Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2017-18249 (GCVE-0-2017-18249)
Vulnerability from cvelistv5
Published
2018-03-26 20:00
Modified
2024-08-05 21:13
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The add_free_nid function in fs/f2fs/node.c in the Linux kernel before 4.12 does not properly track an allocated nid, which allows local users to cause a denial of service (race condition) or possibly have unspecified other impact via concurrent threads.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T21:13:49.225Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1041432",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1041432"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/torvalds/linux/commit/30a61ddf8117c26ac5b295e1233eaa9629a94ca3"
},
{
"name": "[debian-lts-announce] 20190315 [SECURITY] [DLA 1715-1] linux-4.9 security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2019/03/msg00017.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=30a61ddf8117c26ac5b295e1233eaa9629a94ca3"
},
{
"name": "USN-3932-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/3932-1/"
},
{
"name": "USN-3932-2",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/3932-2/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2018-03-26T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The add_free_nid function in fs/f2fs/node.c in the Linux kernel before 4.12 does not properly track an allocated nid, which allows local users to cause a denial of service (race condition) or possibly have unspecified other impact via concurrent threads."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-04-03T00:06:06",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "1041432",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1041432"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/torvalds/linux/commit/30a61ddf8117c26ac5b295e1233eaa9629a94ca3"
},
{
"name": "[debian-lts-announce] 20190315 [SECURITY] [DLA 1715-1] linux-4.9 security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2019/03/msg00017.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=30a61ddf8117c26ac5b295e1233eaa9629a94ca3"
},
{
"name": "USN-3932-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/3932-1/"
},
{
"name": "USN-3932-2",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/3932-2/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2017-18249",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The add_free_nid function in fs/f2fs/node.c in the Linux kernel before 4.12 does not properly track an allocated nid, which allows local users to cause a denial of service (race condition) or possibly have unspecified other impact via concurrent threads."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1041432",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1041432"
},
{
"name": "https://github.com/torvalds/linux/commit/30a61ddf8117c26ac5b295e1233eaa9629a94ca3",
"refsource": "MISC",
"url": "https://github.com/torvalds/linux/commit/30a61ddf8117c26ac5b295e1233eaa9629a94ca3"
},
{
"name": "[debian-lts-announce] 20190315 [SECURITY] [DLA 1715-1] linux-4.9 security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2019/03/msg00017.html"
},
{
"name": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=30a61ddf8117c26ac5b295e1233eaa9629a94ca3",
"refsource": "MISC",
"url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=30a61ddf8117c26ac5b295e1233eaa9629a94ca3"
},
{
"name": "USN-3932-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/3932-1/"
},
{
"name": "USN-3932-2",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/3932-2/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2017-18249",
"datePublished": "2018-03-26T20:00:00",
"dateReserved": "2018-03-26T00:00:00",
"dateUpdated": "2024-08-05T21:13:49.225Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"nvd": "{\"cve\":{\"id\":\"CVE-2017-18249\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2018-03-26T20:29:00.227\",\"lastModified\":\"2024-11-21T03:19:40.847\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"The add_free_nid function in fs/f2fs/node.c in the Linux kernel before 4.12 does not properly track an allocated nid, which allows local users to cause a denial of service (race condition) or possibly have unspecified other impact via concurrent threads.\"},{\"lang\":\"es\",\"value\":\"La funci\u00f3n add_free_nid en fs/f2fs/noce.c en el kernel de Linux, en versiones anteriores a la 4.12, no rastrea correctamente un nid asignado, lo cual podr\u00eda permitir a los usuarios locales provocar una denegaci\u00f3n de servicio (condici\u00f3n de carrera) o, posiblemente, causar otro impacto sin especificar mediante hilos concurrentes.\"}],\"metrics\":{\"cvssMetricV30\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.0\",\"vectorString\":\"CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":7.0,\"baseSeverity\":\"HIGH\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"HIGH\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.0,\"impactScore\":5.9}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:L/AC:M/Au:N/C:P/I:P/A:P\",\"baseScore\":4.4,\"accessVector\":\"LOCAL\",\"accessComplexity\":\"MEDIUM\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":3.4,\"impactScore\":6.4,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-362\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"4.12\",\"matchCriteriaId\":\"D9BBDA7A-EA95-41C5-8F4C-CA458BCB7E1F\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43\"}]}]}],\"references\":[{\"url\":\"http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=30a61ddf8117c26ac5b295e1233eaa9629a94ca3\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"http://www.securitytracker.com/id/1041432\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://github.com/torvalds/linux/commit/30a61ddf8117c26ac5b295e1233eaa9629a94ca3\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2019/03/msg00017.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://usn.ubuntu.com/3932-1/\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://usn.ubuntu.com/3932-2/\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=30a61ddf8117c26ac5b295e1233eaa9629a94ca3\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"http://www.securitytracker.com/id/1041432\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://github.com/torvalds/linux/commit/30a61ddf8117c26ac5b295e1233eaa9629a94ca3\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2019/03/msg00017.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://usn.ubuntu.com/3932-1/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://usn.ubuntu.com/3932-2/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}"
}
}
suse-su-2018:1855-1
Vulnerability from csaf_suse
Published
2018-06-29 14:41
Modified
2018-06-29 14:41
Summary
Security update for the Linux Kernel
Notes
Title of the patch
Security update for the Linux Kernel
Description of the patch
The SUSE Linux Enterprise 12 SP2 LTSS kernel was updated receive various security and bugfixes.
The following security bugs were fixed:
- CVE-2018-5848: In the function wmi_set_ie(), the length validation code did
not handle unsigned integer overflow properly. As a result, a large value of
the 'ie_len' argument could have caused a buffer overflow (bnc#1097356)
- CVE-2018-1000204: Prevent infoleak caused by incorrect handling of the SG_IO
ioctl (bsc#1096728).
- CVE-2017-18249: The add_free_nid function did not properly track an allocated
nid, which allowed local users to cause a denial of service (race condition) or
possibly have unspecified other impact via concurrent threads (bnc#1087036)
- CVE-2018-3665: Prevent disclosure of FPU registers (including XMM and AVX
registers) between processes. These registers might contain encryption keys
when doing SSE accelerated AES enc/decryption (bsc#1087086)
- CVE-2017-18241: Prevent a NULL pointer dereference by using a noflush_merge
option that triggers a NULL value for a flush_cmd_control data structure
(bnc#1086400)
- CVE-2017-13305: Prevent information disclosure vulnerability in
encrypted-keys (bsc#1094353).
- CVE-2018-1093: The ext4_valid_block_bitmap function allowed attackers to
cause a denial of service (out-of-bounds read and system crash) via a crafted
ext4 image because balloc.c and ialloc.c did not validate bitmap block numbers
(bsc#1087095).
- CVE-2018-1094: The ext4_fill_super function did not always initialize the
crc32c checksum driver, which allowed attackers to cause a denial of service
(ext4_xattr_inode_hash NULL pointer dereference and system crash) via a crafted
ext4 image (bsc#1087007).
- CVE-2018-1092: The ext4_iget function mishandled the case of a root directory
with a zero i_links_count, which allowed attackers to cause a denial of service
(ext4_process_freed_data NULL pointer dereference and OOPS) via a crafted ext4
image (bsc#1087012).
- CVE-2018-1130: NULL pointer dereference in dccp_write_xmit() function that
allowed a local user to cause a denial of service by a number of certain
crafted system calls (bsc#1092904).
- CVE-2018-1065: The netfilter subsystem mishandled the case of a rule blob
that contains a jump but lacks a user-defined chain, which allowed local users
to cause a denial of service (NULL pointer dereference) by leveraging the
CAP_NET_RAW or CAP_NET_ADMIN capability (bsc#1083650).
- CVE-2018-5803: Prevent error in the '_sctp_make_chunk()' function when
handling SCTP packets length that could have been exploited to cause a kernel
crash (bnc#1083900).
- CVE-2018-7492: Prevent NULL pointer dereference in the net/rds/rdma.c
__rds_rdma_map() function that allowed local attackers to cause a system panic
and a denial-of-service, related to RDS_GET_MR and RDS_GET_MR_FOR_DEST
(bsc#1082962).
- CVE-2018-1000199: Prevent vulnerability in modify_user_hw_breakpoint() that
could have caused a crash and possibly memory corruption (bsc#1089895).
The following non-security bugs were fixed:
- ALSA: timer: Fix pause event notification (bsc#973378).
- Fix excessive newline in /proc/*/status (bsc#1094823).
- Fix the patch content (bsc#1085185)
- KVM: x86: Sync back MSR_IA32_SPEC_CTRL to VCPU data structure (bsc#1096242, bsc#1096281).
- Revert 'bs-upload-kernel: do not set %opensuse_bs' This reverts commit e89e2b8cbef05df6c874ba70af3cb4c57f82a821.
- ipv6: add mtu lock check in __ip6_rt_update_pmtu (bsc#1092552).
- ipv6: omit traffic class when calculating flow hash (bsc#1095042).
- kgraft/bnx2fc: Do not block kGraft in bnx2fc_l2_rcv kthread (bsc#1094033).
- mm, page_alloc: do not break __GFP_THISNODE by zonelist reset (bsc#1079152, VM Functionality).
- x86/boot: Fix early command-line parsing when partial word matches (bsc#1096140).
- x86/bugs: IBRS: make runtime disabling fully dynamic (bsc#1096281).
- x86/bugs: Respect retpoline command line option (bsc#1068032).
- x86/bugs: correctly force-disable IBRS on !SKL systems (bsc#1092497).
- x86/bugs: spec_ctrl must be cleared from cpu_caps_set when being disabled (bsc#1096140).
- x86/kaiser: export symbol kaiser_set_shadow_pgd() (bsc#1092813)
- xfs: convert XFS_AGFL_SIZE to a helper function (bsc#1090955, bsc#1090534).
- xfs: detect agfl count corruption and reset agfl (bsc#1090955, bsc#1090534).
- xfs: do not log/recover swapext extent owner changes for deleted inodes (bsc#1090955).
Patchnames
SUSE-OpenStack-Cloud-7-2018-1251,SUSE-OpenStack-Cloud-Magnum-Orchestration-7-2018-1251,SUSE-SLE-SAP-12-SP2-2018-1251,SUSE-SLE-SERVER-12-SP2-2018-1251,SUSE-Storage-4-2018-1251
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for the Linux Kernel",
"title": "Title of the patch"
},
{
"category": "description",
"text": "\nThe SUSE Linux Enterprise 12 SP2 LTSS kernel was updated receive various security and bugfixes.\n\nThe following security bugs were fixed:\n\n- CVE-2018-5848: In the function wmi_set_ie(), the length validation code did\n not handle unsigned integer overflow properly. As a result, a large value of\n the \u0027ie_len\u0027 argument could have caused a buffer overflow (bnc#1097356)\n- CVE-2018-1000204: Prevent infoleak caused by incorrect handling of the SG_IO\n ioctl (bsc#1096728).\n- CVE-2017-18249: The add_free_nid function did not properly track an allocated\n nid, which allowed local users to cause a denial of service (race condition) or\n possibly have unspecified other impact via concurrent threads (bnc#1087036)\n- CVE-2018-3665: Prevent disclosure of FPU registers (including XMM and AVX\n registers) between processes. These registers might contain encryption keys\n when doing SSE accelerated AES enc/decryption (bsc#1087086)\n- CVE-2017-18241: Prevent a NULL pointer dereference by using a noflush_merge\n option that triggers a NULL value for a flush_cmd_control data structure\n (bnc#1086400)\n- CVE-2017-13305: Prevent information disclosure vulnerability in\n encrypted-keys (bsc#1094353).\n- CVE-2018-1093: The ext4_valid_block_bitmap function allowed attackers to\n cause a denial of service (out-of-bounds read and system crash) via a crafted\n ext4 image because balloc.c and ialloc.c did not validate bitmap block numbers\n (bsc#1087095).\n- CVE-2018-1094: The ext4_fill_super function did not always initialize the\n crc32c checksum driver, which allowed attackers to cause a denial of service\n (ext4_xattr_inode_hash NULL pointer dereference and system crash) via a crafted\n ext4 image (bsc#1087007).\n- CVE-2018-1092: The ext4_iget function mishandled the case of a root directory\n with a zero i_links_count, which allowed attackers to cause a denial of service\n (ext4_process_freed_data NULL pointer dereference and OOPS) via a crafted ext4\n image (bsc#1087012).\n- CVE-2018-1130: NULL pointer dereference in dccp_write_xmit() function that\n allowed a local user to cause a denial of service by a number of certain\n crafted system calls (bsc#1092904).\n- CVE-2018-1065: The netfilter subsystem mishandled the case of a rule blob\n that contains a jump but lacks a user-defined chain, which allowed local users\n to cause a denial of service (NULL pointer dereference) by leveraging the\n CAP_NET_RAW or CAP_NET_ADMIN capability (bsc#1083650).\n- CVE-2018-5803: Prevent error in the \u0027_sctp_make_chunk()\u0027 function when\n handling SCTP packets length that could have been exploited to cause a kernel\n crash (bnc#1083900).\n- CVE-2018-7492: Prevent NULL pointer dereference in the net/rds/rdma.c\n __rds_rdma_map() function that allowed local attackers to cause a system panic\n and a denial-of-service, related to RDS_GET_MR and RDS_GET_MR_FOR_DEST\n (bsc#1082962).\n- CVE-2018-1000199: Prevent vulnerability in modify_user_hw_breakpoint() that\n could have caused a crash and possibly memory corruption (bsc#1089895).\n\nThe following non-security bugs were fixed:\n\n- ALSA: timer: Fix pause event notification (bsc#973378).\n- Fix excessive newline in /proc/*/status (bsc#1094823).\n- Fix the patch content (bsc#1085185)\n- KVM: x86: Sync back MSR_IA32_SPEC_CTRL to VCPU data structure (bsc#1096242, bsc#1096281).\n- Revert \u0027bs-upload-kernel: do not set %opensuse_bs\u0027 This reverts commit e89e2b8cbef05df6c874ba70af3cb4c57f82a821.\n- ipv6: add mtu lock check in __ip6_rt_update_pmtu (bsc#1092552).\n- ipv6: omit traffic class when calculating flow hash (bsc#1095042).\n- kgraft/bnx2fc: Do not block kGraft in bnx2fc_l2_rcv kthread (bsc#1094033).\n- mm, page_alloc: do not break __GFP_THISNODE by zonelist reset (bsc#1079152, VM Functionality).\n- x86/boot: Fix early command-line parsing when partial word matches (bsc#1096140).\n- x86/bugs: IBRS: make runtime disabling fully dynamic (bsc#1096281).\n- x86/bugs: Respect retpoline command line option (bsc#1068032).\n- x86/bugs: correctly force-disable IBRS on !SKL systems (bsc#1092497).\n- x86/bugs: spec_ctrl must be cleared from cpu_caps_set when being disabled (bsc#1096140).\n- x86/kaiser: export symbol kaiser_set_shadow_pgd() (bsc#1092813)\n- xfs: convert XFS_AGFL_SIZE to a helper function (bsc#1090955, bsc#1090534).\n- xfs: detect agfl count corruption and reset agfl (bsc#1090955, bsc#1090534).\n- xfs: do not log/recover swapext extent owner changes for deleted inodes (bsc#1090955).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-OpenStack-Cloud-7-2018-1251,SUSE-OpenStack-Cloud-Magnum-Orchestration-7-2018-1251,SUSE-SLE-SAP-12-SP2-2018-1251,SUSE-SLE-SERVER-12-SP2-2018-1251,SUSE-Storage-4-2018-1251",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2018_1855-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2018:1855-1",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20181855-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2018:1855-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2018-June/004236.html"
},
{
"category": "self",
"summary": "SUSE Bug 1068032",
"url": "https://bugzilla.suse.com/1068032"
},
{
"category": "self",
"summary": "SUSE Bug 1079152",
"url": "https://bugzilla.suse.com/1079152"
},
{
"category": "self",
"summary": "SUSE Bug 1082962",
"url": "https://bugzilla.suse.com/1082962"
},
{
"category": "self",
"summary": "SUSE Bug 1083650",
"url": "https://bugzilla.suse.com/1083650"
},
{
"category": "self",
"summary": "SUSE Bug 1083900",
"url": "https://bugzilla.suse.com/1083900"
},
{
"category": "self",
"summary": "SUSE Bug 1085185",
"url": "https://bugzilla.suse.com/1085185"
},
{
"category": "self",
"summary": "SUSE Bug 1086400",
"url": "https://bugzilla.suse.com/1086400"
},
{
"category": "self",
"summary": "SUSE Bug 1087007",
"url": "https://bugzilla.suse.com/1087007"
},
{
"category": "self",
"summary": "SUSE Bug 1087012",
"url": "https://bugzilla.suse.com/1087012"
},
{
"category": "self",
"summary": "SUSE Bug 1087036",
"url": "https://bugzilla.suse.com/1087036"
},
{
"category": "self",
"summary": "SUSE Bug 1087086",
"url": "https://bugzilla.suse.com/1087086"
},
{
"category": "self",
"summary": "SUSE Bug 1087095",
"url": "https://bugzilla.suse.com/1087095"
},
{
"category": "self",
"summary": "SUSE Bug 1089895",
"url": "https://bugzilla.suse.com/1089895"
},
{
"category": "self",
"summary": "SUSE Bug 1090534",
"url": "https://bugzilla.suse.com/1090534"
},
{
"category": "self",
"summary": "SUSE Bug 1090955",
"url": "https://bugzilla.suse.com/1090955"
},
{
"category": "self",
"summary": "SUSE Bug 1092497",
"url": "https://bugzilla.suse.com/1092497"
},
{
"category": "self",
"summary": "SUSE Bug 1092552",
"url": "https://bugzilla.suse.com/1092552"
},
{
"category": "self",
"summary": "SUSE Bug 1092813",
"url": "https://bugzilla.suse.com/1092813"
},
{
"category": "self",
"summary": "SUSE Bug 1092904",
"url": "https://bugzilla.suse.com/1092904"
},
{
"category": "self",
"summary": "SUSE Bug 1094033",
"url": "https://bugzilla.suse.com/1094033"
},
{
"category": "self",
"summary": "SUSE Bug 1094353",
"url": "https://bugzilla.suse.com/1094353"
},
{
"category": "self",
"summary": "SUSE Bug 1094823",
"url": "https://bugzilla.suse.com/1094823"
},
{
"category": "self",
"summary": "SUSE Bug 1095042",
"url": "https://bugzilla.suse.com/1095042"
},
{
"category": "self",
"summary": "SUSE Bug 1096140",
"url": "https://bugzilla.suse.com/1096140"
},
{
"category": "self",
"summary": "SUSE Bug 1096242",
"url": "https://bugzilla.suse.com/1096242"
},
{
"category": "self",
"summary": "SUSE Bug 1096281",
"url": "https://bugzilla.suse.com/1096281"
},
{
"category": "self",
"summary": "SUSE Bug 1096728",
"url": "https://bugzilla.suse.com/1096728"
},
{
"category": "self",
"summary": "SUSE Bug 1097356",
"url": "https://bugzilla.suse.com/1097356"
},
{
"category": "self",
"summary": "SUSE Bug 973378",
"url": "https://bugzilla.suse.com/973378"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-13305 page",
"url": "https://www.suse.com/security/cve/CVE-2017-13305/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-18241 page",
"url": "https://www.suse.com/security/cve/CVE-2017-18241/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-18249 page",
"url": "https://www.suse.com/security/cve/CVE-2017-18249/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-1000199 page",
"url": "https://www.suse.com/security/cve/CVE-2018-1000199/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-1000204 page",
"url": "https://www.suse.com/security/cve/CVE-2018-1000204/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-1065 page",
"url": "https://www.suse.com/security/cve/CVE-2018-1065/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-1092 page",
"url": "https://www.suse.com/security/cve/CVE-2018-1092/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-1093 page",
"url": "https://www.suse.com/security/cve/CVE-2018-1093/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-1094 page",
"url": "https://www.suse.com/security/cve/CVE-2018-1094/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-1130 page",
"url": "https://www.suse.com/security/cve/CVE-2018-1130/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-3665 page",
"url": "https://www.suse.com/security/cve/CVE-2018-3665/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-5803 page",
"url": "https://www.suse.com/security/cve/CVE-2018-5803/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-5848 page",
"url": "https://www.suse.com/security/cve/CVE-2018-5848/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-7492 page",
"url": "https://www.suse.com/security/cve/CVE-2018-7492/"
}
],
"title": "Security update for the Linux Kernel",
"tracking": {
"current_release_date": "2018-06-29T14:41:33Z",
"generator": {
"date": "2018-06-29T14:41:33Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2018:1855-1",
"initial_release_date": "2018-06-29T14:41:33Z",
"revision_history": [
{
"date": "2018-06-29T14:41:33Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "kernel-devel-4.4.121-92.85.1.noarch",
"product": {
"name": "kernel-devel-4.4.121-92.85.1.noarch",
"product_id": "kernel-devel-4.4.121-92.85.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-macros-4.4.121-92.85.1.noarch",
"product": {
"name": "kernel-macros-4.4.121-92.85.1.noarch",
"product_id": "kernel-macros-4.4.121-92.85.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-source-4.4.121-92.85.1.noarch",
"product": {
"name": "kernel-source-4.4.121-92.85.1.noarch",
"product_id": "kernel-source-4.4.121-92.85.1.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-default-4.4.121-92.85.1.ppc64le",
"product": {
"name": "kernel-default-4.4.121-92.85.1.ppc64le",
"product_id": "kernel-default-4.4.121-92.85.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-default-base-4.4.121-92.85.1.ppc64le",
"product": {
"name": "kernel-default-base-4.4.121-92.85.1.ppc64le",
"product_id": "kernel-default-base-4.4.121-92.85.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-default-devel-4.4.121-92.85.1.ppc64le",
"product": {
"name": "kernel-default-devel-4.4.121-92.85.1.ppc64le",
"product_id": "kernel-default-devel-4.4.121-92.85.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-syms-4.4.121-92.85.1.ppc64le",
"product": {
"name": "kernel-syms-4.4.121-92.85.1.ppc64le",
"product_id": "kernel-syms-4.4.121-92.85.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-default-4.4.121-92.85.1.s390x",
"product": {
"name": "kernel-default-4.4.121-92.85.1.s390x",
"product_id": "kernel-default-4.4.121-92.85.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-default-base-4.4.121-92.85.1.s390x",
"product": {
"name": "kernel-default-base-4.4.121-92.85.1.s390x",
"product_id": "kernel-default-base-4.4.121-92.85.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-default-devel-4.4.121-92.85.1.s390x",
"product": {
"name": "kernel-default-devel-4.4.121-92.85.1.s390x",
"product_id": "kernel-default-devel-4.4.121-92.85.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-default-man-4.4.121-92.85.1.s390x",
"product": {
"name": "kernel-default-man-4.4.121-92.85.1.s390x",
"product_id": "kernel-default-man-4.4.121-92.85.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-syms-4.4.121-92.85.1.s390x",
"product": {
"name": "kernel-syms-4.4.121-92.85.1.s390x",
"product_id": "kernel-syms-4.4.121-92.85.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-default-4.4.121-92.85.1.x86_64",
"product": {
"name": "kernel-default-4.4.121-92.85.1.x86_64",
"product_id": "kernel-default-4.4.121-92.85.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-base-4.4.121-92.85.1.x86_64",
"product": {
"name": "kernel-default-base-4.4.121-92.85.1.x86_64",
"product_id": "kernel-default-base-4.4.121-92.85.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-devel-4.4.121-92.85.1.x86_64",
"product": {
"name": "kernel-default-devel-4.4.121-92.85.1.x86_64",
"product_id": "kernel-default-devel-4.4.121-92.85.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-syms-4.4.121-92.85.1.x86_64",
"product": {
"name": "kernel-syms-4.4.121-92.85.1.x86_64",
"product_id": "kernel-syms-4.4.121-92.85.1.x86_64"
}
},
{
"category": "product_version",
"name": "kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64",
"product": {
"name": "kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64",
"product_id": "kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE OpenStack Cloud 7",
"product": {
"name": "SUSE OpenStack Cloud 7",
"product_id": "SUSE OpenStack Cloud 7",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse-openstack-cloud:7"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP Applications 12 SP2",
"product": {
"name": "SUSE Linux Enterprise Server for SAP Applications 12 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP2",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles_sap:12:sp2"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 12 SP2-LTSS",
"product": {
"name": "SUSE Linux Enterprise Server 12 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP2-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles-ltss:12:sp2"
}
}
},
{
"category": "product_name",
"name": "SUSE Enterprise Storage 4",
"product": {
"name": "SUSE Enterprise Storage 4",
"product_id": "SUSE Enterprise Storage 4",
"product_identification_helper": {
"cpe": "cpe:/o:suse:ses:4"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-4.4.121-92.85.1.s390x as component of SUSE OpenStack Cloud 7",
"product_id": "SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.85.1.s390x"
},
"product_reference": "kernel-default-4.4.121-92.85.1.s390x",
"relates_to_product_reference": "SUSE OpenStack Cloud 7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-4.4.121-92.85.1.x86_64 as component of SUSE OpenStack Cloud 7",
"product_id": "SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.85.1.x86_64"
},
"product_reference": "kernel-default-4.4.121-92.85.1.x86_64",
"relates_to_product_reference": "SUSE OpenStack Cloud 7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-base-4.4.121-92.85.1.s390x as component of SUSE OpenStack Cloud 7",
"product_id": "SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.85.1.s390x"
},
"product_reference": "kernel-default-base-4.4.121-92.85.1.s390x",
"relates_to_product_reference": "SUSE OpenStack Cloud 7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-base-4.4.121-92.85.1.x86_64 as component of SUSE OpenStack Cloud 7",
"product_id": "SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.85.1.x86_64"
},
"product_reference": "kernel-default-base-4.4.121-92.85.1.x86_64",
"relates_to_product_reference": "SUSE OpenStack Cloud 7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-4.4.121-92.85.1.s390x as component of SUSE OpenStack Cloud 7",
"product_id": "SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.85.1.s390x"
},
"product_reference": "kernel-default-devel-4.4.121-92.85.1.s390x",
"relates_to_product_reference": "SUSE OpenStack Cloud 7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-4.4.121-92.85.1.x86_64 as component of SUSE OpenStack Cloud 7",
"product_id": "SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.85.1.x86_64"
},
"product_reference": "kernel-default-devel-4.4.121-92.85.1.x86_64",
"relates_to_product_reference": "SUSE OpenStack Cloud 7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-man-4.4.121-92.85.1.s390x as component of SUSE OpenStack Cloud 7",
"product_id": "SUSE OpenStack Cloud 7:kernel-default-man-4.4.121-92.85.1.s390x"
},
"product_reference": "kernel-default-man-4.4.121-92.85.1.s390x",
"relates_to_product_reference": "SUSE OpenStack Cloud 7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-devel-4.4.121-92.85.1.noarch as component of SUSE OpenStack Cloud 7",
"product_id": "SUSE OpenStack Cloud 7:kernel-devel-4.4.121-92.85.1.noarch"
},
"product_reference": "kernel-devel-4.4.121-92.85.1.noarch",
"relates_to_product_reference": "SUSE OpenStack Cloud 7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-macros-4.4.121-92.85.1.noarch as component of SUSE OpenStack Cloud 7",
"product_id": "SUSE OpenStack Cloud 7:kernel-macros-4.4.121-92.85.1.noarch"
},
"product_reference": "kernel-macros-4.4.121-92.85.1.noarch",
"relates_to_product_reference": "SUSE OpenStack Cloud 7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-source-4.4.121-92.85.1.noarch as component of SUSE OpenStack Cloud 7",
"product_id": "SUSE OpenStack Cloud 7:kernel-source-4.4.121-92.85.1.noarch"
},
"product_reference": "kernel-source-4.4.121-92.85.1.noarch",
"relates_to_product_reference": "SUSE OpenStack Cloud 7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-4.4.121-92.85.1.s390x as component of SUSE OpenStack Cloud 7",
"product_id": "SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.85.1.s390x"
},
"product_reference": "kernel-syms-4.4.121-92.85.1.s390x",
"relates_to_product_reference": "SUSE OpenStack Cloud 7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-4.4.121-92.85.1.x86_64 as component of SUSE OpenStack Cloud 7",
"product_id": "SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.85.1.x86_64"
},
"product_reference": "kernel-syms-4.4.121-92.85.1.x86_64",
"relates_to_product_reference": "SUSE OpenStack Cloud 7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64 as component of SUSE OpenStack Cloud 7",
"product_id": "SUSE OpenStack Cloud 7:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64"
},
"product_reference": "kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64",
"relates_to_product_reference": "SUSE OpenStack Cloud 7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-4.4.121-92.85.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.85.1.ppc64le"
},
"product_reference": "kernel-default-4.4.121-92.85.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-4.4.121-92.85.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.85.1.x86_64"
},
"product_reference": "kernel-default-4.4.121-92.85.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-base-4.4.121-92.85.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.85.1.ppc64le"
},
"product_reference": "kernel-default-base-4.4.121-92.85.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-base-4.4.121-92.85.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.85.1.x86_64"
},
"product_reference": "kernel-default-base-4.4.121-92.85.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-4.4.121-92.85.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.85.1.ppc64le"
},
"product_reference": "kernel-default-devel-4.4.121-92.85.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-4.4.121-92.85.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.85.1.x86_64"
},
"product_reference": "kernel-default-devel-4.4.121-92.85.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-devel-4.4.121-92.85.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 12 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-devel-4.4.121-92.85.1.noarch"
},
"product_reference": "kernel-devel-4.4.121-92.85.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-macros-4.4.121-92.85.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 12 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-macros-4.4.121-92.85.1.noarch"
},
"product_reference": "kernel-macros-4.4.121-92.85.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-source-4.4.121-92.85.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 12 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-source-4.4.121-92.85.1.noarch"
},
"product_reference": "kernel-source-4.4.121-92.85.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-4.4.121-92.85.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.85.1.ppc64le"
},
"product_reference": "kernel-syms-4.4.121-92.85.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-4.4.121-92.85.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.85.1.x86_64"
},
"product_reference": "kernel-syms-4.4.121-92.85.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64"
},
"product_reference": "kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-4.4.121-92.85.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.85.1.ppc64le"
},
"product_reference": "kernel-default-4.4.121-92.85.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-4.4.121-92.85.1.s390x as component of SUSE Linux Enterprise Server 12 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.85.1.s390x"
},
"product_reference": "kernel-default-4.4.121-92.85.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-4.4.121-92.85.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.85.1.x86_64"
},
"product_reference": "kernel-default-4.4.121-92.85.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-base-4.4.121-92.85.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.85.1.ppc64le"
},
"product_reference": "kernel-default-base-4.4.121-92.85.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-base-4.4.121-92.85.1.s390x as component of SUSE Linux Enterprise Server 12 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.85.1.s390x"
},
"product_reference": "kernel-default-base-4.4.121-92.85.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-base-4.4.121-92.85.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.85.1.x86_64"
},
"product_reference": "kernel-default-base-4.4.121-92.85.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-4.4.121-92.85.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.85.1.ppc64le"
},
"product_reference": "kernel-default-devel-4.4.121-92.85.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-4.4.121-92.85.1.s390x as component of SUSE Linux Enterprise Server 12 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.85.1.s390x"
},
"product_reference": "kernel-default-devel-4.4.121-92.85.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-4.4.121-92.85.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.85.1.x86_64"
},
"product_reference": "kernel-default-devel-4.4.121-92.85.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-man-4.4.121-92.85.1.s390x as component of SUSE Linux Enterprise Server 12 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-man-4.4.121-92.85.1.s390x"
},
"product_reference": "kernel-default-man-4.4.121-92.85.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-devel-4.4.121-92.85.1.noarch as component of SUSE Linux Enterprise Server 12 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-devel-4.4.121-92.85.1.noarch"
},
"product_reference": "kernel-devel-4.4.121-92.85.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-macros-4.4.121-92.85.1.noarch as component of SUSE Linux Enterprise Server 12 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-macros-4.4.121-92.85.1.noarch"
},
"product_reference": "kernel-macros-4.4.121-92.85.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-source-4.4.121-92.85.1.noarch as component of SUSE Linux Enterprise Server 12 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-source-4.4.121-92.85.1.noarch"
},
"product_reference": "kernel-source-4.4.121-92.85.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-4.4.121-92.85.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.85.1.ppc64le"
},
"product_reference": "kernel-syms-4.4.121-92.85.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-4.4.121-92.85.1.s390x as component of SUSE Linux Enterprise Server 12 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.85.1.s390x"
},
"product_reference": "kernel-syms-4.4.121-92.85.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-4.4.121-92.85.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.85.1.x86_64"
},
"product_reference": "kernel-syms-4.4.121-92.85.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64"
},
"product_reference": "kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-4.4.121-92.85.1.x86_64 as component of SUSE Enterprise Storage 4",
"product_id": "SUSE Enterprise Storage 4:kernel-default-4.4.121-92.85.1.x86_64"
},
"product_reference": "kernel-default-4.4.121-92.85.1.x86_64",
"relates_to_product_reference": "SUSE Enterprise Storage 4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-base-4.4.121-92.85.1.x86_64 as component of SUSE Enterprise Storage 4",
"product_id": "SUSE Enterprise Storage 4:kernel-default-base-4.4.121-92.85.1.x86_64"
},
"product_reference": "kernel-default-base-4.4.121-92.85.1.x86_64",
"relates_to_product_reference": "SUSE Enterprise Storage 4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-4.4.121-92.85.1.x86_64 as component of SUSE Enterprise Storage 4",
"product_id": "SUSE Enterprise Storage 4:kernel-default-devel-4.4.121-92.85.1.x86_64"
},
"product_reference": "kernel-default-devel-4.4.121-92.85.1.x86_64",
"relates_to_product_reference": "SUSE Enterprise Storage 4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-devel-4.4.121-92.85.1.noarch as component of SUSE Enterprise Storage 4",
"product_id": "SUSE Enterprise Storage 4:kernel-devel-4.4.121-92.85.1.noarch"
},
"product_reference": "kernel-devel-4.4.121-92.85.1.noarch",
"relates_to_product_reference": "SUSE Enterprise Storage 4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-macros-4.4.121-92.85.1.noarch as component of SUSE Enterprise Storage 4",
"product_id": "SUSE Enterprise Storage 4:kernel-macros-4.4.121-92.85.1.noarch"
},
"product_reference": "kernel-macros-4.4.121-92.85.1.noarch",
"relates_to_product_reference": "SUSE Enterprise Storage 4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-source-4.4.121-92.85.1.noarch as component of SUSE Enterprise Storage 4",
"product_id": "SUSE Enterprise Storage 4:kernel-source-4.4.121-92.85.1.noarch"
},
"product_reference": "kernel-source-4.4.121-92.85.1.noarch",
"relates_to_product_reference": "SUSE Enterprise Storage 4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-4.4.121-92.85.1.x86_64 as component of SUSE Enterprise Storage 4",
"product_id": "SUSE Enterprise Storage 4:kernel-syms-4.4.121-92.85.1.x86_64"
},
"product_reference": "kernel-syms-4.4.121-92.85.1.x86_64",
"relates_to_product_reference": "SUSE Enterprise Storage 4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64 as component of SUSE Enterprise Storage 4",
"product_id": "SUSE Enterprise Storage 4:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64"
},
"product_reference": "kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64",
"relates_to_product_reference": "SUSE Enterprise Storage 4"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2017-13305",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-13305"
}
],
"notes": [
{
"category": "general",
"text": "A information disclosure vulnerability in the Upstream kernel encrypted-keys. Product: Android. Versions: Android kernel. Android ID: A-70526974.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Enterprise Storage 4:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE Enterprise Storage 4:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE Enterprise Storage 4:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE Enterprise Storage 4:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE Enterprise Storage 4:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE Enterprise Storage 4:kernel-source-4.4.121-92.85.1.noarch",
"SUSE Enterprise Storage 4:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE Enterprise Storage 4:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-man-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-source-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-source-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-man-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE OpenStack Cloud 7:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE OpenStack Cloud 7:kernel-source-4.4.121-92.85.1.noarch",
"SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE OpenStack Cloud 7:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-13305",
"url": "https://www.suse.com/security/cve/CVE-2017-13305"
},
{
"category": "external",
"summary": "SUSE Bug 1094353 for CVE-2017-13305",
"url": "https://bugzilla.suse.com/1094353"
},
{
"category": "external",
"summary": "SUSE Bug 1105412 for CVE-2017-13305",
"url": "https://bugzilla.suse.com/1105412"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Enterprise Storage 4:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE Enterprise Storage 4:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE Enterprise Storage 4:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE Enterprise Storage 4:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE Enterprise Storage 4:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE Enterprise Storage 4:kernel-source-4.4.121-92.85.1.noarch",
"SUSE Enterprise Storage 4:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE Enterprise Storage 4:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-man-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-source-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-source-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-man-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE OpenStack Cloud 7:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE OpenStack Cloud 7:kernel-source-4.4.121-92.85.1.noarch",
"SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE OpenStack Cloud 7:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.0"
},
"products": [
"SUSE Enterprise Storage 4:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE Enterprise Storage 4:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE Enterprise Storage 4:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE Enterprise Storage 4:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE Enterprise Storage 4:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE Enterprise Storage 4:kernel-source-4.4.121-92.85.1.noarch",
"SUSE Enterprise Storage 4:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE Enterprise Storage 4:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-man-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-source-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-source-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-man-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE OpenStack Cloud 7:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE OpenStack Cloud 7:kernel-source-4.4.121-92.85.1.noarch",
"SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE OpenStack Cloud 7:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-06-29T14:41:33Z",
"details": "low"
}
],
"title": "CVE-2017-13305"
},
{
"cve": "CVE-2017-18241",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-18241"
}
],
"notes": [
{
"category": "general",
"text": "fs/f2fs/segment.c in the Linux kernel before 4.13 allows local users to cause a denial of service (NULL pointer dereference and panic) by using a noflush_merge option that triggers a NULL value for a flush_cmd_control data structure.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Enterprise Storage 4:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE Enterprise Storage 4:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE Enterprise Storage 4:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE Enterprise Storage 4:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE Enterprise Storage 4:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE Enterprise Storage 4:kernel-source-4.4.121-92.85.1.noarch",
"SUSE Enterprise Storage 4:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE Enterprise Storage 4:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-man-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-source-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-source-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-man-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE OpenStack Cloud 7:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE OpenStack Cloud 7:kernel-source-4.4.121-92.85.1.noarch",
"SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE OpenStack Cloud 7:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-18241",
"url": "https://www.suse.com/security/cve/CVE-2017-18241"
},
{
"category": "external",
"summary": "SUSE Bug 1086400 for CVE-2017-18241",
"url": "https://bugzilla.suse.com/1086400"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Enterprise Storage 4:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE Enterprise Storage 4:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE Enterprise Storage 4:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE Enterprise Storage 4:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE Enterprise Storage 4:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE Enterprise Storage 4:kernel-source-4.4.121-92.85.1.noarch",
"SUSE Enterprise Storage 4:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE Enterprise Storage 4:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-man-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-source-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-source-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-man-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE OpenStack Cloud 7:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE OpenStack Cloud 7:kernel-source-4.4.121-92.85.1.noarch",
"SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE OpenStack Cloud 7:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Enterprise Storage 4:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE Enterprise Storage 4:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE Enterprise Storage 4:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE Enterprise Storage 4:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE Enterprise Storage 4:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE Enterprise Storage 4:kernel-source-4.4.121-92.85.1.noarch",
"SUSE Enterprise Storage 4:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE Enterprise Storage 4:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-man-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-source-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-source-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-man-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE OpenStack Cloud 7:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE OpenStack Cloud 7:kernel-source-4.4.121-92.85.1.noarch",
"SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE OpenStack Cloud 7:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-06-29T14:41:33Z",
"details": "moderate"
}
],
"title": "CVE-2017-18241"
},
{
"cve": "CVE-2017-18249",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-18249"
}
],
"notes": [
{
"category": "general",
"text": "The add_free_nid function in fs/f2fs/node.c in the Linux kernel before 4.12 does not properly track an allocated nid, which allows local users to cause a denial of service (race condition) or possibly have unspecified other impact via concurrent threads.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Enterprise Storage 4:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE Enterprise Storage 4:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE Enterprise Storage 4:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE Enterprise Storage 4:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE Enterprise Storage 4:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE Enterprise Storage 4:kernel-source-4.4.121-92.85.1.noarch",
"SUSE Enterprise Storage 4:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE Enterprise Storage 4:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-man-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-source-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-source-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-man-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE OpenStack Cloud 7:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE OpenStack Cloud 7:kernel-source-4.4.121-92.85.1.noarch",
"SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE OpenStack Cloud 7:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-18249",
"url": "https://www.suse.com/security/cve/CVE-2017-18249"
},
{
"category": "external",
"summary": "SUSE Bug 1087036 for CVE-2017-18249",
"url": "https://bugzilla.suse.com/1087036"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Enterprise Storage 4:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE Enterprise Storage 4:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE Enterprise Storage 4:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE Enterprise Storage 4:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE Enterprise Storage 4:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE Enterprise Storage 4:kernel-source-4.4.121-92.85.1.noarch",
"SUSE Enterprise Storage 4:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE Enterprise Storage 4:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-man-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-source-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-source-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-man-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE OpenStack Cloud 7:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE OpenStack Cloud 7:kernel-source-4.4.121-92.85.1.noarch",
"SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE OpenStack Cloud 7:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"SUSE Enterprise Storage 4:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE Enterprise Storage 4:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE Enterprise Storage 4:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE Enterprise Storage 4:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE Enterprise Storage 4:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE Enterprise Storage 4:kernel-source-4.4.121-92.85.1.noarch",
"SUSE Enterprise Storage 4:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE Enterprise Storage 4:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-man-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-source-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-source-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-man-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE OpenStack Cloud 7:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE OpenStack Cloud 7:kernel-source-4.4.121-92.85.1.noarch",
"SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE OpenStack Cloud 7:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-06-29T14:41:33Z",
"details": "moderate"
}
],
"title": "CVE-2017-18249"
},
{
"cve": "CVE-2018-1000199",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-1000199"
}
],
"notes": [
{
"category": "general",
"text": "The Linux Kernel version 3.18 contains a dangerous feature vulnerability in modify_user_hw_breakpoint() that can result in crash and possibly memory corruption. This attack appear to be exploitable via local code execution and the ability to use ptrace. This vulnerability appears to have been fixed in git commit f67b15037a7a50c57f72e69a6d59941ad90a0f0f.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Enterprise Storage 4:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE Enterprise Storage 4:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE Enterprise Storage 4:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE Enterprise Storage 4:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE Enterprise Storage 4:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE Enterprise Storage 4:kernel-source-4.4.121-92.85.1.noarch",
"SUSE Enterprise Storage 4:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE Enterprise Storage 4:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-man-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-source-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-source-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-man-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE OpenStack Cloud 7:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE OpenStack Cloud 7:kernel-source-4.4.121-92.85.1.noarch",
"SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE OpenStack Cloud 7:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-1000199",
"url": "https://www.suse.com/security/cve/CVE-2018-1000199"
},
{
"category": "external",
"summary": "SUSE Bug 1089895 for CVE-2018-1000199",
"url": "https://bugzilla.suse.com/1089895"
},
{
"category": "external",
"summary": "SUSE Bug 1090036 for CVE-2018-1000199",
"url": "https://bugzilla.suse.com/1090036"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Enterprise Storage 4:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE Enterprise Storage 4:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE Enterprise Storage 4:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE Enterprise Storage 4:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE Enterprise Storage 4:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE Enterprise Storage 4:kernel-source-4.4.121-92.85.1.noarch",
"SUSE Enterprise Storage 4:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE Enterprise Storage 4:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-man-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-source-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-source-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-man-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE OpenStack Cloud 7:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE OpenStack Cloud 7:kernel-source-4.4.121-92.85.1.noarch",
"SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE OpenStack Cloud 7:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Enterprise Storage 4:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE Enterprise Storage 4:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE Enterprise Storage 4:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE Enterprise Storage 4:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE Enterprise Storage 4:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE Enterprise Storage 4:kernel-source-4.4.121-92.85.1.noarch",
"SUSE Enterprise Storage 4:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE Enterprise Storage 4:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-man-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-source-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-source-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-man-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE OpenStack Cloud 7:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE OpenStack Cloud 7:kernel-source-4.4.121-92.85.1.noarch",
"SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE OpenStack Cloud 7:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-06-29T14:41:33Z",
"details": "important"
}
],
"title": "CVE-2018-1000199"
},
{
"cve": "CVE-2018-1000204",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-1000204"
}
],
"notes": [
{
"category": "general",
"text": "Linux Kernel version 3.18 to 4.16 incorrectly handles an SG_IO ioctl on /dev/sg0 with dxfer_direction=SG_DXFER_FROM_DEV and an empty 6-byte cmdp. This may lead to copying up to 1000 kernel heap pages to the userspace. This has been fixed upstream in https://github.com/torvalds/linux/commit/a45b599ad808c3c982fdcdc12b0b8611c2f92824 already. The problem has limited scope, as users don\u0027t usually have permissions to access SCSI devices. On the other hand, e.g. the Nero user manual suggests doing `chmod o+r+w /dev/sg*` to make the devices accessible. NOTE: third parties dispute the relevance of this report, noting that the requirement for an attacker to have both the CAP_SYS_ADMIN and CAP_SYS_RAWIO capabilities makes it \"virtually impossible to exploit.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Enterprise Storage 4:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE Enterprise Storage 4:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE Enterprise Storage 4:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE Enterprise Storage 4:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE Enterprise Storage 4:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE Enterprise Storage 4:kernel-source-4.4.121-92.85.1.noarch",
"SUSE Enterprise Storage 4:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE Enterprise Storage 4:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-man-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-source-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-source-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-man-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE OpenStack Cloud 7:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE OpenStack Cloud 7:kernel-source-4.4.121-92.85.1.noarch",
"SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE OpenStack Cloud 7:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-1000204",
"url": "https://www.suse.com/security/cve/CVE-2018-1000204"
},
{
"category": "external",
"summary": "SUSE Bug 1096728 for CVE-2018-1000204",
"url": "https://bugzilla.suse.com/1096728"
},
{
"category": "external",
"summary": "SUSE Bug 1105412 for CVE-2018-1000204",
"url": "https://bugzilla.suse.com/1105412"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Enterprise Storage 4:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE Enterprise Storage 4:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE Enterprise Storage 4:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE Enterprise Storage 4:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE Enterprise Storage 4:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE Enterprise Storage 4:kernel-source-4.4.121-92.85.1.noarch",
"SUSE Enterprise Storage 4:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE Enterprise Storage 4:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-man-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-source-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-source-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-man-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE OpenStack Cloud 7:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE OpenStack Cloud 7:kernel-source-4.4.121-92.85.1.noarch",
"SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE OpenStack Cloud 7:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.2,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"products": [
"SUSE Enterprise Storage 4:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE Enterprise Storage 4:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE Enterprise Storage 4:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE Enterprise Storage 4:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE Enterprise Storage 4:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE Enterprise Storage 4:kernel-source-4.4.121-92.85.1.noarch",
"SUSE Enterprise Storage 4:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE Enterprise Storage 4:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-man-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-source-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-source-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-man-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE OpenStack Cloud 7:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE OpenStack Cloud 7:kernel-source-4.4.121-92.85.1.noarch",
"SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE OpenStack Cloud 7:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-06-29T14:41:33Z",
"details": "moderate"
}
],
"title": "CVE-2018-1000204"
},
{
"cve": "CVE-2018-1065",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-1065"
}
],
"notes": [
{
"category": "general",
"text": "The netfilter subsystem in the Linux kernel through 4.15.7 mishandles the case of a rule blob that contains a jump but lacks a user-defined chain, which allows local users to cause a denial of service (NULL pointer dereference) by leveraging the CAP_NET_RAW or CAP_NET_ADMIN capability, related to arpt_do_table in net/ipv4/netfilter/arp_tables.c, ipt_do_table in net/ipv4/netfilter/ip_tables.c, and ip6t_do_table in net/ipv6/netfilter/ip6_tables.c.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Enterprise Storage 4:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE Enterprise Storage 4:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE Enterprise Storage 4:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE Enterprise Storage 4:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE Enterprise Storage 4:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE Enterprise Storage 4:kernel-source-4.4.121-92.85.1.noarch",
"SUSE Enterprise Storage 4:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE Enterprise Storage 4:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-man-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-source-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-source-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-man-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE OpenStack Cloud 7:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE OpenStack Cloud 7:kernel-source-4.4.121-92.85.1.noarch",
"SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE OpenStack Cloud 7:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-1065",
"url": "https://www.suse.com/security/cve/CVE-2018-1065"
},
{
"category": "external",
"summary": "SUSE Bug 1083650 for CVE-2018-1065",
"url": "https://bugzilla.suse.com/1083650"
},
{
"category": "external",
"summary": "SUSE Bug 1087082 for CVE-2018-1065",
"url": "https://bugzilla.suse.com/1087082"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Enterprise Storage 4:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE Enterprise Storage 4:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE Enterprise Storage 4:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE Enterprise Storage 4:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE Enterprise Storage 4:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE Enterprise Storage 4:kernel-source-4.4.121-92.85.1.noarch",
"SUSE Enterprise Storage 4:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE Enterprise Storage 4:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-man-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-source-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-source-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-man-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE OpenStack Cloud 7:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE OpenStack Cloud 7:kernel-source-4.4.121-92.85.1.noarch",
"SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE OpenStack Cloud 7:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Enterprise Storage 4:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE Enterprise Storage 4:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE Enterprise Storage 4:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE Enterprise Storage 4:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE Enterprise Storage 4:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE Enterprise Storage 4:kernel-source-4.4.121-92.85.1.noarch",
"SUSE Enterprise Storage 4:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE Enterprise Storage 4:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-man-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-source-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-source-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-man-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE OpenStack Cloud 7:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE OpenStack Cloud 7:kernel-source-4.4.121-92.85.1.noarch",
"SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE OpenStack Cloud 7:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-06-29T14:41:33Z",
"details": "moderate"
}
],
"title": "CVE-2018-1065"
},
{
"cve": "CVE-2018-1092",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-1092"
}
],
"notes": [
{
"category": "general",
"text": "The ext4_iget function in fs/ext4/inode.c in the Linux kernel through 4.15.15 mishandles the case of a root directory with a zero i_links_count, which allows attackers to cause a denial of service (ext4_process_freed_data NULL pointer dereference and OOPS) via a crafted ext4 image.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Enterprise Storage 4:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE Enterprise Storage 4:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE Enterprise Storage 4:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE Enterprise Storage 4:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE Enterprise Storage 4:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE Enterprise Storage 4:kernel-source-4.4.121-92.85.1.noarch",
"SUSE Enterprise Storage 4:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE Enterprise Storage 4:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-man-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-source-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-source-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-man-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE OpenStack Cloud 7:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE OpenStack Cloud 7:kernel-source-4.4.121-92.85.1.noarch",
"SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE OpenStack Cloud 7:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-1092",
"url": "https://www.suse.com/security/cve/CVE-2018-1092"
},
{
"category": "external",
"summary": "SUSE Bug 1087012 for CVE-2018-1092",
"url": "https://bugzilla.suse.com/1087012"
},
{
"category": "external",
"summary": "SUSE Bug 1087082 for CVE-2018-1092",
"url": "https://bugzilla.suse.com/1087082"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Enterprise Storage 4:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE Enterprise Storage 4:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE Enterprise Storage 4:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE Enterprise Storage 4:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE Enterprise Storage 4:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE Enterprise Storage 4:kernel-source-4.4.121-92.85.1.noarch",
"SUSE Enterprise Storage 4:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE Enterprise Storage 4:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-man-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-source-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-source-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-man-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE OpenStack Cloud 7:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE OpenStack Cloud 7:kernel-source-4.4.121-92.85.1.noarch",
"SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE OpenStack Cloud 7:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Enterprise Storage 4:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE Enterprise Storage 4:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE Enterprise Storage 4:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE Enterprise Storage 4:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE Enterprise Storage 4:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE Enterprise Storage 4:kernel-source-4.4.121-92.85.1.noarch",
"SUSE Enterprise Storage 4:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE Enterprise Storage 4:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-man-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-source-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-source-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-man-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE OpenStack Cloud 7:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE OpenStack Cloud 7:kernel-source-4.4.121-92.85.1.noarch",
"SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE OpenStack Cloud 7:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-06-29T14:41:33Z",
"details": "moderate"
}
],
"title": "CVE-2018-1092"
},
{
"cve": "CVE-2018-1093",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-1093"
}
],
"notes": [
{
"category": "general",
"text": "The ext4_valid_block_bitmap function in fs/ext4/balloc.c in the Linux kernel through 4.15.15 allows attackers to cause a denial of service (out-of-bounds read and system crash) via a crafted ext4 image because balloc.c and ialloc.c do not validate bitmap block numbers.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Enterprise Storage 4:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE Enterprise Storage 4:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE Enterprise Storage 4:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE Enterprise Storage 4:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE Enterprise Storage 4:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE Enterprise Storage 4:kernel-source-4.4.121-92.85.1.noarch",
"SUSE Enterprise Storage 4:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE Enterprise Storage 4:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-man-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-source-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-source-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-man-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE OpenStack Cloud 7:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE OpenStack Cloud 7:kernel-source-4.4.121-92.85.1.noarch",
"SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE OpenStack Cloud 7:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-1093",
"url": "https://www.suse.com/security/cve/CVE-2018-1093"
},
{
"category": "external",
"summary": "SUSE Bug 1087082 for CVE-2018-1093",
"url": "https://bugzilla.suse.com/1087082"
},
{
"category": "external",
"summary": "SUSE Bug 1087095 for CVE-2018-1093",
"url": "https://bugzilla.suse.com/1087095"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Enterprise Storage 4:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE Enterprise Storage 4:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE Enterprise Storage 4:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE Enterprise Storage 4:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE Enterprise Storage 4:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE Enterprise Storage 4:kernel-source-4.4.121-92.85.1.noarch",
"SUSE Enterprise Storage 4:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE Enterprise Storage 4:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-man-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-source-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-source-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-man-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE OpenStack Cloud 7:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE OpenStack Cloud 7:kernel-source-4.4.121-92.85.1.noarch",
"SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE OpenStack Cloud 7:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Enterprise Storage 4:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE Enterprise Storage 4:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE Enterprise Storage 4:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE Enterprise Storage 4:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE Enterprise Storage 4:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE Enterprise Storage 4:kernel-source-4.4.121-92.85.1.noarch",
"SUSE Enterprise Storage 4:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE Enterprise Storage 4:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-man-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-source-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-source-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-man-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE OpenStack Cloud 7:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE OpenStack Cloud 7:kernel-source-4.4.121-92.85.1.noarch",
"SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE OpenStack Cloud 7:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-06-29T14:41:33Z",
"details": "moderate"
}
],
"title": "CVE-2018-1093"
},
{
"cve": "CVE-2018-1094",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-1094"
}
],
"notes": [
{
"category": "general",
"text": "The ext4_fill_super function in fs/ext4/super.c in the Linux kernel through 4.15.15 does not always initialize the crc32c checksum driver, which allows attackers to cause a denial of service (ext4_xattr_inode_hash NULL pointer dereference and system crash) via a crafted ext4 image.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Enterprise Storage 4:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE Enterprise Storage 4:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE Enterprise Storage 4:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE Enterprise Storage 4:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE Enterprise Storage 4:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE Enterprise Storage 4:kernel-source-4.4.121-92.85.1.noarch",
"SUSE Enterprise Storage 4:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE Enterprise Storage 4:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-man-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-source-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-source-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-man-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE OpenStack Cloud 7:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE OpenStack Cloud 7:kernel-source-4.4.121-92.85.1.noarch",
"SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE OpenStack Cloud 7:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-1094",
"url": "https://www.suse.com/security/cve/CVE-2018-1094"
},
{
"category": "external",
"summary": "SUSE Bug 1087007 for CVE-2018-1094",
"url": "https://bugzilla.suse.com/1087007"
},
{
"category": "external",
"summary": "SUSE Bug 1087082 for CVE-2018-1094",
"url": "https://bugzilla.suse.com/1087082"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Enterprise Storage 4:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE Enterprise Storage 4:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE Enterprise Storage 4:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE Enterprise Storage 4:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE Enterprise Storage 4:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE Enterprise Storage 4:kernel-source-4.4.121-92.85.1.noarch",
"SUSE Enterprise Storage 4:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE Enterprise Storage 4:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-man-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-source-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-source-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-man-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE OpenStack Cloud 7:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE OpenStack Cloud 7:kernel-source-4.4.121-92.85.1.noarch",
"SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE OpenStack Cloud 7:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Enterprise Storage 4:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE Enterprise Storage 4:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE Enterprise Storage 4:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE Enterprise Storage 4:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE Enterprise Storage 4:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE Enterprise Storage 4:kernel-source-4.4.121-92.85.1.noarch",
"SUSE Enterprise Storage 4:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE Enterprise Storage 4:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-man-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-source-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-source-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-man-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE OpenStack Cloud 7:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE OpenStack Cloud 7:kernel-source-4.4.121-92.85.1.noarch",
"SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE OpenStack Cloud 7:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-06-29T14:41:33Z",
"details": "moderate"
}
],
"title": "CVE-2018-1094"
},
{
"cve": "CVE-2018-1130",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-1130"
}
],
"notes": [
{
"category": "general",
"text": "Linux kernel before version 4.16-rc7 is vulnerable to a null pointer dereference in dccp_write_xmit() function in net/dccp/output.c in that allows a local user to cause a denial of service by a number of certain crafted system calls.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Enterprise Storage 4:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE Enterprise Storage 4:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE Enterprise Storage 4:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE Enterprise Storage 4:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE Enterprise Storage 4:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE Enterprise Storage 4:kernel-source-4.4.121-92.85.1.noarch",
"SUSE Enterprise Storage 4:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE Enterprise Storage 4:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-man-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-source-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-source-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-man-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE OpenStack Cloud 7:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE OpenStack Cloud 7:kernel-source-4.4.121-92.85.1.noarch",
"SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE OpenStack Cloud 7:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-1130",
"url": "https://www.suse.com/security/cve/CVE-2018-1130"
},
{
"category": "external",
"summary": "SUSE Bug 1092904 for CVE-2018-1130",
"url": "https://bugzilla.suse.com/1092904"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Enterprise Storage 4:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE Enterprise Storage 4:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE Enterprise Storage 4:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE Enterprise Storage 4:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE Enterprise Storage 4:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE Enterprise Storage 4:kernel-source-4.4.121-92.85.1.noarch",
"SUSE Enterprise Storage 4:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE Enterprise Storage 4:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-man-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-source-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-source-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-man-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE OpenStack Cloud 7:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE OpenStack Cloud 7:kernel-source-4.4.121-92.85.1.noarch",
"SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE OpenStack Cloud 7:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Enterprise Storage 4:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE Enterprise Storage 4:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE Enterprise Storage 4:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE Enterprise Storage 4:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE Enterprise Storage 4:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE Enterprise Storage 4:kernel-source-4.4.121-92.85.1.noarch",
"SUSE Enterprise Storage 4:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE Enterprise Storage 4:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-man-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-source-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-source-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-man-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE OpenStack Cloud 7:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE OpenStack Cloud 7:kernel-source-4.4.121-92.85.1.noarch",
"SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE OpenStack Cloud 7:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-06-29T14:41:33Z",
"details": "moderate"
}
],
"title": "CVE-2018-1130"
},
{
"cve": "CVE-2018-3665",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-3665"
}
],
"notes": [
{
"category": "general",
"text": "System software utilizing Lazy FP state restore technique on systems using Intel Core-based microprocessors may potentially allow a local process to infer data from another process through a speculative execution side channel.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Enterprise Storage 4:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE Enterprise Storage 4:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE Enterprise Storage 4:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE Enterprise Storage 4:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE Enterprise Storage 4:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE Enterprise Storage 4:kernel-source-4.4.121-92.85.1.noarch",
"SUSE Enterprise Storage 4:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE Enterprise Storage 4:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-man-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-source-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-source-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-man-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE OpenStack Cloud 7:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE OpenStack Cloud 7:kernel-source-4.4.121-92.85.1.noarch",
"SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE OpenStack Cloud 7:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-3665",
"url": "https://www.suse.com/security/cve/CVE-2018-3665"
},
{
"category": "external",
"summary": "SUSE Bug 1087078 for CVE-2018-3665",
"url": "https://bugzilla.suse.com/1087078"
},
{
"category": "external",
"summary": "SUSE Bug 1087082 for CVE-2018-3665",
"url": "https://bugzilla.suse.com/1087082"
},
{
"category": "external",
"summary": "SUSE Bug 1087086 for CVE-2018-3665",
"url": "https://bugzilla.suse.com/1087086"
},
{
"category": "external",
"summary": "SUSE Bug 1090338 for CVE-2018-3665",
"url": "https://bugzilla.suse.com/1090338"
},
{
"category": "external",
"summary": "SUSE Bug 1095241 for CVE-2018-3665",
"url": "https://bugzilla.suse.com/1095241"
},
{
"category": "external",
"summary": "SUSE Bug 1095242 for CVE-2018-3665",
"url": "https://bugzilla.suse.com/1095242"
},
{
"category": "external",
"summary": "SUSE Bug 1096740 for CVE-2018-3665",
"url": "https://bugzilla.suse.com/1096740"
},
{
"category": "external",
"summary": "SUSE Bug 1100091 for CVE-2018-3665",
"url": "https://bugzilla.suse.com/1100091"
},
{
"category": "external",
"summary": "SUSE Bug 1100555 for CVE-2018-3665",
"url": "https://bugzilla.suse.com/1100555"
},
{
"category": "external",
"summary": "SUSE Bug 1178658 for CVE-2018-3665",
"url": "https://bugzilla.suse.com/1178658"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Enterprise Storage 4:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE Enterprise Storage 4:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE Enterprise Storage 4:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE Enterprise Storage 4:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE Enterprise Storage 4:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE Enterprise Storage 4:kernel-source-4.4.121-92.85.1.noarch",
"SUSE Enterprise Storage 4:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE Enterprise Storage 4:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-man-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-source-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-source-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-man-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE OpenStack Cloud 7:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE OpenStack Cloud 7:kernel-source-4.4.121-92.85.1.noarch",
"SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE OpenStack Cloud 7:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N",
"version": "3.0"
},
"products": [
"SUSE Enterprise Storage 4:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE Enterprise Storage 4:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE Enterprise Storage 4:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE Enterprise Storage 4:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE Enterprise Storage 4:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE Enterprise Storage 4:kernel-source-4.4.121-92.85.1.noarch",
"SUSE Enterprise Storage 4:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE Enterprise Storage 4:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-man-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-source-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-source-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-man-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE OpenStack Cloud 7:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE OpenStack Cloud 7:kernel-source-4.4.121-92.85.1.noarch",
"SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE OpenStack Cloud 7:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-06-29T14:41:33Z",
"details": "moderate"
}
],
"title": "CVE-2018-3665"
},
{
"cve": "CVE-2018-5803",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-5803"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux Kernel before version 4.15.8, 4.14.25, 4.9.87, 4.4.121, 4.1.51, and 3.2.102, an error in the \"_sctp_make_chunk()\" function (net/sctp/sm_make_chunk.c) when handling SCTP packets length can be exploited to cause a kernel crash.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Enterprise Storage 4:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE Enterprise Storage 4:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE Enterprise Storage 4:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE Enterprise Storage 4:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE Enterprise Storage 4:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE Enterprise Storage 4:kernel-source-4.4.121-92.85.1.noarch",
"SUSE Enterprise Storage 4:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE Enterprise Storage 4:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-man-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-source-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-source-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-man-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE OpenStack Cloud 7:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE OpenStack Cloud 7:kernel-source-4.4.121-92.85.1.noarch",
"SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE OpenStack Cloud 7:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-5803",
"url": "https://www.suse.com/security/cve/CVE-2018-5803"
},
{
"category": "external",
"summary": "SUSE Bug 1083900 for CVE-2018-5803",
"url": "https://bugzilla.suse.com/1083900"
},
{
"category": "external",
"summary": "SUSE Bug 1087082 for CVE-2018-5803",
"url": "https://bugzilla.suse.com/1087082"
},
{
"category": "external",
"summary": "SUSE Bug 1115893 for CVE-2018-5803",
"url": "https://bugzilla.suse.com/1115893"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Enterprise Storage 4:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE Enterprise Storage 4:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE Enterprise Storage 4:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE Enterprise Storage 4:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE Enterprise Storage 4:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE Enterprise Storage 4:kernel-source-4.4.121-92.85.1.noarch",
"SUSE Enterprise Storage 4:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE Enterprise Storage 4:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-man-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-source-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-source-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-man-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE OpenStack Cloud 7:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE OpenStack Cloud 7:kernel-source-4.4.121-92.85.1.noarch",
"SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE OpenStack Cloud 7:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Enterprise Storage 4:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE Enterprise Storage 4:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE Enterprise Storage 4:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE Enterprise Storage 4:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE Enterprise Storage 4:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE Enterprise Storage 4:kernel-source-4.4.121-92.85.1.noarch",
"SUSE Enterprise Storage 4:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE Enterprise Storage 4:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-man-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-source-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-source-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-man-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE OpenStack Cloud 7:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE OpenStack Cloud 7:kernel-source-4.4.121-92.85.1.noarch",
"SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE OpenStack Cloud 7:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-06-29T14:41:33Z",
"details": "moderate"
}
],
"title": "CVE-2018-5803"
},
{
"cve": "CVE-2018-5848",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-5848"
}
],
"notes": [
{
"category": "general",
"text": "In the function wmi_set_ie(), the length validation code does not handle unsigned integer overflow properly. As a result, a large value of the \u0027ie_len\u0027 argument can cause a buffer overflow in all Android releases from CAF (Android for MSM, Firefox OS for MSM, QRD Android) using the Linux Kernel.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Enterprise Storage 4:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE Enterprise Storage 4:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE Enterprise Storage 4:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE Enterprise Storage 4:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE Enterprise Storage 4:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE Enterprise Storage 4:kernel-source-4.4.121-92.85.1.noarch",
"SUSE Enterprise Storage 4:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE Enterprise Storage 4:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-man-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-source-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-source-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-man-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE OpenStack Cloud 7:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE OpenStack Cloud 7:kernel-source-4.4.121-92.85.1.noarch",
"SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE OpenStack Cloud 7:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-5848",
"url": "https://www.suse.com/security/cve/CVE-2018-5848"
},
{
"category": "external",
"summary": "SUSE Bug 1087082 for CVE-2018-5848",
"url": "https://bugzilla.suse.com/1087082"
},
{
"category": "external",
"summary": "SUSE Bug 1097356 for CVE-2018-5848",
"url": "https://bugzilla.suse.com/1097356"
},
{
"category": "external",
"summary": "SUSE Bug 1105412 for CVE-2018-5848",
"url": "https://bugzilla.suse.com/1105412"
},
{
"category": "external",
"summary": "SUSE Bug 1115339 for CVE-2018-5848",
"url": "https://bugzilla.suse.com/1115339"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Enterprise Storage 4:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE Enterprise Storage 4:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE Enterprise Storage 4:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE Enterprise Storage 4:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE Enterprise Storage 4:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE Enterprise Storage 4:kernel-source-4.4.121-92.85.1.noarch",
"SUSE Enterprise Storage 4:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE Enterprise Storage 4:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-man-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-source-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-source-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-man-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE OpenStack Cloud 7:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE OpenStack Cloud 7:kernel-source-4.4.121-92.85.1.noarch",
"SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE OpenStack Cloud 7:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"SUSE Enterprise Storage 4:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE Enterprise Storage 4:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE Enterprise Storage 4:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE Enterprise Storage 4:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE Enterprise Storage 4:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE Enterprise Storage 4:kernel-source-4.4.121-92.85.1.noarch",
"SUSE Enterprise Storage 4:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE Enterprise Storage 4:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-man-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-source-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-source-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-man-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE OpenStack Cloud 7:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE OpenStack Cloud 7:kernel-source-4.4.121-92.85.1.noarch",
"SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE OpenStack Cloud 7:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-06-29T14:41:33Z",
"details": "moderate"
}
],
"title": "CVE-2018-5848"
},
{
"cve": "CVE-2018-7492",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-7492"
}
],
"notes": [
{
"category": "general",
"text": "A NULL pointer dereference was found in the net/rds/rdma.c __rds_rdma_map() function in the Linux kernel before 4.14.7 allowing local attackers to cause a system panic and a denial-of-service, related to RDS_GET_MR and RDS_GET_MR_FOR_DEST.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Enterprise Storage 4:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE Enterprise Storage 4:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE Enterprise Storage 4:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE Enterprise Storage 4:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE Enterprise Storage 4:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE Enterprise Storage 4:kernel-source-4.4.121-92.85.1.noarch",
"SUSE Enterprise Storage 4:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE Enterprise Storage 4:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-man-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-source-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-source-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-man-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE OpenStack Cloud 7:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE OpenStack Cloud 7:kernel-source-4.4.121-92.85.1.noarch",
"SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE OpenStack Cloud 7:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-7492",
"url": "https://www.suse.com/security/cve/CVE-2018-7492"
},
{
"category": "external",
"summary": "SUSE Bug 1082962 for CVE-2018-7492",
"url": "https://bugzilla.suse.com/1082962"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Enterprise Storage 4:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE Enterprise Storage 4:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE Enterprise Storage 4:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE Enterprise Storage 4:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE Enterprise Storage 4:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE Enterprise Storage 4:kernel-source-4.4.121-92.85.1.noarch",
"SUSE Enterprise Storage 4:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE Enterprise Storage 4:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-man-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-source-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-source-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-man-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE OpenStack Cloud 7:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE OpenStack Cloud 7:kernel-source-4.4.121-92.85.1.noarch",
"SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE OpenStack Cloud 7:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.2,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Enterprise Storage 4:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE Enterprise Storage 4:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE Enterprise Storage 4:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE Enterprise Storage 4:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE Enterprise Storage 4:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE Enterprise Storage 4:kernel-source-4.4.121-92.85.1.noarch",
"SUSE Enterprise Storage 4:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE Enterprise Storage 4:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-man-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-source-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-source-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-man-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE OpenStack Cloud 7:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE OpenStack Cloud 7:kernel-source-4.4.121-92.85.1.noarch",
"SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.85.1.s390x",
"SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE OpenStack Cloud 7:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-06-29T14:41:33Z",
"details": "moderate"
}
],
"title": "CVE-2018-7492"
}
]
}
suse-su-2019:0901-1
Vulnerability from csaf_suse
Published
2019-04-08 09:49
Modified
2019-04-08 09:49
Summary
Security update for the Linux Kernel
Notes
Title of the patch
Security update for the Linux Kernel
Description of the patch
The SUSE Linux Enterprise 12 SP3 Azure kernel was updated to 4.4.176 to receive various security and bugfixes.
The following security bugs were fixed:
- CVE-2019-2024: A use-after-free when disconnecting a source was fixed which could lead to crashes. bnc#1129179).
- CVE-2019-9213: expand_downwards in mm/mmap.c lacked a check for the mmap minimum address, which made it easier for attackers to exploit kernel NULL pointer dereferences on non-SMAP platforms. This is related to a capability check for the wrong task (bnc#1128166).
- CVE-2019-6974: kvm_ioctl_create_device in virt/kvm/kvm_main.c mishandled reference counting because of a race condition, leading to a use-after-free. (bnc#1124728)
- CVE-2019-3459, CVE-2019-3460: The Bluetooth stack suffered from two remote information leak vulnerabilities in the code that handles incoming L2cap configuration packets (bsc#1120758).
- CVE-2019-7221: Fixed a use-after-free vulnerability in the KVM hypervisor related to the emulation of a preemption timer, allowing an guest user/process to crash the host kernel. (bsc#1124732).
- CVE-2019-7222: Fixed an information leakage in the KVM hypervisor related to handling page fault exceptions, which allowed a guest user/process to use this flaw to leak the host's stack memory contents to a guest (bsc#1124735).
- CVE-2017-18249: The add_free_nid function in fs/f2fs/node.c did not properly track an allocated nid, which allowed local users to cause a denial of service (race condition) or possibly have unspecified other impact via concurrent threads (bnc#1087036).
The following non-security bugs were fixed:
- acpi/nfit: Block function zero DSMs (bsc#1123321).
- acpi, nfit: Fix ARS overflow continuation (bsc#1125000).
- acpi/nfit: fix cmd_rc for acpi_nfit_ctl to always return a value (bsc#1124775).
- acpi/nfit: Fix command-supported detection (bsc#1123323).
- acpi: power: Skip duplicate power resource references in _PRx (bnc#1012382).
- acpi / processor: Fix the return value of acpi_processor_ids_walk() (git fixes (acpi)).
- alpha: Fix Eiger NR_IRQS to 128 (bnc#1012382).
- alpha: fix page fault handling for r16-r18 targets (bnc#1012382).
- alsa: bebob: fix model-id of unit for Apogee Ensemble (bnc#1012382).
- alsa: compress: Fix stop handling on compressed capture streams (bnc#1012382).
- alsa: hda - Add quirk for HP EliteBook 840 G5 (bnc#1012382).
- alsa: hda/realtek - Disable headset Mic VREF for headset mode of ALC225 (bnc#1012382).
- alsa: hda - Serialize codec registrations (bnc#1012382).
- alsa: usb-audio: Fix implicit fb endpoint setup by quirk (bnc#1012382).
- ARC: perf: map generic branches to correct hardware condition (bnc#1012382).
- arm64: Do not trap host pointer auth use to EL2 (bnc#1012382).
- arm64: ftrace: do not adjust the LR value (bnc#1012382).
- arm64: hyp-stub: Forbid kprobing of the hyp-stub (bnc#1012382).
- arm64/kvm: consistently handle host HCR_EL2 flags (bnc#1012382).
- arm64: KVM: Skip MMIO insn after emulation (bnc#1012382).
- arm64: perf: set suppress_bind_attrs flag to true (bnc#1012382).
- ARM: 8808/1: kexec:offline panic_smp_self_stop CPU (bnc#1012382).
- ARM: cns3xxx: Fix writing to wrong PCI config registers after alignment (bnc#1012382).
- ARM: dts: da850-evm: Correct the sound card name (bnc#1012382).
- ARM: dts: Fix OMAP4430 SDP Ethernet startup (bnc#1012382).
- ARM: dts: kirkwood: Fix polarity of GPIO fan lines (bnc#1012382).
- ARM: dts: mmp2: fix TWSI2 (bnc#1012382).
- ARM: iop32x/n2100: fix PCI IRQ mapping (bnc#1012382).
- ARM: OMAP2+: hwmod: Fix some section annotations (bnc#1012382).
- ARM: pxa: avoid section mismatch warning (bnc#1012382).
- ASoC: atom: fix a missing check of snd_pcm_lib_malloc_pages (bnc#1012382).
- ASoC: fsl: Fix SND_SOC_EUKREA_TLV320 build error on i.MX8M (bnc#1012382).
- ASoC: Intel: mrfld: fix uninitialized variable access (bnc#1012382).
- ata: Fix racy link clearance (bsc#1107866).
- ax25: fix possible use-after-free (bnc#1012382).
- batman-adv: Avoid WARN on net_device without parent in netns (bnc#1012382).
- batman-adv: Force mac header to start of data on xmit (bnc#1012382).
- block_dev: fix crash on chained bios with O_DIRECT (bsc#1090435).
- block: do not use bio->bi_vcnt to figure out segment number (bsc#1128893).
- block/loop: Use global lock for ioctl() operation (bnc#1012382).
- block/swim3: Fix -EBUSY error when re-opening device after unmount (Git-fixes).
- bluetooth: Fix unnecessary error message for HCI request completion (bnc#1012382).
- bnxt_re: Fix couple of memory leaks that could lead to IOMMU call traces (bsc#1020413).
- bnxt_re: Fix couple of memory leaks that could lead to IOMMU call traces (bsc#1020413).
- bpf: fix replace_map_fd_with_map_ptr's ldimm64 second imm field (bsc#1012382).
- btrfs: ensure that a DUP or RAID1 block group has exactly two stripes (bsc#1128452).
- btrfs: tree-checker: Check level for leaves and nodes (bnc#1012382).
- btrfs: tree-checker: Do not check max block group size as current max chunk size limit is unreliable (fixes for bnc#1012382 bsc#1102875 bsc#1102877 bsc#1102879 bsc#1102882 bsc#1102896).
- btrfs: tree-checker: Fix misleading group system information (bnc#1012382).
- btrfs: tree-check: reduce stack consumption in check_dir_item (bnc#1012382).
- btrfs: validate type when reading a chunk (bnc#1012382).
- btrfs: wait on ordered extents on abort cleanup (bnc#1012382).
- can: bcm: check timer values before ktime conversion (bnc#1012382).
- can: dev: __can_get_echo_skb(): fix bogous check for non-existing skb by removing it (bnc#1012382).
- can: gw: ensure DLC boundaries after CAN frame modification (bnc#1012382).
- ceph: avoid repeatedly adding inode to mdsc->snap_flush_list (bsc#1126773).
- ceph: clear inode pointer when snap realm gets dropped by its inode (bsc#1125809).
- ch: add missing mutex_lock()/mutex_unlock() in ch_release() (bsc#1124235).
- char/mwave: fix potential Spectre v1 vulnerability (bnc#1012382).
- ch: fixup refcounting imbalance for SCSI devices (bsc#1124235).
- cifs: Always resolve hostname before reconnecting (bnc#1012382).
- cifs: check ntwrk_buf_start for NULL before dereferencing it (bnc#1012382).
- cifs: Do not count -ENODATA as failure for query directory (bnc#1012382).
- cifs: Do not hide EINTR after sending network packets (bnc#1012382).
- cifs: Fix possible hang during async MTU reads and writes (bnc#1012382).
- cifs: Fix potential OOB access of lock element array (bnc#1012382).
- cifs: Limit memory used by lock request calls to a page (bnc#1012382).
- clk: imx6q: reset exclusive gates on init (bnc#1012382).
- clk: imx6sl: ensure MMDC CH0 handshake is bypassed (bnc#1012382).
- copy_mount_string: Limit string length to PATH_MAX (bsc#1082943).
- cpufreq: intel_pstate: Fix HWP on boot CPU after system resume (bsc#1120017).
- cpuidle: big.LITTLE: fix refcount leak (bnc#1012382).
- crypto: authencesn - Avoid twice completion call in decrypt path (bnc#1012382).
- crypto: authenc - fix parsing key with misaligned rta_len (bnc#1012382).
- crypto: cts - fix crash on short inputs (bnc#1012382).
- crypto: user - support incremental algorithm dumps (bsc#1120902).
- crypto: ux500 - Use proper enum in cryp_set_dma_transfer (bnc#1012382).
- crypto: ux500 - Use proper enum in hash_set_dma_transfer (bnc#1012382).
- cw1200: Fix concurrency use-after-free bugs in cw1200_hw_scan() (bnc#1012382).
- dccp: fool proof ccid_hc_[rt]x_parse_options() (bnc#1012382).
- debugfs: fix debugfs_rename parameter checking (bnc#1012382).
- device property: Fix the length used in PROPERTY_ENTRY_STRING() (bsc#1129770).
- Disable MSI also when pcie-octeon.pcie_disable on (bnc#1012382).
- dlm: Do not swamp the CPU with callbacks queued during recovery (bnc#1012382).
- dmaengine: imx-dma: fix wrong callback invoke (bnc#1012382).
- dm crypt: add cryptographic data integrity protection (authenticated encryption) (Git-fixes).
- dm crypt: factor IV constructor out to separate function (Git-fixes).
- dm crypt: fix crash by adding missing check for auth key size (git-fixes).
- dm crypt: fix error return code in crypt_ctr() (git-fixes).
- dm crypt: fix memory leak in crypt_ctr_cipher_old() (git-fixes).
- dm crypt: introduce new format of cipher with 'capi:' prefix (Git-fixes).
- dm crypt: wipe kernel key copy after IV initialization (Git-fixes).
- dm: do not allow readahead to limit IO size (git fixes (readahead)).
- dm kcopyd: Fix bug causing workqueue stalls (bnc#1012382).
- dm snapshot: Fix excessive memory usage and workqueue stalls (bnc#1012382).
- dm thin: fix bug where bio that overwrites thin block ignores FUA (bnc#1012382).
- Documentation/network: reword kernel version reference (bnc#1012382).
- drbd: Avoid Clang warning about pointless switch statment (bnc#1012382).
- drbd: disconnect, if the wrong UUIDs are attached on a connected peer (bnc#1012382).
- drbd: narrow rcu_read_lock in drbd_sync_handshake (bnc#1012382).
- drbd: skip spurious timeout (ping-timeo) when failing promote (bnc#1012382).
- drivers: core: Remove glue dirs from sysfs earlier (bnc#1012382).
- Drivers: hv: vmbus: Check for ring when getting debug info (bsc#1126389).
- drm/bufs: Fix Spectre v1 vulnerability (bnc#1012382).
- drm: Fix error handling in drm_legacy_addctx (bsc#1106929)
- drm/i915: Block fbdev HPD processing during suspend (bsc#1106929)
- drm/i915: Prevent a race during I915_GEM_MMAP ioctl with WC set (bsc#1106929)
- drm/modes: Prevent division by zero htotal (bnc#1012382).
- drm/nouveau/bios/ramcfg: fix missing parentheses when calculating RON (bsc#1106929)
- drm/nouveau/pmu: do not print reply values if exec is false (bsc#1106929)
- drm/radeon/evergreen_cs: fix missing break in switch statement (bsc#1106929)
- drm/vmwgfx: Do not double-free the mode stored in par->set_mode (bsc#1103429)
- drm/vmwgfx: Fix setting of dma masks (bsc#1106929)
- drm/vmwgfx: Return error code from vmw_execbuf_copy_fence_user (bsc#1106929)
- e1000e: allow non-monotonic SYSTIM readings (bnc#1012382).
- EDAC: Raise the maximum number of memory controllers (bsc#1120722).
- efi/libstub/arm64: Use hidden attribute for struct screen_info reference (bsc#1122650).
- enic: add wq clean up budget (bsc#1075697, bsc#1120691. bsc#1102959).
- enic: do not overwrite error code (bnc#1012382).
- enic: fix checksum validation for IPv6 (bnc#1012382).
- exec: load_script: do not blindly truncate shebang string (bnc#1012382).
- ext4: fix a potential fiemap/page fault deadlock w/ inline_data (bnc#1012382).
- ext4: Fix crash during online resizing (bsc#1122779).
- f2fs: Add sanity_check_inode() function (bnc#1012382).
- f2fs: avoid unneeded loop in build_sit_entries (bnc#1012382).
- f2fs: check blkaddr more accuratly before issue a bio (bnc#1012382).
- f2fs: clean up argument of recover_data (bnc#1012382).
- f2fs: clean up with is_valid_blkaddr() (bnc#1012382).
- f2fs: detect wrong layout (bnc#1012382).
- f2fs: enhance sanity_check_raw_super() to avoid potential overflow (bnc#1012382).
- f2fs: factor out fsync inode entry operations (bnc#1012382).
- f2fs: fix inode cache leak (bnc#1012382).
- f2fs: fix invalid memory access (bnc#1012382).
- f2fs: fix missing up_read (bnc#1012382).
- f2fs: fix to avoid reading out encrypted data in page cache (bnc#1012382).
- f2fs: fix to convert inline directory correctly (bnc#1012382).
- f2fs: fix to determine start_cp_addr by sbi->cur_cp_pack (bnc#1012382).
- f2fs: fix to do sanity check with block address in main area (bnc#1012382).
- f2fs: fix to do sanity check with block address in main area v2 (bnc#1012382).
- f2fs: fix to do sanity check with cp_pack_start_sum (bnc#1012382).
- f2fs: fix to do sanity check with node footer and iblocks (bnc#1012382).
- f2fs: fix to do sanity check with reserved blkaddr of inline inode (bnc#1012382).
- f2fs: fix to do sanity check with secs_per_zone (bnc#1012382).
- f2fs: fix to do sanity check with user_block_count (bnc#1012382).
- f2fs: fix validation of the block count in sanity_check_raw_super (bnc#1012382).
- f2fs: fix wrong return value of f2fs_acl_create (bnc#1012382).
- f2fs: free meta pages if sanity check for ckpt is failed (bnc#1012382).
- f2fs: give -EINVAL for norecovery and rw mount (bnc#1012382).
- f2fs: introduce and spread verify_blkaddr (bnc#1012382).
- f2fs: introduce get_checkpoint_version for cleanup (bnc#1012382).
- f2fs: move dir data flush to write checkpoint process (bnc#1012382).
- f2fs: move sanity checking of cp into get_valid_checkpoint (bnc#1012382).
- f2fs: not allow to write illegal blkaddr (bnc#1012382).
- f2fs: put directory inodes before checkpoint in roll-forward recovery (bnc#1012382).
- f2fs: read page index before freeing (bnc#1012382).
- f2fs: remove an obsolete variable (bnc#1012382).
- f2fs: return error during fill_super (bnc#1012382).
- f2fs: sanity check on sit entry (bnc#1012382).
- f2fs: use crc and cp version to determine roll-forward recovery (bnc#1012382).
- fbdev: chipsfb: remove set but not used variable 'size' (bsc#1106929)
- Fix incorrect value for X86_FEATURE_TSX_FORCE_ABORT
- Fix problem with sharetransport= and NFSv4 (bsc#1114893).
- fs: add the fsnotify call to vfs_iter_write (bnc#1012382).
- fs/dcache: Fix incorrect nr_dentry_unused accounting in shrink_dcache_sb() (bnc#1012382).
