\n aka \u0027Linux pciback missing sanity checks (bnc#957990).\n- CVE-2015-8552: The PCI backend driver in Xen, when running on an x86\n system, allowed local guest administrators to generate a continuous\n stream of WARN messages and cause a denial of service (disk consumption)\n by leveraging a system with access to a passed-through MSI or MSI-X\n capable physical PCI device and XEN_PCI_OP_enable_msi operations, aka\n \u0027Linux pciback missing sanity checks (bsc#957990).\n- CVE-2015-8552: The pci backend driver in Xen, when running on an\n x86 system and using Linux 3.1.x through 4.3.x as the driver domain,\n allowed local guest administrators to generate a continuous stream\n of WARN messages and cause a denial of service (disk consumption)\n by leveraging a system with access to a passed-through MSI or MSI-X\n capable physical PCI device and XEN_PCI_OP_enable_msi operations, aka\n \u0027Linux pciback missing sanity checks (bnc#957990).\n- CVE-2015-8709: ** DISPUTED ** kernel/ptrace.c in the Linux kernel\n mishandles uid and gid mappings, which allowed local users to gain\n privileges by establishing a user namespace, waiting for a root process\n to enter that namespace with an unsafe uid or gid, and then using the\n ptrace system call. Upstream states that there is no kernel bug here\n (bnc#960561).\n- CVE-2015-8785: The fuse_fill_write_pages function in fs/fuse/file.c\n allowed local users to cause a denial of service (infinite loop) via a\n writev system call that triggers a zero length for the first segment of\n an iov (bsc#963765).\n- CVE-2015-8812: drivers/infiniband/hw/cxgb3/iwch_cm.c did not properly\n identify error conditions, which allowed remote attackers to execute\n arbitrary code or cause a denial of service (use-after-free) via crafted\n packets (bsc#966437).\n- CVE-2015-8816: The hub_activate function in drivers/usb/core/hub.c\n did not properly maintain a hub-interface data structure, which allowed\n physically proximate attackers to cause a denial of service (invalid\n memory access and system crash) or possibly have unspecified other impact\n by unplugging a USB hub device (bsc#968010).\n- CVE-2015-8816: The hub_activate function in drivers/usb/core/hub.c in\n the Linux kernel did not properly maintain a hub-interface data structure,\n which allowed physically proximate attackers to cause a denial of service\n (invalid memory access and system crash) or possibly have unspecified\n other impact by unplugging a USB hub device (bnc#968010).\n- CVE-2016-0723: Race condition in the tty_ioctl function in\n drivers/tty/tty_io.c allowed local users to obtain sensitive information\n from kernel memory or cause a denial of service (use-after-free and\n system crash) by making a TIOCGETD ioctl call during processing of a\n TIOCSETD ioctl call (bsc#961500).\n- CVE-2016-2143: The fork implementation in the Linux kernel on\n s390 platforms mishandles the case of four page-table levels,\n which allowed local users to cause a denial of service (system\n crash) or possibly have unspecified other impact via a crafted\n application, related to arch/s390/include/asm/mmu_context.h and\n arch/s390/include/asm/pgalloc.h. (bnc#970504)\n- CVE-2016-2143: The fork implementation on s390 platforms mishandles\n the case of four page-table levels, which allowed local users to cause a\n denial of service (system crash) or possibly have unspecified other impact\n via a crafted application, related to arch/s390/include/asm/mmu_context.h\n and arch/s390/include/asm/pgalloc.h (bsc#970504).\n- CVE-2016-2184: The create_fixed_stream_quirk function in\n sound/usb/quirks.c in the snd-usb-audio driver allowed physically\n proximate attackers to cause a denial of service (NULL pointer dereference\n or double free, and system crash) via a crafted endpoints value in a\n USB device descriptor (bsc#971125).\n- CVE-2016-2184: The create_fixed_stream_quirk function in\n sound/usb/quirks.c in the snd-usb-audio driver in the Linux kernel allowed\n physically proximate attackers to cause a denial of service (NULL pointer\n dereference or double free, and system crash) via a crafted endpoints\n value in a USB device descriptor (bnc#971125).\n- CVE-2016-2185: The ati_remote2_probe function in\n drivers/input/misc/ati_remote2.c allowed physically proximate attackers\n to cause a denial of service (NULL pointer dereference and system crash)\n via a crafted endpoints value in a USB device descriptor (bsc#971124).\n- CVE-2016-2185: The ati_remote2_probe function in\n drivers/input/misc/ati_remote2.c in the Linux kernel allowed physically\n proximate attackers to cause a denial of service (NULL pointer dereference\n and system crash) via a crafted endpoints value in a USB device descriptor\n (bnc#971124).\n- CVE-2016-2186: The powermate_probe function in\n drivers/input/misc/powermate.c allowed physically proximate attackers\n to cause a denial of service (NULL pointer dereference and system crash)\n via a crafted endpoints value in a USB device descriptor (bsc#970958).\n- CVE-2016-2186: The powermate_probe function in\n drivers/input/misc/powermate.c in the Linux kernel allowed physically\n proximate attackers to cause a denial of service (NULL pointer dereference\n and system crash) via a crafted endpoints value in a USB device descriptor\n (bnc#970958).\n- CVE-2016-2188: The iowarrior_probe function in\n drivers/usb/misc/iowarrior.c allowed physically proximate attackers to\n cause a denial of service (NULL pointer dereference and system crash)\n via a crafted endpoints value in a USB device descriptor (bsc#970956).\n- CVE-2016-2188: The iowarrior_probe function in\n drivers/usb/misc/iowarrior.c in the Linux kernel allowed physically\n proximate attackers to cause a denial of service (NULL pointer dereference\n and system crash) via a crafted endpoints value in a USB device descriptor\n (bnc#970956).\n- CVE-2016-2384: Double free vulnerability in the snd_usbmidi_create\n function in sound/usb/midi.c allowed physically proximate attackers to\n cause a denial of service (panic) or possibly have unspecified other\n impact via vectors involving an invalid USB descriptor (bsc#966693).\n- CVE-2016-2782: The treo_attach function in drivers/usb/serial/visor.c\n allowed physically proximate attackers to cause a denial of service\n (NULL pointer dereference and system crash) or possibly have unspecified\n other impact by inserting a USB device that lacks a (1) bulk-in or (2)\n interrupt-in endpoint (bsc#968670).\n- CVE-2016-3134: The netfilter subsystem in the Linux kernel did\n not validate certain offset fields, which allowed local users to gain\n privileges or cause a denial of service (heap memory corruption) via an\n IPT_SO_SET_REPLACE setsockopt call (bnc#971126).\n- CVE-2016-3136: The mct_u232_msr_to_state function in\n drivers/usb/serial/mct_u232.c allowed physically proximate attackers to\n cause a denial of service (NULL pointer dereference and system crash)\n via a crafted USB device without two interrupt-in endpoint descriptors\n (bsc#970955).\n- CVE-2016-3136: The mct_u232_msr_to_state function in\n drivers/usb/serial/mct_u232.c in the Linux kernel allowed physically\n proximate attackers to cause a denial of service (NULL pointer dereference\n and system crash) via a crafted USB device without two interrupt-in\n endpoint descriptors (bnc#970955).\n- CVE-2016-3137: drivers/usb/serial/cypress_m8.c allowed physically\n proximate attackers to cause a denial of service (NULL pointer\n dereference and system crash) via a USB device without both an\n interrupt-in and an interrupt-out endpoint descriptor, related to the\n cypress_generic_port_probe and cypress_open functions (bsc#970970).\n- CVE-2016-3137: drivers/usb/serial/cypress_m8.c in the Linux kernel\n allowed physically proximate attackers to cause a denial of service\n (NULL pointer dereference and system crash) via a USB device without\n both an interrupt-in and an interrupt-out endpoint descriptor, related\n to the cypress_generic_port_probe and cypress_open functions (bnc#970970).\n- CVE-2016-3138: The acm_probe function in drivers/usb/class/cdc-acm.c\n allowed physically proximate attackers to cause a denial of service\n (NULL pointer dereference and system crash) via a USB device without\n both a control and a data endpoint descriptor (bsc#970911).\n- CVE-2016-3138: The acm_probe function in drivers/usb/class/cdc-acm.c\n in the Linux kernel allowed physically proximate attackers to cause a\n denial of service (NULL pointer dereference and system crash) via a USB\n device without both a control and a data endpoint descriptor (bnc#970911).\n- CVE-2016-3139: The wacom_probe function in\n drivers/input/tablet/wacom_sys.c in the Linux kernel allowed physically\n proximate attackers to cause a denial of service (NULL pointer dereference\n and system crash) via a crafted endpoints value in a USB device descriptor\n (bnc#970909).\n- CVE-2016-3140: The digi_port_init function in\n drivers/usb/serial/digi_acceleport.c allowed physically proximate\n attackers to cause a denial of service (NULL pointer dereference and\n system crash) via a crafted endpoints value in a USB device descriptor\n (bsc#970892).\n- CVE-2016-3140: The digi_port_init function in\n drivers/usb/serial/digi_acceleport.c in the Linux kernel allowed\n physically proximate attackers to cause a denial of service (NULL pointer\n dereference and system crash) via a crafted endpoints value in a USB\n device descriptor (bnc#970892).\n- CVE-2016-3156: The IPv4 implementation in the Linux kernel mishandles\n destruction of device objects, which allowed guest OS users to cause a\n denial of service (host OS networking outage) by arranging for a large\n number of IP addresses (bnc#971360).\n- CVE-2016-3156: The IPv4 implementation mishandled destruction of device\n objects, which allowed guest OS users to cause a denial of service (host\n OS networking outage) by arranging for a large number of IP addresses\n (bsc#971360).\n- CVE-2016-3689: The ims_pcu_parse_cdc_data function in\n drivers/input/misc/ims-pcu.c allowed physically proximate attackers to\n cause a denial of service (system crash) via a USB device without both\n a master and a slave interface (bsc#971628).\n- CVE-2016-3689: The ims_pcu_parse_cdc_data function in\n drivers/input/misc/ims-pcu.c in the Linux kernel allowed physically\n proximate attackers to cause a denial of service (system crash) via a\n USB device without both a master and a slave interface (bnc#971628).\n- CVE-2016-3707: A ICMP echo feature hooked to sysrq was removed, which\n could have allowed remote attackers to reboot / halt the machine.\n- CVE-2016-3951: Double free vulnerability in drivers/net/usb/cdc_ncm.c in\n the Linux kernel allowed physically proximate attackers to cause a denial\n of service (system crash) or possibly have unspecified other impact by\n inserting a USB device with an invalid USB descriptor (bnc#974418).\n\nThe following non-security bugs were fixed:\n- acpi: Disable ACPI table override when UEFI Secure Boot is enabled (bsc#970604).\n- acpi: Disable APEI error injection if securelevel is set (bsc#972891).\n- alsa: rawmidi: Make snd_rawmidi_transmit() race-free (bsc#968018).\n- alsa: seq: Fix leak of pool buffer at concurrent writes (bsc#968018).\n- alsa: timer: Call notifier in the same spinlock (bsc#973378).\n- alsa: timer: Protect the whole snd_timer_close() with open race (bsc#973378).\n- alsa: timer: Sync timer deletion at closing the system timer (bsc#973378).\n- alsa: timer: Use mod_timer() for rearming the system timer (bsc#973378).\n- apparmor: Skip proc ns files (bsc#959514).\n- block: xen-blkfront: Fix possible NULL ptr dereference (bsc#957986 fate#320625).\n- btrfs: Account data space in more proper timin: (bsc#963193).\n- btrfs: Add handler for invalidate page (bsc#963193).\n- Btrfs: check prepare_uptodate_page() error code earlier (bnc#966910).\n- btrfs: delayed_ref: Add new function to record reserved space into delayed ref (bsc#963193).\n- btrfs: delayed_ref: release and free qgroup reserved at proper timing (bsc#963193).\n- btrfs: extent_io: Introduce needed structure for recoding set/clear bits (bsc#963193).\n- btrfs: extent_io: Introduce new function clear_record_extent_bits() (bsc#963193).\n- btrfs: extent_io: Introduce new function set_record_extent_bits (bsc#963193).\n- btrfs: extent-tree: Add new version of btrfs_check_data_free_space and btrfs_free_reserved_data_space (bsc#963193).\n- btrfs: extent-tree: Add new version of btrfs_delalloc_reserve/release_space (bsc#963193).\n- btrfs: extent-tree: Switch to new check_data_free_space and free_reserved_data_space (bsc#963193).\n- btrfs: extent-tree: Switch to new delalloc space reserve and release (bsc#963193).\n- btrfs: fallocate: Add support to accurate qgroup reserve (bsc#963193).\n- Btrfs: fix deadlock between direct IO reads and buffered writes (bsc#973855).\n- Btrfs: fix invalid page accesses in extent_same (dedup) ioctl (bnc#968230).\n- Btrfs: fix loading of orphan roots leading to BUG_ON (bsc#972844).\n- Btrfs: fix page reading in extent_same ioctl leading to csum errors (bnc#968230).\n- btrfs: handle non-fatal errors in btrfs_qgroup_inherit() (bsc#972951).\n- btrfs: qgroup: Add handler for NOCOW and inline (bsc#963193).\n- btrfs: qgroup: Add new trace point for qgroup data reserve (bsc#963193).\n- btrfs: qgroup: Avoid calling btrfs_free_reserved_data_space in clear_bit_hook (bsc#963193).\n- btrfs: qgroup: Check if qgroup reserved space leaked (bsc#963193).\n- btrfs: qgroup: Cleanup old inaccurate facilities (bsc#963193).\n- btrfs: qgroup: Fix a race in delayed_ref which leads to abort trans (bsc#963193).\n- btrfs: qgroup: Fix a rebase bug which will cause qgroup double free (bsc#963193).\n- btrfs: qgroup: Fix dead judgement on qgroup_rescan_leaf() return value (bsc#969439).\n- btrfs: qgroup: Introduce btrfs_qgroup_reserve_data function (bsc#963193).\n- btrfs: qgroup: Introduce functions to release/free qgroup reserve data space (bsc#963193).\n- btrfs: qgroup: Introduce new functions to reserve/free metadata (bsc#963193).\n- btrfs: qgroup: return EINVAL if level of parent is not higher than child\u0027s (bsc#972951).\n- btrfs: qgroup: Use new metadata reservation (bsc#963193).\n- Btrfs: teach backref walking about backrefs with underflowed offset values (bsc#975371).\n- dasd: fix hanging system after LCU changes (bnc#968497, LTC#136671).\n- dmapi: fix dm_open_by_handle_rvp taking an extra ref to mnt (bsc#967292).\n- drivers/base/memory.c: fix kernel warning during memory hotplug on ppc64 (bsc#963827).\n- drivers: hv: Allow for MMIO claims that span ACPI _CRS records (bnc#965924).\n- drivers: hv: Define the channel type for Hyper-V pci Express pass-through (bnc#965924).\n- drivers: hv: Export a function that maps Linux CPU num onto Hyper-V proc num (bnc#965924).\n- drivers: hv: Export the API to invoke a hypercall on Hyper-V (bnc#965924).\n- drivers: hv: kvp: fix IP Failover.\n- drivers: pci:hv: New paravirtual pci front-end for Hyper-V VMs (bnc#965924).\n- drivers: xen-blkfront: move talk_to_blkback to a more suitable place (bsc#957986 fate#320625).\n- drivers: xen-blkfront: only talk_to_blkback() when in XenbusStateInitialising (bsc#957986 fate#320625).\n- drm/core: Preserve the framebuffer after removing it (bsc#968812).\n- drm/i915: do not warn if backlight unexpectedly enabled (boo#972068).\n- drm/i915: set backlight duty cycle after backlight enable for gen4 (boo#972780).\n- drm/radeon: fix-up some float to fixed conversion thinkos (bsc#968813).\n- drm/radeon: use HDP_MEM_COHERENCY_FLUSH_CNTL for sdma as well (bsc#968813).\n- e1000e: Avoid divide by zero error (bsc#968643).\n- e1000e: fix division by zero on jumbo MTUs (bsc#968643).\n- e1000e: Fix tight loop implementation of systime read algorithm (bsc#968643).\n- ext4: fix: print ext4 mountopt data_err=abort correctly (bsc#969735).\n- ext4: fix races between page faults and hole punching (bsc#972174).\n- ext4: fix races of writeback with punch hole and zero range (bsc#972174).\n- ext4: Fix softlockups in SEEK_HOLE and SEEK_DATA implementations (bsc#942262).\n- Fix preemptible_lazy() unused function warning for compute flavor\n- fs/pipe.c: skip file_update_time on frozen fs (bsc#975488).\n- fs/proc_namespace.c: simplify testing nsp and nsp-\u0026gt;mnt_ns (bug#963960).\n- fs, seqfile: always allow oom killer (bnc#968687).\n- fs, seq_file: fallback to vmalloc instead of oom kill processes (bnc#968687).\n- futex: Drop refcount if requeue_pi() acquired the rtmutex (bug#960174).\n- hv: Lock access to hyperv_mmio resource tree (bnc#965924).\n- hv: Make a function to free mmio regions through vmbus (bnc#965924).\n- hv: Reverse order of resources in hyperv_mmio (bnc#965924).\n- hv: Track allocations of children of hv_vmbus in private resource tree (bnc#965924).\n- hv: Use new vmbus_mmio_free() from client drivers (bnc#965924).\n- hwmon: (coretemp) Increase maximum core to 128 (bsc#970160)\n- hyperv: Add mainline tags to some hyperv patches\n- ibmvnic: Fix ibmvnic_capability struct (fate#320253).\n- ibmvscsi: Remove unsupported host config MAD (bsc#973556).\n- Ignore efivar_validate kabi failures -- it\u0027s an EFI internal function.\n- intel_pstate: Use del_timer_sync in intel_pstate_cpu_stop (bsc#967650).\n- iommu/vt-d: Improve fault handler error messages (bsc#975772).\n- iommu/vt-d: Ratelimit fault handler (bsc#975772).\n- ipv6: make fib6 serial number per namespace (bsc#965319).\n- ipv6: mld: fix add_grhead skb_over_panic for devs with large MTUs (bsc#956852).\n- ipv6: per netns fib6 walkers (bsc#965319).\n- ipv6: per netns FIB garbage collection (bsc#965319).\n- ipv6: replace global gc_args with local variable (bsc#965319).\n- kabi fix for patches.fixes/reduce-m_start-cost (bsc#966573).\n- kabi: kgr, add reserved fields (fate#313296).\n- kABI: kgr: fix subtle race with kgr_module_init(), going notifier and kgr_modify_kernel().\n- kabi: Preserve checksum of kvm_x86_ops (bsc#969112).\n- kABI: protect enum enclosure_component_type.\n- kABI: protect function file_open_root.\n- kABI: protect struct af_alg_type.\n- kABI: protect struct crypto_ahash.\n- kABI: protect struct dm_exception_store_type.