- fs: do not scan the inode cache before SB_BORN is set (bnc#1012382).
- fs/epoll: drop ovflist branch prediction (bnc#1012382).
- fs: fix lost error code in dio_complete (bsc#1117744).
- fuse: call pipe_buf_release() under pipe lock (bnc#1012382).
- fuse: decrement NR_WRITEBACK_TEMP on the right page (bnc#1012382).
- fuse: handle zero sized retrieve correctly (bnc#1012382).
- futex: Fix (possible) missed wakeup (bsc#1050549).
- gdrom: fix a memory leak bug (bnc#1012382).
- gfs2: Revert 'Fix loop in gfs2_rbm_find' (bnc#1012382).
- gpiolib: Fix return value of gpio_to_desc() stub if !GPIOLIB (Git-fixes).
- gpio: pl061: handle failed allocations (bnc#1012382).
- gpu: ipu-v3: Fix CSI offsets for imx53 (bsc#1106929)
- gpu: ipu-v3: Fix i.MX51 CSI control registers offset (bsc#1106929)
- HID: debug: fix the ring buffer implementation (bnc#1012382).
- HID: lenovo: Add checks to fix of_led_classdev_register (bnc#1012382).
- hwmon: (lm80) fix a missing check of bus read in lm80 probe (bnc#1012382).
- hwmon: (lm80) fix a missing check of the status of SMBus read (bnc#1012382).
- hwmon: (lm80) Fix missing unlock on error in set_fan_div() (git-fixes).
- i2c-axxia: check for error conditions first (bnc#1012382).
- i2c: dev: prevent adapter retries and timeout being set as minus value (bnc#1012382).
- IB/core: type promotion bug in rdma_rw_init_one_mr() ().
- ibmveth: Do not process frames after calling napi_reschedule (bcs#1123357).
- ibmvnic: Add ethtool private flag for driver-defined queue limits (bsc#1121726).
- ibmvnic: Increase maximum queue size limit (bsc#1121726).
- ibmvnic: Introduce driver limits for ring sizes (bsc#1121726).
- ibmvnic: Report actual backing device speed and duplex values (bsc#1129923).
- ibmvscsi: Fix empty event pool access during host removal (bsc#1119019).
- IB/rxe: Fix incorrect cache cleanup in error flow ().
- IB/rxe: replace kvfree with vfree ().
- igb: Fix an issue that PME is not enabled during runtime suspend (bnc#1012382).
- inet: frags: add a pointer to struct netns_frags (bnc#1012382).
- inet: frags: better deal with smp races (bnc#1012382).
- inet: frags: break the 2GB limit for frags storage (bnc#1012382).
- inet: frags: change inet_frags_init_net() return value (bnc#1012382).
- inet: frags: do not clone skb in ip_expire() (bnc#1012382).
- inet: frags: fix ip6frag_low_thresh boundary (bnc#1012382).
- inet: frags: get rid of ipfrag_skb_cb/FRAG_CB (bnc#1012382).
- inet: frags: get rif of inet_frag_evicting() (bnc#1012382).
- inet: frags: refactor ipfrag_init() (bnc#1012382).
- inet: frags: refactor ipv6_frag_init() (bnc#1012382).
- inet: frags: refactor lowpan_net_frag_init() (bnc#1012382).
- inet: frags: remove inet_frag_maybe_warn_overflow() (bnc#1012382).
- inet: frags: remove some helpers (bnc#1012382).
- inet: frags: reorganize struct netns_frags (bnc#1012382).
- inet: frags: use rhashtables for reassembly units (bnc#1012382).
- input: bma150 - register input device after setting private data (bnc#1012382).
- input: elan_i2c - add ACPI ID for touchpad in Lenovo V330-15ISK (bnc#1012382).
- input: elantech - enable 3rd button support on Fujitsu CELSIUS H780 (bnc#1012382).
- input: mms114 - fix license module information (bsc#1087092).
- input: xpad - add support for SteelSeries Stratus Duo (bnc#1012382).
- intel_pstate: Update frequencies of policy->cpus only from ->set_policy() (bsc#1120017).
- iommu/amd: Call free_iova_fast with pfn in map_sg (bsc#1106105).
- iommu/amd: Fix IOMMU page flush when detach device from a domain (bsc#1106105).
- iommu/amd: Unmap all mapped pages in error path of map_sg (bsc#1106105).
- iommu/arm-smmu-v3: Use explicit mb() when moving cons pointer (bnc#1012382).
- iommu/dmar: Fix buffer overflow during PCI bus notification (bsc#1129237).
- iommu/io-pgtable-arm-v7s: Only kmemleak_ignore L2 tables (bsc#1129238).
- iommu/vt-d: Check identity map for hot-added devices (bsc#1129239).
- iommu/vt-d: Fix memory leak in intel_iommu_put_resv_regions() (bsc#1106105).
- iommu/vt-d: Fix NULL pointer reference in intel_svm_bind_mm() (bsc#1129240).
- ip: add helpers to process in-order fragments faster (bnc#1012382).
- ipfrag: really prevent allocation on netns exit (bnc#1012382).
- ip: frags: fix crash in ip_do_fragment() (bnc#1012382).
- ipmi:ssif: Fix handling of multi-part return messages (bnc#1012382).
- ip: on queued skb use skb_header_pointer instead of pskb_may_pull (bnc#1012382).
- ip: process in-order fragments efficiently (bnc#1012382).
- ip: use rb trees for IP frag queue (bnc#1012382).
- ipv4: frags: precedence bug in ip_expire() (bnc#1012382).
- ipv6: Consider sk_bound_dev_if when binding a socket to an address (bnc#1012382).
- ipv6: Consider sk_bound_dev_if when binding a socket to a v4 mapped address (bnc#1012382).
- ipv6: fix kernel-infoleak in ipv6_local_error() (bnc#1012382).
- ipv6: frags: rewrite ip6_expire_frag_queue() (bnc#1012382).
- ipv6: Take rcu_read_lock in __inet6_bind for mapped addresses (bnc#1012382).
- irqchip/gic-v3-its: Align PCI Multi-MSI allocation on their size (bnc#1012382).
- isdn: hisax: hfc_pci: Fix a possible concurrency use-after-free bug in HFCPCI_l1hw() (bnc#1012382).
- ixgbe: fix crash in build_skb Rx code path (git-fixes).
- jffs2: Fix use of uninitialized delayed_work, lockdep breakage (bnc#1012382).
- kABI: protect linux/kfifo.h include in hid-debug (kabi).
- kABI: protect struct hda_bus (kabi).
- kABI: protect struct inet_peer (kabi).
- kabi: reorder new slabinfo fields in struct kmem_cache_node (bnc#1116653).
- kallsyms: Handle too long symbols in kallsyms.c (bsc#1126805).
- kaweth: use skb_cow_head() to deal with cloned skbs (bnc#1012382).
- kconfig: fix file name and line number of warn_ignored_character() (bnc#1012382).
- kconfig: fix memory leak when EOF is encountered in quotation (bnc#1012382).
- kernel/exit.c: release ptraced tasks before zap_pid_ns_processes (bnc#1012382).
- kernel/hung_task.c: break RCU locks based on jiffies (bnc#1012382).
- KMPs: obsolete older KMPs of the same flavour (bsc#1127155, bsc#1109137).
- kvm: arm/arm64: vgic-its: Check CBASER/BASER validity before enabling the ITS (bsc#1109248).
- kvm: arm/arm64: vgic-its: Check GITS_BASER Valid bit before saving tables (bsc#1109248).
- kvm: arm/arm64: vgic-its: Fix return value for device table restore (bsc#1109248).
- kvm: arm/arm64: vgic-its: Fix vgic_its_restore_collection_table returned value (bsc#1109248).
- kvm: nVMX: Do not halt vcpu when L1 is injecting events to L2 (bsc#1129413).
- kvm: nVMX: Free the VMREAD/VMWRITE bitmaps if alloc_kvm_area() fails (bsc#1129414).
- kvm: nVMX: NMI-window and interrupt-window exiting should wake L2 from HLT (bsc#1129415).
- kvm: nVMX: Set VM instruction error for VMPTRLD of unbacked page (bsc#1129416).
- kvm: VMX: Do not allow reexecute_instruction() when skipping MMIO instr (bsc#1129417).
- kvm: VMX: Fix x2apic check in vmx_msr_bitmap_mode() (bsc#1124166).
- kvm: VMX: Missing part of upstream commit 904e14fb7cb9 (bsc#1124166).
- kvm: vmx: Set IA32_TSC_AUX for legacy mode guests (bsc#1129418).
- kvm: x86: Add AMD's EX_CFG to the list of ignored MSRs (bsc#1127082).
- kvm: x86: Fix single-step debugging (bnc#1012382).
- kvm: x86: IA32_ARCH_CAPABILITIES is always supported (bsc#1129419).
- kvm: x86: svm: report MSR_IA32_MCG_EXT_CTL as unsupported (bnc#1012382).
- l2tp: copy 4 more bytes to linear part if necessary (bnc#1012382).
- l2tp: fix reading optional fields of L2TPv3 (bnc#1012382).
- l2tp: remove l2specific_len dependency in l2tp_core (bnc#1012382).
- libceph: avoid KEEPALIVE_PENDING races in ceph_con_keepalive() (bsc#1125810).
- libceph: handle an empty authorize reply (bsc#1126772).
- libnvdimm: fix ars_status output length calculation (bsc#1124777).
- libnvdimm, pfn: Pad pfn namespaces relative to other regions (bsc#1124811).
- libnvdimm: Use max contiguous area for namespace size (bsc#1124780).
- locking/rwsem: Fix (possible) missed wakeup (bsc#1050549).
- loop: Fix double mutex_unlock(&loop_ctl_mutex) in loop_control_ioctl() (bnc#1012382).
- loop: Fold __loop_release into loop_release (bnc#1012382).
- loop: Get rid of loop_index_mutex (bnc#1012382).
- LSM: Check for NULL cred-security on free (bnc#1012382).
- mac80211: ensure that mgmt tx skbs have tailroom for encryption (bnc#1012382).
- mac80211: fix radiotap vendor presence bitmap handling (bnc#1012382).
- md: batch flush requests (bsc#1119680).
- mdio_bus: Fix use-after-free on device_register fails (git-fixes).
- media: DaVinci-VPBE: fix error handling in vpbe_initialize() (bnc#1012382).
- media: em28xx: Fix misplaced reset of dev->v4l::field_count (bnc#1012382).
- media: firewire: Fix app_info parameter type in avc_ca{,_app}_info (bnc#1012382).
- media: vb2: be sure to unlock mutex on errors (bnc#1012382).
- media: vb2: vb2_mmap: move lock up (bnc#1012382).
- media: vivid: fix error handling of kthread_run (bnc#1012382).
- media: vivid: set min width/height to a value > 0 (bnc#1012382).
- memstick: Prevent memstick host from getting runtime suspended during card detection (bnc#1012382).
- mfd: as3722: Handle interrupts on suspend (bnc#1012382).
- mfd: as3722: Mark PM functions as __maybe_unused (bnc#1012382).
- mfd: tps6586x: Handle interrupts on suspend (bnc#1012382).
- misc: vexpress: Off by one in vexpress_syscfg_exec() (bnc#1012382).
- mISDN: fix a race in dev_expire_timer() (bnc#1012382).
- mlxsw: pci: Correctly determine if descriptor queue is full (git-fixes).
- mlxsw: reg: Use correct offset in field definiton (git-fixes).
- mmc: atmel-mci: do not assume idle after atmci_request_end (bnc#1012382).
- mmc: bcm2835: Fix DMA channel leak on probe error (bsc#1120902).
- mmc: sdhci-iproc: handle mmc_of_parse() errors during probe (bnc#1012382).
- mm, devm_memremap_pages: mark devm_memremap_pages() EXPORT_SYMBOL_GPL (bnc#1012382).
- mm,memory_hotplug: fix scan_movable_pages() for gigantic hugepages (bsc#1127731).
- mm: migrate: do not rely on __PageMovable() of newpage after unlocking it (bnc#1012382).
- mm: only report isolation failures when offlining memory (generic hotplug debugability).
- mm, oom: fix use-after-free in oom_kill_process (bnc#1012382).
- mm, page_alloc: drop should_suppress_show_mem (bnc#1125892, bnc#1106061).
- mm/page-writeback.c: do not break integrity writeback on ->writepage() error (bnc#1012382).
- mm, proc: be more verbose about unstable VMA flags in /proc/<pid>/smaps (bnc#1012382).
- mm, slab: faster active and free stats (bsc#116653, VM Performance).
- mm/slab: improve performance of gathering slabinfo stats (bsc#116653, VM Performance).
- mm, slab: maintain total slab count instead of active count (bsc#116653, VM Performance).
- modpost: validate symbol names also in find_elf_symbol (bnc#1012382).
- mtd: rawnand: gpmi: fix MX28 bus master lockup problem (bnc#1012382).
- net: Add header for usage of fls64() (bnc#1012382).
- net: bridge: fix a bug on using a neighbour cache entry without checking its state (bnc#1012382).
- net: bridge: Fix ethernet header pointer before check skb forwardable (bnc#1012382).
- net: call sk_dst_reset when set SO_DONTROUTE (bnc#1012382).
- net: Do not allocate page fragments that are not skb aligned (bnc#1012382).
- net: dp83640: expire old TX-skb (bnc#1012382).
- net: dsa: bcm_sf2: Do not assume DSA master supports WoL (git-fixes).
- net: dsa: mv88e6xxx: fix port VLAN maps (git-fixes).
- net: dsa: slave: Do not propagate flag changes on down slave interfaces (bnc#1012382).
- net: Fix for_each_netdev_feature on Big endian (bnc#1012382).
- net: fix IPv6 prefix route residue (bnc#1012382).
- net: fix pskb_trim_rcsum_slow() with odd trim offset (bnc#1012382).
- net: Fix usage of pskb_trim_rcsum (bnc#1012382).
- net/hamradio/6pack: Convert timers to use timer_setup() (git-fixes).
- net/hamradio/6pack: use mod_timer() to rearm timers (git-fixes).
- net: ieee802154: 6lowpan: fix frag reassembly (bnc#1012382).
- net: ipv4: do not handle duplicate fragments as overlapping (bnc#1012382 bsc#1116345).
- net: ipv4: Fix memory leak in network namespace dismantle (bnc#1012382).
- net: ipv4: use a dedicated counter for icmp_v4 redirect packets (bnc#1012382).
- net: lan78xx: Fix race in tx pending skb size calculation (git-fixes).
- net/mlx4_core: Add masking for a few queries on HCA caps (bnc#1012382).
- net/mlx4_core: drop useless LIST_HEAD (git-fixes).
- net/mlx4_core: Fix qp mtt size calculation (git-fixes).
- net/mlx4_core: Fix reset flow when in command polling mode (git-fixes).
- net/mlx4: Fix endianness issue in qp context params (git-fixes).
- net/mlx5: Continue driver initialization despite debugfs failure (git-fixes).
- net/mlx5e: Fix TCP checksum in LRO buffers (git-fixes).
- net/mlx5: Fix driver load bad flow when having fw initializing timeout (git-fixes).
- net/mlx5: fix uaccess beyond 'count' in debugfs read/write handlers (git-fixes).
- net/mlx5: Fix use-after-free in self-healing flow (git-fixes).
- net/mlx5: Return success for PAGE_FAULT_RESUME in internal error state (git-fixes).
- net: modify skb_rbtree_purge to return the truesize of all purged skbs (bnc#1012382).
- net: mv643xx_eth: fix packet corruption with TSO and tiny unaligned packets (git-fixes).
- net: phy: Avoid polling PHY with PHY_IGNORE_INTERRUPTS (git-fixes).
- net: phy: bcm7xxx: Fix shadow mode 2 disabling (git-fixes).
- net: pskb_trim_rcsum() and CHECKSUM_COMPLETE are friends (bnc#1012382).
- net: qca_spi: Fix race condition in spi transfers (git-fixes).
- netrom: switch to sock timer API (bnc#1012382).
- net/rose: fix NULL ax25_cb kernel panic (bnc#1012382).
- net_sched: refetch skb protocol for each filter (bnc#1012382).
- net: speed up skb_rbtree_purge() (bnc#1012382).
- net: stmmac: Fix a race in EEE enable callback (bnc#1012382).
- net: stmmac: Fix a race in EEE enable callback (git-fixes).
- net: systemport: Fix WoL with password after deep sleep (bnc#1012382).
- net: thunderx: set tso_hdrs pointer to NULL in nicvf_free_snd_queue (git-fixes).
- net/x25: do not hold the cpu too long in x25_new_lci() (bnc#1012382).
- NFC: nxp-nci: Include unaligned.h instead of access_ok.h (bnc#1012382).
- nfit: fix unchecked dereference in acpi_nfit_ctl (bsc#1125014).
- nfsd4: fix crash on writing v4_end_grace before nfsd startup (bnc#1012382).
- NFS: nfs_compare_mount_options always compare auth flavors (bnc#1012382).
- niu: fix missing checks of niu_pci_eeprom_read (bnc#1012382).
- ocfs2: do not clear bh uptodate for block read (bnc#1012382).
- ocfs2: fix panic due to unrecovered local alloc (bnc#1012382).
- omap2fb: Fix stack memory disclosure (bsc#1106929)
- openvswitch: Avoid OOB read when parsing flow nlattrs (bnc#1012382).
- packet: Do not leak dev refcounts on error exit (bnc#1012382).
- pci: altera: Check link status before retrain link (bnc#1012382).
- pci: altera: Fix altera_pcie_link_is_up() (bnc#1012382).
- pci: altera: Move retrain from fixup to altera_pcie_host_init() (bnc#1012382).
- pci: altera: Poll for link training status after retraining the link (bnc#1012382).
- pci: altera: Poll for link up status after retraining the link (bnc#1012382).
- pci: altera: Reorder read/write functions (bnc#1012382).
- pci: altera: Rework config accessors for use without a struct pci_bus (bnc#1012382).
- pci/PME: Fix hotplug/sysfs remove deadlock in pcie_pme_remove() (bsc#1129241).
- perf/core: Do not WARN() for impossible ring-buffer sizes (bnc#1012382).
- perf/core: Fix impossible ring-buffer sizes warning (bnc#1012382).
- perf intel-pt: Fix error with config term 'pt=0' (bnc#1012382).
- perf parse-events: Fix unchecked usage of strncpy() (bnc#1012382).
- perf svghelper: Fix unchecked usage of strncpy() (bnc#1012382).
- perf tests evsel-tp-sched: Fix bitwise operator (bnc#1012382).
- perf tools: Add Hygon Dhyana support (bnc#1012382).
- perf unwind: Take pgoff into account when reporting elf to libdwfl (bnc#1012382).
- perf unwind: Unwind with libdw does not take symfs into account (bnc#1012382).
- perf/x86: Add sysfs entry to freeze counters on SMI (bsc#1121805).
- perf/x86/intel: Delay memory deallocation until x86_pmu_dead_cpu() (bsc#1121805).
- perf/x86/intel: Do not enable freeze-on-smi for PerfMon V1 (bsc#1121805).
- perf/x86/intel: Fix memory corruption (bsc#1121805).
- perf/x86/intel: Generalize dynamic constraint creation (bsc#1121805).
- perf/x86/intel: Implement support for TSX Force Abort (bsc#1121805).
- perf/x86/intel: Make cpuc allocations consistent (bsc#1121805).
- perf/x86/intel/uncore: Add Node ID mask (bnc#1012382).
- phy: micrel: Ensure interrupts are reenabled on resume (git-fixes).
- pinctrl: msm: fix gpio-hog related boot issues (bnc#1012382).
- platform/x86: asus-nb-wmi: Drop mapping of 0x33 and 0x34 scan codes (bnc#1012382).
- platform/x86: asus-nb-wmi: Map 0x35 to KEY_SCREENLOCK (bnc#1012382).
- platform/x86: asus-wmi: Tell the EC the OS will handle the display off hotkey (bnc#1012382).
- platform/x86: thinkpad_acpi: Proper model/release matching (bsc#1099810).
- powerpc/cacheinfo: Report the correct shared_cpu_map on big-cores (bsc#1109695).
- powerpc: Detect the presence of big-cores via 'ibm, thread-groups' (bsc#1109695).
- powerpc, hotplug: Avoid to touch non-existent cpumasks (bsc#1109695).
- powerpc: make use of for_each_node_by_type() instead of open-coding it (bsc#1109695).
- powerpc/pseries: Add CPU dlpar remove functionality (bsc#1128756).
- powerpc/pseries: add of_node_put() in dlpar_detach_node() (bnc#1012382).
- powerpc/pseries: Consolidate CPU hotplug code to hotplug-cpu.c (bsc#1128756).
- powerpc/pseries/cpuidle: Fix preempt warning (bnc#1012382).
- powerpc/pseries: Factor out common cpu hotplug code (bsc#1128756).
- powerpc/pseries: Perform full re-add of CPU for topology update post-migration (bsc#1128756).
- powerpc/setup: Add cpu_to_phys_id array (bsc#1109695).
- powerpc/smp: Add cpu_l2_cache_map (bsc#1109695).
- powerpc/smp: Add Power9 scheduler topology (bsc#1109695).
- powerpc/smp: Rework CPU topology construction (bsc#1109695).
- powerpc/smp: Use cpu_to_chip_id() to find core siblings (bsc#1109695).
- powerpc/uaccess: fix warning/error with access_ok() (bnc#1012382).
- powerpc: Use cpu_smallcore_sibling_mask at SMT level on bigcores (bsc#1109695).
- powerpc/xmon: Fix invocation inside lock region (bsc#1122885).
- pppoe: fix reception of frames with no mac header (git-fixes).
- pptp: dst_release sk_dst_cache in pptp_sock_destruct (git-fixes).
- proc: Remove empty line in /proc/self/status (bnc#1012382 bsc#1094823).
- pseries/energy: Use OF accessor function to read ibm,drc-indexes (bsc#1129080).
- pstore/ram: Do not treat empty buffers as valid (bnc#1012382).
- ptp: check gettime64 return code in PTP_SYS_OFFSET ioctl (bnc#1012382).
- r8169: Add support for new Realtek Ethernet (bnc#1012382).
- rbd: do not return 0 on unmap if RBD_DEV_FLAG_REMOVING is set (bsc#1125808).
- rcu: Force boolean subscript for expedited stall warnings (bnc#1012382).
- RDMA/bnxt_re: Fix a couple off by one bugs (bsc#1020413, ).
- RDMA/bnxt_re: Synchronize destroy_qp with poll_cq (bsc#1125446).
- Revert 'bs-upload-kernel: do not set %opensuse_bs' This reverts commit e89e2b8cbef05df6c874ba70af3cb4c57f82a821.
- Revert 'cifs: In Kconfig CONFIG_CIFS_POSIX needs depends on legacy (insecure cifs)' (bnc#1012382).
- Revert 'exec: load_script: do not blindly truncate shebang string' (bnc#1012382).
- Revert 'Input: elan_i2c - add ACPI ID for touchpad in ASUS Aspire F5-573G' (bnc#1012382).
- Revert 'loop: Fix double mutex_unlock(&loop_ctl_mutex) in loop_control_ioctl()' (bnc#1012382).
- Revert 'loop: Fold __loop_release into loop_release' (bnc#1012382).
- Revert 'loop: Get rid of loop_index_mutex' (bnc#1012382).
- Revert 'mmc: bcm2835: Fix DMA channel leak on probe error (bsc#1120902).' The backport patch does not built properly.
- Revert 'mm, devm_memremap_pages: mark devm_memremap_pages() EXPORT_SYMBOL_GPL' (bnc#1012382).
- Revert 'net: stmmac: Fix a race in EEE enable callback (git-fixes).' This reverts commit f323fa8d233c1f44aff17e6fae90c2c8be30edf9. The patch was already included in stable 4.4.176.
- Revert 'sd: disable logical block provisioning if 'lbpme' is not set' This reverts commit 96370bd87299c7a6883b3e2bf13818f60c8ba611. Patch not accepted upstream.
- Revert 'x86/platform/UV: Use efi_runtime_lock to serialise BIOS calls' (bsc#1128565).
- rhashtable: Add rhashtable_lookup() (bnc#1012382).
- rhashtable: add rhashtable_lookup_get_insert_key() (bnc#1012382 bsc#1042286).
- rhashtable: add schedule points (bnc#1012382).
- rhashtable: reorganize struct rhashtable layout (bnc#1012382).
- s390/early: improve machine detection (bnc#1012382).
- s390/qeth: cancel close_dev work before removing a card (LTC#175898, bsc#1127561).
- s390/smp: Fix calling smp_call_ipl_cpu() from ipl CPU (bnc#1012382).
- s390/smp: fix CPU hotplug deadlock with CPU rescan (bnc#1012382).
- sata_rcar: fix deferred probing (bnc#1012382).
- sched/wake_q: Document wake_q_add() (bsc#1050549).
- sched/wake_q: Fix wakeup ordering for wake_q (bsc#1050549).
- sched/wake_q: Reduce reference counting for special users (bsc#1050549).
- scripts/decode_stacktrace: only strip base path when a prefix of the path (bnc#1012382).
- scripts/git_sort/git_sort.py: Add mkp/scsi 5.0/scsi-fixes
- scsi: aacraid: Fix missing break in switch statement (bsc#1128696).
- scsi: ibmvscsi: Fix empty event pool access during host removal (bsc#1119019).
- scsi: lpfc: Correct LCB RJT handling (bnc#1012382).
- scsi: lpfc: Correct MDS diag and nvmet configuration (bsc#1125796).
- scsi: lpfc: do not set queue->page_count to 0 if pc_sli4_params.wqpcnt is invalid (bsc#1127725).
- scsi: megaraid: fix out-of-bound array accesses (bnc#1012382).
- scsi: mpt3sas: Add an I/O barrier (bsc#1117108).
- scsi: mpt3sas: Added support for nvme encapsulated request message (bsc#1117108).
- scsi: mpt3sas: Added support for SAS Device Discovery Error Event (bsc#1117108).
- scsi: mpt3sas: Adding support for SAS3616 HBA device (bsc#1117108).
- scsi: mpt3sas: Add ioc_<level> logging macros (bsc#1117108).
- scsi: mpt3sas: Add nvme device support in slave alloc, target alloc and probe (bsc#1117108).
- scsi: mpt3sas: Add PCI device ID for Andromeda (bsc#1117108).
- scsi: mpt3sas: Add-Task-management-debug-info-for-NVMe-drives (bsc#1117108).
- scsi: mpt3sas: Allow processing of events during driver unload (bsc#1117108).
- scsi: mpt3sas: always use first reserved smid for ioctl passthrough (bsc#1117108).
- scsi: mpt3sas: Annotate switch/case fall-through (bsc#1117108).
- scsi: mpt3sas: API's to remove nvme drive from sml (bsc#1117108).
- scsi: mpt3sas: API 's to support NVMe drive addition to SML (bsc#1117108).
- scsi: mpt3sas: As per MPI-spec, use combined reply queue for SAS3.5 controllers when HBA supports more than 16 MSI-x vectors (bsc#1117108).
- scsi: mpt3sas: Bug fix for big endian systems (bsc#1117108).
- scsi: mpt3sas: Bump mpt3sas driver version to v16.100.00.00 (bsc#1117108).
- scsi: mpt3sas: Cache enclosure pages during enclosure add (bsc#1117108).
- scsi: mpt3sas: check command status before attempting abort (bsc#1117108).
- scsi: mpt3sas: clarify mmio pointer types (bsc#1117108).
- scsi: mpt3sas: cleanup _scsih_pcie_enumeration_event() (bsc#1117108).
- scsi: mpt3sas: Configure reply post queue depth, DMA and sgl tablesize (bsc#1117108).
- scsi: mpt3sas: Convert logging uses with MPT3SAS_FMT and reply_q_name to %s: (bsc#1117108).
- scsi: mpt3sas: Convert logging uses with MPT3SAS_FMT without logging levels (bsc#1117108).
- scsi: mpt3sas: Convert mlsleading uses of pr_<level> with MPT3SAS_FMT (bsc#1117108).
- scsi: mpt3sas: Convert uses of pr_<level> with MPT3SAS_FMT to ioc_<level> (bsc#1117108).
- scsi: mpt3sas: Display chassis slot information of the drive (bsc#1117108).
- scsi: mpt3sas: Do not abort I/Os issued to NVMe drives while processing Async Broadcast primitive event (bsc#1117108).
- scsi: mpt3sas: Do not access the structure after decrementing it's instance reference count (bsc#1117108).
- scsi: mpt3sas: Do not use 32-bit atomic request descriptor for Ventura controllers (bsc#1117108).
- scsi: mpt3sas: Enhanced handling of Sense Buffer (bsc#1117108).
- scsi: mpt3sas: fix an out of bound write (bsc#1117108).
- scsi: mpt3sas: Fix a race condition in mpt3sas_base_hard_reset_handler() (bsc#1117108).
- scsi: mpt3sas: Fix calltrace observed while running IO & reset (bsc#1117108).
- scsi: mpt3sas: fix dma_addr_t casts (bsc#1117108).
- scsi: mpt3sas: Fixed memory leaks in driver (bsc#1117108).
- scsi: mpt3sas: Fix, False timeout prints for ioctl and other internal commands during controller reset (bsc#1117108).
- scsi: mpt3sas: fix format overflow warning (bsc#1117108).
- scsi: mpt3sas: Fix indentation (bsc#1117108).
- scsi: mpt3sas: Fix memory allocation failure test in 'mpt3sas_base_attach()' (bsc#1117108).
- scsi: mpt3sas: Fix nvme drives checking for tlr (bsc#1117108).
- scsi: mpt3sas: fix oops in error handlers after shutdown/unload (bsc#1117108).
- scsi: mpt3sas: Fix possibility of using invalid Enclosure Handle for SAS device after host reset (bsc#1117108).
- scsi: mpt3sas: fix possible memory leak (bsc#1117108).
- scsi: mpt3sas: fix pr_info message continuation (bsc#1117108).
- scsi: mpt3sas: Fix removal and addition of vSES device during host reset (bsc#1117108).
- scsi: mpt3sas: Fix sparse warnings (bsc#1117108).
- scsi: mpt3sas: fix spelling mistake: 'disbale' -> 'disable' (bsc#1117108).
- scsi: mpt3sas: For NVME device, issue a protocol level reset (bsc#1117108).
- scsi: mpt3sas: Handle NVMe PCIe device related events generated from firmware (bsc#1117108).
- scsi: mpt3sas: Improve kernel-doc headers (bsc#1117108).
- scsi: mpt3sas: Incorrect command status was set/marked as not used (bsc#1117108).
- scsi: mpt3sas: Increase event log buffer to support 24 port HBA's (bsc#1117108).
- scsi: mpt3sas: Introduce API to get BAR0 mapped buffer address (bsc#1117108).
- scsi: mpt3sas: Introduce Base function for cloning (bsc#1117108).
- scsi: mpt3sas: Introduce function to clone mpi reply (bsc#1117108).
- scsi: mpt3sas: Introduce function to clone mpi request (bsc#1117108).
- scsi: mpt3sas: Introduce mpt3sas_get_st_from_smid() (bsc#1117108).
- scsi: mpt3sas: Introduce struct mpt3sas_nvme_cmd (bsc#1117108).
- scsi: mpt3sas: Lockless access for chain buffers (bsc#1117108).
- scsi: mpt3sas: lockless command submission (bsc#1117108).
- scsi: mpt3sas: make function _get_st_from_smid static (bsc#1117108).
- scsi: mpt3sas: NVMe drive support for BTDHMAPPING ioctl command and log info (bsc#1117108).
- scsi: mpt3sas: open-code _scsih_scsi_lookup_get() (bsc#1117108).
- scsi: mpt3sas: Optimize I/O memory consumption in driver (bsc#1117108).
- scsi: mpt3sas: Pre-allocate RDPQ Array at driver boot time (bsc#1117108).
- scsi: mpt3sas: Processing of Cable Exception events (bsc#1117108).
- scsi: mpt3sas: Reduce memory footprint in kdump kernel (bsc#1117108).
- scsi: mpt3sas: remove a stray KERN_INFO (bsc#1117108).
- scsi: mpt3sas: Remove KERN_WARNING from panic uses (bsc#1117108).
- scsi: mpt3sas: remove redundant copy_from_user in _ctl_getiocinfo (bsc#1117108).
- scsi: mpt3sas: remove redundant wmb (bsc#1117108).
- scsi: mpt3sas: Remove set-but-not-used variables (bsc#1117108).
- scsi: mpt3sas: Remove unnecessary parentheses and simplify null checks (bsc#1117108).
- scsi: mpt3sas: Remove unused macro MPT3SAS_FMT (bsc#1117108).
- scsi: mpt3sas: Remove unused variable requeue_event (bsc#1117108).
- scsi: mpt3sas: Replace PCI pool old API (bsc#1117108).
- scsi: mpt3sas: Replace PCI pool old API (bsc#1117108).
- scsi: mpt3sas: Report Firmware Package Version from HBA Driver (bsc#1117108).
- scsi: mpt3sas: scan and add nvme device after controller reset (bsc#1117108).
- scsi: mpt3sas: separate out _base_recovery_check() (bsc#1117108).
- scsi: mpt3sas: set default value for cb_idx (bsc#1117108).
- scsi: mpt3sas: Set NVMe device queue depth as 128 (bsc#1117108).
- scsi: mpt3sas: SGL to PRP Translation for I/Os to NVMe devices (bsc#1117108).
- scsi: mpt3sas: simplify mpt3sas_scsi_issue_tm() (bsc#1117108).
- scsi: mpt3sas: simplify task management functions (bsc#1117108).
- scsi: mpt3sas: simplify _wait_for_commands_to_complete() (bsc#1117108).
- scsi: mpt3sas: Split _base_reset_handler(), mpt3sas_scsih_reset_handler() and mpt3sas_ctl_reset_handler() (bsc#1117108).
- scsi: mpt3sas: Swap I/O memory read value back to cpu endianness (bsc#1117108).
- scsi: mpt3sas: switch to generic DMA API (bsc#1117108).
- scsi: mpt3sas: switch to pci_alloc_irq_vectors (bsc#1117108).
- scsi: mpt3sas: Updated MPI headers to v2.00.48 (bsc#1117108).
- scsi: mpt3sas: Update driver version '25.100.00.00' (bsc#1117108).
- scsi: mpt3sas: Update driver version '26.100.00.00' (bsc#1117108).
- scsi: mpt3sas: Update MPI Headers (bsc#1117108).
- scsi: mpt3sas: Update mpt3sas driver version (bsc#1117108).
- scsi: mpt3sas: Use dma_pool_zalloc (bsc#1117108).
- scsi: mpt3sas: use list_splice_init() (bsc#1117108).
- scsi: mpt3sas: wait for and flush running commands on shutdown/unload (bsc#1117108).
- scsi: qla2xxx: Fix deadlock between ATIO and HW lock (bsc#1125794).
- scsi: qla2xxx: Fix early srb free on abort (bsc#1121713).
- scsi: qla2xxx: Fix for double free of SRB structure (bsc#1121713).
- scsi: qla2xxx: Increase abort timeout value (bsc#1121713).
- scsi: qla2xxx: Move {get|rel}_sp to base_qpair struct (bsc#1121713).
- scsi: qla2xxx: Return switch command on a timeout (bsc#1121713).
- scsi: qla2xxx: Turn off IOCB timeout timer on IOCB completion (bsc#1121713).
- scsi: qla2xxx: Use correct qpair for ABTS/CMD (bsc#1121713).
- scsi: sd: Fix cache_type_store() (bnc#1012382).
- scsi: sym53c8xx: fix NULL pointer dereference panic in sym_int_sir() (bsc#1125315).
- scsi: target: make the pi_prot_format ConfigFS path readable (bsc#1123933).
- scsi: target: use consistent left-aligned ASCII INQUIRY data (bnc#1012382).
- sctp: allocate sctp_sockaddr_entry with kzalloc (bnc#1012382).
- sd: disable logical block provisioning if 'lbpme' is not set (bsc#1086095 bsc#1078355).
- selinux: fix GPF on invalid policy (bnc#1012382).
- seq_buf: Make seq_buf_puts() null-terminate the buffer (bnc#1012382).
- serial: fsl_lpuart: clear parity enable bit when disable parity (bnc#1012382).
- series.conf: Move 'patches.fixes/aio-hold-an-extra-file-reference-over-AIO-read-write.patch' into sorted section.
- signal: Always notice exiting tasks (bnc#1012382).
- signal: Better detection of synchronous signals (bnc#1012382).
- signal: Restore the stop PTRACE_EVENT_EXIT (bnc#1012382).
- skge: potential memory corruption in skge_get_regs() (bnc#1012382).
- sky2: Increase D3 delay again (bnc#1012382).
- slab: alien caches must not be initialized if the allocation of the alien cache failed (bnc#1012382).
- smack: fix access permissions for keyring (bnc#1012382).
- smsc95xx: Use skb_cow_head to deal with cloned skbs (bnc#1012382).
- soc/tegra: Do not leak device tree node reference (bnc#1012382).
- staging:iio:ad2s90: Make probe handle spi_setup failure (bnc#1012382).
- staging: iio: ad7780: update voltage on read (bnc#1012382).
- staging: iio: adc: ad7280a: handle error from __ad7280_read32() (bnc#1012382).
- staging: rtl8188eu: Add device code for D-Link DWA-121 rev B1 (bnc#1012382).
- sunrpc: handle ENOMEM in rpcb_getport_async (bnc#1012382).
- sunvdc: Do not spin in an infinite loop when vio_ldc_send() returns EAGAIN (bnc#1012382).
- sysfs: Disable lockdep for driver bind/unbind files (bnc#1012382).
- tcp: clear icsk_backoff in tcp_write_queue_purge() (bnc#1012382).
- tcp: tcp_v4_err() should be more careful (bnc#1012382).
- team: avoid complex list operations in team_nl_cmd_options_set() (bnc#1012382).
- team: Free BPF filter when unregistering netdev (git-fixes).
- test_hexdump: use memcpy instead of strncpy (bnc#1012382).
- thermal: hwmon: inline helpers when CONFIG_THERMAL_HWMON is not set (bnc#1012382).
- timekeeping: Use proper seqcount initializer (bnc#1012382).
- tipc: fix uninit-value in tipc_nl_compat_bearer_enable (bnc#1012382).
- tipc: fix uninit-value in tipc_nl_compat_doit (bnc#1012382).
- tipc: fix uninit-value in tipc_nl_compat_link_reset_stats (bnc#1012382).
- tipc: fix uninit-value in tipc_nl_compat_link_set (bnc#1012382).
- tipc: fix uninit-value in tipc_nl_compat_name_table_dump (bnc#1012382).
- tipc: use destination length for copy string (bnc#1012382).
- tracing: Do not free iter->trace in fail path of tracing_open_pipe() (bsc#1129581).
- tracing/uprobes: Fix output for multiple string arguments (bnc#1012382).
- tty: Do not block on IO when ldisc change is pending (bnc#1105428).
- tty: Do not hold ldisc lock in tty_reopen() if ldisc present (bnc#1105428).
- tty: fix data race between tty_init_dev and flush of buf (bnc#1105428).
- tty: Handle problem if line discipline does not have receive_buf (bnc#1012382).
- tty: Hold tty_ldisc_lock() during tty_reopen() (bnc#1105428).
- tty/ldsem: Add lockdep asserts for ldisc_sem (bnc#1105428).
- tty/ldsem: Convert to regular lockdep annotations (bnc#1105428).
- tty/ldsem: Decrement wait_readers on timeouted down_read() (bnc#1105428).
- tty/ldsem: Wake up readers after timed out down_write() (bnc#1012382).
- tty/n_hdlc: fix __might_sleep warning (bnc#1012382).
- tty: serial: samsung: Properly set flags in autoCTS mode (bnc#1012382).
- tty: Simplify tty->count math in tty_reopen() (bnc#1105428).
- uapi/if_ether.h: move __UAPI_DEF_ETHHDR libc define (bnc#1012382).
- uapi/if_ether.h: prevent redefinition of struct ethhdr (bnc#1012382).
- ucc_geth: Reset BQL queue when stopping device (bnc#1012382).
- udf: Fix BUG on corrupted inode (bnc#1012382).
- um: Avoid marking pages with 'changed protection' (bnc#1012382).
- usb: Add USB_QUIRK_DELAY_CTRL_MSG quirk for Corsair K70 RGB (bnc#1012382).
- usb: cdc-acm: send ZLP for Telit 3G Intel based modems (bnc#1012382).
- usb: dwc2: Remove unnecessary kfree (bnc#1012382).
- usb: gadget: udc: net2272: Fix bitwise and boolean operations (bnc#1012382).
- usb: hub: delay hub autosuspend if USB3 port is still link training (bnc#1012382).
- usb: phy: am335x: fix race condition in _probe (bnc#1012382).
- usb: serial: pl2303: add new PID to support PL2303TB (bnc#1012382).
- usb: serial: simple: add Motorola Tetra TPG2200 device id (bnc#1012382).
- usb: storage: add quirk for SMI SM3350 (bnc#1012382).
- usb: storage: do not insert sane sense for SPC3+ when bad sense specified (bnc#1012382).
- video: clps711x-fb: release disp device node in probe() (bnc#1012382).
- vsock: cope with memory allocation failure at socket creation time (bnc#1012382).
- vt: invoke notifier on screen size change (bnc#1012382).
- vxlan: test dev->flags & IFF_UP before calling netif_rx() (bnc#1012382).
- wireless: airo: potential buffer overflow in sprintf() (bsc#1120902).
- writeback: do not decrement wb->refcnt if !wb->bdi (git fixes (writeback)).
- x86: Add TSX Force Abort CPUID/MSR (bsc#1121805).
- x86/a.out: Clear the dump structure initially (bnc#1012382).
- x86/fpu: Add might_fault() to user_insn() (bnc#1012382).
- x86/kaslr: Fix incorrect i8254 outb() parameters (bnc#1012382).
- x86: livepatch: Treat R_X86_64_PLT32 as R_X86_64_PC32 (bnc#1012382).
- x86/MCE: Initialize mce.bank in the case of a fatal error in mce_no_way_out() (bnc#1012382).
- x86/PCI: Fix Broadcom CNB20LE unintended sign extension (redux) (bnc#1012382).
- x86/pkeys: Properly copy pkey state at fork() (bsc#1106105).
- x86/platform/UV: Use efi_runtime_lock to serialise BIOS calls (bnc#1012382).
- x86: respect memory size limiting via mem= parameter (bsc#1117645).
- x86/xen: dont add memory above max allowed allocation (bsc#1117645).
- xen, cpu_hotplug: Prevent an out of bounds access (bsc#1065600).
- xen: remove pre-xen3 fallback handlers (bsc#1065600).
- xfrm6_tunnel: Fix spi check in __xfrm6_tunnel_alloc_spi (bnc#1012382).
- xfrm: refine validation of template and selector families (bnc#1012382).
- Yama: Check for pid death before checking ancestry (bnc#1012382).
- xfs: remove filestream item xfs_inode reference (bsc#1127961).
Patchnames
SUSE-2019-901,SUSE-SLE-SERVER-12-SP3-2019-901
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for the Linux Kernel",
"title": "Title of the patch"
},
{
"category": "description",
"text": "\n\nThe SUSE Linux Enterprise 12 SP3 Azure kernel was updated to 4.4.176 to receive various security and bugfixes.\n\nThe following security bugs were fixed:\n\n- CVE-2019-2024: A use-after-free when disconnecting a source was fixed which could lead to crashes. bnc#1129179).\n- CVE-2019-9213: expand_downwards in mm/mmap.c lacked a check for the mmap minimum address, which made it easier for attackers to exploit kernel NULL pointer dereferences on non-SMAP platforms. This is related to a capability check for the wrong task (bnc#1128166).\n- CVE-2019-6974: kvm_ioctl_create_device in virt/kvm/kvm_main.c mishandled reference counting because of a race condition, leading to a use-after-free. (bnc#1124728)\n- CVE-2019-3459, CVE-2019-3460: The Bluetooth stack suffered from two remote information leak vulnerabilities in the code that handles incoming L2cap configuration packets (bsc#1120758).\n- CVE-2019-7221: Fixed a use-after-free vulnerability in the KVM hypervisor related to the emulation of a preemption timer, allowing an guest user/process to crash the host kernel. (bsc#1124732).\n- CVE-2019-7222: Fixed an information leakage in the KVM hypervisor related to handling page fault exceptions, which allowed a guest user/process to use this flaw to leak the host\u0027s stack memory contents to a guest (bsc#1124735).\n- CVE-2017-18249: The add_free_nid function in fs/f2fs/node.c did not properly track an allocated nid, which allowed local users to cause a denial of service (race condition) or possibly have unspecified other impact via concurrent threads (bnc#1087036).\n\nThe following non-security bugs were fixed:\n\n- acpi/nfit: Block function zero DSMs (bsc#1123321).\n- acpi, nfit: Fix ARS overflow continuation (bsc#1125000).\n- acpi/nfit: fix cmd_rc for acpi_nfit_ctl to always return a value (bsc#1124775).\n- acpi/nfit: Fix command-supported detection (bsc#1123323).\n- acpi: power: Skip duplicate power resource references in _PRx (bnc#1012382).\n- acpi / processor: Fix the return value of acpi_processor_ids_walk() (git fixes (acpi)).\n- alpha: Fix Eiger NR_IRQS to 128 (bnc#1012382).\n- alpha: fix page fault handling for r16-r18 targets (bnc#1012382).\n- alsa: bebob: fix model-id of unit for Apogee Ensemble (bnc#1012382).\n- alsa: compress: Fix stop handling on compressed capture streams (bnc#1012382).\n- alsa: hda - Add quirk for HP EliteBook 840 G5 (bnc#1012382).\n- alsa: hda/realtek - Disable headset Mic VREF for headset mode of ALC225 (bnc#1012382).\n- alsa: hda - Serialize codec registrations (bnc#1012382).\n- alsa: usb-audio: Fix implicit fb endpoint setup by quirk (bnc#1012382).\n- ARC: perf: map generic branches to correct hardware condition (bnc#1012382).\n- arm64: Do not trap host pointer auth use to EL2 (bnc#1012382).\n- arm64: ftrace: do not adjust the LR value (bnc#1012382).\n- arm64: hyp-stub: Forbid kprobing of the hyp-stub (bnc#1012382).\n- arm64/kvm: consistently handle host HCR_EL2 flags (bnc#1012382).\n- arm64: KVM: Skip MMIO insn after emulation (bnc#1012382).\n- arm64: perf: set suppress_bind_attrs flag to true (bnc#1012382).\n- ARM: 8808/1: kexec:offline panic_smp_self_stop CPU (bnc#1012382).\n- ARM: cns3xxx: Fix writing to wrong PCI config registers after alignment (bnc#1012382).\n- ARM: dts: da850-evm: Correct the sound card name (bnc#1012382).\n- ARM: dts: Fix OMAP4430 SDP Ethernet startup (bnc#1012382).\n- ARM: dts: kirkwood: Fix polarity of GPIO fan lines (bnc#1012382).\n- ARM: dts: mmp2: fix TWSI2 (bnc#1012382).\n- ARM: iop32x/n2100: fix PCI IRQ mapping (bnc#1012382).\n- ARM: OMAP2+: hwmod: Fix some section annotations (bnc#1012382).\n- ARM: pxa: avoid section mismatch warning (bnc#1012382).\n- ASoC: atom: fix a missing check of snd_pcm_lib_malloc_pages (bnc#1012382).\n- ASoC: fsl: Fix SND_SOC_EUKREA_TLV320 build error on i.MX8M (bnc#1012382).\n- ASoC: Intel: mrfld: fix uninitialized variable access (bnc#1012382).\n- ata: Fix racy link clearance (bsc#1107866).\n- ax25: fix possible use-after-free (bnc#1012382).\n- batman-adv: Avoid WARN on net_device without parent in netns (bnc#1012382).\n- batman-adv: Force mac header to start of data on xmit (bnc#1012382).\n- block_dev: fix crash on chained bios with O_DIRECT (bsc#1090435).\n- block: do not use bio-\u003ebi_vcnt to figure out segment number (bsc#1128893).\n- block/loop: Use global lock for ioctl() operation (bnc#1012382).\n- block/swim3: Fix -EBUSY error when re-opening device after unmount (Git-fixes).\n- bluetooth: Fix unnecessary error message for HCI request completion (bnc#1012382).\n- bnxt_re: Fix couple of memory leaks that could lead to IOMMU call traces (bsc#1020413).\n- bnxt_re: Fix couple of memory leaks that could lead to IOMMU call traces (bsc#1020413).\n- bpf: fix replace_map_fd_with_map_ptr\u0027s ldimm64 second imm field (bsc#1012382).\n- btrfs: ensure that a DUP or RAID1 block group has exactly two stripes (bsc#1128452).\n- btrfs: tree-checker: Check level for leaves and nodes (bnc#1012382).\n- btrfs: tree-checker: Do not check max block group size as current max chunk size limit is unreliable (fixes for bnc#1012382 bsc#1102875 bsc#1102877 bsc#1102879 bsc#1102882 bsc#1102896).\n- btrfs: tree-checker: Fix misleading group system information (bnc#1012382).\n- btrfs: tree-check: reduce stack consumption in check_dir_item (bnc#1012382).\n- btrfs: validate type when reading a chunk (bnc#1012382).\n- btrfs: wait on ordered extents on abort cleanup (bnc#1012382).\n- can: bcm: check timer values before ktime conversion (bnc#1012382).\n- can: dev: __can_get_echo_skb(): fix bogous check for non-existing skb by removing it (bnc#1012382).\n- can: gw: ensure DLC boundaries after CAN frame modification (bnc#1012382).\n- ceph: avoid repeatedly adding inode to mdsc-\u003esnap_flush_list (bsc#1126773).\n- ceph: clear inode pointer when snap realm gets dropped by its inode (bsc#1125809).\n- ch: add missing mutex_lock()/mutex_unlock() in ch_release() (bsc#1124235).\n- char/mwave: fix potential Spectre v1 vulnerability (bnc#1012382).\n- ch: fixup refcounting imbalance for SCSI devices (bsc#1124235).\n- cifs: Always resolve hostname before reconnecting (bnc#1012382).\n- cifs: check ntwrk_buf_start for NULL before dereferencing it (bnc#1012382).\n- cifs: Do not count -ENODATA as failure for query directory (bnc#1012382).\n- cifs: Do not hide EINTR after sending network packets (bnc#1012382).\n- cifs: Fix possible hang during async MTU reads and writes (bnc#1012382).\n- cifs: Fix potential OOB access of lock element array (bnc#1012382).\n- cifs: Limit memory used by lock request calls to a page (bnc#1012382).\n- clk: imx6q: reset exclusive gates on init (bnc#1012382).\n- clk: imx6sl: ensure MMDC CH0 handshake is bypassed (bnc#1012382).\n- copy_mount_string: Limit string length to PATH_MAX (bsc#1082943).\n- cpufreq: intel_pstate: Fix HWP on boot CPU after system resume (bsc#1120017).\n- cpuidle: big.LITTLE: fix refcount leak (bnc#1012382).\n- crypto: authencesn - Avoid twice completion call in decrypt path (bnc#1012382).\n- crypto: authenc - fix parsing key with misaligned rta_len (bnc#1012382).\n- crypto: cts - fix crash on short inputs (bnc#1012382).\n- crypto: user - support incremental algorithm dumps (bsc#1120902).\n- crypto: ux500 - Use proper enum in cryp_set_dma_transfer (bnc#1012382).\n- crypto: ux500 - Use proper enum in hash_set_dma_transfer (bnc#1012382).\n- cw1200: Fix concurrency use-after-free bugs in cw1200_hw_scan() (bnc#1012382).\n- dccp: fool proof ccid_hc_[rt]x_parse_options() (bnc#1012382).\n- debugfs: fix debugfs_rename parameter checking (bnc#1012382).\n- device property: Fix the length used in PROPERTY_ENTRY_STRING() (bsc#1129770).\n- Disable MSI also when pcie-octeon.pcie_disable on (bnc#1012382).\n- dlm: Do not swamp the CPU with callbacks queued during recovery (bnc#1012382).\n- dmaengine: imx-dma: fix wrong callback invoke (bnc#1012382).\n- dm crypt: add cryptographic data integrity protection (authenticated encryption) (Git-fixes).\n- dm crypt: factor IV constructor out to separate function (Git-fixes).\n- dm crypt: fix crash by adding missing check for auth key size (git-fixes).\n- dm crypt: fix error return code in crypt_ctr() (git-fixes).\n- dm crypt: fix memory leak in crypt_ctr_cipher_old() (git-fixes).\n- dm crypt: introduce new format of cipher with \u0027capi:\u0027 prefix (Git-fixes).\n- dm crypt: wipe kernel key copy after IV initialization (Git-fixes).\n- dm: do not allow readahead to limit IO size (git fixes (readahead)).\n- dm kcopyd: Fix bug causing workqueue stalls (bnc#1012382).\n- dm snapshot: Fix excessive memory usage and workqueue stalls (bnc#1012382).\n- dm thin: fix bug where bio that overwrites thin block ignores FUA (bnc#1012382).\n- Documentation/network: reword kernel version reference (bnc#1012382).\n- drbd: Avoid Clang warning about pointless switch statment (bnc#1012382).\n- drbd: disconnect, if the wrong UUIDs are attached on a connected peer (bnc#1012382).\n- drbd: narrow rcu_read_lock in drbd_sync_handshake (bnc#1012382).\n- drbd: skip spurious timeout (ping-timeo) when failing promote (bnc#1012382).\n- drivers: core: Remove glue dirs from sysfs earlier (bnc#1012382).\n- Drivers: hv: vmbus: Check for ring when getting debug info (bsc#1126389).\n- drm/bufs: Fix Spectre v1 vulnerability (bnc#1012382).\n- drm: Fix error handling in drm_legacy_addctx (bsc#1106929)\n- drm/i915: Block fbdev HPD processing during suspend (bsc#1106929)\n- drm/i915: Prevent a race during I915_GEM_MMAP ioctl with WC set (bsc#1106929)\n- drm/modes: Prevent division by zero htotal (bnc#1012382).\n- drm/nouveau/bios/ramcfg: fix missing parentheses when calculating RON (bsc#1106929)\n- drm/nouveau/pmu: do not print reply values if exec is false (bsc#1106929)\n- drm/radeon/evergreen_cs: fix missing break in switch statement (bsc#1106929)\n- drm/vmwgfx: Do not double-free the mode stored in par-\u003eset_mode (bsc#1103429)\n- drm/vmwgfx: Fix setting of dma masks (bsc#1106929)\n- drm/vmwgfx: Return error code from vmw_execbuf_copy_fence_user (bsc#1106929)\n- e1000e: allow non-monotonic SYSTIM readings (bnc#1012382).\n- EDAC: Raise the maximum number of memory controllers (bsc#1120722).\n- efi/libstub/arm64: Use hidden attribute for struct screen_info reference (bsc#1122650).\n- enic: add wq clean up budget (bsc#1075697, bsc#1120691. bsc#1102959).\n- enic: do not overwrite error code (bnc#1012382).\n- enic: fix checksum validation for IPv6 (bnc#1012382).\n- exec: load_script: do not blindly truncate shebang string (bnc#1012382).\n- ext4: fix a potential fiemap/page fault deadlock w/ inline_data (bnc#1012382).\n- ext4: Fix crash during online resizing (bsc#1122779).\n- f2fs: Add sanity_check_inode() function (bnc#1012382).\n- f2fs: avoid unneeded loop in build_sit_entries (bnc#1012382).\n- f2fs: check blkaddr more accuratly before issue a bio (bnc#1012382).\n- f2fs: clean up argument of recover_data (bnc#1012382).\n- f2fs: clean up with is_valid_blkaddr() (bnc#1012382).\n- f2fs: detect wrong layout (bnc#1012382).\n- f2fs: enhance sanity_check_raw_super() to avoid potential overflow (bnc#1012382).\n- f2fs: factor out fsync inode entry operations (bnc#1012382).\n- f2fs: fix inode cache leak (bnc#1012382).\n- f2fs: fix invalid memory access (bnc#1012382).\n- f2fs: fix missing up_read (bnc#1012382).\n- f2fs: fix to avoid reading out encrypted data in page cache (bnc#1012382).\n- f2fs: fix to convert inline directory correctly (bnc#1012382).\n- f2fs: fix to determine start_cp_addr by sbi-\u003ecur_cp_pack (bnc#1012382).\n- f2fs: fix to do sanity check with block address in main area (bnc#1012382).\n- f2fs: fix to do sanity check with block address in main area v2 (bnc#1012382).\n- f2fs: fix to do sanity check with cp_pack_start_sum (bnc#1012382).\n- f2fs: fix to do sanity check with node footer and iblocks (bnc#1012382).\n- f2fs: fix to do sanity check with reserved blkaddr of inline inode (bnc#1012382).\n- f2fs: fix to do sanity check with secs_per_zone (bnc#1012382).\n- f2fs: fix to do sanity check with user_block_count (bnc#1012382).\n- f2fs: fix validation of the block count in sanity_check_raw_super (bnc#1012382).\n- f2fs: fix wrong return value of f2fs_acl_create (bnc#1012382).\n- f2fs: free meta pages if sanity check for ckpt is failed (bnc#1012382).\n- f2fs: give -EINVAL for norecovery and rw mount (bnc#1012382).\n- f2fs: introduce and spread verify_blkaddr (bnc#1012382).\n- f2fs: introduce get_checkpoint_version for cleanup (bnc#1012382).\n- f2fs: move dir data flush to write checkpoint process (bnc#1012382).\n- f2fs: move sanity checking of cp into get_valid_checkpoint (bnc#1012382).\n- f2fs: not allow to write illegal blkaddr (bnc#1012382).\n- f2fs: put directory inodes before checkpoint in roll-forward recovery (bnc#1012382).\n- f2fs: read page index before freeing (bnc#1012382).\n- f2fs: remove an obsolete variable (bnc#1012382).\n- f2fs: return error during fill_super (bnc#1012382).\n- f2fs: sanity check on sit entry (bnc#1012382).\n- f2fs: use crc and cp version to determine roll-forward recovery (bnc#1012382).\n- fbdev: chipsfb: remove set but not used variable \u0027size\u0027 (bsc#1106929)\n- Fix incorrect value for X86_FEATURE_TSX_FORCE_ABORT\n- Fix problem with sharetransport= and NFSv4 (bsc#1114893).\n- fs: add the fsnotify call to vfs_iter_write (bnc#1012382).\n- fs/dcache: Fix incorrect nr_dentry_unused accounting in shrink_dcache_sb() (bnc#1012382).\n- fs: do not scan the inode cache before SB_BORN is set (bnc#1012382).\n- fs/epoll: drop ovflist branch prediction (bnc#1012382).\n- fs: fix lost error code in dio_complete (bsc#1117744).\n- fuse: call pipe_buf_release() under pipe lock (bnc#1012382).\n- fuse: decrement NR_WRITEBACK_TEMP on the right page (bnc#1012382).\n- fuse: handle zero sized retrieve correctly (bnc#1012382).\n- futex: Fix (possible) missed wakeup (bsc#1050549).\n- gdrom: fix a memory leak bug (bnc#1012382).\n- gfs2: Revert \u0027Fix loop in gfs2_rbm_find\u0027 (bnc#1012382).\n- gpiolib: Fix return value of gpio_to_desc() stub if !GPIOLIB (Git-fixes).\n- gpio: pl061: handle failed allocations (bnc#1012382).\n- gpu: ipu-v3: Fix CSI offsets for imx53 (bsc#1106929)\n- gpu: ipu-v3: Fix i.MX51 CSI control registers offset (bsc#1106929)\n- HID: debug: fix the ring buffer implementation (bnc#1012382).\n- HID: lenovo: Add checks to fix of_led_classdev_register (bnc#1012382).\n- hwmon: (lm80) fix a missing check of bus read in lm80 probe (bnc#1012382).\n- hwmon: (lm80) fix a missing check of the status of SMBus read (bnc#1012382).\n- hwmon: (lm80) Fix missing unlock on error in set_fan_div() (git-fixes).\n- i2c-axxia: check for error conditions first (bnc#1012382).\n- i2c: dev: prevent adapter retries and timeout being set as minus value (bnc#1012382).\n- IB/core: type promotion bug in rdma_rw_init_one_mr() ().\n- ibmveth: Do not process frames after calling napi_reschedule (bcs#1123357).\n- ibmvnic: Add ethtool private flag for driver-defined queue limits (bsc#1121726).\n- ibmvnic: Increase maximum queue size limit (bsc#1121726).\n- ibmvnic: Introduce driver limits for ring sizes (bsc#1121726).\n- ibmvnic: Report actual backing device speed and duplex values (bsc#1129923).\n- ibmvscsi: Fix empty event pool access during host removal (bsc#1119019).\n- IB/rxe: Fix incorrect cache cleanup in error flow ().\n- IB/rxe: replace kvfree with vfree ().\n- igb: Fix an issue that PME is not enabled during runtime suspend (bnc#1012382).\n- inet: frags: add a pointer to struct netns_frags (bnc#1012382).\n- inet: frags: better deal with smp races (bnc#1012382).\n- inet: frags: break the 2GB limit for frags storage (bnc#1012382).\n- inet: frags: change inet_frags_init_net() return value (bnc#1012382).\n- inet: frags: do not clone skb in ip_expire() (bnc#1012382).\n- inet: frags: fix ip6frag_low_thresh boundary (bnc#1012382).\n- inet: frags: get rid of ipfrag_skb_cb/FRAG_CB (bnc#1012382).\n- inet: frags: get rif of inet_frag_evicting() (bnc#1012382).\n- inet: frags: refactor ipfrag_init() (bnc#1012382).\n- inet: frags: refactor ipv6_frag_init() (bnc#1012382).\n- inet: frags: refactor lowpan_net_frag_init() (bnc#1012382).\n- inet: frags: remove inet_frag_maybe_warn_overflow() (bnc#1012382).\n- inet: frags: remove some helpers (bnc#1012382).\n- inet: frags: reorganize struct netns_frags (bnc#1012382).\n- inet: frags: use rhashtables for reassembly units (bnc#1012382).\n- input: bma150 - register input device after setting private data (bnc#1012382).\n- input: elan_i2c - add ACPI ID for touchpad in Lenovo V330-15ISK (bnc#1012382).\n- input: elantech - enable 3rd button support on Fujitsu CELSIUS H780 (bnc#1012382).\n- input: mms114 - fix license module information (bsc#1087092).\n- input: xpad - add support for SteelSeries Stratus Duo (bnc#1012382).\n- intel_pstate: Update frequencies of policy-\u003ecpus only from -\u003eset_policy() (bsc#1120017).\n- iommu/amd: Call free_iova_fast with pfn in map_sg (bsc#1106105).\n- iommu/amd: Fix IOMMU page flush when detach device from a domain (bsc#1106105).\n- iommu/amd: Unmap all mapped pages in error path of map_sg (bsc#1106105).\n- iommu/arm-smmu-v3: Use explicit mb() when moving cons pointer (bnc#1012382).\n- iommu/dmar: Fix buffer overflow during PCI bus notification (bsc#1129237).\n- iommu/io-pgtable-arm-v7s: Only kmemleak_ignore L2 tables (bsc#1129238).\n- iommu/vt-d: Check identity map for hot-added devices (bsc#1129239).\n- iommu/vt-d: Fix memory leak in intel_iommu_put_resv_regions() (bsc#1106105).\n- iommu/vt-d: Fix NULL pointer reference in intel_svm_bind_mm() (bsc#1129240).\n- ip: add helpers to process in-order fragments faster (bnc#1012382).\n- ipfrag: really prevent allocation on netns exit (bnc#1012382).\n- ip: frags: fix crash in ip_do_fragment() (bnc#1012382).\n- ipmi:ssif: Fix handling of multi-part return messages (bnc#1012382).\n- ip: on queued skb use skb_header_pointer instead of pskb_may_pull (bnc#1012382).\n- ip: process in-order fragments efficiently (bnc#1012382).\n- ip: use rb trees for IP frag queue (bnc#1012382).\n- ipv4: frags: precedence bug in ip_expire() (bnc#1012382).\n- ipv6: Consider sk_bound_dev_if when binding a socket to an address (bnc#1012382).\n- ipv6: Consider sk_bound_dev_if when binding a socket to a v4 mapped address (bnc#1012382).\n- ipv6: fix kernel-infoleak in ipv6_local_error() (bnc#1012382).\n- ipv6: frags: rewrite ip6_expire_frag_queue() (bnc#1012382).\n- ipv6: Take rcu_read_lock in __inet6_bind for mapped addresses (bnc#1012382).\n- irqchip/gic-v3-its: Align PCI Multi-MSI allocation on their size (bnc#1012382).\n- isdn: hisax: hfc_pci: Fix a possible concurrency use-after-free bug in HFCPCI_l1hw() (bnc#1012382).\n- ixgbe: fix crash in build_skb Rx code path (git-fixes).\n- jffs2: Fix use of uninitialized delayed_work, lockdep breakage (bnc#1012382).\n- kABI: protect linux/kfifo.h include in hid-debug (kabi).\n- kABI: protect struct hda_bus (kabi).\n- kABI: protect struct inet_peer (kabi).\n- kabi: reorder new slabinfo fields in struct kmem_cache_node (bnc#1116653).\n- kallsyms: Handle too long symbols in kallsyms.c (bsc#1126805).\n- kaweth: use skb_cow_head() to deal with cloned skbs (bnc#1012382).\n- kconfig: fix file name and line number of warn_ignored_character() (bnc#1012382).\n- kconfig: fix memory leak when EOF is encountered in quotation (bnc#1012382).\n- kernel/exit.c: release ptraced tasks before zap_pid_ns_processes (bnc#1012382).\n- kernel/hung_task.c: break RCU locks based on jiffies (bnc#1012382).\n- KMPs: obsolete older KMPs of the same flavour (bsc#1127155, bsc#1109137).\n- kvm: arm/arm64: vgic-its: Check CBASER/BASER validity before enabling the ITS (bsc#1109248).\n- kvm: arm/arm64: vgic-its: Check GITS_BASER Valid bit before saving tables (bsc#1109248).\n- kvm: arm/arm64: vgic-its: Fix return value for device table restore (bsc#1109248).\n- kvm: arm/arm64: vgic-its: Fix vgic_its_restore_collection_table returned value (bsc#1109248).\n- kvm: nVMX: Do not halt vcpu when L1 is injecting events to L2 (bsc#1129413).\n- kvm: nVMX: Free the VMREAD/VMWRITE bitmaps if alloc_kvm_area() fails (bsc#1129414).\n- kvm: nVMX: NMI-window and interrupt-window exiting should wake L2 from HLT (bsc#1129415).\n- kvm: nVMX: Set VM instruction error for VMPTRLD of unbacked page (bsc#1129416).\n- kvm: VMX: Do not allow reexecute_instruction() when skipping MMIO instr (bsc#1129417).\n- kvm: VMX: Fix x2apic check in vmx_msr_bitmap_mode() (bsc#1124166).\n- kvm: VMX: Missing part of upstream commit 904e14fb7cb9 (bsc#1124166).\n- kvm: vmx: Set IA32_TSC_AUX for legacy mode guests (bsc#1129418).\n- kvm: x86: Add AMD\u0027s EX_CFG to the list of ignored MSRs (bsc#1127082).\n- kvm: x86: Fix single-step debugging (bnc#1012382).\n- kvm: x86: IA32_ARCH_CAPABILITIES is always supported (bsc#1129419).\n- kvm: x86: svm: report MSR_IA32_MCG_EXT_CTL as unsupported (bnc#1012382).\n- l2tp: copy 4 more bytes to linear part if necessary (bnc#1012382).\n- l2tp: fix reading optional fields of L2TPv3 (bnc#1012382).\n- l2tp: remove l2specific_len dependency in l2tp_core (bnc#1012382).\n- libceph: avoid KEEPALIVE_PENDING races in ceph_con_keepalive() (bsc#1125810).\n- libceph: handle an empty authorize reply (bsc#1126772).\n- libnvdimm: fix ars_status output length calculation (bsc#1124777).\n- libnvdimm, pfn: Pad pfn namespaces relative to other regions (bsc#1124811).\n- libnvdimm: Use max contiguous area for namespace size (bsc#1124780).\n- locking/rwsem: Fix (possible) missed wakeup (bsc#1050549).\n- loop: Fix double mutex_unlock(\u0026loop_ctl_mutex) in loop_control_ioctl() (bnc#1012382).\n- loop: Fold __loop_release into loop_release (bnc#1012382).\n- loop: Get rid of loop_index_mutex (bnc#1012382).\n- LSM: Check for NULL cred-security on free (bnc#1012382).\n- mac80211: ensure that mgmt tx skbs have tailroom for encryption (bnc#1012382).\n- mac80211: fix radiotap vendor presence bitmap handling (bnc#1012382).\n- md: batch flush requests (bsc#1119680).\n- mdio_bus: Fix use-after-free on device_register fails (git-fixes).\n- media: DaVinci-VPBE: fix error handling in vpbe_initialize() (bnc#1012382).\n- media: em28xx: Fix misplaced reset of dev-\u003ev4l::field_count (bnc#1012382).\n- media: firewire: Fix app_info parameter type in avc_ca{,_app}_info (bnc#1012382).\n- media: vb2: be sure to unlock mutex on errors (bnc#1012382).\n- media: vb2: vb2_mmap: move lock up (bnc#1012382).\n- media: vivid: fix error handling of kthread_run (bnc#1012382).\n- media: vivid: set min width/height to a value \u003e 0 (bnc#1012382).\n- memstick: Prevent memstick host from getting runtime suspended during card detection (bnc#1012382).\n- mfd: as3722: Handle interrupts on suspend (bnc#1012382).\n- mfd: as3722: Mark PM functions as __maybe_unused (bnc#1012382).\n- mfd: tps6586x: Handle interrupts on suspend (bnc#1012382).\n- misc: vexpress: Off by one in vexpress_syscfg_exec() (bnc#1012382).\n- mISDN: fix a race in dev_expire_timer() (bnc#1012382).\n- mlxsw: pci: Correctly determine if descriptor queue is full (git-fixes).\n- mlxsw: reg: Use correct offset in field definiton (git-fixes).\n- mmc: atmel-mci: do not assume idle after atmci_request_end (bnc#1012382).\n- mmc: bcm2835: Fix DMA channel leak on probe error (bsc#1120902).\n- mmc: sdhci-iproc: handle mmc_of_parse() errors during probe (bnc#1012382).\n- mm, devm_memremap_pages: mark devm_memremap_pages() EXPORT_SYMBOL_GPL (bnc#1012382).\n- mm,memory_hotplug: fix scan_movable_pages() for gigantic hugepages (bsc#1127731).\n- mm: migrate: do not rely on __PageMovable() of newpage after unlocking it (bnc#1012382).\n- mm: only report isolation failures when offlining memory (generic hotplug debugability).\n- mm, oom: fix use-after-free in oom_kill_process (bnc#1012382).\n- mm, page_alloc: drop should_suppress_show_mem (bnc#1125892, bnc#1106061).\n- mm/page-writeback.c: do not break integrity writeback on -\u003ewritepage() error (bnc#1012382).\n- mm, proc: be more verbose about unstable VMA flags in /proc/\u0026lt;pid\u003e/smaps (bnc#1012382).\n- mm, slab: faster active and free stats (bsc#116653, VM Performance).\n- mm/slab: improve performance of gathering slabinfo stats (bsc#116653, VM Performance).\n- mm, slab: maintain total slab count instead of active count (bsc#116653, VM Performance).\n- modpost: validate symbol names also in find_elf_symbol (bnc#1012382).\n- mtd: rawnand: gpmi: fix MX28 bus master lockup problem (bnc#1012382).\n- net: Add header for usage of fls64() (bnc#1012382).\n- net: bridge: fix a bug on using a neighbour cache entry without checking its state (bnc#1012382).\n- net: bridge: Fix ethernet header pointer before check skb forwardable (bnc#1012382).\n- net: call sk_dst_reset when set SO_DONTROUTE (bnc#1012382).\n- net: Do not allocate page fragments that are not skb aligned (bnc#1012382).\n- net: dp83640: expire old TX-skb (bnc#1012382).\n- net: dsa: bcm_sf2: Do not assume DSA master supports WoL (git-fixes).\n- net: dsa: mv88e6xxx: fix port VLAN maps (git-fixes).\n- net: dsa: slave: Do not propagate flag changes on down slave interfaces (bnc#1012382).\n- net: Fix for_each_netdev_feature on Big endian (bnc#1012382).\n- net: fix IPv6 prefix route residue (bnc#1012382).\n- net: fix pskb_trim_rcsum_slow() with odd trim offset (bnc#1012382).\n- net: Fix usage of pskb_trim_rcsum (bnc#1012382).\n- net/hamradio/6pack: Convert timers to use timer_setup() (git-fixes).\n- net/hamradio/6pack: use mod_timer() to rearm timers (git-fixes).\n- net: ieee802154: 6lowpan: fix frag reassembly (bnc#1012382).\n- net: ipv4: do not handle duplicate fragments as overlapping (bnc#1012382 bsc#1116345).\n- net: ipv4: Fix memory leak in network namespace dismantle (bnc#1012382).\n- net: ipv4: use a dedicated counter for icmp_v4 redirect packets (bnc#1012382).\n- net: lan78xx: Fix race in tx pending skb size calculation (git-fixes).\n- net/mlx4_core: Add masking for a few queries on HCA caps (bnc#1012382).\n- net/mlx4_core: drop useless LIST_HEAD (git-fixes).\n- net/mlx4_core: Fix qp mtt size calculation (git-fixes).\n- net/mlx4_core: Fix reset flow when in command polling mode (git-fixes).\n- net/mlx4: Fix endianness issue in qp context params (git-fixes).\n- net/mlx5: Continue driver initialization despite debugfs failure (git-fixes).\n- net/mlx5e: Fix TCP checksum in LRO buffers (git-fixes).\n- net/mlx5: Fix driver load bad flow when having fw initializing timeout (git-fixes).\n- net/mlx5: fix uaccess beyond \u0027count\u0027 in debugfs read/write handlers (git-fixes).\n- net/mlx5: Fix use-after-free in self-healing flow (git-fixes).\n- net/mlx5: Return success for PAGE_FAULT_RESUME in internal error state (git-fixes).\n- net: modify skb_rbtree_purge to return the truesize of all purged skbs (bnc#1012382).\n- net: mv643xx_eth: fix packet corruption with TSO and tiny unaligned packets (git-fixes).\n- net: phy: Avoid polling PHY with PHY_IGNORE_INTERRUPTS (git-fixes).\n- net: phy: bcm7xxx: Fix shadow mode 2 disabling (git-fixes).\n- net: pskb_trim_rcsum() and CHECKSUM_COMPLETE are friends (bnc#1012382).\n- net: qca_spi: Fix race condition in spi transfers (git-fixes).\n- netrom: switch to sock timer API (bnc#1012382).\n- net/rose: fix NULL ax25_cb kernel panic (bnc#1012382).\n- net_sched: refetch skb protocol for each filter (bnc#1012382).\n- net: speed up skb_rbtree_purge() (bnc#1012382).\n- net: stmmac: Fix a race in EEE enable callback (bnc#1012382).\n- net: stmmac: Fix a race in EEE enable callback (git-fixes).\n- net: systemport: Fix WoL with password after deep sleep (bnc#1012382).\n- net: thunderx: set tso_hdrs pointer to NULL in nicvf_free_snd_queue (git-fixes).\n- net/x25: do not hold the cpu too long in x25_new_lci() (bnc#1012382).\n- NFC: nxp-nci: Include unaligned.h instead of access_ok.h (bnc#1012382).\n- nfit: fix unchecked dereference in acpi_nfit_ctl (bsc#1125014).\n- nfsd4: fix crash on writing v4_end_grace before nfsd startup (bnc#1012382).\n- NFS: nfs_compare_mount_options always compare auth flavors (bnc#1012382).\n- niu: fix missing checks of niu_pci_eeprom_read (bnc#1012382).\n- ocfs2: do not clear bh uptodate for block read (bnc#1012382).\n- ocfs2: fix panic due to unrecovered local alloc (bnc#1012382).\n- omap2fb: Fix stack memory disclosure (bsc#1106929)\n- openvswitch: Avoid OOB read when parsing flow nlattrs (bnc#1012382).\n- packet: Do not leak dev refcounts on error exit (bnc#1012382).\n- pci: altera: Check link status before retrain link (bnc#1012382).\n- pci: altera: Fix altera_pcie_link_is_up() (bnc#1012382).\n- pci: altera: Move retrain from fixup to altera_pcie_host_init() (bnc#1012382).\n- pci: altera: Poll for link training status after retraining the link (bnc#1012382).\n- pci: altera: Poll for link up status after retraining the link (bnc#1012382).\n- pci: altera: Reorder read/write functions (bnc#1012382).\n- pci: altera: Rework config accessors for use without a struct pci_bus (bnc#1012382).\n- pci/PME: Fix hotplug/sysfs remove deadlock in pcie_pme_remove() (bsc#1129241).\n- perf/core: Do not WARN() for impossible ring-buffer sizes (bnc#1012382).\n- perf/core: Fix impossible ring-buffer sizes warning (bnc#1012382).\n- perf intel-pt: Fix error with config term \u0027pt=0\u0027 (bnc#1012382).\n- perf parse-events: Fix unchecked usage of strncpy() (bnc#1012382).\n- perf svghelper: Fix unchecked usage of strncpy() (bnc#1012382).\n- perf tests evsel-tp-sched: Fix bitwise operator (bnc#1012382).\n- perf tools: Add Hygon Dhyana support (bnc#1012382).\n- perf unwind: Take pgoff into account when reporting elf to libdwfl (bnc#1012382).\n- perf unwind: Unwind with libdw does not take symfs into account (bnc#1012382).\n- perf/x86: Add sysfs entry to freeze counters on SMI (bsc#1121805).\n- perf/x86/intel: Delay memory deallocation until x86_pmu_dead_cpu() (bsc#1121805).\n- perf/x86/intel: Do not enable freeze-on-smi for PerfMon V1 (bsc#1121805).\n- perf/x86/intel: Fix memory corruption (bsc#1121805).\n- perf/x86/intel: Generalize dynamic constraint creation (bsc#1121805).\n- perf/x86/intel: Implement support for TSX Force Abort (bsc#1121805).\n- perf/x86/intel: Make cpuc allocations consistent (bsc#1121805).\n- perf/x86/intel/uncore: Add Node ID mask (bnc#1012382).\n- phy: micrel: Ensure interrupts are reenabled on resume (git-fixes).\n- pinctrl: msm: fix gpio-hog related boot issues (bnc#1012382).\n- platform/x86: asus-nb-wmi: Drop mapping of 0x33 and 0x34 scan codes (bnc#1012382).\n- platform/x86: asus-nb-wmi: Map 0x35 to KEY_SCREENLOCK (bnc#1012382).\n- platform/x86: asus-wmi: Tell the EC the OS will handle the display off hotkey (bnc#1012382).\n- platform/x86: thinkpad_acpi: Proper model/release matching (bsc#1099810).\n- powerpc/cacheinfo: Report the correct shared_cpu_map on big-cores (bsc#1109695).\n- powerpc: Detect the presence of big-cores via \u0027ibm, thread-groups\u0027 (bsc#1109695).\n- powerpc, hotplug: Avoid to touch non-existent cpumasks (bsc#1109695).\n- powerpc: make use of for_each_node_by_type() instead of open-coding it (bsc#1109695).\n- powerpc/pseries: Add CPU dlpar remove functionality (bsc#1128756).\n- powerpc/pseries: add of_node_put() in dlpar_detach_node() (bnc#1012382).\n- powerpc/pseries: Consolidate CPU hotplug code to hotplug-cpu.c (bsc#1128756).\n- powerpc/pseries/cpuidle: Fix preempt warning (bnc#1012382).\n- powerpc/pseries: Factor out common cpu hotplug code (bsc#1128756).\n- powerpc/pseries: Perform full re-add of CPU for topology update post-migration (bsc#1128756).\n- powerpc/setup: Add cpu_to_phys_id array (bsc#1109695).\n- powerpc/smp: Add cpu_l2_cache_map (bsc#1109695).\n- powerpc/smp: Add Power9 scheduler topology (bsc#1109695).\n- powerpc/smp: Rework CPU topology construction (bsc#1109695).\n- powerpc/smp: Use cpu_to_chip_id() to find core siblings (bsc#1109695).\n- powerpc/uaccess: fix warning/error with access_ok() (bnc#1012382).\n- powerpc: Use cpu_smallcore_sibling_mask at SMT level on bigcores (bsc#1109695).\n- powerpc/xmon: Fix invocation inside lock region (bsc#1122885).\n- pppoe: fix reception of frames with no mac header (git-fixes).\n- pptp: dst_release sk_dst_cache in pptp_sock_destruct (git-fixes).\n- proc: Remove empty line in /proc/self/status (bnc#1012382 bsc#1094823).\n- pseries/energy: Use OF accessor function to read ibm,drc-indexes (bsc#1129080).\n- pstore/ram: Do not treat empty buffers as valid (bnc#1012382).\n- ptp: check gettime64 return code in PTP_SYS_OFFSET ioctl (bnc#1012382).\n- r8169: Add support for new Realtek Ethernet (bnc#1012382).\n- rbd: do not return 0 on unmap if RBD_DEV_FLAG_REMOVING is set (bsc#1125808).\n- rcu: Force boolean subscript for expedited stall warnings (bnc#1012382).\n- RDMA/bnxt_re: Fix a couple off by one bugs (bsc#1020413, ).\n- RDMA/bnxt_re: Synchronize destroy_qp with poll_cq (bsc#1125446).\n- Revert \u0027bs-upload-kernel: do not set %opensuse_bs\u0027 This reverts commit e89e2b8cbef05df6c874ba70af3cb4c57f82a821.\n- Revert \u0027cifs: In Kconfig CONFIG_CIFS_POSIX needs depends on legacy (insecure cifs)\u0027 (bnc#1012382).\n- Revert \u0027exec: load_script: do not blindly truncate shebang string\u0027 (bnc#1012382).\n- Revert \u0027Input: elan_i2c - add ACPI ID for touchpad in ASUS Aspire F5-573G\u0027 (bnc#1012382).\n- Revert \u0027loop: Fix double mutex_unlock(\u0026loop_ctl_mutex) in loop_control_ioctl()\u0027 (bnc#1012382).\n- Revert \u0027loop: Fold __loop_release into loop_release\u0027 (bnc#1012382).\n- Revert \u0027loop: Get rid of loop_index_mutex\u0027 (bnc#1012382).\n- Revert \u0027mmc: bcm2835: Fix DMA channel leak on probe error (bsc#1120902).\u0027 The backport patch does not built properly.\n- Revert \u0027mm, devm_memremap_pages: mark devm_memremap_pages() EXPORT_SYMBOL_GPL\u0027 (bnc#1012382).\n- Revert \u0027net: stmmac: Fix a race in EEE enable callback (git-fixes).\u0027 This reverts commit f323fa8d233c1f44aff17e6fae90c2c8be30edf9. The patch was already included in stable 4.4.176.\n- Revert \u0027sd: disable logical block provisioning if \u0027lbpme\u0027 is not set\u0027 This reverts commit 96370bd87299c7a6883b3e2bf13818f60c8ba611. Patch not accepted upstream.\n- Revert \u0027x86/platform/UV: Use efi_runtime_lock to serialise BIOS calls\u0027 (bsc#1128565).\n- rhashtable: Add rhashtable_lookup() (bnc#1012382).\n- rhashtable: add rhashtable_lookup_get_insert_key() (bnc#1012382 bsc#1042286).\n- rhashtable: add schedule points (bnc#1012382).\n- rhashtable: reorganize struct rhashtable layout (bnc#1012382).\n- s390/early: improve machine detection (bnc#1012382).\n- s390/qeth: cancel close_dev work before removing a card (LTC#175898, bsc#1127561).\n- s390/smp: Fix calling smp_call_ipl_cpu() from ipl CPU (bnc#1012382).\n- s390/smp: fix CPU hotplug deadlock with CPU rescan (bnc#1012382).\n- sata_rcar: fix deferred probing (bnc#1012382).\n- sched/wake_q: Document wake_q_add() (bsc#1050549).\n- sched/wake_q: Fix wakeup ordering for wake_q (bsc#1050549).\n- sched/wake_q: Reduce reference counting for special users (bsc#1050549).\n- scripts/decode_stacktrace: only strip base path when a prefix of the path (bnc#1012382).\n- scripts/git_sort/git_sort.py: Add mkp/scsi 5.0/scsi-fixes\n- scsi: aacraid: Fix missing break in switch statement (bsc#1128696).\n- scsi: ibmvscsi: Fix empty event pool access during host removal (bsc#1119019).\n- scsi: lpfc: Correct LCB RJT handling (bnc#1012382).\n- scsi: lpfc: Correct MDS diag and nvmet configuration (bsc#1125796).\n- scsi: lpfc: do not set queue-\u003epage_count to 0 if pc_sli4_params.wqpcnt is invalid (bsc#1127725).\n- scsi: megaraid: fix out-of-bound array accesses (bnc#1012382).\n- scsi: mpt3sas: Add an I/O barrier (bsc#1117108).\n- scsi: mpt3sas: Added support for nvme encapsulated request message (bsc#1117108).\n- scsi: mpt3sas: Added support for SAS Device Discovery Error Event (bsc#1117108).\n- scsi: mpt3sas: Adding support for SAS3616 HBA device (bsc#1117108).\n- scsi: mpt3sas: Add ioc_\u0026lt;level\u003e logging macros (bsc#1117108).\n- scsi: mpt3sas: Add nvme device support in slave alloc, target alloc and probe (bsc#1117108).\n- scsi: mpt3sas: Add PCI device ID for Andromeda (bsc#1117108).\n- scsi: mpt3sas: Add-Task-management-debug-info-for-NVMe-drives (bsc#1117108).\n- scsi: mpt3sas: Allow processing of events during driver unload (bsc#1117108).\n- scsi: mpt3sas: always use first reserved smid for ioctl passthrough (bsc#1117108).\n- scsi: mpt3sas: Annotate switch/case fall-through (bsc#1117108).\n- scsi: mpt3sas: API\u0027s to remove nvme drive from sml (bsc#1117108).\n- scsi: mpt3sas: API \u0027s to support NVMe drive addition to SML (bsc#1117108).\n- scsi: mpt3sas: As per MPI-spec, use combined reply queue for SAS3.5 controllers when HBA supports more than 16 MSI-x vectors (bsc#1117108).\n- scsi: mpt3sas: Bug fix for big endian systems (bsc#1117108).\n- scsi: mpt3sas: Bump mpt3sas driver version to v16.100.00.00 (bsc#1117108).\n- scsi: mpt3sas: Cache enclosure pages during enclosure add (bsc#1117108).\n- scsi: mpt3sas: check command status before attempting abort (bsc#1117108).\n- scsi: mpt3sas: clarify mmio pointer types (bsc#1117108).\n- scsi: mpt3sas: cleanup _scsih_pcie_enumeration_event() (bsc#1117108).\n- scsi: mpt3sas: Configure reply post queue depth, DMA and sgl tablesize (bsc#1117108).\n- scsi: mpt3sas: Convert logging uses with MPT3SAS_FMT and reply_q_name to %s: (bsc#1117108).\n- scsi: mpt3sas: Convert logging uses with MPT3SAS_FMT without logging levels (bsc#1117108).\n- scsi: mpt3sas: Convert mlsleading uses of pr_\u0026lt;level\u003e with MPT3SAS_FMT (bsc#1117108).\n- scsi: mpt3sas: Convert uses of pr_\u0026lt;level\u003e with MPT3SAS_FMT to ioc_\u0026lt;level\u003e (bsc#1117108).\n- scsi: mpt3sas: Display chassis slot information of the drive (bsc#1117108).\n- scsi: mpt3sas: Do not abort I/Os issued to NVMe drives while processing Async Broadcast primitive event (bsc#1117108).\n- scsi: mpt3sas: Do not access the structure after decrementing it\u0027s instance reference count (bsc#1117108).\n- scsi: mpt3sas: Do not use 32-bit atomic request descriptor for Ventura controllers (bsc#1117108).\n- scsi: mpt3sas: Enhanced handling of Sense Buffer (bsc#1117108).\n- scsi: mpt3sas: fix an out of bound write (bsc#1117108).\n- scsi: mpt3sas: Fix a race condition in mpt3sas_base_hard_reset_handler() (bsc#1117108).\n- scsi: mpt3sas: Fix calltrace observed while running IO \u0026 reset (bsc#1117108).\n- scsi: mpt3sas: fix dma_addr_t casts (bsc#1117108).\n- scsi: mpt3sas: Fixed memory leaks in driver (bsc#1117108).\n- scsi: mpt3sas: Fix, False timeout prints for ioctl and other internal commands during controller reset (bsc#1117108).\n- scsi: mpt3sas: fix format overflow warning (bsc#1117108).\n- scsi: mpt3sas: Fix indentation (bsc#1117108).\n- scsi: mpt3sas: Fix memory allocation failure test in \u0027mpt3sas_base_attach()\u0027 (bsc#1117108).\n- scsi: mpt3sas: Fix nvme drives checking for tlr (bsc#1117108).\n- scsi: mpt3sas: fix oops in error handlers after shutdown/unload (bsc#1117108).\n- scsi: mpt3sas: Fix possibility of using invalid Enclosure Handle for SAS device after host reset (bsc#1117108).\n- scsi: mpt3sas: fix possible memory leak (bsc#1117108).\n- scsi: mpt3sas: fix pr_info message continuation (bsc#1117108).\n- scsi: mpt3sas: Fix removal and addition of vSES device during host reset (bsc#1117108).\n- scsi: mpt3sas: Fix sparse warnings (bsc#1117108).\n- scsi: mpt3sas: fix spelling mistake: \u0027disbale\u0027 -\u003e \u0027disable\u0027 (bsc#1117108).\n- scsi: mpt3sas: For NVME device, issue a protocol level reset (bsc#1117108).\n- scsi: mpt3sas: Handle NVMe PCIe device related events generated from firmware (bsc#1117108).\n- scsi: mpt3sas: Improve kernel-doc headers (bsc#1117108).\n- scsi: mpt3sas: Incorrect command status was set/marked as not used (bsc#1117108).\n- scsi: mpt3sas: Increase event log buffer to support 24 port HBA\u0027s (bsc#1117108).\n- scsi: mpt3sas: Introduce API to get BAR0 mapped buffer address (bsc#1117108).\n- scsi: mpt3sas: Introduce Base function for cloning (bsc#1117108).\n- scsi: mpt3sas: Introduce function to clone mpi reply (bsc#1117108).\n- scsi: mpt3sas: Introduce function to clone mpi request (bsc#1117108).\n- scsi: mpt3sas: Introduce mpt3sas_get_st_from_smid() (bsc#1117108).\n- scsi: mpt3sas: Introduce struct mpt3sas_nvme_cmd (bsc#1117108).\n- scsi: mpt3sas: Lockless access for chain buffers (bsc#1117108).\n- scsi: mpt3sas: lockless command submission (bsc#1117108).\n- scsi: mpt3sas: make function _get_st_from_smid static (bsc#1117108).\n- scsi: mpt3sas: NVMe drive support for BTDHMAPPING ioctl command and log info (bsc#1117108).\n- scsi: mpt3sas: open-code _scsih_scsi_lookup_get() (bsc#1117108).\n- scsi: mpt3sas: Optimize I/O memory consumption in driver (bsc#1117108).\n- scsi: mpt3sas: Pre-allocate RDPQ Array at driver boot time (bsc#1117108).\n- scsi: mpt3sas: Processing of Cable Exception events (bsc#1117108).\n- scsi: mpt3sas: Reduce memory footprint in kdump kernel (bsc#1117108).\n- scsi: mpt3sas: remove a stray KERN_INFO (bsc#1117108).\n- scsi: mpt3sas: Remove KERN_WARNING from panic uses (bsc#1117108).\n- scsi: mpt3sas: remove redundant copy_from_user in _ctl_getiocinfo (bsc#1117108).\n- scsi: mpt3sas: remove redundant wmb (bsc#1117108).\n- scsi: mpt3sas: Remove set-but-not-used variables (bsc#1117108).\n- scsi: mpt3sas: Remove unnecessary parentheses and simplify null checks (bsc#1117108).\n- scsi: mpt3sas: Remove unused macro MPT3SAS_FMT (bsc#1117108).\n- scsi: mpt3sas: Remove unused variable requeue_event (bsc#1117108).\n- scsi: mpt3sas: Replace PCI pool old API (bsc#1117108).\n- scsi: mpt3sas: Replace PCI pool old API (bsc#1117108).\n- scsi: mpt3sas: Report Firmware Package Version from HBA Driver (bsc#1117108).\n- scsi: mpt3sas: scan and add nvme device after controller reset (bsc#1117108).\n- scsi: mpt3sas: separate out _base_recovery_check() (bsc#1117108).\n- scsi: mpt3sas: set default value for cb_idx (bsc#1117108).\n- scsi: mpt3sas: Set NVMe device queue depth as 128 (bsc#1117108).\n- scsi: mpt3sas: SGL to PRP Translation for I/Os to NVMe devices (bsc#1117108).\n- scsi: mpt3sas: simplify mpt3sas_scsi_issue_tm() (bsc#1117108).\n- scsi: mpt3sas: simplify task management functions (bsc#1117108).\n- scsi: mpt3sas: simplify _wait_for_commands_to_complete() (bsc#1117108).\n- scsi: mpt3sas: Split _base_reset_handler(), mpt3sas_scsih_reset_handler() and mpt3sas_ctl_reset_handler() (bsc#1117108).\n- scsi: mpt3sas: Swap I/O memory read value back to cpu endianness (bsc#1117108).\n- scsi: mpt3sas: switch to generic DMA API (bsc#1117108).\n- scsi: mpt3sas: switch to pci_alloc_irq_vectors (bsc#1117108).\n- scsi: mpt3sas: Updated MPI headers to v2.00.48 (bsc#1117108).\n- scsi: mpt3sas: Update driver version \u002725.100.00.00\u0027 (bsc#1117108).\n- scsi: mpt3sas: Update driver version \u002726.100.00.00\u0027 (bsc#1117108).\n- scsi: mpt3sas: Update MPI Headers (bsc#1117108).\n- scsi: mpt3sas: Update mpt3sas driver version (bsc#1117108).\n- scsi: mpt3sas: Use dma_pool_zalloc (bsc#1117108).\n- scsi: mpt3sas: use list_splice_init() (bsc#1117108).\n- scsi: mpt3sas: wait for and flush running commands on shutdown/unload (bsc#1117108).\n- scsi: qla2xxx: Fix deadlock between ATIO and HW lock (bsc#1125794).\n- scsi: qla2xxx: Fix early srb free on abort (bsc#1121713).\n- scsi: qla2xxx: Fix for double free of SRB structure (bsc#1121713).\n- scsi: qla2xxx: Increase abort timeout value (bsc#1121713).\n- scsi: qla2xxx: Move {get|rel}_sp to base_qpair struct (bsc#1121713).\n- scsi: qla2xxx: Return switch command on a timeout (bsc#1121713).\n- scsi: qla2xxx: Turn off IOCB timeout timer on IOCB completion (bsc#1121713).\n- scsi: qla2xxx: Use correct qpair for ABTS/CMD (bsc#1121713).\n- scsi: sd: Fix cache_type_store() (bnc#1012382).\n- scsi: sym53c8xx: fix NULL pointer dereference panic in sym_int_sir() (bsc#1125315).\n- scsi: target: make the pi_prot_format ConfigFS path readable (bsc#1123933).\n- scsi: target: use consistent left-aligned ASCII INQUIRY data (bnc#1012382).\n- sctp: allocate sctp_sockaddr_entry with kzalloc (bnc#1012382).\n- sd: disable logical block provisioning if \u0027lbpme\u0027 is not set (bsc#1086095 bsc#1078355).\n- selinux: fix GPF on invalid policy (bnc#1012382).\n- seq_buf: Make seq_buf_puts() null-terminate the buffer (bnc#1012382).\n- serial: fsl_lpuart: clear parity enable bit when disable parity (bnc#1012382).\n- series.conf: Move \u0027patches.fixes/aio-hold-an-extra-file-reference-over-AIO-read-write.patch\u0027 into sorted section.\n- signal: Always notice exiting tasks (bnc#1012382).\n- signal: Better detection of synchronous signals (bnc#1012382).\n- signal: Restore the stop PTRACE_EVENT_EXIT (bnc#1012382).\n- skge: potential memory corruption in skge_get_regs() (bnc#1012382).\n- sky2: Increase D3 delay again (bnc#1012382).\n- slab: alien caches must not be initialized if the allocation of the alien cache failed (bnc#1012382).\n- smack: fix access permissions for keyring (bnc#1012382).\n- smsc95xx: Use skb_cow_head to deal with cloned skbs (bnc#1012382).\n- soc/tegra: Do not leak device tree node reference (bnc#1012382).\n- staging:iio:ad2s90: Make probe handle spi_setup failure (bnc#1012382).\n- staging: iio: ad7780: update voltage on read (bnc#1012382).\n- staging: iio: adc: ad7280a: handle error from __ad7280_read32() (bnc#1012382).\n- staging: rtl8188eu: Add device code for D-Link DWA-121 rev B1 (bnc#1012382).\n- sunrpc: handle ENOMEM in rpcb_getport_async (bnc#1012382).\n- sunvdc: Do not spin in an infinite loop when vio_ldc_send() returns EAGAIN (bnc#1012382).\n- sysfs: Disable lockdep for driver bind/unbind files (bnc#1012382).\n- tcp: clear icsk_backoff in tcp_write_queue_purge() (bnc#1012382).\n- tcp: tcp_v4_err() should be more careful (bnc#1012382).\n- team: avoid complex list operations in team_nl_cmd_options_set() (bnc#1012382).\n- team: Free BPF filter when unregistering netdev (git-fixes).\n- test_hexdump: use memcpy instead of strncpy (bnc#1012382).\n- thermal: hwmon: inline helpers when CONFIG_THERMAL_HWMON is not set (bnc#1012382).\n- timekeeping: Use proper seqcount initializer (bnc#1012382).\n- tipc: fix uninit-value in tipc_nl_compat_bearer_enable (bnc#1012382).\n- tipc: fix uninit-value in tipc_nl_compat_doit (bnc#1012382).\n- tipc: fix uninit-value in tipc_nl_compat_link_reset_stats (bnc#1012382).\n- tipc: fix uninit-value in tipc_nl_compat_link_set (bnc#1012382).\n- tipc: fix uninit-value in tipc_nl_compat_name_table_dump (bnc#1012382).\n- tipc: use destination length for copy string (bnc#1012382).\n- tracing: Do not free iter-\u003etrace in fail path of tracing_open_pipe() (bsc#1129581).\n- tracing/uprobes: Fix output for multiple string arguments (bnc#1012382).\n- tty: Do not block on IO when ldisc change is pending (bnc#1105428).\n- tty: Do not hold ldisc lock in tty_reopen() if ldisc present (bnc#1105428).\n- tty: fix data race between tty_init_dev and flush of buf (bnc#1105428).\n- tty: Handle problem if line discipline does not have receive_buf (bnc#1012382).\n- tty: Hold tty_ldisc_lock() during tty_reopen() (bnc#1105428).\n- tty/ldsem: Add lockdep asserts for ldisc_sem (bnc#1105428).\n- tty/ldsem: Convert to regular lockdep annotations (bnc#1105428).\n- tty/ldsem: Decrement wait_readers on timeouted down_read() (bnc#1105428).\n- tty/ldsem: Wake up readers after timed out down_write() (bnc#1012382).\n- tty/n_hdlc: fix __might_sleep warning (bnc#1012382).\n- tty: serial: samsung: Properly set flags in autoCTS mode (bnc#1012382).\n- tty: Simplify tty-\u003ecount math in tty_reopen() (bnc#1105428).\n- uapi/if_ether.h: move __UAPI_DEF_ETHHDR libc define (bnc#1012382).\n- uapi/if_ether.h: prevent redefinition of struct ethhdr (bnc#1012382).\n- ucc_geth: Reset BQL queue when stopping device (bnc#1012382).\n- udf: Fix BUG on corrupted inode (bnc#1012382).\n- um: Avoid marking pages with \u0027changed protection\u0027 (bnc#1012382).\n- usb: Add USB_QUIRK_DELAY_CTRL_MSG quirk for Corsair K70 RGB (bnc#1012382).\n- usb: cdc-acm: send ZLP for Telit 3G Intel based modems (bnc#1012382).\n- usb: dwc2: Remove unnecessary kfree (bnc#1012382).\n- usb: gadget: udc: net2272: Fix bitwise and boolean operations (bnc#1012382).\n- usb: hub: delay hub autosuspend if USB3 port is still link training (bnc#1012382).\n- usb: phy: am335x: fix race condition in _probe (bnc#1012382).\n- usb: serial: pl2303: add new PID to support PL2303TB (bnc#1012382).\n- usb: serial: simple: add Motorola Tetra TPG2200 device id (bnc#1012382).\n- usb: storage: add quirk for SMI SM3350 (bnc#1012382).\n- usb: storage: do not insert sane sense for SPC3+ when bad sense specified (bnc#1012382).\n- video: clps711x-fb: release disp device node in probe() (bnc#1012382).\n- vsock: cope with memory allocation failure at socket creation time (bnc#1012382).\n- vt: invoke notifier on screen size change (bnc#1012382).\n- vxlan: test dev-\u003eflags \u0026 IFF_UP before calling netif_rx() (bnc#1012382).\n- wireless: airo: potential buffer overflow in sprintf() (bsc#1120902).\n- writeback: do not decrement wb-\u003erefcnt if !wb-\u003ebdi (git fixes (writeback)).\n- x86: Add TSX Force Abort CPUID/MSR (bsc#1121805).\n- x86/a.out: Clear the dump structure initially (bnc#1012382).\n- x86/fpu: Add might_fault() to user_insn() (bnc#1012382).\n- x86/kaslr: Fix incorrect i8254 outb() parameters (bnc#1012382).\n- x86: livepatch: Treat R_X86_64_PLT32 as R_X86_64_PC32 (bnc#1012382).\n- x86/MCE: Initialize mce.bank in the case of a fatal error in mce_no_way_out() (bnc#1012382).\n- x86/PCI: Fix Broadcom CNB20LE unintended sign extension (redux) (bnc#1012382).\n- x86/pkeys: Properly copy pkey state at fork() (bsc#1106105).\n- x86/platform/UV: Use efi_runtime_lock to serialise BIOS calls (bnc#1012382).\n- x86: respect memory size limiting via mem= parameter (bsc#1117645).\n- x86/xen: dont add memory above max allowed allocation (bsc#1117645).\n- xen, cpu_hotplug: Prevent an out of bounds access (bsc#1065600).\n- xen: remove pre-xen3 fallback handlers (bsc#1065600).\n- xfrm6_tunnel: Fix spi check in __xfrm6_tunnel_alloc_spi (bnc#1012382).\n- xfrm: refine validation of template and selector families (bnc#1012382).\n- Yama: Check for pid death before checking ancestry (bnc#1012382).\n- xfs: remove filestream item xfs_inode reference (bsc#1127961).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2019-901,SUSE-SLE-SERVER-12-SP3-2019-901",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2019_0901-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2019:0901-1",
"url": "https://www.suse.com/support/update/announcement/2019/suse-su-20190901-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2019:0901-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2019-April/005309.html"
},
{
"category": "self",
"summary": "SUSE Bug 1012382",
"url": "https://bugzilla.suse.com/1012382"
},
{
"category": "self",
"summary": "SUSE Bug 1020413",
"url": "https://bugzilla.suse.com/1020413"
},
{
"category": "self",
"summary": "SUSE Bug 1023175",
"url": "https://bugzilla.suse.com/1023175"
},
{
"category": "self",
"summary": "SUSE Bug 1031492",
"url": "https://bugzilla.suse.com/1031492"
},
{
"category": "self",
"summary": "SUSE Bug 1042286",
"url": "https://bugzilla.suse.com/1042286"
},
{
"category": "self",
"summary": "SUSE Bug 1050549",
"url": "https://bugzilla.suse.com/1050549"
},
{
"category": "self",
"summary": "SUSE Bug 1065600",
"url": "https://bugzilla.suse.com/1065600"
},
{
"category": "self",
"summary": "SUSE Bug 1070767",
"url": "https://bugzilla.suse.com/1070767"
},
{
"category": "self",
"summary": "SUSE Bug 1075697",
"url": "https://bugzilla.suse.com/1075697"
},
{
"category": "self",
"summary": "SUSE Bug 1078355",
"url": "https://bugzilla.suse.com/1078355"
},
{
"category": "self",
"summary": "SUSE Bug 1082943",
"url": "https://bugzilla.suse.com/1082943"
},
{
"category": "self",
"summary": "SUSE Bug 1086095",
"url": "https://bugzilla.suse.com/1086095"
},
{
"category": "self",
"summary": "SUSE Bug 1086652",
"url": "https://bugzilla.suse.com/1086652"
},
{
"category": "self",
"summary": "SUSE Bug 1087036",
"url": "https://bugzilla.suse.com/1087036"
},
{
"category": "self",
"summary": "SUSE Bug 1087092",
"url": "https://bugzilla.suse.com/1087092"
},
{
"category": "self",
"summary": "SUSE Bug 1090435",
"url": "https://bugzilla.suse.com/1090435"
},
{
"category": "self",
"summary": "SUSE Bug 1094823",
"url": "https://bugzilla.suse.com/1094823"
},
{
"category": "self",
"summary": "SUSE Bug 1099810",
"url": "https://bugzilla.suse.com/1099810"
},
{
"category": "self",
"summary": "SUSE Bug 1102875",
"url": "https://bugzilla.suse.com/1102875"
},
{
"category": "self",
"summary": "SUSE Bug 1102877",
"url": "https://bugzilla.suse.com/1102877"
},
{
"category": "self",
"summary": "SUSE Bug 1102879",
"url": "https://bugzilla.suse.com/1102879"
},
{
"category": "self",
"summary": "SUSE Bug 1102882",
"url": "https://bugzilla.suse.com/1102882"
},
{
"category": "self",
"summary": "SUSE Bug 1102896",
"url": "https://bugzilla.suse.com/1102896"
},
{
"category": "self",
"summary": "SUSE Bug 1102959",
"url": "https://bugzilla.suse.com/1102959"
},
{
"category": "self",
"summary": "SUSE Bug 1103429",
"url": "https://bugzilla.suse.com/1103429"
},
{
"category": "self",
"summary": "SUSE Bug 1105428",
"url": "https://bugzilla.suse.com/1105428"
},
{
"category": "self",
"summary": "SUSE Bug 1106061",
"url": "https://bugzilla.suse.com/1106061"
},
{
"category": "self",
"summary": "SUSE Bug 1106105",
"url": "https://bugzilla.suse.com/1106105"
},
{
"category": "self",
"summary": "SUSE Bug 1106929",
"url": "https://bugzilla.suse.com/1106929"
},
{
"category": "self",
"summary": "SUSE Bug 1107866",
"url": "https://bugzilla.suse.com/1107866"
},
{
"category": "self",
"summary": "SUSE Bug 1109137",
"url": "https://bugzilla.suse.com/1109137"
},
{
"category": "self",
"summary": "SUSE Bug 1109248",
"url": "https://bugzilla.suse.com/1109248"
},
{
"category": "self",
"summary": "SUSE Bug 1109695",
"url": "https://bugzilla.suse.com/1109695"
},
{
"category": "self",
"summary": "SUSE Bug 1114893",
"url": "https://bugzilla.suse.com/1114893"
},
{
"category": "self",
"summary": "SUSE Bug 1116345",
"url": "https://bugzilla.suse.com/1116345"
},
{
"category": "self",
"summary": "SUSE Bug 1116653",
"url": "https://bugzilla.suse.com/1116653"
},
{
"category": "self",
"summary": "SUSE Bug 1117108",
"url": "https://bugzilla.suse.com/1117108"
},
{
"category": "self",
"summary": "SUSE Bug 1117645",
"url": "https://bugzilla.suse.com/1117645"
},
{
"category": "self",
"summary": "SUSE Bug 1117744",
"url": "https://bugzilla.suse.com/1117744"
},
{
"category": "self",
"summary": "SUSE Bug 1119019",
"url": "https://bugzilla.suse.com/1119019"
},
{
"category": "self",
"summary": "SUSE Bug 1119680",
"url": "https://bugzilla.suse.com/1119680"
},
{
"category": "self",
"summary": "SUSE Bug 1119843",
"url": "https://bugzilla.suse.com/1119843"
},
{
"category": "self",
"summary": "SUSE Bug 1120017",
"url": "https://bugzilla.suse.com/1120017"
},
{
"category": "self",
"summary": "SUSE Bug 1120691",
"url": "https://bugzilla.suse.com/1120691"
},
{
"category": "self",
"summary": "SUSE Bug 1120722",
"url": "https://bugzilla.suse.com/1120722"
},
{
"category": "self",
"summary": "SUSE Bug 1120758",
"url": "https://bugzilla.suse.com/1120758"
},
{
"category": "self",
"summary": "SUSE Bug 1120902",
"url": "https://bugzilla.suse.com/1120902"
},
{
"category": "self",
"summary": "SUSE Bug 1121713",
"url": "https://bugzilla.suse.com/1121713"
},
{
"category": "self",
"summary": "SUSE Bug 1121726",
"url": "https://bugzilla.suse.com/1121726"
},
{
"category": "self",
"summary": "SUSE Bug 1121805",
"url": "https://bugzilla.suse.com/1121805"
},
{
"category": "self",
"summary": "SUSE Bug 1122650",
"url": "https://bugzilla.suse.com/1122650"
},
{
"category": "self",
"summary": "SUSE Bug 1122651",
"url": "https://bugzilla.suse.com/1122651"
},
{
"category": "self",
"summary": "SUSE Bug 1122779",
"url": "https://bugzilla.suse.com/1122779"
},
{
"category": "self",
"summary": "SUSE Bug 1122885",
"url": "https://bugzilla.suse.com/1122885"
},
{
"category": "self",
"summary": "SUSE Bug 1123321",
"url": "https://bugzilla.suse.com/1123321"
},
{
"category": "self",
"summary": "SUSE Bug 1123323",
"url": "https://bugzilla.suse.com/1123323"
},
{
"category": "self",
"summary": "SUSE Bug 1123357",
"url": "https://bugzilla.suse.com/1123357"
},
{
"category": "self",
"summary": "SUSE Bug 1123933",
"url": "https://bugzilla.suse.com/1123933"
},
{
"category": "self",
"summary": "SUSE Bug 1124166",
"url": "https://bugzilla.suse.com/1124166"
},
{
"category": "self",
"summary": "SUSE Bug 1124235",
"url": "https://bugzilla.suse.com/1124235"
},
{
"category": "self",
"summary": "SUSE Bug 1124728",
"url": "https://bugzilla.suse.com/1124728"
},
{
"category": "self",
"summary": "SUSE Bug 1124732",
"url": "https://bugzilla.suse.com/1124732"
},
{
"category": "self",
"summary": "SUSE Bug 1124735",
"url": "https://bugzilla.suse.com/1124735"
},
{
"category": "self",
"summary": "SUSE Bug 1124775",
"url": "https://bugzilla.suse.com/1124775"
},
{
"category": "self",
"summary": "SUSE Bug 1124777",
"url": "https://bugzilla.suse.com/1124777"
},
{
"category": "self",
"summary": "SUSE Bug 1124780",
"url": "https://bugzilla.suse.com/1124780"
},
{
"category": "self",
"summary": "SUSE Bug 1124811",
"url": "https://bugzilla.suse.com/1124811"
},
{
"category": "self",
"summary": "SUSE Bug 1125000",
"url": "https://bugzilla.suse.com/1125000"
},
{
"category": "self",
"summary": "SUSE Bug 1125014",
"url": "https://bugzilla.suse.com/1125014"
},
{
"category": "self",
"summary": "SUSE Bug 1125315",
"url": "https://bugzilla.suse.com/1125315"
},
{
"category": "self",
"summary": "SUSE Bug 1125446",
"url": "https://bugzilla.suse.com/1125446"
},
{
"category": "self",
"summary": "SUSE Bug 1125794",
"url": "https://bugzilla.suse.com/1125794"
},
{
"category": "self",
"summary": "SUSE Bug 1125796",
"url": "https://bugzilla.suse.com/1125796"
},
{
"category": "self",
"summary": "SUSE Bug 1125808",
"url": "https://bugzilla.suse.com/1125808"
},
{
"category": "self",
"summary": "SUSE Bug 1125809",
"url": "https://bugzilla.suse.com/1125809"
},
{
"category": "self",
"summary": "SUSE Bug 1125810",
"url": "https://bugzilla.suse.com/1125810"
},
{
"category": "self",
"summary": "SUSE Bug 1125892",
"url": "https://bugzilla.suse.com/1125892"
},
{
"category": "self",
"summary": "SUSE Bug 1126389",
"url": "https://bugzilla.suse.com/1126389"
},
{
"category": "self",
"summary": "SUSE Bug 1126772",
"url": "https://bugzilla.suse.com/1126772"
},
{
"category": "self",
"summary": "SUSE Bug 1126773",
"url": "https://bugzilla.suse.com/1126773"
},
{
"category": "self",
"summary": "SUSE Bug 1126805",
"url": "https://bugzilla.suse.com/1126805"
},
{
"category": "self",
"summary": "SUSE Bug 1127082",
"url": "https://bugzilla.suse.com/1127082"
},
{
"category": "self",
"summary": "SUSE Bug 1127155",
"url": "https://bugzilla.suse.com/1127155"
},
{
"category": "self",
"summary": "SUSE Bug 1127561",
"url": "https://bugzilla.suse.com/1127561"
},
{
"category": "self",
"summary": "SUSE Bug 1127725",
"url": "https://bugzilla.suse.com/1127725"
},
{
"category": "self",
"summary": "SUSE Bug 1127731",
"url": "https://bugzilla.suse.com/1127731"
},
{
"category": "self",
"summary": "SUSE Bug 1127961",
"url": "https://bugzilla.suse.com/1127961"
},
{
"category": "self",
"summary": "SUSE Bug 1128166",
"url": "https://bugzilla.suse.com/1128166"
},
{
"category": "self",
"summary": "SUSE Bug 1128452",
"url": "https://bugzilla.suse.com/1128452"
},
{
"category": "self",
"summary": "SUSE Bug 1128565",
"url": "https://bugzilla.suse.com/1128565"
},
{
"category": "self",
"summary": "SUSE Bug 1128696",
"url": "https://bugzilla.suse.com/1128696"
},
{
"category": "self",
"summary": "SUSE Bug 1128756",
"url": "https://bugzilla.suse.com/1128756"
},
{
"category": "self",
"summary": "SUSE Bug 1128893",
"url": "https://bugzilla.suse.com/1128893"
},
{
"category": "self",
"summary": "SUSE Bug 1129080",
"url": "https://bugzilla.suse.com/1129080"
},
{
"category": "self",
"summary": "SUSE Bug 1129179",
"url": "https://bugzilla.suse.com/1129179"
},
{
"category": "self",
"summary": "SUSE Bug 1129237",
"url": "https://bugzilla.suse.com/1129237"
},
{
"category": "self",
"summary": "SUSE Bug 1129238",
"url": "https://bugzilla.suse.com/1129238"
},
{
"category": "self",
"summary": "SUSE Bug 1129239",
"url": "https://bugzilla.suse.com/1129239"
},
{
"category": "self",
"summary": "SUSE Bug 1129240",
"url": "https://bugzilla.suse.com/1129240"
},
{
"category": "self",
"summary": "SUSE Bug 1129241",
"url": "https://bugzilla.suse.com/1129241"
},
{
"category": "self",
"summary": "SUSE Bug 1129413",
"url": "https://bugzilla.suse.com/1129413"
},
{
"category": "self",
"summary": "SUSE Bug 1129414",
"url": "https://bugzilla.suse.com/1129414"
},
{
"category": "self",
"summary": "SUSE Bug 1129415",
"url": "https://bugzilla.suse.com/1129415"
},
{
"category": "self",
"summary": "SUSE Bug 1129416",
"url": "https://bugzilla.suse.com/1129416"
},
{
"category": "self",
"summary": "SUSE Bug 1129417",
"url": "https://bugzilla.suse.com/1129417"
},
{
"category": "self",
"summary": "SUSE Bug 1129418",
"url": "https://bugzilla.suse.com/1129418"
},
{
"category": "self",
"summary": "SUSE Bug 1129419",
"url": "https://bugzilla.suse.com/1129419"
},
{
"category": "self",
"summary": "SUSE Bug 1129581",
"url": "https://bugzilla.suse.com/1129581"
},
{
"category": "self",
"summary": "SUSE Bug 1129770",
"url": "https://bugzilla.suse.com/1129770"
},
{
"category": "self",
"summary": "SUSE Bug 1129923",
"url": "https://bugzilla.suse.com/1129923"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-18249 page",
"url": "https://www.suse.com/security/cve/CVE-2017-18249/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-2024 page",
"url": "https://www.suse.com/security/cve/CVE-2019-2024/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-3459 page",
"url": "https://www.suse.com/security/cve/CVE-2019-3459/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-3460 page",
"url": "https://www.suse.com/security/cve/CVE-2019-3460/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-6974 page",
"url": "https://www.suse.com/security/cve/CVE-2019-6974/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-7221 page",
"url": "https://www.suse.com/security/cve/CVE-2019-7221/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-7222 page",
"url": "https://www.suse.com/security/cve/CVE-2019-7222/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-9213 page",
"url": "https://www.suse.com/security/cve/CVE-2019-9213/"
}
],
"title": "Security update for the Linux Kernel",
"tracking": {
"current_release_date": "2019-04-08T09:49:53Z",
"generator": {
"date": "2019-04-08T09:49:53Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2019:0901-1",
"initial_release_date": "2019-04-08T09:49:53Z",
"revision_history": [
{
"date": "2019-04-08T09:49:53Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "kernel-devel-azure-4.4.176-4.25.1.noarch",
"product": {
"name": "kernel-devel-azure-4.4.176-4.25.1.noarch",
"product_id": "kernel-devel-azure-4.4.176-4.25.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-source-azure-4.4.176-4.25.1.noarch",
"product": {
"name": "kernel-source-azure-4.4.176-4.25.1.noarch",
"product_id": "kernel-source-azure-4.4.176-4.25.1.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "cluster-md-kmp-azure-4.4.176-4.25.1.x86_64",
"product": {
"name": "cluster-md-kmp-azure-4.4.176-4.25.1.x86_64",
"product_id": "cluster-md-kmp-azure-4.4.176-4.25.1.x86_64"
}
},
{
"category": "product_version",
"name": "dlm-kmp-azure-4.4.176-4.25.1.x86_64",
"product": {
"name": "dlm-kmp-azure-4.4.176-4.25.1.x86_64",
"product_id": "dlm-kmp-azure-4.4.176-4.25.1.x86_64"
}
},
{
"category": "product_version",
"name": "gfs2-kmp-azure-4.4.176-4.25.1.x86_64",
"product": {
"name": "gfs2-kmp-azure-4.4.176-4.25.1.x86_64",
"product_id": "gfs2-kmp-azure-4.4.176-4.25.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-azure-4.4.176-4.25.1.x86_64",
"product": {
"name": "kernel-azure-4.4.176-4.25.1.x86_64",
"product_id": "kernel-azure-4.4.176-4.25.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-azure-base-4.4.176-4.25.1.x86_64",
"product": {
"name": "kernel-azure-base-4.4.176-4.25.1.x86_64",
"product_id": "kernel-azure-base-4.4.176-4.25.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-azure-devel-4.4.176-4.25.1.x86_64",
"product": {
"name": "kernel-azure-devel-4.4.176-4.25.1.x86_64",
"product_id": "kernel-azure-devel-4.4.176-4.25.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-azure-extra-4.4.176-4.25.1.x86_64",
"product": {
"name": "kernel-azure-extra-4.4.176-4.25.1.x86_64",
"product_id": "kernel-azure-extra-4.4.176-4.25.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-azure-kgraft-4.4.176-4.25.1.x86_64",
"product": {
"name": "kernel-azure-kgraft-4.4.176-4.25.1.x86_64",
"product_id": "kernel-azure-kgraft-4.4.176-4.25.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-syms-azure-4.4.176-4.25.1.x86_64",
"product": {
"name": "kernel-syms-azure-4.4.176-4.25.1.x86_64",
"product_id": "kernel-syms-azure-4.4.176-4.25.1.x86_64"
}
},
{
"category": "product_version",
"name": "kselftests-kmp-azure-4.4.176-4.25.1.x86_64",
"product": {
"name": "kselftests-kmp-azure-4.4.176-4.25.1.x86_64",
"product_id": "kselftests-kmp-azure-4.4.176-4.25.1.x86_64"
}
},
{
"category": "product_version",
"name": "ocfs2-kmp-azure-4.4.176-4.25.1.x86_64",
"product": {
"name": "ocfs2-kmp-azure-4.4.176-4.25.1.x86_64",
"product_id": "ocfs2-kmp-azure-4.4.176-4.25.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 12 SP3",
"product": {
"name": "SUSE Linux Enterprise Server 12 SP3",
"product_id": "SUSE Linux Enterprise Server 12 SP3",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles:12:sp3"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP Applications 12 SP3",
"product": {
"name": "SUSE Linux Enterprise Server for SAP Applications 12 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP3",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles_sap:12:sp3"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-azure-4.4.176-4.25.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP3",
"product_id": "SUSE Linux Enterprise Server 12 SP3:kernel-azure-4.4.176-4.25.1.x86_64"
},
"product_reference": "kernel-azure-4.4.176-4.25.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-azure-base-4.4.176-4.25.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP3",
"product_id": "SUSE Linux Enterprise Server 12 SP3:kernel-azure-base-4.4.176-4.25.1.x86_64"
},
"product_reference": "kernel-azure-base-4.4.176-4.25.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-azure-devel-4.4.176-4.25.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP3",
"product_id": "SUSE Linux Enterprise Server 12 SP3:kernel-azure-devel-4.4.176-4.25.1.x86_64"
},
"product_reference": "kernel-azure-devel-4.4.176-4.25.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-devel-azure-4.4.176-4.25.1.noarch as component of SUSE Linux Enterprise Server 12 SP3",
"product_id": "SUSE Linux Enterprise Server 12 SP3:kernel-devel-azure-4.4.176-4.25.1.noarch"
},
"product_reference": "kernel-devel-azure-4.4.176-4.25.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-source-azure-4.4.176-4.25.1.noarch as component of SUSE Linux Enterprise Server 12 SP3",
"product_id": "SUSE Linux Enterprise Server 12 SP3:kernel-source-azure-4.4.176-4.25.1.noarch"
},
"product_reference": "kernel-source-azure-4.4.176-4.25.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-azure-4.4.176-4.25.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP3",
"product_id": "SUSE Linux Enterprise Server 12 SP3:kernel-syms-azure-4.4.176-4.25.1.x86_64"
},
"product_reference": "kernel-syms-azure-4.4.176-4.25.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-azure-4.4.176-4.25.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-4.4.176-4.25.1.x86_64"
},
"product_reference": "kernel-azure-4.4.176-4.25.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-azure-base-4.4.176-4.25.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-base-4.4.176-4.25.1.x86_64"
},
"product_reference": "kernel-azure-base-4.4.176-4.25.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-azure-devel-4.4.176-4.25.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-devel-4.4.176-4.25.1.x86_64"
},
"product_reference": "kernel-azure-devel-4.4.176-4.25.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-devel-azure-4.4.176-4.25.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-azure-4.4.176-4.25.1.noarch"
},
"product_reference": "kernel-devel-azure-4.4.176-4.25.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-source-azure-4.4.176-4.25.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-azure-4.4.176-4.25.1.noarch"
},
"product_reference": "kernel-source-azure-4.4.176-4.25.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-azure-4.4.176-4.25.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-azure-4.4.176-4.25.1.x86_64"
},
"product_reference": "kernel-syms-azure-4.4.176-4.25.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP3"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2017-18249",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-18249"
}
],
"notes": [
{
"category": "general",
"text": "The add_free_nid function in fs/f2fs/node.c in the Linux kernel before 4.12 does not properly track an allocated nid, which allows local users to cause a denial of service (race condition) or possibly have unspecified other impact via concurrent threads.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP3:kernel-azure-4.4.176-4.25.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-azure-base-4.4.176-4.25.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-azure-devel-4.4.176-4.25.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-devel-azure-4.4.176-4.25.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-source-azure-4.4.176-4.25.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-azure-4.4.176-4.25.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-4.4.176-4.25.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-base-4.4.176-4.25.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-devel-4.4.176-4.25.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-azure-4.4.176-4.25.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-azure-4.4.176-4.25.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-azure-4.4.176-4.25.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-18249",
"url": "https://www.suse.com/security/cve/CVE-2017-18249"
},
{
"category": "external",
"summary": "SUSE Bug 1087036 for CVE-2017-18249",
"url": "https://bugzilla.suse.com/1087036"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP3:kernel-azure-4.4.176-4.25.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-azure-base-4.4.176-4.25.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-azure-devel-4.4.176-4.25.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-devel-azure-4.4.176-4.25.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-source-azure-4.4.176-4.25.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-azure-4.4.176-4.25.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-4.4.176-4.25.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-base-4.4.176-4.25.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-devel-4.4.176-4.25.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-azure-4.4.176-4.25.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-azure-4.4.176-4.25.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-azure-4.4.176-4.25.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Server 12 SP3:kernel-azure-4.4.176-4.25.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-azure-base-4.4.176-4.25.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-azure-devel-4.4.176-4.25.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-devel-azure-4.4.176-4.25.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-source-azure-4.4.176-4.25.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-azure-4.4.176-4.25.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-4.4.176-4.25.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-base-4.4.176-4.25.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-devel-4.4.176-4.25.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-azure-4.4.176-4.25.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-azure-4.4.176-4.25.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-azure-4.4.176-4.25.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-04-08T09:49:53Z",
"details": "moderate"
}
],
"title": "CVE-2017-18249"
},
{
"cve": "CVE-2019-2024",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-2024"
}
],
"notes": [
{
"category": "general",
"text": "In em28xx_unregister_dvb of em28xx-dvb.c, there is a possible use after free issue. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-111761954References: Upstream kernel",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP3:kernel-azure-4.4.176-4.25.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-azure-base-4.4.176-4.25.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-azure-devel-4.4.176-4.25.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-devel-azure-4.4.176-4.25.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-source-azure-4.4.176-4.25.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-azure-4.4.176-4.25.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-4.4.176-4.25.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-base-4.4.176-4.25.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-devel-4.4.176-4.25.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-azure-4.4.176-4.25.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-azure-4.4.176-4.25.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-azure-4.4.176-4.25.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-2024",
"url": "https://www.suse.com/security/cve/CVE-2019-2024"
},
{
"category": "external",
"summary": "SUSE Bug 1129179 for CVE-2019-2024",
"url": "https://bugzilla.suse.com/1129179"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP3:kernel-azure-4.4.176-4.25.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-azure-base-4.4.176-4.25.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-azure-devel-4.4.176-4.25.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-devel-azure-4.4.176-4.25.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-source-azure-4.4.176-4.25.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-azure-4.4.176-4.25.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-4.4.176-4.25.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-base-4.4.176-4.25.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-devel-4.4.176-4.25.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-azure-4.4.176-4.25.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-azure-4.4.176-4.25.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-azure-4.4.176-4.25.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.2,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Server 12 SP3:kernel-azure-4.4.176-4.25.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-azure-base-4.4.176-4.25.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-azure-devel-4.4.176-4.25.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-devel-azure-4.4.176-4.25.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-source-azure-4.4.176-4.25.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-azure-4.4.176-4.25.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-4.4.176-4.25.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-base-4.4.176-4.25.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-devel-4.4.176-4.25.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-azure-4.4.176-4.25.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-azure-4.4.176-4.25.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-azure-4.4.176-4.25.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-04-08T09:49:53Z",
"details": "moderate"
}
],
"title": "CVE-2019-2024"
},
{
"cve": "CVE-2019-3459",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-3459"
}
],
"notes": [
{
"category": "general",
"text": "A heap address information leak while using L2CAP_GET_CONF_OPT was discovered in the Linux kernel before 5.1-rc1.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP3:kernel-azure-4.4.176-4.25.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-azure-base-4.4.176-4.25.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-azure-devel-4.4.176-4.25.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-devel-azure-4.4.176-4.25.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-source-azure-4.4.176-4.25.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-azure-4.4.176-4.25.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-4.4.176-4.25.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-base-4.4.176-4.25.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-devel-4.4.176-4.25.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-azure-4.4.176-4.25.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-azure-4.4.176-4.25.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-azure-4.4.176-4.25.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-3459",
"url": "https://www.suse.com/security/cve/CVE-2019-3459"
},
{
"category": "external",
"summary": "SUSE Bug 1120758 for CVE-2019-3459",
"url": "https://bugzilla.suse.com/1120758"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP3:kernel-azure-4.4.176-4.25.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-azure-base-4.4.176-4.25.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-azure-devel-4.4.176-4.25.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-devel-azure-4.4.176-4.25.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-source-azure-4.4.176-4.25.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-azure-4.4.176-4.25.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-4.4.176-4.25.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-base-4.4.176-4.25.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-devel-4.4.176-4.25.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-azure-4.4.176-4.25.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-azure-4.4.176-4.25.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-azure-4.4.176-4.25.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 2.6,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.0/AV:A/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Server 12 SP3:kernel-azure-4.4.176-4.25.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-azure-base-4.4.176-4.25.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-azure-devel-4.4.176-4.25.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-devel-azure-4.4.176-4.25.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-source-azure-4.4.176-4.25.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-azure-4.4.176-4.25.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-4.4.176-4.25.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-base-4.4.176-4.25.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-devel-4.4.176-4.25.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-azure-4.4.176-4.25.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-azure-4.4.176-4.25.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-azure-4.4.176-4.25.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-04-08T09:49:53Z",
"details": "moderate"
}
],
"title": "CVE-2019-3459"
},
{
"cve": "CVE-2019-3460",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-3460"
}
],
"notes": [
{
"category": "general",
"text": "A heap data infoleak in multiple locations including L2CAP_PARSE_CONF_RSP was found in the Linux kernel before 5.1-rc1.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP3:kernel-azure-4.4.176-4.25.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-azure-base-4.4.176-4.25.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-azure-devel-4.4.176-4.25.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-devel-azure-4.4.176-4.25.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-source-azure-4.4.176-4.25.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-azure-4.4.176-4.25.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-4.4.176-4.25.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-base-4.4.176-4.25.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-devel-4.4.176-4.25.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-azure-4.4.176-4.25.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-azure-4.4.176-4.25.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-azure-4.4.176-4.25.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-3460",
"url": "https://www.suse.com/security/cve/CVE-2019-3460"
},
{
"category": "external",
"summary": "SUSE Bug 1120758 for CVE-2019-3460",
"url": "https://bugzilla.suse.com/1120758"
},
{
"category": "external",
"summary": "SUSE Bug 1155131 for CVE-2019-3460",
"url": "https://bugzilla.suse.com/1155131"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP3:kernel-azure-4.4.176-4.25.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-azure-base-4.4.176-4.25.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-azure-devel-4.4.176-4.25.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-devel-azure-4.4.176-4.25.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-source-azure-4.4.176-4.25.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-azure-4.4.176-4.25.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-4.4.176-4.25.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-base-4.4.176-4.25.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-devel-4.4.176-4.25.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-azure-4.4.176-4.25.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-azure-4.4.176-4.25.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-azure-4.4.176-4.25.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 2.6,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.0/AV:A/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Server 12 SP3:kernel-azure-4.4.176-4.25.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-azure-base-4.4.176-4.25.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-azure-devel-4.4.176-4.25.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-devel-azure-4.4.176-4.25.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-source-azure-4.4.176-4.25.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-azure-4.4.176-4.25.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-4.4.176-4.25.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-base-4.4.176-4.25.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-devel-4.4.176-4.25.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-azure-4.4.176-4.25.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-azure-4.4.176-4.25.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-azure-4.4.176-4.25.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-04-08T09:49:53Z",
"details": "moderate"
}
],
"title": "CVE-2019-3460"
},
{
"cve": "CVE-2019-6974",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-6974"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel before 4.20.8, kvm_ioctl_create_device in virt/kvm/kvm_main.c mishandles reference counting because of a race condition, leading to a use-after-free.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP3:kernel-azure-4.4.176-4.25.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-azure-base-4.4.176-4.25.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-azure-devel-4.4.176-4.25.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-devel-azure-4.4.176-4.25.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-source-azure-4.4.176-4.25.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-azure-4.4.176-4.25.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-4.4.176-4.25.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-base-4.4.176-4.25.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-devel-4.4.176-4.25.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-azure-4.4.176-4.25.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-azure-4.4.176-4.25.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-azure-4.4.176-4.25.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-6974",
"url": "https://www.suse.com/security/cve/CVE-2019-6974"
},
{
"category": "external",
"summary": "SUSE Bug 1124728 for CVE-2019-6974",
"url": "https://bugzilla.suse.com/1124728"
},
{
"category": "external",
"summary": "SUSE Bug 1124729 for CVE-2019-6974",
"url": "https://bugzilla.suse.com/1124729"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP3:kernel-azure-4.4.176-4.25.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-azure-base-4.4.176-4.25.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-azure-devel-4.4.176-4.25.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-devel-azure-4.4.176-4.25.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-source-azure-4.4.176-4.25.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-azure-4.4.176-4.25.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-4.4.176-4.25.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-base-4.4.176-4.25.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-devel-4.4.176-4.25.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-azure-4.4.176-4.25.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-azure-4.4.176-4.25.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-azure-4.4.176-4.25.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Server 12 SP3:kernel-azure-4.4.176-4.25.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-azure-base-4.4.176-4.25.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-azure-devel-4.4.176-4.25.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-devel-azure-4.4.176-4.25.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-source-azure-4.4.176-4.25.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-azure-4.4.176-4.25.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-4.4.176-4.25.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-base-4.4.176-4.25.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-devel-4.4.176-4.25.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-azure-4.4.176-4.25.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-azure-4.4.176-4.25.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-azure-4.4.176-4.25.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-04-08T09:49:53Z",
"details": "moderate"
}
],
"title": "CVE-2019-6974"
},
{
"cve": "CVE-2019-7221",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-7221"
}
],
"notes": [
{
"category": "general",
"text": "The KVM implementation in the Linux kernel through 4.20.5 has a Use-after-Free.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP3:kernel-azure-4.4.176-4.25.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-azure-base-4.4.176-4.25.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-azure-devel-4.4.176-4.25.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-devel-azure-4.4.176-4.25.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-source-azure-4.4.176-4.25.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-azure-4.4.176-4.25.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-4.4.176-4.25.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-base-4.4.176-4.25.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-devel-4.4.176-4.25.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-azure-4.4.176-4.25.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-azure-4.4.176-4.25.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-azure-4.4.176-4.25.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-7221",
"url": "https://www.suse.com/security/cve/CVE-2019-7221"
},
{
"category": "external",
"summary": "SUSE Bug 1124732 for CVE-2019-7221",
"url": "https://bugzilla.suse.com/1124732"
},
{
"category": "external",
"summary": "SUSE Bug 1124734 for CVE-2019-7221",
"url": "https://bugzilla.suse.com/1124734"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP3:kernel-azure-4.4.176-4.25.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-azure-base-4.4.176-4.25.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-azure-devel-4.4.176-4.25.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-devel-azure-4.4.176-4.25.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-source-azure-4.4.176-4.25.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-azure-4.4.176-4.25.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-4.4.176-4.25.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-base-4.4.176-4.25.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-devel-4.4.176-4.25.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-azure-4.4.176-4.25.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-azure-4.4.176-4.25.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-azure-4.4.176-4.25.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Server 12 SP3:kernel-azure-4.4.176-4.25.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-azure-base-4.4.176-4.25.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-azure-devel-4.4.176-4.25.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-devel-azure-4.4.176-4.25.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-source-azure-4.4.176-4.25.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-azure-4.4.176-4.25.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-4.4.176-4.25.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-base-4.4.176-4.25.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-devel-4.4.176-4.25.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-azure-4.4.176-4.25.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-azure-4.4.176-4.25.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-azure-4.4.176-4.25.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-04-08T09:49:53Z",
"details": "moderate"
}
],
"title": "CVE-2019-7221"
},
{
"cve": "CVE-2019-7222",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-7222"
}
],
"notes": [
{
"category": "general",
"text": "The KVM implementation in the Linux kernel through 4.20.5 has an Information Leak.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP3:kernel-azure-4.4.176-4.25.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-azure-base-4.4.176-4.25.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-azure-devel-4.4.176-4.25.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-devel-azure-4.4.176-4.25.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-source-azure-4.4.176-4.25.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-azure-4.4.176-4.25.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-4.4.176-4.25.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-base-4.4.176-4.25.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-devel-4.4.176-4.25.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-azure-4.4.176-4.25.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-azure-4.4.176-4.25.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-azure-4.4.176-4.25.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-7222",
"url": "https://www.suse.com/security/cve/CVE-2019-7222"
},
{
"category": "external",
"summary": "SUSE Bug 1124735 for CVE-2019-7222",
"url": "https://bugzilla.suse.com/1124735"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP3:kernel-azure-4.4.176-4.25.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-azure-base-4.4.176-4.25.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-azure-devel-4.4.176-4.25.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-devel-azure-4.4.176-4.25.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-source-azure-4.4.176-4.25.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-azure-4.4.176-4.25.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-4.4.176-4.25.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-base-4.4.176-4.25.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-devel-4.4.176-4.25.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-azure-4.4.176-4.25.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-azure-4.4.176-4.25.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-azure-4.4.176-4.25.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 2.8,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:L/I:N/A:N",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Server 12 SP3:kernel-azure-4.4.176-4.25.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-azure-base-4.4.176-4.25.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-azure-devel-4.4.176-4.25.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-devel-azure-4.4.176-4.25.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-source-azure-4.4.176-4.25.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-azure-4.4.176-4.25.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-4.4.176-4.25.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-base-4.4.176-4.25.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-devel-4.4.176-4.25.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-azure-4.4.176-4.25.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-azure-4.4.176-4.25.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-azure-4.4.176-4.25.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-04-08T09:49:53Z",
"details": "low"
}
],
"title": "CVE-2019-7222"
},
{
"cve": "CVE-2019-9213",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-9213"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel before 4.20.14, expand_downwards in mm/mmap.c lacks a check for the mmap minimum address, which makes it easier for attackers to exploit kernel NULL pointer dereferences on non-SMAP platforms. This is related to a capability check for the wrong task.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP3:kernel-azure-4.4.176-4.25.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-azure-base-4.4.176-4.25.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-azure-devel-4.4.176-4.25.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-devel-azure-4.4.176-4.25.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-source-azure-4.4.176-4.25.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-azure-4.4.176-4.25.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-4.4.176-4.25.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-base-4.4.176-4.25.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-devel-4.4.176-4.25.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-azure-4.4.176-4.25.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-azure-4.4.176-4.25.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-azure-4.4.176-4.25.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-9213",
"url": "https://www.suse.com/security/cve/CVE-2019-9213"
},
{
"category": "external",
"summary": "SUSE Bug 1128166 for CVE-2019-9213",
"url": "https://bugzilla.suse.com/1128166"
},
{
"category": "external",
"summary": "SUSE Bug 1128378 for CVE-2019-9213",
"url": "https://bugzilla.suse.com/1128378"
},
{
"category": "external",
"summary": "SUSE Bug 1129016 for CVE-2019-9213",
"url": "https://bugzilla.suse.com/1129016"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP3:kernel-azure-4.4.176-4.25.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-azure-base-4.4.176-4.25.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-azure-devel-4.4.176-4.25.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-devel-azure-4.4.176-4.25.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-source-azure-4.4.176-4.25.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-azure-4.4.176-4.25.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-4.4.176-4.25.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-base-4.4.176-4.25.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-devel-4.4.176-4.25.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-azure-4.4.176-4.25.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-azure-4.4.176-4.25.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-azure-4.4.176-4.25.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Server 12 SP3:kernel-azure-4.4.176-4.25.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-azure-base-4.4.176-4.25.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-azure-devel-4.4.176-4.25.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-devel-azure-4.4.176-4.25.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-source-azure-4.4.176-4.25.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-azure-4.4.176-4.25.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-4.4.176-4.25.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-base-4.4.176-4.25.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-devel-4.4.176-4.25.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-azure-4.4.176-4.25.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-azure-4.4.176-4.25.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-azure-4.4.176-4.25.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-04-08T09:49:53Z",
"details": "moderate"
}
],
"title": "CVE-2019-9213"
}
]
}
suse-su-2018:1816-1
Vulnerability from csaf_suse
Published
2018-06-26 11:39
Modified
2018-06-26 11:39
Summary
Security update for the Linux Kernel
Notes
Title of the patch
Security update for the Linux Kernel
Description of the patch
The SUSE Linux Enterprise 12 SP3 RT kernel was updated to 4.4.138 to receive various security and bugfixes.
The following security bugs were fixed:
- CVE-2018-12233: A memory corruption bug in JFS could have been triggered by
calling setxattr twice with two different extended attribute names on the same
file. This vulnerability could be triggered by an unprivileged user with the
ability to create files and execute programs (bsc#1097234)
- CVE-2018-3665: Prevent disclosure of FPU registers (including XMM and AVX
registers) between processes. These registers might contain encryption keys
when doing SSE accelerated AES enc/decryption (bsc#1087086)
- CVE-2018-5848: In the function wmi_set_ie(), the length validation code did
not handle unsigned integer overflow properly. As a result, a large value of
the 'ie_len' argument could have caused a buffer overflow (bnc#1097356)
- CVE-2017-18249: The add_free_nid function did not properly track an allocated
nid, which allowed local users to cause a denial of service (race condition) or
possibly have unspecified other impact via concurrent threads (bnc#1087036)
- CVE-2017-18241: Prevent a NULL pointer dereference by using a noflush_merge
option that triggers a NULL value for a flush_cmd_control data structure
(bnc#1086400)
- CVE-2017-17741: The KVM implementation in the Linux kernel allowed attackers
to obtain potentially sensitive information from kernel memory, aka a
write_mmio stack-based out-of-bounds read (bnc#1073311)
- CVE-2018-3639: Systems with microprocessors utilizing speculative execution
and speculative execution of memory reads the addresses of all prior memory
writes are known may have allowed unauthorized disclosure of information to an
attacker with local user access via a side-channel analysis, aka Speculative
Store Bypass (SSB), Variant 4 (bsc#1087082).
- CVE-2018-8781: The udl_fb_mmap function had an integer-overflow vulnerability
allowing local users with access to the udldrmfb driver to obtain full read and
write permissions on kernel physical pages, resulting in a code execution in
kernel space (bsc#1090643).
- CVE-2017-13305: Prevent information disclosure vulnerability in
encrypted-keys (bsc#1094353)
- CVE-2018-1093: The ext4_valid_block_bitmap function allowed attackers to
cause a denial of service (out-of-bounds read and system crash) via a crafted
ext4 image because balloc.c and ialloc.c do not validate bitmap block numbers
(bsc#1087095)
- CVE-2018-1094: The ext4_fill_super function did not always initialize the
crc32c checksum driver, which allowed attackers to cause a denial of service
(ext4_xattr_inode_hash NULL pointer dereference and system crash) via a crafted
ext4 image (bsc#1087007)
- CVE-2018-1092: The ext4_iget function mishandled the case of a root directory
with a zero i_links_count, which allowed attackers to cause a denial of service
(ext4_process_freed_data NULL pointer dereference and OOPS) via a crafted ext4
image (bsc#1087012)
- CVE-2018-1130: NULL pointer dereference in dccp_write_xmit() function that
allowed a local user to cause a denial of service by a number of certain
crafted system calls (bsc#1092904)
- CVE-2018-5803: Prevent error in the '_sctp_make_chunk()' function when
handling SCTP packets length that could have been exploited to cause a kernel
crash (bnc#1083900)
- CVE-2018-1065: The netfilter subsystem mishandled the case of a rule blob
that contains a jump but lacks a user-defined chain, which allowed local users
to cause a denial of service (NULL pointer dereference) by leveraging the
CAP_NET_RAW or CAP_NET_ADMIN capability (bsc#1083650)
- CVE-2018-7492: Prevent NULL pointer dereference in the net/rds/rdma.c
__rds_rdma_map() function that allowed local attackers to cause a system panic
and a denial-of-service, related to RDS_GET_MR and RDS_GET_MR_FOR_DEST
(bsc#1082962)
- CVE-2018-1000199: Prevent vulnerability in modify_user_hw_breakpoint() that
could have caused a crash and possibly memory corruption (bsc#1089895)
The following non-security bugs were fixed:
- 8139too: Use disable_irq_nosync() in rtl8139_poll_controller() (bnc#1012382).
- ACPI / hotplug / PCI: Check presence of slot itself in get_slot_status() (bnc#1012382).
- ACPI / scan: Send change uevent with offine environmental data (bsc#1082485).
- ACPI / video: Add quirk to force acpi-video backlight on Samsung 670Z5E (bnc#1012382).
- ACPI: acpi_pad: Fix memory leak in power saving threads (bnc#1012382).
- ACPI: processor_perflib: Do not send _PPC change notification if not ready (bnc#1012382).
- ACPICA: Events: add a return on failure from acpi_hw_register_read (bnc#1012382).
- ACPICA: acpi: acpica: fix acpi operand cache leak in nseval.c (bnc#1012382).
- ALSA: aloop: Add missing cable lock to ctl API callbacks (bnc#1012382).
- ALSA: aloop: Mark paused device as inactive (bnc#1012382).
- ALSA: asihpi: Hardening for potential Spectre v1 (bnc#1012382).
- ALSA: control: Hardening for potential Spectre v1 (bnc#1012382).
- ALSA: control: fix a redundant-copy issue (bnc#1012382).
- ALSA: core: Report audio_tstamp in snd_pcm_sync_ptr (bnc#1012382).
- ALSA: hda - New VIA controller suppor no-snoop path (bnc#1012382).
- ALSA: hda - Use IS_REACHABLE() for dependency on input (bnc#1012382 bsc#1031717).
- ALSA: hda/conexant - Add fixup for HP Z2 G4 workstation (bsc#1092975).
- ALSA: hda/realtek - Add some fixes for ALC233 (bnc#1012382).
- ALSA: hda: Add Lenovo C50 All in one to the power_save blacklist (bnc#1012382).
- ALSA: hda: Hardening for potential Spectre v1 (bnc#1012382).
- ALSA: hdspm: Hardening for potential Spectre v1 (bnc#1012382).
- ALSA: line6: Use correct endpoint type for midi output (bnc#1012382).
- ALSA: opl3: Hardening for potential Spectre v1 (bnc#1012382).
- ALSA: oss: consolidate kmalloc/memset 0 call to kzalloc (bnc#1012382).
- ALSA: pcm: Avoid potential races between OSS ioctls and read/write (bnc#1012382).
- ALSA: pcm: Check PCM state at xfern compat ioctl (bnc#1012382).
- ALSA: pcm: Fix UAF at PCM release via PCM timer access (bnc#1012382).
- ALSA: pcm: Fix endless loop for XRUN recovery in OSS emulation (bnc#1012382).
- ALSA: pcm: Fix mutex unbalance in OSS emulation ioctls (bnc#1012382).
- ALSA: pcm: Return -EBUSY for OSS ioctls changing busy streams (bnc#1012382).
- ALSA: pcm: Use ERESTARTSYS instead of EINTR in OSS emulation (bnc#1012382).
- ALSA: rawmidi: Fix missing input substream checks in compat ioctls (bnc#1012382).
- ALSA: rme9652: Hardening for potential Spectre v1 (bnc#1012382).
- ALSA: seq: Fix races at MIDI encoding in snd_virmidi_output_trigger() (bnc#1012382).
- ALSA: seq: oss: Fix unbalanced use lock for synth MIDI device (bnc#1012382).
- ALSA: seq: oss: Hardening for potential Spectre v1 (bnc#1012382).
- ALSA: timer: Call notifier in the same spinlock (bnc#1012382 bsc#973378).
- ALSA: timer: Fix pause event notification (bnc#1012382 bsc#973378).
- ALSA: timer: Fix pause event notification (bsc#973378).
- ALSA: usb-audio: Skip broken EU on Dell dock USB-audio (bsc#1090658).
- ALSA: usb: mixer: volume quirk for CM102-A+/102S+ (bnc#1012382).
- ALSA: vmaster: Propagate slave error (bnc#1012382).
- ARC: Fix malformed ARC_EMUL_UNALIGNED default (bnc#1012382).
- ARM: 8748/1: mm: Define vdso_start, vdso_end as array (bnc#1012382).
- ARM: 8769/1: kprobes: Fix to use get_kprobe_ctlblk after irq-disabed (bnc#1012382).
- ARM: 8770/1: kprobes: Prohibit probing on optimized_callback (bnc#1012382).
- ARM: 8771/1: kprobes: Prohibit kprobes on do_undefinstr (bnc#1012382).
- ARM: 8772/1: kprobes: Prohibit kprobes on get_user functions (bnc#1012382).
- ARM: OMAP1: clock: Fix debugfs_create_*() usage (bnc#1012382).
- ARM: OMAP2+: timer: fix a kmemleak caused in omap_get_timer_dt (bnc#1012382).
- ARM: OMAP3: Fix prm wake interrupt for resume (bnc#1012382).
- ARM: OMAP: Fix dmtimer init for omap1 (bnc#1012382).
- ARM: amba: Do not read past the end of sysfs 'driver_override' buffer (bnc#1012382).
- ARM: amba: Fix race condition with driver_override (bnc#1012382).
- ARM: amba: Make driver_override output consistent with other buses (bnc#1012382).
- ARM: dts: at91: at91sam9g25: fix mux-mask pinctrl property (bnc#1012382).
- ARM: dts: at91: sama5d4: fix pinctrl compatible string (bnc#1012382).
- ASoC: Intel: sst: remove redundant variable dma_dev_name (bnc#1012382).
- ASoC: au1x: Fix timeout tests in au1xac97c_ac97_read() (bnc#1012382 bsc#1031717).
- ASoC: fsl_esai: Fix divisor calculation failure at lower ratio (bnc#1012382).
- ASoC: samsung: i2s: Ensure the RCLK rate is properly determined (bnc#1012382).
- ASoC: ssm2602: Replace reg_default_raw with reg_default (bnc#1012382).
- ASoC: topology: create TLV data for dapm widgets (bnc#1012382).
- Bluetooth: Apply QCA Rome patches for some ATH3012 models (bsc#1082504, bsc#1095147).
- Bluetooth: btusb: Add USB ID 7392:a611 for Edimax EW-7611ULB (bnc#1012382).
- Bluetooth: btusb: Add device ID for RTL8822BE (bnc#1012382).
- Btrfs: Fix out of bounds access in btrfs_search_slot (bnc#1012382).
- Btrfs: Fix possible softlock on single core machines (bnc#1012382).
- Btrfs: Fix wrong first_key parameter in replace_path (Followup fix for bsc#1084721).
- Btrfs: bail out on error during replay_dir_deletes (bnc#1012382).
- Btrfs: fix NULL pointer dereference in log_dir_items (bnc#1012382).
- Btrfs: fix copy_items() return value when logging an inode (bnc#1012382).
- Btrfs: fix crash when trying to resume balance without the resume flag (bnc#1012382).
- Btrfs: fix lockdep splat in btrfs_alloc_subvolume_writers (bnc#1012382).
- Btrfs: fix reading stale metadata blocks after degraded raid1 mounts (bnc#1012382).
- Btrfs: fix scrub to repair raid6 corruption (bnc#1012382).
- Btrfs: fix xattr loss after power failure (bnc#1012382).
- Btrfs: send, fix issuing write op when processing hole in no data mode (bnc#1012382).
- Btrfs: set plug for fsync (bnc#1012382).
- Btrfs: tests/qgroup: Fix wrong tree backref level (bnc#1012382).
- Clarify (and fix) MAX_LFS_FILESIZE macros (bnc#1012382).
- Correct the prefix in references tag in previous patches (bsc#1041740).
- Do not leak MNT_INTERNAL away from internal mounts (bnc#1012382).
- ENABLE_IBRS clobbers %rax which it shouldn't do
- Enable uinput driver (bsc#1092566).
- Fix excessive newline in /proc/*/status (bsc#1094823).
- Fixes typo for (watchdog: hpwdt: Update nmi_panic message) (bsc#1085185).
- Force log to disk before reading the AGF during a fstrim (bnc#1012382).
- HID: Fix hid_report_len usage (bnc#1012382).
- HID: core: Fix size as type u32 (bnc#1012382).
- HID: hidraw: Fix crash on HIDIOCGFEATURE with a destroyed device (bnc#1012382).
- HID: i2c-hid: fix size check and type usage (bnc#1012382).
- HID: roccat: prevent an out of bounds read in kovaplus_profile_activated() (bnc#1012382).
- IB/ipoib: Fix for potential no-carrier state (bnc#1012382).
- IB/mlx5: Use unlimited rate when static rate is not supported (bnc#1012382).
- IB/srp: Fix completion vector assignment algorithm (bnc#1012382).
- IB/srp: Fix srp_abort() (bnc#1012382).
- Input: ALPS - fix TrackStick support for SS5 hardware (git-fixes).
- Input: ALPS - fix multi-touch decoding on SS4 plus touchpads (git-fixes).
- Input: ALPS - fix trackstick button handling on V8 devices (git-fixes).
- Input: ALPS - fix two-finger scroll breakage in right side on ALPS touchpad (git-fixes).
- Input: atmel_mxt_ts - add touchpad button mapping for Samsung Chromebook Pro (bnc#1012382).
- Input: drv260x - fix initializing overdrive voltage (bnc#1012382).
- Input: elan_i2c - add ELAN0612 (Lenovo v330 14IKB) ACPI ID (bnc#1012382).
- Input: elan_i2c_smbus - fix corrupted stack (bnc#1012382).
- Input: goodix - add new ACPI id for GPD Win 2 touch screen (bnc#1012382).
- Input: leds - fix out of bound access (bnc#1012382).
- KEYS: DNS: limit the length of option strings (bnc#1012382).
- KVM: Fix spelling mistake: 'cop_unsuable' -> 'cop_unusable' (bnc#1012382).
- KVM: PPC: Book3S HV: Fix VRMA initialization with 2MB or 1GB memory backing (bnc#1012382).
- KVM: VMX: raise internal error for exception during invalid protected mode state (bnc#1012382).
- KVM: lapic: stop advertising DIRECTED_EOI when in-kernel IOAPIC is in use (bnc#1012382).
- KVM: s390: Enable all facility bits that are known good for passthrough (bnc#1012382 bsc#1073059 bsc#1076805).
- KVM: x86: Sync back MSR_IA32_SPEC_CTRL to VCPU data structure (bsc#1096242, bsc#1096281).
- KVM: x86: introduce linear_{read,write}_system (bnc#1012382).
- KVM: x86: pass kvm_vcpu to kvm_read_guest_virt and kvm_write_guest_virt_system (bnc#1012382).
- Kbuild: change CC_OPTIMIZE_FOR_SIZE definition (bnc#1012382).
- MIPS: Fix ptrace(2) PTRACE_PEEKUSR and PTRACE_POKEUSR accesses to o32 FGRs (bnc#1012382).
- MIPS: Octeon: Fix logging messages with spurious periods after newlines (bnc#1012382).
- MIPS: TXx9: use IS_BUILTIN() for CONFIG_LEDS_CLASS (bnc#1012382).
- MIPS: ath79: Fix AR724X_PLL_REG_PCIE_CONFIG offset (bnc#1012382).
- MIPS: memset.S: EVA and fault support for small_memset (bnc#1012382).
- MIPS: memset.S: Fix clobber of v1 in last_fixup (bnc#1012382).
- MIPS: memset.S: Fix return of __clear_user from Lpartial_fixup (bnc#1012382).
- MIPS: prctl: Disallow FRE without FR with PR_SET_FP_MODE requests (bnc#1012382).
- MIPS: ptrace: Expose FIR register through FP regset (bnc#1012382).
- MIPS: ptrace: Fix PTRACE_PEEKUSR requests for 64-bit FGRs (bnc#1012382).
- MIPS: uaccess: Add micromips clobbers to bzero invocation (bnc#1012382).
- NET: usb: qmi_wwan: add support for ublox R410M PID 0x90b2 (bnc#1012382).
- NFC: llcp: Limit size of SDP URI (bnc#1012382).
- NFSv4: always set NFS_LOCK_LOST when a lock is lost (bnc#1012382 bsc#1068951).
- PCI: Add function 1 DMA alias quirk for Marvell 88SE9220 (bnc#1012382).
- PCI: Add function 1 DMA alias quirk for Marvell 9128 (bnc#1012382).
- PCI: Restore config space on runtime resume despite being unbound (bnc#1012382).
- PCI: hv: Fix a __local_bh_enable_ip warning in hv_compose_msi_msg() (bnc#1094268).
- RDMA/mlx5: Avoid memory leak in case of XRCD dealloc failure (bnc#1012382).
- RDMA/mlx5: Protect from shift operand overflow (bnc#1012382).
- RDMA/qedr: Fix doorbell bar mapping for dpi > 1 (bsc#1022604).
- RDMA/ucma: Allow resolving address w/o specifying source address (bnc#1012382).
- RDMA/ucma: Correct option size check using optlen (bnc#1012382).
- RDMA/ucma: Do not allow setting RDMA_OPTION_IB_PATH without an RDMA device (bnc#1012382).
- RDS: IB: Fix null pointer issue (bnc#1012382).
- Revert 'ARM: dts: imx6qdl-wandboard: Fix audio channel swap' (bnc#1012382).
- Revert 'Bluetooth: btusb: Fix quirk for Atheros 1525/QCA6174' (bnc#1012382).
- Revert 'KVM: Fix stack-out-of-bounds read in write_mmio' (bnc#1083635).
- Revert 'ath10k: rebuild crypto header in rx data frames' (kabi).
- Revert 'ath10k: send (re)assoc peer command when NSS changed' (bnc#1012382).
- Revert 'bs-upload-kernel: do not set %opensuse_bs' This reverts commit e89e2b8cbef05df6c874ba70af3cb4c57f82a821.
- Revert 'ima: limit file hash setting by user to fix and log modes' (bnc#1012382).
- Revert 'ipc/shm: Fix shmat mmap nil-page protection' (bnc#1012382).
- Revert 'perf tests: Decompress kernel module before objdump' (bnc#1012382).
- Revert 'vti4: Do not override MTU passed on link creation via IFLA_MTU' (bnc#1012382).
- Revert 'watchdog: hpwdt: Remove legacy NMI sourcing (bsc#1085185).' This reverts commit 3e75a004de79c213a2c919144da3d413922661db.
- Revert 'x86/fpu: Hard-disable lazy FPU mode' (compatibility).
- USB: Accept bulk endpoints with 1024-byte maxpacket (bnc#1012382 bsc#1092888).
- USB: Accept bulk endpoints with 1024-byte maxpacket (bsc#1092888).
- USB: Increment wakeup count on remote wakeup (bnc#1012382).
- USB: OHCI: Fix NULL dereference in HCDs using HCD_LOCAL_MEM (bnc#1012382).
- USB: serial: cp210x: add ID for NI USB serial console (bnc#1012382).
- USB: serial: cp210x: use tcflag_t to fix incompatible pointer type (bnc#1012382).
- USB: serial: ftdi_sio: use jtag quirk for Arrow USB Blaster (bnc#1012382).
- USB: serial: option: Add support for Quectel EP06 (bnc#1012382).
- USB: serial: option: adding support for ublox R410M (bnc#1012382).
- USB: serial: option: reimplement interface masking (bnc#1012382).
- USB: serial: simple: add libtransistor console (bnc#1012382).
- USB: serial: visor: handle potential invalid device configuration (bnc#1012382).
- USB:fix USB3 devices behind USB3 hubs not resuming at hibernate thaw (bnc#1012382).
- Update config files, add expoline for s390x (bsc#1089393).
- af_key: Always verify length of provided sadb_key (bnc#1012382).
- affs_lookup(): close a race with affs_remove_link() (bnc#1012382).
- aio: fix io_destroy(2) vs. lookup_ioctx() race (bnc#1012382).
- arm/arm64: smccc: Add SMCCC-specific return codes (bsc#1085308).
- arm64: Add 'ssbd' command-line option (bsc#1085308).
- arm64: Add ARCH_WORKAROUND_2 probing (bsc#1085308).
- arm64: Add per-cpu infrastructure to call ARCH_WORKAROUND_2 (bsc#1085308).
- arm64: Add this_cpu_ptr() assembler macro for use in entry.S (bsc#1085308).
- arm64: Add work around for Arm Cortex-A55 Erratum 1024718 (bnc#1012382).
- arm64: Call ARCH_WORKAROUND_2 on transitions between EL0 and EL1 (bsc#1085308).
- arm64: alternatives: Add dynamic patching feature (bsc#1085308).
- arm64: assembler: introduce ldr_this_cpu (bsc#1085308).
- arm64: do not call C code with el0's fp register (bsc#1085308).
- arm64: fix endianness annotation for __apply_alternatives()/get_alt_insn() (bsc#1085308).
- arm64: introduce mov_q macro to move a constant into a 64-bit register (bnc#1012382 bsc#1068032).
- arm64: lse: Add early clobbers to some input/output asm operands (bnc#1012382).
- arm64: spinlock: Fix theoretical trylock() A-B-A with LSE atomics (bnc#1012382).
- arm64: ssbd: Add global mitigation state accessor (bsc#1085308).
- arm64: ssbd: Add prctl interface for per-thread mitigation (bsc#1085308).
- arm64: ssbd: Introduce thread flag to control userspace mitigation (bsc#1085308).
- arm64: ssbd: Restore mitigation status on CPU resume (bsc#1085308).
- arm64: ssbd: Skip apply_ssbd if not using dynamic mitigation (bsc#1085308).
- arm: dts: socfpga: fix GIC PPI warning (bnc#1012382).
- asm-generic: provide generic_pmdp_establish() (bnc#1012382).
- ath10k: Fix kernel panic while using worker (ath10k_sta_rc_update_wk) (bnc#1012382).
- ath10k: fix rfc1042 header retrieval in QCA4019 with eth decap mode (bnc#1012382).
- ath10k: rebuild crypto header in rx data frames (bnc#1012382).
- ath9k_hw: check if the chip failed to wake up (bnc#1012382).
- atm: zatm: Fix potential Spectre v1 (bnc#1012382).
- audit: move calcs after alloc and check when logging set loginuid (bnc#1012382).
- audit: return on memory error to avoid null pointer dereference (bnc#1012382).
- autofs: change autofs4_expire_wait()/do_expire_wait() to take struct path (bsc#1086716).
- autofs: change autofs4_wait() to take struct path (bsc#1086716).
- autofs: mount point create should honour passed in mode (bnc#1012382).
- autofs: use path_has_submounts() to fix unreliable have_submount() checks (bsc#1086716).
- autofs: use path_is_mountpoint() to fix unreliable d_mountpoint() checks (bsc#1086716).
- batman-adv: fix header size check in batadv_dbg_arp() (bnc#1012382).
- batman-adv: fix multicast-via-unicast transmission with AP isolation (bnc#1012382).
- batman-adv: fix packet checksum in receive path (bnc#1012382).
- batman-adv: fix packet loss for broadcasted DHCP packets to a server (bnc#1012382).
- batman-adv: invalidate checksum on fragment reassembly (bnc#1012382).
- bcache: fix for allocator and register thread race (bnc#1012382).
- bcache: fix for data collapse after re-attaching an attached device (bnc#1012382).
- bcache: fix kcrashes with fio in RAID5 backend dev (bnc#1012382).
- bcache: properly set task state in bch_writeback_thread() (bnc#1012382).
- bcache: quit dc->writeback_thread when BCACHE_DEV_DETACHING is set (bnc#1012382).
- bcache: return attach error when no cache set exist (bnc#1012382).
- bdi: Fix oops in wb_workfn() (bnc#1012382).
- blacklist.conf: Add an omapdrm entry (bsc#1090708, bsc#1090718)
- block/loop: fix deadlock after loop_set_status (bnc#1012382).
- block: cancel workqueue entries on blk_mq_freeze_queue() (bsc#1090435).
- block: sanity check for integrity intervals (bsc#1091728).
- bnx2x: use the right constant (bnc#1012382).
- bnxt_en: Check valid VNIC ID in bnxt_hwrm_vnic_set_tpa() (bnc#1012382).
- bonding: do not allow rlb updates to invalid mac (bnc#1012382).
- bonding: do not set slave_dev npinfo before slave_enable_netpoll in bond_enslave (bnc#1012382).
- bpf: fix selftests/bpf test_kmod.sh failure when CONFIG_BPF_JIT_ALWAYS_ON=y (bnc#1012382).
- bpf: map_get_next_key to return first key on NULL (bnc#1012382).
- brcmfmac: Fix check for ISO3166 code (bnc#1012382).
- bridge: check iface upper dev when setting master via ioctl (bnc#1012382).
- can: kvaser_usb: Increase correct stats counter in kvaser_usb_rx_can_msg() (bnc#1012382).
- cdc_ether: flag the Cinterion AHS8 modem by gemalto as WWAN (bnc#1012382).
- cdrom: do not call check_disk_change() inside cdrom_open() (bnc#1012382).
- cdrom: information leak in cdrom_ioctl_media_changed() (bnc#1012382).
- ceph: adding protection for showing cap reservation info (bsc#1089115).
- ceph: always update atime/mtime/ctime for new inode (bsc#1089115).
- ceph: check if mds create snaprealm when setting quota (bsc#1089115).
- ceph: delete unreachable code in ceph_check_caps() (bsc#1096214).
- ceph: do not check quota for snap inode (bsc#1089115).
- ceph: fix invalid point dereference for error case in mdsc destroy (bsc#1089115).
- ceph: fix race of queuing delayed caps (bsc#1096214).
- ceph: fix root quota realm check (bsc#1089115).
- ceph: fix rsize/wsize capping in ceph_direct_read_write() (bsc#1089115).
- ceph: fix st_nlink stat for directories (bsc#1093904).
- ceph: quota: add counter for snaprealms with quota (bsc#1089115).
- ceph: quota: add initial infrastructure to support cephfs quotas (bsc#1089115).
- ceph: quota: cache inode pointer in ceph_snap_realm (bsc#1089115).
- ceph: quota: do not allow cross-quota renames (bsc#1089115).
- ceph: quota: report root dir quota usage in statfs (bsc#1089115).
- ceph: quota: support for ceph.quota.max_bytes (bsc#1089115).
- ceph: quota: support for ceph.quota.max_files (bsc#1089115).
- ceph: quota: update MDS when max_bytes is approaching (bsc#1089115).
- cfg80211: further limit wiphy names to 64 bytes (bnc#1012382 git-fixes).
- cfg80211: further limit wiphy names to 64 bytes (git-fixes).
- cfg80211: limit wiphy names to 128 bytes (bnc#1012382).
- cifs: Use file_dentry() (bsc#1093008).
- cifs: do not allow creating sockets except with SMB1 posix exensions (bnc#1012382).
- cifs: silence compiler warnings showing up with gcc-8.0.0 (bnc#1012382 bsc#1090734).
- cifs: silence compiler warnings showing up with gcc-8.0.0 (bsc#1090734).
- clk: Do not show the incorrect clock phase (bnc#1012382).
- clk: bcm2835: De-assert/assert PLL reset signal when appropriate (bnc#1012382).
- clk: mvebu: armada-38x: add support for 1866MHz variants (bnc#1012382).
- clk: mvebu: armada-38x: add support for missing clocks (bnc#1012382).
- clk: rockchip: Prevent calculating mmc phase if clock rate is zero (bnc#1012382).
- clk: samsung: exynos3250: Fix PLL rates (bnc#1012382).
- clk: samsung: exynos5250: Fix PLL rates (bnc#1012382).
- clk: samsung: exynos5260: Fix PLL rates (bnc#1012382).
- clk: samsung: exynos5433: Fix PLL rates (bnc#1012382).
- clk: samsung: s3c2410: Fix PLL rates (bnc#1012382).
- clocksource/drivers/arm_arch_timer: Avoid infinite recursion when ftrace is enabled (bsc#1090225).
- clocksource/drivers/fsl_ftm_timer: Fix error return checking (bnc#1012382).
- config: arm64: enable Spectre-v4 per-thread mitigation
- cpufreq: CPPC: Initialize shared perf capabilities of CPUs (bnc#1012382).
- cpufreq: cppc_cpufreq: Fix cppc_cpufreq_init() failure path (bnc#1012382).
- cpufreq: intel_pstate: Enable HWP by default (bnc#1012382).
- cpuidle: coupled: remove unused define cpuidle_coupled_lock (bnc#1012382).
- crypto: af_alg - fix possible uninit-value in alg_bind() (bnc#1012382).
- crypto: sunxi-ss - Add MODULE_ALIAS to sun4i-ss (bnc#1012382).
- crypto: vmx - Remove overly verbose printk from AES init routines (bnc#1012382).
- cxgb4: Setup FW queues before registering netdev (bsc#1022743).
- dccp: do not free ccid2_hc_tx_sock struct in dccp_disconnect() (bnc#1012382).
- dccp: fix tasklet usage (bnc#1012382).
- dccp: initialize ireq->ir_mark (bnc#1012382).
- dlm: fix a clerical error when set SCTP_NODELAY (bsc#1091594).
- dlm: make sctp_connect_to_sock() return in specified time (bsc#1080542).
- dlm: remove O_NONBLOCK flag in sctp_connect_to_sock (bsc#1080542).
- dm thin: fix documentation relative to low water mark threshold (bnc#1012382).
- dmaengine: at_xdmac: fix rare residue corruption (bnc#1012382).
- dmaengine: ensure dmaengine helpers check valid callback (bnc#1012382).
- dmaengine: pl330: fix a race condition in case of threaded irqs (bnc#1012382).
- dmaengine: rcar-dmac: fix max_chunk_size for R-Car Gen3 (bnc#1012382).
- dmaengine: usb-dmac: fix endless loop in usb_dmac_chan_terminate_all() (bnc#1012382).
- do d_instantiate/unlock_new_inode combinations safely (bnc#1012382).
- dp83640: Ensure against premature access to PHY registers after reset (bnc#1012382).
- drm/exynos: fix comparison to bitshift when dealing with a mask (bnc#1012382).
- drm/i915: Disable LVDS on Radiant P845 (bnc#1012382).
- drm/radeon: Fix PCIe lane width calculation (bnc#1012382).
- drm/rockchip: Respect page offset for PRIME mmap calls (bnc#1012382).
- drm/virtio: fix vq wait_event condition (bnc#1012382).
- drm/vmwgfx: Fix a buffer object leak (bnc#1012382).
- drm: set FMODE_UNSIGNED_OFFSET for drm files (bnc#1012382).