\n- kABI: protect struct fib_nh_exception.\n- kABI: protect struct module.\n- kabi: protect struct netns_ipv6 after FIB6 GC series (bsc#965319).\n- kABI: protect struct rq.\n- kABI: protect struct sched_class.\n- kABI: protect struct scm_creds.\n- kABI: protect struct user_struct.\n- kabi/severities:\n- kabi/severities: Fail on changes in kvm_x86_ops, needed by lttng-modules\n- kgr: add kgraft annotations to kthreads\u0027 wait_event_freezable() API calls (fate#313296).\n- kgr: add kgraft annotation to hwrng kthread (fate#313296).\n- kgr: add objname to kgr_patch_fun struct (fate#313296).\n- kgr: add sympos and objname to error and debug messages (fate#313296).\n- kgr: add sympos as disambiguator field to kgr_patch_fun structure (fate#313296).\n- kgr: add sympos to sysfs (fate#313296).\n- kgr: add TAINT_KGRAFT (fate#313296).\n- kgr: call kgr_init_ftrace_ops() only for loaded objects (fate#313296).\n- kgr: change to kallsyms_on_each_symbol iterator (fate#313296).\n- kgr: define pr_fmt and modify all pr_* messages (fate#313296).\n- kgr: do not print error for !abort_if_missing symbols (bnc#943989).\n- kgr: do not return and print an error only if the object is not loaded (fate#313296).\n- kgr: do not use WQ_MEM_RECLAIM workqueue (bnc#963572).\n- kgr: fix an asymmetric dealing with delayed module loading (fate#313296).\n- kgr: fix redirection on s390x arch (bsc#903279).\n- kgr: fix reversion of a patch already reverted by a replace_all patch (fate#313296).\n- kgr: fix reversion of a patch already reverted by a replace_all patch (fate#313296).\n- kgr: fix subtle race with kgr_module_init(), going notifier and kgr_modify_kernel() (fate#313296).\n- kgr: handle btrfs kthreads (fate#313296 bnc#889207).\n- kgr: kmemleak, really mark the kthread safe after an interrupt (fate#313296).\n- kgr: kmemleak, really mark the kthread safe after an interrupt (fate#313296).\n- kgr: log when modifying kernel (fate#317827).\n- kgr: mark kernel unsupported upon patch revert (fate#313296).\n- kgr: mark some more missed kthreads (bnc#962336).\n- kgr: remove abort_if_missing flag (fate#313296).\n- kgr: usb/storage: do not emit thread awakened (bnc#899908).\n- kvm: SVM: add rdmsr support for AMD event registers (bsc#968448).\n- kvm: x86: Check dest_map-\u0026gt;vector to match eoi signals for rtc (bsc#966471).\n- kvm: x86: Convert ioapic-\u0026gt;rtc_status.dest_map to a struct (bsc#966471).\n- kvm: x86: store IOAPIC-handled vectors in each VCPU (bsc#966471).\n- kvm: x86: Track irq vectors in ioapic-\u0026gt;rtc_status.dest_map (bsc#966471).\n- libceph: fix scatterlist last_piece calculation (bsc#963746).\n- lpfc: Fix kmalloc overflow in LPFC driver at large core count (bsc#969690).\n- memcg: do not hang on OOM when killed by userspace OOM access to memory reserves (bnc#969571).\n- mld, igmp: Fix reserved tailroom calculation (bsc#956852).\n- mmc: Allow forward compatibility for eMMC (bnc#966054).\n- mm: reduce m_start() cost.. (bsc#966573).\n- namespaces: Re-introduce task_nsproxy() helper (bug#963960).\n- namespaces: Use task_lock and not rcu to protect nsproxy (bug#963960).\n- net: core: Correct an over-stringent device loop detection (bsc#945219).\n- net: irda: Fix use-after-free in irtty_open() (bnc#967903).\n- nfs4: treat lock owners as opaque values (bnc#968141).\n- nfsd: fix nfsd_setattr return code for HSM (bsc#969992).\n- nfs: Fix handling of re-write-before-commit for mmapped NFS pages (bsc#964201).\n- nfs: fix high load average due to callback thread sleeping (bsc#971170).\n- nfs: Fix problem with setting ACL on directories (bsc#967251).\n- nfs-rdma: Fix for FMR leaks (bsc#908151).\n- nfsv4.1: do not use machine credentials for CLOSE when using \u0027sec=sys\u0027 (bsc#972003).\n- nvme: default to 4k device page size (bsc#967047).\n- nvme: special case AEN requests (bsc#965087).\n- pci: Add global pci_lock_rescan_remove() (bnc#965924).\n- pci/AER: Fix aer_inject error codes (bsc#931448).\n- pci/AER: Log actual error causes in aer_inject (bsc#931448).\n- pci/AER: Log aer_inject error injections (bsc#931448).\n- pci/AER: Use dev_warn() in aer_inject (bsc#931448).\n- pci: allow access to VPD attributes with size \u00270\u0027 (bsc#959146).\n- pciback: Check PF instead of VF for pci_COMMAND_MEMORY.\n- pciback: Save the number of MSI-X entries to be copied later.\n- pci: Blacklist vpd access for buggy devices (bsc#959146).\n- pci: Determine actual VPD size on first access (bsc#959146).\n- pci: Export symbols required for loadable host driver modules (bnc#965924).\n- pci: pciehp: Disable link notification across slot reset (bsc#967651).\n- pci: pciehp: Do not check adapter or latch status while disabling (bsc#967651).\n- pci: pciehp: Do not disable the link permanently during removal (bsc#967651).\n- pci: pciehp: Ensure very fast hotplug events are also processed (bsc#967651).\n- pci: Update VPD definitions (bsc#959146).\n- perf, nmi: Fix unknown NMI warning (bsc#968512).\n- pipe: limit the per-user amount of pages allocated in pipes (bsc#970948).\n- printk: fix scheduling while atomic bug while oom testing (bnc#965153)\n- proc: Fix ptrace-based permission checks for accessing task maps.\n- qla2xxx: Remove unavailable firmware files (bsc#943645).\n- rbd: do not log miscompare as an error (bsc#970062).\n- rbd: use GFP_NOIO consistently for request allocations (bsc#971159).\n- RDMA/ocrdma: Avoid reporting wrong completions in case of error CQEs (bsc#908151).\n- Remove now unneeded (thus harmful) -rt74 probe_wakeup_latency_hist_start() prototype fix.\n- Remove superfluous Git-commit header from patches.fixes/0001-namespaces-Re-introduce-task_nsproxy-helper.patch.\n- Remove VIOSRP_HOST_CONFIG_TYPE from ibmvstgt.c in patches.fixes/0001-ibmvscsi-remove-unsupported-host-config-mad.patch. as well.\n- resources: Set type in __request_region() (bnc#965924).\n- Restore kabi after lock-owner change.\n- Restore try_get_online_cpus() lockdep annotation dropped by commit d1811e3c\n- Revert \u0027libata: Align ata_device\u0027s id on a cacheline\u0027.\n- Revert \u0027net/ipv6: add sysctl option accept_ra_min_hop_limit\u0027.\n- rpm/kernel-binary.spec.in: Sync the main and -base package dependencies (bsc#965830#c51).\n- rpm/kernel-module-subpackage: Fix obsoleting dropped flavors (bsc#968253)\n- s390/compat: correct restore of high gprs on signal return (bnc#968497, LTC#137571).\n- s390/pageattr: do a single TLB flush for change_page_attr (bsc#940413).\n- s390/zcrypt: HWRNG registration cause kernel panic on CEX hotplug (bnc#968497, LTC#138409).\n- scsi: Add intermediate STARGET_REMOVE state to scsi_target_state (bsc#970609).\n- scsi: fix soft lockup in scsi_remove_target() on module removal (bsc#965199).\n- scsi: proper state checking and module refcount handling in scsi_device_get (boo#966831).\n- series.conf: add section comments\n- SUNRPC: Fix large reads on NFS/RDMA (bsc#908151).\n- SUNRPC: remove KERN_INFO from dprintk() call sites (bsc#908151).\n- supported.conf: Add bridge.ko for OpenStack (bsc#971600)\n- supported.conf:Add drivers/infiniband/hw/ocrdma/ocrdma.ko to supported.conf (bsc#964461)\n- supported.conf: Add e1000e (emulated by VMware) to -base (bsc#968074)\n- supported.conf: Add Hyper-V modules to -base (bsc#965830)\n- supported.conf: Add isofs to -base (bsc#969655).\n- supported.conf: Add more qemu device driver (bsc#968234)\n- supported.conf: Add mptspi and mptsas to -base (bsc#968206)\n- supported.conf: add pci-hyperv\n- supported.conf: Add the qemu scsi driver (sym53c8xx) to -base (bsc#967802)\n- supported.conf: Add tulip to -base for Hyper-V (bsc#968234)\n- supported.conf: Add xen-blkfront.\n- svcrdma: advertise the correct max payload (bsc#908151).\n- svcrdma: Fence LOCAL_INV work requests (bsc#908151).\n- svcrdma: fix offset calculation for non-page aligned sge entries (bsc#908151).\n- svcrdma: fix printk when memory allocation fails (bsc#908151).\n- svcrdma: refactor marshalling logic (bsc#908151).\n- svcrdma: send_write() must not overflow the device\u0027s max sge (bsc#908151).\n- target: Drop incorrect ABORT_TASK put for completed commands (bsc#962872).\n- target: Fix LUN_RESET active I/O handling for ACK_KREF (bsc#962872).\n- target: Fix LUN_RESET active TMR descriptor handling (bsc#962872).\n- target: Fix race with SCF_SEND_DELAYED_TAS handling (bsc#962872).\n- target: Fix remote-port TMR ABORT + se_cmd fabric stop (bsc#962872).\n- target: Fix TAS handling for multi-session se_node_acls (bsc#962872).\n- tcp: convert cached rtt from usec to jiffies when feeding initial rto (bsc#937086).\n- tcp: Restore RFC5961-compliant behavior for SYN packets (bsc#966864).\n- tracing: Fix probe_wakeup_latency_hist_start() prototype @stable-rt cf1dd658fc10b2c34988cd27942fac0d94cb4b5f removed \u0027success` from trace prototypes, but missed probe_wakeup_latency_hist_start().\n- Update patches.drivers/drm-ast-Initialize-data-needed-to-map-fbdev-memory.patch (bnc#880007). Fix refs and upstream status.\n- Update patches.suse/kgr-0102-add-TAINT_KGRAFT.patch (fate#313296 bsc#974406).\n- usb: Quiet down false peer failure messages (bnc#960629).\n- USB: usbip: fix potential out-of-bounds write (bnc#975945).\n- x86: export x86_msi (bnc#965924).\n- xen: Add /etc/modprobe.d/50-xen.conf selecting Xen frontend driver implementation (bsc#957986, bsc#956084, bsc#961658).\n- xen-blkfront: allow building in our Xen environment (bsc#957986 fate#320625).\n- xen, blkfront: factor out flush-related checks from do_blkif_request() (bsc#957986 fate#320625).\n- xen-blkfront: fix accounting of reqs when migrating (bsc#957986 fate#320625).\n- xen/blkfront: Fix crash if backend does not follow the right states (bsc#957986 fate#320625).\n- xen-blkfront: improve aproximation of required grants per request (bsc#957986 fate#320625).\n- xen/blkfront: improve protection against issuing unsupported REQ_FUA (bsc#957986 fate#320625).\n- xen/blkfront: remove redundant flush_op (bsc#957986 fate#320625).\n- xen-blkfront: remove type check from blkfront_setup_discard (bsc#957986 fate#320625).\n- xen-blkfront: Silence pfn maybe-uninitialized warning (bsc#957986 fate#320625).\n- xen-vscsi-large-requests: Fix resource collision for racing request maps and unmaps (bsc#966094).\n- xfs/dmapi: drop lock over synchronous XFS_SEND_DATA events (bsc#969993).\n- xfs/dmapi: propertly send postcreate event (bsc#967299).\n- xprtrdma: Allocate missing pagelist (bsc#908151).\n- xprtrdma: Avoid deadlock when credit window is reset (bsc#908151).\n- xprtrdma: Disconnect on registration failure (bsc#908151).\n- xprtrdma: Ensure ia-\u0026gt;ri_id-\u0026gt;qp is not NULL when reconnecting (bsc#908151).\n- xprtrdma: Fall back to MTHCAFMR when FRMR is not supported (bsc#908151).\n- xprtrdma: Limit work done by completion handler (bsc#908151).\n- xprtrdma: Make rpcrdma_ep_destroy() return void (bsc#908151).\n- xprtrdma: mind the device\u0027s max fast register page list depth (bsc#908151).\n- xprtrdma: mount reports \u0027Invalid mount option\u0027 if memreg mode not supported (bsc#908151).\n- xprtrdma: Reduce the number of hardway buffer allocations (bsc#908151).\n- xprtrdma: Remove BOUNCEBUFFERS memory registration mode (bsc#908151).\n- xprtrdma: Remove BUG_ON() call sites (bsc#908151).\n- xprtrdma: Remove MEMWINDOWS registration modes (bsc#908151).\n- xprtrdma: Remove REGISTER memory registration mode (bsc#908151).\n- xprtrdma: Remove Tavor MTU setting (bsc#908151).\n- xprtrdma: Reset connection timeout after successful reconnect (bsc#908151).\n- xprtrdma: RPC/RDMA must invoke xprt_wake_pending_tasks() in process context (bsc#908151).\n- xprtrdma: Simplify rpcrdma_deregister_external() synopsis (bsc#908151).\n- xprtrdma: Split the completion queue (bsc#908151).\n- xprtrdma: Use macros for reconnection timeout constants (bsc#908151).\n- xprtrmda: Reduce calls to ib_poll_cq() in completion handlers (bsc#908151).\n- xprtrmda: Reduce lock contention in completion handlers (bsc#908151).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-SLE-RT-12-SP1-2016-1038",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2016_1764-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2016:1764-1",
"url": "https://www.suse.com/support/update/announcement/2016/suse-su-20161764-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2016:1764-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2016-July/002150.html"
},
{
"category": "self",
"summary": "SUSE Bug 880007",
"url": "https://bugzilla.suse.com/880007"
},
{
"category": "self",
"summary": "SUSE Bug 889207",
"url": "https://bugzilla.suse.com/889207"
},
{
"category": "self",
"summary": "SUSE Bug 899908",
"url": "https://bugzilla.suse.com/899908"
},
{
"category": "self",
"summary": "SUSE Bug 903279",
"url": "https://bugzilla.suse.com/903279"
},
{
"category": "self",
"summary": "SUSE Bug 908151",
"url": "https://bugzilla.suse.com/908151"
},
{
"category": "self",
"summary": "SUSE Bug 931448",
"url": "https://bugzilla.suse.com/931448"
},
{
"category": "self",
"summary": "SUSE Bug 937086",
"url": "https://bugzilla.suse.com/937086"
},
{
"category": "self",
"summary": "SUSE Bug 940413",
"url": "https://bugzilla.suse.com/940413"
},
{
"category": "self",
"summary": "SUSE Bug 942262",
"url": "https://bugzilla.suse.com/942262"
},
{
"category": "self",
"summary": "SUSE Bug 943645",
"url": "https://bugzilla.suse.com/943645"
},
{
"category": "self",
"summary": "SUSE Bug 943989",
"url": "https://bugzilla.suse.com/943989"
},
{
"category": "self",
"summary": "SUSE Bug 945219",
"url": "https://bugzilla.suse.com/945219"
},
{
"category": "self",
"summary": "SUSE Bug 956084",
"url": "https://bugzilla.suse.com/956084"
},
{
"category": "self",
"summary": "SUSE Bug 956852",
"url": "https://bugzilla.suse.com/956852"
},
{
"category": "self",
"summary": "SUSE Bug 957986",
"url": "https://bugzilla.suse.com/957986"
},
{
"category": "self",
"summary": "SUSE Bug 957988",
"url": "https://bugzilla.suse.com/957988"
},
{
"category": "self",
"summary": "SUSE Bug 957990",
"url": "https://bugzilla.suse.com/957990"
},
{
"category": "self",
"summary": "SUSE Bug 959146",
"url": "https://bugzilla.suse.com/959146"
},
{
"category": "self",
"summary": "SUSE Bug 959514",
"url": "https://bugzilla.suse.com/959514"
},
{
"category": "self",
"summary": "SUSE Bug 959709",
"url": "https://bugzilla.suse.com/959709"
},
{
"category": "self",
"summary": "SUSE Bug 960174",
"url": "https://bugzilla.suse.com/960174"
},
{
"category": "self",
"summary": "SUSE Bug 960561",
"url": "https://bugzilla.suse.com/960561"
},
{
"category": "self",
"summary": "SUSE Bug 960629",
"url": "https://bugzilla.suse.com/960629"
},
{
"category": "self",
"summary": "SUSE Bug 961500",
"url": "https://bugzilla.suse.com/961500"
},
{
"category": "self",
"summary": "SUSE Bug 961512",
"url": "https://bugzilla.suse.com/961512"
},
{
"category": "self",
"summary": "SUSE Bug 961658",
"url": "https://bugzilla.suse.com/961658"
},
{
"category": "self",
"summary": "SUSE Bug 962336",
"url": "https://bugzilla.suse.com/962336"
},
{
"category": "self",
"summary": "SUSE Bug 962872",
"url": "https://bugzilla.suse.com/962872"
},
{
"category": "self",
"summary": "SUSE Bug 963193",
"url": "https://bugzilla.suse.com/963193"
},
{
"category": "self",
"summary": "SUSE Bug 963572",
"url": "https://bugzilla.suse.com/963572"
},
{
"category": "self",
"summary": "SUSE Bug 963746",
"url": "https://bugzilla.suse.com/963746"
},
{
"category": "self",
"summary": "SUSE Bug 963765",
"url": "https://bugzilla.suse.com/963765"
},
{
"category": "self",
"summary": "SUSE Bug 963827",
"url": "https://bugzilla.suse.com/963827"
},
{
"category": "self",
"summary": "SUSE Bug 963960",
"url": "https://bugzilla.suse.com/963960"
},
{
"category": "self",
"summary": "SUSE Bug 964201",
"url": "https://bugzilla.suse.com/964201"
},
{
"category": "self",
"summary": "SUSE Bug 964461",
"url": "https://bugzilla.suse.com/964461"
},
{
"category": "self",
"summary": "SUSE Bug 965087",
"url": "https://bugzilla.suse.com/965087"
},
{
"category": "self",
"summary": "SUSE Bug 965153",
"url": "https://bugzilla.suse.com/965153"
},
{
"category": "self",
"summary": "SUSE Bug 965199",
"url": "https://bugzilla.suse.com/965199"
},
{
"category": "self",
"summary": "SUSE Bug 965319",
"url": "https://bugzilla.suse.com/965319"
},
{
"category": "self",
"summary": "SUSE Bug 965830",
"url": "https://bugzilla.suse.com/965830"
},
{
"category": "self",
"summary": "SUSE Bug 965924",
"url": "https://bugzilla.suse.com/965924"
},
{
"category": "self",
"summary": "SUSE Bug 966054",
"url": "https://bugzilla.suse.com/966054"
},
{
"category": "self",
"summary": "SUSE Bug 966094",
"url": "https://bugzilla.suse.com/966094"
},
{
"category": "self",
"summary": "SUSE Bug 966437",
"url": "https://bugzilla.suse.com/966437"
},
{
"category": "self",
"summary": "SUSE Bug 966471",
"url": "https://bugzilla.suse.com/966471"
},
{
"category": "self",
"summary": "SUSE Bug 966573",
"url": "https://bugzilla.suse.com/966573"
},
{
"category": "self",
"summary": "SUSE Bug 966693",
"url": "https://bugzilla.suse.com/966693"
},
{
"category": "self",
"summary": "SUSE Bug 966831",
"url": "https://bugzilla.suse.com/966831"
},
{
"category": "self",
"summary": "SUSE Bug 966864",
"url": "https://bugzilla.suse.com/966864"
},
{
"category": "self",
"summary": "SUSE Bug 966910",
"url": "https://bugzilla.suse.com/966910"
},
{
"category": "self",
"summary": "SUSE Bug 967047",
"url": "https://bugzilla.suse.com/967047"
},
{
"category": "self",
"summary": "SUSE Bug 967251",
"url": "https://bugzilla.suse.com/967251"
},
{
"category": "self",
"summary": "SUSE Bug 967292",
"url": "https://bugzilla.suse.com/967292"
},
{
"category": "self",
"summary": "SUSE Bug 967299",
"url": "https://bugzilla.suse.com/967299"
},
{
"category": "self",
"summary": "SUSE Bug 967650",
"url": "https://bugzilla.suse.com/967650"
},
{
"category": "self",
"summary": "SUSE Bug 967651",
"url": "https://bugzilla.suse.com/967651"
},
{
"category": "self",
"summary": "SUSE Bug 967802",
"url": "https://bugzilla.suse.com/967802"
},
{
"category": "self",
"summary": "SUSE Bug 967903",
"url": "https://bugzilla.suse.com/967903"
},
{
"category": "self",
"summary": "SUSE Bug 968010",
"url": "https://bugzilla.suse.com/968010"
},
{
"category": "self",