- e1000e: Fix check_for_link return value with autoneg off (bnc#1012382 bsc#1075428).
- e1000e: allocate ring descriptors with dma_zalloc_coherent (bnc#1012382).
- efi: Avoid potential crashes, fix the 'struct efi_pci_io_protocol_32' definition for mixed mode (bnc#1012382).
- enic: enable rq before updating rq descriptors (bnc#1012382).
- enic: set DMA mask to 47 bit (bnc#1012382).
- ext2: fix a block leak (bnc#1012382).
- ext4: Fix hole length detection in ext4_ind_map_blocks() (bsc#1090953).
- ext4: add validity checks for bitmap block numbers (bnc#1012382).
- ext4: bugfix for mmaped pages in mpage_release_unused_pages() (bnc#1012382).
- ext4: do not allow r/w mounts if metadata blocks overlap the superblock (bnc#1012382).
- ext4: do not update checksum of new initialized bitmaps (bnc#1012382).
- ext4: fail ext4_iget for root directory if unallocated (bnc#1012382).
- ext4: fix bitmap position validation (bnc#1012382).
- ext4: fix deadlock between inline_data and ext4_expand_extra_isize_ea() (bnc#1012382).
- ext4: prevent right-shifting extents beyond EXT_MAX_BLOCKS (bnc#1012382).
- ext4: set h_journal if there is a failure starting a reserved handle (bnc#1012382).
- fanotify: fix logic of events on child (bnc#1012382).
- fbdev: Fixing arbitrary kernel leak in case FBIOGETCMAP_SPARC in sbusfb_ioctl_helper() (bnc#1012382).
- firewire-ohci: work around oversized DMA reads on JMicron controllers (bnc#1012382).
- firmware: dmi: handle missing DMI data gracefully (bsc#1096037).
- firmware: dmi_scan: Fix handling of empty DMI strings (bnc#1012382).
- fix io_destroy()/aio_complete() race (bnc#1012382).
- fs/proc/proc_sysctl.c: fix potential page fault while unregistering sysctl table (bnc#1012382).
- fs/reiserfs/journal.c: add missing resierfs_warning() arg (bnc#1012382).
- fscache: Fix hanging wait on page discarded by writeback (bnc#1012382).
- futex: Remove duplicated code and fix undefined behaviour (bnc#1012382).
- futex: Remove unnecessary warning from get_futex_key (bnc#1012382).
- futex: futex_wake_op, do not fail on invalid op (git-fixes).
- futex: futex_wake_op, fix sign_extend32 sign bits (bnc#1012382).
- getname_kernel() needs to make sure that ->name != ->iname in long case (bnc#1012382).
- gfs2: Fix fallocate chunk size (bnc#1012382).
- gianfar: Fix Rx byte accounting for ndev stats (bnc#1012382).
- gpio: No NULL owner (bnc#1012382).
- gpio: rcar: Add Runtime PM handling for interrupts (bnc#1012382).
- gpmi-nand: Handle ECC Errors in erased pages (bnc#1012382).
- hfsplus: stop workqueue when fill_super() failed (bnc#1012382).
- hwmon: (nct6775) Fix writing pwmX_mode (bnc#1012382).
- hwmon: (pmbus/adm1275) Accept negative page register values (bnc#1012382).
- hwmon: (pmbus/max8688) Accept negative page register values (bnc#1012382).
- hwrng: stm32 - add reset during probe (bnc#1012382).
- hwtracing: stm: fix build error on some arches (bnc#1012382).
- hypfs_kill_super(): deal with failed allocations (bnc#1012382).
- i2c: mv64xxx: Apply errata delay only in standard mode (bnc#1012382).
- i2c: rcar: check master irqs before slave irqs (bnc#1012382).
- i2c: rcar: do not issue stop when HW does it automatically (bnc#1012382).
- i2c: rcar: init new messages in irq (bnc#1012382).
- i2c: rcar: make sure clocks are on when doing clock calculation (bnc#1012382).
- i2c: rcar: refactor setup of a msg (bnc#1012382).
- i2c: rcar: remove spinlock (bnc#1012382).
- i2c: rcar: remove unused IOERROR state (bnc#1012382).
- i2c: rcar: revoke START request early (bnc#1012382).
- i2c: rcar: rework hw init (bnc#1012382).
- ibmvnic: Check CRQ command return codes (bsc#1094840).
- ibmvnic: Clean actual number of RX or TX pools (bsc#1092289).
- ibmvnic: Create separate initialization routine for resets (bsc#1094840).
- ibmvnic: Fix non-fatal firmware error reset (bsc#1093990).
- ibmvnic: Fix partial success login retries (bsc#1094840).
- ibmvnic: Fix statistics buffers memory leak (bsc#1093990).
- ibmvnic: Free coherent DMA memory if FW map failed (bsc#1093990).
- ibmvnic: Handle error case when setting link state (bsc#1094840).
- ibmvnic: Introduce active CRQ state (bsc#1094840).
- ibmvnic: Introduce hard reset recovery (bsc#1094840).
- ibmvnic: Mark NAPI flag as disabled when released (bsc#1094840).
- ibmvnic: Only do H_EOI for mobility events (bsc#1094356).
- ibmvnic: Return error code if init interrupted by transport event (bsc#1094840).
- ibmvnic: Set resetting state at earliest possible point (bsc#1094840).
- iio:kfifo_buf: check for uint overflow (bnc#1012382).
- ima: Fallback to the builtin hash algorithm (bnc#1012382).
- ima: Fix Kconfig to select TPM 2.0 CRB interface (bnc#1012382).
- init: fix false positives in W+X checking (bsc#1096982).
- iommu/vt-d: Fix a potential memory leak (bnc#1012382).
- ip6mr: only set ip6mr_table from setsockopt when ip6mr_new_table succeeds (bnc#1012382).
- ipc/shm: fix shmat() nil address after round-down when remapping (bnc#1012382).
- ipc/shm: fix use-after-free of shm file via remap_file_pages() (bnc#1012382).
- ipmi/powernv: Fix error return code in ipmi_powernv_probe() (bnc#1012382).
- ipmi: create hardware-independent softdep for ipmi_devintf (bsc#1009062, bsc#1060799).
- ipmi_ssif: Fix kernel panic at msg_done_handler (bnc#1012382 bsc#1088871).
- ipv4: fix memory leaks in udp_sendmsg, ping_v4_sendmsg (bnc#1012382).
- ipv4: lock mtu in fnhe when received PMTU lower than net.ipv4.route.min_pmtu (bnc#1012382).
- ipv4: remove warning in ip_recv_error (bnc#1012382).
- ipv6: add RTA_TABLE and RTA_PREFSRC to rtm_ipv6_policy (bnc#1012382).
- ipv6: add mtu lock check in __ip6_rt_update_pmtu (bsc#1092552).
- ipv6: omit traffic class when calculating flow hash (bsc#1095042).
- ipvs: fix rtnl_lock lockups caused by start_sync_thread (bnc#1012382).
- irda: fix overly long udelay() (bnc#1012382).
- irqchip/gic-v3: Change pr_debug message to pr_devel (bnc#1012382).
- isdn: eicon: fix a missing-check bug (bnc#1012382).
- jbd2: fix use after free in kjournald2() (bnc#1012382).
- jbd2: if the journal is aborted then do not allow update of the log tail (bnc#1012382).
- jffs2: Fix use-after-free bug in jffs2_iget()'s error handling path (bnc#1012382 git-fixes).
- jffs2_kill_sb(): deal with failed allocations (bnc#1012382).
- kABI: work around BPF SSBD removal (bsc#1087082).
- kabi: vfs: Restore dentry_operations->d_manage (bsc#1086716).
- kasan: fix memory hotplug during boot (bnc#1012382).
- kconfig: Avoid format overflow warning from GCC 8.1 (bnc#1012382).
- kconfig: Do not leak main menus during parsing (bnc#1012382).
- kconfig: Fix automatic menu creation mem leak (bnc#1012382).
- kconfig: Fix expr_free() E_NOT leak (bnc#1012382).
- kdb: make 'mdr' command repeat (bnc#1012382).
- kernel/relay.c: limit kmalloc size to KMALLOC_MAX_SIZE (bnc#1012382).
- kernel/sys.c: fix potential Spectre v1 issue (bnc#1012382).
- kernel: Fix memory leak on EP11 target list processing (bnc#1096751, ).
- kexec_file: do not add extra alignment to efi memmap (bsc#1044596).
- kgraft/bnx2fc: Do not block kGraft in bnx2fc_l2_rcv kthread (bsc#1094033).
- kobject: do not use WARN for registration failures (bnc#1012382).
- kvm: Fix nopvspin static branch init usage (bsc#1056427).
- kvm: Introduce nopvspin kernel parameter (bsc#1056427).
- kvm: x86: fix KVM_XEN_HVM_CONFIG ioctl (bnc#1012382).
- kvm: x86: use correct privilege level for sgdt/sidt/fxsave/fxrstor access (bnc#1012382).
- l2tp: check sockaddr length in pppol2tp_connect() (bnc#1012382).
- l2tp: revert 'l2tp: fix missing print session offset info' (bnc#1012382).
- lan78xx: Correctly indicate invalid OTP (bnc#1012382).
- libata: Apply NOLPM quirk for SanDisk SD7UB3Q*G1001 SSDs (bnc#1012382).
- libata: Blacklist some Sandisk SSDs for NCQ (bnc#1012382).
- libata: blacklist Micron 500IT SSD with MU01 firmware (bnc#1012382).
- libceph, ceph: change permission for readonly debugfs entries (bsc#1089115).
- libceph: fix misjudgement of maximum monitor number (bsc#1089115).
- libceph: reschedule a tick in finish_hunting() (bsc#1089115).
- libceph: un-backoff on tick when we have a authenticated session (bsc#1089115).
- libceph: validate con->state at the top of try_write() (bsc#1089115).
- libnvdimm, dax: fix 1GB-aligned namespaces vs physical misalignment
- libnvdimm, namespace: use a safe lookup for dimm device name
- libnvdimm, pfn: fix start_pad handling for aligned namespaces
- livepatch: Allow to call a custom callback when freeing shadow variables (bsc#1082299).
- livepatch: Initialize shadow variables safely by a custom callback (bsc#1082299).
- llc: better deal with too small mtu (bnc#1012382).
- llc: delete timers synchronously in llc_sk_free() (bnc#1012382).
- llc: fix NULL pointer deref for SOCK_ZAPPED (bnc#1012382).
- llc: hold llc_sap before release_sock() (bnc#1012382).
- llc: properly handle dev_queue_xmit() return value (bnc#1012382).
- lockd: lost rollback of set_grace_period() in lockd_down_net() (bnc#1012382 git-fixes).
- locking/qspinlock: Ensure node->count is updated before initialising node (bnc#1012382).
- locking/xchg/alpha: Add unconditional memory barrier to cmpxchg() (bnc#1012382).
- locking/xchg/alpha: Fix xchg() and cmpxchg() memory ordering bugs (bnc#1012382).
- loop: handle short DIO reads (bsc#1094177).
- m68k: set dma and coherent masks for platform FEC ethernets (bnc#1012382).
- mac80211: Add RX flag to indicate ICV stripped (bnc#1012382).
- mac80211: allow not sending MIC up from driver for HW crypto (bnc#1012382).
- mac80211: allow same PN for AMSDU sub-frames (bnc#1012382).
- mac80211: round IEEE80211_TX_STATUS_HEADROOM up to multiple of 4 (bnc#1012382).
- md raid10: fix NULL deference in handle_write_completed() (bnc#1012382 bsc#1056415).
- md/raid1: fix NULL pointer dereference (bnc#1012382).
- md: document lifetime of internal rdev pointer (bsc#1056415).
- md: fix two problems with setting the 're-add' device state (bsc#1089023).
- md: only allow remove_and_add_spares when no sync_thread running (bsc#1056415).
- md: raid5: avoid string overflow warning (bnc#1012382).
- media: cx23885: Override 888 ImpactVCBe crystal frequency (bnc#1012382).
- media: cx23885: Set subdev host data to clk_freq pointer (bnc#1012382).
- media: cx25821: prevent out-of-bounds read on array card (bnc#1012382 bsc#1031717).
- media: dmxdev: fix error code for invalid ioctls (bnc#1012382).
- media: em28xx: USB bulk packet size fix (bnc#1012382).
- media: s3c-camif: fix out-of-bounds array access (bnc#1012382 bsc#1031717).
- media: v4l2-compat-ioctl32: do not oops on overlay (bnc#1012382).
- mm, page_alloc: do not break __GFP_THISNODE by zonelist reset (bsc#1079152, VM Functionality).
- mm, slab: reschedule cache_reap() on the same CPU (bnc#1012382).
- mm/filemap.c: fix NULL pointer in page_cache_tree_insert() (bnc#1012382).
- mm/kmemleak.c: wait for scan completion before disabling free (bnc#1012382).
- mm/ksm: fix interaction with THP (bnc#1012382).
- mm/mempolicy.c: avoid use uninitialized preferred_node (bnc#1012382).
- mm/mempolicy: add nodes_empty check in SYSC_migrate_pages (bnc#1012382).
- mm/mempolicy: fix the check of nodemask from user (bnc#1012382).
- mm: do not allow deferred pages with NEED_PER_CPU_KM (bnc#1012382).
- mm: filemap: avoid unnecessary calls to lock_page when waiting for IO to complete during a read (-- VM bnc#1012382 bnc#971975 generic performance read).
- mm: filemap: remove redundant code in do_read_cache_page (-- VM bnc#1012382 bnc#971975 generic performance read).
- mm: fix races between address_space dereference and free in page_evicatable (bnc#1012382).
- mm: fix the NULL mapping case in __isolate_lru_page() (bnc#1012382).
- mm: pin address_space before dereferencing it while isolating an LRU page (bnc#1012382 bnc#1081500).
- mmap: introduce sane default mmap limits (bnc#1012382).
- mmap: relax file size limit for regular files (bnc#1012382).
- mmc: jz4740: Fix race condition in IRQ mask update (bnc#1012382).
- mmc: sdhci-iproc: fix 32bit writes for TRANSFER_MODE register (bnc#1012382).
- mtd: cfi: cmdset_0001: Do not allow read/write to suspend erase block (bnc#1012382).
- mtd: cfi: cmdset_0001: Workaround Micron Erase suspend bug (bnc#1012382).
- mtd: cfi: cmdset_0002: Do not allow read/write to suspend erase block (bnc#1012382).
- net-usb: add qmi_wwan if on lte modem wistron neweb d18q1 (bnc#1012382).
- net/mlx4: Fix irq-unsafe spinlock usage (bnc#1012382).
- net/mlx4_en: Verify coalescing parameters are in range (bnc#1012382).
- net/mlx5: Protect from command bit overflow (bnc#1012382).
- net/packet: refine check for priv area size (bnc#1012382).
- net/tcp/illinois: replace broken algorithm reference link (bnc#1012382).
- net/usb/qmi_wwan.c: Add USB id for lt4120 modem (bnc#1012382).
- net: Fix untag for vlan packets without ethernet header (bnc#1012382).
- net: Fix vlan untag for bridge and vlan_dev with reorder_hdr off (bnc#1012382).
- net: af_packet: fix race in PACKET_{R|T}X_RING (bnc#1012382).
- net: atm: Fix potential Spectre v1 (bnc#1012382).
- net: bgmac: Fix endian access in bgmac_dma_tx_ring_free() (bnc#1012382).
- net: ethernet: sun: niu set correct packet size in skb (bnc#1012382).
- net: fix deadlock while clearing neighbor proxy table (bnc#1012382).
- net: fix rtnh_ok() (bnc#1012382).
- net: fix uninit-value in __hw_addr_add_ex() (bnc#1012382).
- net: initialize skb->peeked when cloning (bnc#1012382).
- net: metrics: add proper netlink validation (bnc#1012382).
- net: mvneta: fix enable of all initialized RXQs (bnc#1012382).
- net: phy: broadcom: Fix bcm_write_exp() (bnc#1012382).
- net: qmi_wwan: add BroadMobi BM806U 2020:2033 (bnc#1012382).
- net: support compat 64-bit time in {s,g}etsockopt (bnc#1012382).
- net: test tailroom before appending to linear skb (bnc#1012382).
- net: usb: cdc_mbim: add flag FLAG_SEND_ZLP (bnc#1012382).
- net: validate attribute sizes in neigh_dump_table() (bnc#1012382).
- net_sched: fq: take care of throttled flows before reuse (bnc#1012382).
- netdev-FAQ: clarify DaveM's position for stable backports (bnc#1012382).
- netfilter: ebtables: convert BUG_ONs to WARN_ONs (bnc#1012382).
- netlabel: If PF_INET6, check sk_buff ip header version (bnc#1012382).
- netlink: fix uninit-value in netlink_sendmsg (bnc#1012382).
- nfit, address-range-scrub: fix scrub in-progress reporting
- nfit: fix region registration vs block-data-window ranges
- nfs: Do not convert nfs_idmap_cache_timeout to jiffies (bnc#1012382 git-fixes).
- ntb_transport: Fix bug with max_mw_size parameter (bnc#1012382).
- nvme-pci: Fix EEH failure on ppc (bsc#1093533).
- nvme-pci: Fix nvme queue cleanup if IRQ setup fails (bnc#1012382).
- nvme: target: fix buffer overflow (bsc#993388).
- ocfs2/acl: use 'ip_xattr_sem' to protect getting extended attribute (bnc#1012382).
- ocfs2/dlm: Fix up kABI in dlm_ctxt (bsc#1070404).
- ocfs2/dlm: do not handle migrate lockres if already in shutdown (bnc#1012382).
- ocfs2/dlm: wait for dlm recovery done when migrating all lock resources (bsc#1070404).
- ocfs2: return -EROFS to mount.ocfs2 if inode block is invalid (bnc#1012382).
- ocfs2: return error when we attempt to access a dirty bh in jbd2 (bnc#1012382 bsc#1070404).
- openvswitch: Do not swap table in nlattr_set() after OVS_ATTR_NESTED is found (bnc#1012382).
- packet: fix bitfield update race (bnc#1012382).
- packet: fix reserve calculation (bnc#1012382 git-fixes).
- packet: fix reserve calculation (git-fixes).
- packet: in packet_snd start writing at link layer allocation (bnc#1012382).
- parisc/pci: Switch LBA PCI bus from Hard Fail to Soft Fail mode (bnc#1012382).
- parisc: Fix out of array access in match_pci_device() (bnc#1012382).
- percpu: include linux/sched.h for cond_resched() (bnc#1012382).
- perf callchain: Fix attr.sample_max_stack setting (bnc#1012382).
- perf intel-pt: Fix error recovery from missing TIP packet (bnc#1012382).
- perf intel-pt: Fix overlap detection to identify consecutive buffers correctly (bnc#1012382).
- perf intel-pt: Fix sync_switch (bnc#1012382).
- perf intel-pt: Fix timestamp following overflow (bnc#1012382).
- perf report: Fix memory corruption in --branch-history mode --branch-history (bnc#1012382).
- perf tests: Use arch__compare_symbol_names to compare symbols (bnc#1012382).
- perf/cgroup: Fix child event counting bug (bnc#1012382).
- perf/core: Fix perf_output_read_group() (bnc#1012382).
- perf/core: Fix possible Spectre-v1 indexing for ->aux_pages[] (bnc#1012382).
- perf/core: Fix the perf_cpu_time_max_percent check (bnc#1012382).
- perf/x86/cstate: Fix possible Spectre-v1 indexing for pkg_msr (bnc#1012382).
- perf/x86/msr: Fix possible Spectre-v1 indexing in the MSR driver (bnc#1012382).
- perf/x86: Fix possible Spectre-v1 indexing for hw_perf_event cache_* (bnc#1012382).
- perf/x86: Fix possible Spectre-v1 indexing for x86_pmu::event_map() (bnc#1012382).
- perf: Remove superfluous allocation error check (bnc#1012382).
- perf: Return proper values for user stack errors (bnc#1012382).
- pipe: cap initial pipe capacity according to pipe-max-size limit (bnc#1012382 bsc#1045330).
- platform/x86: ideapad-laptop: Add MIIX 720-12IKB to no_hw_rfkill (bsc#1093035).
- powerpc/64: Fix smp_wmb barrier definition use use lwsync consistently (bnc#1012382).
- powerpc/64: Use barrier_nospec in syscall entry (bsc#1068032, bsc#1080157).
- powerpc/64s: Add barrier_nospec (bsc#1068032, bsc#1080157).
- powerpc/64s: Add support for ori barrier_nospec patching (bsc#1068032, bsc#1080157).
- powerpc/64s: Clear PCR on boot (bnc#1012382).
- powerpc/64s: Enable barrier_nospec based on firmware settings (bsc#1068032, bsc#1080157).
- powerpc/64s: Enhance the information in cpu_show_meltdown() (bsc#1068032, bsc#1075087, bsc#1091041).
- powerpc/64s: Enhance the information in cpu_show_spectre_v1() (bsc#1068032).
- powerpc/64s: Fix section mismatch warnings from setup_rfi_flush() (bsc#1068032, bsc#1075087, bsc#1091041).
- powerpc/64s: Move cpu_show_meltdown() (bsc#1068032, bsc#1075087, bsc#1091041).
- powerpc/64s: Patch barrier_nospec in modules (bsc#1068032, bsc#1080157).
- powerpc/64s: Wire up cpu_show_spectre_v1() (bsc#1068032, bsc#1075087, bsc#1091041).
- powerpc/64s: Wire up cpu_show_spectre_v2() (bsc#1068032, bsc#1075087, bsc#1091041).
- powerpc/bpf/jit: Fix 32-bit JIT for seccomp_data access (bnc#1012382).
- powerpc/eeh: Fix enabling bridge MMIO windows (bnc#1012382).
- powerpc/fadump: Do not use hugepages when fadump is active (bsc#1092772).
- powerpc/fadump: exclude memory holes while reserving memory in second kernel (bsc#1092772).
- powerpc/lib: Fix off-by-one in alternate feature patching (bnc#1012382).
- powerpc/livepatch: Fix livepatch stack access (bsc#1094466).
- powerpc/mm: Allow memory hotplug into an offline node (bsc#1090663).
- powerpc/mm: allow memory hotplug into a memoryless node (bsc#1090663).
- powerpc/modules: Do not try to restore r2 after a sibling call (bsc#1094466).
- powerpc/mpic: Check if cpu_possible() in mpic_physmask() (bnc#1012382).
- powerpc/numa: Ensure nodes initialized for hotplug (bnc#1012382 bsc#1081514).
- powerpc/numa: Use ibm,max-associativity-domains to discover possible nodes (bnc#1012382 bsc#1081514).
- powerpc/perf: Fix kernel address leak via sampling registers (bnc#1012382).
- powerpc/perf: Prevent kernel address leak to userspace via BHRB buffer (bnc#1012382).
- powerpc/powernv: Fix NVRAM sleep in invalid context when crashing (bnc#1012382).
- powerpc/powernv: Fix OPAL NVRAM driver OPAL_BUSY loops (bnc#1012382).
- powerpc/powernv: Handle unknown OPAL errors in opal_nvram_write() (bnc#1012382).
- powerpc/powernv: Remove OPALv2 firmware define and references (bnc#1012382).
- powerpc/powernv: Set or clear security feature flags (bsc#1068032, bsc#1075087, bsc#1091041).
- powerpc/powernv: Use the security flags in pnv_setup_rfi_flush() (bsc#1068032, bsc#1075087, bsc#1091041).
- powerpc/powernv: define a standard delay for OPAL_BUSY type retry loops (bnc#1012382).
- powerpc/powernv: panic() on OPAL lower than V3 (bnc#1012382).
- powerpc/powernv: remove FW_FEATURE_OPALv3 and just use FW_FEATURE_OPAL (bnc#1012382).
- powerpc/pseries: Add new H_GET_CPU_CHARACTERISTICS flags (bsc#1068032, bsc#1075087, bsc#1091041).
- powerpc/pseries: Fix clearing of security feature flags (bsc#1068032, bsc#1075087, bsc#1091041).
- powerpc/pseries: Restore default security feature flags on setup (bsc#1068032, bsc#1075087, bsc#1091041).
- powerpc/pseries: Set or clear security feature flags (bsc#1068032, bsc#1075087, bsc#1091041).
- powerpc/pseries: Use the security flags in pseries_setup_rfi_flush() (bsc#1068032, bsc#1075087, bsc#1091041).
- powerpc/rfi-flush: Always enable fallback flush on pseries (bsc#1068032, bsc#1075087, bsc#1091041).
- powerpc/rfi-flush: Differentiate enabled and patched flush types (bsc#1068032, bsc#1075087, bsc#1091041).
- powerpc/rfi-flush: Make it possible to call setup_rfi_flush() again (bsc#1068032, bsc#1075087, bsc#1091041).
- powerpc: Add missing prototype for arch_irq_work_raise() (bnc#1012382).
- powerpc: Add security feature flags for Spectre/Meltdown (bsc#1068032, bsc#1075087, bsc#1091041).
- powerpc: Do not preempt_disable() in show_cpuinfo() (bnc#1012382 bsc#1066223).
- powerpc: Move default security feature flags (bsc#1068032, bsc#1075087, bsc#1091041).
- powerpc: Use barrier_nospec in copy_from_user() (bsc#1068032, bsc#1080157).
- powerpc: conditionally compile platform-specific serial drivers (bsc#1066223).
- powerpc: signals: Discard transaction state from signal frames (bsc#1094059).
- pppoe: check sockaddr length in pppoe_connect() (bnc#1012382).
- proc read mm's {arg,env}_{start,end} with mmap semaphore taken (bnc#1012382).
- proc: fix /proc/*/map_files lookup (bnc#1012382).
- proc: meminfo: estimate available memory more conservatively (-- VM bnc#1012382 functionality monitoring space user).
- procfs: fix pthread cross-thread naming if !PR_DUMPABLE (bnc#1012382).
- qed: Fix LL2 race during connection terminate (bsc#1019695 bsc#1019699 bsc#1022604).
- qed: Fix mask for physical address in ILT entry (bnc#1012382).
- qed: Fix possibility of list corruption during rmmod flows (bsc#1019695 bsc#1019699 bsc#1022604).
- qed: LL2 flush isles when connection is closed (bsc#1019695 bsc#1019699 bsc#1022604).
- qede: Fix ref-cnt usage count (bsc#1019695 bsc#1019699 bsc#1022604).
- qla2xxx: Mask off Scope bits in retry delay (bsc#1068054).
- qmi_wwan: do not steal interfaces from class drivers (bnc#1012382).
- r8152: add Linksys USB3GIGV1 id (bnc#1012382).
- r8152: fix tx packets accounting (bnc#1012382).
- r8169: fix powering up RTL8168h (bnc#1012382).
- radeon: hide pointless #warning when compile testing (bnc#1012382).
- random: use a tighter cap in credit_entropy_bits_safe() (bnc#1012382).
- regulator: gpio: Fix some error handling paths in 'gpio_regulator_probe()' (bsc#1091960).
- regulator: of: Add a missing 'of_node_put()' in an error handling path of 'of_regulator_match()' (bnc#1012382).
- regulatory: add NUL to request alpha2 (bnc#1012382).
- resource: fix integer overflow at reallocation (bnc#1012382).
- rfkill: gpio: fix memory leak in probe error path (bnc#1012382).
- rpc_pipefs: fix double-dput() (bnc#1012382).
- rpm/config.sh: build against SP3 in OBS as well.
- rtc: hctosys: Ensure system time does not overflow time_t (bnc#1012382).
- rtc: snvs: Fix usage of snvs_rtc_enable (bnc#1012382).
- rtc: tx4939: avoid unintended sign extension on a 24 bit shift (bnc#1012382).
- rtl8187: Fix NULL pointer dereference in priv->conf_mutex (bnc#1012382).
- rtlwifi: rtl8192cu: Remove variable self-assignment in rf.c (bnc#1012382).
- rtnetlink: validate attributes in do_setlink() (bnc#1012382).
- s390/alternative: use a copy of the facility bit mask (bnc#1012382).
- s390/cio: clear timer when terminating driver I/O (bnc#1012382).
- s390/cio: fix return code after missing interrupt (bnc#1012382).
- s390/cio: update chpid descriptor after resource accessibility event (bnc#1012382).
- s390/cpum_sf: ensure sample frequency of perf event attributes is non-zero ( bnc#1012382 bnc#1094532).
- s390/cpum_sf: ensure sample frequency of perf event attributes is non-zero (bnc#1094532, ).
- s390/dasd: fix IO error for newly defined devices (bnc#1093144, ).
- s390/entry.S: fix spurious zeroing of r0 (bnc#1012382).
- s390/ftrace: use expoline for indirect branches (bnc#1012382).
- s390/ipl: ensure loadparm valid flag is set (bnc#1012382).
- s390/kernel: use expoline for indirect branches (bnc#1012382).
- s390/lib: use expoline for indirect branches (bnc#1012382).
- s390/qdio: do not merge ERROR output buffers (bnc#1012382).
- s390/qdio: do not release memory in qdio_setup_irq() (bnc#1012382).
- s390/qdio: do not retry EQBS after CCQ 96 (bnc#1012382).
- s390/qdio: fix access to uninitialized qdio_q fields ( bnc#1012382 bnc#1094532).
- s390/qdio: fix access to uninitialized qdio_q fields (bnc#1094532, ).
- s390/qeth: consolidate errno translation (bnc#1093144, ).
- s390/qeth: fix MAC address update sequence (bnc#1093144, ).
- s390/qeth: translate SETVLAN/DELVLAN errors (bnc#1093144, ).
- s390/uprobes: implement arch_uretprobe_is_alive() (bnc#1012382).
- s390: Replace IS_ENABLED(EXPOLINE_*) with IS_ENABLED(CONFIG_EXPOLINE_*) (bnc#1012382).
- s390: add assembler macros for CPU alternatives (bnc#1012382).
- s390: add automatic detection of the spectre defense (bnc#1012382).
- s390: add optimized array_index_mask_nospec (bnc#1012382).
- s390: add options to change branch prediction behaviour for the kernel (bnc#1012382 bsc#1068032).
- s390: add sysfs attributes for spectre (bnc#1012382).
- s390: correct module section names for expoline code revert (bnc#1012382).
- s390: correct nospec auto detection init order (bnc#1012382).
- s390: do not bypass BPENTER for interrupt system calls (bnc#1012382).
- s390: enable CPU alternatives unconditionally (bnc#1012382).
- s390: extend expoline to BC instructions (bnc#1012382).
- s390: introduce execute-trampolines for branches (bnc#1012382).
- s390: move expoline assembler macros to a header (bnc#1012382).
- s390: move nobp parameter functions to nospec-branch.c (bnc#1012382).
- s390: move spectre sysfs attribute code (bnc#1012382).
- s390: remove indirect branch from do_softirq_own_stack (bnc#1012382).
- s390: report spectre mitigation via syslog (bnc#1012382).
- s390: run user space and KVM guests with modified branch prediction (bnc#1012382).
- s390: scrub registers on kernel entry and KVM exit (bnc#1012382).
- s390: use expoline thunks in the BPF JIT (bnc#1012382).
- sched/rt: Fix rq->clock_update_flags lower than RQCF_ACT_SKIP warning (bnc#1012382).
- scsi: aacraid: Correct hba_send to include iu_type (bsc#1022607).
- scsi: aacraid: Insure command thread is not recursively stopped (bnc#1012382).
- scsi: aacraid: fix shutdown crash when init fails (bnc#1012382).
- scsi: bnx2fc: Fix check in SCSI completion handler for timed out request (bnc#1012382).
- scsi: fas216: fix sense buffer initialization (bnc#1012382 bsc#1082979).
- scsi: libsas: defer ata device eh commands to libata (bnc#1012382).
- scsi: lpfc: Fix frequency of Release WQE CQEs (bnc#1012382).
- scsi: lpfc: Fix issue_lip if link is disabled (bnc#1012382 bsc#1080656).
- scsi: lpfc: Fix soft lockup in lpfc worker thread during LIP testing (bnc#1012382 bsc#1080656).
- scsi: mpt3sas: Do not mark fw_event workqueue as WQ_MEM_RECLAIM (bnc#1012382 bsc#1078583).
- scsi: mptfusion: Add bounds check in mptctl_hp_targetinfo() (bnc#1012382).
- scsi: mptsas: Disable WRITE SAME (bnc#1012382).
- scsi: qla2xxx: Avoid triggering undefined behavior in qla2x00_mbx_completion() (bnc#1012382).
- scsi: qla4xxx: skip error recovery in case of register disconnect (bnc#1012382).
- scsi: scsi_transport_srp: Fix shost to rport translation (bnc#1012382).
- scsi: sd: Defer spinning up drive while SANITIZE is in progress (bnc#1012382).
- scsi: sd: Keep disk read-only when re-reading partition (bnc#1012382).
- scsi: sg: allocate with __GFP_ZERO in sg_build_indirect() (bnc#1012382).
- scsi: storvsc: Increase cmd_per_lun for higher speed devices (bnc#1012382).
- scsi: sym53c8xx_2: iterator underflow in sym_getsync() (bnc#1012382).
- scsi: ufs: Enable quirk to ignore sending WRITE_SAME command (bnc#1012382).
- scsi: zfcp: fix infinite iteration on ERP ready list ( bnc#1012382 bnc#1094532).
- scsi: zfcp: fix infinite iteration on ERP ready list (bnc#1094532, ).
- sctp: delay the authentication for the duplicated cookie-echo chunk (bnc#1012382).
- sctp: do not check port in sctp_inet6_cmp_addr (bnc#1012382).
- sctp: fix the issue that the cookie-ack with auth can't get processed (bnc#1012382).
- sctp: handle two v4 addrs comparison in sctp_inet6_cmp_addr (bnc#1012382).
- sctp: use the old asoc when making the cookie-ack chunk in dupcook_d (bnc#1012382).
- selftests/net: fixes psock_fanout eBPF test case (bnc#1012382).
- selftests/powerpc: Skip the subpage_prot tests if the syscall is unavailable (bnc#1012382).
- selftests: Print the test we're running to /dev/kmsg (bnc#1012382).
- selftests: ftrace: Add a testcase for probepoint (bnc#1012382).
- selftests: ftrace: Add a testcase for string type with kprobe_event (bnc#1012382).
- selftests: ftrace: Add probe event argument syntax testcase (bnc#1012382).
- selftests: memfd: add config fragment for fuse (bnc#1012382).
- selinux: KASAN: slab-out-of-bounds in xattr_getsecurity (bnc#1012382).
- serial: arc_uart: Fix out-of-bounds access through DT alias (bnc#1012382).
- serial: fsl_lpuart: Fix out-of-bounds access through DT alias (bnc#1012382).
- serial: imx: Fix out-of-bounds access through serial port index (bnc#1012382).
- serial: mctrl_gpio: Add missing module license (bnc#1012382).
- serial: mctrl_gpio: export mctrl_gpio_disable_ms and mctrl_gpio_init (bnc#1012382).
- serial: mxs-auart: Fix out-of-bounds access through serial port index (bnc#1012382).
- serial: samsung: Fix out-of-bounds access through serial port index (bnc#1012382).
- serial: samsung: fix maxburst parameter for DMA transactions (bnc#1012382).
- serial: xuartps: Fix out-of-bounds access through DT alias (bnc#1012382).
- sh: New gcc support (bnc#1012382).
- sh: fix debug trap failure to process signals before return to user (bnc#1012382).
- signals: avoid unnecessary taking of sighand->siglock (-- Scheduler bnc#1012382 bnc#978907 performance signals).
- sit: fix IFLA_MTU ignored on NEWLINK (bnc#1012382).
- slip: Check if rstate is initialized before uncompressing (bnc#1012382).
- smsc75xx: fix smsc75xx_set_features() (bnc#1012382).
- sock_diag: fix use-after-free read in __sk_free (bnc#1012382).
- soreuseport: initialise timewait reuseport field (bnc#1012382).
- sparc64: Fix build warnings with gcc 7 (bnc#1012382).
- sparc64: Make atomic_xchg() an inline function rather than a macro (bnc#1012382).
- spi: pxa2xx: Allow 64-bit DMA (bnc#1012382).
- sr: get/drop reference to device in revalidate and check_events (bnc#1012382).
- staging: ion : Donnot wakeup kswapd in ion system alloc (bnc#1012382).
- staging: rtl8192u: return -ENOMEM on failed allocation of priv->oldaddr (bnc#1012382).
- stm class: Use vmalloc for the master map (bnc#1012382).
- stop_machine, sched: Fix migrate_swap() vs. active_balance() deadlock (bsc#1088810).
- sunvnet: does not support GSO for sctp (bnc#1012382).
- swap: divide-by-zero when zero length swap file on ssd (bnc#1012382 bsc#1082153).
- swap: divide-by-zero when zero length swap file on ssd (bsc#1082153).
- target: transport should handle st FM/EOM/ILI reads (bsc#1081599).
- tcp: avoid integer overflows in tcp_rcv_space_adjust() (bnc#1012382).
- tcp: do not read out-of-bounds opsize (bnc#1012382).
- tcp: fix TCP_REPAIR_QUEUE bound checking (bnc#1012382).
- tcp: ignore Fast Open on repair mode (bnc#1012382).
- tcp: md5: reject TCP_MD5SIG or TCP_MD5SIG_EXT on established sockets (bnc#1012382).
- tcp: purge write queue in tcp_connect_init() (bnc#1012382).
- team: avoid adding twice the same option to the event list (bnc#1012382).
- team: fix netconsole setup over team (bnc#1012382).
- team: use netdev_features_t instead of u32 (bnc#1012382).
- test_bpf: Fix testing with CONFIG_BPF_JIT_ALWAYS_ON=y on other arches (git-fixes).
- test_firmware: fix setting old custom fw path back on exit, second try (bnc#1012382).
- tg3: Fix vunmap() BUG_ON() triggered from tg3_free_consistent() (bnc#1012382).
- there is probably a place where forcing _IBRS_OFF is missed (or is too late) and therefore ENABLE_IBRS is sometimes called early during boot while it should not. Let's drop the uoptimization for now. Fixes bsc#1098009 and bsc#1098012
- thermal: imx: Fix race condition in imx_thermal_probe() (bnc#1012382).
- thunderbolt: Resume control channel after hibernation image is created (bnc#1012382).
- tick/broadcast: Use for_each_cpu() specially on UP kernels (bnc#1012382).
- time: Fix CLOCK_MONOTONIC_RAW sub-nanosecond accounting (bnc#1012382).
- tipc: add policy for TIPC_NLA_NET_ADDR (bnc#1012382).
- tools lib traceevent: Fix get_field_str() for dynamic strings (bnc#1012382).
- tools lib traceevent: Simplify pointer print logic and fix %pF (bnc#1012382).
- tools/libbpf: handle issues with bpf ELF objects containing .eh_frames (bnc#1012382).
- tools/thermal: tmon: fix for segfault (bnc#1012382).
- tpm: do not suspend/resume if power stays on (bnc#1012382).
- tpm: self test failure should not cause suspend to fail (bnc#1012382).
- tracepoint: Do not warn on ENOMEM (bnc#1012382).
- tracing/hrtimer: Fix tracing bugs by taking all clock bases and modes into account (bnc#1012382).
- tracing/uprobe_event: Fix strncpy corner case (bnc#1012382).
- tracing/x86/xen: Remove zero data size trace events trace_xen_mmu_flush_tlb{_all} (bnc#1012382).
- tracing: Fix crash when freeing instances with event triggers (bnc#1012382).
- tracing: Fix regex_match_front() to not over compare the test string (bnc#1012382).
- tty: Do not call panic() at tty_ldisc_init() (bnc#1012382).
- tty: Use __GFP_NOFAIL for tty_ldisc_get() (bnc#1012382).
- tty: make n_tty_read() always abort if hangup is in progress (bnc#1012382).
- tty: n_gsm: Fix DLCI handling for ADM mode if debug and 2 is not set (bnc#1012382).
- tty: n_gsm: Fix long delays with control frame timeouts in ADM mode (bnc#1012382).
- ubi: Fix error for write access (bnc#1012382).
- ubi: Reject MLC NAND (bnc#1012382).
- ubi: fastmap: Do not flush fastmap work on detach (bnc#1012382).
- ubifs: Check ubifs_wbuf_sync() return code (bnc#1012382).
- udf: Provide saner default for invalid uid / gid (bnc#1012382).
- um: Use POSIX ucontext_t instead of struct ucontext (bnc#1012382).
- usb: core: Add quirk for HP v222w 16GB Mini (bnc#1012382).
- usb: dwc2: Fix dwc2_hsotg_core_init_disconnected() (bnc#1012382).
- usb: dwc2: Fix interval type issue (bnc#1012382).
- usb: dwc3: Update DWC_usb31 GTXFIFOSIZ reg fields (bnc#1012382).
- usb: dwc3: pci: Properly cleanup resource (bnc#1012382).
- usb: gadget: composite: fix incorrect handling of OS desc requests (bnc#1012382).
- usb: gadget: f_uac2: fix bFirstInterface in composite gadget (bnc#1012382).
- usb: gadget: ffs: Execute copy_to_user() with USER_DS set (bnc#1012382).
- usb: gadget: ffs: Let setup() return USB_GADGET_DELAYED_STATUS (bnc#1012382).
- usb: gadget: fsl_udc_core: fix ep valid checks (bnc#1012382).
- usb: gadget: udc: change comparison to bitshift when dealing with a mask (bnc#1012382).
- usb: musb: call pm_runtime_{get,put}_sync before reading vbus registers (bnc#1012382).
- usb: musb: fix enumeration after resume (bnc#1012382).
- usb: musb: gadget: misplaced out of bounds check (bnc#1012382).
- usb: musb: host: fix potential NULL pointer dereference (bnc#1012382).
- usbip: usbip_host: delete device from busid_table after rebind (bnc#1012382).
- usbip: usbip_host: fix NULL-ptr deref and use-after-free errors (bnc#1012382).
- usbip: usbip_host: fix bad unlock balance during stub_probe() (bnc#1012382).
- usbip: usbip_host: fix to hold parent lock for device_attach() calls (bnc#1012382).
- usbip: usbip_host: refine probe and disconnect debug msgs to be useful (bnc#1012382).
- usbip: usbip_host: run rebind from exit when module is removed (bnc#1012382).
- usbip: vhci_hcd: Fix usb device and sockfd leaks (bnc#1012382).
- vfio-pci: Virtualize PCIe and AF FLR (bnc#1012382).
- vfio/pci: Virtualize Maximum Payload Size (bnc#1012382).
- vfio/pci: Virtualize Maximum Read Request Size (bnc#1012382).
- vfs: add path_has_submounts() (bsc#1086716).
- vfs: add path_is_mountpoint() helper (bsc#1086716).
- vfs: change d_manage() to take a struct path (bsc#1086716).
- virtio-gpu: fix ioctl and expose the fixed status to userspace (bnc#1012382).
- virtio-net: Fix operstate for virtio when no VIRTIO_NET_F_STATUS (bnc#1012382).
- virtio: add ability to iterate over vqs (bnc#1012382).
- virtio_console: free buffers after reset (bnc#1012382).
- vlan: Fix reading memory beyond skb->tail in skb_vlan_tagged_multi (bnc#1012382).
- vmscan: do not force-scan file lru if its absolute size is small (-- VM bnc#1012382 page performance reclaim).
- vmw_balloon: fixing double free when batching mode is off (bnc#1012382).
- vti4: Do not count header length twice on tunnel setup (bnc#1012382).
- vti4: Do not override MTU passed on link creation via IFLA_MTU (bnc#1012382).
- watchdog: f71808e_wdt: Fix WD_EN register read (bnc#1012382).
- watchdog: f71808e_wdt: Fix magic close handling (bnc#1012382).
- watchdog: hpwdt: Modify to use watchdog core (bsc#1085185).
- watchdog: hpwdt: Update Module info and copyright (bsc#1085185).
- watchdog: hpwdt: Update nmi_panic message (bsc#1085185).
- watchdog: hpwdt: condition early return of NMI handler on iLO5 (bsc#1085185).
- watchdog: sp5100_tco: Fix watchdog disable bit (bnc#1012382).
- workqueue: use put_device() instead of kfree() (bnc#1012382).
- writeback: safer lock nesting (bnc#1012382).
- x86/apic: Set up through-local-APIC mode on the boot CPU if 'noapic' specified (bnc#1012382).
- x86/boot: Fix early command-line parsing when partial word matches (bsc#1096140).
- x86/bugs: IBRS: make runtime disabling fully dynamic (bsc#1068032).
- x86/bugs: Make sure that _TIF_SSBD does not end up in _TIF_ALLWORK_MASK (bsc#1093215).
- x86/bugs: Respect retpoline command line option (bsc#1068032).
- x86/bugs: correctly force-disable IBRS on !SKL systems (bsc#1092497).
- x86/bugs: make intel_rds_mask() honor X86_FEATURE_SSBD (bsc#1094019).
- x86/bugs: spec_ctrl must be cleared from cpu_caps_set when being disabled (bsc#1096140).
- x86/cpufeature: Remove unused and seldomly used cpu_has_xx macros (bnc#1012382).
- x86/crypto, x86/fpu: Remove X86_FEATURE_EAGER_FPU #ifdef from the crc32c code (bnc#1012382).
- x86/devicetree: Fix device IRQ settings in DT (bnc#1012382).
- x86/devicetree: Initialize device tree before using it (bnc#1012382).
- x86/fpu: Disable AVX when eagerfpu is off (bnc#1012382).
- x86/fpu: Hard-disable lazy FPU mode (bnc#1012382).
- x86/fpu: Revert ('x86/fpu: Disable AVX when eagerfpu is off') (bnc#1012382).
- x86/hweight: Do not clobber %rdi (bnc#1012382).
- x86/hweight: Get rid of the special calling convention (bnc#1012382).
- x86/ipc: Fix x32 version of shmid64_ds and msqid64_ds (bnc#1012382).
- x86/kaiser: export symbol kaiser_set_shadow_pgd() (bsc#1092813)
- x86/kexec: Avoid double free_page() upon do_kexec_load() failure (bnc#1012382).
- x86/pgtable: Do not set huge PUD/PMD on non-leaf entries (bnc#1012382).
- x86/pkeys: Do not special case protection key 0 (1041740).
- x86/pkeys: Override pkey when moving away from PROT_EXEC (1041740).
- x86/platform/UV: Add references to access fixed UV4A HUB MMRs (bsc#1076263).
- x86/platform/UV: Fix GAM MMR changes in UV4A (bsc#1076263).
- x86/platform/UV: Fix GAM MMR references in the UV x2apic code (bsc#1076263).
- x86/platform/UV: Fix GAM Range Table entries less than 1GB (bsc#1091325).
- x86/platform/UV: Fix UV4A BAU MMRs (bsc#1076263).
- x86/platform/UV: Fix UV4A support on new Intel Processors (bsc#1076263).
- x86/platform/UV: Fix critical UV MMR address error (bsc#1076263
- x86/platform/UV: Update uv_mmrs.h to prepare for UV4A fixes (bsc#1076263).
- x86/platform/uv/BAU: Replace hard-coded values with MMR definitions (bsc#1076263).
- x86/power: Fix swsusp_arch_resume prototype (bnc#1012382).
- x86/smpboot: Do not use mwait_play_dead() on AMD systems (bnc#1012382).
- x86/topology: Update the 'cpu cores' field in /proc/cpuinfo correctly across CPU hotplug operations (bnc#1012382).
- x86/tsc: Prevent 32bit truncation in calc_hpet_ref() (bnc#1012382).
- x86: Remove unused function cpu_has_ht_siblings() (bnc#1012382).
- xen-netfront: Fix hang on device removal (bnc#1012382).
- xen-netfront: Fix race between device setup and open (bnc#1012382).
- xen-swiotlb: fix the check condition for xen_swiotlb_free_coherent (bnc#1012382).
- xen/acpi: off by one in read_acpi_id() (bnc#1012382).
- xen/grant-table: Use put_page instead of free_page (bnc#1012382).
- xen/netfront: raise max number of slots in xennet_get_responses() (bnc#1076049).
- xen/pirq: fix error path cleanup when binding MSIs (bnc#1012382).
- xen: xenbus: use put_device() instead of kfree() (bnc#1012382).
- xfrm: fix xfrm_do_migrate() with AEAD e.g(AES-GCM) (bnc#1012382).
- xfrm_user: fix return value from xfrm_user_rcv_msg (bnc#1012382).
- xfs: always verify the log tail during recovery (bsc#1036215).
- xfs: convert XFS_AGFL_SIZE to a helper function (bsc#1090955, bsc#1090534).
- xfs: detect agfl count corruption and reset agfl (bnc#1012382 bsc#1090534 bsc#1090955).
- xfs: detect agfl count corruption and reset agfl (bsc#1090955, bsc#1090534).
- xfs: detect and handle invalid iclog size set by mkfs (bsc#1043598).
- xfs: detect and trim torn writes during log recovery (bsc#1036215).
- xfs: do not log/recover swapext extent owner changes for deleted inodes (bsc#1090955).
- xfs: fix endianness error when checking log block crc on big endian platforms (bsc#1094405, bsc#1036215).
- xfs: fix incorrect log_flushed on fsync (bnc#1012382).
- xfs: fix log recovery corruption error due to tail overwrite (bsc#1036215).
- xfs: fix recovery failure when log record header wraps log end (bsc#1036215).
- xfs: handle -EFSCORRUPTED during head/tail verification (bsc#1036215).
- xfs: prevent creating negative-sized file via INSERT_RANGE (bnc#1012382).
- xfs: refactor and open code log record crc check (bsc#1036215).
- xfs: refactor log record start detection into a new helper (bsc#1036215).
- xfs: remove racy hasattr check from attr ops (bnc#1012382 bsc#1035432).
- xfs: return start block of first bad log record during recovery (bsc#1036215).
- xfs: support a crc verification only log record pass (bsc#1036215).
- xhci: Fix USB3 NULL pointer dereference at logical disconnect (git-fixes).
- xhci: Fix use-after-free in xhci_free_virt_device (git-fixes).
- xhci: zero usb device slot_id member when disabling and freeing a xhci slot (bnc#1012382).
- zorro: Set up z->dev.dma_mask for the DMA API (bnc#1012382).
Patchnames
SUSE-SLE-RT-12-SP3-2018-1224
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for the Linux Kernel",
"title": "Title of the patch"
},
{
"category": "description",
"text": "\nThe SUSE Linux Enterprise 12 SP3 RT kernel was updated to 4.4.138 to receive various security and bugfixes.\n\nThe following security bugs were fixed:\n\n- CVE-2018-12233: A memory corruption bug in JFS could have been triggered by\n calling setxattr twice with two different extended attribute names on the same\n file. This vulnerability could be triggered by an unprivileged user with the\n ability to create files and execute programs (bsc#1097234)\n- CVE-2018-3665: Prevent disclosure of FPU registers (including XMM and AVX\n registers) between processes. These registers might contain encryption keys\n when doing SSE accelerated AES enc/decryption (bsc#1087086)\n- CVE-2018-5848: In the function wmi_set_ie(), the length validation code did\n not handle unsigned integer overflow properly. As a result, a large value of\n the \u0027ie_len\u0027 argument could have caused a buffer overflow (bnc#1097356)\n- CVE-2017-18249: The add_free_nid function did not properly track an allocated\n nid, which allowed local users to cause a denial of service (race condition) or\n possibly have unspecified other impact via concurrent threads (bnc#1087036)\n- CVE-2017-18241: Prevent a NULL pointer dereference by using a noflush_merge\n option that triggers a NULL value for a flush_cmd_control data structure\n (bnc#1086400)\n- CVE-2017-17741: The KVM implementation in the Linux kernel allowed attackers\n to obtain potentially sensitive information from kernel memory, aka a\n write_mmio stack-based out-of-bounds read (bnc#1073311)\n- CVE-2018-3639: Systems with microprocessors utilizing speculative execution\n and speculative execution of memory reads the addresses of all prior memory\n writes are known may have allowed unauthorized disclosure of information to an\n attacker with local user access via a side-channel analysis, aka Speculative\n Store Bypass (SSB), Variant 4 (bsc#1087082).\n- CVE-2018-8781: The udl_fb_mmap function had an integer-overflow vulnerability\n allowing local users with access to the udldrmfb driver to obtain full read and\n write permissions on kernel physical pages, resulting in a code execution in\n kernel space (bsc#1090643).\n- CVE-2017-13305: Prevent information disclosure vulnerability in\n encrypted-keys (bsc#1094353)\n- CVE-2018-1093: The ext4_valid_block_bitmap function allowed attackers to\n cause a denial of service (out-of-bounds read and system crash) via a crafted\n ext4 image because balloc.c and ialloc.c do not validate bitmap block numbers\n (bsc#1087095)\n- CVE-2018-1094: The ext4_fill_super function did not always initialize the\n crc32c checksum driver, which allowed attackers to cause a denial of service\n (ext4_xattr_inode_hash NULL pointer dereference and system crash) via a crafted\n ext4 image (bsc#1087007)\n- CVE-2018-1092: The ext4_iget function mishandled the case of a root directory\n with a zero i_links_count, which allowed attackers to cause a denial of service\n (ext4_process_freed_data NULL pointer dereference and OOPS) via a crafted ext4\n image (bsc#1087012)\n- CVE-2018-1130: NULL pointer dereference in dccp_write_xmit() function that\n allowed a local user to cause a denial of service by a number of certain\n crafted system calls (bsc#1092904)\n- CVE-2018-5803: Prevent error in the \u0027_sctp_make_chunk()\u0027 function when\n handling SCTP packets length that could have been exploited to cause a kernel\n crash (bnc#1083900)\n- CVE-2018-1065: The netfilter subsystem mishandled the case of a rule blob\n that contains a jump but lacks a user-defined chain, which allowed local users\n to cause a denial of service (NULL pointer dereference) by leveraging the\n CAP_NET_RAW or CAP_NET_ADMIN capability (bsc#1083650)\n- CVE-2018-7492: Prevent NULL pointer dereference in the net/rds/rdma.c\n __rds_rdma_map() function that allowed local attackers to cause a system panic\n and a denial-of-service, related to RDS_GET_MR and RDS_GET_MR_FOR_DEST\n (bsc#1082962)\n- CVE-2018-1000199: Prevent vulnerability in modify_user_hw_breakpoint() that\n could have caused a crash and possibly memory corruption (bsc#1089895)\n\nThe following non-security bugs were fixed:\n\n- 8139too: Use disable_irq_nosync() in rtl8139_poll_controller() (bnc#1012382).\n- ACPI / hotplug / PCI: Check presence of slot itself in get_slot_status() (bnc#1012382).\n- ACPI / scan: Send change uevent with offine environmental data (bsc#1082485).\n- ACPI / video: Add quirk to force acpi-video backlight on Samsung 670Z5E (bnc#1012382).\n- ACPI: acpi_pad: Fix memory leak in power saving threads (bnc#1012382).\n- ACPI: processor_perflib: Do not send _PPC change notification if not ready (bnc#1012382).\n- ACPICA: Events: add a return on failure from acpi_hw_register_read (bnc#1012382).\n- ACPICA: acpi: acpica: fix acpi operand cache leak in nseval.c (bnc#1012382).\n- ALSA: aloop: Add missing cable lock to ctl API callbacks (bnc#1012382).\n- ALSA: aloop: Mark paused device as inactive (bnc#1012382).\n- ALSA: asihpi: Hardening for potential Spectre v1 (bnc#1012382).\n- ALSA: control: Hardening for potential Spectre v1 (bnc#1012382).\n- ALSA: control: fix a redundant-copy issue (bnc#1012382).\n- ALSA: core: Report audio_tstamp in snd_pcm_sync_ptr (bnc#1012382).\n- ALSA: hda - New VIA controller suppor no-snoop path (bnc#1012382).\n- ALSA: hda - Use IS_REACHABLE() for dependency on input (bnc#1012382 bsc#1031717).\n- ALSA: hda/conexant - Add fixup for HP Z2 G4 workstation (bsc#1092975).\n- ALSA: hda/realtek - Add some fixes for ALC233 (bnc#1012382).\n- ALSA: hda: Add Lenovo C50 All in one to the power_save blacklist (bnc#1012382).\n- ALSA: hda: Hardening for potential Spectre v1 (bnc#1012382).\n- ALSA: hdspm: Hardening for potential Spectre v1 (bnc#1012382).\n- ALSA: line6: Use correct endpoint type for midi output (bnc#1012382).\n- ALSA: opl3: Hardening for potential Spectre v1 (bnc#1012382).\n- ALSA: oss: consolidate kmalloc/memset 0 call to kzalloc (bnc#1012382).\n- ALSA: pcm: Avoid potential races between OSS ioctls and read/write (bnc#1012382).\n- ALSA: pcm: Check PCM state at xfern compat ioctl (bnc#1012382).\n- ALSA: pcm: Fix UAF at PCM release via PCM timer access (bnc#1012382).\n- ALSA: pcm: Fix endless loop for XRUN recovery in OSS emulation (bnc#1012382).\n- ALSA: pcm: Fix mutex unbalance in OSS emulation ioctls (bnc#1012382).\n- ALSA: pcm: Return -EBUSY for OSS ioctls changing busy streams (bnc#1012382).\n- ALSA: pcm: Use ERESTARTSYS instead of EINTR in OSS emulation (bnc#1012382).\n- ALSA: rawmidi: Fix missing input substream checks in compat ioctls (bnc#1012382).\n- ALSA: rme9652: Hardening for potential Spectre v1 (bnc#1012382).\n- ALSA: seq: Fix races at MIDI encoding in snd_virmidi_output_trigger() (bnc#1012382).\n- ALSA: seq: oss: Fix unbalanced use lock for synth MIDI device (bnc#1012382).\n- ALSA: seq: oss: Hardening for potential Spectre v1 (bnc#1012382).\n- ALSA: timer: Call notifier in the same spinlock (bnc#1012382 bsc#973378).\n- ALSA: timer: Fix pause event notification (bnc#1012382 bsc#973378).\n- ALSA: timer: Fix pause event notification (bsc#973378).\n- ALSA: usb-audio: Skip broken EU on Dell dock USB-audio (bsc#1090658).\n- ALSA: usb: mixer: volume quirk for CM102-A+/102S+ (bnc#1012382).\n- ALSA: vmaster: Propagate slave error (bnc#1012382).\n- ARC: Fix malformed ARC_EMUL_UNALIGNED default (bnc#1012382).\n- ARM: 8748/1: mm: Define vdso_start, vdso_end as array (bnc#1012382).\n- ARM: 8769/1: kprobes: Fix to use get_kprobe_ctlblk after irq-disabed (bnc#1012382).\n- ARM: 8770/1: kprobes: Prohibit probing on optimized_callback (bnc#1012382).\n- ARM: 8771/1: kprobes: Prohibit kprobes on do_undefinstr (bnc#1012382).\n- ARM: 8772/1: kprobes: Prohibit kprobes on get_user functions (bnc#1012382).\n- ARM: OMAP1: clock: Fix debugfs_create_*() usage (bnc#1012382).\n- ARM: OMAP2+: timer: fix a kmemleak caused in omap_get_timer_dt (bnc#1012382).\n- ARM: OMAP3: Fix prm wake interrupt for resume (bnc#1012382).\n- ARM: OMAP: Fix dmtimer init for omap1 (bnc#1012382).\n- ARM: amba: Do not read past the end of sysfs \u0027driver_override\u0027 buffer (bnc#1012382).\n- ARM: amba: Fix race condition with driver_override (bnc#1012382).\n- ARM: amba: Make driver_override output consistent with other buses (bnc#1012382).\n- ARM: dts: at91: at91sam9g25: fix mux-mask pinctrl property (bnc#1012382).\n- ARM: dts: at91: sama5d4: fix pinctrl compatible string (bnc#1012382).\n- ASoC: Intel: sst: remove redundant variable dma_dev_name (bnc#1012382).\n- ASoC: au1x: Fix timeout tests in au1xac97c_ac97_read() (bnc#1012382 bsc#1031717).\n- ASoC: fsl_esai: Fix divisor calculation failure at lower ratio (bnc#1012382).\n- ASoC: samsung: i2s: Ensure the RCLK rate is properly determined (bnc#1012382).\n- ASoC: ssm2602: Replace reg_default_raw with reg_default (bnc#1012382).\n- ASoC: topology: create TLV data for dapm widgets (bnc#1012382).\n- Bluetooth: Apply QCA Rome patches for some ATH3012 models (bsc#1082504, bsc#1095147).\n- Bluetooth: btusb: Add USB ID 7392:a611 for Edimax EW-7611ULB (bnc#1012382).\n- Bluetooth: btusb: Add device ID for RTL8822BE (bnc#1012382).\n- Btrfs: Fix out of bounds access in btrfs_search_slot (bnc#1012382).\n- Btrfs: Fix possible softlock on single core machines (bnc#1012382).\n- Btrfs: Fix wrong first_key parameter in replace_path (Followup fix for bsc#1084721).\n- Btrfs: bail out on error during replay_dir_deletes (bnc#1012382).\n- Btrfs: fix NULL pointer dereference in log_dir_items (bnc#1012382).\n- Btrfs: fix copy_items() return value when logging an inode (bnc#1012382).\n- Btrfs: fix crash when trying to resume balance without the resume flag (bnc#1012382).\n- Btrfs: fix lockdep splat in btrfs_alloc_subvolume_writers (bnc#1012382).\n- Btrfs: fix reading stale metadata blocks after degraded raid1 mounts (bnc#1012382).\n- Btrfs: fix scrub to repair raid6 corruption (bnc#1012382).\n- Btrfs: fix xattr loss after power failure (bnc#1012382).\n- Btrfs: send, fix issuing write op when processing hole in no data mode (bnc#1012382).\n- Btrfs: set plug for fsync (bnc#1012382).\n- Btrfs: tests/qgroup: Fix wrong tree backref level (bnc#1012382).\n- Clarify (and fix) MAX_LFS_FILESIZE macros (bnc#1012382).\n- Correct the prefix in references tag in previous patches (bsc#1041740).\n- Do not leak MNT_INTERNAL away from internal mounts (bnc#1012382).\n- ENABLE_IBRS clobbers %rax which it shouldn\u0027t do\n- Enable uinput driver (bsc#1092566).\n- Fix excessive newline in /proc/*/status (bsc#1094823).\n- Fixes typo for (watchdog: hpwdt: Update nmi_panic message) (bsc#1085185).\n- Force log to disk before reading the AGF during a fstrim (bnc#1012382).\n- HID: Fix hid_report_len usage (bnc#1012382).\n- HID: core: Fix size as type u32 (bnc#1012382).\n- HID: hidraw: Fix crash on HIDIOCGFEATURE with a destroyed device (bnc#1012382).\n- HID: i2c-hid: fix size check and type usage (bnc#1012382).\n- HID: roccat: prevent an out of bounds read in kovaplus_profile_activated() (bnc#1012382).\n- IB/ipoib: Fix for potential no-carrier state (bnc#1012382).\n- IB/mlx5: Use unlimited rate when static rate is not supported (bnc#1012382).\n- IB/srp: Fix completion vector assignment algorithm (bnc#1012382).\n- IB/srp: Fix srp_abort() (bnc#1012382).\n- Input: ALPS - fix TrackStick support for SS5 hardware (git-fixes).\n- Input: ALPS - fix multi-touch decoding on SS4 plus touchpads (git-fixes).\n- Input: ALPS - fix trackstick button handling on V8 devices (git-fixes).\n- Input: ALPS - fix two-finger scroll breakage in right side on ALPS touchpad (git-fixes).\n- Input: atmel_mxt_ts - add touchpad button mapping for Samsung Chromebook Pro (bnc#1012382).\n- Input: drv260x - fix initializing overdrive voltage (bnc#1012382).\n- Input: elan_i2c - add ELAN0612 (Lenovo v330 14IKB) ACPI ID (bnc#1012382).\n- Input: elan_i2c_smbus - fix corrupted stack (bnc#1012382).\n- Input: goodix - add new ACPI id for GPD Win 2 touch screen (bnc#1012382).\n- Input: leds - fix out of bound access (bnc#1012382).\n- KEYS: DNS: limit the length of option strings (bnc#1012382).\n- KVM: Fix spelling mistake: \u0027cop_unsuable\u0027 -\u003e \u0027cop_unusable\u0027 (bnc#1012382).\n- KVM: PPC: Book3S HV: Fix VRMA initialization with 2MB or 1GB memory backing (bnc#1012382).\n- KVM: VMX: raise internal error for exception during invalid protected mode state (bnc#1012382).\n- KVM: lapic: stop advertising DIRECTED_EOI when in-kernel IOAPIC is in use (bnc#1012382).\n- KVM: s390: Enable all facility bits that are known good for passthrough (bnc#1012382 bsc#1073059 bsc#1076805).\n- KVM: x86: Sync back MSR_IA32_SPEC_CTRL to VCPU data structure (bsc#1096242, bsc#1096281).\n- KVM: x86: introduce linear_{read,write}_system (bnc#1012382).\n- KVM: x86: pass kvm_vcpu to kvm_read_guest_virt and kvm_write_guest_virt_system (bnc#1012382).\n- Kbuild: change CC_OPTIMIZE_FOR_SIZE definition (bnc#1012382).\n- MIPS: Fix ptrace(2) PTRACE_PEEKUSR and PTRACE_POKEUSR accesses to o32 FGRs (bnc#1012382).\n- MIPS: Octeon: Fix logging messages with spurious periods after newlines (bnc#1012382).\n- MIPS: TXx9: use IS_BUILTIN() for CONFIG_LEDS_CLASS (bnc#1012382).\n- MIPS: ath79: Fix AR724X_PLL_REG_PCIE_CONFIG offset (bnc#1012382).\n- MIPS: memset.S: EVA and fault support for small_memset (bnc#1012382).\n- MIPS: memset.S: Fix clobber of v1 in last_fixup (bnc#1012382).\n- MIPS: memset.S: Fix return of __clear_user from Lpartial_fixup (bnc#1012382).\n- MIPS: prctl: Disallow FRE without FR with PR_SET_FP_MODE requests (bnc#1012382).\n- MIPS: ptrace: Expose FIR register through FP regset (bnc#1012382).\n- MIPS: ptrace: Fix PTRACE_PEEKUSR requests for 64-bit FGRs (bnc#1012382).\n- MIPS: uaccess: Add micromips clobbers to bzero invocation (bnc#1012382).\n- NET: usb: qmi_wwan: add support for ublox R410M PID 0x90b2 (bnc#1012382).\n- NFC: llcp: Limit size of SDP URI (bnc#1012382).\n- NFSv4: always set NFS_LOCK_LOST when a lock is lost (bnc#1012382 bsc#1068951).\n- PCI: Add function 1 DMA alias quirk for Marvell 88SE9220 (bnc#1012382).\n- PCI: Add function 1 DMA alias quirk for Marvell 9128 (bnc#1012382).\n- PCI: Restore config space on runtime resume despite being unbound (bnc#1012382).\n- PCI: hv: Fix a __local_bh_enable_ip warning in hv_compose_msi_msg() (bnc#1094268).\n- RDMA/mlx5: Avoid memory leak in case of XRCD dealloc failure (bnc#1012382).\n- RDMA/mlx5: Protect from shift operand overflow (bnc#1012382).\n- RDMA/qedr: Fix doorbell bar mapping for dpi \u003e 1 (bsc#1022604).\n- RDMA/ucma: Allow resolving address w/o specifying source address (bnc#1012382).\n- RDMA/ucma: Correct option size check using optlen (bnc#1012382).\n- RDMA/ucma: Do not allow setting RDMA_OPTION_IB_PATH without an RDMA device (bnc#1012382).\n- RDS: IB: Fix null pointer issue (bnc#1012382).\n- Revert \u0027ARM: dts: imx6qdl-wandboard: Fix audio channel swap\u0027 (bnc#1012382).\n- Revert \u0027Bluetooth: btusb: Fix quirk for Atheros 1525/QCA6174\u0027 (bnc#1012382).\n- Revert \u0027KVM: Fix stack-out-of-bounds read in write_mmio\u0027 (bnc#1083635).\n- Revert \u0027ath10k: rebuild crypto header in rx data frames\u0027 (kabi).\n- Revert \u0027ath10k: send (re)assoc peer command when NSS changed\u0027 (bnc#1012382).\n- Revert \u0027bs-upload-kernel: do not set %opensuse_bs\u0027 This reverts commit e89e2b8cbef05df6c874ba70af3cb4c57f82a821.\n- Revert \u0027ima: limit file hash setting by user to fix and log modes\u0027 (bnc#1012382).\n- Revert \u0027ipc/shm: Fix shmat mmap nil-page protection\u0027 (bnc#1012382).\n- Revert \u0027perf tests: Decompress kernel module before objdump\u0027 (bnc#1012382).\n- Revert \u0027vti4: Do not override MTU passed on link creation via IFLA_MTU\u0027 (bnc#1012382).\n- Revert \u0027watchdog: hpwdt: Remove legacy NMI sourcing (bsc#1085185).\u0027 This reverts commit 3e75a004de79c213a2c919144da3d413922661db.\n- Revert \u0027x86/fpu: Hard-disable lazy FPU mode\u0027 (compatibility).\n- USB: Accept bulk endpoints with 1024-byte maxpacket (bnc#1012382 bsc#1092888).\n- USB: Accept bulk endpoints with 1024-byte maxpacket (bsc#1092888).\n- USB: Increment wakeup count on remote wakeup (bnc#1012382).\n- USB: OHCI: Fix NULL dereference in HCDs using HCD_LOCAL_MEM (bnc#1012382).\n- USB: serial: cp210x: add ID for NI USB serial console (bnc#1012382).\n- USB: serial: cp210x: use tcflag_t to fix incompatible pointer type (bnc#1012382).\n- USB: serial: ftdi_sio: use jtag quirk for Arrow USB Blaster (bnc#1012382).\n- USB: serial: option: Add support for Quectel EP06 (bnc#1012382).\n- USB: serial: option: adding support for ublox R410M (bnc#1012382).\n- USB: serial: option: reimplement interface masking (bnc#1012382).\n- USB: serial: simple: add libtransistor console (bnc#1012382).\n- USB: serial: visor: handle potential invalid device configuration (bnc#1012382).\n- USB:fix USB3 devices behind USB3 hubs not resuming at hibernate thaw (bnc#1012382).\n- Update config files, add expoline for s390x (bsc#1089393).\n- af_key: Always verify length of provided sadb_key (bnc#1012382).\n- affs_lookup(): close a race with affs_remove_link() (bnc#1012382).\n- aio: fix io_destroy(2) vs. lookup_ioctx() race (bnc#1012382).\n- arm/arm64: smccc: Add SMCCC-specific return codes (bsc#1085308).\n- arm64: Add \u0027ssbd\u0027 command-line option (bsc#1085308).\n- arm64: Add ARCH_WORKAROUND_2 probing (bsc#1085308).\n- arm64: Add per-cpu infrastructure to call ARCH_WORKAROUND_2 (bsc#1085308).\n- arm64: Add this_cpu_ptr() assembler macro for use in entry.S (bsc#1085308).\n- arm64: Add work around for Arm Cortex-A55 Erratum 1024718 (bnc#1012382).\n- arm64: Call ARCH_WORKAROUND_2 on transitions between EL0 and EL1 (bsc#1085308).\n- arm64: alternatives: Add dynamic patching feature (bsc#1085308).\n- arm64: assembler: introduce ldr_this_cpu (bsc#1085308).\n- arm64: do not call C code with el0\u0027s fp register (bsc#1085308).\n- arm64: fix endianness annotation for __apply_alternatives()/get_alt_insn() (bsc#1085308).\n- arm64: introduce mov_q macro to move a constant into a 64-bit register (bnc#1012382 bsc#1068032).\n- arm64: lse: Add early clobbers to some input/output asm operands (bnc#1012382).\n- arm64: spinlock: Fix theoretical trylock() A-B-A with LSE atomics (bnc#1012382).\n- arm64: ssbd: Add global mitigation state accessor (bsc#1085308).\n- arm64: ssbd: Add prctl interface for per-thread mitigation (bsc#1085308).\n- arm64: ssbd: Introduce thread flag to control userspace mitigation (bsc#1085308).\n- arm64: ssbd: Restore mitigation status on CPU resume (bsc#1085308).\n- arm64: ssbd: Skip apply_ssbd if not using dynamic mitigation (bsc#1085308).\n- arm: dts: socfpga: fix GIC PPI warning (bnc#1012382).\n- asm-generic: provide generic_pmdp_establish() (bnc#1012382).\n- ath10k: Fix kernel panic while using worker (ath10k_sta_rc_update_wk) (bnc#1012382).\n- ath10k: fix rfc1042 header retrieval in QCA4019 with eth decap mode (bnc#1012382).\n- ath10k: rebuild crypto header in rx data frames (bnc#1012382).\n- ath9k_hw: check if the chip failed to wake up (bnc#1012382).\n- atm: zatm: Fix potential Spectre v1 (bnc#1012382).\n- audit: move calcs after alloc and check when logging set loginuid (bnc#1012382).\n- audit: return on memory error to avoid null pointer dereference (bnc#1012382).\n- autofs: change autofs4_expire_wait()/do_expire_wait() to take struct path (bsc#1086716).\n- autofs: change autofs4_wait() to take struct path (bsc#1086716).\n- autofs: mount point create should honour passed in mode (bnc#1012382).\n- autofs: use path_has_submounts() to fix unreliable have_submount() checks (bsc#1086716).\n- autofs: use path_is_mountpoint() to fix unreliable d_mountpoint() checks (bsc#1086716).\n- batman-adv: fix header size check in batadv_dbg_arp() (bnc#1012382).\n- batman-adv: fix multicast-via-unicast transmission with AP isolation (bnc#1012382).\n- batman-adv: fix packet checksum in receive path (bnc#1012382).\n- batman-adv: fix packet loss for broadcasted DHCP packets to a server (bnc#1012382).\n- batman-adv: invalidate checksum on fragment reassembly (bnc#1012382).\n- bcache: fix for allocator and register thread race (bnc#1012382).\n- bcache: fix for data collapse after re-attaching an attached device (bnc#1012382).\n- bcache: fix kcrashes with fio in RAID5 backend dev (bnc#1012382).\n- bcache: properly set task state in bch_writeback_thread() (bnc#1012382).\n- bcache: quit dc-\u003ewriteback_thread when BCACHE_DEV_DETACHING is set (bnc#1012382).\n- bcache: return attach error when no cache set exist (bnc#1012382).\n- bdi: Fix oops in wb_workfn() (bnc#1012382).\n- blacklist.conf: Add an omapdrm entry (bsc#1090708, bsc#1090718)\n- block/loop: fix deadlock after loop_set_status (bnc#1012382).\n- block: cancel workqueue entries on blk_mq_freeze_queue() (bsc#1090435).\n- block: sanity check for integrity intervals (bsc#1091728).\n- bnx2x: use the right constant (bnc#1012382).\n- bnxt_en: Check valid VNIC ID in bnxt_hwrm_vnic_set_tpa() (bnc#1012382).\n- bonding: do not allow rlb updates to invalid mac (bnc#1012382).\n- bonding: do not set slave_dev npinfo before slave_enable_netpoll in bond_enslave (bnc#1012382).\n- bpf: fix selftests/bpf test_kmod.sh failure when CONFIG_BPF_JIT_ALWAYS_ON=y (bnc#1012382).\n- bpf: map_get_next_key to return first key on NULL (bnc#1012382).\n- brcmfmac: Fix check for ISO3166 code (bnc#1012382).\n- bridge: check iface upper dev when setting master via ioctl (bnc#1012382).\n- can: kvaser_usb: Increase correct stats counter in kvaser_usb_rx_can_msg() (bnc#1012382).\n- cdc_ether: flag the Cinterion AHS8 modem by gemalto as WWAN (bnc#1012382).\n- cdrom: do not call check_disk_change() inside cdrom_open() (bnc#1012382).\n- cdrom: information leak in cdrom_ioctl_media_changed() (bnc#1012382).\n- ceph: adding protection for showing cap reservation info (bsc#1089115).\n- ceph: always update atime/mtime/ctime for new inode (bsc#1089115).\n- ceph: check if mds create snaprealm when setting quota (bsc#1089115).\n- ceph: delete unreachable code in ceph_check_caps() (bsc#1096214).\n- ceph: do not check quota for snap inode (bsc#1089115).\n- ceph: fix invalid point dereference for error case in mdsc destroy (bsc#1089115).\n- ceph: fix race of queuing delayed caps (bsc#1096214).\n- ceph: fix root quota realm check (bsc#1089115).\n- ceph: fix rsize/wsize capping in ceph_direct_read_write() (bsc#1089115).\n- ceph: fix st_nlink stat for directories (bsc#1093904).\n- ceph: quota: add counter for snaprealms with quota (bsc#1089115).\n- ceph: quota: add initial infrastructure to support cephfs quotas (bsc#1089115).\n- ceph: quota: cache inode pointer in ceph_snap_realm (bsc#1089115).\n- ceph: quota: do not allow cross-quota renames (bsc#1089115).\n- ceph: quota: report root dir quota usage in statfs (bsc#1089115).\n- ceph: quota: support for ceph.quota.max_bytes (bsc#1089115).\n- ceph: quota: support for ceph.quota.max_files (bsc#1089115).\n- ceph: quota: update MDS when max_bytes is approaching (bsc#1089115).\n- cfg80211: further limit wiphy names to 64 bytes (bnc#1012382 git-fixes).\n- cfg80211: further limit wiphy names to 64 bytes (git-fixes).\n- cfg80211: limit wiphy names to 128 bytes (bnc#1012382).\n- cifs: Use file_dentry() (bsc#1093008).\n- cifs: do not allow creating sockets except with SMB1 posix exensions (bnc#1012382).\n- cifs: silence compiler warnings showing up with gcc-8.0.0 (bnc#1012382 bsc#1090734).\n- cifs: silence compiler warnings showing up with gcc-8.0.0 (bsc#1090734).\n- clk: Do not show the incorrect clock phase (bnc#1012382).\n- clk: bcm2835: De-assert/assert PLL reset signal when appropriate (bnc#1012382).\n- clk: mvebu: armada-38x: add support for 1866MHz variants (bnc#1012382).\n- clk: mvebu: armada-38x: add support for missing clocks (bnc#1012382).\n- clk: rockchip: Prevent calculating mmc phase if clock rate is zero (bnc#1012382).\n- clk: samsung: exynos3250: Fix PLL rates (bnc#1012382).\n- clk: samsung: exynos5250: Fix PLL rates (bnc#1012382).\n- clk: samsung: exynos5260: Fix PLL rates (bnc#1012382).\n- clk: samsung: exynos5433: Fix PLL rates (bnc#1012382).\n- clk: samsung: s3c2410: Fix PLL rates (bnc#1012382).\n- clocksource/drivers/arm_arch_timer: Avoid infinite recursion when ftrace is enabled (bsc#1090225).\n- clocksource/drivers/fsl_ftm_timer: Fix error return checking (bnc#1012382).\n- config: arm64: enable Spectre-v4 per-thread mitigation\n- cpufreq: CPPC: Initialize shared perf capabilities of CPUs (bnc#1012382).\n- cpufreq: cppc_cpufreq: Fix cppc_cpufreq_init() failure path (bnc#1012382).\n- cpufreq: intel_pstate: Enable HWP by default (bnc#1012382).\n- cpuidle: coupled: remove unused define cpuidle_coupled_lock (bnc#1012382).\n- crypto: af_alg - fix possible uninit-value in alg_bind() (bnc#1012382).\n- crypto: sunxi-ss - Add MODULE_ALIAS to sun4i-ss (bnc#1012382).\n- crypto: vmx - Remove overly verbose printk from AES init routines (bnc#1012382).\n- cxgb4: Setup FW queues before registering netdev (bsc#1022743).\n- dccp: do not free ccid2_hc_tx_sock struct in dccp_disconnect() (bnc#1012382).\n- dccp: fix tasklet usage (bnc#1012382).\n- dccp: initialize ireq-\u003eir_mark (bnc#1012382).\n- dlm: fix a clerical error when set SCTP_NODELAY (bsc#1091594).\n- dlm: make sctp_connect_to_sock() return in specified time (bsc#1080542).\n- dlm: remove O_NONBLOCK flag in sctp_connect_to_sock (bsc#1080542).\n- dm thin: fix documentation relative to low water mark threshold (bnc#1012382).\n- dmaengine: at_xdmac: fix rare residue corruption (bnc#1012382).\n- dmaengine: ensure dmaengine helpers check valid callback (bnc#1012382).\n- dmaengine: pl330: fix a race condition in case of threaded irqs (bnc#1012382).\n- dmaengine: rcar-dmac: fix max_chunk_size for R-Car Gen3 (bnc#1012382).\n- dmaengine: usb-dmac: fix endless loop in usb_dmac_chan_terminate_all() (bnc#1012382).\n- do d_instantiate/unlock_new_inode combinations safely (bnc#1012382).\n- dp83640: Ensure against premature access to PHY registers after reset (bnc#1012382).\n- drm/exynos: fix comparison to bitshift when dealing with a mask (bnc#1012382).\n- drm/i915: Disable LVDS on Radiant P845 (bnc#1012382).\n- drm/radeon: Fix PCIe lane width calculation (bnc#1012382).\n- drm/rockchip: Respect page offset for PRIME mmap calls (bnc#1012382).\n- drm/virtio: fix vq wait_event condition (bnc#1012382).\n- drm/vmwgfx: Fix a buffer object leak (bnc#1012382).\n- drm: set FMODE_UNSIGNED_OFFSET for drm files (bnc#1012382).\n- e1000e: Fix check_for_link return value with autoneg off (bnc#1012382 bsc#1075428).\n- e1000e: allocate ring descriptors with dma_zalloc_coherent (bnc#1012382).\n- efi: Avoid potential crashes, fix the \u0027struct efi_pci_io_protocol_32\u0027 definition for mixed mode (bnc#1012382).\n- enic: enable rq before updating rq descriptors (bnc#1012382).\n- enic: set DMA mask to 47 bit (bnc#1012382).\n- ext2: fix a block leak (bnc#1012382).\n- ext4: Fix hole length detection in ext4_ind_map_blocks() (bsc#1090953).\n- ext4: add validity checks for bitmap block numbers (bnc#1012382).\n- ext4: bugfix for mmaped pages in mpage_release_unused_pages() (bnc#1012382).\n- ext4: do not allow r/w mounts if metadata blocks overlap the superblock (bnc#1012382).\n- ext4: do not update checksum of new initialized bitmaps (bnc#1012382).\n- ext4: fail ext4_iget for root directory if unallocated (bnc#1012382).\n- ext4: fix bitmap position validation (bnc#1012382).\n- ext4: fix deadlock between inline_data and ext4_expand_extra_isize_ea() (bnc#1012382).\n- ext4: prevent right-shifting extents beyond EXT_MAX_BLOCKS (bnc#1012382).\n- ext4: set h_journal if there is a failure starting a reserved handle (bnc#1012382).\n- fanotify: fix logic of events on child (bnc#1012382).\n- fbdev: Fixing arbitrary kernel leak in case FBIOGETCMAP_SPARC in sbusfb_ioctl_helper() (bnc#1012382).\n- firewire-ohci: work around oversized DMA reads on JMicron controllers (bnc#1012382).\n- firmware: dmi: handle missing DMI data gracefully (bsc#1096037).\n- firmware: dmi_scan: Fix handling of empty DMI strings (bnc#1012382).\n- fix io_destroy()/aio_complete() race (bnc#1012382).\n- fs/proc/proc_sysctl.c: fix potential page fault while unregistering sysctl table (bnc#1012382).\n- fs/reiserfs/journal.c: add missing resierfs_warning() arg (bnc#1012382).\n- fscache: Fix hanging wait on page discarded by writeback (bnc#1012382).\n- futex: Remove duplicated code and fix undefined behaviour (bnc#1012382).\n- futex: Remove unnecessary warning from get_futex_key (bnc#1012382).\n- futex: futex_wake_op, do not fail on invalid op (git-fixes).\n- futex: futex_wake_op, fix sign_extend32 sign bits (bnc#1012382).\n- getname_kernel() needs to make sure that -\u003ename != -\u003einame in long case (bnc#1012382).\n- gfs2: Fix fallocate chunk size (bnc#1012382).\n- gianfar: Fix Rx byte accounting for ndev stats (bnc#1012382).\n- gpio: No NULL owner (bnc#1012382).\n- gpio: rcar: Add Runtime PM handling for interrupts (bnc#1012382).\n- gpmi-nand: Handle ECC Errors in erased pages (bnc#1012382).\n- hfsplus: stop workqueue when fill_super() failed (bnc#1012382).\n- hwmon: (nct6775) Fix writing pwmX_mode (bnc#1012382).\n- hwmon: (pmbus/adm1275) Accept negative page register values (bnc#1012382).\n- hwmon: (pmbus/max8688) Accept negative page register values (bnc#1012382).\n- hwrng: stm32 - add reset during probe (bnc#1012382).\n- hwtracing: stm: fix build error on some arches (bnc#1012382).\n- hypfs_kill_super(): deal with failed allocations (bnc#1012382).\n- i2c: mv64xxx: Apply errata delay only in standard mode (bnc#1012382).\n- i2c: rcar: check master irqs before slave irqs (bnc#1012382).\n- i2c: rcar: do not issue stop when HW does it automatically (bnc#1012382).\n- i2c: rcar: init new messages in irq (bnc#1012382).\n- i2c: rcar: make sure clocks are on when doing clock calculation (bnc#1012382).\n- i2c: rcar: refactor setup of a msg (bnc#1012382).\n- i2c: rcar: remove spinlock (bnc#1012382).\n- i2c: rcar: remove unused IOERROR state (bnc#1012382).\n- i2c: rcar: revoke START request early (bnc#1012382).\n- i2c: rcar: rework hw init (bnc#1012382).\n- ibmvnic: Check CRQ command return codes (bsc#1094840).\n- ibmvnic: Clean actual number of RX or TX pools (bsc#1092289).\n- ibmvnic: Create separate initialization routine for resets (bsc#1094840).\n- ibmvnic: Fix non-fatal firmware error reset (bsc#1093990).\n- ibmvnic: Fix partial success login retries (bsc#1094840).\n- ibmvnic: Fix statistics buffers memory leak (bsc#1093990).\n- ibmvnic: Free coherent DMA memory if FW map failed (bsc#1093990).\n- ibmvnic: Handle error case when setting link state (bsc#1094840).\n- ibmvnic: Introduce active CRQ state (bsc#1094840).\n- ibmvnic: Introduce hard reset recovery (bsc#1094840).\n- ibmvnic: Mark NAPI flag as disabled when released (bsc#1094840).\n- ibmvnic: Only do H_EOI for mobility events (bsc#1094356).\n- ibmvnic: Return error code if init interrupted by transport event (bsc#1094840).\n- ibmvnic: Set resetting state at earliest possible point (bsc#1094840).\n- iio:kfifo_buf: check for uint overflow (bnc#1012382).\n- ima: Fallback to the builtin hash algorithm (bnc#1012382).\n- ima: Fix Kconfig to select TPM 2.0 CRB interface (bnc#1012382).\n- init: fix false positives in W+X checking (bsc#1096982).\n- iommu/vt-d: Fix a potential memory leak (bnc#1012382).\n- ip6mr: only set ip6mr_table from setsockopt when ip6mr_new_table succeeds (bnc#1012382).\n- ipc/shm: fix shmat() nil address after round-down when remapping (bnc#1012382).\n- ipc/shm: fix use-after-free of shm file via remap_file_pages() (bnc#1012382).\n- ipmi/powernv: Fix error return code in ipmi_powernv_probe() (bnc#1012382).\n- ipmi: create hardware-independent softdep for ipmi_devintf (bsc#1009062, bsc#1060799).\n- ipmi_ssif: Fix kernel panic at msg_done_handler (bnc#1012382 bsc#1088871).\n- ipv4: fix memory leaks in udp_sendmsg, ping_v4_sendmsg (bnc#1012382).\n- ipv4: lock mtu in fnhe when received PMTU lower than net.ipv4.route.min_pmtu (bnc#1012382).\n- ipv4: remove warning in ip_recv_error (bnc#1012382).\n- ipv6: add RTA_TABLE and RTA_PREFSRC to rtm_ipv6_policy (bnc#1012382).\n- ipv6: add mtu lock check in __ip6_rt_update_pmtu (bsc#1092552).\n- ipv6: omit traffic class when calculating flow hash (bsc#1095042).\n- ipvs: fix rtnl_lock lockups caused by start_sync_thread (bnc#1012382).\n- irda: fix overly long udelay() (bnc#1012382).\n- irqchip/gic-v3: Change pr_debug message to pr_devel (bnc#1012382).\n- isdn: eicon: fix a missing-check bug (bnc#1012382).\n- jbd2: fix use after free in kjournald2() (bnc#1012382).\n- jbd2: if the journal is aborted then do not allow update of the log tail (bnc#1012382).\n- jffs2: Fix use-after-free bug in jffs2_iget()\u0027s error handling path (bnc#1012382 git-fixes).\n- jffs2_kill_sb(): deal with failed allocations (bnc#1012382).\n- kABI: work around BPF SSBD removal (bsc#1087082).\n- kabi: vfs: Restore dentry_operations-\u003ed_manage (bsc#1086716).\n- kasan: fix memory hotplug during boot (bnc#1012382).\n- kconfig: Avoid format overflow warning from GCC 8.1 (bnc#1012382).\n- kconfig: Do not leak main menus during parsing (bnc#1012382).\n- kconfig: Fix automatic menu creation mem leak (bnc#1012382).\n- kconfig: Fix expr_free() E_NOT leak (bnc#1012382).\n- kdb: make \u0027mdr\u0027 command repeat (bnc#1012382).\n- kernel/relay.c: limit kmalloc size to KMALLOC_MAX_SIZE (bnc#1012382).\n- kernel/sys.c: fix potential Spectre v1 issue (bnc#1012382).\n- kernel: Fix memory leak on EP11 target list processing (bnc#1096751, ).\n- kexec_file: do not add extra alignment to efi memmap (bsc#1044596).\n- kgraft/bnx2fc: Do not block kGraft in bnx2fc_l2_rcv kthread (bsc#1094033).\n- kobject: do not use WARN for registration failures (bnc#1012382).\n- kvm: Fix nopvspin static branch init usage (bsc#1056427).\n- kvm: Introduce nopvspin kernel parameter (bsc#1056427).\n- kvm: x86: fix KVM_XEN_HVM_CONFIG ioctl (bnc#1012382).\n- kvm: x86: use correct privilege level for sgdt/sidt/fxsave/fxrstor access (bnc#1012382).\n- l2tp: check sockaddr length in pppol2tp_connect() (bnc#1012382).\n- l2tp: revert \u0027l2tp: fix missing print session offset info\u0027 (bnc#1012382).\n- lan78xx: Correctly indicate invalid OTP (bnc#1012382).\n- libata: Apply NOLPM quirk for SanDisk SD7UB3Q*G1001 SSDs (bnc#1012382).\n- libata: Blacklist some Sandisk SSDs for NCQ (bnc#1012382).\n- libata: blacklist Micron 500IT SSD with MU01 firmware (bnc#1012382).\n- libceph, ceph: change permission for readonly debugfs entries (bsc#1089115).\n- libceph: fix misjudgement of maximum monitor number (bsc#1089115).\n- libceph: reschedule a tick in finish_hunting() (bsc#1089115).\n- libceph: un-backoff on tick when we have a authenticated session (bsc#1089115).\n- libceph: validate con-\u003estate at the top of try_write() (bsc#1089115).\n- libnvdimm, dax: fix 1GB-aligned namespaces vs physical misalignment\n- libnvdimm, namespace: use a safe lookup for dimm device name\n- libnvdimm, pfn: fix start_pad handling for aligned namespaces\n- livepatch: Allow to call a custom callback when freeing shadow variables (bsc#1082299).\n- livepatch: Initialize shadow variables safely by a custom callback (bsc#1082299).\n- llc: better deal with too small mtu (bnc#1012382).\n- llc: delete timers synchronously in llc_sk_free() (bnc#1012382).\n- llc: fix NULL pointer deref for SOCK_ZAPPED (bnc#1012382).\n- llc: hold llc_sap before release_sock() (bnc#1012382).\n- llc: properly handle dev_queue_xmit() return value (bnc#1012382).\n- lockd: lost rollback of set_grace_period() in lockd_down_net() (bnc#1012382 git-fixes).\n- locking/qspinlock: Ensure node-\u003ecount is updated before initialising node (bnc#1012382).\n- locking/xchg/alpha: Add unconditional memory barrier to cmpxchg() (bnc#1012382).\n- locking/xchg/alpha: Fix xchg() and cmpxchg() memory ordering bugs (bnc#1012382).\n- loop: handle short DIO reads (bsc#1094177).\n- m68k: set dma and coherent masks for platform FEC ethernets (bnc#1012382).\n- mac80211: Add RX flag to indicate ICV stripped (bnc#1012382).\n- mac80211: allow not sending MIC up from driver for HW crypto (bnc#1012382).\n- mac80211: allow same PN for AMSDU sub-frames (bnc#1012382).\n- mac80211: round IEEE80211_TX_STATUS_HEADROOM up to multiple of 4 (bnc#1012382).\n- md raid10: fix NULL deference in handle_write_completed() (bnc#1012382 bsc#1056415).\n- md/raid1: fix NULL pointer dereference (bnc#1012382).\n- md: document lifetime of internal rdev pointer (bsc#1056415).\n- md: fix two problems with setting the \u0027re-add\u0027 device state (bsc#1089023).\n- md: only allow remove_and_add_spares when no sync_thread running (bsc#1056415).\n- md: raid5: avoid string overflow warning (bnc#1012382).\n- media: cx23885: Override 888 ImpactVCBe crystal frequency (bnc#1012382).\n- media: cx23885: Set subdev host data to clk_freq pointer (bnc#1012382).\n- media: cx25821: prevent out-of-bounds read on array card (bnc#1012382 bsc#1031717).\n- media: dmxdev: fix error code for invalid ioctls (bnc#1012382).\n- media: em28xx: USB bulk packet size fix (bnc#1012382).\n- media: s3c-camif: fix out-of-bounds array access (bnc#1012382 bsc#1031717).\n- media: v4l2-compat-ioctl32: do not oops on overlay (bnc#1012382).\n- mm, page_alloc: do not break __GFP_THISNODE by zonelist reset (bsc#1079152, VM Functionality).\n- mm, slab: reschedule cache_reap() on the same CPU (bnc#1012382).\n- mm/filemap.c: fix NULL pointer in page_cache_tree_insert() (bnc#1012382).\n- mm/kmemleak.c: wait for scan completion before disabling free (bnc#1012382).\n- mm/ksm: fix interaction with THP (bnc#1012382).\n- mm/mempolicy.c: avoid use uninitialized preferred_node (bnc#1012382).\n- mm/mempolicy: add nodes_empty check in SYSC_migrate_pages (bnc#1012382).\n- mm/mempolicy: fix the check of nodemask from user (bnc#1012382).\n- mm: do not allow deferred pages with NEED_PER_CPU_KM (bnc#1012382).\n- mm: filemap: avoid unnecessary calls to lock_page when waiting for IO to complete during a read (-- VM bnc#1012382 bnc#971975 generic performance read).\n- mm: filemap: remove redundant code in do_read_cache_page (-- VM bnc#1012382 bnc#971975 generic performance read).\n- mm: fix races between address_space dereference and free in page_evicatable (bnc#1012382).\n- mm: fix the NULL mapping case in __isolate_lru_page() (bnc#1012382).\n- mm: pin address_space before dereferencing it while isolating an LRU page (bnc#1012382 bnc#1081500).\n- mmap: introduce sane default mmap limits (bnc#1012382).\n- mmap: relax file size limit for regular files (bnc#1012382).\n- mmc: jz4740: Fix race condition in IRQ mask update (bnc#1012382).\n- mmc: sdhci-iproc: fix 32bit writes for TRANSFER_MODE register (bnc#1012382).\n- mtd: cfi: cmdset_0001: Do not allow read/write to suspend erase block (bnc#1012382).\n- mtd: cfi: cmdset_0001: Workaround Micron Erase suspend bug (bnc#1012382).\n- mtd: cfi: cmdset_0002: Do not allow read/write to suspend erase block (bnc#1012382).\n- net-usb: add qmi_wwan if on lte modem wistron neweb d18q1 (bnc#1012382).\n- net/mlx4: Fix irq-unsafe spinlock usage (bnc#1012382).\n- net/mlx4_en: Verify coalescing parameters are in range (bnc#1012382).\n- net/mlx5: Protect from command bit overflow (bnc#1012382).\n- net/packet: refine check for priv area size (bnc#1012382).\n- net/tcp/illinois: replace broken algorithm reference link (bnc#1012382).\n- net/usb/qmi_wwan.c: Add USB id for lt4120 modem (bnc#1012382).\n- net: Fix untag for vlan packets without ethernet header (bnc#1012382).\n- net: Fix vlan untag for bridge and vlan_dev with reorder_hdr off (bnc#1012382).\n- net: af_packet: fix race in PACKET_{R|T}X_RING (bnc#1012382).\n- net: atm: Fix potential Spectre v1 (bnc#1012382).\n- net: bgmac: Fix endian access in bgmac_dma_tx_ring_free() (bnc#1012382).\n- net: ethernet: sun: niu set correct packet size in skb (bnc#1012382).\n- net: fix deadlock while clearing neighbor proxy table (bnc#1012382).\n- net: fix rtnh_ok() (bnc#1012382).\n- net: fix uninit-value in __hw_addr_add_ex() (bnc#1012382).\n- net: initialize skb-\u003epeeked when cloning (bnc#1012382).\n- net: metrics: add proper netlink validation (bnc#1012382).\n- net: mvneta: fix enable of all initialized RXQs (bnc#1012382).\n- net: phy: broadcom: Fix bcm_write_exp() (bnc#1012382).\n- net: qmi_wwan: add BroadMobi BM806U 2020:2033 (bnc#1012382).\n- net: support compat 64-bit time in {s,g}etsockopt (bnc#1012382).\n- net: test tailroom before appending to linear skb (bnc#1012382).\n- net: usb: cdc_mbim: add flag FLAG_SEND_ZLP (bnc#1012382).\n- net: validate attribute sizes in neigh_dump_table() (bnc#1012382).\n- net_sched: fq: take care of throttled flows before reuse (bnc#1012382).\n- netdev-FAQ: clarify DaveM\u0027s position for stable backports (bnc#1012382).\n- netfilter: ebtables: convert BUG_ONs to WARN_ONs (bnc#1012382).\n- netlabel: If PF_INET6, check sk_buff ip header version (bnc#1012382).\n- netlink: fix uninit-value in netlink_sendmsg (bnc#1012382).\n- nfit, address-range-scrub: fix scrub in-progress reporting\n- nfit: fix region registration vs block-data-window ranges\n- nfs: Do not convert nfs_idmap_cache_timeout to jiffies (bnc#1012382 git-fixes).\n- ntb_transport: Fix bug with max_mw_size parameter (bnc#1012382).\n- nvme-pci: Fix EEH failure on ppc (bsc#1093533).\n- nvme-pci: Fix nvme queue cleanup if IRQ setup fails (bnc#1012382).\n- nvme: target: fix buffer overflow (bsc#993388).\n- ocfs2/acl: use \u0027ip_xattr_sem\u0027 to protect getting extended attribute (bnc#1012382).\n- ocfs2/dlm: Fix up kABI in dlm_ctxt (bsc#1070404).\n- ocfs2/dlm: do not handle migrate lockres if already in shutdown (bnc#1012382).\n- ocfs2/dlm: wait for dlm recovery done when migrating all lock resources (bsc#1070404).\n- ocfs2: return -EROFS to mount.ocfs2 if inode block is invalid (bnc#1012382).\n- ocfs2: return error when we attempt to access a dirty bh in jbd2 (bnc#1012382 bsc#1070404).\n- openvswitch: Do not swap table in nlattr_set() after OVS_ATTR_NESTED is found (bnc#1012382).\n- packet: fix bitfield update race (bnc#1012382).\n- packet: fix reserve calculation (bnc#1012382 git-fixes).\n- packet: fix reserve calculation (git-fixes).\n- packet: in packet_snd start writing at link layer allocation (bnc#1012382).\n- parisc/pci: Switch LBA PCI bus from Hard Fail to Soft Fail mode (bnc#1012382).\n- parisc: Fix out of array access in match_pci_device() (bnc#1012382).\n- percpu: include linux/sched.h for cond_resched() (bnc#1012382).\n- perf callchain: Fix attr.sample_max_stack setting (bnc#1012382).\n- perf intel-pt: Fix error recovery from missing TIP packet (bnc#1012382).\n- perf intel-pt: Fix overlap detection to identify consecutive buffers correctly (bnc#1012382).\n- perf intel-pt: Fix sync_switch (bnc#1012382).\n- perf intel-pt: Fix timestamp following overflow (bnc#1012382).\n- perf report: Fix memory corruption in --branch-history mode --branch-history (bnc#1012382).\n- perf tests: Use arch__compare_symbol_names to compare symbols (bnc#1012382).\n- perf/cgroup: Fix child event counting bug (bnc#1012382).\n- perf/core: Fix perf_output_read_group() (bnc#1012382).\n- perf/core: Fix possible Spectre-v1 indexing for -\u003eaux_pages[] (bnc#1012382).\n- perf/core: Fix the perf_cpu_time_max_percent check (bnc#1012382).\n- perf/x86/cstate: Fix possible Spectre-v1 indexing for pkg_msr (bnc#1012382).\n- perf/x86/msr: Fix possible Spectre-v1 indexing in the MSR driver (bnc#1012382).\n- perf/x86: Fix possible Spectre-v1 indexing for hw_perf_event cache_* (bnc#1012382).\n- perf/x86: Fix possible Spectre-v1 indexing for x86_pmu::event_map() (bnc#1012382).\n- perf: Remove superfluous allocation error check (bnc#1012382).\n- perf: Return proper values for user stack errors (bnc#1012382).\n- pipe: cap initial pipe capacity according to pipe-max-size limit (bnc#1012382 bsc#1045330).\n- platform/x86: ideapad-laptop: Add MIIX 720-12IKB to no_hw_rfkill (bsc#1093035).\n- powerpc/64: Fix smp_wmb barrier definition use use lwsync consistently (bnc#1012382).\n- powerpc/64: Use barrier_nospec in syscall entry (bsc#1068032, bsc#1080157).\n- powerpc/64s: Add barrier_nospec (bsc#1068032, bsc#1080157).\n- powerpc/64s: Add support for ori barrier_nospec patching (bsc#1068032, bsc#1080157).\n- powerpc/64s: Clear PCR on boot (bnc#1012382).\n- powerpc/64s: Enable barrier_nospec based on firmware settings (bsc#1068032, bsc#1080157).\n- powerpc/64s: Enhance the information in cpu_show_meltdown() (bsc#1068032, bsc#1075087, bsc#1091041).\n- powerpc/64s: Enhance the information in cpu_show_spectre_v1() (bsc#1068032).\n- powerpc/64s: Fix section mismatch warnings from setup_rfi_flush() (bsc#1068032, bsc#1075087, bsc#1091041).\n- powerpc/64s: Move cpu_show_meltdown() (bsc#1068032, bsc#1075087, bsc#1091041).\n- powerpc/64s: Patch barrier_nospec in modules (bsc#1068032, bsc#1080157).\n- powerpc/64s: Wire up cpu_show_spectre_v1() (bsc#1068032, bsc#1075087, bsc#1091041).\n- powerpc/64s: Wire up cpu_show_spectre_v2() (bsc#1068032, bsc#1075087, bsc#1091041).\n- powerpc/bpf/jit: Fix 32-bit JIT for seccomp_data access (bnc#1012382).\n- powerpc/eeh: Fix enabling bridge MMIO windows (bnc#1012382).\n- powerpc/fadump: Do not use hugepages when fadump is active (bsc#1092772).\n- powerpc/fadump: exclude memory holes while reserving memory in second kernel (bsc#1092772).\n- powerpc/lib: Fix off-by-one in alternate feature patching (bnc#1012382).\n- powerpc/livepatch: Fix livepatch stack access (bsc#1094466).\n- powerpc/mm: Allow memory hotplug into an offline node (bsc#1090663).\n- powerpc/mm: allow memory hotplug into a memoryless node (bsc#1090663).\n- powerpc/modules: Do not try to restore r2 after a sibling call (bsc#1094466).\n- powerpc/mpic: Check if cpu_possible() in mpic_physmask() (bnc#1012382).\n- powerpc/numa: Ensure nodes initialized for hotplug (bnc#1012382 bsc#1081514).\n- powerpc/numa: Use ibm,max-associativity-domains to discover possible nodes (bnc#1012382 bsc#1081514).\n- powerpc/perf: Fix kernel address leak via sampling registers (bnc#1012382).\n- powerpc/perf: Prevent kernel address leak to userspace via BHRB buffer (bnc#1012382).\n- powerpc/powernv: Fix NVRAM sleep in invalid context when crashing (bnc#1012382).\n- powerpc/powernv: Fix OPAL NVRAM driver OPAL_BUSY loops (bnc#1012382).\n- powerpc/powernv: Handle unknown OPAL errors in opal_nvram_write() (bnc#1012382).\n- powerpc/powernv: Remove OPALv2 firmware define and references (bnc#1012382).\n- powerpc/powernv: Set or clear security feature flags (bsc#1068032, bsc#1075087, bsc#1091041).\n- powerpc/powernv: Use the security flags in pnv_setup_rfi_flush() (bsc#1068032, bsc#1075087, bsc#1091041).\n- powerpc/powernv: define a standard delay for OPAL_BUSY type retry loops (bnc#1012382).\n- powerpc/powernv: panic() on OPAL lower than V3 (bnc#1012382).\n- powerpc/powernv: remove FW_FEATURE_OPALv3 and just use FW_FEATURE_OPAL (bnc#1012382).\n- powerpc/pseries: Add new H_GET_CPU_CHARACTERISTICS flags (bsc#1068032, bsc#1075087, bsc#1091041).\n- powerpc/pseries: Fix clearing of security feature flags (bsc#1068032, bsc#1075087, bsc#1091041).\n- powerpc/pseries: Restore default security feature flags on setup (bsc#1068032, bsc#1075087, bsc#1091041).\n- powerpc/pseries: Set or clear security feature flags (bsc#1068032, bsc#1075087, bsc#1091041).\n- powerpc/pseries: Use the security flags in pseries_setup_rfi_flush() (bsc#1068032, bsc#1075087, bsc#1091041).\n- powerpc/rfi-flush: Always enable fallback flush on pseries (bsc#1068032, bsc#1075087, bsc#1091041).\n- powerpc/rfi-flush: Differentiate enabled and patched flush types (bsc#1068032, bsc#1075087, bsc#1091041).\n- powerpc/rfi-flush: Make it possible to call setup_rfi_flush() again (bsc#1068032, bsc#1075087, bsc#1091041). \n- powerpc: Add missing prototype for arch_irq_work_raise() (bnc#1012382).\n- powerpc: Add security feature flags for Spectre/Meltdown (bsc#1068032, bsc#1075087, bsc#1091041).\n- powerpc: Do not preempt_disable() in show_cpuinfo() (bnc#1012382 bsc#1066223).\n- powerpc: Move default security feature flags (bsc#1068032, bsc#1075087, bsc#1091041).\n- powerpc: Use barrier_nospec in copy_from_user() (bsc#1068032, bsc#1080157).\n- powerpc: conditionally compile platform-specific serial drivers (bsc#1066223).\n- powerpc: signals: Discard transaction state from signal frames (bsc#1094059).\n- pppoe: check sockaddr length in pppoe_connect() (bnc#1012382).\n- proc read mm\u0027s {arg,env}_{start,end} with mmap semaphore taken (bnc#1012382).\n- proc: fix /proc/*/map_files lookup (bnc#1012382).\n- proc: meminfo: estimate available memory more conservatively (-- VM bnc#1012382 functionality monitoring space user).\n- procfs: fix pthread cross-thread naming if !PR_DUMPABLE (bnc#1012382).\n- qed: Fix LL2 race during connection terminate (bsc#1019695 bsc#1019699 bsc#1022604).\n- qed: Fix mask for physical address in ILT entry (bnc#1012382).\n- qed: Fix possibility of list corruption during rmmod flows (bsc#1019695 bsc#1019699 bsc#1022604).\n- qed: LL2 flush isles when connection is closed (bsc#1019695 bsc#1019699 bsc#1022604).\n- qede: Fix ref-cnt usage count (bsc#1019695 bsc#1019699 bsc#1022604).\n- qla2xxx: Mask off Scope bits in retry delay (bsc#1068054).\n- qmi_wwan: do not steal interfaces from class drivers (bnc#1012382).\n- r8152: add Linksys USB3GIGV1 id (bnc#1012382).\n- r8152: fix tx packets accounting (bnc#1012382).\n- r8169: fix powering up RTL8168h (bnc#1012382).\n- radeon: hide pointless #warning when compile testing (bnc#1012382).\n- random: use a tighter cap in credit_entropy_bits_safe() (bnc#1012382).\n- regulator: gpio: Fix some error handling paths in \u0027gpio_regulator_probe()\u0027 (bsc#1091960).\n- regulator: of: Add a missing \u0027of_node_put()\u0027 in an error handling path of \u0027of_regulator_match()\u0027 (bnc#1012382).\n- regulatory: add NUL to request alpha2 (bnc#1012382).\n- resource: fix integer overflow at reallocation (bnc#1012382).\n- rfkill: gpio: fix memory leak in probe error path (bnc#1012382).\n- rpc_pipefs: fix double-dput() (bnc#1012382).\n- rpm/config.sh: build against SP3 in OBS as well.\n- rtc: hctosys: Ensure system time does not overflow time_t (bnc#1012382).\n- rtc: snvs: Fix usage of snvs_rtc_enable (bnc#1012382).\n- rtc: tx4939: avoid unintended sign extension on a 24 bit shift (bnc#1012382).\n- rtl8187: Fix NULL pointer dereference in priv-\u003econf_mutex (bnc#1012382).\n- rtlwifi: rtl8192cu: Remove variable self-assignment in rf.c (bnc#1012382).\n- rtnetlink: validate attributes in do_setlink() (bnc#1012382).\n- s390/alternative: use a copy of the facility bit mask (bnc#1012382).\n- s390/cio: clear timer when terminating driver I/O (bnc#1012382).\n- s390/cio: fix return code after missing interrupt (bnc#1012382).\n- s390/cio: update chpid descriptor after resource accessibility event (bnc#1012382).\n- s390/cpum_sf: ensure sample frequency of perf event attributes is non-zero ( bnc#1012382 bnc#1094532).\n- s390/cpum_sf: ensure sample frequency of perf event attributes is non-zero (bnc#1094532, ).\n- s390/dasd: fix IO error for newly defined devices (bnc#1093144, ).\n- s390/entry.S: fix spurious zeroing of r0 (bnc#1012382).\n- s390/ftrace: use expoline for indirect branches (bnc#1012382).\n- s390/ipl: ensure loadparm valid flag is set (bnc#1012382).\n- s390/kernel: use expoline for indirect branches (bnc#1012382).\n- s390/lib: use expoline for indirect branches (bnc#1012382).\n- s390/qdio: do not merge ERROR output buffers (bnc#1012382).\n- s390/qdio: do not release memory in qdio_setup_irq() (bnc#1012382).\n- s390/qdio: do not retry EQBS after CCQ 96 (bnc#1012382).\n- s390/qdio: fix access to uninitialized qdio_q fields ( bnc#1012382 bnc#1094532).\n- s390/qdio: fix access to uninitialized qdio_q fields (bnc#1094532, ).\n- s390/qeth: consolidate errno translation (bnc#1093144, ).\n- s390/qeth: fix MAC address update sequence (bnc#1093144, ).\n- s390/qeth: translate SETVLAN/DELVLAN errors (bnc#1093144, ).\n- s390/uprobes: implement arch_uretprobe_is_alive() (bnc#1012382).\n- s390: Replace IS_ENABLED(EXPOLINE_*) with IS_ENABLED(CONFIG_EXPOLINE_*) (bnc#1012382).\n- s390: add assembler macros for CPU alternatives (bnc#1012382).\n- s390: add automatic detection of the spectre defense (bnc#1012382).\n- s390: add optimized array_index_mask_nospec (bnc#1012382).\n- s390: add options to change branch prediction behaviour for the kernel (bnc#1012382 bsc#1068032).\n- s390: add sysfs attributes for spectre (bnc#1012382).\n- s390: correct module section names for expoline code revert (bnc#1012382).\n- s390: correct nospec auto detection init order (bnc#1012382).\n- s390: do not bypass BPENTER for interrupt system calls (bnc#1012382).\n- s390: enable CPU alternatives unconditionally (bnc#1012382).\n- s390: extend expoline to BC instructions (bnc#1012382).\n- s390: introduce execute-trampolines for branches (bnc#1012382).\n- s390: move expoline assembler macros to a header (bnc#1012382).\n- s390: move nobp parameter functions to nospec-branch.c (bnc#1012382).\n- s390: move spectre sysfs attribute code (bnc#1012382).\n- s390: remove indirect branch from do_softirq_own_stack (bnc#1012382).\n- s390: report spectre mitigation via syslog (bnc#1012382).\n- s390: run user space and KVM guests with modified branch prediction (bnc#1012382).\n- s390: scrub registers on kernel entry and KVM exit (bnc#1012382).\n- s390: use expoline thunks in the BPF JIT (bnc#1012382).\n- sched/rt: Fix rq-\u003eclock_update_flags lower than RQCF_ACT_SKIP warning (bnc#1012382).\n- scsi: aacraid: Correct hba_send to include iu_type (bsc#1022607).\n- scsi: aacraid: Insure command thread is not recursively stopped (bnc#1012382).\n- scsi: aacraid: fix shutdown crash when init fails (bnc#1012382).\n- scsi: bnx2fc: Fix check in SCSI completion handler for timed out request (bnc#1012382).\n- scsi: fas216: fix sense buffer initialization (bnc#1012382 bsc#1082979).\n- scsi: libsas: defer ata device eh commands to libata (bnc#1012382).\n- scsi: lpfc: Fix frequency of Release WQE CQEs (bnc#1012382).\n- scsi: lpfc: Fix issue_lip if link is disabled (bnc#1012382 bsc#1080656).\n- scsi: lpfc: Fix soft lockup in lpfc worker thread during LIP testing (bnc#1012382 bsc#1080656).\n- scsi: mpt3sas: Do not mark fw_event workqueue as WQ_MEM_RECLAIM (bnc#1012382 bsc#1078583).\n- scsi: mptfusion: Add bounds check in mptctl_hp_targetinfo() (bnc#1012382).\n- scsi: mptsas: Disable WRITE SAME (bnc#1012382).\n- scsi: qla2xxx: Avoid triggering undefined behavior in qla2x00_mbx_completion() (bnc#1012382).\n- scsi: qla4xxx: skip error recovery in case of register disconnect (bnc#1012382).\n- scsi: scsi_transport_srp: Fix shost to rport translation (bnc#1012382).\n- scsi: sd: Defer spinning up drive while SANITIZE is in progress (bnc#1012382).\n- scsi: sd: Keep disk read-only when re-reading partition (bnc#1012382).\n- scsi: sg: allocate with __GFP_ZERO in sg_build_indirect() (bnc#1012382).\n- scsi: storvsc: Increase cmd_per_lun for higher speed devices (bnc#1012382).\n- scsi: sym53c8xx_2: iterator underflow in sym_getsync() (bnc#1012382).\n- scsi: ufs: Enable quirk to ignore sending WRITE_SAME command (bnc#1012382).\n- scsi: zfcp: fix infinite iteration on ERP ready list ( bnc#1012382 bnc#1094532).\n- scsi: zfcp: fix infinite iteration on ERP ready list (bnc#1094532, ).\n- sctp: delay the authentication for the duplicated cookie-echo chunk (bnc#1012382).\n- sctp: do not check port in sctp_inet6_cmp_addr (bnc#1012382).\n- sctp: fix the issue that the cookie-ack with auth can\u0027t get processed (bnc#1012382).\n- sctp: handle two v4 addrs comparison in sctp_inet6_cmp_addr (bnc#1012382).\n- sctp: use the old asoc when making the cookie-ack chunk in dupcook_d (bnc#1012382).\n- selftests/net: fixes psock_fanout eBPF test case (bnc#1012382).\n- selftests/powerpc: Skip the subpage_prot tests if the syscall is unavailable (bnc#1012382).\n- selftests: Print the test we\u0027re running to /dev/kmsg (bnc#1012382).\n- selftests: ftrace: Add a testcase for probepoint (bnc#1012382).\n- selftests: ftrace: Add a testcase for string type with kprobe_event (bnc#1012382).\n- selftests: ftrace: Add probe event argument syntax testcase (bnc#1012382).\n- selftests: memfd: add config fragment for fuse (bnc#1012382).\n- selinux: KASAN: slab-out-of-bounds in xattr_getsecurity (bnc#1012382).\n- serial: arc_uart: Fix out-of-bounds access through DT alias (bnc#1012382).\n- serial: fsl_lpuart: Fix out-of-bounds access through DT alias (bnc#1012382).\n- serial: imx: Fix out-of-bounds access through serial port index (bnc#1012382).\n- serial: mctrl_gpio: Add missing module license (bnc#1012382).\n- serial: mctrl_gpio: export mctrl_gpio_disable_ms and mctrl_gpio_init (bnc#1012382).\n- serial: mxs-auart: Fix out-of-bounds access through serial port index (bnc#1012382).\n- serial: samsung: Fix out-of-bounds access through serial port index (bnc#1012382).\n- serial: samsung: fix maxburst parameter for DMA transactions (bnc#1012382).\n- serial: xuartps: Fix out-of-bounds access through DT alias (bnc#1012382).\n- sh: New gcc support (bnc#1012382).\n- sh: fix debug trap failure to process signals before return to user (bnc#1012382).\n- signals: avoid unnecessary taking of sighand-\u003esiglock (-- Scheduler bnc#1012382 bnc#978907 performance signals).\n- sit: fix IFLA_MTU ignored on NEWLINK (bnc#1012382).\n- slip: Check if rstate is initialized before uncompressing (bnc#1012382).\n- smsc75xx: fix smsc75xx_set_features() (bnc#1012382).\n- sock_diag: fix use-after-free read in __sk_free (bnc#1012382).\n- soreuseport: initialise timewait reuseport field (bnc#1012382).\n- sparc64: Fix build warnings with gcc 7 (bnc#1012382).\n- sparc64: Make atomic_xchg() an inline function rather than a macro (bnc#1012382).\n- spi: pxa2xx: Allow 64-bit DMA (bnc#1012382).\n- sr: get/drop reference to device in revalidate and check_events (bnc#1012382).\n- staging: ion : Donnot wakeup kswapd in ion system alloc (bnc#1012382).\n- staging: rtl8192u: return -ENOMEM on failed allocation of priv-\u003eoldaddr (bnc#1012382).\n- stm class: Use vmalloc for the master map (bnc#1012382).\n- stop_machine, sched: Fix migrate_swap() vs. active_balance() deadlock (bsc#1088810).\n- sunvnet: does not support GSO for sctp (bnc#1012382).\n- swap: divide-by-zero when zero length swap file on ssd (bnc#1012382 bsc#1082153).\n- swap: divide-by-zero when zero length swap file on ssd (bsc#1082153).\n- target: transport should handle st FM/EOM/ILI reads (bsc#1081599).\n- tcp: avoid integer overflows in tcp_rcv_space_adjust() (bnc#1012382).\n- tcp: do not read out-of-bounds opsize (bnc#1012382).\n- tcp: fix TCP_REPAIR_QUEUE bound checking (bnc#1012382).\n- tcp: ignore Fast Open on repair mode (bnc#1012382).\n- tcp: md5: reject TCP_MD5SIG or TCP_MD5SIG_EXT on established sockets (bnc#1012382).\n- tcp: purge write queue in tcp_connect_init() (bnc#1012382).\n- team: avoid adding twice the same option to the event list (bnc#1012382).\n- team: fix netconsole setup over team (bnc#1012382).\n- team: use netdev_features_t instead of u32 (bnc#1012382).\n- test_bpf: Fix testing with CONFIG_BPF_JIT_ALWAYS_ON=y on other arches (git-fixes).\n- test_firmware: fix setting old custom fw path back on exit, second try (bnc#1012382).\n- tg3: Fix vunmap() BUG_ON() triggered from tg3_free_consistent() (bnc#1012382).\n- there is probably a place where forcing _IBRS_OFF is missed (or is too late) and therefore ENABLE_IBRS is sometimes called early during boot while it should not. Let\u0027s drop the uoptimization for now. Fixes bsc#1098009 and bsc#1098012\n- thermal: imx: Fix race condition in imx_thermal_probe() (bnc#1012382).\n- thunderbolt: Resume control channel after hibernation image is created (bnc#1012382).\n- tick/broadcast: Use for_each_cpu() specially on UP kernels (bnc#1012382).\n- time: Fix CLOCK_MONOTONIC_RAW sub-nanosecond accounting (bnc#1012382).\n- tipc: add policy for TIPC_NLA_NET_ADDR (bnc#1012382).\n- tools lib traceevent: Fix get_field_str() for dynamic strings (bnc#1012382).\n- tools lib traceevent: Simplify pointer print logic and fix %pF (bnc#1012382).\n- tools/libbpf: handle issues with bpf ELF objects containing .eh_frames (bnc#1012382).\n- tools/thermal: tmon: fix for segfault (bnc#1012382).\n- tpm: do not suspend/resume if power stays on (bnc#1012382).\n- tpm: self test failure should not cause suspend to fail (bnc#1012382).\n- tracepoint: Do not warn on ENOMEM (bnc#1012382).\n- tracing/hrtimer: Fix tracing bugs by taking all clock bases and modes into account (bnc#1012382).\n- tracing/uprobe_event: Fix strncpy corner case (bnc#1012382).\n- tracing/x86/xen: Remove zero data size trace events trace_xen_mmu_flush_tlb{_all} (bnc#1012382).\n- tracing: Fix crash when freeing instances with event triggers (bnc#1012382).\n- tracing: Fix regex_match_front() to not over compare the test string (bnc#1012382).\n- tty: Do not call panic() at tty_ldisc_init() (bnc#1012382).\n- tty: Use __GFP_NOFAIL for tty_ldisc_get() (bnc#1012382).\n- tty: make n_tty_read() always abort if hangup is in progress (bnc#1012382).\n- tty: n_gsm: Fix DLCI handling for ADM mode if debug and 2 is not set (bnc#1012382).\n- tty: n_gsm: Fix long delays with control frame timeouts in ADM mode (bnc#1012382).\n- ubi: Fix error for write access (bnc#1012382).\n- ubi: Reject MLC NAND (bnc#1012382).\n- ubi: fastmap: Do not flush fastmap work on detach (bnc#1012382).\n- ubifs: Check ubifs_wbuf_sync() return code (bnc#1012382).\n- udf: Provide saner default for invalid uid / gid (bnc#1012382).\n- um: Use POSIX ucontext_t instead of struct ucontext (bnc#1012382).\n- usb: core: Add quirk for HP v222w 16GB Mini (bnc#1012382).\n- usb: dwc2: Fix dwc2_hsotg_core_init_disconnected() (bnc#1012382).\n- usb: dwc2: Fix interval type issue (bnc#1012382).\n- usb: dwc3: Update DWC_usb31 GTXFIFOSIZ reg fields (bnc#1012382).\n- usb: dwc3: pci: Properly cleanup resource (bnc#1012382).\n- usb: gadget: composite: fix incorrect handling of OS desc requests (bnc#1012382).\n- usb: gadget: f_uac2: fix bFirstInterface in composite gadget (bnc#1012382).\n- usb: gadget: ffs: Execute copy_to_user() with USER_DS set (bnc#1012382).\n- usb: gadget: ffs: Let setup() return USB_GADGET_DELAYED_STATUS (bnc#1012382).\n- usb: gadget: fsl_udc_core: fix ep valid checks (bnc#1012382).\n- usb: gadget: udc: change comparison to bitshift when dealing with a mask (bnc#1012382).\n- usb: musb: call pm_runtime_{get,put}_sync before reading vbus registers (bnc#1012382).\n- usb: musb: fix enumeration after resume (bnc#1012382).\n- usb: musb: gadget: misplaced out of bounds check (bnc#1012382).\n- usb: musb: host: fix potential NULL pointer dereference (bnc#1012382).\n- usbip: usbip_host: delete device from busid_table after rebind (bnc#1012382).\n- usbip: usbip_host: fix NULL-ptr deref and use-after-free errors (bnc#1012382).\n- usbip: usbip_host: fix bad unlock balance during stub_probe() (bnc#1012382).\n- usbip: usbip_host: fix to hold parent lock for device_attach() calls (bnc#1012382).\n- usbip: usbip_host: refine probe and disconnect debug msgs to be useful (bnc#1012382).\n- usbip: usbip_host: run rebind from exit when module is removed (bnc#1012382).\n- usbip: vhci_hcd: Fix usb device and sockfd leaks (bnc#1012382).\n- vfio-pci: Virtualize PCIe and AF FLR (bnc#1012382).\n- vfio/pci: Virtualize Maximum Payload Size (bnc#1012382).\n- vfio/pci: Virtualize Maximum Read Request Size (bnc#1012382).\n- vfs: add path_has_submounts() (bsc#1086716).\n- vfs: add path_is_mountpoint() helper (bsc#1086716).\n- vfs: change d_manage() to take a struct path (bsc#1086716).\n- virtio-gpu: fix ioctl and expose the fixed status to userspace (bnc#1012382).\n- virtio-net: Fix operstate for virtio when no VIRTIO_NET_F_STATUS (bnc#1012382).\n- virtio: add ability to iterate over vqs (bnc#1012382).\n- virtio_console: free buffers after reset (bnc#1012382).\n- vlan: Fix reading memory beyond skb-\u003etail in skb_vlan_tagged_multi (bnc#1012382).\n- vmscan: do not force-scan file lru if its absolute size is small (-- VM bnc#1012382 page performance reclaim).\n- vmw_balloon: fixing double free when batching mode is off (bnc#1012382).\n- vti4: Do not count header length twice on tunnel setup (bnc#1012382).\n- vti4: Do not override MTU passed on link creation via IFLA_MTU (bnc#1012382).\n- watchdog: f71808e_wdt: Fix WD_EN register read (bnc#1012382).\n- watchdog: f71808e_wdt: Fix magic close handling (bnc#1012382).\n- watchdog: hpwdt: Modify to use watchdog core (bsc#1085185).\n- watchdog: hpwdt: Update Module info and copyright (bsc#1085185).\n- watchdog: hpwdt: Update nmi_panic message (bsc#1085185).\n- watchdog: hpwdt: condition early return of NMI handler on iLO5 (bsc#1085185).\n- watchdog: sp5100_tco: Fix watchdog disable bit (bnc#1012382).\n- workqueue: use put_device() instead of kfree() (bnc#1012382).\n- writeback: safer lock nesting (bnc#1012382).\n- x86/apic: Set up through-local-APIC mode on the boot CPU if \u0027noapic\u0027 specified (bnc#1012382).\n- x86/boot: Fix early command-line parsing when partial word matches (bsc#1096140).\n- x86/bugs: IBRS: make runtime disabling fully dynamic (bsc#1068032).\n- x86/bugs: Make sure that _TIF_SSBD does not end up in _TIF_ALLWORK_MASK (bsc#1093215).\n- x86/bugs: Respect retpoline command line option (bsc#1068032).\n- x86/bugs: correctly force-disable IBRS on !SKL systems (bsc#1092497).\n- x86/bugs: make intel_rds_mask() honor X86_FEATURE_SSBD (bsc#1094019).\n- x86/bugs: spec_ctrl must be cleared from cpu_caps_set when being disabled (bsc#1096140).\n- x86/cpufeature: Remove unused and seldomly used cpu_has_xx macros (bnc#1012382).\n- x86/crypto, x86/fpu: Remove X86_FEATURE_EAGER_FPU #ifdef from the crc32c code (bnc#1012382).\n- x86/devicetree: Fix device IRQ settings in DT (bnc#1012382).\n- x86/devicetree: Initialize device tree before using it (bnc#1012382).\n- x86/fpu: Disable AVX when eagerfpu is off (bnc#1012382).\n- x86/fpu: Hard-disable lazy FPU mode (bnc#1012382).\n- x86/fpu: Revert (\u0027x86/fpu: Disable AVX when eagerfpu is off\u0027) (bnc#1012382).\n- x86/hweight: Do not clobber %rdi (bnc#1012382).\n- x86/hweight: Get rid of the special calling convention (bnc#1012382).\n- x86/ipc: Fix x32 version of shmid64_ds and msqid64_ds (bnc#1012382).\n- x86/kaiser: export symbol kaiser_set_shadow_pgd() (bsc#1092813)\n- x86/kexec: Avoid double free_page() upon do_kexec_load() failure (bnc#1012382).\n- x86/pgtable: Do not set huge PUD/PMD on non-leaf entries (bnc#1012382).\n- x86/pkeys: Do not special case protection key 0 (1041740).\n- x86/pkeys: Override pkey when moving away from PROT_EXEC (1041740).\n- x86/platform/UV: Add references to access fixed UV4A HUB MMRs (bsc#1076263).\n- x86/platform/UV: Fix GAM MMR changes in UV4A (bsc#1076263).\n- x86/platform/UV: Fix GAM MMR references in the UV x2apic code (bsc#1076263).\n- x86/platform/UV: Fix GAM Range Table entries less than 1GB (bsc#1091325).\n- x86/platform/UV: Fix UV4A BAU MMRs (bsc#1076263).\n- x86/platform/UV: Fix UV4A support on new Intel Processors (bsc#1076263).\n- x86/platform/UV: Fix critical UV MMR address error (bsc#1076263\n- x86/platform/UV: Update uv_mmrs.h to prepare for UV4A fixes (bsc#1076263).\n- x86/platform/uv/BAU: Replace hard-coded values with MMR definitions (bsc#1076263).\n- x86/power: Fix swsusp_arch_resume prototype (bnc#1012382).\n- x86/smpboot: Do not use mwait_play_dead() on AMD systems (bnc#1012382).\n- x86/topology: Update the \u0027cpu cores\u0027 field in /proc/cpuinfo correctly across CPU hotplug operations (bnc#1012382).\n- x86/tsc: Prevent 32bit truncation in calc_hpet_ref() (bnc#1012382).\n- x86: Remove unused function cpu_has_ht_siblings() (bnc#1012382).\n- xen-netfront: Fix hang on device removal (bnc#1012382).\n- xen-netfront: Fix race between device setup and open (bnc#1012382).\n- xen-swiotlb: fix the check condition for xen_swiotlb_free_coherent (bnc#1012382).\n- xen/acpi: off by one in read_acpi_id() (bnc#1012382).\n- xen/grant-table: Use put_page instead of free_page (bnc#1012382).\n- xen/netfront: raise max number of slots in xennet_get_responses() (bnc#1076049).\n- xen/pirq: fix error path cleanup when binding MSIs (bnc#1012382).\n- xen: xenbus: use put_device() instead of kfree() (bnc#1012382).\n- xfrm: fix xfrm_do_migrate() with AEAD e.g(AES-GCM) (bnc#1012382).\n- xfrm_user: fix return value from xfrm_user_rcv_msg (bnc#1012382).\n- xfs: always verify the log tail during recovery (bsc#1036215).\n- xfs: convert XFS_AGFL_SIZE to a helper function (bsc#1090955, bsc#1090534).\n- xfs: detect agfl count corruption and reset agfl (bnc#1012382 bsc#1090534 bsc#1090955).\n- xfs: detect agfl count corruption and reset agfl (bsc#1090955, bsc#1090534).\n- xfs: detect and handle invalid iclog size set by mkfs (bsc#1043598).\n- xfs: detect and trim torn writes during log recovery (bsc#1036215).\n- xfs: do not log/recover swapext extent owner changes for deleted inodes (bsc#1090955).\n- xfs: fix endianness error when checking log block crc on big endian platforms (bsc#1094405, bsc#1036215).\n- xfs: fix incorrect log_flushed on fsync (bnc#1012382).\n- xfs: fix log recovery corruption error due to tail overwrite (bsc#1036215).\n- xfs: fix recovery failure when log record header wraps log end (bsc#1036215).\n- xfs: handle -EFSCORRUPTED during head/tail verification (bsc#1036215).\n- xfs: prevent creating negative-sized file via INSERT_RANGE (bnc#1012382).\n- xfs: refactor and open code log record crc check (bsc#1036215).\n- xfs: refactor log record start detection into a new helper (bsc#1036215).\n- xfs: remove racy hasattr check from attr ops (bnc#1012382 bsc#1035432).\n- xfs: return start block of first bad log record during recovery (bsc#1036215).\n- xfs: support a crc verification only log record pass (bsc#1036215).\n- xhci: Fix USB3 NULL pointer dereference at logical disconnect (git-fixes).\n- xhci: Fix use-after-free in xhci_free_virt_device (git-fixes).\n- xhci: zero usb device slot_id member when disabling and freeing a xhci slot (bnc#1012382).\n- zorro: Set up z-\u003edev.dma_mask for the DMA API (bnc#1012382).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-SLE-RT-12-SP3-2018-1224",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2018_1816-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2018:1816-1",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20181816-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2018:1816-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2018-June/004219.html"
},
{
"category": "self",
"summary": "SUSE Bug 1009062",
"url": "https://bugzilla.suse.com/1009062"
},
{
"category": "self",
"summary": "SUSE Bug 1012382",
"url": "https://bugzilla.suse.com/1012382"
},
{
"category": "self",
"summary": "SUSE Bug 1019695",
"url": "https://bugzilla.suse.com/1019695"
},
{
"category": "self",
"summary": "SUSE Bug 1019699",
"url": "https://bugzilla.suse.com/1019699"
},
{
"category": "self",
"summary": "SUSE Bug 1022604",
"url": "https://bugzilla.suse.com/1022604"
},
{
"category": "self",
"summary": "SUSE Bug 1022607",
"url": "https://bugzilla.suse.com/1022607"
},
{
"category": "self",
"summary": "SUSE Bug 1022743",
"url": "https://bugzilla.suse.com/1022743"
},
{
"category": "self",
"summary": "SUSE Bug 1024718",
"url": "https://bugzilla.suse.com/1024718"
},
{
"category": "self",
"summary": "SUSE Bug 1031717",
"url": "https://bugzilla.suse.com/1031717"
},
{
"category": "self",
"summary": "SUSE Bug 1035432",
"url": "https://bugzilla.suse.com/1035432"
},
{
"category": "self",
"summary": "SUSE Bug 1036215",
"url": "https://bugzilla.suse.com/1036215"
},
{
"category": "self",
"summary": "SUSE Bug 1041740",
"url": "https://bugzilla.suse.com/1041740"
},
{
"category": "self",
"summary": "SUSE Bug 1043598",
"url": "https://bugzilla.suse.com/1043598"
},
{
"category": "self",
"summary": "SUSE Bug 1044596",
"url": "https://bugzilla.suse.com/1044596"
},
{
"category": "self",
"summary": "SUSE Bug 1045330",
"url": "https://bugzilla.suse.com/1045330"
},
{
"category": "self",
"summary": "SUSE Bug 1056415",
"url": "https://bugzilla.suse.com/1056415"
},
{
"category": "self",
"summary": "SUSE Bug 1056427",
"url": "https://bugzilla.suse.com/1056427"
},
{
"category": "self",
"summary": "SUSE Bug 1060799",
"url": "https://bugzilla.suse.com/1060799"
},
{
"category": "self",
"summary": "SUSE Bug 1066223",
"url": "https://bugzilla.suse.com/1066223"
},
{
"category": "self",
"summary": "SUSE Bug 1068032",
"url": "https://bugzilla.suse.com/1068032"
},
{
"category": "self",
"summary": "SUSE Bug 1068054",
"url": "https://bugzilla.suse.com/1068054"
},
{
"category": "self",
"summary": "SUSE Bug 1068951",
"url": "https://bugzilla.suse.com/1068951"
},
{
"category": "self",
"summary": "SUSE Bug 1070404",
"url": "https://bugzilla.suse.com/1070404"
},
{
"category": "self",
"summary": "SUSE Bug 1073059",
"url": "https://bugzilla.suse.com/1073059"
},
{
"category": "self",
"summary": "SUSE Bug 1073311",
"url": "https://bugzilla.suse.com/1073311"
},
{
"category": "self",
"summary": "SUSE Bug 1075087",
"url": "https://bugzilla.suse.com/1075087"
},
{
"category": "self",
"summary": "SUSE Bug 1075428",
"url": "https://bugzilla.suse.com/1075428"
},
{
"category": "self",
"summary": "SUSE Bug 1076049",
"url": "https://bugzilla.suse.com/1076049"
},
{
"category": "self",
"summary": "SUSE Bug 1076263",
"url": "https://bugzilla.suse.com/1076263"
},
{
"category": "self",
"summary": "SUSE Bug 1076805",
"url": "https://bugzilla.suse.com/1076805"
},
{
"category": "self",
"summary": "SUSE Bug 1078583",
"url": "https://bugzilla.suse.com/1078583"
},
{
"category": "self",
"summary": "SUSE Bug 1079152",
"url": "https://bugzilla.suse.com/1079152"
},
{
"category": "self",
"summary": "SUSE Bug 1080157",
"url": "https://bugzilla.suse.com/1080157"
},
{
"category": "self",
"summary": "SUSE Bug 1080542",
"url": "https://bugzilla.suse.com/1080542"
},
{
"category": "self",
"summary": "SUSE Bug 1080656",
"url": "https://bugzilla.suse.com/1080656"
},
{
"category": "self",
"summary": "SUSE Bug 1081500",
"url": "https://bugzilla.suse.com/1081500"
},
{
"category": "self",
"summary": "SUSE Bug 1081514",
"url": "https://bugzilla.suse.com/1081514"
},
{
"category": "self",
"summary": "SUSE Bug 1081599",
"url": "https://bugzilla.suse.com/1081599"
},
{
"category": "self",
"summary": "SUSE Bug 1082153",
"url": "https://bugzilla.suse.com/1082153"
},
{
"category": "self",
"summary": "SUSE Bug 1082299",
"url": "https://bugzilla.suse.com/1082299"
},
{
"category": "self",
"summary": "SUSE Bug 1082485",
"url": "https://bugzilla.suse.com/1082485"
},
{
"category": "self",
"summary": "SUSE Bug 1082504",
"url": "https://bugzilla.suse.com/1082504"
},
{
"category": "self",
"summary": "SUSE Bug 1082962",
"url": "https://bugzilla.suse.com/1082962"
},
{
"category": "self",
"summary": "SUSE Bug 1082979",
"url": "https://bugzilla.suse.com/1082979"
},
{
"category": "self",
"summary": "SUSE Bug 1083635",
"url": "https://bugzilla.suse.com/1083635"
},
{
"category": "self",
"summary": "SUSE Bug 1083650",
"url": "https://bugzilla.suse.com/1083650"
},
{
"category": "self",
"summary": "SUSE Bug 1083900",
"url": "https://bugzilla.suse.com/1083900"
},
{
"category": "self",
"summary": "SUSE Bug 1084721",
"url": "https://bugzilla.suse.com/1084721"
},
{
"category": "self",
"summary": "SUSE Bug 1085185",
"url": "https://bugzilla.suse.com/1085185"
},
{
"category": "self",
"summary": "SUSE Bug 1085308",
"url": "https://bugzilla.suse.com/1085308"
},
{
"category": "self",
"summary": "SUSE Bug 1086400",
"url": "https://bugzilla.suse.com/1086400"
},
{
"category": "self",
"summary": "SUSE Bug 1086716",
"url": "https://bugzilla.suse.com/1086716"
},
{
"category": "self",
"summary": "SUSE Bug 1087007",
"url": "https://bugzilla.suse.com/1087007"
},
{
"category": "self",
"summary": "SUSE Bug 1087012",
"url": "https://bugzilla.suse.com/1087012"
},
{
"category": "self",
"summary": "SUSE Bug 1087036",
"url": "https://bugzilla.suse.com/1087036"
},
{
"category": "self",
"summary": "SUSE Bug 1087082",
"url": "https://bugzilla.suse.com/1087082"
},
{
"category": "self",
"summary": "SUSE Bug 1087086",
"url": "https://bugzilla.suse.com/1087086"
},
{
"category": "self",
"summary": "SUSE Bug 1087095",
"url": "https://bugzilla.suse.com/1087095"
},
{
"category": "self",
"summary": "SUSE Bug 1088810",
"url": "https://bugzilla.suse.com/1088810"
},
{
"category": "self",
"summary": "SUSE Bug 1088871",
"url": "https://bugzilla.suse.com/1088871"
},
{
"category": "self",
"summary": "SUSE Bug 1089023",
"url": "https://bugzilla.suse.com/1089023"
},
{
"category": "self",
"summary": "SUSE Bug 1089115",
"url": "https://bugzilla.suse.com/1089115"
},
{
"category": "self",
"summary": "SUSE Bug 1089393",
"url": "https://bugzilla.suse.com/1089393"
},
{
"category": "self",
"summary": "SUSE Bug 1089895",
"url": "https://bugzilla.suse.com/1089895"
},
{
"category": "self",
"summary": "SUSE Bug 1090225",
"url": "https://bugzilla.suse.com/1090225"
},
{
"category": "self",
"summary": "SUSE Bug 1090435",
"url": "https://bugzilla.suse.com/1090435"
},
{
"category": "self",
"summary": "SUSE Bug 1090534",
"url": "https://bugzilla.suse.com/1090534"
},
{
"category": "self",
"summary": "SUSE Bug 1090643",
"url": "https://bugzilla.suse.com/1090643"
},
{
"category": "self",
"summary": "SUSE Bug 1090658",
"url": "https://bugzilla.suse.com/1090658"
},
{
"category": "self",
"summary": "SUSE Bug 1090663",
"url": "https://bugzilla.suse.com/1090663"
},
{
"category": "self",
"summary": "SUSE Bug 1090708",
"url": "https://bugzilla.suse.com/1090708"
},
{
"category": "self",
"summary": "SUSE Bug 1090718",
"url": "https://bugzilla.suse.com/1090718"
},
{
"category": "self",
"summary": "SUSE Bug 1090734",
"url": "https://bugzilla.suse.com/1090734"
},
{
"category": "self",
"summary": "SUSE Bug 1090953",
"url": "https://bugzilla.suse.com/1090953"
},
{
"category": "self",
"summary": "SUSE Bug 1090955",
"url": "https://bugzilla.suse.com/1090955"
},
{
"category": "self",
"summary": "SUSE Bug 1091041",
"url": "https://bugzilla.suse.com/1091041"
},
{
"category": "self",
"summary": "SUSE Bug 1091325",
"url": "https://bugzilla.suse.com/1091325"
},
{
"category": "self",
"summary": "SUSE Bug 1091594",
"url": "https://bugzilla.suse.com/1091594"
},
{
"category": "self",
"summary": "SUSE Bug 1091728",
"url": "https://bugzilla.suse.com/1091728"
},
{
"category": "self",
"summary": "SUSE Bug 1091960",
"url": "https://bugzilla.suse.com/1091960"
},
{
"category": "self",
"summary": "SUSE Bug 1092289",
"url": "https://bugzilla.suse.com/1092289"
},
{
"category": "self",
"summary": "SUSE Bug 1092497",
"url": "https://bugzilla.suse.com/1092497"
},
{
"category": "self",
"summary": "SUSE Bug 1092552",
"url": "https://bugzilla.suse.com/1092552"
},
{
"category": "self",
"summary": "SUSE Bug 1092566",
"url": "https://bugzilla.suse.com/1092566"
},
{
"category": "self",
"summary": "SUSE Bug 1092772",
"url": "https://bugzilla.suse.com/1092772"
},
{
"category": "self",
"summary": "SUSE Bug 1092813",
"url": "https://bugzilla.suse.com/1092813"
},
{
"category": "self",
"summary": "SUSE Bug 1092888",
"url": "https://bugzilla.suse.com/1092888"
},
{
"category": "self",
"summary": "SUSE Bug 1092904",
"url": "https://bugzilla.suse.com/1092904"
},
{
"category": "self",
"summary": "SUSE Bug 1092975",
"url": "https://bugzilla.suse.com/1092975"
},
{
"category": "self",
"summary": "SUSE Bug 1093008",
"url": "https://bugzilla.suse.com/1093008"
},
{
"category": "self",
"summary": "SUSE Bug 1093035",
"url": "https://bugzilla.suse.com/1093035"
},
{
"category": "self",
"summary": "SUSE Bug 1093144",
"url": "https://bugzilla.suse.com/1093144"
},
{
"category": "self",
"summary": "SUSE Bug 1093215",
"url": "https://bugzilla.suse.com/1093215"
},
{
"category": "self",
"summary": "SUSE Bug 1093533",
"url": "https://bugzilla.suse.com/1093533"
},
{
"category": "self",
"summary": "SUSE Bug 1093904",
"url": "https://bugzilla.suse.com/1093904"
},
{
"category": "self",
"summary": "SUSE Bug 1093990",
"url": "https://bugzilla.suse.com/1093990"
},
{
"category": "self",
"summary": "SUSE Bug 1094019",
"url": "https://bugzilla.suse.com/1094019"
},
{
"category": "self",
"summary": "SUSE Bug 1094033",
"url": "https://bugzilla.suse.com/1094033"
},
{
"category": "self",
"summary": "SUSE Bug 1094059",
"url": "https://bugzilla.suse.com/1094059"
},
{
"category": "self",
"summary": "SUSE Bug 1094177",
"url": "https://bugzilla.suse.com/1094177"
},
{
"category": "self",
"summary": "SUSE Bug 1094268",
"url": "https://bugzilla.suse.com/1094268"
},
{
"category": "self",
"summary": "SUSE Bug 1094353",
"url": "https://bugzilla.suse.com/1094353"
},
{
"category": "self",
"summary": "SUSE Bug 1094356",
"url": "https://bugzilla.suse.com/1094356"
},
{
"category": "self",
"summary": "SUSE Bug 1094405",
"url": "https://bugzilla.suse.com/1094405"
},
{
"category": "self",
"summary": "SUSE Bug 1094466",
"url": "https://bugzilla.suse.com/1094466"
},
{
"category": "self",
"summary": "SUSE Bug 1094532",
"url": "https://bugzilla.suse.com/1094532"
},
{
"category": "self",
"summary": "SUSE Bug 1094823",
"url": "https://bugzilla.suse.com/1094823"
},
{
"category": "self",
"summary": "SUSE Bug 1094840",
"url": "https://bugzilla.suse.com/1094840"
},
{
"category": "self",
"summary": "SUSE Bug 1095042",
"url": "https://bugzilla.suse.com/1095042"
},
{
"category": "self",
"summary": "SUSE Bug 1095147",
"url": "https://bugzilla.suse.com/1095147"
},
{
"category": "self",
"summary": "SUSE Bug 1096037",
"url": "https://bugzilla.suse.com/1096037"
},
{
"category": "self",
"summary": "SUSE Bug 1096140",
"url": "https://bugzilla.suse.com/1096140"
},
{
"category": "self",
"summary": "SUSE Bug 1096214",
"url": "https://bugzilla.suse.com/1096214"
},
{
"category": "self",
"summary": "SUSE Bug 1096242",
"url": "https://bugzilla.suse.com/1096242"
},
{
"category": "self",
"summary": "SUSE Bug 1096281",
"url": "https://bugzilla.suse.com/1096281"
},
{
"category": "self",
"summary": "SUSE Bug 1096751",
"url": "https://bugzilla.suse.com/1096751"
},
{
"category": "self",
"summary": "SUSE Bug 1096982",
"url": "https://bugzilla.suse.com/1096982"
},
{
"category": "self",
"summary": "SUSE Bug 1097234",
"url": "https://bugzilla.suse.com/1097234"
},
{
"category": "self",
"summary": "SUSE Bug 1097356",
"url": "https://bugzilla.suse.com/1097356"
},
{
"category": "self",
"summary": "SUSE Bug 1098009",
"url": "https://bugzilla.suse.com/1098009"
},
{
"category": "self",
"summary": "SUSE Bug 1098012",
"url": "https://bugzilla.suse.com/1098012"
},
{
"category": "self",
"summary": "SUSE Bug 919144",
"url": "https://bugzilla.suse.com/919144"
},
{
"category": "self",
"summary": "SUSE Bug 971975",
"url": "https://bugzilla.suse.com/971975"
},
{
"category": "self",
"summary": "SUSE Bug 973378",
"url": "https://bugzilla.suse.com/973378"
},
{
"category": "self",
"summary": "SUSE Bug 978907",
"url": "https://bugzilla.suse.com/978907"
},
{
"category": "self",
"summary": "SUSE Bug 993388",
"url": "https://bugzilla.suse.com/993388"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-13305 page",
"url": "https://www.suse.com/security/cve/CVE-2017-13305/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-17741 page",
"url": "https://www.suse.com/security/cve/CVE-2017-17741/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-18241 page",
"url": "https://www.suse.com/security/cve/CVE-2017-18241/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-18249 page",
"url": "https://www.suse.com/security/cve/CVE-2017-18249/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-1000199 page",
"url": "https://www.suse.com/security/cve/CVE-2018-1000199/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-1065 page",
"url": "https://www.suse.com/security/cve/CVE-2018-1065/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-1092 page",
"url": "https://www.suse.com/security/cve/CVE-2018-1092/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-1093 page",
"url": "https://www.suse.com/security/cve/CVE-2018-1093/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-1094 page",
"url": "https://www.suse.com/security/cve/CVE-2018-1094/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-1130 page",
"url": "https://www.suse.com/security/cve/CVE-2018-1130/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-12233 page",
"url": "https://www.suse.com/security/cve/CVE-2018-12233/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-3639 page",
"url": "https://www.suse.com/security/cve/CVE-2018-3639/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-3665 page",
"url": "https://www.suse.com/security/cve/CVE-2018-3665/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-5803 page",
"url": "https://www.suse.com/security/cve/CVE-2018-5803/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-5848 page",
"url": "https://www.suse.com/security/cve/CVE-2018-5848/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-7492 page",
"url": "https://www.suse.com/security/cve/CVE-2018-7492/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-8781 page",
"url": "https://www.suse.com/security/cve/CVE-2018-8781/"
}
],
"title": "Security update for the Linux Kernel",
"tracking": {
"current_release_date": "2018-06-26T11:39:16Z",
"generator": {
"date": "2018-06-26T11:39:16Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2018:1816-1",
"initial_release_date": "2018-06-26T11:39:16Z",
"revision_history": [
{
"date": "2018-06-26T11:39:16Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "kernel-devel-rt-4.4.138-3.14.1.noarch",
"product": {
"name": "kernel-devel-rt-4.4.138-3.14.1.noarch",
"product_id": "kernel-devel-rt-4.4.138-3.14.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-source-rt-4.4.138-3.14.1.noarch",
"product": {
"name": "kernel-source-rt-4.4.138-3.14.1.noarch",
"product_id": "kernel-source-rt-4.4.138-3.14.1.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "cluster-md-kmp-rt-4.4.138-3.14.1.x86_64",
"product": {
"name": "cluster-md-kmp-rt-4.4.138-3.14.1.x86_64",
"product_id": "cluster-md-kmp-rt-4.4.138-3.14.1.x86_64"
}
},
{
"category": "product_version",
"name": "dlm-kmp-rt-4.4.138-3.14.1.x86_64",
"product": {
"name": "dlm-kmp-rt-4.4.138-3.14.1.x86_64",
"product_id": "dlm-kmp-rt-4.4.138-3.14.1.x86_64"
}
},
{
"category": "product_version",
"name": "gfs2-kmp-rt-4.4.138-3.14.1.x86_64",
"product": {
"name": "gfs2-kmp-rt-4.4.138-3.14.1.x86_64",
"product_id": "gfs2-kmp-rt-4.4.138-3.14.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt-4.4.138-3.14.1.x86_64",
"product": {
"name": "kernel-rt-4.4.138-3.14.1.x86_64",
"product_id": "kernel-rt-4.4.138-3.14.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt-base-4.4.138-3.14.1.x86_64",
"product": {
"name": "kernel-rt-base-4.4.138-3.14.1.x86_64",
"product_id": "kernel-rt-base-4.4.138-3.14.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt-devel-4.4.138-3.14.1.x86_64",
"product": {
"name": "kernel-rt-devel-4.4.138-3.14.1.x86_64",
"product_id": "kernel-rt-devel-4.4.138-3.14.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt_debug-devel-4.4.138-3.14.1.x86_64",
"product": {
"name": "kernel-rt_debug-devel-4.4.138-3.14.1.x86_64",
"product_id": "kernel-rt_debug-devel-4.4.138-3.14.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-syms-rt-4.4.138-3.14.1.x86_64",
"product": {
"name": "kernel-syms-rt-4.4.138-3.14.1.x86_64",
"product_id": "kernel-syms-rt-4.4.138-3.14.1.x86_64"
}
},
{
"category": "product_version",
"name": "ocfs2-kmp-rt-4.4.138-3.14.1.x86_64",
"product": {
"name": "ocfs2-kmp-rt-4.4.138-3.14.1.x86_64",
"product_id": "ocfs2-kmp-rt-4.4.138-3.14.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Real Time 12 SP3",
"product": {
"name": "SUSE Linux Enterprise Real Time 12 SP3",
"product_id": "SUSE Linux Enterprise Real Time 12 SP3",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse-linux-enterprise-rt:12:sp3"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "cluster-md-kmp-rt-4.4.138-3.14.1.x86_64 as component of SUSE Linux Enterprise Real Time 12 SP3",
"product_id": "SUSE Linux Enterprise Real Time 12 SP3:cluster-md-kmp-rt-4.4.138-3.14.1.x86_64"
},
"product_reference": "cluster-md-kmp-rt-4.4.138-3.14.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Real Time 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dlm-kmp-rt-4.4.138-3.14.1.x86_64 as component of SUSE Linux Enterprise Real Time 12 SP3",
"product_id": "SUSE Linux Enterprise Real Time 12 SP3:dlm-kmp-rt-4.4.138-3.14.1.x86_64"
},
"product_reference": "dlm-kmp-rt-4.4.138-3.14.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Real Time 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gfs2-kmp-rt-4.4.138-3.14.1.x86_64 as component of SUSE Linux Enterprise Real Time 12 SP3",
"product_id": "SUSE Linux Enterprise Real Time 12 SP3:gfs2-kmp-rt-4.4.138-3.14.1.x86_64"
},
"product_reference": "gfs2-kmp-rt-4.4.138-3.14.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Real Time 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-devel-rt-4.4.138-3.14.1.noarch as component of SUSE Linux Enterprise Real Time 12 SP3",
"product_id": "SUSE Linux Enterprise Real Time 12 SP3:kernel-devel-rt-4.4.138-3.14.1.noarch"
},
"product_reference": "kernel-devel-rt-4.4.138-3.14.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Real Time 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-4.4.138-3.14.1.x86_64 as component of SUSE Linux Enterprise Real Time 12 SP3",
"product_id": "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-4.4.138-3.14.1.x86_64"
},
"product_reference": "kernel-rt-4.4.138-3.14.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Real Time 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-base-4.4.138-3.14.1.x86_64 as component of SUSE Linux Enterprise Real Time 12 SP3",
"product_id": "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-base-4.4.138-3.14.1.x86_64"
},
"product_reference": "kernel-rt-base-4.4.138-3.14.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Real Time 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-devel-4.4.138-3.14.1.x86_64 as component of SUSE Linux Enterprise Real Time 12 SP3",
"product_id": "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-devel-4.4.138-3.14.1.x86_64"
},
"product_reference": "kernel-rt-devel-4.4.138-3.14.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Real Time 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt_debug-devel-4.4.138-3.14.1.x86_64 as component of SUSE Linux Enterprise Real Time 12 SP3",
"product_id": "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt_debug-devel-4.4.138-3.14.1.x86_64"
},
"product_reference": "kernel-rt_debug-devel-4.4.138-3.14.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Real Time 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-source-rt-4.4.138-3.14.1.noarch as component of SUSE Linux Enterprise Real Time 12 SP3",
"product_id": "SUSE Linux Enterprise Real Time 12 SP3:kernel-source-rt-4.4.138-3.14.1.noarch"
},
"product_reference": "kernel-source-rt-4.4.138-3.14.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Real Time 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-rt-4.4.138-3.14.1.x86_64 as component of SUSE Linux Enterprise Real Time 12 SP3",
"product_id": "SUSE Linux Enterprise Real Time 12 SP3:kernel-syms-rt-4.4.138-3.14.1.x86_64"
},
"product_reference": "kernel-syms-rt-4.4.138-3.14.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Real Time 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ocfs2-kmp-rt-4.4.138-3.14.1.x86_64 as component of SUSE Linux Enterprise Real Time 12 SP3",
"product_id": "SUSE Linux Enterprise Real Time 12 SP3:ocfs2-kmp-rt-4.4.138-3.14.1.x86_64"
},
"product_reference": "ocfs2-kmp-rt-4.4.138-3.14.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Real Time 12 SP3"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2017-13305",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-13305"
}
],
"notes": [
{
"category": "general",
"text": "A information disclosure vulnerability in the Upstream kernel encrypted-keys. Product: Android. Versions: Android kernel. Android ID: A-70526974.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP3:cluster-md-kmp-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:dlm-kmp-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:gfs2-kmp-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-devel-rt-4.4.138-3.14.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-base-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-devel-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt_debug-devel-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-source-rt-4.4.138-3.14.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-syms-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:ocfs2-kmp-rt-4.4.138-3.14.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-13305",
"url": "https://www.suse.com/security/cve/CVE-2017-13305"
},
{
"category": "external",
"summary": "SUSE Bug 1094353 for CVE-2017-13305",
"url": "https://bugzilla.suse.com/1094353"
},
{
"category": "external",
"summary": "SUSE Bug 1105412 for CVE-2017-13305",
"url": "https://bugzilla.suse.com/1105412"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP3:cluster-md-kmp-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:dlm-kmp-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:gfs2-kmp-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-devel-rt-4.4.138-3.14.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-base-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-devel-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt_debug-devel-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-source-rt-4.4.138-3.14.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-syms-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:ocfs2-kmp-rt-4.4.138-3.14.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP3:cluster-md-kmp-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:dlm-kmp-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:gfs2-kmp-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-devel-rt-4.4.138-3.14.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-base-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-devel-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt_debug-devel-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-source-rt-4.4.138-3.14.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-syms-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:ocfs2-kmp-rt-4.4.138-3.14.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-06-26T11:39:16Z",
"details": "low"
}
],
"title": "CVE-2017-13305"
},
{
"cve": "CVE-2017-17741",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-17741"
}
],
"notes": [
{
"category": "general",
"text": "The KVM implementation in the Linux kernel through 4.14.7 allows attackers to obtain potentially sensitive information from kernel memory, aka a write_mmio stack-based out-of-bounds read, related to arch/x86/kvm/x86.c and include/trace/events/kvm.h.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP3:cluster-md-kmp-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:dlm-kmp-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:gfs2-kmp-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-devel-rt-4.4.138-3.14.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-base-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-devel-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt_debug-devel-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-source-rt-4.4.138-3.14.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-syms-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:ocfs2-kmp-rt-4.4.138-3.14.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-17741",
"url": "https://www.suse.com/security/cve/CVE-2017-17741"
},
{
"category": "external",
"summary": "SUSE Bug 1073311 for CVE-2017-17741",
"url": "https://bugzilla.suse.com/1073311"
},
{
"category": "external",
"summary": "SUSE Bug 1091815 for CVE-2017-17741",
"url": "https://bugzilla.suse.com/1091815"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP3:cluster-md-kmp-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:dlm-kmp-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:gfs2-kmp-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-devel-rt-4.4.138-3.14.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-base-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-devel-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt_debug-devel-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-source-rt-4.4.138-3.14.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-syms-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:ocfs2-kmp-rt-4.4.138-3.14.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP3:cluster-md-kmp-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:dlm-kmp-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:gfs2-kmp-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-devel-rt-4.4.138-3.14.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-base-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-devel-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt_debug-devel-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-source-rt-4.4.138-3.14.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-syms-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:ocfs2-kmp-rt-4.4.138-3.14.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-06-26T11:39:16Z",
"details": "important"
}
],
"title": "CVE-2017-17741"
},
{
"cve": "CVE-2017-18241",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-18241"
}
],
"notes": [
{
"category": "general",
"text": "fs/f2fs/segment.c in the Linux kernel before 4.13 allows local users to cause a denial of service (NULL pointer dereference and panic) by using a noflush_merge option that triggers a NULL value for a flush_cmd_control data structure.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP3:cluster-md-kmp-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:dlm-kmp-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:gfs2-kmp-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-devel-rt-4.4.138-3.14.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-base-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-devel-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt_debug-devel-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-source-rt-4.4.138-3.14.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-syms-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:ocfs2-kmp-rt-4.4.138-3.14.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-18241",
"url": "https://www.suse.com/security/cve/CVE-2017-18241"
},
{
"category": "external",
"summary": "SUSE Bug 1086400 for CVE-2017-18241",
"url": "https://bugzilla.suse.com/1086400"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP3:cluster-md-kmp-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:dlm-kmp-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:gfs2-kmp-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-devel-rt-4.4.138-3.14.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-base-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-devel-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt_debug-devel-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-source-rt-4.4.138-3.14.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-syms-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:ocfs2-kmp-rt-4.4.138-3.14.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP3:cluster-md-kmp-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:dlm-kmp-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:gfs2-kmp-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-devel-rt-4.4.138-3.14.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-base-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-devel-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt_debug-devel-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-source-rt-4.4.138-3.14.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-syms-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:ocfs2-kmp-rt-4.4.138-3.14.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-06-26T11:39:16Z",
"details": "moderate"
}
],
"title": "CVE-2017-18241"
},
{
"cve": "CVE-2017-18249",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-18249"
}
],
"notes": [
{
"category": "general",
"text": "The add_free_nid function in fs/f2fs/node.c in the Linux kernel before 4.12 does not properly track an allocated nid, which allows local users to cause a denial of service (race condition) or possibly have unspecified other impact via concurrent threads.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP3:cluster-md-kmp-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:dlm-kmp-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:gfs2-kmp-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-devel-rt-4.4.138-3.14.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-base-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-devel-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt_debug-devel-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-source-rt-4.4.138-3.14.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-syms-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:ocfs2-kmp-rt-4.4.138-3.14.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-18249",
"url": "https://www.suse.com/security/cve/CVE-2017-18249"
},
{
"category": "external",
"summary": "SUSE Bug 1087036 for CVE-2017-18249",
"url": "https://bugzilla.suse.com/1087036"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP3:cluster-md-kmp-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:dlm-kmp-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:gfs2-kmp-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-devel-rt-4.4.138-3.14.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-base-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-devel-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt_debug-devel-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-source-rt-4.4.138-3.14.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-syms-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:ocfs2-kmp-rt-4.4.138-3.14.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP3:cluster-md-kmp-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:dlm-kmp-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:gfs2-kmp-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-devel-rt-4.4.138-3.14.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-base-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-devel-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt_debug-devel-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-source-rt-4.4.138-3.14.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-syms-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:ocfs2-kmp-rt-4.4.138-3.14.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-06-26T11:39:16Z",
"details": "moderate"
}
],
"title": "CVE-2017-18249"
},
{
"cve": "CVE-2018-1000199",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-1000199"
}
],
"notes": [
{
"category": "general",
"text": "The Linux Kernel version 3.18 contains a dangerous feature vulnerability in modify_user_hw_breakpoint() that can result in crash and possibly memory corruption. This attack appear to be exploitable via local code execution and the ability to use ptrace. This vulnerability appears to have been fixed in git commit f67b15037a7a50c57f72e69a6d59941ad90a0f0f.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP3:cluster-md-kmp-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:dlm-kmp-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:gfs2-kmp-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-devel-rt-4.4.138-3.14.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-base-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-devel-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt_debug-devel-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-source-rt-4.4.138-3.14.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-syms-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:ocfs2-kmp-rt-4.4.138-3.14.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-1000199",
"url": "https://www.suse.com/security/cve/CVE-2018-1000199"
},
{
"category": "external",
"summary": "SUSE Bug 1089895 for CVE-2018-1000199",
"url": "https://bugzilla.suse.com/1089895"
},
{
"category": "external",
"summary": "SUSE Bug 1090036 for CVE-2018-1000199",
"url": "https://bugzilla.suse.com/1090036"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP3:cluster-md-kmp-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:dlm-kmp-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:gfs2-kmp-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-devel-rt-4.4.138-3.14.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-base-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-devel-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt_debug-devel-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-source-rt-4.4.138-3.14.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-syms-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:ocfs2-kmp-rt-4.4.138-3.14.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP3:cluster-md-kmp-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:dlm-kmp-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:gfs2-kmp-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-devel-rt-4.4.138-3.14.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-base-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-devel-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt_debug-devel-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-source-rt-4.4.138-3.14.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-syms-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:ocfs2-kmp-rt-4.4.138-3.14.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-06-26T11:39:16Z",
"details": "important"
}
],
"title": "CVE-2018-1000199"
},
{
"cve": "CVE-2018-1065",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-1065"
}
],
"notes": [
{
"category": "general",
"text": "The netfilter subsystem in the Linux kernel through 4.15.7 mishandles the case of a rule blob that contains a jump but lacks a user-defined chain, which allows local users to cause a denial of service (NULL pointer dereference) by leveraging the CAP_NET_RAW or CAP_NET_ADMIN capability, related to arpt_do_table in net/ipv4/netfilter/arp_tables.c, ipt_do_table in net/ipv4/netfilter/ip_tables.c, and ip6t_do_table in net/ipv6/netfilter/ip6_tables.c.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP3:cluster-md-kmp-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:dlm-kmp-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:gfs2-kmp-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-devel-rt-4.4.138-3.14.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-base-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-devel-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt_debug-devel-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-source-rt-4.4.138-3.14.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-syms-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:ocfs2-kmp-rt-4.4.138-3.14.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-1065",
"url": "https://www.suse.com/security/cve/CVE-2018-1065"
},
{
"category": "external",
"summary": "SUSE Bug 1083650 for CVE-2018-1065",
"url": "https://bugzilla.suse.com/1083650"
},
{
"category": "external",
"summary": "SUSE Bug 1087082 for CVE-2018-1065",
"url": "https://bugzilla.suse.com/1087082"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP3:cluster-md-kmp-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:dlm-kmp-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:gfs2-kmp-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-devel-rt-4.4.138-3.14.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-base-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-devel-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt_debug-devel-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-source-rt-4.4.138-3.14.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-syms-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:ocfs2-kmp-rt-4.4.138-3.14.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP3:cluster-md-kmp-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:dlm-kmp-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:gfs2-kmp-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-devel-rt-4.4.138-3.14.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-base-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-devel-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt_debug-devel-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-source-rt-4.4.138-3.14.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-syms-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:ocfs2-kmp-rt-4.4.138-3.14.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-06-26T11:39:16Z",
"details": "moderate"
}
],
"title": "CVE-2018-1065"
},
{
"cve": "CVE-2018-1092",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-1092"
}
],
"notes": [
{
"category": "general",
"text": "The ext4_iget function in fs/ext4/inode.c in the Linux kernel through 4.15.15 mishandles the case of a root directory with a zero i_links_count, which allows attackers to cause a denial of service (ext4_process_freed_data NULL pointer dereference and OOPS) via a crafted ext4 image.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP3:cluster-md-kmp-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:dlm-kmp-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:gfs2-kmp-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-devel-rt-4.4.138-3.14.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-base-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-devel-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt_debug-devel-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-source-rt-4.4.138-3.14.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-syms-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:ocfs2-kmp-rt-4.4.138-3.14.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-1092",
"url": "https://www.suse.com/security/cve/CVE-2018-1092"
},
{
"category": "external",
"summary": "SUSE Bug 1087012 for CVE-2018-1092",
"url": "https://bugzilla.suse.com/1087012"
},
{
"category": "external",
"summary": "SUSE Bug 1087082 for CVE-2018-1092",
"url": "https://bugzilla.suse.com/1087082"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP3:cluster-md-kmp-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:dlm-kmp-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:gfs2-kmp-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-devel-rt-4.4.138-3.14.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-base-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-devel-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt_debug-devel-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-source-rt-4.4.138-3.14.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-syms-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:ocfs2-kmp-rt-4.4.138-3.14.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP3:cluster-md-kmp-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:dlm-kmp-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:gfs2-kmp-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-devel-rt-4.4.138-3.14.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-base-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-devel-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt_debug-devel-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-source-rt-4.4.138-3.14.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-syms-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:ocfs2-kmp-rt-4.4.138-3.14.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-06-26T11:39:16Z",
"details": "moderate"
}
],
"title": "CVE-2018-1092"
},
{
"cve": "CVE-2018-1093",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-1093"
}
],
"notes": [
{
"category": "general",
"text": "The ext4_valid_block_bitmap function in fs/ext4/balloc.c in the Linux kernel through 4.15.15 allows attackers to cause a denial of service (out-of-bounds read and system crash) via a crafted ext4 image because balloc.c and ialloc.c do not validate bitmap block numbers.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP3:cluster-md-kmp-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:dlm-kmp-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:gfs2-kmp-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-devel-rt-4.4.138-3.14.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-base-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-devel-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt_debug-devel-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-source-rt-4.4.138-3.14.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-syms-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:ocfs2-kmp-rt-4.4.138-3.14.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-1093",
"url": "https://www.suse.com/security/cve/CVE-2018-1093"
},
{
"category": "external",
"summary": "SUSE Bug 1087082 for CVE-2018-1093",
"url": "https://bugzilla.suse.com/1087082"
},
{
"category": "external",
"summary": "SUSE Bug 1087095 for CVE-2018-1093",
"url": "https://bugzilla.suse.com/1087095"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP3:cluster-md-kmp-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:dlm-kmp-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:gfs2-kmp-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-devel-rt-4.4.138-3.14.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-base-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-devel-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt_debug-devel-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-source-rt-4.4.138-3.14.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-syms-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:ocfs2-kmp-rt-4.4.138-3.14.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP3:cluster-md-kmp-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:dlm-kmp-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:gfs2-kmp-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-devel-rt-4.4.138-3.14.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-base-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-devel-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt_debug-devel-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-source-rt-4.4.138-3.14.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-syms-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:ocfs2-kmp-rt-4.4.138-3.14.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-06-26T11:39:16Z",
"details": "moderate"
}
],
"title": "CVE-2018-1093"
},
{
"cve": "CVE-2018-1094",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-1094"
}
],
"notes": [
{
"category": "general",
"text": "The ext4_fill_super function in fs/ext4/super.c in the Linux kernel through 4.15.15 does not always initialize the crc32c checksum driver, which allows attackers to cause a denial of service (ext4_xattr_inode_hash NULL pointer dereference and system crash) via a crafted ext4 image.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP3:cluster-md-kmp-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:dlm-kmp-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:gfs2-kmp-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-devel-rt-4.4.138-3.14.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-base-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-devel-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt_debug-devel-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-source-rt-4.4.138-3.14.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-syms-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:ocfs2-kmp-rt-4.4.138-3.14.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-1094",
"url": "https://www.suse.com/security/cve/CVE-2018-1094"
},
{
"category": "external",
"summary": "SUSE Bug 1087007 for CVE-2018-1094",
"url": "https://bugzilla.suse.com/1087007"
},
{
"category": "external",
"summary": "SUSE Bug 1087082 for CVE-2018-1094",
"url": "https://bugzilla.suse.com/1087082"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP3:cluster-md-kmp-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:dlm-kmp-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:gfs2-kmp-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-devel-rt-4.4.138-3.14.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-base-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-devel-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt_debug-devel-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-source-rt-4.4.138-3.14.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-syms-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:ocfs2-kmp-rt-4.4.138-3.14.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP3:cluster-md-kmp-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:dlm-kmp-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:gfs2-kmp-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-devel-rt-4.4.138-3.14.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-base-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-devel-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt_debug-devel-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-source-rt-4.4.138-3.14.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-syms-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:ocfs2-kmp-rt-4.4.138-3.14.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-06-26T11:39:16Z",
"details": "moderate"
}
],
"title": "CVE-2018-1094"
},
{
"cve": "CVE-2018-1130",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-1130"
}
],
"notes": [
{
"category": "general",
"text": "Linux kernel before version 4.16-rc7 is vulnerable to a null pointer dereference in dccp_write_xmit() function in net/dccp/output.c in that allows a local user to cause a denial of service by a number of certain crafted system calls.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP3:cluster-md-kmp-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:dlm-kmp-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:gfs2-kmp-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-devel-rt-4.4.138-3.14.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-base-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-devel-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt_debug-devel-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-source-rt-4.4.138-3.14.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-syms-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:ocfs2-kmp-rt-4.4.138-3.14.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-1130",
"url": "https://www.suse.com/security/cve/CVE-2018-1130"
},
{
"category": "external",
"summary": "SUSE Bug 1092904 for CVE-2018-1130",
"url": "https://bugzilla.suse.com/1092904"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP3:cluster-md-kmp-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:dlm-kmp-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:gfs2-kmp-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-devel-rt-4.4.138-3.14.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-base-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-devel-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt_debug-devel-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-source-rt-4.4.138-3.14.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-syms-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:ocfs2-kmp-rt-4.4.138-3.14.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP3:cluster-md-kmp-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:dlm-kmp-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:gfs2-kmp-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-devel-rt-4.4.138-3.14.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-base-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-devel-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt_debug-devel-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-source-rt-4.4.138-3.14.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-syms-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:ocfs2-kmp-rt-4.4.138-3.14.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-06-26T11:39:16Z",
"details": "moderate"
}
],
"title": "CVE-2018-1130"
},
{
"cve": "CVE-2018-12233",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-12233"
}
],
"notes": [
{
"category": "general",
"text": "In the ea_get function in fs/jfs/xattr.c in the Linux kernel through 4.17.1, a memory corruption bug in JFS can be triggered by calling setxattr twice with two different extended attribute names on the same file. This vulnerability can be triggered by an unprivileged user with the ability to create files and execute programs. A kmalloc call is incorrect, leading to slab-out-of-bounds in jfs_xattr.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP3:cluster-md-kmp-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:dlm-kmp-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:gfs2-kmp-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-devel-rt-4.4.138-3.14.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-base-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-devel-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt_debug-devel-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-source-rt-4.4.138-3.14.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-syms-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:ocfs2-kmp-rt-4.4.138-3.14.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-12233",
"url": "https://www.suse.com/security/cve/CVE-2018-12233"
},
{
"category": "external",
"summary": "SUSE Bug 1087082 for CVE-2018-12233",
"url": "https://bugzilla.suse.com/1087082"
},
{
"category": "external",
"summary": "SUSE Bug 1097234 for CVE-2018-12233",
"url": "https://bugzilla.suse.com/1097234"
},
{
"category": "external",
"summary": "SUSE Bug 1115893 for CVE-2018-12233",
"url": "https://bugzilla.suse.com/1115893"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP3:cluster-md-kmp-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:dlm-kmp-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:gfs2-kmp-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-devel-rt-4.4.138-3.14.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-base-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-devel-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt_debug-devel-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-source-rt-4.4.138-3.14.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-syms-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:ocfs2-kmp-rt-4.4.138-3.14.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP3:cluster-md-kmp-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:dlm-kmp-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:gfs2-kmp-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-devel-rt-4.4.138-3.14.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-base-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-devel-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt_debug-devel-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-source-rt-4.4.138-3.14.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-syms-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:ocfs2-kmp-rt-4.4.138-3.14.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-06-26T11:39:16Z",
"details": "moderate"
}
],
"title": "CVE-2018-12233"
},
{
"cve": "CVE-2018-3639",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-3639"
}
],
"notes": [
{
"category": "general",
"text": "Systems with microprocessors utilizing speculative execution and speculative execution of memory reads before the addresses of all prior memory writes are known may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis, aka Speculative Store Bypass (SSB), Variant 4.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP3:cluster-md-kmp-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:dlm-kmp-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:gfs2-kmp-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-devel-rt-4.4.138-3.14.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-base-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-devel-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt_debug-devel-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-source-rt-4.4.138-3.14.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-syms-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:ocfs2-kmp-rt-4.4.138-3.14.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-3639",
"url": "https://www.suse.com/security/cve/CVE-2018-3639"
},
{
"category": "external",
"summary": "SUSE Bug 1074701 for CVE-2018-3639",
"url": "https://bugzilla.suse.com/1074701"
},
{
"category": "external",
"summary": "SUSE Bug 1085235 for CVE-2018-3639",
"url": "https://bugzilla.suse.com/1085235"
},
{
"category": "external",
"summary": "SUSE Bug 1085308 for CVE-2018-3639",
"url": "https://bugzilla.suse.com/1085308"
},
{
"category": "external",
"summary": "SUSE Bug 1087078 for CVE-2018-3639",
"url": "https://bugzilla.suse.com/1087078"
},
{
"category": "external",
"summary": "SUSE Bug 1087082 for CVE-2018-3639",
"url": "https://bugzilla.suse.com/1087082"
},
{
"category": "external",
"summary": "SUSE Bug 1092631 for CVE-2018-3639",
"url": "https://bugzilla.suse.com/1092631"
},
{
"category": "external",
"summary": "SUSE Bug 1092885 for CVE-2018-3639",
"url": "https://bugzilla.suse.com/1092885"
},
{
"category": "external",
"summary": "SUSE Bug 1094912 for CVE-2018-3639",
"url": "https://bugzilla.suse.com/1094912"
},
{
"category": "external",
"summary": "SUSE Bug 1098813 for CVE-2018-3639",
"url": "https://bugzilla.suse.com/1098813"
},
{
"category": "external",
"summary": "SUSE Bug 1100394 for CVE-2018-3639",
"url": "https://bugzilla.suse.com/1100394"
},
{
"category": "external",
"summary": "SUSE Bug 1102640 for CVE-2018-3639",
"url": "https://bugzilla.suse.com/1102640"
},
{
"category": "external",
"summary": "SUSE Bug 1105412 for CVE-2018-3639",
"url": "https://bugzilla.suse.com/1105412"
},
{
"category": "external",
"summary": "SUSE Bug 1111963 for CVE-2018-3639",
"url": "https://bugzilla.suse.com/1111963"
},
{
"category": "external",
"summary": "SUSE Bug 1172781 for CVE-2018-3639",
"url": "https://bugzilla.suse.com/1172781"
},
{
"category": "external",
"summary": "SUSE Bug 1172782 for CVE-2018-3639",
"url": "https://bugzilla.suse.com/1172782"
},
{
"category": "external",
"summary": "SUSE Bug 1172783 for CVE-2018-3639",
"url": "https://bugzilla.suse.com/1172783"
},
{
"category": "external",
"summary": "SUSE Bug 1173489 for CVE-2018-3639",
"url": "https://bugzilla.suse.com/1173489"
},
{
"category": "external",
"summary": "SUSE Bug 1178658 for CVE-2018-3639",
"url": "https://bugzilla.suse.com/1178658"
},
{
"category": "external",
"summary": "SUSE Bug 1201877 for CVE-2018-3639",
"url": "https://bugzilla.suse.com/1201877"
},
{
"category": "external",
"summary": "SUSE Bug 1215674 for CVE-2018-3639",
"url": "https://bugzilla.suse.com/1215674"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP3:cluster-md-kmp-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:dlm-kmp-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:gfs2-kmp-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-devel-rt-4.4.138-3.14.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-base-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-devel-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt_debug-devel-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-source-rt-4.4.138-3.14.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-syms-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:ocfs2-kmp-rt-4.4.138-3.14.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP3:cluster-md-kmp-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:dlm-kmp-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:gfs2-kmp-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-devel-rt-4.4.138-3.14.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-base-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-devel-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt_debug-devel-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-source-rt-4.4.138-3.14.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-syms-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:ocfs2-kmp-rt-4.4.138-3.14.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-06-26T11:39:16Z",
"details": "moderate"
}
],
"title": "CVE-2018-3639"
},
{
"cve": "CVE-2018-3665",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-3665"
}
],
"notes": [
{
"category": "general",
"text": "System software utilizing Lazy FP state restore technique on systems using Intel Core-based microprocessors may potentially allow a local process to infer data from another process through a speculative execution side channel.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP3:cluster-md-kmp-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:dlm-kmp-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:gfs2-kmp-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-devel-rt-4.4.138-3.14.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-base-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-devel-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt_debug-devel-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-source-rt-4.4.138-3.14.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-syms-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:ocfs2-kmp-rt-4.4.138-3.14.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-3665",
"url": "https://www.suse.com/security/cve/CVE-2018-3665"
},
{
"category": "external",
"summary": "SUSE Bug 1087078 for CVE-2018-3665",
"url": "https://bugzilla.suse.com/1087078"
},
{
"category": "external",
"summary": "SUSE Bug 1087082 for CVE-2018-3665",
"url": "https://bugzilla.suse.com/1087082"
},
{
"category": "external",
"summary": "SUSE Bug 1087086 for CVE-2018-3665",
"url": "https://bugzilla.suse.com/1087086"
},
{
"category": "external",
"summary": "SUSE Bug 1090338 for CVE-2018-3665",
"url": "https://bugzilla.suse.com/1090338"
},
{
"category": "external",
"summary": "SUSE Bug 1095241 for CVE-2018-3665",
"url": "https://bugzilla.suse.com/1095241"
},
{
"category": "external",
"summary": "SUSE Bug 1095242 for CVE-2018-3665",
"url": "https://bugzilla.suse.com/1095242"
},
{
"category": "external",
"summary": "SUSE Bug 1096740 for CVE-2018-3665",
"url": "https://bugzilla.suse.com/1096740"
},
{
"category": "external",
"summary": "SUSE Bug 1100091 for CVE-2018-3665",
"url": "https://bugzilla.suse.com/1100091"
},
{
"category": "external",
"summary": "SUSE Bug 1100555 for CVE-2018-3665",
"url": "https://bugzilla.suse.com/1100555"
},
{
"category": "external",
"summary": "SUSE Bug 1178658 for CVE-2018-3665",
"url": "https://bugzilla.suse.com/1178658"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP3:cluster-md-kmp-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:dlm-kmp-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:gfs2-kmp-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-devel-rt-4.4.138-3.14.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-base-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-devel-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt_debug-devel-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-source-rt-4.4.138-3.14.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-syms-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:ocfs2-kmp-rt-4.4.138-3.14.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP3:cluster-md-kmp-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:dlm-kmp-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:gfs2-kmp-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-devel-rt-4.4.138-3.14.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-base-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-devel-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt_debug-devel-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-source-rt-4.4.138-3.14.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-syms-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:ocfs2-kmp-rt-4.4.138-3.14.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-06-26T11:39:16Z",
"details": "moderate"
}
],
"title": "CVE-2018-3665"
},
{
"cve": "CVE-2018-5803",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-5803"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux Kernel before version 4.15.8, 4.14.25, 4.9.87, 4.4.121, 4.1.51, and 3.2.102, an error in the \"_sctp_make_chunk()\" function (net/sctp/sm_make_chunk.c) when handling SCTP packets length can be exploited to cause a kernel crash.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP3:cluster-md-kmp-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:dlm-kmp-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:gfs2-kmp-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-devel-rt-4.4.138-3.14.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-base-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-devel-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt_debug-devel-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-source-rt-4.4.138-3.14.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-syms-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:ocfs2-kmp-rt-4.4.138-3.14.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-5803",
"url": "https://www.suse.com/security/cve/CVE-2018-5803"
},
{
"category": "external",
"summary": "SUSE Bug 1083900 for CVE-2018-5803",
"url": "https://bugzilla.suse.com/1083900"
},
{
"category": "external",
"summary": "SUSE Bug 1087082 for CVE-2018-5803",
"url": "https://bugzilla.suse.com/1087082"
},
{
"category": "external",
"summary": "SUSE Bug 1115893 for CVE-2018-5803",
"url": "https://bugzilla.suse.com/1115893"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP3:cluster-md-kmp-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:dlm-kmp-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:gfs2-kmp-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-devel-rt-4.4.138-3.14.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-base-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-devel-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt_debug-devel-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-source-rt-4.4.138-3.14.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-syms-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:ocfs2-kmp-rt-4.4.138-3.14.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP3:cluster-md-kmp-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:dlm-kmp-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:gfs2-kmp-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-devel-rt-4.4.138-3.14.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-base-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-devel-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt_debug-devel-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-source-rt-4.4.138-3.14.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-syms-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:ocfs2-kmp-rt-4.4.138-3.14.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-06-26T11:39:16Z",
"details": "moderate"
}
],
"title": "CVE-2018-5803"
},
{
"cve": "CVE-2018-5848",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-5848"
}
],
"notes": [
{
"category": "general",
"text": "In the function wmi_set_ie(), the length validation code does not handle unsigned integer overflow properly. As a result, a large value of the \u0027ie_len\u0027 argument can cause a buffer overflow in all Android releases from CAF (Android for MSM, Firefox OS for MSM, QRD Android) using the Linux Kernel.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP3:cluster-md-kmp-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:dlm-kmp-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:gfs2-kmp-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-devel-rt-4.4.138-3.14.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-base-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-devel-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt_debug-devel-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-source-rt-4.4.138-3.14.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-syms-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:ocfs2-kmp-rt-4.4.138-3.14.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-5848",
"url": "https://www.suse.com/security/cve/CVE-2018-5848"
},
{
"category": "external",
"summary": "SUSE Bug 1087082 for CVE-2018-5848",
"url": "https://bugzilla.suse.com/1087082"
},
{
"category": "external",
"summary": "SUSE Bug 1097356 for CVE-2018-5848",
"url": "https://bugzilla.suse.com/1097356"
},
{
"category": "external",
"summary": "SUSE Bug 1105412 for CVE-2018-5848",
"url": "https://bugzilla.suse.com/1105412"
},
{
"category": "external",
"summary": "SUSE Bug 1115339 for CVE-2018-5848",
"url": "https://bugzilla.suse.com/1115339"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP3:cluster-md-kmp-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:dlm-kmp-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:gfs2-kmp-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-devel-rt-4.4.138-3.14.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-base-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-devel-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt_debug-devel-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-source-rt-4.4.138-3.14.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-syms-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:ocfs2-kmp-rt-4.4.138-3.14.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP3:cluster-md-kmp-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:dlm-kmp-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:gfs2-kmp-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-devel-rt-4.4.138-3.14.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-base-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-devel-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt_debug-devel-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-source-rt-4.4.138-3.14.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-syms-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:ocfs2-kmp-rt-4.4.138-3.14.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-06-26T11:39:16Z",
"details": "moderate"
}
],
"title": "CVE-2018-5848"
},
{
"cve": "CVE-2018-7492",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-7492"
}
],
"notes": [
{
"category": "general",
"text": "A NULL pointer dereference was found in the net/rds/rdma.c __rds_rdma_map() function in the Linux kernel before 4.14.7 allowing local attackers to cause a system panic and a denial-of-service, related to RDS_GET_MR and RDS_GET_MR_FOR_DEST.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP3:cluster-md-kmp-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:dlm-kmp-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:gfs2-kmp-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-devel-rt-4.4.138-3.14.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-base-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-devel-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt_debug-devel-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-source-rt-4.4.138-3.14.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-syms-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:ocfs2-kmp-rt-4.4.138-3.14.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-7492",
"url": "https://www.suse.com/security/cve/CVE-2018-7492"
},
{
"category": "external",
"summary": "SUSE Bug 1082962 for CVE-2018-7492",
"url": "https://bugzilla.suse.com/1082962"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP3:cluster-md-kmp-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:dlm-kmp-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:gfs2-kmp-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-devel-rt-4.4.138-3.14.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-base-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-devel-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt_debug-devel-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-source-rt-4.4.138-3.14.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-syms-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:ocfs2-kmp-rt-4.4.138-3.14.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.2,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP3:cluster-md-kmp-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:dlm-kmp-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:gfs2-kmp-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-devel-rt-4.4.138-3.14.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-base-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-devel-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt_debug-devel-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-source-rt-4.4.138-3.14.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-syms-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:ocfs2-kmp-rt-4.4.138-3.14.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-06-26T11:39:16Z",
"details": "moderate"
}
],
"title": "CVE-2018-7492"
},
{
"cve": "CVE-2018-8781",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-8781"
}
],
"notes": [
{
"category": "general",
"text": "The udl_fb_mmap function in drivers/gpu/drm/udl/udl_fb.c at the Linux kernel version 3.4 and up to and including 4.15 has an integer-overflow vulnerability allowing local users with access to the udldrmfb driver to obtain full read and write permissions on kernel physical pages, resulting in a code execution in kernel space.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP3:cluster-md-kmp-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:dlm-kmp-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:gfs2-kmp-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-devel-rt-4.4.138-3.14.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-base-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-devel-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt_debug-devel-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-source-rt-4.4.138-3.14.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-syms-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:ocfs2-kmp-rt-4.4.138-3.14.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-8781",
"url": "https://www.suse.com/security/cve/CVE-2018-8781"
},
{
"category": "external",
"summary": "SUSE Bug 1087082 for CVE-2018-8781",
"url": "https://bugzilla.suse.com/1087082"
},
{
"category": "external",
"summary": "SUSE Bug 1090643 for CVE-2018-8781",
"url": "https://bugzilla.suse.com/1090643"
},
{
"category": "external",
"summary": "SUSE Bug 1090646 for CVE-2018-8781",
"url": "https://bugzilla.suse.com/1090646"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP3:cluster-md-kmp-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:dlm-kmp-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:gfs2-kmp-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-devel-rt-4.4.138-3.14.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-base-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-devel-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt_debug-devel-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-source-rt-4.4.138-3.14.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-syms-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:ocfs2-kmp-rt-4.4.138-3.14.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP3:cluster-md-kmp-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:dlm-kmp-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:gfs2-kmp-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-devel-rt-4.4.138-3.14.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-base-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-devel-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt_debug-devel-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-source-rt-4.4.138-3.14.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-syms-rt-4.4.138-3.14.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:ocfs2-kmp-rt-4.4.138-3.14.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-06-26T11:39:16Z",
"details": "important"
}
],
"title": "CVE-2018-8781"
}
]
}
suse-su-2019:0470-1
Vulnerability from csaf_suse
Published
2019-02-22 12:47
Modified
2019-02-22 12:47
Summary
Security update for the Linux Kernel
Notes
Title of the patch
Security update for the Linux Kernel
Description of the patch
The SUSE Linux Enterprise 12 realtime kernel was updated to receive various security and bugfixes.