"summary": "SUSE Bug 968018",
"url": "https://bugzilla.suse.com/968018"
},
{
"category": "self",
"summary": "SUSE Bug 968074",
"url": "https://bugzilla.suse.com/968074"
},
{
"category": "self",
"summary": "SUSE Bug 968141",
"url": "https://bugzilla.suse.com/968141"
},
{
"category": "self",
"summary": "SUSE Bug 968206",
"url": "https://bugzilla.suse.com/968206"
},
{
"category": "self",
"summary": "SUSE Bug 968230",
"url": "https://bugzilla.suse.com/968230"
},
{
"category": "self",
"summary": "SUSE Bug 968234",
"url": "https://bugzilla.suse.com/968234"
},
{
"category": "self",
"summary": "SUSE Bug 968253",
"url": "https://bugzilla.suse.com/968253"
},
{
"category": "self",
"summary": "SUSE Bug 968448",
"url": "https://bugzilla.suse.com/968448"
},
{
"category": "self",
"summary": "SUSE Bug 968497",
"url": "https://bugzilla.suse.com/968497"
},
{
"category": "self",
"summary": "SUSE Bug 968512",
"url": "https://bugzilla.suse.com/968512"
},
{
"category": "self",
"summary": "SUSE Bug 968643",
"url": "https://bugzilla.suse.com/968643"
},
{
"category": "self",
"summary": "SUSE Bug 968670",
"url": "https://bugzilla.suse.com/968670"
},
{
"category": "self",
"summary": "SUSE Bug 968687",
"url": "https://bugzilla.suse.com/968687"
},
{
"category": "self",
"summary": "SUSE Bug 968812",
"url": "https://bugzilla.suse.com/968812"
},
{
"category": "self",
"summary": "SUSE Bug 968813",
"url": "https://bugzilla.suse.com/968813"
},
{
"category": "self",
"summary": "SUSE Bug 969112",
"url": "https://bugzilla.suse.com/969112"
},
{
"category": "self",
"summary": "SUSE Bug 969439",
"url": "https://bugzilla.suse.com/969439"
},
{
"category": "self",
"summary": "SUSE Bug 969571",
"url": "https://bugzilla.suse.com/969571"
},
{
"category": "self",
"summary": "SUSE Bug 969655",
"url": "https://bugzilla.suse.com/969655"
},
{
"category": "self",
"summary": "SUSE Bug 969690",
"url": "https://bugzilla.suse.com/969690"
},
{
"category": "self",
"summary": "SUSE Bug 969735",
"url": "https://bugzilla.suse.com/969735"
},
{
"category": "self",
"summary": "SUSE Bug 969992",
"url": "https://bugzilla.suse.com/969992"
},
{
"category": "self",
"summary": "SUSE Bug 969993",
"url": "https://bugzilla.suse.com/969993"
},
{
"category": "self",
"summary": "SUSE Bug 970062",
"url": "https://bugzilla.suse.com/970062"
},
{
"category": "self",
"summary": "SUSE Bug 970160",
"url": "https://bugzilla.suse.com/970160"
},
{
"category": "self",
"summary": "SUSE Bug 970504",
"url": "https://bugzilla.suse.com/970504"
},
{
"category": "self",
"summary": "SUSE Bug 970604",
"url": "https://bugzilla.suse.com/970604"
},
{
"category": "self",
"summary": "SUSE Bug 970609",
"url": "https://bugzilla.suse.com/970609"
},
{
"category": "self",
"summary": "SUSE Bug 970892",
"url": "https://bugzilla.suse.com/970892"
},
{
"category": "self",
"summary": "SUSE Bug 970909",
"url": "https://bugzilla.suse.com/970909"
},
{
"category": "self",
"summary": "SUSE Bug 970911",
"url": "https://bugzilla.suse.com/970911"
},
{
"category": "self",
"summary": "SUSE Bug 970948",
"url": "https://bugzilla.suse.com/970948"
},
{
"category": "self",
"summary": "SUSE Bug 970955",
"url": "https://bugzilla.suse.com/970955"
},
{
"category": "self",
"summary": "SUSE Bug 970956",
"url": "https://bugzilla.suse.com/970956"
},
{
"category": "self",
"summary": "SUSE Bug 970958",
"url": "https://bugzilla.suse.com/970958"
},
{
"category": "self",
"summary": "SUSE Bug 970970",
"url": "https://bugzilla.suse.com/970970"
},
{
"category": "self",
"summary": "SUSE Bug 971124",
"url": "https://bugzilla.suse.com/971124"
},
{
"category": "self",
"summary": "SUSE Bug 971125",
"url": "https://bugzilla.suse.com/971125"
},
{
"category": "self",
"summary": "SUSE Bug 971126",
"url": "https://bugzilla.suse.com/971126"
},
{
"category": "self",
"summary": "SUSE Bug 971159",
"url": "https://bugzilla.suse.com/971159"
},
{
"category": "self",
"summary": "SUSE Bug 971170",
"url": "https://bugzilla.suse.com/971170"
},
{
"category": "self",
"summary": "SUSE Bug 971360",
"url": "https://bugzilla.suse.com/971360"
},
{
"category": "self",
"summary": "SUSE Bug 971600",
"url": "https://bugzilla.suse.com/971600"
},
{
"category": "self",
"summary": "SUSE Bug 971628",
"url": "https://bugzilla.suse.com/971628"
},
{
"category": "self",
"summary": "SUSE Bug 972003",
"url": "https://bugzilla.suse.com/972003"
},
{
"category": "self",
"summary": "SUSE Bug 972068",
"url": "https://bugzilla.suse.com/972068"
},
{
"category": "self",
"summary": "SUSE Bug 972174",
"url": "https://bugzilla.suse.com/972174"
},
{
"category": "self",
"summary": "SUSE Bug 972780",
"url": "https://bugzilla.suse.com/972780"
},
{
"category": "self",
"summary": "SUSE Bug 972844",
"url": "https://bugzilla.suse.com/972844"
},
{
"category": "self",
"summary": "SUSE Bug 972891",
"url": "https://bugzilla.suse.com/972891"
},
{
"category": "self",
"summary": "SUSE Bug 972951",
"url": "https://bugzilla.suse.com/972951"
},
{
"category": "self",
"summary": "SUSE Bug 973378",
"url": "https://bugzilla.suse.com/973378"
},
{
"category": "self",
"summary": "SUSE Bug 973556",
"url": "https://bugzilla.suse.com/973556"
},
{
"category": "self",
"summary": "SUSE Bug 973855",
"url": "https://bugzilla.suse.com/973855"
},
{
"category": "self",
"summary": "SUSE Bug 974406",
"url": "https://bugzilla.suse.com/974406"
},
{
"category": "self",
"summary": "SUSE Bug 974418",
"url": "https://bugzilla.suse.com/974418"
},
{
"category": "self",
"summary": "SUSE Bug 975371",
"url": "https://bugzilla.suse.com/975371"
},
{
"category": "self",
"summary": "SUSE Bug 975488",
"url": "https://bugzilla.suse.com/975488"
},
{
"category": "self",
"summary": "SUSE Bug 975772",
"url": "https://bugzilla.suse.com/975772"
},
{
"category": "self",
"summary": "SUSE Bug 975945",
"url": "https://bugzilla.suse.com/975945"
},
{
"category": "self",
"summary": "SUSE Bug 980246",
"url": "https://bugzilla.suse.com/980246"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-7566 page",
"url": "https://www.suse.com/security/cve/CVE-2015-7566/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-8550 page",
"url": "https://www.suse.com/security/cve/CVE-2015-8550/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-8551 page",
"url": "https://www.suse.com/security/cve/CVE-2015-8551/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-8552 page",
"url": "https://www.suse.com/security/cve/CVE-2015-8552/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-8709 page",
"url": "https://www.suse.com/security/cve/CVE-2015-8709/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-8785 page",
"url": "https://www.suse.com/security/cve/CVE-2015-8785/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-8812 page",
"url": "https://www.suse.com/security/cve/CVE-2015-8812/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-8816 page",
"url": "https://www.suse.com/security/cve/CVE-2015-8816/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-0723 page",
"url": "https://www.suse.com/security/cve/CVE-2016-0723/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-2143 page",
"url": "https://www.suse.com/security/cve/CVE-2016-2143/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-2184 page",
"url": "https://www.suse.com/security/cve/CVE-2016-2184/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-2185 page",
"url": "https://www.suse.com/security/cve/CVE-2016-2185/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-2186 page",
"url": "https://www.suse.com/security/cve/CVE-2016-2186/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-2188 page",
"url": "https://www.suse.com/security/cve/CVE-2016-2188/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-2384 page",
"url": "https://www.suse.com/security/cve/CVE-2016-2384/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-2782 page",
"url": "https://www.suse.com/security/cve/CVE-2016-2782/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-3134 page",
"url": "https://www.suse.com/security/cve/CVE-2016-3134/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-3136 page",
"url": "https://www.suse.com/security/cve/CVE-2016-3136/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-3137 page",
"url": "https://www.suse.com/security/cve/CVE-2016-3137/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-3138 page",
"url": "https://www.suse.com/security/cve/CVE-2016-3138/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-3139 page",
"url": "https://www.suse.com/security/cve/CVE-2016-3139/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-3140 page",
"url": "https://www.suse.com/security/cve/CVE-2016-3140/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-3156 page",
"url": "https://www.suse.com/security/cve/CVE-2016-3156/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-3689 page",
"url": "https://www.suse.com/security/cve/CVE-2016-3689/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-3707 page",
"url": "https://www.suse.com/security/cve/CVE-2016-3707/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-3951 page",
"url": "https://www.suse.com/security/cve/CVE-2016-3951/"
}
],
"title": "Security update for the Linux Kernel",
"tracking": {
"current_release_date": "2016-07-08T11:47:22Z",
"generator": {
"date": "2016-07-08T11:47:22Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2016:1764-1",
"initial_release_date": "2016-07-08T11:47:22Z",
"revision_history": [
{
"date": "2016-07-08T11:47:22Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "kernel-devel-rt-3.12.58-14.1.noarch",
"product": {
"name": "kernel-devel-rt-3.12.58-14.1.noarch",
"product_id": "kernel-devel-rt-3.12.58-14.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-source-rt-3.12.58-14.1.noarch",
"product": {
"name": "kernel-source-rt-3.12.58-14.1.noarch",
"product_id": "kernel-source-rt-3.12.58-14.1.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-compute-3.12.58-14.1.x86_64",
"product": {
"name": "kernel-compute-3.12.58-14.1.x86_64",
"product_id": "kernel-compute-3.12.58-14.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-compute-base-3.12.58-14.1.x86_64",
"product": {
"name": "kernel-compute-base-3.12.58-14.1.x86_64",
"product_id": "kernel-compute-base-3.12.58-14.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-compute-devel-3.12.58-14.1.x86_64",
"product": {
"name": "kernel-compute-devel-3.12.58-14.1.x86_64",
"product_id": "kernel-compute-devel-3.12.58-14.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-compute_debug-devel-3.12.58-14.1.x86_64",
"product": {
"name": "kernel-compute_debug-devel-3.12.58-14.1.x86_64",
"product_id": "kernel-compute_debug-devel-3.12.58-14.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt-3.12.58-14.1.x86_64",
"product": {
"name": "kernel-rt-3.12.58-14.1.x86_64",
"product_id": "kernel-rt-3.12.58-14.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt-base-3.12.58-14.1.x86_64",
"product": {
"name": "kernel-rt-base-3.12.58-14.1.x86_64",
"product_id": "kernel-rt-base-3.12.58-14.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt-devel-3.12.58-14.1.x86_64",
"product": {
"name": "kernel-rt-devel-3.12.58-14.1.x86_64",
"product_id": "kernel-rt-devel-3.12.58-14.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt_debug-devel-3.12.58-14.1.x86_64",
"product": {
"name": "kernel-rt_debug-devel-3.12.58-14.1.x86_64",
"product_id": "kernel-rt_debug-devel-3.12.58-14.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-syms-rt-3.12.58-14.1.x86_64",
"product": {
"name": "kernel-syms-rt-3.12.58-14.1.x86_64",
"product_id": "kernel-syms-rt-3.12.58-14.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Real Time 12 SP1",
"product": {
"name": "SUSE Linux Enterprise Real Time 12 SP1",
"product_id": "SUSE Linux Enterprise Real Time 12 SP1"
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-compute-3.12.58-14.1.x86_64 as component of SUSE Linux Enterprise Real Time 12 SP1",
"product_id": "SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-3.12.58-14.1.x86_64"
},
"product_reference": "kernel-compute-3.12.58-14.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Real Time 12 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-compute-base-3.12.58-14.1.x86_64 as component of SUSE Linux Enterprise Real Time 12 SP1",
"product_id": "SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-base-3.12.58-14.1.x86_64"
},
"product_reference": "kernel-compute-base-3.12.58-14.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Real Time 12 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-compute-devel-3.12.58-14.1.x86_64 as component of SUSE Linux Enterprise Real Time 12 SP1",
"product_id": "SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-devel-3.12.58-14.1.x86_64"
},
"product_reference": "kernel-compute-devel-3.12.58-14.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Real Time 12 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-compute_debug-devel-3.12.58-14.1.x86_64 as component of SUSE Linux Enterprise Real Time 12 SP1",
"product_id": "SUSE Linux Enterprise Real Time 12 SP1:kernel-compute_debug-devel-3.12.58-14.1.x86_64"
},
"product_reference": "kernel-compute_debug-devel-3.12.58-14.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Real Time 12 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-devel-rt-3.12.58-14.1.noarch as component of SUSE Linux Enterprise Real Time 12 SP1",
"product_id": "SUSE Linux Enterprise Real Time 12 SP1:kernel-devel-rt-3.12.58-14.1.noarch"
},
"product_reference": "kernel-devel-rt-3.12.58-14.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Real Time 12 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-3.12.58-14.1.x86_64 as component of SUSE Linux Enterprise Real Time 12 SP1",
"product_id": "SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-3.12.58-14.1.x86_64"
},
"product_reference": "kernel-rt-3.12.58-14.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Real Time 12 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-base-3.12.58-14.1.x86_64 as component of SUSE Linux Enterprise Real Time 12 SP1",
"product_id": "SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-base-3.12.58-14.1.x86_64"
},
"product_reference": "kernel-rt-base-3.12.58-14.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Real Time 12 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-devel-3.12.58-14.1.x86_64 as component of SUSE Linux Enterprise Real Time 12 SP1",
"product_id": "SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-devel-3.12.58-14.1.x86_64"
},
"product_reference": "kernel-rt-devel-3.12.58-14.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Real Time 12 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt_debug-devel-3.12.58-14.1.x86_64 as component of SUSE Linux Enterprise Real Time 12 SP1",
"product_id": "SUSE Linux Enterprise Real Time 12 SP1:kernel-rt_debug-devel-3.12.58-14.1.x86_64"
},
"product_reference": "kernel-rt_debug-devel-3.12.58-14.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Real Time 12 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-source-rt-3.12.58-14.1.noarch as component of SUSE Linux Enterprise Real Time 12 SP1",
"product_id": "SUSE Linux Enterprise Real Time 12 SP1:kernel-source-rt-3.12.58-14.1.noarch"
},
"product_reference": "kernel-source-rt-3.12.58-14.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Real Time 12 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-rt-3.12.58-14.1.x86_64 as component of SUSE Linux Enterprise Real Time 12 SP1",
"product_id": "SUSE Linux Enterprise Real Time 12 SP1:kernel-syms-rt-3.12.58-14.1.x86_64"
},
"product_reference": "kernel-syms-rt-3.12.58-14.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Real Time 12 SP1"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2015-7566",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-7566"
}
],
"notes": [
{
"category": "general",
"text": "The clie_5_attach function in drivers/usb/serial/visor.c in the Linux kernel through 4.4.1 allows physically proximate attackers to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact by inserting a USB device that lacks a bulk-out endpoint.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-base-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-devel-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute_debug-devel-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-devel-rt-3.12.58-14.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-base-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-devel-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt_debug-devel-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-source-rt-3.12.58-14.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-syms-rt-3.12.58-14.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-7566",
"url": "https://www.suse.com/security/cve/CVE-2015-7566"
},
{
"category": "external",
"summary": "SUSE Bug 1020452 for CVE-2015-7566",
"url": "https://bugzilla.suse.com/1020452"
},
{
"category": "external",
"summary": "SUSE Bug 961512 for CVE-2015-7566",
"url": "https://bugzilla.suse.com/961512"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-base-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-devel-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute_debug-devel-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-devel-rt-3.12.58-14.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-base-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-devel-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt_debug-devel-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-source-rt-3.12.58-14.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-syms-rt-3.12.58-14.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-base-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-devel-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute_debug-devel-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-devel-rt-3.12.58-14.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-base-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-devel-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt_debug-devel-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-source-rt-3.12.58-14.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-syms-rt-3.12.58-14.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-07-08T11:47:22Z",
"details": "low"
}
],
"title": "CVE-2015-7566"
},
{
"cve": "CVE-2015-8550",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-8550"
}
],
"notes": [
{
"category": "general",
"text": "Xen, when used on a system providing PV backends, allows local guest OS administrators to cause a denial of service (host OS crash) or gain privileges by writing to memory shared between the frontend and backend, aka a double fetch vulnerability.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-base-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-devel-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute_debug-devel-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-devel-rt-3.12.58-14.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-base-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-devel-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt_debug-devel-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-source-rt-3.12.58-14.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-syms-rt-3.12.58-14.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-8550",
"url": "https://www.suse.com/security/cve/CVE-2015-8550"
},
{
"category": "external",
"summary": "SUSE Bug 1020452 for CVE-2015-8550",
"url": "https://bugzilla.suse.com/1020452"
},
{
"category": "external",
"summary": "SUSE Bug 1052256 for CVE-2015-8550",
"url": "https://bugzilla.suse.com/1052256"
},
{
"category": "external",
"summary": "SUSE Bug 957988 for CVE-2015-8550",
"url": "https://bugzilla.suse.com/957988"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-base-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-devel-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute_debug-devel-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-devel-rt-3.12.58-14.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-base-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-devel-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt_debug-devel-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-source-rt-3.12.58-14.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-syms-rt-3.12.58-14.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.2,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-base-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-devel-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute_debug-devel-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-devel-rt-3.12.58-14.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-base-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-devel-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt_debug-devel-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-source-rt-3.12.58-14.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-syms-rt-3.12.58-14.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-07-08T11:47:22Z",
"details": "important"
}
],
"title": "CVE-2015-8550"
},
{
"cve": "CVE-2015-8551",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-8551"
}
],
"notes": [
{
"category": "general",
"text": "The PCI backend driver in Xen, when running on an x86 system and using Linux 3.1.x through 4.3.x as the driver domain, allows local guest administrators to hit BUG conditions and cause a denial of service (NULL pointer dereference and host OS crash) by leveraging a system with access to a passed-through MSI or MSI-X capable physical PCI device and a crafted sequence of XEN_PCI_OP_* operations, aka \"Linux pciback missing sanity checks.\"",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-base-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-devel-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute_debug-devel-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-devel-rt-3.12.58-14.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-base-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-devel-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt_debug-devel-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-source-rt-3.12.58-14.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-syms-rt-3.12.58-14.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-8551",
"url": "https://www.suse.com/security/cve/CVE-2015-8551"
},
{
"category": "external",
"summary": "SUSE Bug 1020452 for CVE-2015-8551",
"url": "https://bugzilla.suse.com/1020452"
},
{
"category": "external",
"summary": "SUSE Bug 957990 for CVE-2015-8551",
"url": "https://bugzilla.suse.com/957990"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-base-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-devel-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute_debug-devel-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-devel-rt-3.12.58-14.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-base-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-devel-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt_debug-devel-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-source-rt-3.12.58-14.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-syms-rt-3.12.58-14.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-base-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-devel-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute_debug-devel-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-devel-rt-3.12.58-14.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-base-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-devel-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt_debug-devel-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-source-rt-3.12.58-14.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-syms-rt-3.12.58-14.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-07-08T11:47:22Z",
"details": "moderate"
}
],
"title": "CVE-2015-8551"
},
{
"cve": "CVE-2015-8552",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-8552"
}
],
"notes": [
{
"category": "general",
"text": "The PCI backend driver in Xen, when running on an x86 system and using Linux 3.1.x through 4.3.x as the driver domain, allows local guest administrators to generate a continuous stream of WARN messages and cause a denial of service (disk consumption) by leveraging a system with access to a passed-through MSI or MSI-X capable physical PCI device and XEN_PCI_OP_enable_msi operations, aka \"Linux pciback missing sanity checks.\"",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-base-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-devel-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute_debug-devel-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-devel-rt-3.12.58-14.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-base-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-devel-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt_debug-devel-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-source-rt-3.12.58-14.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-syms-rt-3.12.58-14.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-8552",
"url": "https://www.suse.com/security/cve/CVE-2015-8552"
},
{
"category": "external",
"summary": "SUSE Bug 1020452 for CVE-2015-8552",
"url": "https://bugzilla.suse.com/1020452"
},
{
"category": "external",
"summary": "SUSE Bug 957990 for CVE-2015-8552",
"url": "https://bugzilla.suse.com/957990"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-base-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-devel-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute_debug-devel-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-devel-rt-3.12.58-14.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-base-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-devel-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt_debug-devel-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-source-rt-3.12.58-14.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-syms-rt-3.12.58-14.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-base-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-devel-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute_debug-devel-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-devel-rt-3.12.58-14.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-base-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-devel-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt_debug-devel-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-source-rt-3.12.58-14.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-syms-rt-3.12.58-14.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-07-08T11:47:22Z",
"details": "moderate"
}
],
"title": "CVE-2015-8552"
},
{
"cve": "CVE-2015-8709",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-8709"
}
],
"notes": [
{
"category": "general",
"text": "kernel/ptrace.c in the Linux kernel through 4.4.1 mishandles uid and gid mappings, which allows local users to gain privileges by establishing a user namespace, waiting for a root process to enter that namespace with an unsafe uid or gid, and then using the ptrace system call. NOTE: the vendor states \"there is no kernel bug here.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-base-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-devel-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute_debug-devel-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-devel-rt-3.12.58-14.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-base-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-devel-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt_debug-devel-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-source-rt-3.12.58-14.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-syms-rt-3.12.58-14.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-8709",
"url": "https://www.suse.com/security/cve/CVE-2015-8709"
},
{
"category": "external",
"summary": "SUSE Bug 1010933 for CVE-2015-8709",
"url": "https://bugzilla.suse.com/1010933"
},
{
"category": "external",
"summary": "SUSE Bug 959709 for CVE-2015-8709",
"url": "https://bugzilla.suse.com/959709"
},
{
"category": "external",
"summary": "SUSE Bug 960561 for CVE-2015-8709",
"url": "https://bugzilla.suse.com/960561"
},
{
"category": "external",
"summary": "SUSE Bug 960563 for CVE-2015-8709",
"url": "https://bugzilla.suse.com/960563"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-base-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-devel-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute_debug-devel-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-devel-rt-3.12.58-14.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-base-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-devel-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt_debug-devel-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-source-rt-3.12.58-14.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-syms-rt-3.12.58-14.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-base-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-devel-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute_debug-devel-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-devel-rt-3.12.58-14.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-base-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-devel-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt_debug-devel-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-source-rt-3.12.58-14.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-syms-rt-3.12.58-14.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-07-08T11:47:22Z",
"details": "moderate"
}
],
"title": "CVE-2015-8709"
},
{
"cve": "CVE-2015-8785",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-8785"
}
],
"notes": [
{
"category": "general",
"text": "The fuse_fill_write_pages function in fs/fuse/file.c in the Linux kernel before 4.4 allows local users to cause a denial of service (infinite loop) via a writev system call that triggers a zero length for the first segment of an iov.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-base-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-devel-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute_debug-devel-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-devel-rt-3.12.58-14.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-base-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-devel-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt_debug-devel-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-source-rt-3.12.58-14.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-syms-rt-3.12.58-14.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-8785",
"url": "https://www.suse.com/security/cve/CVE-2015-8785"
},
{
"category": "external",
"summary": "SUSE Bug 1020452 for CVE-2015-8785",
"url": "https://bugzilla.suse.com/1020452"
},
{
"category": "external",
"summary": "SUSE Bug 963765 for CVE-2015-8785",
"url": "https://bugzilla.suse.com/963765"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-base-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-devel-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute_debug-devel-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-devel-rt-3.12.58-14.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-base-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-devel-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt_debug-devel-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-source-rt-3.12.58-14.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-syms-rt-3.12.58-14.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.2,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-base-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-devel-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute_debug-devel-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-devel-rt-3.12.58-14.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-base-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-devel-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt_debug-devel-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-source-rt-3.12.58-14.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-syms-rt-3.12.58-14.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-07-08T11:47:22Z",
"details": "low"
}
],
"title": "CVE-2015-8785"
},
{
"cve": "CVE-2015-8812",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-8812"
}
],
"notes": [
{
"category": "general",
"text": "drivers/infiniband/hw/cxgb3/iwch_cm.c in the Linux kernel before 4.5 does not properly identify error conditions, which allows remote attackers to execute arbitrary code or cause a denial of service (use-after-free) via crafted packets.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-base-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-devel-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute_debug-devel-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-devel-rt-3.12.58-14.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-base-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-devel-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt_debug-devel-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-source-rt-3.12.58-14.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-syms-rt-3.12.58-14.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-8812",
"url": "https://www.suse.com/security/cve/CVE-2015-8812"
},
{
"category": "external",
"summary": "SUSE Bug 1020452 for CVE-2015-8812",
"url": "https://bugzilla.suse.com/1020452"
},
{
"category": "external",
"summary": "SUSE Bug 1115893 for CVE-2015-8812",
"url": "https://bugzilla.suse.com/1115893"
},
{
"category": "external",
"summary": "SUSE Bug 966437 for CVE-2015-8812",
"url": "https://bugzilla.suse.com/966437"
},
{
"category": "external",
"summary": "SUSE Bug 966683 for CVE-2015-8812",
"url": "https://bugzilla.suse.com/966683"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-base-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-devel-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute_debug-devel-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-devel-rt-3.12.58-14.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-base-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-devel-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt_debug-devel-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-source-rt-3.12.58-14.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-syms-rt-3.12.58-14.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-base-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-devel-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute_debug-devel-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-devel-rt-3.12.58-14.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-base-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-devel-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt_debug-devel-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-source-rt-3.12.58-14.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-syms-rt-3.12.58-14.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-07-08T11:47:22Z",
"details": "moderate"
}
],
"title": "CVE-2015-8812"
},
{
"cve": "CVE-2015-8816",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-8816"
}
],
"notes": [
{
"category": "general",
"text": "The hub_activate function in drivers/usb/core/hub.c in the Linux kernel before 4.3.5 does not properly maintain a hub-interface data structure, which allows physically proximate attackers to cause a denial of service (invalid memory access and system crash) or possibly have unspecified other impact by unplugging a USB hub device.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-base-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-devel-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute_debug-devel-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-devel-rt-3.12.58-14.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-base-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-devel-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt_debug-devel-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-source-rt-3.12.58-14.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-syms-rt-3.12.58-14.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-8816",