The following security bugs were fixed:
- CVE-2017-18249: Fixed tracking on allocated nid in the add_free_nid function fs/f2fs/node.c, which previously allowed local users to cause a denial of service (bnc#1087036).
- CVE-2019-3459: Fixed remote heap address information leak in use of l2cap_get_conf_opt (bnc#1120758).
- CVE-2019-3460: Fixed remote data leak in multiple location in the function l2cap_parse_conf_rsp (bnc#1120758).
The following non-security bugs were fixed:
- Disable MSI also when pcie-octeon.pcie_disable on (bnc#1012382).
- Fix problem with sharetransport= and NFSv4 (bsc#1114893).
- Revert 'bs-upload-kernel: do not set %opensuse_bs' This reverts commit e89e2b8cbef05df6c874ba70af3cb4c57f82a821.
- Yama: Check for pid death before checking ancestry (bnc#1012382).
- acpi / processor: Fix the return value of acpi_processor_ids_walk() (git fixes (acpi)).
- acpi/nfit: Block function zero DSMs (bsc#1123321).
- acpi/nfit: Fix command-supported detection (bsc#1123323).
- acpi: power: Skip duplicate power resource references in _PRx (bnc#1012382).
- alsa: bebob: fix model-id of unit for Apogee Ensemble (bnc#1012382).
- alsa: hda/realtek - Disable headset Mic VREF for headset mode of ALC225 (bnc#1012382).
- arm64/kvm: consistently handle host HCR_EL2 flags (bnc#1012382).
- arm64: Do not trap host pointer auth use to EL2 (bnc#1012382).
- arm64: perf: set suppress_bind_attrs flag to true (bnc#1012382).
- ata: Fix racy link clearance (bsc#1107866).
- block/loop: Use global lock for ioctl() operation (bnc#1012382).
- block/swim3: Fix -EBUSY error when re-opening device after unmount (Git-fixes).
- Btrfs: tree-check: reduce stack consumption in check_dir_item (bnc#1012382).
- Btrfs: tree-checker: Check level for leaves and nodes (bnc#1012382).
- Btrfs: tree-checker: Do not check max block group size as current max chunk size limit is unreliable (fixes for bnc#1012382 bsc#1102875 bsc#1102877 bsc#1102879 bsc#1102882 bsc#1102896).
- Btrfs: tree-checker: Fix misleading group system information (bnc#1012382).
- Btrfs: validate type when reading a chunk (bnc#1012382).
- Btrfs: wait on ordered extents on abort cleanup (bnc#1012382).
- can: gw: ensure DLC boundaries after CAN frame modification (bnc#1012382).
- cifs: Do not hide EINTR after sending network packets (bnc#1012382).
- cifs: Fix potential OOB access of lock element array (bnc#1012382).
- clk: imx6q: reset exclusive gates on init (bnc#1012382).
- crypto: authenc - fix parsing key with misaligned rta_len (bnc#1012382).
- crypto: authencesn - Avoid twice completion call in decrypt path (bnc#1012382).
- crypto: cts - fix crash on short inputs (bnc#1012382).
- crypto: user - support incremental algorithm dumps (bsc#1120902).
- dm crypt: add cryptographic data integrity protection (authenticated encryption) (Git-fixes).
- dm crypt: factor IV constructor out to separate function (Git-fixes).
- dm crypt: fix crash by adding missing check for auth key size (git-fixes).
- dm crypt: fix error return code in crypt_ctr() (git-fixes).
- dm crypt: fix memory leak in crypt_ctr_cipher_old() (git-fixes).
- dm crypt: introduce new format of cipher with 'capi:' prefix (Git-fixes).
- dm crypt: wipe kernel key copy after IV initialization (Git-fixes).
- dm kcopyd: Fix bug causing workqueue stalls (bnc#1012382).
- dm snapshot: Fix excessive memory usage and workqueue stalls (bnc#1012382).
- dm: do not allow readahead to limit IO size (git fixes (readahead)).
- e1000e: allow non-monotonic SYSTIM readings (bnc#1012382).
- edac: Raise the maximum number of memory controllers (bsc#1120722).
- efi/libstub/arm64: Use hidden attribute for struct screen_info reference (bsc#1122650).
- ext4: Fix crash during online resizing (bsc#1122779).
- ext4: fix a potential fiemap/page fault deadlock w/ inline_data (bnc#1012382).
- f2fs: Add sanity_check_inode() function (bnc#1012382).
- f2fs: avoid unneeded loop in build_sit_entries (bnc#1012382).
- f2fs: check blkaddr more accuratly before issue a bio (bnc#1012382).
- f2fs: clean up argument of recover_data (bnc#1012382).
- f2fs: clean up with is_valid_blkaddr() (bnc#1012382).
- f2fs: detect wrong layout (bnc#1012382).
- f2fs: enhance sanity_check_raw_super() to avoid potential overflow (bnc#1012382).
- f2fs: factor out fsync inode entry operations (bnc#1012382).
- f2fs: fix inode cache leak (bnc#1012382).
- f2fs: fix invalid memory access (bnc#1012382).
- f2fs: fix missing up_read (bnc#1012382).
- f2fs: fix to avoid reading out encrypted data in page cache (bnc#1012382).
- f2fs: fix to convert inline directory correctly (bnc#1012382).
- f2fs: fix to determine start_cp_addr by sbi->cur_cp_pack (bnc#1012382).
- f2fs: fix to do sanity check with block address in main area (bnc#1012382).
- f2fs: fix to do sanity check with block address in main area v2 (bnc#1012382).
- f2fs: fix to do sanity check with cp_pack_start_sum (bnc#1012382).
- f2fs: fix to do sanity check with node footer and iblocks (bnc#1012382).
- f2fs: fix to do sanity check with reserved blkaddr of inline inode (bnc#1012382).
- f2fs: fix to do sanity check with secs_per_zone (bnc#1012382).
- f2fs: fix to do sanity check with user_block_count (bnc#1012382).
- f2fs: fix validation of the block count in sanity_check_raw_super (bnc#1012382).
- f2fs: free meta pages if sanity check for ckpt is failed (bnc#1012382).
- f2fs: give -EINVAL for norecovery and rw mount (bnc#1012382).
- f2fs: introduce and spread verify_blkaddr (bnc#1012382).
- f2fs: introduce get_checkpoint_version for cleanup (bnc#1012382).
- f2fs: move sanity checking of cp into get_valid_checkpoint (bnc#1012382).
- f2fs: not allow to write illegal blkaddr (bnc#1012382).
- f2fs: put directory inodes before checkpoint in roll-forward recovery (bnc#1012382).
- f2fs: remove an obsolete variable (bnc#1012382).
- f2fs: return error during fill_super (bnc#1012382).
- f2fs: sanity check on sit entry (bnc#1012382).
- f2fs: use crc and cp version to determine roll-forward recovery (bnc#1012382).
- gpiolib: Fix return value of gpio_to_desc() stub if !GPIOLIB (Git-fixes).
- i2c: dev: prevent adapter retries and timeout being set as minus value (bnc#1012382).
- ibmveth: Do not process frames after calling napi_reschedule (bcs#1123357).
- ibmvnic: Add ethtool private flag for driver-defined queue limits (bsc#1121726).
- ibmvnic: Increase maximum queue size limit (bsc#1121726).
- ibmvnic: Introduce driver limits for ring sizes (bsc#1121726).
- iommu/amd: Call free_iova_fast with pfn in map_sg (bsc#1106105).
- iommu/amd: Fix IOMMU page flush when detach device from a domain (bsc#1106105).
- iommu/amd: Unmap all mapped pages in error path of map_sg (bsc#1106105).
- iommu/vt-d: Fix memory leak in intel_iommu_put_resv_regions() (bsc#1106105).
- ip: on queued skb use skb_header_pointer instead of pskb_may_pull (bnc#1012382).
- ipmi:ssif: Fix handling of multi-part return messages (bnc#1012382).
- ipv6: Consider sk_bound_dev_if when binding a socket to a v4 mapped address (bnc#1012382).
- ipv6: Take rcu_read_lock in __inet6_bind for mapped addresses (bnc#1012382).
- ipv6: fix kernel-infoleak in ipv6_local_error() (bnc#1012382).
- jffs2: Fix use of uninitialized delayed_work, lockdep breakage (bnc#1012382).
- kabi: reorder new slabinfo fields in struct kmem_cache_node (bnc#1116653).
- kconfig: fix file name and line number of warn_ignored_character() (bnc#1012382).
- kconfig: fix memory leak when EOF is encountered in quotation (bnc#1012382).
- loop: Fix double mutex_unlock(&loop_ctl_mutex) in loop_control_ioctl() (bnc#1012382).
- loop: Fold __loop_release into loop_release (bnc#1012382).
- loop: Get rid of loop_index_mutex (bnc#1012382).
- lsm: Check for NULL cred-security on free (bnc#1012382).
- md: batch flush requests (bsc#1119680).
- media: em28xx: Fix misplaced reset of dev->v4l::field_count (bnc#1012382).
- media: firewire: Fix app_info parameter type in avc_ca{,_app}_info (bnc#1012382).
- media: vb2: be sure to unlock mutex on errors (bnc#1012382).
- media: vb2: vb2_mmap: move lock up (bnc#1012382).
- media: vivid: fix error handling of kthread_run (bnc#1012382).
- media: vivid: set min width/height to a value > 0 (bnc#1012382).
- mfd: tps6586x: Handle interrupts on suspend (bnc#1012382).
- mips: SiByte: Enable swiotlb for SWARM, LittleSur and BigSur (bnc#1012382).
- mips: fix n32 compat_ipc_parse_version (bnc#1012382).
- mm, proc: be more verbose about unstable VMA flags in /proc/<pid>/smaps (bnc#1012382).
- mm, slab: faster active and free stats (bsc#1116653, VM Performance).
- mm, slab: maintain total slab count instead of active count (bsc#1116653, VM Performance).
- mm/page-writeback.c: do not break integrity writeback on ->writepage() error (bnc#1012382).
- mm/slab: improve performance of gathering slabinfo stats (bsc#1116653, VM Performance).
- mm: only report isolation failures when offlining memory (generic hotplug debugability).
- mmc: atmel-mci: do not assume idle after atmci_request_end (bnc#1012382).
- net: bridge: fix a bug on using a neighbour cache entry without checking its state (bnc#1012382).
- net: call sk_dst_reset when set SO_DONTROUTE (bnc#1012382).
- net: speed up skb_rbtree_purge() (bnc#1012382).
- ocfs2: fix panic due to unrecovered local alloc (bnc#1012382).
- omap2fb: Fix stack memory disclosure (bsc#1106929)
- packet: Do not leak dev refcounts on error exit (bnc#1012382).
- pci: altera: Check link status before retrain link (bnc#1012382).
- pci: altera: Fix altera_pcie_link_is_up() (bnc#1012382).
- pci: altera: Move retrain from fixup to altera_pcie_host_init() (bnc#1012382).
- pci: altera: Poll for link training status after retraining the link (bnc#1012382).
- pci: altera: Poll for link up status after retraining the link (bnc#1012382).
- pci: altera: Reorder read/write functions (bnc#1012382).
- pci: altera: Rework config accessors for use without a struct pci_bus (bnc#1012382).
- perf intel-pt: Fix error with config term 'pt=0' (bnc#1012382).
- perf parse-events: Fix unchecked usage of strncpy() (bnc#1012382).
- perf svghelper: Fix unchecked usage of strncpy() (bnc#1012382).
- platform/x86: asus-wmi: Tell the EC the OS will handle the display off hotkey (bnc#1012382).
- powerpc, hotplug: Avoid to touch non-existent cpumasks (bsc#1109695).
- powerpc/cacheinfo: Report the correct shared_cpu_map on big-cores (bsc#1109695).
- powerpc/pseries/cpuidle: Fix preempt warning (bnc#1012382).
- powerpc/setup: Add cpu_to_phys_id array (bsc#1109695).
- powerpc/smp: Add Power9 scheduler topology (bsc#1109695).
- powerpc/smp: Add cpu_l2_cache_map (bsc#1109695).
- powerpc/smp: Rework CPU topology construction (bsc#1109695).
- powerpc/smp: Use cpu_to_chip_id() to find core siblings (bsc#1109695).
- powerpc/xmon: Fix invocation inside lock region (bsc#1122885).
- powerpc: Detect the presence of big-cores via 'ibm, thread-groups' (bsc#1109695).
- powerpc: Use cpu_smallcore_sibling_mask at SMT level on bigcores (bsc#1109695).
- powerpc: make use of for_each_node_by_type() instead of open-coding it (bsc#1109695).
- proc: Remove empty line in /proc/self/status (bnc#1012382 bsc#1094823).
- pstore/ram: Do not treat empty buffers as valid (bnc#1012382).
- r8169: Add support for new Realtek Ethernet (bnc#1012382).
- scsi: megaraid: fix out-of-bound array accesses (bnc#1012382).
- scsi: sd: Fix cache_type_store() (bnc#1012382).
- scsi: target: use consistent left-aligned ASCII INQUIRY data (bnc#1012382).
- sctp: allocate sctp_sockaddr_entry with kzalloc (bnc#1012382).
- selinux: fix GPF on invalid policy (bnc#1012382).
- slab: alien caches must not be initialized if the allocation of the alien cache failed (bnc#1012382).
- sunrpc: handle ENOMEM in rpcb_getport_async (bnc#1012382).
- sysfs: Disable lockdep for driver bind/unbind files (bnc#1012382).
- tipc: fix uninit-value in tipc_nl_compat_bearer_enable (bnc#1012382).
- tipc: fix uninit-value in tipc_nl_compat_doit (bnc#1012382).
- tipc: fix uninit-value in tipc_nl_compat_link_reset_stats (bnc#1012382).
- tipc: fix uninit-value in tipc_nl_compat_link_set (bnc#1012382).
- tipc: fix uninit-value in tipc_nl_compat_name_table_dump (bnc#1012382).
- tty/ldsem: Wake up readers after timed out down_write() (bnc#1012382).
- usb: Add USB_QUIRK_DELAY_CTRL_MSG quirk for Corsair K70 RGB (bnc#1012382).
- usb: cdc-acm: send ZLP for Telit 3G Intel based modems (bnc#1012382).
- usb: storage: add quirk for SMI SM3350 (bnc#1012382).
- usb: storage: do not insert sane sense for SPC3+ when bad sense specified (bnc#1012382).
- writeback: do not decrement wb->refcnt if !wb->bdi (git fixes (writeback)).
- x86/pkeys: Properly copy pkey state at fork() (bsc#1106105).
Patchnames
SUSE-2019-470,SUSE-SLE-RT-12-SP3-2019-470
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for the Linux Kernel",
"title": "Title of the patch"
},
{
"category": "description",
"text": "The SUSE Linux Enterprise 12 realtime kernel was updated to receive various security and bugfixes.\n\nThe following security bugs were fixed:\n\n- CVE-2017-18249: Fixed tracking on allocated nid in the add_free_nid function fs/f2fs/node.c, which previously allowed local users to cause a denial of service (bnc#1087036).\n- CVE-2019-3459: Fixed remote heap address information leak in use of l2cap_get_conf_opt (bnc#1120758).\n- CVE-2019-3460: Fixed remote data leak in multiple location in the function l2cap_parse_conf_rsp (bnc#1120758).\n\nThe following non-security bugs were fixed:\n\n- Disable MSI also when pcie-octeon.pcie_disable on (bnc#1012382).\n- Fix problem with sharetransport= and NFSv4 (bsc#1114893).\n- Revert \u0027bs-upload-kernel: do not set %opensuse_bs\u0027 This reverts commit e89e2b8cbef05df6c874ba70af3cb4c57f82a821.\n- Yama: Check for pid death before checking ancestry (bnc#1012382).\n- acpi / processor: Fix the return value of acpi_processor_ids_walk() (git fixes (acpi)).\n- acpi/nfit: Block function zero DSMs (bsc#1123321).\n- acpi/nfit: Fix command-supported detection (bsc#1123323).\n- acpi: power: Skip duplicate power resource references in _PRx (bnc#1012382).\n- alsa: bebob: fix model-id of unit for Apogee Ensemble (bnc#1012382).\n- alsa: hda/realtek - Disable headset Mic VREF for headset mode of ALC225 (bnc#1012382).\n- arm64/kvm: consistently handle host HCR_EL2 flags (bnc#1012382).\n- arm64: Do not trap host pointer auth use to EL2 (bnc#1012382).\n- arm64: perf: set suppress_bind_attrs flag to true (bnc#1012382).\n- ata: Fix racy link clearance (bsc#1107866).\n- block/loop: Use global lock for ioctl() operation (bnc#1012382).\n- block/swim3: Fix -EBUSY error when re-opening device after unmount (Git-fixes).\n- Btrfs: tree-check: reduce stack consumption in check_dir_item (bnc#1012382).\n- Btrfs: tree-checker: Check level for leaves and nodes (bnc#1012382).\n- Btrfs: tree-checker: Do not check max block group size as current max chunk size limit is unreliable (fixes for bnc#1012382 bsc#1102875 bsc#1102877 bsc#1102879 bsc#1102882 bsc#1102896).\n- Btrfs: tree-checker: Fix misleading group system information (bnc#1012382).\n- Btrfs: validate type when reading a chunk (bnc#1012382).\n- Btrfs: wait on ordered extents on abort cleanup (bnc#1012382).\n- can: gw: ensure DLC boundaries after CAN frame modification (bnc#1012382).\n- cifs: Do not hide EINTR after sending network packets (bnc#1012382).\n- cifs: Fix potential OOB access of lock element array (bnc#1012382).\n- clk: imx6q: reset exclusive gates on init (bnc#1012382).\n- crypto: authenc - fix parsing key with misaligned rta_len (bnc#1012382).\n- crypto: authencesn - Avoid twice completion call in decrypt path (bnc#1012382).\n- crypto: cts - fix crash on short inputs (bnc#1012382).\n- crypto: user - support incremental algorithm dumps (bsc#1120902).\n- dm crypt: add cryptographic data integrity protection (authenticated encryption) (Git-fixes).\n- dm crypt: factor IV constructor out to separate function (Git-fixes).\n- dm crypt: fix crash by adding missing check for auth key size (git-fixes).\n- dm crypt: fix error return code in crypt_ctr() (git-fixes).\n- dm crypt: fix memory leak in crypt_ctr_cipher_old() (git-fixes).\n- dm crypt: introduce new format of cipher with \u0027capi:\u0027 prefix (Git-fixes).\n- dm crypt: wipe kernel key copy after IV initialization (Git-fixes).\n- dm kcopyd: Fix bug causing workqueue stalls (bnc#1012382).\n- dm snapshot: Fix excessive memory usage and workqueue stalls (bnc#1012382).\n- dm: do not allow readahead to limit IO size (git fixes (readahead)).\n- e1000e: allow non-monotonic SYSTIM readings (bnc#1012382).\n- edac: Raise the maximum number of memory controllers (bsc#1120722).\n- efi/libstub/arm64: Use hidden attribute for struct screen_info reference (bsc#1122650).\n- ext4: Fix crash during online resizing (bsc#1122779).\n- ext4: fix a potential fiemap/page fault deadlock w/ inline_data (bnc#1012382).\n- f2fs: Add sanity_check_inode() function (bnc#1012382).\n- f2fs: avoid unneeded loop in build_sit_entries (bnc#1012382).\n- f2fs: check blkaddr more accuratly before issue a bio (bnc#1012382).\n- f2fs: clean up argument of recover_data (bnc#1012382).\n- f2fs: clean up with is_valid_blkaddr() (bnc#1012382).\n- f2fs: detect wrong layout (bnc#1012382).\n- f2fs: enhance sanity_check_raw_super() to avoid potential overflow (bnc#1012382).\n- f2fs: factor out fsync inode entry operations (bnc#1012382).\n- f2fs: fix inode cache leak (bnc#1012382).\n- f2fs: fix invalid memory access (bnc#1012382).\n- f2fs: fix missing up_read (bnc#1012382).\n- f2fs: fix to avoid reading out encrypted data in page cache (bnc#1012382).\n- f2fs: fix to convert inline directory correctly (bnc#1012382).\n- f2fs: fix to determine start_cp_addr by sbi-\u003ecur_cp_pack (bnc#1012382).\n- f2fs: fix to do sanity check with block address in main area (bnc#1012382).\n- f2fs: fix to do sanity check with block address in main area v2 (bnc#1012382).\n- f2fs: fix to do sanity check with cp_pack_start_sum (bnc#1012382).\n- f2fs: fix to do sanity check with node footer and iblocks (bnc#1012382).\n- f2fs: fix to do sanity check with reserved blkaddr of inline inode (bnc#1012382).\n- f2fs: fix to do sanity check with secs_per_zone (bnc#1012382).\n- f2fs: fix to do sanity check with user_block_count (bnc#1012382).\n- f2fs: fix validation of the block count in sanity_check_raw_super (bnc#1012382).\n- f2fs: free meta pages if sanity check for ckpt is failed (bnc#1012382).\n- f2fs: give -EINVAL for norecovery and rw mount (bnc#1012382).\n- f2fs: introduce and spread verify_blkaddr (bnc#1012382).\n- f2fs: introduce get_checkpoint_version for cleanup (bnc#1012382).\n- f2fs: move sanity checking of cp into get_valid_checkpoint (bnc#1012382).\n- f2fs: not allow to write illegal blkaddr (bnc#1012382).\n- f2fs: put directory inodes before checkpoint in roll-forward recovery (bnc#1012382).\n- f2fs: remove an obsolete variable (bnc#1012382).\n- f2fs: return error during fill_super (bnc#1012382).\n- f2fs: sanity check on sit entry (bnc#1012382).\n- f2fs: use crc and cp version to determine roll-forward recovery (bnc#1012382).\n- gpiolib: Fix return value of gpio_to_desc() stub if !GPIOLIB (Git-fixes).\n- i2c: dev: prevent adapter retries and timeout being set as minus value (bnc#1012382).\n- ibmveth: Do not process frames after calling napi_reschedule (bcs#1123357).\n- ibmvnic: Add ethtool private flag for driver-defined queue limits (bsc#1121726).\n- ibmvnic: Increase maximum queue size limit (bsc#1121726).\n- ibmvnic: Introduce driver limits for ring sizes (bsc#1121726).\n- iommu/amd: Call free_iova_fast with pfn in map_sg (bsc#1106105).\n- iommu/amd: Fix IOMMU page flush when detach device from a domain (bsc#1106105).\n- iommu/amd: Unmap all mapped pages in error path of map_sg (bsc#1106105).\n- iommu/vt-d: Fix memory leak in intel_iommu_put_resv_regions() (bsc#1106105).\n- ip: on queued skb use skb_header_pointer instead of pskb_may_pull (bnc#1012382).\n- ipmi:ssif: Fix handling of multi-part return messages (bnc#1012382).\n- ipv6: Consider sk_bound_dev_if when binding a socket to a v4 mapped address (bnc#1012382).\n- ipv6: Take rcu_read_lock in __inet6_bind for mapped addresses (bnc#1012382).\n- ipv6: fix kernel-infoleak in ipv6_local_error() (bnc#1012382).\n- jffs2: Fix use of uninitialized delayed_work, lockdep breakage (bnc#1012382).\n- kabi: reorder new slabinfo fields in struct kmem_cache_node (bnc#1116653).\n- kconfig: fix file name and line number of warn_ignored_character() (bnc#1012382).\n- kconfig: fix memory leak when EOF is encountered in quotation (bnc#1012382).\n- loop: Fix double mutex_unlock(\u0026loop_ctl_mutex) in loop_control_ioctl() (bnc#1012382).\n- loop: Fold __loop_release into loop_release (bnc#1012382).\n- loop: Get rid of loop_index_mutex (bnc#1012382).\n- lsm: Check for NULL cred-security on free (bnc#1012382).\n- md: batch flush requests (bsc#1119680).\n- media: em28xx: Fix misplaced reset of dev-\u003ev4l::field_count (bnc#1012382).\n- media: firewire: Fix app_info parameter type in avc_ca{,_app}_info (bnc#1012382).\n- media: vb2: be sure to unlock mutex on errors (bnc#1012382).\n- media: vb2: vb2_mmap: move lock up (bnc#1012382).\n- media: vivid: fix error handling of kthread_run (bnc#1012382).\n- media: vivid: set min width/height to a value \u003e 0 (bnc#1012382).\n- mfd: tps6586x: Handle interrupts on suspend (bnc#1012382).\n- mips: SiByte: Enable swiotlb for SWARM, LittleSur and BigSur (bnc#1012382).\n- mips: fix n32 compat_ipc_parse_version (bnc#1012382).\n- mm, proc: be more verbose about unstable VMA flags in /proc/\u0026lt;pid\u003e/smaps (bnc#1012382).\n- mm, slab: faster active and free stats (bsc#1116653, VM Performance).\n- mm, slab: maintain total slab count instead of active count (bsc#1116653, VM Performance).\n- mm/page-writeback.c: do not break integrity writeback on -\u003ewritepage() error (bnc#1012382).\n- mm/slab: improve performance of gathering slabinfo stats (bsc#1116653, VM Performance).\n- mm: only report isolation failures when offlining memory (generic hotplug debugability).\n- mmc: atmel-mci: do not assume idle after atmci_request_end (bnc#1012382).\n- net: bridge: fix a bug on using a neighbour cache entry without checking its state (bnc#1012382).\n- net: call sk_dst_reset when set SO_DONTROUTE (bnc#1012382).\n- net: speed up skb_rbtree_purge() (bnc#1012382).\n- ocfs2: fix panic due to unrecovered local alloc (bnc#1012382).\n- omap2fb: Fix stack memory disclosure (bsc#1106929)\n- packet: Do not leak dev refcounts on error exit (bnc#1012382).\n- pci: altera: Check link status before retrain link (bnc#1012382).\n- pci: altera: Fix altera_pcie_link_is_up() (bnc#1012382).\n- pci: altera: Move retrain from fixup to altera_pcie_host_init() (bnc#1012382).\n- pci: altera: Poll for link training status after retraining the link (bnc#1012382).\n- pci: altera: Poll for link up status after retraining the link (bnc#1012382).\n- pci: altera: Reorder read/write functions (bnc#1012382).\n- pci: altera: Rework config accessors for use without a struct pci_bus (bnc#1012382).\n- perf intel-pt: Fix error with config term \u0027pt=0\u0027 (bnc#1012382).\n- perf parse-events: Fix unchecked usage of strncpy() (bnc#1012382).\n- perf svghelper: Fix unchecked usage of strncpy() (bnc#1012382).\n- platform/x86: asus-wmi: Tell the EC the OS will handle the display off hotkey (bnc#1012382).\n- powerpc, hotplug: Avoid to touch non-existent cpumasks (bsc#1109695).\n- powerpc/cacheinfo: Report the correct shared_cpu_map on big-cores (bsc#1109695).\n- powerpc/pseries/cpuidle: Fix preempt warning (bnc#1012382).\n- powerpc/setup: Add cpu_to_phys_id array (bsc#1109695).\n- powerpc/smp: Add Power9 scheduler topology (bsc#1109695).\n- powerpc/smp: Add cpu_l2_cache_map (bsc#1109695).\n- powerpc/smp: Rework CPU topology construction (bsc#1109695).\n- powerpc/smp: Use cpu_to_chip_id() to find core siblings (bsc#1109695).\n- powerpc/xmon: Fix invocation inside lock region (bsc#1122885).\n- powerpc: Detect the presence of big-cores via \u0027ibm, thread-groups\u0027 (bsc#1109695).\n- powerpc: Use cpu_smallcore_sibling_mask at SMT level on bigcores (bsc#1109695).\n- powerpc: make use of for_each_node_by_type() instead of open-coding it (bsc#1109695).\n- proc: Remove empty line in /proc/self/status (bnc#1012382 bsc#1094823).\n- pstore/ram: Do not treat empty buffers as valid (bnc#1012382).\n- r8169: Add support for new Realtek Ethernet (bnc#1012382).\n- scsi: megaraid: fix out-of-bound array accesses (bnc#1012382).\n- scsi: sd: Fix cache_type_store() (bnc#1012382).\n- scsi: target: use consistent left-aligned ASCII INQUIRY data (bnc#1012382).\n- sctp: allocate sctp_sockaddr_entry with kzalloc (bnc#1012382).\n- selinux: fix GPF on invalid policy (bnc#1012382).\n- slab: alien caches must not be initialized if the allocation of the alien cache failed (bnc#1012382).\n- sunrpc: handle ENOMEM in rpcb_getport_async (bnc#1012382).\n- sysfs: Disable lockdep for driver bind/unbind files (bnc#1012382).\n- tipc: fix uninit-value in tipc_nl_compat_bearer_enable (bnc#1012382).\n- tipc: fix uninit-value in tipc_nl_compat_doit (bnc#1012382).\n- tipc: fix uninit-value in tipc_nl_compat_link_reset_stats (bnc#1012382).\n- tipc: fix uninit-value in tipc_nl_compat_link_set (bnc#1012382).\n- tipc: fix uninit-value in tipc_nl_compat_name_table_dump (bnc#1012382).\n- tty/ldsem: Wake up readers after timed out down_write() (bnc#1012382).\n- usb: Add USB_QUIRK_DELAY_CTRL_MSG quirk for Corsair K70 RGB (bnc#1012382).\n- usb: cdc-acm: send ZLP for Telit 3G Intel based modems (bnc#1012382).\n- usb: storage: add quirk for SMI SM3350 (bnc#1012382).\n- usb: storage: do not insert sane sense for SPC3+ when bad sense specified (bnc#1012382).\n- writeback: do not decrement wb-\u003erefcnt if !wb-\u003ebdi (git fixes (writeback)).\n- x86/pkeys: Properly copy pkey state at fork() (bsc#1106105).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2019-470,SUSE-SLE-RT-12-SP3-2019-470",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2019_0470-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2019:0470-1",
"url": "https://www.suse.com/support/update/announcement/2019/suse-su-20190470-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2019:0470-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2019-February/005147.html"
},
{
"category": "self",
"summary": "SUSE Bug 1012382",
"url": "https://bugzilla.suse.com/1012382"
},
{
"category": "self",
"summary": "SUSE Bug 1023175",
"url": "https://bugzilla.suse.com/1023175"
},
{
"category": "self",
"summary": "SUSE Bug 1087036",
"url": "https://bugzilla.suse.com/1087036"
},
{
"category": "self",
"summary": "SUSE Bug 1094823",
"url": "https://bugzilla.suse.com/1094823"
},
{
"category": "self",
"summary": "SUSE Bug 1102875",
"url": "https://bugzilla.suse.com/1102875"
},
{
"category": "self",
"summary": "SUSE Bug 1102877",
"url": "https://bugzilla.suse.com/1102877"
},
{
"category": "self",
"summary": "SUSE Bug 1102879",
"url": "https://bugzilla.suse.com/1102879"
},
{
"category": "self",
"summary": "SUSE Bug 1102882",
"url": "https://bugzilla.suse.com/1102882"
},
{
"category": "self",
"summary": "SUSE Bug 1102896",
"url": "https://bugzilla.suse.com/1102896"
},
{
"category": "self",
"summary": "SUSE Bug 1106105",
"url": "https://bugzilla.suse.com/1106105"
},
{
"category": "self",
"summary": "SUSE Bug 1106929",
"url": "https://bugzilla.suse.com/1106929"
},
{
"category": "self",
"summary": "SUSE Bug 1107866",
"url": "https://bugzilla.suse.com/1107866"
},
{
"category": "self",
"summary": "SUSE Bug 1109695",
"url": "https://bugzilla.suse.com/1109695"
},
{
"category": "self",
"summary": "SUSE Bug 1114893",
"url": "https://bugzilla.suse.com/1114893"
},
{
"category": "self",
"summary": "SUSE Bug 1116653",
"url": "https://bugzilla.suse.com/1116653"
},
{
"category": "self",
"summary": "SUSE Bug 1119680",
"url": "https://bugzilla.suse.com/1119680"
},
{
"category": "self",
"summary": "SUSE Bug 1120722",
"url": "https://bugzilla.suse.com/1120722"
},
{
"category": "self",
"summary": "SUSE Bug 1120758",
"url": "https://bugzilla.suse.com/1120758"
},
{
"category": "self",
"summary": "SUSE Bug 1120902",
"url": "https://bugzilla.suse.com/1120902"
},
{
"category": "self",
"summary": "SUSE Bug 1121726",
"url": "https://bugzilla.suse.com/1121726"
},
{
"category": "self",
"summary": "SUSE Bug 1122650",
"url": "https://bugzilla.suse.com/1122650"
},
{
"category": "self",
"summary": "SUSE Bug 1122651",
"url": "https://bugzilla.suse.com/1122651"
},
{
"category": "self",
"summary": "SUSE Bug 1122779",
"url": "https://bugzilla.suse.com/1122779"
},
{
"category": "self",
"summary": "SUSE Bug 1122885",
"url": "https://bugzilla.suse.com/1122885"
},
{
"category": "self",
"summary": "SUSE Bug 1123321",
"url": "https://bugzilla.suse.com/1123321"
},
{
"category": "self",
"summary": "SUSE Bug 1123323",
"url": "https://bugzilla.suse.com/1123323"
},
{
"category": "self",
"summary": "SUSE Bug 1123357",
"url": "https://bugzilla.suse.com/1123357"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-18249 page",
"url": "https://www.suse.com/security/cve/CVE-2017-18249/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-3459 page",
"url": "https://www.suse.com/security/cve/CVE-2019-3459/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-3460 page",
"url": "https://www.suse.com/security/cve/CVE-2019-3460/"
}
],
"title": "Security update for the Linux Kernel",
"tracking": {
"current_release_date": "2019-02-22T12:47:15Z",
"generator": {
"date": "2019-02-22T12:47:15Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2019:0470-1",
"initial_release_date": "2019-02-22T12:47:15Z",
"revision_history": [
{
"date": "2019-02-22T12:47:15Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "kernel-devel-rt-4.4.172-3.35.1.noarch",
"product": {
"name": "kernel-devel-rt-4.4.172-3.35.1.noarch",
"product_id": "kernel-devel-rt-4.4.172-3.35.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-source-rt-4.4.172-3.35.1.noarch",
"product": {
"name": "kernel-source-rt-4.4.172-3.35.1.noarch",
"product_id": "kernel-source-rt-4.4.172-3.35.1.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "cluster-md-kmp-rt-4.4.172-3.35.1.x86_64",
"product": {
"name": "cluster-md-kmp-rt-4.4.172-3.35.1.x86_64",
"product_id": "cluster-md-kmp-rt-4.4.172-3.35.1.x86_64"
}
},
{
"category": "product_version",
"name": "cluster-md-kmp-rt_debug-4.4.172-3.35.1.x86_64",
"product": {
"name": "cluster-md-kmp-rt_debug-4.4.172-3.35.1.x86_64",
"product_id": "cluster-md-kmp-rt_debug-4.4.172-3.35.1.x86_64"
}
},
{
"category": "product_version",
"name": "dlm-kmp-rt-4.4.172-3.35.1.x86_64",
"product": {
"name": "dlm-kmp-rt-4.4.172-3.35.1.x86_64",
"product_id": "dlm-kmp-rt-4.4.172-3.35.1.x86_64"
}
},
{
"category": "product_version",
"name": "dlm-kmp-rt_debug-4.4.172-3.35.1.x86_64",
"product": {
"name": "dlm-kmp-rt_debug-4.4.172-3.35.1.x86_64",
"product_id": "dlm-kmp-rt_debug-4.4.172-3.35.1.x86_64"
}
},
{
"category": "product_version",
"name": "gfs2-kmp-rt-4.4.172-3.35.1.x86_64",
"product": {
"name": "gfs2-kmp-rt-4.4.172-3.35.1.x86_64",
"product_id": "gfs2-kmp-rt-4.4.172-3.35.1.x86_64"
}
},
{
"category": "product_version",
"name": "gfs2-kmp-rt_debug-4.4.172-3.35.1.x86_64",
"product": {
"name": "gfs2-kmp-rt_debug-4.4.172-3.35.1.x86_64",
"product_id": "gfs2-kmp-rt_debug-4.4.172-3.35.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt-4.4.172-3.35.1.x86_64",
"product": {
"name": "kernel-rt-4.4.172-3.35.1.x86_64",
"product_id": "kernel-rt-4.4.172-3.35.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt-base-4.4.172-3.35.1.x86_64",
"product": {
"name": "kernel-rt-base-4.4.172-3.35.1.x86_64",
"product_id": "kernel-rt-base-4.4.172-3.35.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt-devel-4.4.172-3.35.1.x86_64",
"product": {
"name": "kernel-rt-devel-4.4.172-3.35.1.x86_64",
"product_id": "kernel-rt-devel-4.4.172-3.35.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt-extra-4.4.172-3.35.1.x86_64",
"product": {
"name": "kernel-rt-extra-4.4.172-3.35.1.x86_64",
"product_id": "kernel-rt-extra-4.4.172-3.35.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt-kgraft-4.4.172-3.35.1.x86_64",
"product": {
"name": "kernel-rt-kgraft-4.4.172-3.35.1.x86_64",
"product_id": "kernel-rt-kgraft-4.4.172-3.35.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt_debug-4.4.172-3.35.1.x86_64",
"product": {
"name": "kernel-rt_debug-4.4.172-3.35.1.x86_64",
"product_id": "kernel-rt_debug-4.4.172-3.35.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt_debug-base-4.4.172-3.35.1.x86_64",
"product": {
"name": "kernel-rt_debug-base-4.4.172-3.35.1.x86_64",
"product_id": "kernel-rt_debug-base-4.4.172-3.35.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt_debug-devel-4.4.172-3.35.1.x86_64",
"product": {
"name": "kernel-rt_debug-devel-4.4.172-3.35.1.x86_64",
"product_id": "kernel-rt_debug-devel-4.4.172-3.35.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt_debug-extra-4.4.172-3.35.1.x86_64",
"product": {
"name": "kernel-rt_debug-extra-4.4.172-3.35.1.x86_64",
"product_id": "kernel-rt_debug-extra-4.4.172-3.35.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt_debug-kgraft-4.4.172-3.35.1.x86_64",
"product": {
"name": "kernel-rt_debug-kgraft-4.4.172-3.35.1.x86_64",
"product_id": "kernel-rt_debug-kgraft-4.4.172-3.35.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-syms-rt-4.4.172-3.35.1.x86_64",
"product": {
"name": "kernel-syms-rt-4.4.172-3.35.1.x86_64",
"product_id": "kernel-syms-rt-4.4.172-3.35.1.x86_64"
}
},
{
"category": "product_version",
"name": "kselftests-kmp-rt-4.4.172-3.35.1.x86_64",
"product": {
"name": "kselftests-kmp-rt-4.4.172-3.35.1.x86_64",
"product_id": "kselftests-kmp-rt-4.4.172-3.35.1.x86_64"
}
},
{
"category": "product_version",
"name": "kselftests-kmp-rt_debug-4.4.172-3.35.1.x86_64",
"product": {
"name": "kselftests-kmp-rt_debug-4.4.172-3.35.1.x86_64",
"product_id": "kselftests-kmp-rt_debug-4.4.172-3.35.1.x86_64"
}
},
{
"category": "product_version",
"name": "ocfs2-kmp-rt-4.4.172-3.35.1.x86_64",
"product": {
"name": "ocfs2-kmp-rt-4.4.172-3.35.1.x86_64",
"product_id": "ocfs2-kmp-rt-4.4.172-3.35.1.x86_64"
}
},
{
"category": "product_version",
"name": "ocfs2-kmp-rt_debug-4.4.172-3.35.1.x86_64",
"product": {
"name": "ocfs2-kmp-rt_debug-4.4.172-3.35.1.x86_64",
"product_id": "ocfs2-kmp-rt_debug-4.4.172-3.35.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Real Time 12 SP3",
"product": {
"name": "SUSE Linux Enterprise Real Time 12 SP3",
"product_id": "SUSE Linux Enterprise Real Time 12 SP3",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse-linux-enterprise-rt:12:sp3"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "cluster-md-kmp-rt-4.4.172-3.35.1.x86_64 as component of SUSE Linux Enterprise Real Time 12 SP3",
"product_id": "SUSE Linux Enterprise Real Time 12 SP3:cluster-md-kmp-rt-4.4.172-3.35.1.x86_64"
},
"product_reference": "cluster-md-kmp-rt-4.4.172-3.35.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Real Time 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dlm-kmp-rt-4.4.172-3.35.1.x86_64 as component of SUSE Linux Enterprise Real Time 12 SP3",
"product_id": "SUSE Linux Enterprise Real Time 12 SP3:dlm-kmp-rt-4.4.172-3.35.1.x86_64"
},
"product_reference": "dlm-kmp-rt-4.4.172-3.35.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Real Time 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gfs2-kmp-rt-4.4.172-3.35.1.x86_64 as component of SUSE Linux Enterprise Real Time 12 SP3",
"product_id": "SUSE Linux Enterprise Real Time 12 SP3:gfs2-kmp-rt-4.4.172-3.35.1.x86_64"
},
"product_reference": "gfs2-kmp-rt-4.4.172-3.35.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Real Time 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-devel-rt-4.4.172-3.35.1.noarch as component of SUSE Linux Enterprise Real Time 12 SP3",
"product_id": "SUSE Linux Enterprise Real Time 12 SP3:kernel-devel-rt-4.4.172-3.35.1.noarch"
},
"product_reference": "kernel-devel-rt-4.4.172-3.35.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Real Time 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-4.4.172-3.35.1.x86_64 as component of SUSE Linux Enterprise Real Time 12 SP3",
"product_id": "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-4.4.172-3.35.1.x86_64"
},
"product_reference": "kernel-rt-4.4.172-3.35.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Real Time 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-base-4.4.172-3.35.1.x86_64 as component of SUSE Linux Enterprise Real Time 12 SP3",
"product_id": "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-base-4.4.172-3.35.1.x86_64"
},
"product_reference": "kernel-rt-base-4.4.172-3.35.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Real Time 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-devel-4.4.172-3.35.1.x86_64 as component of SUSE Linux Enterprise Real Time 12 SP3",
"product_id": "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-devel-4.4.172-3.35.1.x86_64"
},
"product_reference": "kernel-rt-devel-4.4.172-3.35.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Real Time 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt_debug-devel-4.4.172-3.35.1.x86_64 as component of SUSE Linux Enterprise Real Time 12 SP3",
"product_id": "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt_debug-devel-4.4.172-3.35.1.x86_64"
},
"product_reference": "kernel-rt_debug-devel-4.4.172-3.35.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Real Time 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-source-rt-4.4.172-3.35.1.noarch as component of SUSE Linux Enterprise Real Time 12 SP3",
"product_id": "SUSE Linux Enterprise Real Time 12 SP3:kernel-source-rt-4.4.172-3.35.1.noarch"
},
"product_reference": "kernel-source-rt-4.4.172-3.35.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Real Time 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-rt-4.4.172-3.35.1.x86_64 as component of SUSE Linux Enterprise Real Time 12 SP3",
"product_id": "SUSE Linux Enterprise Real Time 12 SP3:kernel-syms-rt-4.4.172-3.35.1.x86_64"
},
"product_reference": "kernel-syms-rt-4.4.172-3.35.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Real Time 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ocfs2-kmp-rt-4.4.172-3.35.1.x86_64 as component of SUSE Linux Enterprise Real Time 12 SP3",
"product_id": "SUSE Linux Enterprise Real Time 12 SP3:ocfs2-kmp-rt-4.4.172-3.35.1.x86_64"
},
"product_reference": "ocfs2-kmp-rt-4.4.172-3.35.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Real Time 12 SP3"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2017-18249",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-18249"
}
],
"notes": [
{
"category": "general",
"text": "The add_free_nid function in fs/f2fs/node.c in the Linux kernel before 4.12 does not properly track an allocated nid, which allows local users to cause a denial of service (race condition) or possibly have unspecified other impact via concurrent threads.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP3:cluster-md-kmp-rt-4.4.172-3.35.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:dlm-kmp-rt-4.4.172-3.35.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:gfs2-kmp-rt-4.4.172-3.35.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-devel-rt-4.4.172-3.35.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-4.4.172-3.35.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-base-4.4.172-3.35.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-devel-4.4.172-3.35.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt_debug-devel-4.4.172-3.35.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-source-rt-4.4.172-3.35.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-syms-rt-4.4.172-3.35.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:ocfs2-kmp-rt-4.4.172-3.35.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-18249",
"url": "https://www.suse.com/security/cve/CVE-2017-18249"
},
{
"category": "external",
"summary": "SUSE Bug 1087036 for CVE-2017-18249",
"url": "https://bugzilla.suse.com/1087036"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP3:cluster-md-kmp-rt-4.4.172-3.35.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:dlm-kmp-rt-4.4.172-3.35.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:gfs2-kmp-rt-4.4.172-3.35.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-devel-rt-4.4.172-3.35.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-4.4.172-3.35.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-base-4.4.172-3.35.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-devel-4.4.172-3.35.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt_debug-devel-4.4.172-3.35.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-source-rt-4.4.172-3.35.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-syms-rt-4.4.172-3.35.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:ocfs2-kmp-rt-4.4.172-3.35.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP3:cluster-md-kmp-rt-4.4.172-3.35.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:dlm-kmp-rt-4.4.172-3.35.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:gfs2-kmp-rt-4.4.172-3.35.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-devel-rt-4.4.172-3.35.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-4.4.172-3.35.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-base-4.4.172-3.35.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-devel-4.4.172-3.35.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt_debug-devel-4.4.172-3.35.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-source-rt-4.4.172-3.35.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-syms-rt-4.4.172-3.35.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:ocfs2-kmp-rt-4.4.172-3.35.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-02-22T12:47:15Z",
"details": "moderate"
}
],
"title": "CVE-2017-18249"
},
{
"cve": "CVE-2019-3459",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-3459"
}
],
"notes": [
{
"category": "general",
"text": "A heap address information leak while using L2CAP_GET_CONF_OPT was discovered in the Linux kernel before 5.1-rc1.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP3:cluster-md-kmp-rt-4.4.172-3.35.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:dlm-kmp-rt-4.4.172-3.35.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:gfs2-kmp-rt-4.4.172-3.35.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-devel-rt-4.4.172-3.35.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-4.4.172-3.35.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-base-4.4.172-3.35.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-devel-4.4.172-3.35.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt_debug-devel-4.4.172-3.35.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-source-rt-4.4.172-3.35.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-syms-rt-4.4.172-3.35.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:ocfs2-kmp-rt-4.4.172-3.35.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-3459",
"url": "https://www.suse.com/security/cve/CVE-2019-3459"
},
{
"category": "external",
"summary": "SUSE Bug 1120758 for CVE-2019-3459",
"url": "https://bugzilla.suse.com/1120758"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP3:cluster-md-kmp-rt-4.4.172-3.35.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:dlm-kmp-rt-4.4.172-3.35.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:gfs2-kmp-rt-4.4.172-3.35.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-devel-rt-4.4.172-3.35.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-4.4.172-3.35.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-base-4.4.172-3.35.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-devel-4.4.172-3.35.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt_debug-devel-4.4.172-3.35.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-source-rt-4.4.172-3.35.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-syms-rt-4.4.172-3.35.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:ocfs2-kmp-rt-4.4.172-3.35.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 2.6,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.0/AV:A/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP3:cluster-md-kmp-rt-4.4.172-3.35.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:dlm-kmp-rt-4.4.172-3.35.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:gfs2-kmp-rt-4.4.172-3.35.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-devel-rt-4.4.172-3.35.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-4.4.172-3.35.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-base-4.4.172-3.35.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-devel-4.4.172-3.35.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt_debug-devel-4.4.172-3.35.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-source-rt-4.4.172-3.35.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-syms-rt-4.4.172-3.35.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:ocfs2-kmp-rt-4.4.172-3.35.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-02-22T12:47:15Z",
"details": "moderate"
}
],
"title": "CVE-2019-3459"
},
{
"cve": "CVE-2019-3460",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-3460"
}
],
"notes": [
{
"category": "general",
"text": "A heap data infoleak in multiple locations including L2CAP_PARSE_CONF_RSP was found in the Linux kernel before 5.1-rc1.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP3:cluster-md-kmp-rt-4.4.172-3.35.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:dlm-kmp-rt-4.4.172-3.35.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:gfs2-kmp-rt-4.4.172-3.35.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-devel-rt-4.4.172-3.35.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-4.4.172-3.35.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-base-4.4.172-3.35.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-devel-4.4.172-3.35.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt_debug-devel-4.4.172-3.35.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-source-rt-4.4.172-3.35.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-syms-rt-4.4.172-3.35.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:ocfs2-kmp-rt-4.4.172-3.35.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-3460",
"url": "https://www.suse.com/security/cve/CVE-2019-3460"
},
{
"category": "external",
"summary": "SUSE Bug 1120758 for CVE-2019-3460",
"url": "https://bugzilla.suse.com/1120758"
},
{
"category": "external",
"summary": "SUSE Bug 1155131 for CVE-2019-3460",
"url": "https://bugzilla.suse.com/1155131"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP3:cluster-md-kmp-rt-4.4.172-3.35.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:dlm-kmp-rt-4.4.172-3.35.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:gfs2-kmp-rt-4.4.172-3.35.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-devel-rt-4.4.172-3.35.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-4.4.172-3.35.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-base-4.4.172-3.35.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-devel-4.4.172-3.35.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt_debug-devel-4.4.172-3.35.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-source-rt-4.4.172-3.35.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-syms-rt-4.4.172-3.35.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:ocfs2-kmp-rt-4.4.172-3.35.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 2.6,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.0/AV:A/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP3:cluster-md-kmp-rt-4.4.172-3.35.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:dlm-kmp-rt-4.4.172-3.35.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:gfs2-kmp-rt-4.4.172-3.35.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-devel-rt-4.4.172-3.35.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-4.4.172-3.35.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-base-4.4.172-3.35.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-devel-4.4.172-3.35.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt_debug-devel-4.4.172-3.35.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-source-rt-4.4.172-3.35.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-syms-rt-4.4.172-3.35.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:ocfs2-kmp-rt-4.4.172-3.35.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-02-22T12:47:15Z",
"details": "moderate"
}
],
"title": "CVE-2019-3460"
}
]
}
suse-su-2018:1855-2
Vulnerability from csaf_suse
Published
2018-10-18 12:47
Modified
2018-10-18 12:47
Summary
Security update for the Linux Kernel
Notes
Title of the patch
Security update for the Linux Kernel
Description of the patch
The SUSE Linux Enterprise 12 SP2 LTSS kernel was updated receive various security and bugfixes.
The following security bugs were fixed:
- CVE-2018-5848: In the function wmi_set_ie(), the length validation code did
not handle unsigned integer overflow properly. As a result, a large value of
the 'ie_len' argument could have caused a buffer overflow (bnc#1097356)
- CVE-2018-1000204: Prevent infoleak caused by incorrect handling of the SG_IO
ioctl (bsc#1096728).
- CVE-2017-18249: The add_free_nid function did not properly track an allocated
nid, which allowed local users to cause a denial of service (race condition) or
possibly have unspecified other impact via concurrent threads (bnc#1087036)
- CVE-2018-3665: Prevent disclosure of FPU registers (including XMM and AVX
registers) between processes. These registers might contain encryption keys
when doing SSE accelerated AES enc/decryption (bsc#1087086)
- CVE-2017-18241: Prevent a NULL pointer dereference by using a noflush_merge
option that triggers a NULL value for a flush_cmd_control data structure
(bnc#1086400)
- CVE-2017-13305: Prevent information disclosure vulnerability in
encrypted-keys (bsc#1094353).
- CVE-2018-1093: The ext4_valid_block_bitmap function allowed attackers to
cause a denial of service (out-of-bounds read and system crash) via a crafted
ext4 image because balloc.c and ialloc.c did not validate bitmap block numbers
(bsc#1087095).
- CVE-2018-1094: The ext4_fill_super function did not always initialize the
crc32c checksum driver, which allowed attackers to cause a denial of service
(ext4_xattr_inode_hash NULL pointer dereference and system crash) via a crafted
ext4 image (bsc#1087007).
- CVE-2018-1092: The ext4_iget function mishandled the case of a root directory
with a zero i_links_count, which allowed attackers to cause a denial of service
(ext4_process_freed_data NULL pointer dereference and OOPS) via a crafted ext4
image (bsc#1087012).
- CVE-2018-1130: NULL pointer dereference in dccp_write_xmit() function that
allowed a local user to cause a denial of service by a number of certain
crafted system calls (bsc#1092904).
- CVE-2018-1065: The netfilter subsystem mishandled the case of a rule blob
that contains a jump but lacks a user-defined chain, which allowed local users
to cause a denial of service (NULL pointer dereference) by leveraging the
CAP_NET_RAW or CAP_NET_ADMIN capability (bsc#1083650).
- CVE-2018-5803: Prevent error in the '_sctp_make_chunk()' function when
handling SCTP packets length that could have been exploited to cause a kernel
crash (bnc#1083900).
- CVE-2018-7492: Prevent NULL pointer dereference in the net/rds/rdma.c
__rds_rdma_map() function that allowed local attackers to cause a system panic
and a denial-of-service, related to RDS_GET_MR and RDS_GET_MR_FOR_DEST
(bsc#1082962).
- CVE-2018-1000199: Prevent vulnerability in modify_user_hw_breakpoint() that
could have caused a crash and possibly memory corruption (bsc#1089895).
The following non-security bugs were fixed:
- ALSA: timer: Fix pause event notification (bsc#973378).
- Fix excessive newline in /proc/*/status (bsc#1094823).
- Fix the patch content (bsc#1085185)
- KVM: x86: Sync back MSR_IA32_SPEC_CTRL to VCPU data structure (bsc#1096242, bsc#1096281).
- Revert 'bs-upload-kernel: do not set %opensuse_bs' This reverts commit e89e2b8cbef05df6c874ba70af3cb4c57f82a821.
- ipv6: add mtu lock check in __ip6_rt_update_pmtu (bsc#1092552).
- ipv6: omit traffic class when calculating flow hash (bsc#1095042).
- kgraft/bnx2fc: Do not block kGraft in bnx2fc_l2_rcv kthread (bsc#1094033).
- mm, page_alloc: do not break __GFP_THISNODE by zonelist reset (bsc#1079152, VM Functionality).
- x86/boot: Fix early command-line parsing when partial word matches (bsc#1096140).
- x86/bugs: IBRS: make runtime disabling fully dynamic (bsc#1096281).
- x86/bugs: Respect retpoline command line option (bsc#1068032).
- x86/bugs: correctly force-disable IBRS on !SKL systems (bsc#1092497).
- x86/bugs: spec_ctrl must be cleared from cpu_caps_set when being disabled (bsc#1096140).
- x86/kaiser: export symbol kaiser_set_shadow_pgd() (bsc#1092813)
- xfs: convert XFS_AGFL_SIZE to a helper function (bsc#1090955, bsc#1090534).
- xfs: detect agfl count corruption and reset agfl (bsc#1090955, bsc#1090534).
- xfs: do not log/recover swapext extent owner changes for deleted inodes (bsc#1090955).