"url": "https://www.suse.com/security/cve/CVE-2015-8816"
},
{
"category": "external",
"summary": "SUSE Bug 1020452 for CVE-2015-8816",
"url": "https://bugzilla.suse.com/1020452"
},
{
"category": "external",
"summary": "SUSE Bug 968010 for CVE-2015-8816",
"url": "https://bugzilla.suse.com/968010"
},
{
"category": "external",
"summary": "SUSE Bug 979064 for CVE-2015-8816",
"url": "https://bugzilla.suse.com/979064"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-base-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-devel-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute_debug-devel-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-devel-rt-3.12.58-14.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-base-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-devel-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt_debug-devel-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-source-rt-3.12.58-14.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-syms-rt-3.12.58-14.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-base-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-devel-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute_debug-devel-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-devel-rt-3.12.58-14.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-base-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-devel-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt_debug-devel-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-source-rt-3.12.58-14.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-syms-rt-3.12.58-14.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-07-08T11:47:22Z",
"details": "low"
}
],
"title": "CVE-2015-8816"
},
{
"cve": "CVE-2016-0723",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-0723"
}
],
"notes": [
{
"category": "general",
"text": "Race condition in the tty_ioctl function in drivers/tty/tty_io.c in the Linux kernel through 4.4.1 allows local users to obtain sensitive information from kernel memory or cause a denial of service (use-after-free and system crash) by making a TIOCGETD ioctl call during processing of a TIOCSETD ioctl call.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-base-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-devel-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute_debug-devel-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-devel-rt-3.12.58-14.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-base-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-devel-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt_debug-devel-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-source-rt-3.12.58-14.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-syms-rt-3.12.58-14.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-0723",
"url": "https://www.suse.com/security/cve/CVE-2016-0723"
},
{
"category": "external",
"summary": "SUSE Bug 1020452 for CVE-2016-0723",
"url": "https://bugzilla.suse.com/1020452"
},
{
"category": "external",
"summary": "SUSE Bug 961500 for CVE-2016-0723",
"url": "https://bugzilla.suse.com/961500"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-base-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-devel-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute_debug-devel-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-devel-rt-3.12.58-14.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-base-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-devel-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt_debug-devel-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-source-rt-3.12.58-14.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-syms-rt-3.12.58-14.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-base-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-devel-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute_debug-devel-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-devel-rt-3.12.58-14.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-base-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-devel-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt_debug-devel-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-source-rt-3.12.58-14.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-syms-rt-3.12.58-14.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-07-08T11:47:22Z",
"details": "low"
}
],
"title": "CVE-2016-0723"
},
{
"cve": "CVE-2016-2143",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-2143"
}
],
"notes": [
{
"category": "general",
"text": "The fork implementation in the Linux kernel before 4.5 on s390 platforms mishandles the case of four page-table levels, which allows local users to cause a denial of service (system crash) or possibly have unspecified other impact via a crafted application, related to arch/s390/include/asm/mmu_context.h and arch/s390/include/asm/pgalloc.h.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-base-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-devel-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute_debug-devel-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-devel-rt-3.12.58-14.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-base-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-devel-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt_debug-devel-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-source-rt-3.12.58-14.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-syms-rt-3.12.58-14.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-2143",
"url": "https://www.suse.com/security/cve/CVE-2016-2143"
},
{
"category": "external",
"summary": "SUSE Bug 1115893 for CVE-2016-2143",
"url": "https://bugzilla.suse.com/1115893"
},
{
"category": "external",
"summary": "SUSE Bug 970504 for CVE-2016-2143",
"url": "https://bugzilla.suse.com/970504"
},
{
"category": "external",
"summary": "SUSE Bug 993872 for CVE-2016-2143",
"url": "https://bugzilla.suse.com/993872"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-base-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-devel-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute_debug-devel-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-devel-rt-3.12.58-14.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-base-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-devel-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt_debug-devel-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-source-rt-3.12.58-14.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-syms-rt-3.12.58-14.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-base-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-devel-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute_debug-devel-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-devel-rt-3.12.58-14.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-base-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-devel-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt_debug-devel-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-source-rt-3.12.58-14.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-syms-rt-3.12.58-14.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-07-08T11:47:22Z",
"details": "important"
}
],
"title": "CVE-2016-2143"
},
{
"cve": "CVE-2016-2184",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-2184"
}
],
"notes": [
{
"category": "general",
"text": "The create_fixed_stream_quirk function in sound/usb/quirks.c in the snd-usb-audio driver in the Linux kernel before 4.5.1 allows physically proximate attackers to cause a denial of service (NULL pointer dereference or double free, and system crash) via a crafted endpoints value in a USB device descriptor.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-base-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-devel-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute_debug-devel-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-devel-rt-3.12.58-14.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-base-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-devel-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt_debug-devel-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-source-rt-3.12.58-14.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-syms-rt-3.12.58-14.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-2184",
"url": "https://www.suse.com/security/cve/CVE-2016-2184"
},
{
"category": "external",
"summary": "SUSE Bug 1020452 for CVE-2016-2184",
"url": "https://bugzilla.suse.com/1020452"
},
{
"category": "external",
"summary": "SUSE Bug 971125 for CVE-2016-2184",
"url": "https://bugzilla.suse.com/971125"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-base-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-devel-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute_debug-devel-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-devel-rt-3.12.58-14.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-base-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-devel-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt_debug-devel-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-source-rt-3.12.58-14.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-syms-rt-3.12.58-14.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-base-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-devel-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute_debug-devel-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-devel-rt-3.12.58-14.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-base-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-devel-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt_debug-devel-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-source-rt-3.12.58-14.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-syms-rt-3.12.58-14.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-07-08T11:47:22Z",
"details": "low"
}
],
"title": "CVE-2016-2184"
},
{
"cve": "CVE-2016-2185",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-2185"
}
],
"notes": [
{
"category": "general",
"text": "The ati_remote2_probe function in drivers/input/misc/ati_remote2.c in the Linux kernel before 4.5.1 allows physically proximate attackers to cause a denial of service (NULL pointer dereference and system crash) via a crafted endpoints value in a USB device descriptor.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-base-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-devel-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute_debug-devel-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-devel-rt-3.12.58-14.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-base-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-devel-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt_debug-devel-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-source-rt-3.12.58-14.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-syms-rt-3.12.58-14.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-2185",
"url": "https://www.suse.com/security/cve/CVE-2016-2185"
},
{
"category": "external",
"summary": "SUSE Bug 1020452 for CVE-2016-2185",
"url": "https://bugzilla.suse.com/1020452"
},
{
"category": "external",
"summary": "SUSE Bug 971124 for CVE-2016-2185",
"url": "https://bugzilla.suse.com/971124"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-base-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-devel-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute_debug-devel-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-devel-rt-3.12.58-14.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-base-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-devel-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt_debug-devel-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-source-rt-3.12.58-14.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-syms-rt-3.12.58-14.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-base-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-devel-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute_debug-devel-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-devel-rt-3.12.58-14.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-base-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-devel-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt_debug-devel-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-source-rt-3.12.58-14.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-syms-rt-3.12.58-14.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-07-08T11:47:22Z",
"details": "low"
}
],
"title": "CVE-2016-2185"
},
{
"cve": "CVE-2016-2186",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-2186"
}
],
"notes": [
{
"category": "general",
"text": "The powermate_probe function in drivers/input/misc/powermate.c in the Linux kernel before 4.5.1 allows physically proximate attackers to cause a denial of service (NULL pointer dereference and system crash) via a crafted endpoints value in a USB device descriptor.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-base-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-devel-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute_debug-devel-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-devel-rt-3.12.58-14.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-base-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-devel-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt_debug-devel-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-source-rt-3.12.58-14.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-syms-rt-3.12.58-14.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-2186",
"url": "https://www.suse.com/security/cve/CVE-2016-2186"
},
{
"category": "external",
"summary": "SUSE Bug 1020452 for CVE-2016-2186",
"url": "https://bugzilla.suse.com/1020452"
},
{
"category": "external",
"summary": "SUSE Bug 970958 for CVE-2016-2186",
"url": "https://bugzilla.suse.com/970958"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-base-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-devel-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute_debug-devel-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-devel-rt-3.12.58-14.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-base-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-devel-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt_debug-devel-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-source-rt-3.12.58-14.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-syms-rt-3.12.58-14.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-base-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-devel-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute_debug-devel-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-devel-rt-3.12.58-14.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-base-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-devel-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt_debug-devel-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-source-rt-3.12.58-14.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-syms-rt-3.12.58-14.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-07-08T11:47:22Z",
"details": "low"
}
],
"title": "CVE-2016-2186"
},
{
"cve": "CVE-2016-2188",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-2188"
}
],
"notes": [
{
"category": "general",
"text": "The iowarrior_probe function in drivers/usb/misc/iowarrior.c in the Linux kernel before 4.5.1 allows physically proximate attackers to cause a denial of service (NULL pointer dereference and system crash) via a crafted endpoints value in a USB device descriptor.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-base-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-devel-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute_debug-devel-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-devel-rt-3.12.58-14.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-base-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-devel-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt_debug-devel-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-source-rt-3.12.58-14.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-syms-rt-3.12.58-14.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-2188",
"url": "https://www.suse.com/security/cve/CVE-2016-2188"
},
{
"category": "external",
"summary": "SUSE Bug 1020452 for CVE-2016-2188",
"url": "https://bugzilla.suse.com/1020452"
},
{
"category": "external",
"summary": "SUSE Bug 1067912 for CVE-2016-2188",
"url": "https://bugzilla.suse.com/1067912"
},
{
"category": "external",
"summary": "SUSE Bug 1132190 for CVE-2016-2188",
"url": "https://bugzilla.suse.com/1132190"
},
{
"category": "external",
"summary": "SUSE Bug 970956 for CVE-2016-2188",
"url": "https://bugzilla.suse.com/970956"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-base-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-devel-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute_debug-devel-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-devel-rt-3.12.58-14.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-base-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-devel-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt_debug-devel-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-source-rt-3.12.58-14.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-syms-rt-3.12.58-14.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-base-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-devel-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute_debug-devel-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-devel-rt-3.12.58-14.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-base-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-devel-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt_debug-devel-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-source-rt-3.12.58-14.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-syms-rt-3.12.58-14.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-07-08T11:47:22Z",