Patchnames
SUSE-SLE-SERVER-12-SP2-BCL-2018-1251
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for the Linux Kernel",
"title": "Title of the patch"
},
{
"category": "description",
"text": "\nThe SUSE Linux Enterprise 12 SP2 LTSS kernel was updated receive various security and bugfixes.\n\nThe following security bugs were fixed:\n\n- CVE-2018-5848: In the function wmi_set_ie(), the length validation code did\n not handle unsigned integer overflow properly. As a result, a large value of\n the \u0027ie_len\u0027 argument could have caused a buffer overflow (bnc#1097356)\n- CVE-2018-1000204: Prevent infoleak caused by incorrect handling of the SG_IO\n ioctl (bsc#1096728).\n- CVE-2017-18249: The add_free_nid function did not properly track an allocated\n nid, which allowed local users to cause a denial of service (race condition) or\n possibly have unspecified other impact via concurrent threads (bnc#1087036)\n- CVE-2018-3665: Prevent disclosure of FPU registers (including XMM and AVX\n registers) between processes. These registers might contain encryption keys\n when doing SSE accelerated AES enc/decryption (bsc#1087086)\n- CVE-2017-18241: Prevent a NULL pointer dereference by using a noflush_merge\n option that triggers a NULL value for a flush_cmd_control data structure\n (bnc#1086400)\n- CVE-2017-13305: Prevent information disclosure vulnerability in\n encrypted-keys (bsc#1094353).\n- CVE-2018-1093: The ext4_valid_block_bitmap function allowed attackers to\n cause a denial of service (out-of-bounds read and system crash) via a crafted\n ext4 image because balloc.c and ialloc.c did not validate bitmap block numbers\n (bsc#1087095).\n- CVE-2018-1094: The ext4_fill_super function did not always initialize the\n crc32c checksum driver, which allowed attackers to cause a denial of service\n (ext4_xattr_inode_hash NULL pointer dereference and system crash) via a crafted\n ext4 image (bsc#1087007).\n- CVE-2018-1092: The ext4_iget function mishandled the case of a root directory\n with a zero i_links_count, which allowed attackers to cause a denial of service\n (ext4_process_freed_data NULL pointer dereference and OOPS) via a crafted ext4\n image (bsc#1087012).\n- CVE-2018-1130: NULL pointer dereference in dccp_write_xmit() function that\n allowed a local user to cause a denial of service by a number of certain\n crafted system calls (bsc#1092904).\n- CVE-2018-1065: The netfilter subsystem mishandled the case of a rule blob\n that contains a jump but lacks a user-defined chain, which allowed local users\n to cause a denial of service (NULL pointer dereference) by leveraging the\n CAP_NET_RAW or CAP_NET_ADMIN capability (bsc#1083650).\n- CVE-2018-5803: Prevent error in the \u0027_sctp_make_chunk()\u0027 function when\n handling SCTP packets length that could have been exploited to cause a kernel\n crash (bnc#1083900).\n- CVE-2018-7492: Prevent NULL pointer dereference in the net/rds/rdma.c\n __rds_rdma_map() function that allowed local attackers to cause a system panic\n and a denial-of-service, related to RDS_GET_MR and RDS_GET_MR_FOR_DEST\n (bsc#1082962).\n- CVE-2018-1000199: Prevent vulnerability in modify_user_hw_breakpoint() that\n could have caused a crash and possibly memory corruption (bsc#1089895).\n\nThe following non-security bugs were fixed:\n\n- ALSA: timer: Fix pause event notification (bsc#973378).\n- Fix excessive newline in /proc/*/status (bsc#1094823).\n- Fix the patch content (bsc#1085185)\n- KVM: x86: Sync back MSR_IA32_SPEC_CTRL to VCPU data structure (bsc#1096242, bsc#1096281).\n- Revert \u0027bs-upload-kernel: do not set %opensuse_bs\u0027 This reverts commit e89e2b8cbef05df6c874ba70af3cb4c57f82a821.\n- ipv6: add mtu lock check in __ip6_rt_update_pmtu (bsc#1092552).\n- ipv6: omit traffic class when calculating flow hash (bsc#1095042).\n- kgraft/bnx2fc: Do not block kGraft in bnx2fc_l2_rcv kthread (bsc#1094033).\n- mm, page_alloc: do not break __GFP_THISNODE by zonelist reset (bsc#1079152, VM Functionality).\n- x86/boot: Fix early command-line parsing when partial word matches (bsc#1096140).\n- x86/bugs: IBRS: make runtime disabling fully dynamic (bsc#1096281).\n- x86/bugs: Respect retpoline command line option (bsc#1068032).\n- x86/bugs: correctly force-disable IBRS on !SKL systems (bsc#1092497).\n- x86/bugs: spec_ctrl must be cleared from cpu_caps_set when being disabled (bsc#1096140).\n- x86/kaiser: export symbol kaiser_set_shadow_pgd() (bsc#1092813)\n- xfs: convert XFS_AGFL_SIZE to a helper function (bsc#1090955, bsc#1090534).\n- xfs: detect agfl count corruption and reset agfl (bsc#1090955, bsc#1090534).\n- xfs: do not log/recover swapext extent owner changes for deleted inodes (bsc#1090955).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-SLE-SERVER-12-SP2-BCL-2018-1251",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2018_1855-2.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2018:1855-2",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20181855-2/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2018:1855-2",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2018-October/004702.html"
},
{
"category": "self",
"summary": "SUSE Bug 1068032",
"url": "https://bugzilla.suse.com/1068032"
},
{
"category": "self",
"summary": "SUSE Bug 1079152",
"url": "https://bugzilla.suse.com/1079152"
},
{
"category": "self",
"summary": "SUSE Bug 1082962",
"url": "https://bugzilla.suse.com/1082962"
},
{
"category": "self",
"summary": "SUSE Bug 1083650",
"url": "https://bugzilla.suse.com/1083650"
},
{
"category": "self",
"summary": "SUSE Bug 1083900",
"url": "https://bugzilla.suse.com/1083900"
},
{
"category": "self",
"summary": "SUSE Bug 1085185",
"url": "https://bugzilla.suse.com/1085185"
},
{
"category": "self",
"summary": "SUSE Bug 1086400",
"url": "https://bugzilla.suse.com/1086400"
},
{
"category": "self",
"summary": "SUSE Bug 1087007",
"url": "https://bugzilla.suse.com/1087007"
},
{
"category": "self",
"summary": "SUSE Bug 1087012",
"url": "https://bugzilla.suse.com/1087012"
},
{
"category": "self",
"summary": "SUSE Bug 1087036",
"url": "https://bugzilla.suse.com/1087036"
},
{
"category": "self",
"summary": "SUSE Bug 1087086",
"url": "https://bugzilla.suse.com/1087086"
},
{
"category": "self",
"summary": "SUSE Bug 1087095",
"url": "https://bugzilla.suse.com/1087095"
},
{
"category": "self",
"summary": "SUSE Bug 1089895",
"url": "https://bugzilla.suse.com/1089895"
},
{
"category": "self",
"summary": "SUSE Bug 1090534",
"url": "https://bugzilla.suse.com/1090534"
},
{
"category": "self",
"summary": "SUSE Bug 1090955",
"url": "https://bugzilla.suse.com/1090955"
},
{
"category": "self",
"summary": "SUSE Bug 1092497",
"url": "https://bugzilla.suse.com/1092497"
},
{
"category": "self",
"summary": "SUSE Bug 1092552",
"url": "https://bugzilla.suse.com/1092552"
},
{
"category": "self",
"summary": "SUSE Bug 1092813",
"url": "https://bugzilla.suse.com/1092813"
},
{
"category": "self",
"summary": "SUSE Bug 1092904",
"url": "https://bugzilla.suse.com/1092904"
},
{
"category": "self",
"summary": "SUSE Bug 1094033",
"url": "https://bugzilla.suse.com/1094033"
},
{
"category": "self",
"summary": "SUSE Bug 1094353",
"url": "https://bugzilla.suse.com/1094353"
},
{
"category": "self",
"summary": "SUSE Bug 1094823",
"url": "https://bugzilla.suse.com/1094823"
},
{
"category": "self",
"summary": "SUSE Bug 1095042",
"url": "https://bugzilla.suse.com/1095042"
},
{
"category": "self",
"summary": "SUSE Bug 1096140",
"url": "https://bugzilla.suse.com/1096140"
},
{
"category": "self",
"summary": "SUSE Bug 1096242",
"url": "https://bugzilla.suse.com/1096242"
},
{
"category": "self",
"summary": "SUSE Bug 1096281",
"url": "https://bugzilla.suse.com/1096281"
},
{
"category": "self",
"summary": "SUSE Bug 1096728",
"url": "https://bugzilla.suse.com/1096728"
},
{
"category": "self",
"summary": "SUSE Bug 1097356",
"url": "https://bugzilla.suse.com/1097356"
},
{
"category": "self",
"summary": "SUSE Bug 973378",
"url": "https://bugzilla.suse.com/973378"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-13305 page",
"url": "https://www.suse.com/security/cve/CVE-2017-13305/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-18241 page",
"url": "https://www.suse.com/security/cve/CVE-2017-18241/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-18249 page",
"url": "https://www.suse.com/security/cve/CVE-2017-18249/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-1000199 page",
"url": "https://www.suse.com/security/cve/CVE-2018-1000199/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-1000204 page",
"url": "https://www.suse.com/security/cve/CVE-2018-1000204/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-1065 page",
"url": "https://www.suse.com/security/cve/CVE-2018-1065/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-1092 page",
"url": "https://www.suse.com/security/cve/CVE-2018-1092/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-1093 page",
"url": "https://www.suse.com/security/cve/CVE-2018-1093/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-1094 page",
"url": "https://www.suse.com/security/cve/CVE-2018-1094/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-1130 page",
"url": "https://www.suse.com/security/cve/CVE-2018-1130/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-3665 page",
"url": "https://www.suse.com/security/cve/CVE-2018-3665/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-5803 page",
"url": "https://www.suse.com/security/cve/CVE-2018-5803/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-5848 page",
"url": "https://www.suse.com/security/cve/CVE-2018-5848/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-7492 page",
"url": "https://www.suse.com/security/cve/CVE-2018-7492/"
}
],
"title": "Security update for the Linux Kernel",
"tracking": {
"current_release_date": "2018-10-18T12:47:06Z",
"generator": {
"date": "2018-10-18T12:47:06Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2018:1855-2",
"initial_release_date": "2018-10-18T12:47:06Z",
"revision_history": [
{
"date": "2018-10-18T12:47:06Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "kernel-devel-4.4.121-92.85.1.noarch",
"product": {
"name": "kernel-devel-4.4.121-92.85.1.noarch",
"product_id": "kernel-devel-4.4.121-92.85.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-macros-4.4.121-92.85.1.noarch",
"product": {
"name": "kernel-macros-4.4.121-92.85.1.noarch",
"product_id": "kernel-macros-4.4.121-92.85.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-source-4.4.121-92.85.1.noarch",
"product": {
"name": "kernel-source-4.4.121-92.85.1.noarch",
"product_id": "kernel-source-4.4.121-92.85.1.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-default-4.4.121-92.85.1.x86_64",
"product": {
"name": "kernel-default-4.4.121-92.85.1.x86_64",
"product_id": "kernel-default-4.4.121-92.85.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-base-4.4.121-92.85.1.x86_64",
"product": {
"name": "kernel-default-base-4.4.121-92.85.1.x86_64",
"product_id": "kernel-default-base-4.4.121-92.85.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-devel-4.4.121-92.85.1.x86_64",
"product": {
"name": "kernel-default-devel-4.4.121-92.85.1.x86_64",
"product_id": "kernel-default-devel-4.4.121-92.85.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-syms-4.4.121-92.85.1.x86_64",
"product": {
"name": "kernel-syms-4.4.121-92.85.1.x86_64",
"product_id": "kernel-syms-4.4.121-92.85.1.x86_64"
}
},
{
"category": "product_version",
"name": "kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64",
"product": {
"name": "kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64",
"product_id": "kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 12 SP2-BCL",
"product": {
"name": "SUSE Linux Enterprise Server 12 SP2-BCL",
"product_id": "SUSE Linux Enterprise Server 12 SP2-BCL",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles-bcl:12:sp2"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-4.4.121-92.85.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP2-BCL",
"product_id": "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.85.1.x86_64"
},
"product_reference": "kernel-default-4.4.121-92.85.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP2-BCL"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-base-4.4.121-92.85.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP2-BCL",
"product_id": "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.85.1.x86_64"
},
"product_reference": "kernel-default-base-4.4.121-92.85.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP2-BCL"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-4.4.121-92.85.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP2-BCL",
"product_id": "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.85.1.x86_64"
},
"product_reference": "kernel-default-devel-4.4.121-92.85.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP2-BCL"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-devel-4.4.121-92.85.1.noarch as component of SUSE Linux Enterprise Server 12 SP2-BCL",
"product_id": "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.85.1.noarch"
},
"product_reference": "kernel-devel-4.4.121-92.85.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP2-BCL"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-macros-4.4.121-92.85.1.noarch as component of SUSE Linux Enterprise Server 12 SP2-BCL",
"product_id": "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.85.1.noarch"
},
"product_reference": "kernel-macros-4.4.121-92.85.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP2-BCL"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-source-4.4.121-92.85.1.noarch as component of SUSE Linux Enterprise Server 12 SP2-BCL",
"product_id": "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.85.1.noarch"
},
"product_reference": "kernel-source-4.4.121-92.85.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP2-BCL"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-4.4.121-92.85.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP2-BCL",
"product_id": "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.85.1.x86_64"
},
"product_reference": "kernel-syms-4.4.121-92.85.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP2-BCL"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP2-BCL",
"product_id": "SUSE Linux Enterprise Server 12 SP2-BCL:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64"
},
"product_reference": "kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP2-BCL"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2017-13305",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-13305"
}
],
"notes": [
{
"category": "general",
"text": "A information disclosure vulnerability in the Upstream kernel encrypted-keys. Product: Android. Versions: Android kernel. Android ID: A-70526974.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-13305",
"url": "https://www.suse.com/security/cve/CVE-2017-13305"
},
{
"category": "external",
"summary": "SUSE Bug 1094353 for CVE-2017-13305",
"url": "https://bugzilla.suse.com/1094353"
},
{
"category": "external",
"summary": "SUSE Bug 1105412 for CVE-2017-13305",
"url": "https://bugzilla.suse.com/1105412"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-10-18T12:47:06Z",
"details": "low"
}
],
"title": "CVE-2017-13305"
},
{
"cve": "CVE-2017-18241",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-18241"
}
],
"notes": [
{
"category": "general",
"text": "fs/f2fs/segment.c in the Linux kernel before 4.13 allows local users to cause a denial of service (NULL pointer dereference and panic) by using a noflush_merge option that triggers a NULL value for a flush_cmd_control data structure.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-18241",
"url": "https://www.suse.com/security/cve/CVE-2017-18241"
},
{
"category": "external",
"summary": "SUSE Bug 1086400 for CVE-2017-18241",
"url": "https://bugzilla.suse.com/1086400"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-10-18T12:47:06Z",
"details": "moderate"
}
],
"title": "CVE-2017-18241"
},
{
"cve": "CVE-2017-18249",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-18249"
}
],
"notes": [
{
"category": "general",
"text": "The add_free_nid function in fs/f2fs/node.c in the Linux kernel before 4.12 does not properly track an allocated nid, which allows local users to cause a denial of service (race condition) or possibly have unspecified other impact via concurrent threads.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-18249",
"url": "https://www.suse.com/security/cve/CVE-2017-18249"
},
{
"category": "external",
"summary": "SUSE Bug 1087036 for CVE-2017-18249",
"url": "https://bugzilla.suse.com/1087036"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-10-18T12:47:06Z",
"details": "moderate"
}
],
"title": "CVE-2017-18249"
},
{
"cve": "CVE-2018-1000199",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-1000199"
}
],
"notes": [
{
"category": "general",
"text": "The Linux Kernel version 3.18 contains a dangerous feature vulnerability in modify_user_hw_breakpoint() that can result in crash and possibly memory corruption. This attack appear to be exploitable via local code execution and the ability to use ptrace. This vulnerability appears to have been fixed in git commit f67b15037a7a50c57f72e69a6d59941ad90a0f0f.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-1000199",
"url": "https://www.suse.com/security/cve/CVE-2018-1000199"
},
{
"category": "external",
"summary": "SUSE Bug 1089895 for CVE-2018-1000199",
"url": "https://bugzilla.suse.com/1089895"
},
{
"category": "external",
"summary": "SUSE Bug 1090036 for CVE-2018-1000199",
"url": "https://bugzilla.suse.com/1090036"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-10-18T12:47:06Z",
"details": "important"
}
],
"title": "CVE-2018-1000199"
},
{
"cve": "CVE-2018-1000204",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-1000204"
}
],
"notes": [
{
"category": "general",
"text": "Linux Kernel version 3.18 to 4.16 incorrectly handles an SG_IO ioctl on /dev/sg0 with dxfer_direction=SG_DXFER_FROM_DEV and an empty 6-byte cmdp. This may lead to copying up to 1000 kernel heap pages to the userspace. This has been fixed upstream in https://github.com/torvalds/linux/commit/a45b599ad808c3c982fdcdc12b0b8611c2f92824 already. The problem has limited scope, as users don\u0027t usually have permissions to access SCSI devices. On the other hand, e.g. the Nero user manual suggests doing `chmod o+r+w /dev/sg*` to make the devices accessible. NOTE: third parties dispute the relevance of this report, noting that the requirement for an attacker to have both the CAP_SYS_ADMIN and CAP_SYS_RAWIO capabilities makes it \"virtually impossible to exploit.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-1000204",
"url": "https://www.suse.com/security/cve/CVE-2018-1000204"
},
{
"category": "external",
"summary": "SUSE Bug 1096728 for CVE-2018-1000204",
"url": "https://bugzilla.suse.com/1096728"
},
{
"category": "external",
"summary": "SUSE Bug 1105412 for CVE-2018-1000204",
"url": "https://bugzilla.suse.com/1105412"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.2,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-10-18T12:47:06Z",
"details": "moderate"
}
],
"title": "CVE-2018-1000204"
},
{
"cve": "CVE-2018-1065",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-1065"
}
],
"notes": [
{
"category": "general",
"text": "The netfilter subsystem in the Linux kernel through 4.15.7 mishandles the case of a rule blob that contains a jump but lacks a user-defined chain, which allows local users to cause a denial of service (NULL pointer dereference) by leveraging the CAP_NET_RAW or CAP_NET_ADMIN capability, related to arpt_do_table in net/ipv4/netfilter/arp_tables.c, ipt_do_table in net/ipv4/netfilter/ip_tables.c, and ip6t_do_table in net/ipv6/netfilter/ip6_tables.c.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-1065",
"url": "https://www.suse.com/security/cve/CVE-2018-1065"
},
{
"category": "external",
"summary": "SUSE Bug 1083650 for CVE-2018-1065",
"url": "https://bugzilla.suse.com/1083650"
},
{
"category": "external",
"summary": "SUSE Bug 1087082 for CVE-2018-1065",
"url": "https://bugzilla.suse.com/1087082"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-10-18T12:47:06Z",
"details": "moderate"
}
],
"title": "CVE-2018-1065"
},
{
"cve": "CVE-2018-1092",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-1092"
}
],
"notes": [
{
"category": "general",
"text": "The ext4_iget function in fs/ext4/inode.c in the Linux kernel through 4.15.15 mishandles the case of a root directory with a zero i_links_count, which allows attackers to cause a denial of service (ext4_process_freed_data NULL pointer dereference and OOPS) via a crafted ext4 image.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-1092",
"url": "https://www.suse.com/security/cve/CVE-2018-1092"
},
{
"category": "external",
"summary": "SUSE Bug 1087012 for CVE-2018-1092",
"url": "https://bugzilla.suse.com/1087012"
},
{
"category": "external",
"summary": "SUSE Bug 1087082 for CVE-2018-1092",
"url": "https://bugzilla.suse.com/1087082"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-10-18T12:47:06Z",
"details": "moderate"
}
],
"title": "CVE-2018-1092"
},
{
"cve": "CVE-2018-1093",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-1093"
}
],
"notes": [
{
"category": "general",
"text": "The ext4_valid_block_bitmap function in fs/ext4/balloc.c in the Linux kernel through 4.15.15 allows attackers to cause a denial of service (out-of-bounds read and system crash) via a crafted ext4 image because balloc.c and ialloc.c do not validate bitmap block numbers.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-1093",
"url": "https://www.suse.com/security/cve/CVE-2018-1093"
},
{
"category": "external",
"summary": "SUSE Bug 1087082 for CVE-2018-1093",
"url": "https://bugzilla.suse.com/1087082"
},
{
"category": "external",
"summary": "SUSE Bug 1087095 for CVE-2018-1093",
"url": "https://bugzilla.suse.com/1087095"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-10-18T12:47:06Z",
"details": "moderate"
}
],
"title": "CVE-2018-1093"
},
{
"cve": "CVE-2018-1094",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-1094"
}
],
"notes": [
{
"category": "general",
"text": "The ext4_fill_super function in fs/ext4/super.c in the Linux kernel through 4.15.15 does not always initialize the crc32c checksum driver, which allows attackers to cause a denial of service (ext4_xattr_inode_hash NULL pointer dereference and system crash) via a crafted ext4 image.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-1094",
"url": "https://www.suse.com/security/cve/CVE-2018-1094"
},
{
"category": "external",
"summary": "SUSE Bug 1087007 for CVE-2018-1094",
"url": "https://bugzilla.suse.com/1087007"
},
{
"category": "external",
"summary": "SUSE Bug 1087082 for CVE-2018-1094",
"url": "https://bugzilla.suse.com/1087082"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-10-18T12:47:06Z",
"details": "moderate"
}
],
"title": "CVE-2018-1094"
},
{
"cve": "CVE-2018-1130",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-1130"
}
],
"notes": [
{
"category": "general",
"text": "Linux kernel before version 4.16-rc7 is vulnerable to a null pointer dereference in dccp_write_xmit() function in net/dccp/output.c in that allows a local user to cause a denial of service by a number of certain crafted system calls.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-1130",
"url": "https://www.suse.com/security/cve/CVE-2018-1130"
},
{
"category": "external",
"summary": "SUSE Bug 1092904 for CVE-2018-1130",
"url": "https://bugzilla.suse.com/1092904"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-10-18T12:47:06Z",
"details": "moderate"
}
],
"title": "CVE-2018-1130"
},
{
"cve": "CVE-2018-3665",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-3665"
}
],
"notes": [
{
"category": "general",
"text": "System software utilizing Lazy FP state restore technique on systems using Intel Core-based microprocessors may potentially allow a local process to infer data from another process through a speculative execution side channel.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-3665",
"url": "https://www.suse.com/security/cve/CVE-2018-3665"
},
{
"category": "external",
"summary": "SUSE Bug 1087078 for CVE-2018-3665",
"url": "https://bugzilla.suse.com/1087078"
},
{
"category": "external",
"summary": "SUSE Bug 1087082 for CVE-2018-3665",
"url": "https://bugzilla.suse.com/1087082"
},
{
"category": "external",
"summary": "SUSE Bug 1087086 for CVE-2018-3665",
"url": "https://bugzilla.suse.com/1087086"
},
{
"category": "external",
"summary": "SUSE Bug 1090338 for CVE-2018-3665",
"url": "https://bugzilla.suse.com/1090338"
},
{
"category": "external",
"summary": "SUSE Bug 1095241 for CVE-2018-3665",
"url": "https://bugzilla.suse.com/1095241"
},
{
"category": "external",
"summary": "SUSE Bug 1095242 for CVE-2018-3665",
"url": "https://bugzilla.suse.com/1095242"
},
{
"category": "external",
"summary": "SUSE Bug 1096740 for CVE-2018-3665",
"url": "https://bugzilla.suse.com/1096740"
},
{
"category": "external",
"summary": "SUSE Bug 1100091 for CVE-2018-3665",
"url": "https://bugzilla.suse.com/1100091"
},
{
"category": "external",
"summary": "SUSE Bug 1100555 for CVE-2018-3665",
"url": "https://bugzilla.suse.com/1100555"
},
{
"category": "external",
"summary": "SUSE Bug 1178658 for CVE-2018-3665",
"url": "https://bugzilla.suse.com/1178658"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-10-18T12:47:06Z",
"details": "moderate"
}
],
"title": "CVE-2018-3665"
},
{
"cve": "CVE-2018-5803",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-5803"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux Kernel before version 4.15.8, 4.14.25, 4.9.87, 4.4.121, 4.1.51, and 3.2.102, an error in the \"_sctp_make_chunk()\" function (net/sctp/sm_make_chunk.c) when handling SCTP packets length can be exploited to cause a kernel crash.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-5803",
"url": "https://www.suse.com/security/cve/CVE-2018-5803"
},
{
"category": "external",
"summary": "SUSE Bug 1083900 for CVE-2018-5803",
"url": "https://bugzilla.suse.com/1083900"
},
{
"category": "external",
"summary": "SUSE Bug 1087082 for CVE-2018-5803",
"url": "https://bugzilla.suse.com/1087082"
},
{
"category": "external",
"summary": "SUSE Bug 1115893 for CVE-2018-5803",
"url": "https://bugzilla.suse.com/1115893"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-10-18T12:47:06Z",
"details": "moderate"
}
],
"title": "CVE-2018-5803"
},
{
"cve": "CVE-2018-5848",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-5848"
}
],
"notes": [
{
"category": "general",
"text": "In the function wmi_set_ie(), the length validation code does not handle unsigned integer overflow properly. As a result, a large value of the \u0027ie_len\u0027 argument can cause a buffer overflow in all Android releases from CAF (Android for MSM, Firefox OS for MSM, QRD Android) using the Linux Kernel.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-5848",
"url": "https://www.suse.com/security/cve/CVE-2018-5848"
},
{
"category": "external",
"summary": "SUSE Bug 1087082 for CVE-2018-5848",
"url": "https://bugzilla.suse.com/1087082"
},
{
"category": "external",
"summary": "SUSE Bug 1097356 for CVE-2018-5848",
"url": "https://bugzilla.suse.com/1097356"
},
{
"category": "external",
"summary": "SUSE Bug 1105412 for CVE-2018-5848",
"url": "https://bugzilla.suse.com/1105412"
},
{
"category": "external",
"summary": "SUSE Bug 1115339 for CVE-2018-5848",
"url": "https://bugzilla.suse.com/1115339"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-10-18T12:47:06Z",
"details": "moderate"
}
],
"title": "CVE-2018-5848"
},
{
"cve": "CVE-2018-7492",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-7492"
}
],
"notes": [
{
"category": "general",
"text": "A NULL pointer dereference was found in the net/rds/rdma.c __rds_rdma_map() function in the Linux kernel before 4.14.7 allowing local attackers to cause a system panic and a denial-of-service, related to RDS_GET_MR and RDS_GET_MR_FOR_DEST.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-7492",
"url": "https://www.suse.com/security/cve/CVE-2018-7492"
},
{
"category": "external",
"summary": "SUSE Bug 1082962 for CVE-2018-7492",
"url": "https://bugzilla.suse.com/1082962"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.2,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kgraft-patch-4_4_121-92_85-default-1-3.5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-10-18T12:47:06Z",
"details": "moderate"
}
],
"title": "CVE-2018-7492"
}
]
}
suse-su-2018:1772-1
Vulnerability from csaf_suse
Published
2018-06-21 11:53
Modified
2018-06-21 11:53
Summary
Security update for the Linux Kernel
Notes
Title of the patch
Security update for the Linux Kernel
Description of the patch
The SUSE Linux Enterprise 12 SP3 kernel was updated to 4.4.136 to receive various security and bugfixes.
The following security bugs were fixed:
- CVE-2018-5848: In the function wmi_set_ie(), the length validation code did
not handle unsigned integer overflow properly. As a result, a large value of
the 'ie_len' argument could have caused a buffer overflow (bnc#1097356).
- CVE-2017-18249: The add_free_nid function did not properly track an allocated
nid, which allowed local users to cause a denial of service (race condition) or
possibly have unspecified other impact via concurrent threads (bnc#1087036).
- CVE-2018-3665: Prevent disclosure of FPU registers (including XMM and AVX
registers) between processes. These registers might contain encryption keys
when doing SSE accelerated AES enc/decryption (bsc#1087086).
- CVE-2017-18241: Prevent a NULL pointer dereference by using a noflush_merge
option that triggers a NULL value for a flush_cmd_control data structure
(bnc#1086400).
- CVE-2017-17741: The KVM implementation in the Linux kernel allowed attackers
to obtain potentially sensitive information from kernel memory, aka a
write_mmio stack-based out-of-bounds read (bnc#1073311).
- CVE-2018-12233: In the ea_get function in fs/jfs/xattr.c, a memory
corruption bug in JFS can be triggered by calling setxattr twice with two
different extended attribute names on the same file. This vulnerability
can be triggered by an unprivileged user with the ability to create
files and execute programs. A kmalloc call is incorrect, leading to
slab-out-of-bounds in jfs_xattr (bnc#1097234).
The following non-security bugs were fixed:
- 8139too: Use disable_irq_nosync() in rtl8139_poll_controller() (bnc#1012382).
- ACPI: acpi_pad: Fix memory leak in power saving threads (bnc#1012382).
- ACPICA: acpi: acpica: fix acpi operand cache leak in nseval.c (bnc#1012382).
- ACPICA: Events: add a return on failure from acpi_hw_register_read (bnc#1012382).
- ACPI: processor_perflib: Do not send _PPC change notification if not ready (bnc#1012382).
- affs_lookup(): close a race with affs_remove_link() (bnc#1012382).
- af_key: Always verify length of provided sadb_key (bnc#1012382).
- aio: fix io_destroy(2) vs. lookup_ioctx() race (bnc#1012382).
- alsa: control: fix a redundant-copy issue (bnc#1012382).
- alsa: hda: Add Lenovo C50 All in one to the power_save blacklist (bnc#1012382).
- alsa: hda - Use IS_REACHABLE() for dependency on input (bnc#1012382 bsc#1031717).
- alsa: timer: Call notifier in the same spinlock (bnc#1012382 bsc#973378).
- alsa: timer: Fix pause event notification (bnc#1012382 bsc#973378).
- alsa: usb: mixer: volume quirk for CM102-A+/102S+ (bnc#1012382).
- alsa: vmaster: Propagate slave error (bnc#1012382).
- arc: Fix malformed ARC_EMUL_UNALIGNED default (bnc#1012382).
- arm64: Add ARCH_WORKAROUND_2 probing (bsc#1085308).
- arm64: Add per-cpu infrastructure to call ARCH_WORKAROUND_2 (bsc#1085308).
- arm64: Add 'ssbd' command-line option (bsc#1085308).
- arm64: Add this_cpu_ptr() assembler macro for use in entry.S (bsc#1085308).
- arm64: Add work around for Arm Cortex-A55 Erratum 1024718 (bnc#1012382).
- arm64: alternatives: Add dynamic patching feature (bsc#1085308).
- arm64: assembler: introduce ldr_this_cpu (bsc#1085308).
- arm64: Call ARCH_WORKAROUND_2 on transitions between EL0 and EL1 (bsc#1085308).
- arm64: do not call C code with el0's fp register (bsc#1085308).
- arm64: fix endianness annotation for __apply_alternatives()/get_alt_insn() (bsc#1085308).
- arm64: introduce mov_q macro to move a constant into a 64-bit register (bnc#1012382 bsc#1068032).
- arm64: lse: Add early clobbers to some input/output asm operands (bnc#1012382).
- arm64: spinlock: Fix theoretical trylock() A-B-A with LSE atomics (bnc#1012382).
- arm64: ssbd: Add global mitigation state accessor (bsc#1085308).
- arm64: ssbd: Add prctl interface for per-thread mitigation (bsc#1085308).
- arm64: ssbd: Introduce thread flag to control userspace mitigation (bsc#1085308).
- arm64: ssbd: Restore mitigation status on CPU resume (bsc#1085308).
- arm64: ssbd: Skip apply_ssbd if not using dynamic mitigation (bsc#1085308).
- arm: 8748/1: mm: Define vdso_start, vdso_end as array (bnc#1012382).
- arm: 8769/1: kprobes: Fix to use get_kprobe_ctlblk after irq-disabed (bnc#1012382).
- arm: 8770/1: kprobes: Prohibit probing on optimized_callback (bnc#1012382).
- arm: 8771/1: kprobes: Prohibit kprobes on do_undefinstr (bnc#1012382).
- arm: 8772/1: kprobes: Prohibit kprobes on get_user functions (bnc#1012382).
- arm/arm64: smccc: Add SMCCC-specific return codes (bsc#1085308).
- arm: dts: socfpga: fix GIC PPI warning (bnc#1012382).
- arm: OMAP1: clock: Fix debugfs_create_*() usage (bnc#1012382).
- arm: OMAP2+: timer: fix a kmemleak caused in omap_get_timer_dt (bnc#1012382).
- arm: OMAP3: Fix prm wake interrupt for resume (bnc#1012382).
- arm: OMAP: Fix dmtimer init for omap1 (bnc#1012382).
- asm-generic: provide generic_pmdp_establish() (bnc#1012382).
- ASoC: au1x: Fix timeout tests in au1xac97c_ac97_read() (bnc#1012382 bsc#1031717).
- ASoC: Intel: sst: remove redundant variable dma_dev_name (bnc#1012382).
- ASoC: samsung: i2s: Ensure the RCLK rate is properly determined (bnc#1012382).
- ASoC: topology: create TLV data for dapm widgets (bnc#1012382).
- ath10k: Fix kernel panic while using worker (ath10k_sta_rc_update_wk) (bnc#1012382).
- audit: move calcs after alloc and check when logging set loginuid (bnc#1012382).
- audit: return on memory error to avoid null pointer dereference (bnc#1012382).
- autofs: change autofs4_expire_wait()/do_expire_wait() to take struct path (bsc#1086716).
- autofs: change autofs4_wait() to take struct path (bsc#1086716).
- autofs: use path_has_submounts() to fix unreliable have_submount() checks (bsc#1086716).
- autofs: use path_is_mountpoint() to fix unreliable d_mountpoint() checks (bsc#1086716).
- batman-adv: fix header size check in batadv_dbg_arp() (bnc#1012382).
- batman-adv: fix multicast-via-unicast transmission with AP isolation (bnc#1012382).
- batman-adv: fix packet checksum in receive path (bnc#1012382).
- batman-adv: fix packet loss for broadcasted DHCP packets to a server (bnc#1012382).
- batman-adv: invalidate checksum on fragment reassembly (bnc#1012382).
- bcache: fix for allocator and register thread race (bnc#1012382).
- bcache: fix for data collapse after re-attaching an attached device (bnc#1012382).
- bcache: fix kcrashes with fio in RAID5 backend dev (bnc#1012382).
- bcache: properly set task state in bch_writeback_thread() (bnc#1012382).
- bcache: quit dc->writeback_thread when BCACHE_DEV_DETACHING is set (bnc#1012382).
- bcache: return attach error when no cache set exist (bnc#1012382).
- block: cancel workqueue entries on blk_mq_freeze_queue() (bsc#1090435).
- Bluetooth: Apply QCA Rome patches for some ATH3012 models (bsc#1082504, bsc#1095147).
- Bluetooth: btusb: Add device ID for RTL8822BE (bnc#1012382).
- Bluetooth: btusb: Add USB ID 7392:a611 for Edimax EW-7611ULB (bnc#1012382).
- bnx2x: use the right constant (bnc#1012382).
- bnxt_en: Check valid VNIC ID in bnxt_hwrm_vnic_set_tpa() (bnc#1012382).
- bonding: do not allow rlb updates to invalid mac (bnc#1012382).
- bpf: fix selftests/bpf test_kmod.sh failure when CONFIG_BPF_JIT_ALWAYS_ON=y (bnc#1012382).
- brcmfmac: Fix check for ISO3166 code (bnc#1012382).
- bridge: check iface upper dev when setting master via ioctl (bnc#1012382).
- Btrfs: bail out on error during replay_dir_deletes (bnc#1012382).
- Btrfs: fix copy_items() return value when logging an inode (bnc#1012382).
- Btrfs: fix crash when trying to resume balance without the resume flag (bnc#1012382).
- Btrfs: fix lockdep splat in btrfs_alloc_subvolume_writers (bnc#1012382).
- Btrfs: fix NULL pointer dereference in log_dir_items (bnc#1012382).
- Btrfs: Fix out of bounds access in btrfs_search_slot (bnc#1012382).
- Btrfs: Fix possible softlock on single core machines (bnc#1012382).
- Btrfs: fix reading stale metadata blocks after degraded raid1 mounts (bnc#1012382).
- Btrfs: fix scrub to repair raid6 corruption (bnc#1012382).
- Btrfs: fix xattr loss after power failure (bnc#1012382).
- Btrfs: send, fix issuing write op when processing hole in no data mode (bnc#1012382).
- Btrfs: set plug for fsync (bnc#1012382).
- Btrfs: tests/qgroup: Fix wrong tree backref level (bnc#1012382).
- cdrom: do not call check_disk_change() inside cdrom_open() (bnc#1012382).
- ceph: delete unreachable code in ceph_check_caps() (bsc#1096214).
- ceph: fix race of queuing delayed caps (bsc#1096214).
- cfg80211: further limit wiphy names to 64 bytes (bnc#1012382 git-fixes).
- cfg80211: further limit wiphy names to 64 bytes (git-fixes).
- cfg80211: limit wiphy names to 128 bytes (bnc#1012382).
- cifs: silence compiler warnings showing up with gcc-8.0.0 (bnc#1012382 bsc#1090734).
- Clarify (and fix) MAX_LFS_FILESIZE macros (bnc#1012382).
- clk: Do not show the incorrect clock phase (bnc#1012382).
- clk: rockchip: Prevent calculating mmc phase if clock rate is zero (bnc#1012382).
- clk: samsung: exynos3250: Fix PLL rates (bnc#1012382).
- clk: samsung: exynos5250: Fix PLL rates (bnc#1012382).
- clk: samsung: exynos5260: Fix PLL rates (bnc#1012382).
- clk: samsung: exynos5433: Fix PLL rates (bnc#1012382).
- clk: samsung: s3c2410: Fix PLL rates (bnc#1012382).
- clocksource/drivers/fsl_ftm_timer: Fix error return checking (bnc#1012382).
- config: arm64: enable Spectre-v4 per-thread mitigation
- Correct the prefix in references tag in previous patches (bsc#1041740).
- cpufreq: cppc_cpufreq: Fix cppc_cpufreq_init() failure path (bnc#1012382).
- cpufreq: CPPC: Initialize shared perf capabilities of CPUs (bnc#1012382).
- cpufreq: intel_pstate: Enable HWP by default (bnc#1012382).
- cpuidle: coupled: remove unused define cpuidle_coupled_lock (bnc#1012382).
- crypto: sunxi-ss - Add MODULE_ALIAS to sun4i-ss (bnc#1012382).
- crypto: vmx - Remove overly verbose printk from AES init routines (bnc#1012382).
- dccp: do not free ccid2_hc_tx_sock struct in dccp_disconnect() (bnc#1012382).
- dccp: fix tasklet usage (bnc#1012382).
- dlm: fix a clerical error when set SCTP_NODELAY (bsc#1091594).
- dlm: make sctp_connect_to_sock() return in specified time (bsc#1080542).
- dlm: remove O_NONBLOCK flag in sctp_connect_to_sock (bsc#1080542).
- dmaengine: ensure dmaengine helpers check valid callback (bnc#1012382).
- dmaengine: pl330: fix a race condition in case of threaded irqs (bnc#1012382).
- dmaengine: rcar-dmac: fix max_chunk_size for R-Car Gen3 (bnc#1012382).
- dmaengine: usb-dmac: fix endless loop in usb_dmac_chan_terminate_all() (bnc#1012382).
- dm thin: fix documentation relative to low water mark threshold (bnc#1012382).
- do d_instantiate/unlock_new_inode combinations safely (bnc#1012382).
- dp83640: Ensure against premature access to PHY registers after reset (bnc#1012382).
- drm/exynos: fix comparison to bitshift when dealing with a mask (bnc#1012382).
- drm/i915: Disable LVDS on Radiant P845 (bnc#1012382).
- drm/rockchip: Respect page offset for PRIME mmap calls (bnc#1012382).
- drm: set FMODE_UNSIGNED_OFFSET for drm files (bnc#1012382).
- e1000e: allocate ring descriptors with dma_zalloc_coherent (bnc#1012382).
- e1000e: Fix check_for_link return value with autoneg off (bnc#1012382 bsc#1075428).
- efi: Avoid potential crashes, fix the 'struct efi_pci_io_protocol_32' definition for mixed mode (bnc#1012382).
- enic: enable rq before updating rq descriptors (bnc#1012382).
- enic: set DMA mask to 47 bit (bnc#1012382).
- ext2: fix a block leak (bnc#1012382).
- fbdev: Fixing arbitrary kernel leak in case FBIOGETCMAP_SPARC in sbusfb_ioctl_helper() (bnc#1012382).
- firewire-ohci: work around oversized DMA reads on JMicron controllers (bnc#1012382).
- firmware: dmi: handle missing DMI data gracefully (bsc#1096037).
- firmware: dmi_scan: Fix handling of empty DMI strings (bnc#1012382).
- fix io_destroy()/aio_complete() race (bnc#1012382).
- Force log to disk before reading the AGF during a fstrim (bnc#1012382).
- fscache: Fix hanging wait on page discarded by writeback (bnc#1012382).
- fs/proc/proc_sysctl.c: fix potential page fault while unregistering sysctl table (bnc#1012382).
- futex: futex_wake_op, do not fail on invalid op (git-fixes).
- futex: futex_wake_op, fix sign_extend32 sign bits (bnc#1012382).
- futex: Remove duplicated code and fix undefined behaviour (bnc#1012382).
- futex: Remove unnecessary warning from get_futex_key (bnc#1012382).
- gfs2: Fix fallocate chunk size (bnc#1012382).
- gianfar: Fix Rx byte accounting for ndev stats (bnc#1012382).
- gpio: No NULL owner (bnc#1012382).
- gpio: rcar: Add Runtime PM handling for interrupts (bnc#1012382).
- hfsplus: stop workqueue when fill_super() failed (bnc#1012382).
- HID: roccat: prevent an out of bounds read in kovaplus_profile_activated() (bnc#1012382).
- hwmon: (nct6775) Fix writing pwmX_mode (bnc#1012382).
- hwmon: (pmbus/adm1275) Accept negative page register values (bnc#1012382).
- hwmon: (pmbus/max8688) Accept negative page register values (bnc#1012382).
- hwrng: stm32 - add reset during probe (bnc#1012382).
- hwtracing: stm: fix build error on some arches (bnc#1012382).
- i2c: mv64xxx: Apply errata delay only in standard mode (bnc#1012382).
- i2c: rcar: check master irqs before slave irqs (bnc#1012382).
- i2c: rcar: do not issue stop when HW does it automatically (bnc#1012382).
- i2c: rcar: init new messages in irq (bnc#1012382).
- i2c: rcar: make sure clocks are on when doing clock calculation (bnc#1012382).
- i2c: rcar: refactor setup of a msg (bnc#1012382).
- i2c: rcar: remove spinlock (bnc#1012382).
- i2c: rcar: remove unused IOERROR state (bnc#1012382).
- i2c: rcar: revoke START request early (bnc#1012382).
- i2c: rcar: rework hw init (bnc#1012382).
- IB/ipoib: Fix for potential no-carrier state (bnc#1012382).
- iio:kfifo_buf: check for uint overflow (bnc#1012382).
- ima: Fallback to the builtin hash algorithm (bnc#1012382).
- ima: Fix Kconfig to select TPM 2.0 CRB interface (bnc#1012382).
- init: fix false positives in W+X checking (bsc#1096982).
- input: elan_i2c - add ELAN0612 (Lenovo v330 14IKB) ACPI ID (bnc#1012382).
- Input: elan_i2c_smbus - fix corrupted stack (bnc#1012382).
- input: goodix - add new ACPI id for GPD Win 2 touch screen (bnc#1012382).
- ip6mr: only set ip6mr_table from setsockopt when ip6mr_new_table succeeds (bnc#1012382).
- ipc/shm: fix shmat() nil address after round-down when remapping (bnc#1012382).
- ipmi/powernv: Fix error return code in ipmi_powernv_probe() (bnc#1012382).
- ipmi_ssif: Fix kernel panic at msg_done_handler (bnc#1012382 bsc#1088871).
- ipv4: fix memory leaks in udp_sendmsg, ping_v4_sendmsg (bnc#1012382).
- ipv4: lock mtu in fnhe when received PMTU lower than net.ipv4.route.min_pmtu (bnc#1012382).
- ipv4: remove warning in ip_recv_error (bnc#1012382).
- ipv6: omit traffic class when calculating flow hash (bsc#1095042).
- irda: fix overly long udelay() (bnc#1012382).
- irqchip/gic-v3: Change pr_debug message to pr_devel (bnc#1012382).
- isdn: eicon: fix a missing-check bug (bnc#1012382).
- jffs2: Fix use-after-free bug in jffs2_iget()'s error handling path (bnc#1012382 git-fixes).
- kabi: vfs: Restore dentry_operations->d_manage (bsc#1086716).
- kasan: fix memory hotplug during boot (bnc#1012382).
- Kbuild: change CC_OPTIMIZE_FOR_SIZE definition (bnc#1012382).
- kconfig: Avoid format overflow warning from GCC 8.1 (bnc#1012382).
- kconfig: Do not leak main menus during parsing (bnc#1012382).
- kconfig: Fix automatic menu creation mem leak (bnc#1012382).
- kconfig: Fix expr_free() E_NOT leak (bnc#1012382).
- kdb: make 'mdr' command repeat (bnc#1012382).
- kernel: Fix memory leak on EP11 target list processing (bnc#1096751, LTC#168596).
- kernel/relay.c: limit kmalloc size to KMALLOC_MAX_SIZE (bnc#1012382).
- kernel/sys.c: fix potential Spectre v1 issue (bnc#1012382).
- kvm: Fix spelling mistake: 'cop_unsuable' -> 'cop_unusable' (bnc#1012382).
- kvm: lapic: stop advertising DIRECTED_EOI when in-kernel IOAPIC is in use (bnc#1012382).
- kvm: PPC: Book3S HV: Fix VRMA initialization with 2MB or 1GB memory backing (bnc#1012382).
- kvm: VMX: raise internal error for exception during invalid protected mode state (bnc#1012382).
- kvm: x86: fix KVM_XEN_HVM_CONFIG ioctl (bnc#1012382).
- kvm: x86: introduce linear_{read,write}_system (bnc#1012382).
- kvm: x86: pass kvm_vcpu to kvm_read_guest_virt and kvm_write_guest_virt_system (bnc#1012382).
- kvm: x86: Sync back MSR_IA32_SPEC_CTRL to VCPU data structure (bsc#1096242, bsc#1096281).
- kvm: x86: use correct privilege level for sgdt/sidt/fxsave/fxrstor access (bnc#1012382).
- l2tp: revert 'l2tp: fix missing print session offset info' (bnc#1012382).
- libata: blacklist Micron 500IT SSD with MU01 firmware (bnc#1012382).
- libata: Blacklist some Sandisk SSDs for NCQ (bnc#1012382).
- llc: better deal with too small mtu (bnc#1012382).
- llc: properly handle dev_queue_xmit() return value (bnc#1012382).
- lockd: lost rollback of set_grace_period() in lockd_down_net() (bnc#1012382 git-fixes).
- locking/qspinlock: Ensure node->count is updated before initialising node (bnc#1012382).
- locking/xchg/alpha: Add unconditional memory barrier to cmpxchg() (bnc#1012382).
- locking/xchg/alpha: Fix xchg() and cmpxchg() memory ordering bugs (bnc#1012382).
- m68k: set dma and coherent masks for platform FEC ethernets (bnc#1012382).
- mac80211: round IEEE80211_TX_STATUS_HEADROOM up to multiple of 4 (bnc#1012382).
- md raid10: fix NULL deference in handle_write_completed() (bnc#1012382 bsc#1056415).
- md/raid1: fix NULL pointer dereference (bnc#1012382).
- md: raid5: avoid string overflow warning (bnc#1012382).
- media: cx23885: Override 888 ImpactVCBe crystal frequency (bnc#1012382).
- media: cx23885: Set subdev host data to clk_freq pointer (bnc#1012382).
- media: cx25821: prevent out-of-bounds read on array card (bnc#1012382 bsc#1031717).
- media: dmxdev: fix error code for invalid ioctls (bnc#1012382).
- media: em28xx: USB bulk packet size fix (bnc#1012382).
- media: s3c-camif: fix out-of-bounds array access (bnc#1012382 bsc#1031717).
- mmap: introduce sane default mmap limits (bnc#1012382).
- mmap: relax file size limit for regular files (bnc#1012382).
- mmc: sdhci-iproc: fix 32bit writes for TRANSFER_MODE register (bnc#1012382).
- mm: do not allow deferred pages with NEED_PER_CPU_KM (bnc#1012382).
- mm: filemap: avoid unnecessary calls to lock_page when waiting for IO to complete during a read (bnc#1012382 bnc#971975).
- mm: filemap: remove redundant code in do_read_cache_page (bnc#1012382 bnc#971975).
- mm: fix races between address_space dereference and free in page_evicatable (bnc#1012382).
- mm: fix the NULL mapping case in __isolate_lru_page() (bnc#1012382).
- mm/kmemleak.c: wait for scan completion before disabling free (bnc#1012382).
- mm/ksm: fix interaction with THP (bnc#1012382).
- mm/mempolicy: add nodes_empty check in SYSC_migrate_pages (bnc#1012382).
- mm/mempolicy.c: avoid use uninitialized preferred_node (bnc#1012382).
- mm/mempolicy: fix the check of nodemask from user (bnc#1012382).
- mm, page_alloc: do not break __GFP_THISNODE by zonelist reset (bsc#1079152, VM Functionality).
- mm: pin address_space before dereferencing it while isolating an LRU page (bnc#1012382 bnc#1081500).
- net: bgmac: Fix endian access in bgmac_dma_tx_ring_free() (bnc#1012382).
- netdev-FAQ: clarify DaveM's position for stable backports (bnc#1012382).
- net: ethernet: sun: niu set correct packet size in skb (bnc#1012382).
- netfilter: ebtables: convert BUG_ONs to WARN_ONs (bnc#1012382).
- net: Fix untag for vlan packets without ethernet header (bnc#1012382).
- net: Fix vlan untag for bridge and vlan_dev with reorder_hdr off (bnc#1012382).
- netlabel: If PF_INET6, check sk_buff ip header version (bnc#1012382).
- net: metrics: add proper netlink validation (bnc#1012382).
- net/mlx4_en: Verify coalescing parameters are in range (bnc#1012382).
- net/mlx4: Fix irq-unsafe spinlock usage (bnc#1012382).
- net/mlx5: Protect from command bit overflow (bnc#1012382).
- net: mvneta: fix enable of all initialized RXQs (bnc#1012382).
- net/packet: refine check for priv area size (bnc#1012382).
- net: phy: broadcom: Fix bcm_write_exp() (bnc#1012382).
- net: qmi_wwan: add BroadMobi BM806U 2020:2033 (bnc#1012382).
- net_sched: fq: take care of throttled flows before reuse (bnc#1012382).
- net: support compat 64-bit time in {s,g}etsockopt (bnc#1012382).
- net/tcp/illinois: replace broken algorithm reference link (bnc#1012382).
- net: test tailroom before appending to linear skb (bnc#1012382).
- net-usb: add qmi_wwan if on lte modem wistron neweb d18q1 (bnc#1012382).
- net: usb: cdc_mbim: add flag FLAG_SEND_ZLP (bnc#1012382).
- net/usb/qmi_wwan.c: Add USB id for lt4120 modem (bnc#1012382).
- nfc: llcp: Limit size of SDP URI (bnc#1012382).
- nfs: Do not convert nfs_idmap_cache_timeout to jiffies (bnc#1012382 git-fixes).
- nfsv4: always set NFS_LOCK_LOST when a lock is lost (bnc#1012382 bsc#1068951).
- ntb_transport: Fix bug with max_mw_size parameter (bnc#1012382).
- nvme-pci: Fix nvme queue cleanup if IRQ setup fails (bnc#1012382).
- ocfs2/acl: use 'ip_xattr_sem' to protect getting extended attribute (bnc#1012382).
- ocfs2/dlm: do not handle migrate lockres if already in shutdown (bnc#1012382).
- ocfs2: return -EROFS to mount.ocfs2 if inode block is invalid (bnc#1012382).
- ocfs2: return error when we attempt to access a dirty bh in jbd2 (bnc#1012382 bsc#1070404).
- openvswitch: Do not swap table in nlattr_set() after OVS_ATTR_NESTED is found (bnc#1012382).
- packet: fix reserve calculation (bnc#1012382 git-fixes).
- packet: fix reserve calculation (git-fixes).
- packet: in packet_snd start writing at link layer allocation (bnc#1012382).
- parisc/pci: Switch LBA PCI bus from Hard Fail to Soft Fail mode (bnc#1012382).
- pci: Add function 1 DMA alias quirk for Marvell 88SE9220 (bnc#1012382).
- pci: Add function 1 DMA alias quirk for Marvell 9128 (bnc#1012382).
- pci: Restore config space on runtime resume despite being unbound (bnc#1012382).
- perf callchain: Fix attr.sample_max_stack setting (bnc#1012382).
- perf/cgroup: Fix child event counting bug (bnc#1012382).
- perf/core: Fix perf_output_read_group() (bnc#1012382).
- perf report: Fix memory corruption in --branch-history mode --branch-history (bnc#1012382).
- perf tests: Use arch__compare_symbol_names to compare symbols (bnc#1012382).
- pipe: cap initial pipe capacity according to pipe-max-size limit (bnc#1012382 bsc#1045330).
- powerpc/64s: Clear PCR on boot (bnc#1012382).
- powerpc: Add missing prototype for arch_irq_work_raise() (bnc#1012382).
- powerpc/bpf/jit: Fix 32-bit JIT for seccomp_data access (bnc#1012382).
- powerpc: Do not preempt_disable() in show_cpuinfo() (bnc#1012382 bsc#1066223).
- powerpc/mpic: Check if cpu_possible() in mpic_physmask() (bnc#1012382).
- powerpc/numa: Ensure nodes initialized for hotplug (bnc#1012382 bsc#1081514).
- powerpc/numa: Use ibm,max-associativity-domains to discover possible nodes (bnc#1012382 bsc#1081514).
- powerpc/perf: Fix kernel address leak via sampling registers (bnc#1012382).
- powerpc/perf: Prevent kernel address leak to userspace via BHRB buffer (bnc#1012382).
- powerpc/powernv: Fix NVRAM sleep in invalid context when crashing (bnc#1012382).
- powerpc/powernv: panic() on OPAL lower than V3 (bnc#1012382).
- powerpc/powernv: remove FW_FEATURE_OPALv3 and just use FW_FEATURE_OPAL (bnc#1012382).
- powerpc/powernv: Remove OPALv2 firmware define and references (bnc#1012382).
- proc: fix /proc/*/map_files lookup (bnc#1012382).
- procfs: fix pthread cross-thread naming if !PR_DUMPABLE (bnc#1012382).
- proc: meminfo: estimate available memory more conservatively (bnc#1012382).
- proc read mm's {arg,env}_{start,end} with mmap semaphore taken (bnc#1012382).
- qed: Fix mask for physical address in ILT entry (bnc#1012382).
- qla2xxx: Mask off Scope bits in retry delay (bsc#1068054).
- qmi_wwan: do not steal interfaces from class drivers (bnc#1012382).
- r8152: fix tx packets accounting (bnc#1012382).
- r8169: fix powering up RTL8168h (bnc#1012382).
- RDMA/mlx5: Avoid memory leak in case of XRCD dealloc failure (bnc#1012382).
- RDMA/ucma: Correct option size check using optlen (bnc#1012382).
- RDS: IB: Fix null pointer issue (bnc#1012382).
- Refreshed contents of patches (bsc#1085185)
- regulator: of: Add a missing 'of_node_put()' in an error handling path of 'of_regulator_match()' (bnc#1012382).
- regulatory: add NUL to request alpha2 (bnc#1012382).
- Revert 'arm: dts: imx6qdl-wandboard: Fix audio channel swap' (bnc#1012382).
- Revert 'ima: limit file hash setting by user to fix and log modes' (bnc#1012382).
- Revert 'ipc/shm: Fix shmat mmap nil-page protection' (bnc#1012382).
- Revert 'regulatory: add NUL to request alpha2' (kabi).
- Revert 'vti4: Do not override MTU passed on link creation via IFLA_MTU' (bnc#1012382).
- rtc: hctosys: Ensure system time does not overflow time_t (bnc#1012382).
- rtc: snvs: Fix usage of snvs_rtc_enable (bnc#1012382).
- rtc: tx4939: avoid unintended sign extension on a 24 bit shift (bnc#1012382).
- rtlwifi: rtl8192cu: Remove variable self-assignment in rf.c (bnc#1012382).
- rtnetlink: validate attributes in do_setlink() (bnc#1012382).
- s390: add assembler macros for CPU alternatives (bnc#1012382).
- s390/cio: clear timer when terminating driver I/O (bnc#1012382).
- s390/cio: fix return code after missing interrupt (bnc#1012382).
- s390/cpum_sf: ensure sample frequency of perf event attributes is non-zero (LTC#168035 bnc#1012382 bnc#1094532).
- s390: extend expoline to BC instructions (bnc#1012382).
- s390/ftrace: use expoline for indirect branches (bnc#1012382).
- s390/kernel: use expoline for indirect branches (bnc#1012382).
- s390/lib: use expoline for indirect branches (bnc#1012382).
- s390: move expoline assembler macros to a header (bnc#1012382).
- s390: move spectre sysfs attribute code (bnc#1012382).
- s390/qdio: do not release memory in qdio_setup_irq() (bnc#1012382).
- s390/qdio: fix access to uninitialized qdio_q fields (LTC#168037 bnc#1012382 bnc#1094532).
- s390: remove indirect branch from do_softirq_own_stack (bnc#1012382).
- s390: use expoline thunks in the BPF JIT (bnc#1012382).
- sched/rt: Fix rq->clock_update_flags lower than RQCF_ACT_SKIP warning (bnc#1012382).
- scripts/git-pre-commit:
- scsi: aacraid: fix shutdown crash when init fails (bnc#1012382).
- scsi: aacraid: Insure command thread is not recursively stopped (bnc#1012382).
- scsi: bnx2fc: Fix check in SCSI completion handler for timed out request (bnc#1012382).
- scsi: fas216: fix sense buffer initialization (bnc#1012382 bsc#1082979).
- scsi: libsas: defer ata device eh commands to libata (bnc#1012382).
- scsi: lpfc: Fix frequency of Release WQE CQEs (bnc#1012382).
- scsi: lpfc: Fix issue_lip if link is disabled (bnc#1012382 bsc#1080656).
- scsi: lpfc: Fix soft lockup in lpfc worker thread during LIP testing (bnc#1012382 bsc#1080656).
- scsi: mpt3sas: Do not mark fw_event workqueue as WQ_MEM_RECLAIM (bnc#1012382 bsc#1078583).
- scsi: mptfusion: Add bounds check in mptctl_hp_targetinfo() (bnc#1012382).
- scsi: qla2xxx: Avoid triggering undefined behavior in qla2x00_mbx_completion() (bnc#1012382).
- scsi: qla4xxx: skip error recovery in case of register disconnect (bnc#1012382).
- scsi: scsi_transport_srp: Fix shost to rport translation (bnc#1012382).
- scsi: sd: Keep disk read-only when re-reading partition (bnc#1012382).
- scsi: sg: allocate with __GFP_ZERO in sg_build_indirect() (bnc#1012382).
- scsi: storvsc: Increase cmd_per_lun for higher speed devices (bnc#1012382).
- scsi: sym53c8xx_2: iterator underflow in sym_getsync() (bnc#1012382).
- scsi: ufs: Enable quirk to ignore sending WRITE_SAME command (bnc#1012382).
- scsi: zfcp: fix infinite iteration on ERP ready list (LTC#168038 bnc#1012382 bnc#1094532).
- sctp: delay the authentication for the duplicated cookie-echo chunk (bnc#1012382).
- sctp: fix the issue that the cookie-ack with auth can't get processed (bnc#1012382).
- sctp: handle two v4 addrs comparison in sctp_inet6_cmp_addr (bnc#1012382).
- sctp: use the old asoc when making the cookie-ack chunk in dupcook_d (bnc#1012382).
- selftests: ftrace: Add a testcase for probepoint (bnc#1012382).
- selftests: ftrace: Add a testcase for string type with kprobe_event (bnc#1012382).
- selftests: ftrace: Add probe event argument syntax testcase (bnc#1012382).
- selftests: memfd: add config fragment for fuse (bnc#1012382).
- selftests/net: fixes psock_fanout eBPF test case (bnc#1012382).
- selftests/powerpc: Skip the subpage_prot tests if the syscall is unavailable (bnc#1012382).
- selftests: Print the test we're running to /dev/kmsg (bnc#1012382).
- selinux: KASAN: slab-out-of-bounds in xattr_getsecurity (bnc#1012382).
- serial: arc_uart: Fix out-of-bounds access through DT alias (bnc#1012382).
- serial: fsl_lpuart: Fix out-of-bounds access through DT alias (bnc#1012382).
- serial: imx: Fix out-of-bounds access through serial port index (bnc#1012382).
- serial: mxs-auart: Fix out-of-bounds access through serial port index (bnc#1012382).
- serial: samsung: fix maxburst parameter for DMA transactions (bnc#1012382).
- serial: samsung: Fix out-of-bounds access through serial port index (bnc#1012382).
- serial: xuartps: Fix out-of-bounds access through DT alias (bnc#1012382).
- sh: fix debug trap failure to process signals before return to user (bnc#1012382).
- sh: New gcc support (bnc#1012382).
- signals: avoid unnecessary taking of sighand->siglock (bnc#1012382 bnc#978907).
- sit: fix IFLA_MTU ignored on NEWLINK (bnc#1012382).
- smsc75xx: fix smsc75xx_set_features() (bnc#1012382).
- sock_diag: fix use-after-free read in __sk_free (bnc#1012382).
- sparc64: Fix build warnings with gcc 7 (bnc#1012382).
- sparc64: Make atomic_xchg() an inline function rather than a macro (bnc#1012382).
- spi: pxa2xx: Allow 64-bit DMA (bnc#1012382).
- sr: get/drop reference to device in revalidate and check_events (bnc#1012382).
- staging: rtl8192u: return -ENOMEM on failed allocation of priv->oldaddr (bnc#1012382).
- stm class: Use vmalloc for the master map (bnc#1012382).
- sunvnet: does not support GSO for sctp (bnc#1012382).
- swap: divide-by-zero when zero length swap file on ssd (bnc#1012382 bsc#1082153).
- tcp: avoid integer overflows in tcp_rcv_space_adjust() (bnc#1012382).
- tcp: ignore Fast Open on repair mode (bnc#1012382).
- tcp: purge write queue in tcp_connect_init() (bnc#1012382).
- team: use netdev_features_t instead of u32 (bnc#1012382).
- test_bpf: Fix testing with CONFIG_BPF_JIT_ALWAYS_ON=y on other arches (git-fixes).
- tg3: Fix vunmap() BUG_ON() triggered from tg3_free_consistent() (bnc#1012382).
- tick/broadcast: Use for_each_cpu() specially on UP kernels (bnc#1012382).
- time: Fix CLOCK_MONOTONIC_RAW sub-nanosecond accounting (bnc#1012382).
- tools/libbpf: handle issues with bpf ELF objects containing .eh_frames (bnc#1012382).
- tools lib traceevent: Fix get_field_str() for dynamic strings (bnc#1012382).
- tools lib traceevent: Simplify pointer print logic and fix %pF (bnc#1012382).
- tools/thermal: tmon: fix for segfault (bnc#1012382).
- tpm: do not suspend/resume if power stays on (bnc#1012382).
- tpm: self test failure should not cause suspend to fail (bnc#1012382).
- tracing: Fix crash when freeing instances with event triggers (bnc#1012382).
- tracing/hrtimer: Fix tracing bugs by taking all clock bases and modes into account (bnc#1012382).
- tracing/x86/xen: Remove zero data size trace events trace_xen_mmu_flush_tlb{_all} (bnc#1012382).
- udf: Provide saner default for invalid uid / gid (bnc#1012382).
- usb: dwc2: Fix dwc2_hsotg_core_init_disconnected() (bnc#1012382).
- usb: dwc2: Fix interval type issue (bnc#1012382).
- usb: dwc3: Update DWC_usb31 GTXFIFOSIZ reg fields (bnc#1012382).
- usb: gadget: composite: fix incorrect handling of OS desc requests (bnc#1012382).
- usb: gadget: ffs: Execute copy_to_user() with USER_DS set (bnc#1012382).
- usb: gadget: ffs: Let setup() return USB_GADGET_DELAYED_STATUS (bnc#1012382).
- usb: gadget: fsl_udc_core: fix ep valid checks (bnc#1012382).
- usb: gadget: f_uac2: fix bFirstInterface in composite gadget (bnc#1012382).
- usb: gadget: udc: change comparison to bitshift when dealing with a mask (bnc#1012382).
- usbip: usbip_host: delete device from busid_table after rebind (bnc#1012382).
- usbip: usbip_host: fix bad unlock balance during stub_probe() (bnc#1012382).
- usbip: usbip_host: fix NULL-ptr deref and use-after-free errors (bnc#1012382).
- usbip: usbip_host: refine probe and disconnect debug msgs to be useful (bnc#1012382).
- usbip: usbip_host: run rebind from exit when module is removed (bnc#1012382).
- usb: musb: call pm_runtime_{get,put}_sync before reading vbus registers (bnc#1012382).
- usb: musb: fix enumeration after resume (bnc#1012382).
- USB: OHCI: Fix NULL dereference in HCDs using HCD_LOCAL_MEM (bnc#1012382).
- USB: serial: cp210x: use tcflag_t to fix incompatible pointer type (bnc#1012382).
- vfs: add path_has_submounts() (bsc#1086716).
- vfs: add path_is_mountpoint() helper (bsc#1086716).
- vfs: change d_manage() to take a struct path (bsc#1086716).
- virtio-gpu: fix ioctl and expose the fixed status to userspace (bnc#1012382).
- virtio-net: Fix operstate for virtio when no VIRTIO_NET_F_STATUS (bnc#1012382).
- vmscan: do not force-scan file lru if its absolute size is small (bnc#1012382).
- vmw_balloon: fixing double free when batching mode is off (bnc#1012382).
- vti4: Do not count header length twice on tunnel setup (bnc#1012382).
- vti4: Do not override MTU passed on link creation via IFLA_MTU (bnc#1012382).
- watchdog: f71808e_wdt: Fix magic close handling (bnc#1012382).
- watchdog: sp5100_tco: Fix watchdog disable bit (bnc#1012382).
- workqueue: use put_device() instead of kfree() (bnc#1012382).
- x86/apic: Set up through-local-APIC mode on the boot CPU if 'noapic' specified (bnc#1012382).
- x86/boot: Fix early command-line parsing when partial word matches (bsc#1096140).
- x86/bugs: IBRS: make runtime disabling fully dynamic (bsc#1068032).
- x86/bugs: spec_ctrl must be cleared from cpu_caps_set when being disabled (bsc#1096140).
- x86/cpufeature: Remove unused and seldomly used cpu_has_xx macros (bnc#1012382).
- x86/crypto, x86/fpu: Remove X86_FEATURE_EAGER_FPU #ifdef from the crc32c code (bnc#1012382).
- x86/devicetree: Fix device IRQ settings in DT (bnc#1012382).
- x86/devicetree: Initialize device tree before using it (bnc#1012382).
- x86: ENABLE_IBRS is sometimes called early during boot while it should not. Let's drop the uoptimization for now. Fixes bsc#1098009 and bsc#1098012
- x86/fpu: Disable AVX when eagerfpu is off (bnc#1012382).
- x86/fpu: Hard-disable lazy FPU mode (bnc#1012382).
- x86/fpu: Revert ('x86/fpu: Disable AVX when eagerfpu is off') (bnc#1012382).
- x86/kexec: Avoid double free_page() upon do_kexec_load() failure (bnc#1012382).
- x86/pgtable: Do not set huge PUD/PMD on non-leaf entries (bnc#1012382).
- x86/pkeys: Do not special case protection key 0 (1041740).
- x86/pkeys: Override pkey when moving away from PROT_EXEC (1041740).
- x86/power: Fix swsusp_arch_resume prototype (bnc#1012382).
- x86: Remove unused function cpu_has_ht_siblings() (bnc#1012382).
- x86/topology: Update the 'cpu cores' field in /proc/cpuinfo correctly across CPU hotplug operations (bnc#1012382).
- xen/acpi: off by one in read_acpi_id() (bnc#1012382).
- xen/grant-table: Use put_page instead of free_page (bnc#1012382).
- xen-netfront: Fix race between device setup and open (bnc#1012382).
- xen/netfront: raise max number of slots in xennet_get_responses() (bnc#1076049).
- xen/pirq: fix error path cleanup when binding MSIs (bnc#1012382).
- xen-swiotlb: fix the check condition for xen_swiotlb_free_coherent (bnc#1012382).
- xen: xenbus: use put_device() instead of kfree() (bnc#1012382).
- xfrm: fix xfrm_do_migrate() with AEAD e.g(AES-GCM) (bnc#1012382).
- xfs: convert XFS_AGFL_SIZE to a helper function (bsc#1090955, bsc#1090534).
- xfs: detect agfl count corruption and reset agfl (bnc#1012382 bsc#1090534 bsc#1090955).
- xfs: detect agfl count corruption and reset agfl (bsc#1090955, bsc#1090534).
- xfs: do not log/recover swapext extent owner changes for deleted inodes (bsc#1090955).
- xfs: remove racy hasattr check from attr ops (bnc#1012382 bsc#1035432).
- xhci: Fix USB3 NULL pointer dereference at logical disconnect (git-fixes).
- xhci: Fix use-after-free in xhci_free_virt_device (git-fixes).
- xhci: zero usb device slot_id member when disabling and freeing a xhci slot (bnc#1012382).
- zorro: Set up z->dev.dma_mask for the DMA API (bnc#1012382).
- xfs: fix incorrect log_flushed on fsync (bnc#1012382).
Patchnames
SUSE-SLE-DESKTOP-12-SP3-2018-1199,SUSE-SLE-HA-12-SP3-2018-1199,SUSE-SLE-Live-Patching-12-SP3-2018-1199,SUSE-SLE-SDK-12-SP3-2018-1199,SUSE-SLE-SERVER-12-SP3-2018-1199,SUSE-SLE-WE-12-SP3-2018-1199
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for the Linux Kernel",
"title": "Title of the patch"
},
{
"category": "description",
"text": "\nThe SUSE Linux Enterprise 12 SP3 kernel was updated to 4.4.136 to receive various security and bugfixes.\n\nThe following security bugs were fixed:\n\n- CVE-2018-5848: In the function wmi_set_ie(), the length validation code did\n not handle unsigned integer overflow properly. As a result, a large value of\n the \u0027ie_len\u0027 argument could have caused a buffer overflow (bnc#1097356).\n- CVE-2017-18249: The add_free_nid function did not properly track an allocated\n nid, which allowed local users to cause a denial of service (race condition) or\n possibly have unspecified other impact via concurrent threads (bnc#1087036).\n- CVE-2018-3665: Prevent disclosure of FPU registers (including XMM and AVX\n registers) between processes. These registers might contain encryption keys\n when doing SSE accelerated AES enc/decryption (bsc#1087086).\n- CVE-2017-18241: Prevent a NULL pointer dereference by using a noflush_merge\n option that triggers a NULL value for a flush_cmd_control data structure\n (bnc#1086400).\n- CVE-2017-17741: The KVM implementation in the Linux kernel allowed attackers\n to obtain potentially sensitive information from kernel memory, aka a\n write_mmio stack-based out-of-bounds read (bnc#1073311).\n- CVE-2018-12233: In the ea_get function in fs/jfs/xattr.c, a memory\n corruption bug in JFS can be triggered by calling setxattr twice with two\n different extended attribute names on the same file. This vulnerability\n can be triggered by an unprivileged user with the ability to create\n files and execute programs. A kmalloc call is incorrect, leading to\n slab-out-of-bounds in jfs_xattr (bnc#1097234).\n\nThe following non-security bugs were fixed:\n\n- 8139too: Use disable_irq_nosync() in rtl8139_poll_controller() (bnc#1012382).\n- ACPI: acpi_pad: Fix memory leak in power saving threads (bnc#1012382).\n- ACPICA: acpi: acpica: fix acpi operand cache leak in nseval.c (bnc#1012382).\n- ACPICA: Events: add a return on failure from acpi_hw_register_read (bnc#1012382).\n- ACPI: processor_perflib: Do not send _PPC change notification if not ready (bnc#1012382).\n- affs_lookup(): close a race with affs_remove_link() (bnc#1012382).\n- af_key: Always verify length of provided sadb_key (bnc#1012382).\n- aio: fix io_destroy(2) vs. lookup_ioctx() race (bnc#1012382).\n- alsa: control: fix a redundant-copy issue (bnc#1012382).\n- alsa: hda: Add Lenovo C50 All in one to the power_save blacklist (bnc#1012382).\n- alsa: hda - Use IS_REACHABLE() for dependency on input (bnc#1012382 bsc#1031717).\n- alsa: timer: Call notifier in the same spinlock (bnc#1012382 bsc#973378).\n- alsa: timer: Fix pause event notification (bnc#1012382 bsc#973378).\n- alsa: usb: mixer: volume quirk for CM102-A+/102S+ (bnc#1012382).\n- alsa: vmaster: Propagate slave error (bnc#1012382).\n- arc: Fix malformed ARC_EMUL_UNALIGNED default (bnc#1012382).\n- arm64: Add ARCH_WORKAROUND_2 probing (bsc#1085308).\n- arm64: Add per-cpu infrastructure to call ARCH_WORKAROUND_2 (bsc#1085308).\n- arm64: Add \u0027ssbd\u0027 command-line option (bsc#1085308).\n- arm64: Add this_cpu_ptr() assembler macro for use in entry.S (bsc#1085308).\n- arm64: Add work around for Arm Cortex-A55 Erratum 1024718 (bnc#1012382).\n- arm64: alternatives: Add dynamic patching feature (bsc#1085308).\n- arm64: assembler: introduce ldr_this_cpu (bsc#1085308).\n- arm64: Call ARCH_WORKAROUND_2 on transitions between EL0 and EL1 (bsc#1085308).\n- arm64: do not call C code with el0\u0027s fp register (bsc#1085308).\n- arm64: fix endianness annotation for __apply_alternatives()/get_alt_insn() (bsc#1085308).\n- arm64: introduce mov_q macro to move a constant into a 64-bit register (bnc#1012382 bsc#1068032).\n- arm64: lse: Add early clobbers to some input/output asm operands (bnc#1012382).\n- arm64: spinlock: Fix theoretical trylock() A-B-A with LSE atomics (bnc#1012382).\n- arm64: ssbd: Add global mitigation state accessor (bsc#1085308).\n- arm64: ssbd: Add prctl interface for per-thread mitigation (bsc#1085308).\n- arm64: ssbd: Introduce thread flag to control userspace mitigation (bsc#1085308).\n- arm64: ssbd: Restore mitigation status on CPU resume (bsc#1085308).\n- arm64: ssbd: Skip apply_ssbd if not using dynamic mitigation (bsc#1085308).\n- arm: 8748/1: mm: Define vdso_start, vdso_end as array (bnc#1012382).\n- arm: 8769/1: kprobes: Fix to use get_kprobe_ctlblk after irq-disabed (bnc#1012382).\n- arm: 8770/1: kprobes: Prohibit probing on optimized_callback (bnc#1012382).\n- arm: 8771/1: kprobes: Prohibit kprobes on do_undefinstr (bnc#1012382).\n- arm: 8772/1: kprobes: Prohibit kprobes on get_user functions (bnc#1012382).\n- arm/arm64: smccc: Add SMCCC-specific return codes (bsc#1085308).\n- arm: dts: socfpga: fix GIC PPI warning (bnc#1012382).\n- arm: OMAP1: clock: Fix debugfs_create_*() usage (bnc#1012382).\n- arm: OMAP2+: timer: fix a kmemleak caused in omap_get_timer_dt (bnc#1012382).\n- arm: OMAP3: Fix prm wake interrupt for resume (bnc#1012382).\n- arm: OMAP: Fix dmtimer init for omap1 (bnc#1012382).\n- asm-generic: provide generic_pmdp_establish() (bnc#1012382).\n- ASoC: au1x: Fix timeout tests in au1xac97c_ac97_read() (bnc#1012382 bsc#1031717).\n- ASoC: Intel: sst: remove redundant variable dma_dev_name (bnc#1012382).\n- ASoC: samsung: i2s: Ensure the RCLK rate is properly determined (bnc#1012382).\n- ASoC: topology: create TLV data for dapm widgets (bnc#1012382).\n- ath10k: Fix kernel panic while using worker (ath10k_sta_rc_update_wk) (bnc#1012382).\n- audit: move calcs after alloc and check when logging set loginuid (bnc#1012382).\n- audit: return on memory error to avoid null pointer dereference (bnc#1012382).\n- autofs: change autofs4_expire_wait()/do_expire_wait() to take struct path (bsc#1086716).\n- autofs: change autofs4_wait() to take struct path (bsc#1086716).\n- autofs: use path_has_submounts() to fix unreliable have_submount() checks (bsc#1086716).\n- autofs: use path_is_mountpoint() to fix unreliable d_mountpoint() checks (bsc#1086716).\n- batman-adv: fix header size check in batadv_dbg_arp() (bnc#1012382).\n- batman-adv: fix multicast-via-unicast transmission with AP isolation (bnc#1012382).\n- batman-adv: fix packet checksum in receive path (bnc#1012382).\n- batman-adv: fix packet loss for broadcasted DHCP packets to a server (bnc#1012382).\n- batman-adv: invalidate checksum on fragment reassembly (bnc#1012382).\n- bcache: fix for allocator and register thread race (bnc#1012382).\n- bcache: fix for data collapse after re-attaching an attached device (bnc#1012382).\n- bcache: fix kcrashes with fio in RAID5 backend dev (bnc#1012382).\n- bcache: properly set task state in bch_writeback_thread() (bnc#1012382).\n- bcache: quit dc-\u003ewriteback_thread when BCACHE_DEV_DETACHING is set (bnc#1012382).\n- bcache: return attach error when no cache set exist (bnc#1012382).\n- block: cancel workqueue entries on blk_mq_freeze_queue() (bsc#1090435).\n- Bluetooth: Apply QCA Rome patches for some ATH3012 models (bsc#1082504, bsc#1095147).\n- Bluetooth: btusb: Add device ID for RTL8822BE (bnc#1012382).\n- Bluetooth: btusb: Add USB ID 7392:a611 for Edimax EW-7611ULB (bnc#1012382).\n- bnx2x: use the right constant (bnc#1012382).\n- bnxt_en: Check valid VNIC ID in bnxt_hwrm_vnic_set_tpa() (bnc#1012382).\n- bonding: do not allow rlb updates to invalid mac (bnc#1012382).\n- bpf: fix selftests/bpf test_kmod.sh failure when CONFIG_BPF_JIT_ALWAYS_ON=y (bnc#1012382).\n- brcmfmac: Fix check for ISO3166 code (bnc#1012382).\n- bridge: check iface upper dev when setting master via ioctl (bnc#1012382).\n- Btrfs: bail out on error during replay_dir_deletes (bnc#1012382).\n- Btrfs: fix copy_items() return value when logging an inode (bnc#1012382).\n- Btrfs: fix crash when trying to resume balance without the resume flag (bnc#1012382).\n- Btrfs: fix lockdep splat in btrfs_alloc_subvolume_writers (bnc#1012382).\n- Btrfs: fix NULL pointer dereference in log_dir_items (bnc#1012382).\n- Btrfs: Fix out of bounds access in btrfs_search_slot (bnc#1012382).\n- Btrfs: Fix possible softlock on single core machines (bnc#1012382).\n- Btrfs: fix reading stale metadata blocks after degraded raid1 mounts (bnc#1012382).\n- Btrfs: fix scrub to repair raid6 corruption (bnc#1012382).\n- Btrfs: fix xattr loss after power failure (bnc#1012382).\n- Btrfs: send, fix issuing write op when processing hole in no data mode (bnc#1012382).\n- Btrfs: set plug for fsync (bnc#1012382).\n- Btrfs: tests/qgroup: Fix wrong tree backref level (bnc#1012382).\n- cdrom: do not call check_disk_change() inside cdrom_open() (bnc#1012382).\n- ceph: delete unreachable code in ceph_check_caps() (bsc#1096214).\n- ceph: fix race of queuing delayed caps (bsc#1096214).\n- cfg80211: further limit wiphy names to 64 bytes (bnc#1012382 git-fixes).\n- cfg80211: further limit wiphy names to 64 bytes (git-fixes).\n- cfg80211: limit wiphy names to 128 bytes (bnc#1012382).\n- cifs: silence compiler warnings showing up with gcc-8.0.0 (bnc#1012382 bsc#1090734).\n- Clarify (and fix) MAX_LFS_FILESIZE macros (bnc#1012382).\n- clk: Do not show the incorrect clock phase (bnc#1012382).\n- clk: rockchip: Prevent calculating mmc phase if clock rate is zero (bnc#1012382).\n- clk: samsung: exynos3250: Fix PLL rates (bnc#1012382).\n- clk: samsung: exynos5250: Fix PLL rates (bnc#1012382).\n- clk: samsung: exynos5260: Fix PLL rates (bnc#1012382).\n- clk: samsung: exynos5433: Fix PLL rates (bnc#1012382).\n- clk: samsung: s3c2410: Fix PLL rates (bnc#1012382).\n- clocksource/drivers/fsl_ftm_timer: Fix error return checking (bnc#1012382).\n- config: arm64: enable Spectre-v4 per-thread mitigation\n- Correct the prefix in references tag in previous patches (bsc#1041740).\n- cpufreq: cppc_cpufreq: Fix cppc_cpufreq_init() failure path (bnc#1012382).\n- cpufreq: CPPC: Initialize shared perf capabilities of CPUs (bnc#1012382).\n- cpufreq: intel_pstate: Enable HWP by default (bnc#1012382).\n- cpuidle: coupled: remove unused define cpuidle_coupled_lock (bnc#1012382).\n- crypto: sunxi-ss - Add MODULE_ALIAS to sun4i-ss (bnc#1012382).\n- crypto: vmx - Remove overly verbose printk from AES init routines (bnc#1012382).\n- dccp: do not free ccid2_hc_tx_sock struct in dccp_disconnect() (bnc#1012382).\n- dccp: fix tasklet usage (bnc#1012382).\n- dlm: fix a clerical error when set SCTP_NODELAY (bsc#1091594).\n- dlm: make sctp_connect_to_sock() return in specified time (bsc#1080542).\n- dlm: remove O_NONBLOCK flag in sctp_connect_to_sock (bsc#1080542).\n- dmaengine: ensure dmaengine helpers check valid callback (bnc#1012382).\n- dmaengine: pl330: fix a race condition in case of threaded irqs (bnc#1012382).\n- dmaengine: rcar-dmac: fix max_chunk_size for R-Car Gen3 (bnc#1012382).\n- dmaengine: usb-dmac: fix endless loop in usb_dmac_chan_terminate_all() (bnc#1012382).\n- dm thin: fix documentation relative to low water mark threshold (bnc#1012382).\n- do d_instantiate/unlock_new_inode combinations safely (bnc#1012382).\n- dp83640: Ensure against premature access to PHY registers after reset (bnc#1012382).\n- drm/exynos: fix comparison to bitshift when dealing with a mask (bnc#1012382).\n- drm/i915: Disable LVDS on Radiant P845 (bnc#1012382).\n- drm/rockchip: Respect page offset for PRIME mmap calls (bnc#1012382).\n- drm: set FMODE_UNSIGNED_OFFSET for drm files (bnc#1012382).\n- e1000e: allocate ring descriptors with dma_zalloc_coherent (bnc#1012382).\n- e1000e: Fix check_for_link return value with autoneg off (bnc#1012382 bsc#1075428).\n- efi: Avoid potential crashes, fix the \u0027struct efi_pci_io_protocol_32\u0027 definition for mixed mode (bnc#1012382).\n- enic: enable rq before updating rq descriptors (bnc#1012382).\n- enic: set DMA mask to 47 bit (bnc#1012382).\n- ext2: fix a block leak (bnc#1012382).\n- fbdev: Fixing arbitrary kernel leak in case FBIOGETCMAP_SPARC in sbusfb_ioctl_helper() (bnc#1012382).\n- firewire-ohci: work around oversized DMA reads on JMicron controllers (bnc#1012382).\n- firmware: dmi: handle missing DMI data gracefully (bsc#1096037).\n- firmware: dmi_scan: Fix handling of empty DMI strings (bnc#1012382).\n- fix io_destroy()/aio_complete() race (bnc#1012382).\n- Force log to disk before reading the AGF during a fstrim (bnc#1012382).\n- fscache: Fix hanging wait on page discarded by writeback (bnc#1012382).\n- fs/proc/proc_sysctl.c: fix potential page fault while unregistering sysctl table (bnc#1012382).\n- futex: futex_wake_op, do not fail on invalid op (git-fixes).\n- futex: futex_wake_op, fix sign_extend32 sign bits (bnc#1012382).\n- futex: Remove duplicated code and fix undefined behaviour (bnc#1012382).\n- futex: Remove unnecessary warning from get_futex_key (bnc#1012382).\n- gfs2: Fix fallocate chunk size (bnc#1012382).\n- gianfar: Fix Rx byte accounting for ndev stats (bnc#1012382).\n- gpio: No NULL owner (bnc#1012382).\n- gpio: rcar: Add Runtime PM handling for interrupts (bnc#1012382).\n- hfsplus: stop workqueue when fill_super() failed (bnc#1012382).\n- HID: roccat: prevent an out of bounds read in kovaplus_profile_activated() (bnc#1012382).\n- hwmon: (nct6775) Fix writing pwmX_mode (bnc#1012382).\n- hwmon: (pmbus/adm1275) Accept negative page register values (bnc#1012382).\n- hwmon: (pmbus/max8688) Accept negative page register values (bnc#1012382).\n- hwrng: stm32 - add reset during probe (bnc#1012382).\n- hwtracing: stm: fix build error on some arches (bnc#1012382).\n- i2c: mv64xxx: Apply errata delay only in standard mode (bnc#1012382).\n- i2c: rcar: check master irqs before slave irqs (bnc#1012382).\n- i2c: rcar: do not issue stop when HW does it automatically (bnc#1012382).\n- i2c: rcar: init new messages in irq (bnc#1012382).\n- i2c: rcar: make sure clocks are on when doing clock calculation (bnc#1012382).\n- i2c: rcar: refactor setup of a msg (bnc#1012382).\n- i2c: rcar: remove spinlock (bnc#1012382).\n- i2c: rcar: remove unused IOERROR state (bnc#1012382).\n- i2c: rcar: revoke START request early (bnc#1012382).\n- i2c: rcar: rework hw init (bnc#1012382).\n- IB/ipoib: Fix for potential no-carrier state (bnc#1012382).\n- iio:kfifo_buf: check for uint overflow (bnc#1012382).\n- ima: Fallback to the builtin hash algorithm (bnc#1012382).\n- ima: Fix Kconfig to select TPM 2.0 CRB interface (bnc#1012382).\n- init: fix false positives in W+X checking (bsc#1096982).\n- input: elan_i2c - add ELAN0612 (Lenovo v330 14IKB) ACPI ID (bnc#1012382).\n- Input: elan_i2c_smbus - fix corrupted stack (bnc#1012382).\n- input: goodix - add new ACPI id for GPD Win 2 touch screen (bnc#1012382).\n- ip6mr: only set ip6mr_table from setsockopt when ip6mr_new_table succeeds (bnc#1012382).\n- ipc/shm: fix shmat() nil address after round-down when remapping (bnc#1012382).\n- ipmi/powernv: Fix error return code in ipmi_powernv_probe() (bnc#1012382).\n- ipmi_ssif: Fix kernel panic at msg_done_handler (bnc#1012382 bsc#1088871).\n- ipv4: fix memory leaks in udp_sendmsg, ping_v4_sendmsg (bnc#1012382).\n- ipv4: lock mtu in fnhe when received PMTU lower than net.ipv4.route.min_pmtu (bnc#1012382).\n- ipv4: remove warning in ip_recv_error (bnc#1012382).\n- ipv6: omit traffic class when calculating flow hash (bsc#1095042).\n- irda: fix overly long udelay() (bnc#1012382).\n- irqchip/gic-v3: Change pr_debug message to pr_devel (bnc#1012382).\n- isdn: eicon: fix a missing-check bug (bnc#1012382).\n- jffs2: Fix use-after-free bug in jffs2_iget()\u0027s error handling path (bnc#1012382 git-fixes).\n- kabi: vfs: Restore dentry_operations-\u003ed_manage (bsc#1086716).\n- kasan: fix memory hotplug during boot (bnc#1012382).\n- Kbuild: change CC_OPTIMIZE_FOR_SIZE definition (bnc#1012382).\n- kconfig: Avoid format overflow warning from GCC 8.1 (bnc#1012382).\n- kconfig: Do not leak main menus during parsing (bnc#1012382).\n- kconfig: Fix automatic menu creation mem leak (bnc#1012382).\n- kconfig: Fix expr_free() E_NOT leak (bnc#1012382).\n- kdb: make \u0027mdr\u0027 command repeat (bnc#1012382).\n- kernel: Fix memory leak on EP11 target list processing (bnc#1096751, LTC#168596).\n- kernel/relay.c: limit kmalloc size to KMALLOC_MAX_SIZE (bnc#1012382).\n- kernel/sys.c: fix potential Spectre v1 issue (bnc#1012382).\n- kvm: Fix spelling mistake: \u0027cop_unsuable\u0027 -\u003e \u0027cop_unusable\u0027 (bnc#1012382).\n- kvm: lapic: stop advertising DIRECTED_EOI when in-kernel IOAPIC is in use (bnc#1012382).\n- kvm: PPC: Book3S HV: Fix VRMA initialization with 2MB or 1GB memory backing (bnc#1012382).\n- kvm: VMX: raise internal error for exception during invalid protected mode state (bnc#1012382).\n- kvm: x86: fix KVM_XEN_HVM_CONFIG ioctl (bnc#1012382).\n- kvm: x86: introduce linear_{read,write}_system (bnc#1012382).\n- kvm: x86: pass kvm_vcpu to kvm_read_guest_virt and kvm_write_guest_virt_system (bnc#1012382).\n- kvm: x86: Sync back MSR_IA32_SPEC_CTRL to VCPU data structure (bsc#1096242, bsc#1096281).\n- kvm: x86: use correct privilege level for sgdt/sidt/fxsave/fxrstor access (bnc#1012382).\n- l2tp: revert \u0027l2tp: fix missing print session offset info\u0027 (bnc#1012382).\n- libata: blacklist Micron 500IT SSD with MU01 firmware (bnc#1012382).\n- libata: Blacklist some Sandisk SSDs for NCQ (bnc#1012382).\n- llc: better deal with too small mtu (bnc#1012382).\n- llc: properly handle dev_queue_xmit() return value (bnc#1012382).\n- lockd: lost rollback of set_grace_period() in lockd_down_net() (bnc#1012382 git-fixes).\n- locking/qspinlock: Ensure node-\u003ecount is updated before initialising node (bnc#1012382).\n- locking/xchg/alpha: Add unconditional memory barrier to cmpxchg() (bnc#1012382).\n- locking/xchg/alpha: Fix xchg() and cmpxchg() memory ordering bugs (bnc#1012382).\n- m68k: set dma and coherent masks for platform FEC ethernets (bnc#1012382).\n- mac80211: round IEEE80211_TX_STATUS_HEADROOM up to multiple of 4 (bnc#1012382).\n- md raid10: fix NULL deference in handle_write_completed() (bnc#1012382 bsc#1056415).\n- md/raid1: fix NULL pointer dereference (bnc#1012382).\n- md: raid5: avoid string overflow warning (bnc#1012382).\n- media: cx23885: Override 888 ImpactVCBe crystal frequency (bnc#1012382).\n- media: cx23885: Set subdev host data to clk_freq pointer (bnc#1012382).\n- media: cx25821: prevent out-of-bounds read on array card (bnc#1012382 bsc#1031717).\n- media: dmxdev: fix error code for invalid ioctls (bnc#1012382).\n- media: em28xx: USB bulk packet size fix (bnc#1012382).\n- media: s3c-camif: fix out-of-bounds array access (bnc#1012382 bsc#1031717).\n- mmap: introduce sane default mmap limits (bnc#1012382).\n- mmap: relax file size limit for regular files (bnc#1012382).\n- mmc: sdhci-iproc: fix 32bit writes for TRANSFER_MODE register (bnc#1012382).\n- mm: do not allow deferred pages with NEED_PER_CPU_KM (bnc#1012382).\n- mm: filemap: avoid unnecessary calls to lock_page when waiting for IO to complete during a read (bnc#1012382 bnc#971975).\n- mm: filemap: remove redundant code in do_read_cache_page (bnc#1012382 bnc#971975).\n- mm: fix races between address_space dereference and free in page_evicatable (bnc#1012382).\n- mm: fix the NULL mapping case in __isolate_lru_page() (bnc#1012382).\n- mm/kmemleak.c: wait for scan completion before disabling free (bnc#1012382).\n- mm/ksm: fix interaction with THP (bnc#1012382).\n- mm/mempolicy: add nodes_empty check in SYSC_migrate_pages (bnc#1012382).\n- mm/mempolicy.c: avoid use uninitialized preferred_node (bnc#1012382).\n- mm/mempolicy: fix the check of nodemask from user (bnc#1012382).\n- mm, page_alloc: do not break __GFP_THISNODE by zonelist reset (bsc#1079152, VM Functionality).\n- mm: pin address_space before dereferencing it while isolating an LRU page (bnc#1012382 bnc#1081500).\n- net: bgmac: Fix endian access in bgmac_dma_tx_ring_free() (bnc#1012382).\n- netdev-FAQ: clarify DaveM\u0027s position for stable backports (bnc#1012382).\n- net: ethernet: sun: niu set correct packet size in skb (bnc#1012382).\n- netfilter: ebtables: convert BUG_ONs to WARN_ONs (bnc#1012382).\n- net: Fix untag for vlan packets without ethernet header (bnc#1012382).\n- net: Fix vlan untag for bridge and vlan_dev with reorder_hdr off (bnc#1012382).\n- netlabel: If PF_INET6, check sk_buff ip header version (bnc#1012382).\n- net: metrics: add proper netlink validation (bnc#1012382).\n- net/mlx4_en: Verify coalescing parameters are in range (bnc#1012382).\n- net/mlx4: Fix irq-unsafe spinlock usage (bnc#1012382).\n- net/mlx5: Protect from command bit overflow (bnc#1012382).\n- net: mvneta: fix enable of all initialized RXQs (bnc#1012382).\n- net/packet: refine check for priv area size (bnc#1012382).\n- net: phy: broadcom: Fix bcm_write_exp() (bnc#1012382).\n- net: qmi_wwan: add BroadMobi BM806U 2020:2033 (bnc#1012382).\n- net_sched: fq: take care of throttled flows before reuse (bnc#1012382).\n- net: support compat 64-bit time in {s,g}etsockopt (bnc#1012382).\n- net/tcp/illinois: replace broken algorithm reference link (bnc#1012382).\n- net: test tailroom before appending to linear skb (bnc#1012382).\n- net-usb: add qmi_wwan if on lte modem wistron neweb d18q1 (bnc#1012382).\n- net: usb: cdc_mbim: add flag FLAG_SEND_ZLP (bnc#1012382).\n- net/usb/qmi_wwan.c: Add USB id for lt4120 modem (bnc#1012382).\n- nfc: llcp: Limit size of SDP URI (bnc#1012382).\n- nfs: Do not convert nfs_idmap_cache_timeout to jiffies (bnc#1012382 git-fixes).\n- nfsv4: always set NFS_LOCK_LOST when a lock is lost (bnc#1012382 bsc#1068951).\n- ntb_transport: Fix bug with max_mw_size parameter (bnc#1012382).\n- nvme-pci: Fix nvme queue cleanup if IRQ setup fails (bnc#1012382).\n- ocfs2/acl: use \u0027ip_xattr_sem\u0027 to protect getting extended attribute (bnc#1012382).\n- ocfs2/dlm: do not handle migrate lockres if already in shutdown (bnc#1012382).\n- ocfs2: return -EROFS to mount.ocfs2 if inode block is invalid (bnc#1012382).\n- ocfs2: return error when we attempt to access a dirty bh in jbd2 (bnc#1012382 bsc#1070404).\n- openvswitch: Do not swap table in nlattr_set() after OVS_ATTR_NESTED is found (bnc#1012382).\n- packet: fix reserve calculation (bnc#1012382 git-fixes).\n- packet: fix reserve calculation (git-fixes).\n- packet: in packet_snd start writing at link layer allocation (bnc#1012382).\n- parisc/pci: Switch LBA PCI bus from Hard Fail to Soft Fail mode (bnc#1012382).\n- pci: Add function 1 DMA alias quirk for Marvell 88SE9220 (bnc#1012382).\n- pci: Add function 1 DMA alias quirk for Marvell 9128 (bnc#1012382).\n- pci: Restore config space on runtime resume despite being unbound (bnc#1012382).\n- perf callchain: Fix attr.sample_max_stack setting (bnc#1012382).\n- perf/cgroup: Fix child event counting bug (bnc#1012382).\n- perf/core: Fix perf_output_read_group() (bnc#1012382).\n- perf report: Fix memory corruption in --branch-history mode --branch-history (bnc#1012382).\n- perf tests: Use arch__compare_symbol_names to compare symbols (bnc#1012382).\n- pipe: cap initial pipe capacity according to pipe-max-size limit (bnc#1012382 bsc#1045330).\n- powerpc/64s: Clear PCR on boot (bnc#1012382).\n- powerpc: Add missing prototype for arch_irq_work_raise() (bnc#1012382).\n- powerpc/bpf/jit: Fix 32-bit JIT for seccomp_data access (bnc#1012382).\n- powerpc: Do not preempt_disable() in show_cpuinfo() (bnc#1012382 bsc#1066223).\n- powerpc/mpic: Check if cpu_possible() in mpic_physmask() (bnc#1012382).\n- powerpc/numa: Ensure nodes initialized for hotplug (bnc#1012382 bsc#1081514).\n- powerpc/numa: Use ibm,max-associativity-domains to discover possible nodes (bnc#1012382 bsc#1081514).\n- powerpc/perf: Fix kernel address leak via sampling registers (bnc#1012382).\n- powerpc/perf: Prevent kernel address leak to userspace via BHRB buffer (bnc#1012382).\n- powerpc/powernv: Fix NVRAM sleep in invalid context when crashing (bnc#1012382).\n- powerpc/powernv: panic() on OPAL lower than V3 (bnc#1012382).\n- powerpc/powernv: remove FW_FEATURE_OPALv3 and just use FW_FEATURE_OPAL (bnc#1012382).\n- powerpc/powernv: Remove OPALv2 firmware define and references (bnc#1012382).\n- proc: fix /proc/*/map_files lookup (bnc#1012382).\n- procfs: fix pthread cross-thread naming if !PR_DUMPABLE (bnc#1012382).\n- proc: meminfo: estimate available memory more conservatively (bnc#1012382).\n- proc read mm\u0027s {arg,env}_{start,end} with mmap semaphore taken (bnc#1012382).\n- qed: Fix mask for physical address in ILT entry (bnc#1012382).\n- qla2xxx: Mask off Scope bits in retry delay (bsc#1068054).\n- qmi_wwan: do not steal interfaces from class drivers (bnc#1012382).\n- r8152: fix tx packets accounting (bnc#1012382).\n- r8169: fix powering up RTL8168h (bnc#1012382).\n- RDMA/mlx5: Avoid memory leak in case of XRCD dealloc failure (bnc#1012382).\n- RDMA/ucma: Correct option size check using optlen (bnc#1012382).\n- RDS: IB: Fix null pointer issue (bnc#1012382).\n- Refreshed contents of patches (bsc#1085185)\n- regulator: of: Add a missing \u0027of_node_put()\u0027 in an error handling path of \u0027of_regulator_match()\u0027 (bnc#1012382).\n- regulatory: add NUL to request alpha2 (bnc#1012382).\n- Revert \u0027arm: dts: imx6qdl-wandboard: Fix audio channel swap\u0027 (bnc#1012382).\n- Revert \u0027ima: limit file hash setting by user to fix and log modes\u0027 (bnc#1012382).\n- Revert \u0027ipc/shm: Fix shmat mmap nil-page protection\u0027 (bnc#1012382).\n- Revert \u0027regulatory: add NUL to request alpha2\u0027 (kabi).\n- Revert \u0027vti4: Do not override MTU passed on link creation via IFLA_MTU\u0027 (bnc#1012382).\n- rtc: hctosys: Ensure system time does not overflow time_t (bnc#1012382).\n- rtc: snvs: Fix usage of snvs_rtc_enable (bnc#1012382).\n- rtc: tx4939: avoid unintended sign extension on a 24 bit shift (bnc#1012382).\n- rtlwifi: rtl8192cu: Remove variable self-assignment in rf.c (bnc#1012382).\n- rtnetlink: validate attributes in do_setlink() (bnc#1012382).\n- s390: add assembler macros for CPU alternatives (bnc#1012382).\n- s390/cio: clear timer when terminating driver I/O (bnc#1012382).\n- s390/cio: fix return code after missing interrupt (bnc#1012382).\n- s390/cpum_sf: ensure sample frequency of perf event attributes is non-zero (LTC#168035 bnc#1012382 bnc#1094532).\n- s390: extend expoline to BC instructions (bnc#1012382).\n- s390/ftrace: use expoline for indirect branches (bnc#1012382).\n- s390/kernel: use expoline for indirect branches (bnc#1012382).\n- s390/lib: use expoline for indirect branches (bnc#1012382).\n- s390: move expoline assembler macros to a header (bnc#1012382).\n- s390: move spectre sysfs attribute code (bnc#1012382).\n- s390/qdio: do not release memory in qdio_setup_irq() (bnc#1012382).\n- s390/qdio: fix access to uninitialized qdio_q fields (LTC#168037 bnc#1012382 bnc#1094532).\n- s390: remove indirect branch from do_softirq_own_stack (bnc#1012382).\n- s390: use expoline thunks in the BPF JIT (bnc#1012382).\n- sched/rt: Fix rq-\u003eclock_update_flags lower than RQCF_ACT_SKIP warning (bnc#1012382).\n- scripts/git-pre-commit:\n- scsi: aacraid: fix shutdown crash when init fails (bnc#1012382).\n- scsi: aacraid: Insure command thread is not recursively stopped (bnc#1012382).\n- scsi: bnx2fc: Fix check in SCSI completion handler for timed out request (bnc#1012382).\n- scsi: fas216: fix sense buffer initialization (bnc#1012382 bsc#1082979).\n- scsi: libsas: defer ata device eh commands to libata (bnc#1012382).\n- scsi: lpfc: Fix frequency of Release WQE CQEs (bnc#1012382).\n- scsi: lpfc: Fix issue_lip if link is disabled (bnc#1012382 bsc#1080656).\n- scsi: lpfc: Fix soft lockup in lpfc worker thread during LIP testing (bnc#1012382 bsc#1080656).\n- scsi: mpt3sas: Do not mark fw_event workqueue as WQ_MEM_RECLAIM (bnc#1012382 bsc#1078583).\n- scsi: mptfusion: Add bounds check in mptctl_hp_targetinfo() (bnc#1012382).\n- scsi: qla2xxx: Avoid triggering undefined behavior in qla2x00_mbx_completion() (bnc#1012382).\n- scsi: qla4xxx: skip error recovery in case of register disconnect (bnc#1012382).\n- scsi: scsi_transport_srp: Fix shost to rport translation (bnc#1012382).\n- scsi: sd: Keep disk read-only when re-reading partition (bnc#1012382).\n- scsi: sg: allocate with __GFP_ZERO in sg_build_indirect() (bnc#1012382).\n- scsi: storvsc: Increase cmd_per_lun for higher speed devices (bnc#1012382).\n- scsi: sym53c8xx_2: iterator underflow in sym_getsync() (bnc#1012382).\n- scsi: ufs: Enable quirk to ignore sending WRITE_SAME command (bnc#1012382).\n- scsi: zfcp: fix infinite iteration on ERP ready list (LTC#168038 bnc#1012382 bnc#1094532).\n- sctp: delay the authentication for the duplicated cookie-echo chunk (bnc#1012382).\n- sctp: fix the issue that the cookie-ack with auth can\u0027t get processed (bnc#1012382).\n- sctp: handle two v4 addrs comparison in sctp_inet6_cmp_addr (bnc#1012382).\n- sctp: use the old asoc when making the cookie-ack chunk in dupcook_d (bnc#1012382).\n- selftests: ftrace: Add a testcase for probepoint (bnc#1012382).\n- selftests: ftrace: Add a testcase for string type with kprobe_event (bnc#1012382).\n- selftests: ftrace: Add probe event argument syntax testcase (bnc#1012382).\n- selftests: memfd: add config fragment for fuse (bnc#1012382).\n- selftests/net: fixes psock_fanout eBPF test case (bnc#1012382).\n- selftests/powerpc: Skip the subpage_prot tests if the syscall is unavailable (bnc#1012382).\n- selftests: Print the test we\u0027re running to /dev/kmsg (bnc#1012382).\n- selinux: KASAN: slab-out-of-bounds in xattr_getsecurity (bnc#1012382).\n- serial: arc_uart: Fix out-of-bounds access through DT alias (bnc#1012382).\n- serial: fsl_lpuart: Fix out-of-bounds access through DT alias (bnc#1012382).\n- serial: imx: Fix out-of-bounds access through serial port index (bnc#1012382).\n- serial: mxs-auart: Fix out-of-bounds access through serial port index (bnc#1012382).\n- serial: samsung: fix maxburst parameter for DMA transactions (bnc#1012382).\n- serial: samsung: Fix out-of-bounds access through serial port index (bnc#1012382).\n- serial: xuartps: Fix out-of-bounds access through DT alias (bnc#1012382).\n- sh: fix debug trap failure to process signals before return to user (bnc#1012382).\n- sh: New gcc support (bnc#1012382).\n- signals: avoid unnecessary taking of sighand-\u003esiglock (bnc#1012382 bnc#978907).\n- sit: fix IFLA_MTU ignored on NEWLINK (bnc#1012382).\n- smsc75xx: fix smsc75xx_set_features() (bnc#1012382).\n- sock_diag: fix use-after-free read in __sk_free (bnc#1012382).\n- sparc64: Fix build warnings with gcc 7 (bnc#1012382).\n- sparc64: Make atomic_xchg() an inline function rather than a macro (bnc#1012382).\n- spi: pxa2xx: Allow 64-bit DMA (bnc#1012382).\n- sr: get/drop reference to device in revalidate and check_events (bnc#1012382).\n- staging: rtl8192u: return -ENOMEM on failed allocation of priv-\u003eoldaddr (bnc#1012382).\n- stm class: Use vmalloc for the master map (bnc#1012382).\n- sunvnet: does not support GSO for sctp (bnc#1012382).\n- swap: divide-by-zero when zero length swap file on ssd (bnc#1012382 bsc#1082153).\n- tcp: avoid integer overflows in tcp_rcv_space_adjust() (bnc#1012382).\n- tcp: ignore Fast Open on repair mode (bnc#1012382).\n- tcp: purge write queue in tcp_connect_init() (bnc#1012382).\n- team: use netdev_features_t instead of u32 (bnc#1012382).\n- test_bpf: Fix testing with CONFIG_BPF_JIT_ALWAYS_ON=y on other arches (git-fixes).\n- tg3: Fix vunmap() BUG_ON() triggered from tg3_free_consistent() (bnc#1012382).\n- tick/broadcast: Use for_each_cpu() specially on UP kernels (bnc#1012382).\n- time: Fix CLOCK_MONOTONIC_RAW sub-nanosecond accounting (bnc#1012382).\n- tools/libbpf: handle issues with bpf ELF objects containing .eh_frames (bnc#1012382).\n- tools lib traceevent: Fix get_field_str() for dynamic strings (bnc#1012382).\n- tools lib traceevent: Simplify pointer print logic and fix %pF (bnc#1012382).\n- tools/thermal: tmon: fix for segfault (bnc#1012382).\n- tpm: do not suspend/resume if power stays on (bnc#1012382).\n- tpm: self test failure should not cause suspend to fail (bnc#1012382).\n- tracing: Fix crash when freeing instances with event triggers (bnc#1012382).\n- tracing/hrtimer: Fix tracing bugs by taking all clock bases and modes into account (bnc#1012382).\n- tracing/x86/xen: Remove zero data size trace events trace_xen_mmu_flush_tlb{_all} (bnc#1012382).\n- udf: Provide saner default for invalid uid / gid (bnc#1012382).\n- usb: dwc2: Fix dwc2_hsotg_core_init_disconnected() (bnc#1012382).\n- usb: dwc2: Fix interval type issue (bnc#1012382).\n- usb: dwc3: Update DWC_usb31 GTXFIFOSIZ reg fields (bnc#1012382).\n- usb: gadget: composite: fix incorrect handling of OS desc requests (bnc#1012382).\n- usb: gadget: ffs: Execute copy_to_user() with USER_DS set (bnc#1012382).\n- usb: gadget: ffs: Let setup() return USB_GADGET_DELAYED_STATUS (bnc#1012382).\n- usb: gadget: fsl_udc_core: fix ep valid checks (bnc#1012382).\n- usb: gadget: f_uac2: fix bFirstInterface in composite gadget (bnc#1012382).\n- usb: gadget: udc: change comparison to bitshift when dealing with a mask (bnc#1012382).\n- usbip: usbip_host: delete device from busid_table after rebind (bnc#1012382).\n- usbip: usbip_host: fix bad unlock balance during stub_probe() (bnc#1012382).\n- usbip: usbip_host: fix NULL-ptr deref and use-after-free errors (bnc#1012382).\n- usbip: usbip_host: refine probe and disconnect debug msgs to be useful (bnc#1012382).\n- usbip: usbip_host: run rebind from exit when module is removed (bnc#1012382).\n- usb: musb: call pm_runtime_{get,put}_sync before reading vbus registers (bnc#1012382).\n- usb: musb: fix enumeration after resume (bnc#1012382).\n- USB: OHCI: Fix NULL dereference in HCDs using HCD_LOCAL_MEM (bnc#1012382).\n- USB: serial: cp210x: use tcflag_t to fix incompatible pointer type (bnc#1012382).\n- vfs: add path_has_submounts() (bsc#1086716).\n- vfs: add path_is_mountpoint() helper (bsc#1086716).\n- vfs: change d_manage() to take a struct path (bsc#1086716).\n- virtio-gpu: fix ioctl and expose the fixed status to userspace (bnc#1012382).\n- virtio-net: Fix operstate for virtio when no VIRTIO_NET_F_STATUS (bnc#1012382).\n- vmscan: do not force-scan file lru if its absolute size is small (bnc#1012382).\n- vmw_balloon: fixing double free when batching mode is off (bnc#1012382).\n- vti4: Do not count header length twice on tunnel setup (bnc#1012382).\n- vti4: Do not override MTU passed on link creation via IFLA_MTU (bnc#1012382).\n- watchdog: f71808e_wdt: Fix magic close handling (bnc#1012382).\n- watchdog: sp5100_tco: Fix watchdog disable bit (bnc#1012382).\n- workqueue: use put_device() instead of kfree() (bnc#1012382).\n- x86/apic: Set up through-local-APIC mode on the boot CPU if \u0027noapic\u0027 specified (bnc#1012382).\n- x86/boot: Fix early command-line parsing when partial word matches (bsc#1096140).\n- x86/bugs: IBRS: make runtime disabling fully dynamic (bsc#1068032).\n- x86/bugs: spec_ctrl must be cleared from cpu_caps_set when being disabled (bsc#1096140).\n- x86/cpufeature: Remove unused and seldomly used cpu_has_xx macros (bnc#1012382).\n- x86/crypto, x86/fpu: Remove X86_FEATURE_EAGER_FPU #ifdef from the crc32c code (bnc#1012382).\n- x86/devicetree: Fix device IRQ settings in DT (bnc#1012382).\n- x86/devicetree: Initialize device tree before using it (bnc#1012382).\n- x86: ENABLE_IBRS is sometimes called early during boot while it should not. Let\u0027s drop the uoptimization for now. Fixes bsc#1098009 and bsc#1098012\n- x86/fpu: Disable AVX when eagerfpu is off (bnc#1012382).\n- x86/fpu: Hard-disable lazy FPU mode (bnc#1012382).\n- x86/fpu: Revert (\u0027x86/fpu: Disable AVX when eagerfpu is off\u0027) (bnc#1012382).\n- x86/kexec: Avoid double free_page() upon do_kexec_load() failure (bnc#1012382).\n- x86/pgtable: Do not set huge PUD/PMD on non-leaf entries (bnc#1012382).\n- x86/pkeys: Do not special case protection key 0 (1041740).\n- x86/pkeys: Override pkey when moving away from PROT_EXEC (1041740).\n- x86/power: Fix swsusp_arch_resume prototype (bnc#1012382).\n- x86: Remove unused function cpu_has_ht_siblings() (bnc#1012382).\n- x86/topology: Update the \u0027cpu cores\u0027 field in /proc/cpuinfo correctly across CPU hotplug operations (bnc#1012382).\n- xen/acpi: off by one in read_acpi_id() (bnc#1012382).\n- xen/grant-table: Use put_page instead of free_page (bnc#1012382).\n- xen-netfront: Fix race between device setup and open (bnc#1012382).\n- xen/netfront: raise max number of slots in xennet_get_responses() (bnc#1076049).\n- xen/pirq: fix error path cleanup when binding MSIs (bnc#1012382).\n- xen-swiotlb: fix the check condition for xen_swiotlb_free_coherent (bnc#1012382).\n- xen: xenbus: use put_device() instead of kfree() (bnc#1012382).\n- xfrm: fix xfrm_do_migrate() with AEAD e.g(AES-GCM) (bnc#1012382).\n- xfs: convert XFS_AGFL_SIZE to a helper function (bsc#1090955, bsc#1090534).\n- xfs: detect agfl count corruption and reset agfl (bnc#1012382 bsc#1090534 bsc#1090955).\n- xfs: detect agfl count corruption and reset agfl (bsc#1090955, bsc#1090534).\n- xfs: do not log/recover swapext extent owner changes for deleted inodes (bsc#1090955).\n- xfs: remove racy hasattr check from attr ops (bnc#1012382 bsc#1035432).\n- xhci: Fix USB3 NULL pointer dereference at logical disconnect (git-fixes).\n- xhci: Fix use-after-free in xhci_free_virt_device (git-fixes).\n- xhci: zero usb device slot_id member when disabling and freeing a xhci slot (bnc#1012382).\n- zorro: Set up z-\u003edev.dma_mask for the DMA API (bnc#1012382).\n- xfs: fix incorrect log_flushed on fsync (bnc#1012382).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-SLE-DESKTOP-12-SP3-2018-1199,SUSE-SLE-HA-12-SP3-2018-1199,SUSE-SLE-Live-Patching-12-SP3-2018-1199,SUSE-SLE-SDK-12-SP3-2018-1199,SUSE-SLE-SERVER-12-SP3-2018-1199,SUSE-SLE-WE-12-SP3-2018-1199",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2018_1772-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2018:1772-1",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20181772-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2018:1772-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2018-June/004211.html"
},
{
"category": "self",
"summary": "SUSE Bug 1012382",
"url": "https://bugzilla.suse.com/1012382"
},
{
"category": "self",
"summary": "SUSE Bug 1024718",
"url": "https://bugzilla.suse.com/1024718"
},
{
"category": "self",
"summary": "SUSE Bug 1031717",
"url": "https://bugzilla.suse.com/1031717"
},
{
"category": "self",
"summary": "SUSE Bug 1035432",
"url": "https://bugzilla.suse.com/1035432"
},
{
"category": "self",
"summary": "SUSE Bug 1041740",
"url": "https://bugzilla.suse.com/1041740"
},
{
"category": "self",
"summary": "SUSE Bug 1045330",
"url": "https://bugzilla.suse.com/1045330"
},
{
"category": "self",
"summary": "SUSE Bug 1056415",
"url": "https://bugzilla.suse.com/1056415"
},
{
"category": "self",
"summary": "SUSE Bug 1066223",
"url": "https://bugzilla.suse.com/1066223"
},
{
"category": "self",
"summary": "SUSE Bug 1068032",
"url": "https://bugzilla.suse.com/1068032"
},
{
"category": "self",
"summary": "SUSE Bug 1068054",
"url": "https://bugzilla.suse.com/1068054"
},
{
"category": "self",
"summary": "SUSE Bug 1068951",
"url": "https://bugzilla.suse.com/1068951"
},
{
"category": "self",
"summary": "SUSE Bug 1070404",
"url": "https://bugzilla.suse.com/1070404"
},
{
"category": "self",
"summary": "SUSE Bug 1073311",
"url": "https://bugzilla.suse.com/1073311"
},
{
"category": "self",
"summary": "SUSE Bug 1075428",
"url": "https://bugzilla.suse.com/1075428"
},
{
"category": "self",
"summary": "SUSE Bug 1076049",
"url": "https://bugzilla.suse.com/1076049"
},
{
"category": "self",
"summary": "SUSE Bug 1078583",
"url": "https://bugzilla.suse.com/1078583"
},
{
"category": "self",
"summary": "SUSE Bug 1079152",
"url": "https://bugzilla.suse.com/1079152"
},
{
"category": "self",
"summary": "SUSE Bug 1080542",
"url": "https://bugzilla.suse.com/1080542"
},
{
"category": "self",
"summary": "SUSE Bug 1080656",
"url": "https://bugzilla.suse.com/1080656"
},
{
"category": "self",
"summary": "SUSE Bug 1081500",
"url": "https://bugzilla.suse.com/1081500"
},
{
"category": "self",
"summary": "SUSE Bug 1081514",
"url": "https://bugzilla.suse.com/1081514"
},
{
"category": "self",
"summary": "SUSE Bug 1082153",
"url": "https://bugzilla.suse.com/1082153"
},
{
"category": "self",
"summary": "SUSE Bug 1082504",
"url": "https://bugzilla.suse.com/1082504"
},
{
"category": "self",
"summary": "SUSE Bug 1082979",
"url": "https://bugzilla.suse.com/1082979"
},
{
"category": "self",
"summary": "SUSE Bug 1085185",
"url": "https://bugzilla.suse.com/1085185"
},
{
"category": "self",
"summary": "SUSE Bug 1085308",
"url": "https://bugzilla.suse.com/1085308"
},
{
"category": "self",
"summary": "SUSE Bug 1086400",
"url": "https://bugzilla.suse.com/1086400"
},
{
"category": "self",
"summary": "SUSE Bug 1086716",
"url": "https://bugzilla.suse.com/1086716"
},
{
"category": "self",
"summary": "SUSE Bug 1087036",
"url": "https://bugzilla.suse.com/1087036"
},
{
"category": "self",
"summary": "SUSE Bug 1087086",
"url": "https://bugzilla.suse.com/1087086"
},
{
"category": "self",
"summary": "SUSE Bug 1088871",
"url": "https://bugzilla.suse.com/1088871"
},
{
"category": "self",
"summary": "SUSE Bug 1090435",
"url": "https://bugzilla.suse.com/1090435"
},
{
"category": "self",
"summary": "SUSE Bug 1090534",
"url": "https://bugzilla.suse.com/1090534"
},
{
"category": "self",
"summary": "SUSE Bug 1090734",
"url": "https://bugzilla.suse.com/1090734"
},
{
"category": "self",
"summary": "SUSE Bug 1090955",
"url": "https://bugzilla.suse.com/1090955"
},
{
"category": "self",
"summary": "SUSE Bug 1091594",
"url": "https://bugzilla.suse.com/1091594"
},
{
"category": "self",
"summary": "SUSE Bug 1094532",
"url": "https://bugzilla.suse.com/1094532"
},
{
"category": "self",
"summary": "SUSE Bug 1095042",
"url": "https://bugzilla.suse.com/1095042"
},
{
"category": "self",
"summary": "SUSE Bug 1095147",
"url": "https://bugzilla.suse.com/1095147"
},
{
"category": "self",
"summary": "SUSE Bug 1096037",
"url": "https://bugzilla.suse.com/1096037"
},
{
"category": "self",
"summary": "SUSE Bug 1096140",
"url": "https://bugzilla.suse.com/1096140"
},
{
"category": "self",
"summary": "SUSE Bug 1096214",
"url": "https://bugzilla.suse.com/1096214"
},
{
"category": "self",
"summary": "SUSE Bug 1096242",
"url": "https://bugzilla.suse.com/1096242"
},
{
"category": "self",
"summary": "SUSE Bug 1096281",
"url": "https://bugzilla.suse.com/1096281"
},
{
"category": "self",
"summary": "SUSE Bug 1096751",
"url": "https://bugzilla.suse.com/1096751"
},
{
"category": "self",
"summary": "SUSE Bug 1096982",
"url": "https://bugzilla.suse.com/1096982"
},
{
"category": "self",
"summary": "SUSE Bug 1097234",
"url": "https://bugzilla.suse.com/1097234"
},
{
"category": "self",
"summary": "SUSE Bug 1097356",
"url": "https://bugzilla.suse.com/1097356"
},
{
"category": "self",
"summary": "SUSE Bug 1098009",
"url": "https://bugzilla.suse.com/1098009"
},
{
"category": "self",
"summary": "SUSE Bug 1098012",
"url": "https://bugzilla.suse.com/1098012"
},
{
"category": "self",
"summary": "SUSE Bug 971975",
"url": "https://bugzilla.suse.com/971975"
},
{
"category": "self",
"summary": "SUSE Bug 973378",
"url": "https://bugzilla.suse.com/973378"
},
{
"category": "self",
"summary": "SUSE Bug 978907",
"url": "https://bugzilla.suse.com/978907"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-17741 page",
"url": "https://www.suse.com/security/cve/CVE-2017-17741/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-18241 page",
"url": "https://www.suse.com/security/cve/CVE-2017-18241/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-18249 page",
"url": "https://www.suse.com/security/cve/CVE-2017-18249/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-12233 page",
"url": "https://www.suse.com/security/cve/CVE-2018-12233/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-3665 page",
"url": "https://www.suse.com/security/cve/CVE-2018-3665/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-5848 page",
"url": "https://www.suse.com/security/cve/CVE-2018-5848/"
}
],
"title": "Security update for the Linux Kernel",
"tracking": {
"current_release_date": "2018-06-21T11:53:03Z",
"generator": {
"date": "2018-06-21T11:53:03Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2018:1772-1",
"initial_release_date": "2018-06-21T11:53:03Z",
"revision_history": [
{
"date": "2018-06-21T11:53:03Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "kernel-obs-build-4.4.138-94.39.1.aarch64",
"product": {
"name": "kernel-obs-build-4.4.138-94.39.1.aarch64",
"product_id": "kernel-obs-build-4.4.138-94.39.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-default-4.4.138-94.39.1.aarch64",
"product": {
"name": "kernel-default-4.4.138-94.39.1.aarch64",
"product_id": "kernel-default-4.4.138-94.39.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-default-base-4.4.138-94.39.1.aarch64",
"product": {
"name": "kernel-default-base-4.4.138-94.39.1.aarch64",
"product_id": "kernel-default-base-4.4.138-94.39.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-default-devel-4.4.138-94.39.1.aarch64",