"details": "low"
}
],
"title": "CVE-2016-2188"
},
{
"cve": "CVE-2016-2384",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-2384"
}
],
"notes": [
{
"category": "general",
"text": "Double free vulnerability in the snd_usbmidi_create function in sound/usb/midi.c in the Linux kernel before 4.5 allows physically proximate attackers to cause a denial of service (panic) or possibly have unspecified other impact via vectors involving an invalid USB descriptor.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-base-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-devel-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute_debug-devel-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-devel-rt-3.12.58-14.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-base-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-devel-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt_debug-devel-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-source-rt-3.12.58-14.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-syms-rt-3.12.58-14.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-2384",
"url": "https://www.suse.com/security/cve/CVE-2016-2384"
},
{
"category": "external",
"summary": "SUSE Bug 1020452 for CVE-2016-2384",
"url": "https://bugzilla.suse.com/1020452"
},
{
"category": "external",
"summary": "SUSE Bug 966693 for CVE-2016-2384",
"url": "https://bugzilla.suse.com/966693"
},
{
"category": "external",
"summary": "SUSE Bug 967773 for CVE-2016-2384",
"url": "https://bugzilla.suse.com/967773"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-base-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-devel-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute_debug-devel-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-devel-rt-3.12.58-14.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-base-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-devel-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt_debug-devel-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-source-rt-3.12.58-14.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-syms-rt-3.12.58-14.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-base-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-devel-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute_debug-devel-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-devel-rt-3.12.58-14.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-base-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-devel-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt_debug-devel-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-source-rt-3.12.58-14.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-syms-rt-3.12.58-14.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-07-08T11:47:22Z",
"details": "low"
}
],
"title": "CVE-2016-2384"
},
{
"cve": "CVE-2016-2782",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-2782"
}
],
"notes": [
{
"category": "general",
"text": "The treo_attach function in drivers/usb/serial/visor.c in the Linux kernel before 4.5 allows physically proximate attackers to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact by inserting a USB device that lacks a (1) bulk-in or (2) interrupt-in endpoint.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-base-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-devel-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute_debug-devel-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-devel-rt-3.12.58-14.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-base-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-devel-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt_debug-devel-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-source-rt-3.12.58-14.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-syms-rt-3.12.58-14.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-2782",
"url": "https://www.suse.com/security/cve/CVE-2016-2782"
},
{
"category": "external",
"summary": "SUSE Bug 1020452 for CVE-2016-2782",
"url": "https://bugzilla.suse.com/1020452"
},
{
"category": "external",
"summary": "SUSE Bug 961512 for CVE-2016-2782",
"url": "https://bugzilla.suse.com/961512"
},
{
"category": "external",
"summary": "SUSE Bug 968670 for CVE-2016-2782",
"url": "https://bugzilla.suse.com/968670"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-base-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-devel-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute_debug-devel-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-devel-rt-3.12.58-14.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-base-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-devel-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt_debug-devel-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-source-rt-3.12.58-14.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-syms-rt-3.12.58-14.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-base-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-devel-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute_debug-devel-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-devel-rt-3.12.58-14.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-base-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-devel-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt_debug-devel-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-source-rt-3.12.58-14.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-syms-rt-3.12.58-14.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-07-08T11:47:22Z",
"details": "moderate"
}
],
"title": "CVE-2016-2782"
},
{
"cve": "CVE-2016-3134",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-3134"
}
],
"notes": [
{
"category": "general",
"text": "The netfilter subsystem in the Linux kernel through 4.5.2 does not validate certain offset fields, which allows local users to gain privileges or cause a denial of service (heap memory corruption) via an IPT_SO_SET_REPLACE setsockopt call.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-base-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-devel-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute_debug-devel-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-devel-rt-3.12.58-14.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-base-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-devel-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt_debug-devel-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-source-rt-3.12.58-14.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-syms-rt-3.12.58-14.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-3134",
"url": "https://www.suse.com/security/cve/CVE-2016-3134"
},
{
"category": "external",
"summary": "SUSE Bug 1020452 for CVE-2016-3134",
"url": "https://bugzilla.suse.com/1020452"
},
{
"category": "external",
"summary": "SUSE Bug 1052256 for CVE-2016-3134",
"url": "https://bugzilla.suse.com/1052256"
},
{
"category": "external",
"summary": "SUSE Bug 1115893 for CVE-2016-3134",
"url": "https://bugzilla.suse.com/1115893"
},
{
"category": "external",
"summary": "SUSE Bug 971126 for CVE-2016-3134",
"url": "https://bugzilla.suse.com/971126"
},
{
"category": "external",
"summary": "SUSE Bug 971793 for CVE-2016-3134",
"url": "https://bugzilla.suse.com/971793"
},
{
"category": "external",
"summary": "SUSE Bug 986362 for CVE-2016-3134",
"url": "https://bugzilla.suse.com/986362"
},
{
"category": "external",
"summary": "SUSE Bug 986365 for CVE-2016-3134",
"url": "https://bugzilla.suse.com/986365"
},
{
"category": "external",
"summary": "SUSE Bug 986377 for CVE-2016-3134",
"url": "https://bugzilla.suse.com/986377"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-base-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-devel-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute_debug-devel-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-devel-rt-3.12.58-14.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-base-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-devel-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt_debug-devel-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-source-rt-3.12.58-14.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-syms-rt-3.12.58-14.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.4,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-base-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-devel-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute_debug-devel-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-devel-rt-3.12.58-14.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-base-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-devel-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt_debug-devel-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-source-rt-3.12.58-14.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-syms-rt-3.12.58-14.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-07-08T11:47:22Z",
"details": "low"
}
],
"title": "CVE-2016-3134"
},
{
"cve": "CVE-2016-3136",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-3136"
}
],
"notes": [
{
"category": "general",
"text": "The mct_u232_msr_to_state function in drivers/usb/serial/mct_u232.c in the Linux kernel before 4.5.1 allows physically proximate attackers to cause a denial of service (NULL pointer dereference and system crash) via a crafted USB device without two interrupt-in endpoint descriptors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-base-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-devel-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute_debug-devel-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-devel-rt-3.12.58-14.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-base-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-devel-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt_debug-devel-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-source-rt-3.12.58-14.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-syms-rt-3.12.58-14.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-3136",
"url": "https://www.suse.com/security/cve/CVE-2016-3136"
},
{
"category": "external",
"summary": "SUSE Bug 970955 for CVE-2016-3136",
"url": "https://bugzilla.suse.com/970955"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-base-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-devel-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute_debug-devel-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-devel-rt-3.12.58-14.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-base-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-devel-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt_debug-devel-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-source-rt-3.12.58-14.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-syms-rt-3.12.58-14.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-base-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-devel-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute_debug-devel-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-devel-rt-3.12.58-14.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-base-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-devel-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt_debug-devel-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-source-rt-3.12.58-14.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-syms-rt-3.12.58-14.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-07-08T11:47:22Z",
"details": "moderate"
}
],
"title": "CVE-2016-3136"
},
{
"cve": "CVE-2016-3137",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-3137"
}
],
"notes": [
{
"category": "general",
"text": "drivers/usb/serial/cypress_m8.c in the Linux kernel before 4.5.1 allows physically proximate attackers to cause a denial of service (NULL pointer dereference and system crash) via a USB device without both an interrupt-in and an interrupt-out endpoint descriptor, related to the cypress_generic_port_probe and cypress_open functions.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-base-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-devel-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute_debug-devel-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-devel-rt-3.12.58-14.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-base-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-devel-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt_debug-devel-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-source-rt-3.12.58-14.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-syms-rt-3.12.58-14.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-3137",
"url": "https://www.suse.com/security/cve/CVE-2016-3137"
},
{
"category": "external",
"summary": "SUSE Bug 1020452 for CVE-2016-3137",
"url": "https://bugzilla.suse.com/1020452"
},
{
"category": "external",
"summary": "SUSE Bug 970970 for CVE-2016-3137",
"url": "https://bugzilla.suse.com/970970"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-base-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-devel-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute_debug-devel-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-devel-rt-3.12.58-14.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-base-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-devel-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt_debug-devel-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-source-rt-3.12.58-14.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-syms-rt-3.12.58-14.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-base-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-devel-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute_debug-devel-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-devel-rt-3.12.58-14.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-base-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-devel-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt_debug-devel-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-source-rt-3.12.58-14.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-syms-rt-3.12.58-14.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-07-08T11:47:22Z",
"details": "low"
}
],
"title": "CVE-2016-3137"
},
{
"cve": "CVE-2016-3138",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-3138"
}
],
"notes": [
{
"category": "general",
"text": "The acm_probe function in drivers/usb/class/cdc-acm.c in the Linux kernel before 4.5.1 allows physically proximate attackers to cause a denial of service (NULL pointer dereference and system crash) via a USB device without both a control and a data endpoint descriptor.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-base-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-devel-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute_debug-devel-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-devel-rt-3.12.58-14.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-base-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-devel-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt_debug-devel-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-source-rt-3.12.58-14.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-syms-rt-3.12.58-14.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-3138",
"url": "https://www.suse.com/security/cve/CVE-2016-3138"
},
{
"category": "external",
"summary": "SUSE Bug 1020452 for CVE-2016-3138",
"url": "https://bugzilla.suse.com/1020452"
},
{
"category": "external",
"summary": "SUSE Bug 970911 for CVE-2016-3138",
"url": "https://bugzilla.suse.com/970911"
},
{
"category": "external",
"summary": "SUSE Bug 970970 for CVE-2016-3138",
"url": "https://bugzilla.suse.com/970970"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-base-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-devel-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute_debug-devel-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-devel-rt-3.12.58-14.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-base-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-devel-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt_debug-devel-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-source-rt-3.12.58-14.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-syms-rt-3.12.58-14.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-base-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-devel-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute_debug-devel-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-devel-rt-3.12.58-14.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-base-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-devel-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt_debug-devel-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-source-rt-3.12.58-14.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-syms-rt-3.12.58-14.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-07-08T11:47:22Z",
"details": "low"
}
],
"title": "CVE-2016-3138"
},
{
"cve": "CVE-2016-3139",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-3139"
}
],
"notes": [
{
"category": "general",
"text": "The wacom_probe function in drivers/input/tablet/wacom_sys.c in the Linux kernel before 3.17 allows physically proximate attackers to cause a denial of service (NULL pointer dereference and system crash) via a crafted endpoints value in a USB device descriptor.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-base-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-devel-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute_debug-devel-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-devel-rt-3.12.58-14.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-base-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-devel-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt_debug-devel-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-source-rt-3.12.58-14.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-syms-rt-3.12.58-14.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-3139",
"url": "https://www.suse.com/security/cve/CVE-2016-3139"
},
{
"category": "external",
"summary": "SUSE Bug 1020452 for CVE-2016-3139",
"url": "https://bugzilla.suse.com/1020452"
},
{
"category": "external",
"summary": "SUSE Bug 970909 for CVE-2016-3139",
"url": "https://bugzilla.suse.com/970909"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-base-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-devel-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute_debug-devel-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-devel-rt-3.12.58-14.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-base-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-devel-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt_debug-devel-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-source-rt-3.12.58-14.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-syms-rt-3.12.58-14.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-base-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-devel-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute_debug-devel-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-devel-rt-3.12.58-14.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-base-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-devel-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt_debug-devel-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-source-rt-3.12.58-14.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-syms-rt-3.12.58-14.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-07-08T11:47:22Z",
"details": "low"
}
],
"title": "CVE-2016-3139"
},
{
"cve": "CVE-2016-3140",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-3140"
}
],
"notes": [
{
"category": "general",
"text": "The digi_port_init function in drivers/usb/serial/digi_acceleport.c in the Linux kernel before 4.5.1 allows physically proximate attackers to cause a denial of service (NULL pointer dereference and system crash) via a crafted endpoints value in a USB device descriptor.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-base-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-devel-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute_debug-devel-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-devel-rt-3.12.58-14.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-base-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-devel-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt_debug-devel-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-source-rt-3.12.58-14.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-syms-rt-3.12.58-14.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-3140",
"url": "https://www.suse.com/security/cve/CVE-2016-3140"
},
{
"category": "external",
"summary": "SUSE Bug 1020452 for CVE-2016-3140",
"url": "https://bugzilla.suse.com/1020452"
},
{
"category": "external",
"summary": "SUSE Bug 970892 for CVE-2016-3140",
"url": "https://bugzilla.suse.com/970892"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-base-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-devel-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute_debug-devel-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-devel-rt-3.12.58-14.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-base-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-devel-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt_debug-devel-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-source-rt-3.12.58-14.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-syms-rt-3.12.58-14.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-base-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-devel-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute_debug-devel-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-devel-rt-3.12.58-14.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-base-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-devel-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt_debug-devel-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-source-rt-3.12.58-14.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-syms-rt-3.12.58-14.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-07-08T11:47:22Z",
"details": "low"
}
],
"title": "CVE-2016-3140"
},
{
"cve": "CVE-2016-3156",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-3156"
}
],
"notes": [
{
"category": "general",
"text": "The IPv4 implementation in the Linux kernel before 4.5.2 mishandles destruction of device objects, which allows guest OS users to cause a denial of service (host OS networking outage) by arranging for a large number of IP addresses.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-base-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-devel-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute_debug-devel-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-devel-rt-3.12.58-14.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-base-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-devel-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt_debug-devel-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-source-rt-3.12.58-14.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-syms-rt-3.12.58-14.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-3156",
"url": "https://www.suse.com/security/cve/CVE-2016-3156"
},
{
"category": "external",
"summary": "SUSE Bug 1020452 for CVE-2016-3156",
"url": "https://bugzilla.suse.com/1020452"
},
{
"category": "external",
"summary": "SUSE Bug 971360 for CVE-2016-3156",
"url": "https://bugzilla.suse.com/971360"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-base-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-devel-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute_debug-devel-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-devel-rt-3.12.58-14.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-base-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-devel-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt_debug-devel-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-source-rt-3.12.58-14.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-syms-rt-3.12.58-14.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-base-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-devel-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute_debug-devel-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-devel-rt-3.12.58-14.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-base-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-devel-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt_debug-devel-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-source-rt-3.12.58-14.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-syms-rt-3.12.58-14.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-07-08T11:47:22Z",
"details": "low"
}
],
"title": "CVE-2016-3156"
},
{
"cve": "CVE-2016-3689",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-3689"
}
],
"notes": [
{
"category": "general",
"text": "The ims_pcu_parse_cdc_data function in drivers/input/misc/ims-pcu.c in the Linux kernel before 4.5.1 allows physically proximate attackers to cause a denial of service (system crash) via a USB device without both a master and a slave interface.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-base-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-devel-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute_debug-devel-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-devel-rt-3.12.58-14.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-base-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-devel-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt_debug-devel-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-source-rt-3.12.58-14.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-syms-rt-3.12.58-14.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-3689",
"url": "https://www.suse.com/security/cve/CVE-2016-3689"
},
{
"category": "external",
"summary": "SUSE Bug 971628 for CVE-2016-3689",
"url": "https://bugzilla.suse.com/971628"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-base-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-devel-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute_debug-devel-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-devel-rt-3.12.58-14.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-base-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-devel-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt_debug-devel-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-source-rt-3.12.58-14.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-syms-rt-3.12.58-14.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-base-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-devel-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute_debug-devel-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-devel-rt-3.12.58-14.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-base-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-devel-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt_debug-devel-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-source-rt-3.12.58-14.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-syms-rt-3.12.58-14.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-07-08T11:47:22Z",
"details": "moderate"
}
],
"title": "CVE-2016-3689"
},
{
"cve": "CVE-2016-3707",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-3707"
}
],
"notes": [
{
"category": "general",
"text": "The icmp_check_sysrq function in net/ipv4/icmp.c in the kernel.org projects/rt patches for the Linux kernel, as used in the kernel-rt package before 3.10.0-327.22.1 in Red Hat Enterprise Linux for Real Time 7 and other products, allows remote attackers to execute SysRq commands via crafted ICMP Echo Request packets, as demonstrated by a brute-force attack to discover a cookie, or an attack that occurs after reading the local icmp_echo_sysrq file.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-base-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-devel-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute_debug-devel-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-devel-rt-3.12.58-14.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-base-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-devel-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt_debug-devel-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-source-rt-3.12.58-14.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-syms-rt-3.12.58-14.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-3707",
"url": "https://www.suse.com/security/cve/CVE-2016-3707"
},
{
"category": "external",
"summary": "SUSE Bug 980246 for CVE-2016-3707",
"url": "https://bugzilla.suse.com/980246"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-base-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-devel-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute_debug-devel-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-devel-rt-3.12.58-14.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-base-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-devel-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt_debug-devel-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-source-rt-3.12.58-14.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-syms-rt-3.12.58-14.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-base-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-devel-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute_debug-devel-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-devel-rt-3.12.58-14.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-base-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-devel-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt_debug-devel-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-source-rt-3.12.58-14.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-syms-rt-3.12.58-14.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-07-08T11:47:22Z",
"details": "important"
}
],
"title": "CVE-2016-3707"
},
{
"cve": "CVE-2016-3951",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-3951"
}
],
"notes": [
{
"category": "general",
"text": "Double free vulnerability in drivers/net/usb/cdc_ncm.c in the Linux kernel before 4.5 allows physically proximate attackers to cause a denial of service (system crash) or possibly have unspecified other impact by inserting a USB device with an invalid USB descriptor.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-base-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-devel-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute_debug-devel-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-devel-rt-3.12.58-14.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-base-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-devel-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt_debug-devel-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-source-rt-3.12.58-14.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-syms-rt-3.12.58-14.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-3951",
"url": "https://www.suse.com/security/cve/CVE-2016-3951"
},
{
"category": "external",
"summary": "SUSE Bug 974418 for CVE-2016-3951",
"url": "https://bugzilla.suse.com/974418"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-base-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-devel-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute_debug-devel-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-devel-rt-3.12.58-14.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-base-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-devel-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt_debug-devel-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-source-rt-3.12.58-14.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-syms-rt-3.12.58-14.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-base-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-devel-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute_debug-devel-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-devel-rt-3.12.58-14.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-base-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-devel-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt_debug-devel-3.12.58-14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-source-rt-3.12.58-14.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-syms-rt-3.12.58-14.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-07-08T11:47:22Z",
"details": "moderate"
}
],
"title": "CVE-2016-3951"
}
]
}
ghsa-fpp6-vh8j-3rgm
Vulnerability from github
Published
2022-05-17 00:27
Modified
2022-05-17 00:27
Severity ?
VLAI Severity ?
Details
** DISPUTED ** kernel/ptrace.c in the Linux kernel through 4.4.1 mishandles uid and gid mappings, which allows local users to gain privileges by establishing a user namespace, waiting for a root process to enter that namespace with an unsafe uid or gid, and then using the ptrace system call. NOTE: the vendor states "there is no kernel bug here."
{
"affected": [],
"aliases": [
"CVE-2015-8709"
],
"database_specific": {
"cwe_ids": [],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2016-02-08T03:59:00Z",
"severity": "HIGH"
},
"details": "** DISPUTED ** kernel/ptrace.c in the Linux kernel through 4.4.1 mishandles uid and gid mappings, which allows local users to gain privileges by establishing a user namespace, waiting for a root process to enter that namespace with an unsafe uid or gid, and then using the ptrace system call. NOTE: the vendor states \"there is no kernel bug here.\"",
"id": "GHSA-fpp6-vh8j-3rgm",
"modified": "2022-05-17T00:27:49Z",
"published": "2022-05-17T00:27:49Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2015-8709"
},
{
"type": "WEB",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1295287"
},
{
"type": "WEB",
"url": "https://lkml.org/lkml/2015/12/25/71"
},
{
"type": "WEB",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-February/176484.html"
},
{
"type": "WEB",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00015.html"
},
{
"type": "WEB",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00019.html"
},
{
"type": "WEB",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00025.html"
},
{
"type": "WEB",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00026.html"
},
{
"type": "WEB",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00027.html"
},
{
"type": "WEB",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00028.html"
},
{
"type": "WEB",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00029.html"
},
{
"type": "WEB",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00030.html"
},
{
"type": "WEB",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00031.html"
},
{
"type": "WEB",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00032.html"
},
{
"type": "WEB",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00033.html"
},
{
"type": "WEB",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00034.html"
},
{
"type": "WEB",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00036.html"
},
{
"type": "WEB",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00037.html"
},
{
"type": "WEB",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00005.html"
},
{
"type": "WEB",
"url": "http://marc.info/?l=linux-kernel\u0026m=145204362722256\u0026w=2"
},
{
"type": "WEB",
"url": "http://marc.info/?l=linux-kernel\u0026m=145204641422813\u0026w=2"
},
{
"type": "WEB",
"url": "http://www.debian.org/security/2016/dsa-3434"
},
{
"type": "WEB",
"url": "http://www.openwall.com/lists/oss-security/2015/12/17/12"
},
{
"type": "WEB",
"url": "http://www.openwall.com/lists/oss-security/2015/12/31/5"
},
{
"type": "WEB",
"url": "http://www.securityfocus.com/bid/79899"
},
{
"type": "WEB",
"url": "http://www.securitytracker.com/id/1034899"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
fkie_cve-2015-8709
Vulnerability from fkie_nvd
Published
2016-02-08 03:59
Modified
2025-04-12 10:46
Severity ?
Summary
kernel/ptrace.c in the Linux kernel through 4.4.1 mishandles uid and gid mappings, which allows local users to gain privileges by establishing a user namespace, waiting for a root process to enter that namespace with an unsafe uid or gid, and then using the ptrace system call. NOTE: the vendor states "there is no kernel bug here.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| security@debian.org | http://lists.fedoraproject.org/pipermail/package-announce/2016-February/176484.html | ||
| security@debian.org | http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00015.html | ||
| security@debian.org | http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00019.html | ||
| security@debian.org | http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00025.html | ||
| security@debian.org | http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00026.html | ||
| security@debian.org | http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00027.html | ||
| security@debian.org | http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00028.html | ||
| security@debian.org | http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00029.html | ||
| security@debian.org | http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00030.html | ||
| security@debian.org | http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00031.html | ||
| security@debian.org | http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00032.html | ||
| security@debian.org | http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00033.html | ||
| security@debian.org | http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00034.html | ||
| security@debian.org | http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00036.html | ||
| security@debian.org | http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00037.html | ||
| security@debian.org | http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00005.html | ||
| security@debian.org | http://marc.info/?l=linux-kernel&m=145204362722256&w=2 | ||
| security@debian.org | http://marc.info/?l=linux-kernel&m=145204641422813&w=2 | ||
| security@debian.org | http://www.debian.org/security/2016/dsa-3434 | ||
| security@debian.org | http://www.openwall.com/lists/oss-security/2015/12/17/12 | ||
| security@debian.org | http://www.openwall.com/lists/oss-security/2015/12/31/5 | ||
| security@debian.org | http://www.securityfocus.com/bid/79899 | ||
| security@debian.org | http://www.securitytracker.com/id/1034899 | ||
| security@debian.org | https://bugzilla.redhat.com/show_bug.cgi?id=1295287 | ||
| security@debian.org | https://lkml.org/lkml/2015/12/25/71 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.fedoraproject.org/pipermail/package-announce/2016-February/176484.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00015.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00019.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00025.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00026.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00027.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00028.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00029.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00030.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00031.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00032.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00033.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00034.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00036.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00037.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00005.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://marc.info/?l=linux-kernel&m=145204362722256&w=2 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://marc.info/?l=linux-kernel&m=145204641422813&w=2 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.debian.org/security/2016/dsa-3434 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.openwall.com/lists/oss-security/2015/12/17/12 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.openwall.com/lists/oss-security/2015/12/31/5 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/79899 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1034899 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.redhat.com/show_bug.cgi?id=1295287 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://lkml.org/lkml/2015/12/25/71 |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| linux | linux_kernel | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EDD97C46-E284-47DB-B96A-3B8D5013F2F7",
"versionEndIncluding": "4.4.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [
{
"sourceIdentifier": "security@debian.org",
"tags": [
"disputed"
]
}
],
"descriptions": [
{
"lang": "en",
"value": "kernel/ptrace.c in the Linux kernel through 4.4.1 mishandles uid and gid mappings, which allows local users to gain privileges by establishing a user namespace, waiting for a root process to enter that namespace with an unsafe uid or gid, and then using the ptrace system call. NOTE: the vendor states \"there is no kernel bug here."
},
{
"lang": "es",
"value": "** DISPUTADA ** kernel/ptrace.c en el kernel de Linux hasta la versi\u00f3n 4.4.1 no maneja correctamente el mapeo uid y gid, lo que permite a usuarios locales obtener privilegios estableciendo un espacio de nombres de usuario, a la espera de un proceso root para entrar ese espacio de nombres con un uid o gid inseguro, y despu\u00e9s utilizando la llamada al sistema ptrace. NOTA: el vendedor afirma \"no hay ning\u00fan error en el kernel aqu\u00ed\"."
}
],
"id": "CVE-2015-8709",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 6.9,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.4,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary"
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.0,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 1.0,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-02-08T03:59:05.887",
"references": [
{
"source": "security@debian.org",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-February/176484.html"
},
{
"source": "security@debian.org",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00015.html"
},
{
"source": "security@debian.org",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00019.html"
},
{
"source": "security@debian.org",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00025.html"
},
{
"source": "security@debian.org",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00026.html"
},
{
"source": "security@debian.org",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00027.html"
},
{
"source": "security@debian.org",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00028.html"
},
{
"source": "security@debian.org",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00029.html"
},
{
"source": "security@debian.org",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00030.html"
},
{
"source": "security@debian.org",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00031.html"
},
{
"source": "security@debian.org",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00032.html"
},
{
"source": "security@debian.org",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00033.html"
},
{
"source": "security@debian.org",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00034.html"
},
{
"source": "security@debian.org",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00036.html"
},
{
"source": "security@debian.org",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00037.html"
},
{
"source": "security@debian.org",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00005.html"
},
{
"source": "security@debian.org",
"url": "http://marc.info/?l=linux-kernel\u0026m=145204362722256\u0026w=2"
},
{
"source": "security@debian.org",
"url": "http://marc.info/?l=linux-kernel\u0026m=145204641422813\u0026w=2"
},
{
"source": "security@debian.org",
"url": "http://www.debian.org/security/2016/dsa-3434"
},
{
"source": "security@debian.org",
"url": "http://www.openwall.com/lists/oss-security/2015/12/17/12"
},
{
"source": "security@debian.org",
"url": "http://www.openwall.com/lists/oss-security/2015/12/31/5"
},
{
"source": "security@debian.org",
"url": "http://www.securityfocus.com/bid/79899"
},
{
"source": "security@debian.org",
"url": "http://www.securitytracker.com/id/1034899"
},
{
"source": "security@debian.org",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1295287"
},
{
"source": "security@debian.org",
"url": "https://lkml.org/lkml/2015/12/25/71"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-February/176484.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00015.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00019.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00025.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00026.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00027.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00028.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00029.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00030.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00031.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00032.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00033.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00034.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00036.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00037.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00005.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=linux-kernel\u0026m=145204362722256\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=linux-kernel\u0026m=145204641422813\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2016/dsa-3434"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.openwall.com/lists/oss-security/2015/12/17/12"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.openwall.com/lists/oss-security/2015/12/31/5"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/79899"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1034899"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1295287"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lkml.org/lkml/2015/12/25/71"
}
],
"sourceIdentifier": "security@debian.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-264"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
gsd-2015-8709
Vulnerability from gsd
Modified
2023-12-13 01:20
Details
** DISPUTED ** kernel/ptrace.c in the Linux kernel through 4.4.1 mishandles uid and gid mappings, which allows local users to gain privileges by establishing a user namespace, waiting for a root process to enter that namespace with an unsafe uid or gid, and then using the ptrace system call. NOTE: the vendor states "there is no kernel bug here."
Aliases
Aliases
{
"GSD": {
"alias": "CVE-2015-8709",
"description": "** DISPUTED ** kernel/ptrace.c in the Linux kernel through 4.4.1 mishandles uid and gid mappings, which allows local users to gain privileges by establishing a user namespace, waiting for a root process to enter that namespace with an unsafe uid or gid, and then using the ptrace system call. NOTE: the vendor states \"there is no kernel bug here.\"",
"id": "GSD-2015-8709",
"references": [
"https://www.suse.com/security/cve/CVE-2015-8709.html",
"https://www.debian.org/security/2016/dsa-3434",
"https://ubuntu.com/security/CVE-2015-8709",
"https://alas.aws.amazon.com/cve/html/CVE-2015-8709.html"
]
},
"gsd": {
"metadata": {
"exploitCode": "unknown",
"remediation": "unknown",
"reportConfidence": "confirmed",
"type": "vulnerability"
},
"osvSchema": {
"aliases": [
"CVE-2015-8709"
],
"details": "** DISPUTED ** kernel/ptrace.c in the Linux kernel through 4.4.1 mishandles uid and gid mappings, which allows local users to gain privileges by establishing a user namespace, waiting for a root process to enter that namespace with an unsafe uid or gid, and then using the ptrace system call. NOTE: the vendor states \"there is no kernel bug here.\"",
"id": "GSD-2015-8709",
"modified": "2023-12-13T01:20:03.604295Z",
"schema_version": "1.4.0"
}
},
"namespaces": {
"cve.org": {
"CVE_data_meta": {
"ASSIGNER": "security@debian.org",
"ID": "CVE-2015-8709",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** DISPUTED ** kernel/ptrace.c in the Linux kernel through 4.4.1 mishandles uid and gid mappings, which allows local users to gain privileges by establishing a user namespace, waiting for a root process to enter that namespace with an unsafe uid or gid, and then using the ptrace system call. NOTE: the vendor states \"there is no kernel bug here.\""
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "SUSE-SU-2016:1038",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00031.html"
},
{
"name": "SUSE-SU-2016:1033",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00027.html"
},
{
"name": "SUSE-SU-2016:1034",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00028.html"
},
{
"name": "[linux-kernel] 20151226 [PATCH] ptrace: being capable wrt a process requires mapped uids/gids",
"refsource": "MLIST",
"url": "https://lkml.org/lkml/2015/12/25/71"
},
{
"name": "SUSE-SU-2016:1035",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00029.html"
},
{
"name": "[linux-kernel] 20160106 Re: [PATCH] ptrace: being capable wrt a process requires mapped uids/gids",
"refsource": "MLIST",
"url": "http://marc.info/?l=linux-kernel\u0026m=145204641422813\u0026w=2"
},
{
"name": "SUSE-SU-2016:1764",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00005.html"
},
{
"name": "SUSE-SU-2016:1031",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00025.html"
},
{
"name": "SUSE-SU-2016:1019",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00019.html"
},
{
"name": "[oss-security] 20151231 Re: CVE Request: Linux kernel: privilege escalation in user namespaces",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2015/12/31/5"
},
{
"name": "[oss-security] 20151217 CVE Request: Linux kernel: privilege escalation in user namespaces",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2015/12/17/12"
},
{
"name": "SUSE-SU-2016:1037",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00030.html"
},
{
"name": "SUSE-SU-2016:1045",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00036.html"
},
{
"name": "[linux-kernel] 20160106 Re: [PATCH] ptrace: being capable wrt a process requires mapped uids/gids",
"refsource": "MLIST",
"url": "http://marc.info/?l=linux-kernel\u0026m=145204362722256\u0026w=2"
},
{
"name": "FEDORA-2016-5d43766e33",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-February/176484.html"
},
{
"name": "SUSE-SU-2016:1032",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00026.html"
},
{
"name": "SUSE-SU-2016:1039",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00032.html"
},
{
"name": "SUSE-SU-2016:1041",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00034.html"
},
{
"name": "SUSE-SU-2016:1046",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00037.html"
},
{
"name": "79899",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/79899"
},
{
"name": "1034899",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1034899"
},
{
"name": "openSUSE-SU-2016:1008",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00015.html"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1295287",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1295287"
},
{
"name": "DSA-3434",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2016/dsa-3434"
},
{
"name": "SUSE-SU-2016:1040",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00033.html"
}
]
}
},
"nvd.nist.gov": {
"cve": {
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EDD97C46-E284-47DB-B96A-3B8D5013F2F7",
"versionEndIncluding": "4.4.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "kernel/ptrace.c in the Linux kernel through 4.4.1 mishandles uid and gid mappings, which allows local users to gain privileges by establishing a user namespace, waiting for a root process to enter that namespace with an unsafe uid or gid, and then using the ptrace system call. NOTE: the vendor states \"there is no kernel bug here."
},
{
"lang": "es",
"value": "** DISPUTADA ** kernel/ptrace.c en el kernel de Linux hasta la versi\u00f3n 4.4.1 no maneja correctamente el mapeo uid y gid, lo que permite a usuarios locales obtener privilegios estableciendo un espacio de nombres de usuario, a la espera de un proceso root para entrar ese espacio de nombres con un uid o gid inseguro, y despu\u00e9s utilizando la llamada al sistema ptrace. NOTA: el vendedor afirma \"no hay ning\u00fan error en el kernel aqu\u00ed\"."
}
],
"id": "CVE-2015-8709",
"lastModified": "2024-04-11T00:54:37.300",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 6.9,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.4,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary"
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.0,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 1.0,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-02-08T03:59:05.887",
"references": [
{
"source": "security@debian.org",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-February/176484.html"
},
{
"source": "security@debian.org",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00015.html"
},
{
"source": "security@debian.org",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00019.html"
},
{
"source": "security@debian.org",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00025.html"
},
{
"source": "security@debian.org",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00026.html"
},
{
"source": "security@debian.org",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00027.html"
},
{
"source": "security@debian.org",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00028.html"
},
{
"source": "security@debian.org",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00029.html"
},
{
"source": "security@debian.org",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00030.html"
},
{
"source": "security@debian.org",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00031.html"
},
{
"source": "security@debian.org",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00032.html"
},
{
"source": "security@debian.org",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00033.html"
},
{
"source": "security@debian.org",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00034.html"
},
{
"source": "security@debian.org",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00036.html"
},
{
"source": "security@debian.org",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00037.html"
},
{
"source": "security@debian.org",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00005.html"
},
{
"source": "security@debian.org",
"url": "http://marc.info/?l=linux-kernel\u0026m=145204362722256\u0026w=2"
},
{
"source": "security@debian.org",
"url": "http://marc.info/?l=linux-kernel\u0026m=145204641422813\u0026w=2"
},
{
"source": "security@debian.org",
"url": "http://www.debian.org/security/2016/dsa-3434"
},
{
"source": "security@debian.org",
"url": "http://www.openwall.com/lists/oss-security/2015/12/17/12"
},
{
"source": "security@debian.org",
"url": "http://www.openwall.com/lists/oss-security/2015/12/31/5"
},
{
"source": "security@debian.org",
"url": "http://www.securityfocus.com/bid/79899"
},
{
"source": "security@debian.org",
"url": "http://www.securitytracker.com/id/1034899"
},
{
"source": "security@debian.org",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1295287"
},
{
"source": "security@debian.org",
"url": "https://lkml.org/lkml/2015/12/25/71"
}
],
"sourceIdentifier": "security@debian.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-264"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
}
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…