"product": {
"name": "kernel-default-devel-4.4.138-94.39.1.aarch64",
"product_id": "kernel-default-devel-4.4.138-94.39.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-syms-4.4.138-94.39.1.aarch64",
"product": {
"name": "kernel-syms-4.4.138-94.39.1.aarch64",
"product_id": "kernel-syms-4.4.138-94.39.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-devel-4.4.138-94.39.1.noarch",
"product": {
"name": "kernel-devel-4.4.138-94.39.1.noarch",
"product_id": "kernel-devel-4.4.138-94.39.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-macros-4.4.138-94.39.1.noarch",
"product": {
"name": "kernel-macros-4.4.138-94.39.1.noarch",
"product_id": "kernel-macros-4.4.138-94.39.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-source-4.4.138-94.39.1.noarch",
"product": {
"name": "kernel-source-4.4.138-94.39.1.noarch",
"product_id": "kernel-source-4.4.138-94.39.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-docs-4.4.138-94.39.1.noarch",
"product": {
"name": "kernel-docs-4.4.138-94.39.1.noarch",
"product_id": "kernel-docs-4.4.138-94.39.1.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "cluster-md-kmp-default-4.4.138-94.39.1.ppc64le",
"product": {
"name": "cluster-md-kmp-default-4.4.138-94.39.1.ppc64le",
"product_id": "cluster-md-kmp-default-4.4.138-94.39.1.ppc64le"
}
},
{
"category": "product_version",
"name": "dlm-kmp-default-4.4.138-94.39.1.ppc64le",
"product": {
"name": "dlm-kmp-default-4.4.138-94.39.1.ppc64le",
"product_id": "dlm-kmp-default-4.4.138-94.39.1.ppc64le"
}
},
{
"category": "product_version",
"name": "gfs2-kmp-default-4.4.138-94.39.1.ppc64le",
"product": {
"name": "gfs2-kmp-default-4.4.138-94.39.1.ppc64le",
"product_id": "gfs2-kmp-default-4.4.138-94.39.1.ppc64le"
}
},
{
"category": "product_version",
"name": "ocfs2-kmp-default-4.4.138-94.39.1.ppc64le",
"product": {
"name": "ocfs2-kmp-default-4.4.138-94.39.1.ppc64le",
"product_id": "ocfs2-kmp-default-4.4.138-94.39.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kgraft-patch-4_4_138-94_39-default-1-4.5.1.ppc64le",
"product": {
"name": "kgraft-patch-4_4_138-94_39-default-1-4.5.1.ppc64le",
"product_id": "kgraft-patch-4_4_138-94_39-default-1-4.5.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-obs-build-4.4.138-94.39.1.ppc64le",
"product": {
"name": "kernel-obs-build-4.4.138-94.39.1.ppc64le",
"product_id": "kernel-obs-build-4.4.138-94.39.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-default-4.4.138-94.39.1.ppc64le",
"product": {
"name": "kernel-default-4.4.138-94.39.1.ppc64le",
"product_id": "kernel-default-4.4.138-94.39.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-default-base-4.4.138-94.39.1.ppc64le",
"product": {
"name": "kernel-default-base-4.4.138-94.39.1.ppc64le",
"product_id": "kernel-default-base-4.4.138-94.39.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-default-devel-4.4.138-94.39.1.ppc64le",
"product": {
"name": "kernel-default-devel-4.4.138-94.39.1.ppc64le",
"product_id": "kernel-default-devel-4.4.138-94.39.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-syms-4.4.138-94.39.1.ppc64le",
"product": {
"name": "kernel-syms-4.4.138-94.39.1.ppc64le",
"product_id": "kernel-syms-4.4.138-94.39.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "cluster-md-kmp-default-4.4.138-94.39.1.s390x",
"product": {
"name": "cluster-md-kmp-default-4.4.138-94.39.1.s390x",
"product_id": "cluster-md-kmp-default-4.4.138-94.39.1.s390x"
}
},
{
"category": "product_version",
"name": "dlm-kmp-default-4.4.138-94.39.1.s390x",
"product": {
"name": "dlm-kmp-default-4.4.138-94.39.1.s390x",
"product_id": "dlm-kmp-default-4.4.138-94.39.1.s390x"
}
},
{
"category": "product_version",
"name": "gfs2-kmp-default-4.4.138-94.39.1.s390x",
"product": {
"name": "gfs2-kmp-default-4.4.138-94.39.1.s390x",
"product_id": "gfs2-kmp-default-4.4.138-94.39.1.s390x"
}
},
{
"category": "product_version",
"name": "ocfs2-kmp-default-4.4.138-94.39.1.s390x",
"product": {
"name": "ocfs2-kmp-default-4.4.138-94.39.1.s390x",
"product_id": "ocfs2-kmp-default-4.4.138-94.39.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-obs-build-4.4.138-94.39.1.s390x",
"product": {
"name": "kernel-obs-build-4.4.138-94.39.1.s390x",
"product_id": "kernel-obs-build-4.4.138-94.39.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-default-4.4.138-94.39.1.s390x",
"product": {
"name": "kernel-default-4.4.138-94.39.1.s390x",
"product_id": "kernel-default-4.4.138-94.39.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-default-base-4.4.138-94.39.1.s390x",
"product": {
"name": "kernel-default-base-4.4.138-94.39.1.s390x",
"product_id": "kernel-default-base-4.4.138-94.39.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-default-devel-4.4.138-94.39.1.s390x",
"product": {
"name": "kernel-default-devel-4.4.138-94.39.1.s390x",
"product_id": "kernel-default-devel-4.4.138-94.39.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-default-man-4.4.138-94.39.1.s390x",
"product": {
"name": "kernel-default-man-4.4.138-94.39.1.s390x",
"product_id": "kernel-default-man-4.4.138-94.39.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-syms-4.4.138-94.39.1.s390x",
"product": {
"name": "kernel-syms-4.4.138-94.39.1.s390x",
"product_id": "kernel-syms-4.4.138-94.39.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-default-4.4.138-94.39.1.x86_64",
"product": {
"name": "kernel-default-4.4.138-94.39.1.x86_64",
"product_id": "kernel-default-4.4.138-94.39.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-devel-4.4.138-94.39.1.x86_64",
"product": {
"name": "kernel-default-devel-4.4.138-94.39.1.x86_64",
"product_id": "kernel-default-devel-4.4.138-94.39.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-extra-4.4.138-94.39.1.x86_64",
"product": {
"name": "kernel-default-extra-4.4.138-94.39.1.x86_64",
"product_id": "kernel-default-extra-4.4.138-94.39.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-syms-4.4.138-94.39.1.x86_64",
"product": {
"name": "kernel-syms-4.4.138-94.39.1.x86_64",
"product_id": "kernel-syms-4.4.138-94.39.1.x86_64"
}
},
{
"category": "product_version",
"name": "cluster-md-kmp-default-4.4.138-94.39.1.x86_64",
"product": {
"name": "cluster-md-kmp-default-4.4.138-94.39.1.x86_64",
"product_id": "cluster-md-kmp-default-4.4.138-94.39.1.x86_64"
}
},
{
"category": "product_version",
"name": "dlm-kmp-default-4.4.138-94.39.1.x86_64",
"product": {
"name": "dlm-kmp-default-4.4.138-94.39.1.x86_64",
"product_id": "dlm-kmp-default-4.4.138-94.39.1.x86_64"
}
},
{
"category": "product_version",
"name": "gfs2-kmp-default-4.4.138-94.39.1.x86_64",
"product": {
"name": "gfs2-kmp-default-4.4.138-94.39.1.x86_64",
"product_id": "gfs2-kmp-default-4.4.138-94.39.1.x86_64"
}
},
{
"category": "product_version",
"name": "ocfs2-kmp-default-4.4.138-94.39.1.x86_64",
"product": {
"name": "ocfs2-kmp-default-4.4.138-94.39.1.x86_64",
"product_id": "ocfs2-kmp-default-4.4.138-94.39.1.x86_64"
}
},
{
"category": "product_version",
"name": "kgraft-patch-4_4_138-94_39-default-1-4.5.1.x86_64",
"product": {
"name": "kgraft-patch-4_4_138-94_39-default-1-4.5.1.x86_64",
"product_id": "kgraft-patch-4_4_138-94_39-default-1-4.5.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-obs-build-4.4.138-94.39.1.x86_64",
"product": {
"name": "kernel-obs-build-4.4.138-94.39.1.x86_64",
"product_id": "kernel-obs-build-4.4.138-94.39.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-base-4.4.138-94.39.1.x86_64",
"product": {
"name": "kernel-default-base-4.4.138-94.39.1.x86_64",
"product_id": "kernel-default-base-4.4.138-94.39.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Desktop 12 SP3",
"product": {
"name": "SUSE Linux Enterprise Desktop 12 SP3",
"product_id": "SUSE Linux Enterprise Desktop 12 SP3",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sled:12:sp3"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise High Availability Extension 12 SP3",
"product": {
"name": "SUSE Linux Enterprise High Availability Extension 12 SP3",
"product_id": "SUSE Linux Enterprise High Availability Extension 12 SP3",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-ha:12:sp3"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Live Patching 12 SP3",
"product": {
"name": "SUSE Linux Enterprise Live Patching 12 SP3",
"product_id": "SUSE Linux Enterprise Live Patching 12 SP3",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-live-patching:12:sp3"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Software Development Kit 12 SP3",
"product": {
"name": "SUSE Linux Enterprise Software Development Kit 12 SP3",
"product_id": "SUSE Linux Enterprise Software Development Kit 12 SP3",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-sdk:12:sp3"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 12 SP3",
"product": {
"name": "SUSE Linux Enterprise Server 12 SP3",
"product_id": "SUSE Linux Enterprise Server 12 SP3",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles:12:sp3"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP Applications 12 SP3",
"product": {
"name": "SUSE Linux Enterprise Server for SAP Applications 12 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP3",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles_sap:12:sp3"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Workstation Extension 12 SP3",
"product": {
"name": "SUSE Linux Enterprise Workstation Extension 12 SP3",
"product_id": "SUSE Linux Enterprise Workstation Extension 12 SP3",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-we:12:sp3"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-4.4.138-94.39.1.x86_64 as component of SUSE Linux Enterprise Desktop 12 SP3",
"product_id": "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-4.4.138-94.39.1.x86_64"
},
"product_reference": "kernel-default-4.4.138-94.39.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Desktop 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-4.4.138-94.39.1.x86_64 as component of SUSE Linux Enterprise Desktop 12 SP3",
"product_id": "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-devel-4.4.138-94.39.1.x86_64"
},
"product_reference": "kernel-default-devel-4.4.138-94.39.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Desktop 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-extra-4.4.138-94.39.1.x86_64 as component of SUSE Linux Enterprise Desktop 12 SP3",
"product_id": "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-extra-4.4.138-94.39.1.x86_64"
},
"product_reference": "kernel-default-extra-4.4.138-94.39.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Desktop 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-devel-4.4.138-94.39.1.noarch as component of SUSE Linux Enterprise Desktop 12 SP3",
"product_id": "SUSE Linux Enterprise Desktop 12 SP3:kernel-devel-4.4.138-94.39.1.noarch"
},
"product_reference": "kernel-devel-4.4.138-94.39.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Desktop 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-macros-4.4.138-94.39.1.noarch as component of SUSE Linux Enterprise Desktop 12 SP3",
"product_id": "SUSE Linux Enterprise Desktop 12 SP3:kernel-macros-4.4.138-94.39.1.noarch"
},
"product_reference": "kernel-macros-4.4.138-94.39.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Desktop 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-source-4.4.138-94.39.1.noarch as component of SUSE Linux Enterprise Desktop 12 SP3",
"product_id": "SUSE Linux Enterprise Desktop 12 SP3:kernel-source-4.4.138-94.39.1.noarch"
},
"product_reference": "kernel-source-4.4.138-94.39.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Desktop 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-4.4.138-94.39.1.x86_64 as component of SUSE Linux Enterprise Desktop 12 SP3",
"product_id": "SUSE Linux Enterprise Desktop 12 SP3:kernel-syms-4.4.138-94.39.1.x86_64"
},
"product_reference": "kernel-syms-4.4.138-94.39.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Desktop 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cluster-md-kmp-default-4.4.138-94.39.1.ppc64le as component of SUSE Linux Enterprise High Availability Extension 12 SP3",
"product_id": "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.138-94.39.1.ppc64le"
},
"product_reference": "cluster-md-kmp-default-4.4.138-94.39.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cluster-md-kmp-default-4.4.138-94.39.1.s390x as component of SUSE Linux Enterprise High Availability Extension 12 SP3",
"product_id": "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.138-94.39.1.s390x"
},
"product_reference": "cluster-md-kmp-default-4.4.138-94.39.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cluster-md-kmp-default-4.4.138-94.39.1.x86_64 as component of SUSE Linux Enterprise High Availability Extension 12 SP3",
"product_id": "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.138-94.39.1.x86_64"
},
"product_reference": "cluster-md-kmp-default-4.4.138-94.39.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dlm-kmp-default-4.4.138-94.39.1.ppc64le as component of SUSE Linux Enterprise High Availability Extension 12 SP3",
"product_id": "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.138-94.39.1.ppc64le"
},
"product_reference": "dlm-kmp-default-4.4.138-94.39.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dlm-kmp-default-4.4.138-94.39.1.s390x as component of SUSE Linux Enterprise High Availability Extension 12 SP3",
"product_id": "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.138-94.39.1.s390x"
},
"product_reference": "dlm-kmp-default-4.4.138-94.39.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dlm-kmp-default-4.4.138-94.39.1.x86_64 as component of SUSE Linux Enterprise High Availability Extension 12 SP3",
"product_id": "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.138-94.39.1.x86_64"
},
"product_reference": "dlm-kmp-default-4.4.138-94.39.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gfs2-kmp-default-4.4.138-94.39.1.ppc64le as component of SUSE Linux Enterprise High Availability Extension 12 SP3",
"product_id": "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.138-94.39.1.ppc64le"
},
"product_reference": "gfs2-kmp-default-4.4.138-94.39.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gfs2-kmp-default-4.4.138-94.39.1.s390x as component of SUSE Linux Enterprise High Availability Extension 12 SP3",
"product_id": "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.138-94.39.1.s390x"
},
"product_reference": "gfs2-kmp-default-4.4.138-94.39.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gfs2-kmp-default-4.4.138-94.39.1.x86_64 as component of SUSE Linux Enterprise High Availability Extension 12 SP3",
"product_id": "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.138-94.39.1.x86_64"
},
"product_reference": "gfs2-kmp-default-4.4.138-94.39.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ocfs2-kmp-default-4.4.138-94.39.1.ppc64le as component of SUSE Linux Enterprise High Availability Extension 12 SP3",
"product_id": "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.138-94.39.1.ppc64le"
},
"product_reference": "ocfs2-kmp-default-4.4.138-94.39.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ocfs2-kmp-default-4.4.138-94.39.1.s390x as component of SUSE Linux Enterprise High Availability Extension 12 SP3",
"product_id": "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.138-94.39.1.s390x"
},
"product_reference": "ocfs2-kmp-default-4.4.138-94.39.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ocfs2-kmp-default-4.4.138-94.39.1.x86_64 as component of SUSE Linux Enterprise High Availability Extension 12 SP3",
"product_id": "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.138-94.39.1.x86_64"
},
"product_reference": "ocfs2-kmp-default-4.4.138-94.39.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-4_4_138-94_39-default-1-4.5.1.ppc64le as component of SUSE Linux Enterprise Live Patching 12 SP3",
"product_id": "SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_138-94_39-default-1-4.5.1.ppc64le"
},
"product_reference": "kgraft-patch-4_4_138-94_39-default-1-4.5.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-4_4_138-94_39-default-1-4.5.1.x86_64 as component of SUSE Linux Enterprise Live Patching 12 SP3",
"product_id": "SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_138-94_39-default-1-4.5.1.x86_64"
},
"product_reference": "kgraft-patch-4_4_138-94_39-default-1-4.5.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-docs-4.4.138-94.39.1.noarch as component of SUSE Linux Enterprise Software Development Kit 12 SP3",
"product_id": "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-docs-4.4.138-94.39.1.noarch"
},
"product_reference": "kernel-docs-4.4.138-94.39.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-obs-build-4.4.138-94.39.1.aarch64 as component of SUSE Linux Enterprise Software Development Kit 12 SP3",
"product_id": "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.138-94.39.1.aarch64"
},
"product_reference": "kernel-obs-build-4.4.138-94.39.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-obs-build-4.4.138-94.39.1.ppc64le as component of SUSE Linux Enterprise Software Development Kit 12 SP3",
"product_id": "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.138-94.39.1.ppc64le"
},
"product_reference": "kernel-obs-build-4.4.138-94.39.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-obs-build-4.4.138-94.39.1.s390x as component of SUSE Linux Enterprise Software Development Kit 12 SP3",
"product_id": "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.138-94.39.1.s390x"
},
"product_reference": "kernel-obs-build-4.4.138-94.39.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-obs-build-4.4.138-94.39.1.x86_64 as component of SUSE Linux Enterprise Software Development Kit 12 SP3",
"product_id": "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.138-94.39.1.x86_64"
},
"product_reference": "kernel-obs-build-4.4.138-94.39.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-4.4.138-94.39.1.aarch64 as component of SUSE Linux Enterprise Server 12 SP3",
"product_id": "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.138-94.39.1.aarch64"
},
"product_reference": "kernel-default-4.4.138-94.39.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-4.4.138-94.39.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP3",
"product_id": "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.138-94.39.1.ppc64le"
},
"product_reference": "kernel-default-4.4.138-94.39.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-4.4.138-94.39.1.s390x as component of SUSE Linux Enterprise Server 12 SP3",
"product_id": "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.138-94.39.1.s390x"
},
"product_reference": "kernel-default-4.4.138-94.39.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-4.4.138-94.39.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP3",
"product_id": "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.138-94.39.1.x86_64"
},
"product_reference": "kernel-default-4.4.138-94.39.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-base-4.4.138-94.39.1.aarch64 as component of SUSE Linux Enterprise Server 12 SP3",
"product_id": "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.138-94.39.1.aarch64"
},
"product_reference": "kernel-default-base-4.4.138-94.39.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-base-4.4.138-94.39.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP3",
"product_id": "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.138-94.39.1.ppc64le"
},
"product_reference": "kernel-default-base-4.4.138-94.39.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-base-4.4.138-94.39.1.s390x as component of SUSE Linux Enterprise Server 12 SP3",
"product_id": "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.138-94.39.1.s390x"
},
"product_reference": "kernel-default-base-4.4.138-94.39.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-base-4.4.138-94.39.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP3",
"product_id": "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.138-94.39.1.x86_64"
},
"product_reference": "kernel-default-base-4.4.138-94.39.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-4.4.138-94.39.1.aarch64 as component of SUSE Linux Enterprise Server 12 SP3",
"product_id": "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.138-94.39.1.aarch64"
},
"product_reference": "kernel-default-devel-4.4.138-94.39.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-4.4.138-94.39.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP3",
"product_id": "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.138-94.39.1.ppc64le"
},
"product_reference": "kernel-default-devel-4.4.138-94.39.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-4.4.138-94.39.1.s390x as component of SUSE Linux Enterprise Server 12 SP3",
"product_id": "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.138-94.39.1.s390x"
},
"product_reference": "kernel-default-devel-4.4.138-94.39.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-4.4.138-94.39.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP3",
"product_id": "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.138-94.39.1.x86_64"
},
"product_reference": "kernel-default-devel-4.4.138-94.39.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-man-4.4.138-94.39.1.s390x as component of SUSE Linux Enterprise Server 12 SP3",
"product_id": "SUSE Linux Enterprise Server 12 SP3:kernel-default-man-4.4.138-94.39.1.s390x"
},
"product_reference": "kernel-default-man-4.4.138-94.39.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-devel-4.4.138-94.39.1.noarch as component of SUSE Linux Enterprise Server 12 SP3",
"product_id": "SUSE Linux Enterprise Server 12 SP3:kernel-devel-4.4.138-94.39.1.noarch"
},
"product_reference": "kernel-devel-4.4.138-94.39.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-macros-4.4.138-94.39.1.noarch as component of SUSE Linux Enterprise Server 12 SP3",
"product_id": "SUSE Linux Enterprise Server 12 SP3:kernel-macros-4.4.138-94.39.1.noarch"
},
"product_reference": "kernel-macros-4.4.138-94.39.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-source-4.4.138-94.39.1.noarch as component of SUSE Linux Enterprise Server 12 SP3",
"product_id": "SUSE Linux Enterprise Server 12 SP3:kernel-source-4.4.138-94.39.1.noarch"
},
"product_reference": "kernel-source-4.4.138-94.39.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-4.4.138-94.39.1.aarch64 as component of SUSE Linux Enterprise Server 12 SP3",
"product_id": "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.138-94.39.1.aarch64"
},
"product_reference": "kernel-syms-4.4.138-94.39.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-4.4.138-94.39.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP3",
"product_id": "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.138-94.39.1.ppc64le"
},
"product_reference": "kernel-syms-4.4.138-94.39.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-4.4.138-94.39.1.s390x as component of SUSE Linux Enterprise Server 12 SP3",
"product_id": "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.138-94.39.1.s390x"
},
"product_reference": "kernel-syms-4.4.138-94.39.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-4.4.138-94.39.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP3",
"product_id": "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.138-94.39.1.x86_64"
},
"product_reference": "kernel-syms-4.4.138-94.39.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-4.4.138-94.39.1.aarch64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.138-94.39.1.aarch64"
},
"product_reference": "kernel-default-4.4.138-94.39.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-4.4.138-94.39.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.138-94.39.1.ppc64le"
},
"product_reference": "kernel-default-4.4.138-94.39.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-4.4.138-94.39.1.s390x as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.138-94.39.1.s390x"
},
"product_reference": "kernel-default-4.4.138-94.39.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-4.4.138-94.39.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.138-94.39.1.x86_64"
},
"product_reference": "kernel-default-4.4.138-94.39.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-base-4.4.138-94.39.1.aarch64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.138-94.39.1.aarch64"
},
"product_reference": "kernel-default-base-4.4.138-94.39.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-base-4.4.138-94.39.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.138-94.39.1.ppc64le"
},
"product_reference": "kernel-default-base-4.4.138-94.39.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-base-4.4.138-94.39.1.s390x as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.138-94.39.1.s390x"
},
"product_reference": "kernel-default-base-4.4.138-94.39.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-base-4.4.138-94.39.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.138-94.39.1.x86_64"
},
"product_reference": "kernel-default-base-4.4.138-94.39.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-4.4.138-94.39.1.aarch64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.138-94.39.1.aarch64"
},
"product_reference": "kernel-default-devel-4.4.138-94.39.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-4.4.138-94.39.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.138-94.39.1.ppc64le"
},
"product_reference": "kernel-default-devel-4.4.138-94.39.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-4.4.138-94.39.1.s390x as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.138-94.39.1.s390x"
},
"product_reference": "kernel-default-devel-4.4.138-94.39.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-4.4.138-94.39.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.138-94.39.1.x86_64"
},
"product_reference": "kernel-default-devel-4.4.138-94.39.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-man-4.4.138-94.39.1.s390x as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-man-4.4.138-94.39.1.s390x"
},
"product_reference": "kernel-default-man-4.4.138-94.39.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-devel-4.4.138-94.39.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-4.4.138-94.39.1.noarch"
},
"product_reference": "kernel-devel-4.4.138-94.39.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-macros-4.4.138-94.39.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-macros-4.4.138-94.39.1.noarch"
},
"product_reference": "kernel-macros-4.4.138-94.39.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-source-4.4.138-94.39.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-4.4.138-94.39.1.noarch"
},
"product_reference": "kernel-source-4.4.138-94.39.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-4.4.138-94.39.1.aarch64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.138-94.39.1.aarch64"
},
"product_reference": "kernel-syms-4.4.138-94.39.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-4.4.138-94.39.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.138-94.39.1.ppc64le"
},
"product_reference": "kernel-syms-4.4.138-94.39.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-4.4.138-94.39.1.s390x as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.138-94.39.1.s390x"
},
"product_reference": "kernel-syms-4.4.138-94.39.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-4.4.138-94.39.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.138-94.39.1.x86_64"
},
"product_reference": "kernel-syms-4.4.138-94.39.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-extra-4.4.138-94.39.1.x86_64 as component of SUSE Linux Enterprise Workstation Extension 12 SP3",
"product_id": "SUSE Linux Enterprise Workstation Extension 12 SP3:kernel-default-extra-4.4.138-94.39.1.x86_64"
},
"product_reference": "kernel-default-extra-4.4.138-94.39.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Workstation Extension 12 SP3"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2017-17741",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-17741"
}
],
"notes": [
{
"category": "general",
"text": "The KVM implementation in the Linux kernel through 4.14.7 allows attackers to obtain potentially sensitive information from kernel memory, aka a write_mmio stack-based out-of-bounds read, related to arch/x86/kvm/x86.c and include/trace/events/kvm.h.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12 SP3:kernel-default-4.4.138-94.39.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-default-devel-4.4.138-94.39.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-default-extra-4.4.138-94.39.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-devel-4.4.138-94.39.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-macros-4.4.138-94.39.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-source-4.4.138-94.39.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-syms-4.4.138-94.39.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.138-94.39.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.138-94.39.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.138-94.39.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.138-94.39.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.138-94.39.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.138-94.39.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.138-94.39.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.138-94.39.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.138-94.39.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.138-94.39.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.138-94.39.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.138-94.39.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_138-94_39-default-1-4.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_138-94_39-default-1-4.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.138-94.39.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.138-94.39.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.138-94.39.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.138-94.39.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.138-94.39.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.138-94.39.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.138-94.39.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.138-94.39.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.138-94.39.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.138-94.39.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.138-94.39.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.138-94.39.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-man-4.4.138-94.39.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-devel-4.4.138-94.39.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-macros-4.4.138-94.39.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-source-4.4.138-94.39.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.138-94.39.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.138-94.39.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.138-94.39.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.138-94.39.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.138-94.39.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.138-94.39.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.138-94.39.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.138-94.39.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.138-94.39.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.138-94.39.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.138-94.39.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.138-94.39.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.138-94.39.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.138-94.39.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.138-94.39.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.138-94.39.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-man-4.4.138-94.39.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-4.4.138-94.39.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-macros-4.4.138-94.39.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-4.4.138-94.39.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.138-94.39.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.138-94.39.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.138-94.39.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.138-94.39.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-docs-4.4.138-94.39.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.138-94.39.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.138-94.39.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.138-94.39.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.138-94.39.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP3:kernel-default-extra-4.4.138-94.39.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-17741",
"url": "https://www.suse.com/security/cve/CVE-2017-17741"
},
{
"category": "external",
"summary": "SUSE Bug 1073311 for CVE-2017-17741",
"url": "https://bugzilla.suse.com/1073311"
},
{
"category": "external",
"summary": "SUSE Bug 1091815 for CVE-2017-17741",
"url": "https://bugzilla.suse.com/1091815"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12 SP3:kernel-default-4.4.138-94.39.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-default-devel-4.4.138-94.39.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-default-extra-4.4.138-94.39.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-devel-4.4.138-94.39.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-macros-4.4.138-94.39.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-source-4.4.138-94.39.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-syms-4.4.138-94.39.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.138-94.39.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.138-94.39.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.138-94.39.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.138-94.39.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.138-94.39.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.138-94.39.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.138-94.39.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.138-94.39.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.138-94.39.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.138-94.39.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.138-94.39.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.138-94.39.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_138-94_39-default-1-4.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_138-94_39-default-1-4.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.138-94.39.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.138-94.39.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.138-94.39.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.138-94.39.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.138-94.39.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.138-94.39.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.138-94.39.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.138-94.39.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.138-94.39.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.138-94.39.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.138-94.39.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.138-94.39.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-man-4.4.138-94.39.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-devel-4.4.138-94.39.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-macros-4.4.138-94.39.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-source-4.4.138-94.39.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.138-94.39.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.138-94.39.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.138-94.39.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.138-94.39.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.138-94.39.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.138-94.39.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.138-94.39.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.138-94.39.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.138-94.39.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.138-94.39.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.138-94.39.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.138-94.39.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.138-94.39.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.138-94.39.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.138-94.39.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.138-94.39.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-man-4.4.138-94.39.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-4.4.138-94.39.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-macros-4.4.138-94.39.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-4.4.138-94.39.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.138-94.39.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.138-94.39.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.138-94.39.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.138-94.39.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-docs-4.4.138-94.39.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.138-94.39.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.138-94.39.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.138-94.39.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.138-94.39.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP3:kernel-default-extra-4.4.138-94.39.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Desktop 12 SP3:kernel-default-4.4.138-94.39.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-default-devel-4.4.138-94.39.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-default-extra-4.4.138-94.39.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-devel-4.4.138-94.39.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-macros-4.4.138-94.39.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-source-4.4.138-94.39.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-syms-4.4.138-94.39.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.138-94.39.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.138-94.39.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.138-94.39.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.138-94.39.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.138-94.39.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.138-94.39.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.138-94.39.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.138-94.39.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.138-94.39.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.138-94.39.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.138-94.39.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.138-94.39.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_138-94_39-default-1-4.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_138-94_39-default-1-4.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.138-94.39.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.138-94.39.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.138-94.39.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.138-94.39.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.138-94.39.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.138-94.39.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.138-94.39.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.138-94.39.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.138-94.39.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.138-94.39.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.138-94.39.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.138-94.39.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-man-4.4.138-94.39.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-devel-4.4.138-94.39.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-macros-4.4.138-94.39.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-source-4.4.138-94.39.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.138-94.39.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.138-94.39.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.138-94.39.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.138-94.39.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.138-94.39.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.138-94.39.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.138-94.39.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.138-94.39.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.138-94.39.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.138-94.39.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.138-94.39.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.138-94.39.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.138-94.39.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.138-94.39.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.138-94.39.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.138-94.39.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-man-4.4.138-94.39.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-4.4.138-94.39.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-macros-4.4.138-94.39.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-4.4.138-94.39.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.138-94.39.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.138-94.39.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.138-94.39.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.138-94.39.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-docs-4.4.138-94.39.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.138-94.39.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.138-94.39.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.138-94.39.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.138-94.39.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP3:kernel-default-extra-4.4.138-94.39.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-06-21T11:53:03Z",
"details": "important"
}
],
"title": "CVE-2017-17741"
},
{
"cve": "CVE-2017-18241",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-18241"
}
],
"notes": [
{
"category": "general",
"text": "fs/f2fs/segment.c in the Linux kernel before 4.13 allows local users to cause a denial of service (NULL pointer dereference and panic) by using a noflush_merge option that triggers a NULL value for a flush_cmd_control data structure.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12 SP3:kernel-default-4.4.138-94.39.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-default-devel-4.4.138-94.39.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-default-extra-4.4.138-94.39.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-devel-4.4.138-94.39.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-macros-4.4.138-94.39.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-source-4.4.138-94.39.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-syms-4.4.138-94.39.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.138-94.39.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.138-94.39.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.138-94.39.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.138-94.39.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.138-94.39.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.138-94.39.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.138-94.39.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.138-94.39.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.138-94.39.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.138-94.39.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.138-94.39.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.138-94.39.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_138-94_39-default-1-4.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_138-94_39-default-1-4.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.138-94.39.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.138-94.39.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.138-94.39.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.138-94.39.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.138-94.39.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.138-94.39.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.138-94.39.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.138-94.39.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.138-94.39.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.138-94.39.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.138-94.39.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.138-94.39.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-man-4.4.138-94.39.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-devel-4.4.138-94.39.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-macros-4.4.138-94.39.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-source-4.4.138-94.39.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.138-94.39.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.138-94.39.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.138-94.39.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.138-94.39.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.138-94.39.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.138-94.39.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.138-94.39.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.138-94.39.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.138-94.39.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.138-94.39.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.138-94.39.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.138-94.39.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.138-94.39.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.138-94.39.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.138-94.39.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.138-94.39.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-man-4.4.138-94.39.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-4.4.138-94.39.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-macros-4.4.138-94.39.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-4.4.138-94.39.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.138-94.39.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.138-94.39.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.138-94.39.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.138-94.39.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-docs-4.4.138-94.39.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.138-94.39.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.138-94.39.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.138-94.39.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.138-94.39.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP3:kernel-default-extra-4.4.138-94.39.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-18241",
"url": "https://www.suse.com/security/cve/CVE-2017-18241"
},
{
"category": "external",
"summary": "SUSE Bug 1086400 for CVE-2017-18241",
"url": "https://bugzilla.suse.com/1086400"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12 SP3:kernel-default-4.4.138-94.39.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-default-devel-4.4.138-94.39.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-default-extra-4.4.138-94.39.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-devel-4.4.138-94.39.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-macros-4.4.138-94.39.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-source-4.4.138-94.39.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-syms-4.4.138-94.39.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.138-94.39.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.138-94.39.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.138-94.39.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.138-94.39.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.138-94.39.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.138-94.39.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.138-94.39.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.138-94.39.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.138-94.39.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.138-94.39.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.138-94.39.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.138-94.39.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_138-94_39-default-1-4.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_138-94_39-default-1-4.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.138-94.39.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.138-94.39.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.138-94.39.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.138-94.39.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.138-94.39.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.138-94.39.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.138-94.39.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.138-94.39.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.138-94.39.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.138-94.39.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.138-94.39.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.138-94.39.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-man-4.4.138-94.39.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-devel-4.4.138-94.39.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-macros-4.4.138-94.39.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-source-4.4.138-94.39.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.138-94.39.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.138-94.39.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.138-94.39.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.138-94.39.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.138-94.39.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.138-94.39.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.138-94.39.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.138-94.39.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.138-94.39.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.138-94.39.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.138-94.39.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.138-94.39.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.138-94.39.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.138-94.39.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.138-94.39.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.138-94.39.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-man-4.4.138-94.39.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-4.4.138-94.39.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-macros-4.4.138-94.39.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-4.4.138-94.39.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.138-94.39.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.138-94.39.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.138-94.39.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.138-94.39.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-docs-4.4.138-94.39.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.138-94.39.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.138-94.39.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.138-94.39.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.138-94.39.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP3:kernel-default-extra-4.4.138-94.39.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Desktop 12 SP3:kernel-default-4.4.138-94.39.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-default-devel-4.4.138-94.39.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-default-extra-4.4.138-94.39.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-devel-4.4.138-94.39.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-macros-4.4.138-94.39.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-source-4.4.138-94.39.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-syms-4.4.138-94.39.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.138-94.39.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.138-94.39.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.138-94.39.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.138-94.39.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.138-94.39.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.138-94.39.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.138-94.39.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.138-94.39.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.138-94.39.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.138-94.39.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.138-94.39.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.138-94.39.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_138-94_39-default-1-4.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_138-94_39-default-1-4.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.138-94.39.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.138-94.39.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.138-94.39.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.138-94.39.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.138-94.39.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.138-94.39.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.138-94.39.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.138-94.39.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.138-94.39.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.138-94.39.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.138-94.39.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.138-94.39.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-man-4.4.138-94.39.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-devel-4.4.138-94.39.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-macros-4.4.138-94.39.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-source-4.4.138-94.39.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.138-94.39.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.138-94.39.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.138-94.39.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.138-94.39.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.138-94.39.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.138-94.39.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.138-94.39.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.138-94.39.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.138-94.39.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.138-94.39.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.138-94.39.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.138-94.39.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.138-94.39.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.138-94.39.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.138-94.39.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.138-94.39.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-man-4.4.138-94.39.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-4.4.138-94.39.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-macros-4.4.138-94.39.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-4.4.138-94.39.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.138-94.39.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.138-94.39.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.138-94.39.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.138-94.39.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-docs-4.4.138-94.39.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.138-94.39.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.138-94.39.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.138-94.39.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.138-94.39.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP3:kernel-default-extra-4.4.138-94.39.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-06-21T11:53:03Z",
"details": "moderate"
}
],
"title": "CVE-2017-18241"
},
{
"cve": "CVE-2017-18249",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-18249"
}
],
"notes": [
{
"category": "general",
"text": "The add_free_nid function in fs/f2fs/node.c in the Linux kernel before 4.12 does not properly track an allocated nid, which allows local users to cause a denial of service (race condition) or possibly have unspecified other impact via concurrent threads.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12 SP3:kernel-default-4.4.138-94.39.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-default-devel-4.4.138-94.39.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-default-extra-4.4.138-94.39.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-devel-4.4.138-94.39.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-macros-4.4.138-94.39.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-source-4.4.138-94.39.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-syms-4.4.138-94.39.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.138-94.39.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.138-94.39.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.138-94.39.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.138-94.39.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.138-94.39.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.138-94.39.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.138-94.39.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.138-94.39.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.138-94.39.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.138-94.39.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.138-94.39.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.138-94.39.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_138-94_39-default-1-4.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_138-94_39-default-1-4.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.138-94.39.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.138-94.39.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.138-94.39.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.138-94.39.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.138-94.39.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.138-94.39.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.138-94.39.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.138-94.39.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.138-94.39.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.138-94.39.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.138-94.39.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.138-94.39.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-man-4.4.138-94.39.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-devel-4.4.138-94.39.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-macros-4.4.138-94.39.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-source-4.4.138-94.39.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.138-94.39.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.138-94.39.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.138-94.39.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.138-94.39.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.138-94.39.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.138-94.39.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.138-94.39.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.138-94.39.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.138-94.39.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.138-94.39.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.138-94.39.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.138-94.39.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.138-94.39.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.138-94.39.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.138-94.39.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.138-94.39.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-man-4.4.138-94.39.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-4.4.138-94.39.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-macros-4.4.138-94.39.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-4.4.138-94.39.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.138-94.39.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.138-94.39.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.138-94.39.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.138-94.39.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-docs-4.4.138-94.39.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.138-94.39.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.138-94.39.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.138-94.39.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.138-94.39.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP3:kernel-default-extra-4.4.138-94.39.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-18249",
"url": "https://www.suse.com/security/cve/CVE-2017-18249"
},
{
"category": "external",
"summary": "SUSE Bug 1087036 for CVE-2017-18249",
"url": "https://bugzilla.suse.com/1087036"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12 SP3:kernel-default-4.4.138-94.39.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-default-devel-4.4.138-94.39.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-default-extra-4.4.138-94.39.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-devel-4.4.138-94.39.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-macros-4.4.138-94.39.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-source-4.4.138-94.39.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-syms-4.4.138-94.39.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.138-94.39.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.138-94.39.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.138-94.39.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.138-94.39.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.138-94.39.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.138-94.39.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.138-94.39.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.138-94.39.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.138-94.39.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.138-94.39.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.138-94.39.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.138-94.39.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_138-94_39-default-1-4.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_138-94_39-default-1-4.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.138-94.39.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.138-94.39.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.138-94.39.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.138-94.39.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.138-94.39.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.138-94.39.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.138-94.39.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.138-94.39.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.138-94.39.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.138-94.39.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.138-94.39.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.138-94.39.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-man-4.4.138-94.39.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-devel-4.4.138-94.39.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-macros-4.4.138-94.39.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-source-4.4.138-94.39.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.138-94.39.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.138-94.39.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.138-94.39.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.138-94.39.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.138-94.39.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.138-94.39.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.138-94.39.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.138-94.39.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.138-94.39.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.138-94.39.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.138-94.39.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.138-94.39.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.138-94.39.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.138-94.39.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.138-94.39.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.138-94.39.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-man-4.4.138-94.39.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-4.4.138-94.39.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-macros-4.4.138-94.39.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-4.4.138-94.39.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.138-94.39.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.138-94.39.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.138-94.39.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.138-94.39.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-docs-4.4.138-94.39.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.138-94.39.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.138-94.39.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.138-94.39.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.138-94.39.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP3:kernel-default-extra-4.4.138-94.39.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Desktop 12 SP3:kernel-default-4.4.138-94.39.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-default-devel-4.4.138-94.39.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-default-extra-4.4.138-94.39.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-devel-4.4.138-94.39.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-macros-4.4.138-94.39.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-source-4.4.138-94.39.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-syms-4.4.138-94.39.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.138-94.39.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.138-94.39.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.138-94.39.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.138-94.39.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.138-94.39.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.138-94.39.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.138-94.39.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.138-94.39.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.138-94.39.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.138-94.39.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.138-94.39.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.138-94.39.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_138-94_39-default-1-4.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_138-94_39-default-1-4.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.138-94.39.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.138-94.39.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.138-94.39.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.138-94.39.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.138-94.39.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.138-94.39.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.138-94.39.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.138-94.39.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.138-94.39.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.138-94.39.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.138-94.39.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.138-94.39.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-man-4.4.138-94.39.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-devel-4.4.138-94.39.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-macros-4.4.138-94.39.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-source-4.4.138-94.39.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.138-94.39.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.138-94.39.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.138-94.39.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.138-94.39.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.138-94.39.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.138-94.39.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.138-94.39.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.138-94.39.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.138-94.39.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.138-94.39.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.138-94.39.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.138-94.39.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.138-94.39.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.138-94.39.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.138-94.39.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.138-94.39.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-man-4.4.138-94.39.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-4.4.138-94.39.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-macros-4.4.138-94.39.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-4.4.138-94.39.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.138-94.39.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.138-94.39.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.138-94.39.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.138-94.39.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-docs-4.4.138-94.39.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.138-94.39.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.138-94.39.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.138-94.39.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.138-94.39.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP3:kernel-default-extra-4.4.138-94.39.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-06-21T11:53:03Z",
"details": "moderate"
}
],
"title": "CVE-2017-18249"
},
{
"cve": "CVE-2018-12233",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-12233"
}
],
"notes": [
{
"category": "general",
"text": "In the ea_get function in fs/jfs/xattr.c in the Linux kernel through 4.17.1, a memory corruption bug in JFS can be triggered by calling setxattr twice with two different extended attribute names on the same file. This vulnerability can be triggered by an unprivileged user with the ability to create files and execute programs. A kmalloc call is incorrect, leading to slab-out-of-bounds in jfs_xattr.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12 SP3:kernel-default-4.4.138-94.39.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-default-devel-4.4.138-94.39.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-default-extra-4.4.138-94.39.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-devel-4.4.138-94.39.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-macros-4.4.138-94.39.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-source-4.4.138-94.39.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-syms-4.4.138-94.39.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.138-94.39.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.138-94.39.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.138-94.39.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.138-94.39.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.138-94.39.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.138-94.39.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.138-94.39.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.138-94.39.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.138-94.39.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.138-94.39.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.138-94.39.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.138-94.39.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_138-94_39-default-1-4.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_138-94_39-default-1-4.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.138-94.39.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.138-94.39.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.138-94.39.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.138-94.39.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.138-94.39.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.138-94.39.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.138-94.39.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.138-94.39.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.138-94.39.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.138-94.39.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.138-94.39.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.138-94.39.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-man-4.4.138-94.39.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-devel-4.4.138-94.39.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-macros-4.4.138-94.39.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-source-4.4.138-94.39.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.138-94.39.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.138-94.39.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.138-94.39.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.138-94.39.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.138-94.39.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.138-94.39.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.138-94.39.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.138-94.39.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.138-94.39.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.138-94.39.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.138-94.39.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.138-94.39.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.138-94.39.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.138-94.39.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.138-94.39.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.138-94.39.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-man-4.4.138-94.39.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-4.4.138-94.39.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-macros-4.4.138-94.39.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-4.4.138-94.39.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.138-94.39.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.138-94.39.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.138-94.39.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.138-94.39.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-docs-4.4.138-94.39.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.138-94.39.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.138-94.39.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.138-94.39.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.138-94.39.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP3:kernel-default-extra-4.4.138-94.39.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-12233",
"url": "https://www.suse.com/security/cve/CVE-2018-12233"
},
{
"category": "external",
"summary": "SUSE Bug 1087082 for CVE-2018-12233",
"url": "https://bugzilla.suse.com/1087082"
},
{
"category": "external",
"summary": "SUSE Bug 1097234 for CVE-2018-12233",
"url": "https://bugzilla.suse.com/1097234"
},
{
"category": "external",
"summary": "SUSE Bug 1115893 for CVE-2018-12233",
"url": "https://bugzilla.suse.com/1115893"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12 SP3:kernel-default-4.4.138-94.39.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-default-devel-4.4.138-94.39.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-default-extra-4.4.138-94.39.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-devel-4.4.138-94.39.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-macros-4.4.138-94.39.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-source-4.4.138-94.39.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-syms-4.4.138-94.39.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.138-94.39.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.138-94.39.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.138-94.39.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.138-94.39.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.138-94.39.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.138-94.39.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.138-94.39.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.138-94.39.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.138-94.39.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.138-94.39.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.138-94.39.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.138-94.39.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_138-94_39-default-1-4.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_138-94_39-default-1-4.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.138-94.39.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.138-94.39.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.138-94.39.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.138-94.39.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.138-94.39.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.138-94.39.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.138-94.39.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.138-94.39.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.138-94.39.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.138-94.39.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.138-94.39.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.138-94.39.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-man-4.4.138-94.39.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-devel-4.4.138-94.39.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-macros-4.4.138-94.39.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-source-4.4.138-94.39.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.138-94.39.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.138-94.39.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.138-94.39.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.138-94.39.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.138-94.39.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.138-94.39.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.138-94.39.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.138-94.39.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.138-94.39.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.138-94.39.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.138-94.39.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.138-94.39.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.138-94.39.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.138-94.39.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.138-94.39.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.138-94.39.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-man-4.4.138-94.39.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-4.4.138-94.39.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-macros-4.4.138-94.39.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-4.4.138-94.39.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.138-94.39.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.138-94.39.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.138-94.39.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.138-94.39.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-docs-4.4.138-94.39.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.138-94.39.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.138-94.39.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.138-94.39.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.138-94.39.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP3:kernel-default-extra-4.4.138-94.39.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Desktop 12 SP3:kernel-default-4.4.138-94.39.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-default-devel-4.4.138-94.39.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-default-extra-4.4.138-94.39.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-devel-4.4.138-94.39.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-macros-4.4.138-94.39.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-source-4.4.138-94.39.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-syms-4.4.138-94.39.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.138-94.39.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.138-94.39.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.138-94.39.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.138-94.39.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.138-94.39.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.138-94.39.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.138-94.39.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.138-94.39.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.138-94.39.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.138-94.39.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.138-94.39.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.138-94.39.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_138-94_39-default-1-4.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_138-94_39-default-1-4.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.138-94.39.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.138-94.39.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.138-94.39.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.138-94.39.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.138-94.39.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.138-94.39.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.138-94.39.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.138-94.39.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.138-94.39.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.138-94.39.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.138-94.39.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.138-94.39.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-man-4.4.138-94.39.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-devel-4.4.138-94.39.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-macros-4.4.138-94.39.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-source-4.4.138-94.39.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.138-94.39.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.138-94.39.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.138-94.39.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.138-94.39.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.138-94.39.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.138-94.39.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.138-94.39.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.138-94.39.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.138-94.39.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.138-94.39.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.138-94.39.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.138-94.39.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.138-94.39.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.138-94.39.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.138-94.39.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.138-94.39.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-man-4.4.138-94.39.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-4.4.138-94.39.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-macros-4.4.138-94.39.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-4.4.138-94.39.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.138-94.39.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.138-94.39.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.138-94.39.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.138-94.39.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-docs-4.4.138-94.39.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.138-94.39.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.138-94.39.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.138-94.39.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.138-94.39.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP3:kernel-default-extra-4.4.138-94.39.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-06-21T11:53:03Z",
"details": "moderate"
}
],
"title": "CVE-2018-12233"
},
{
"cve": "CVE-2018-3665",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-3665"
}
],
"notes": [
{
"category": "general",
"text": "System software utilizing Lazy FP state restore technique on systems using Intel Core-based microprocessors may potentially allow a local process to infer data from another process through a speculative execution side channel.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12 SP3:kernel-default-4.4.138-94.39.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-default-devel-4.4.138-94.39.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-default-extra-4.4.138-94.39.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-devel-4.4.138-94.39.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-macros-4.4.138-94.39.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-source-4.4.138-94.39.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-syms-4.4.138-94.39.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.138-94.39.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.138-94.39.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.138-94.39.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.138-94.39.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.138-94.39.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.138-94.39.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.138-94.39.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.138-94.39.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.138-94.39.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.138-94.39.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.138-94.39.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.138-94.39.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_138-94_39-default-1-4.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_138-94_39-default-1-4.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.138-94.39.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.138-94.39.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.138-94.39.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.138-94.39.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.138-94.39.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.138-94.39.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.138-94.39.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.138-94.39.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.138-94.39.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.138-94.39.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.138-94.39.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.138-94.39.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-man-4.4.138-94.39.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-devel-4.4.138-94.39.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-macros-4.4.138-94.39.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-source-4.4.138-94.39.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.138-94.39.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.138-94.39.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.138-94.39.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.138-94.39.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.138-94.39.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.138-94.39.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.138-94.39.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.138-94.39.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.138-94.39.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.138-94.39.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.138-94.39.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.138-94.39.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.138-94.39.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.138-94.39.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.138-94.39.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.138-94.39.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-man-4.4.138-94.39.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-4.4.138-94.39.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-macros-4.4.138-94.39.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-4.4.138-94.39.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.138-94.39.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.138-94.39.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.138-94.39.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.138-94.39.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-docs-4.4.138-94.39.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.138-94.39.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.138-94.39.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.138-94.39.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.138-94.39.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP3:kernel-default-extra-4.4.138-94.39.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-3665",
"url": "https://www.suse.com/security/cve/CVE-2018-3665"
},
{
"category": "external",
"summary": "SUSE Bug 1087078 for CVE-2018-3665",
"url": "https://bugzilla.suse.com/1087078"
},
{
"category": "external",
"summary": "SUSE Bug 1087082 for CVE-2018-3665",
"url": "https://bugzilla.suse.com/1087082"
},
{
"category": "external",
"summary": "SUSE Bug 1087086 for CVE-2018-3665",
"url": "https://bugzilla.suse.com/1087086"
},
{
"category": "external",
"summary": "SUSE Bug 1090338 for CVE-2018-3665",
"url": "https://bugzilla.suse.com/1090338"
},
{
"category": "external",
"summary": "SUSE Bug 1095241 for CVE-2018-3665",
"url": "https://bugzilla.suse.com/1095241"
},
{
"category": "external",
"summary": "SUSE Bug 1095242 for CVE-2018-3665",
"url": "https://bugzilla.suse.com/1095242"
},
{
"category": "external",
"summary": "SUSE Bug 1096740 for CVE-2018-3665",
"url": "https://bugzilla.suse.com/1096740"
},
{
"category": "external",
"summary": "SUSE Bug 1100091 for CVE-2018-3665",
"url": "https://bugzilla.suse.com/1100091"
},
{
"category": "external",
"summary": "SUSE Bug 1100555 for CVE-2018-3665",
"url": "https://bugzilla.suse.com/1100555"
},
{
"category": "external",
"summary": "SUSE Bug 1178658 for CVE-2018-3665",
"url": "https://bugzilla.suse.com/1178658"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12 SP3:kernel-default-4.4.138-94.39.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-default-devel-4.4.138-94.39.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-default-extra-4.4.138-94.39.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-devel-4.4.138-94.39.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-macros-4.4.138-94.39.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-source-4.4.138-94.39.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-syms-4.4.138-94.39.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.138-94.39.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.138-94.39.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.138-94.39.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.138-94.39.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.138-94.39.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.138-94.39.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.138-94.39.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.138-94.39.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.138-94.39.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.138-94.39.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.138-94.39.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.138-94.39.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_138-94_39-default-1-4.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_138-94_39-default-1-4.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.138-94.39.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.138-94.39.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.138-94.39.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.138-94.39.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.138-94.39.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.138-94.39.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.138-94.39.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.138-94.39.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.138-94.39.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.138-94.39.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.138-94.39.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.138-94.39.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-man-4.4.138-94.39.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-devel-4.4.138-94.39.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-macros-4.4.138-94.39.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-source-4.4.138-94.39.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.138-94.39.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.138-94.39.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.138-94.39.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.138-94.39.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.138-94.39.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.138-94.39.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.138-94.39.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.138-94.39.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.138-94.39.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.138-94.39.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.138-94.39.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.138-94.39.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.138-94.39.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.138-94.39.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.138-94.39.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.138-94.39.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-man-4.4.138-94.39.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-4.4.138-94.39.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-macros-4.4.138-94.39.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-4.4.138-94.39.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.138-94.39.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.138-94.39.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.138-94.39.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.138-94.39.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-docs-4.4.138-94.39.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.138-94.39.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.138-94.39.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.138-94.39.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.138-94.39.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP3:kernel-default-extra-4.4.138-94.39.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Desktop 12 SP3:kernel-default-4.4.138-94.39.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-default-devel-4.4.138-94.39.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-default-extra-4.4.138-94.39.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-devel-4.4.138-94.39.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-macros-4.4.138-94.39.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-source-4.4.138-94.39.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-syms-4.4.138-94.39.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.138-94.39.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.138-94.39.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.138-94.39.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.138-94.39.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.138-94.39.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.138-94.39.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.138-94.39.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.138-94.39.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.138-94.39.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.138-94.39.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.138-94.39.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.138-94.39.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_138-94_39-default-1-4.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_138-94_39-default-1-4.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.138-94.39.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.138-94.39.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.138-94.39.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.138-94.39.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.138-94.39.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.138-94.39.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.138-94.39.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.138-94.39.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.138-94.39.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.138-94.39.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.138-94.39.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.138-94.39.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-man-4.4.138-94.39.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-devel-4.4.138-94.39.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-macros-4.4.138-94.39.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-source-4.4.138-94.39.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.138-94.39.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.138-94.39.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.138-94.39.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.138-94.39.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.138-94.39.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.138-94.39.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.138-94.39.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.138-94.39.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.138-94.39.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.138-94.39.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.138-94.39.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.138-94.39.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.138-94.39.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.138-94.39.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.138-94.39.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.138-94.39.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-man-4.4.138-94.39.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-4.4.138-94.39.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-macros-4.4.138-94.39.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-4.4.138-94.39.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.138-94.39.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.138-94.39.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.138-94.39.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.138-94.39.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-docs-4.4.138-94.39.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.138-94.39.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.138-94.39.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.138-94.39.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.138-94.39.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP3:kernel-default-extra-4.4.138-94.39.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-06-21T11:53:03Z",
"details": "moderate"
}
],
"title": "CVE-2018-3665"
},
{
"cve": "CVE-2018-5848",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-5848"
}
],
"notes": [
{
"category": "general",
"text": "In the function wmi_set_ie(), the length validation code does not handle unsigned integer overflow properly. As a result, a large value of the \u0027ie_len\u0027 argument can cause a buffer overflow in all Android releases from CAF (Android for MSM, Firefox OS for MSM, QRD Android) using the Linux Kernel.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12 SP3:kernel-default-4.4.138-94.39.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-default-devel-4.4.138-94.39.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-default-extra-4.4.138-94.39.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-devel-4.4.138-94.39.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-macros-4.4.138-94.39.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-source-4.4.138-94.39.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-syms-4.4.138-94.39.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.138-94.39.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.138-94.39.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.138-94.39.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.138-94.39.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.138-94.39.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.138-94.39.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.138-94.39.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.138-94.39.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.138-94.39.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.138-94.39.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.138-94.39.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.138-94.39.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_138-94_39-default-1-4.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_138-94_39-default-1-4.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.138-94.39.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.138-94.39.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.138-94.39.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.138-94.39.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.138-94.39.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.138-94.39.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.138-94.39.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.138-94.39.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.138-94.39.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.138-94.39.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.138-94.39.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.138-94.39.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-man-4.4.138-94.39.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-devel-4.4.138-94.39.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-macros-4.4.138-94.39.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-source-4.4.138-94.39.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.138-94.39.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.138-94.39.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.138-94.39.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.138-94.39.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.138-94.39.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.138-94.39.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.138-94.39.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.138-94.39.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.138-94.39.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.138-94.39.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.138-94.39.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.138-94.39.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.138-94.39.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.138-94.39.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.138-94.39.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.138-94.39.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-man-4.4.138-94.39.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-4.4.138-94.39.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-macros-4.4.138-94.39.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-4.4.138-94.39.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.138-94.39.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.138-94.39.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.138-94.39.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.138-94.39.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-docs-4.4.138-94.39.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.138-94.39.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.138-94.39.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.138-94.39.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.138-94.39.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP3:kernel-default-extra-4.4.138-94.39.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-5848",
"url": "https://www.suse.com/security/cve/CVE-2018-5848"
},
{
"category": "external",
"summary": "SUSE Bug 1087082 for CVE-2018-5848",
"url": "https://bugzilla.suse.com/1087082"
},
{
"category": "external",
"summary": "SUSE Bug 1097356 for CVE-2018-5848",
"url": "https://bugzilla.suse.com/1097356"
},
{
"category": "external",
"summary": "SUSE Bug 1105412 for CVE-2018-5848",
"url": "https://bugzilla.suse.com/1105412"
},
{
"category": "external",
"summary": "SUSE Bug 1115339 for CVE-2018-5848",
"url": "https://bugzilla.suse.com/1115339"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12 SP3:kernel-default-4.4.138-94.39.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-default-devel-4.4.138-94.39.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-default-extra-4.4.138-94.39.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-devel-4.4.138-94.39.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-macros-4.4.138-94.39.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-source-4.4.138-94.39.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-syms-4.4.138-94.39.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.138-94.39.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.138-94.39.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.138-94.39.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.138-94.39.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.138-94.39.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.138-94.39.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.138-94.39.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.138-94.39.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.138-94.39.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.138-94.39.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.138-94.39.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.138-94.39.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_138-94_39-default-1-4.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_138-94_39-default-1-4.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.138-94.39.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.138-94.39.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.138-94.39.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.138-94.39.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.138-94.39.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.138-94.39.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.138-94.39.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.138-94.39.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.138-94.39.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.138-94.39.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.138-94.39.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.138-94.39.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-man-4.4.138-94.39.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-devel-4.4.138-94.39.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-macros-4.4.138-94.39.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-source-4.4.138-94.39.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.138-94.39.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.138-94.39.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.138-94.39.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.138-94.39.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.138-94.39.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.138-94.39.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.138-94.39.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.138-94.39.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.138-94.39.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.138-94.39.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.138-94.39.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.138-94.39.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.138-94.39.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.138-94.39.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.138-94.39.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.138-94.39.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-man-4.4.138-94.39.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-4.4.138-94.39.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-macros-4.4.138-94.39.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-4.4.138-94.39.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.138-94.39.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.138-94.39.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.138-94.39.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.138-94.39.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-docs-4.4.138-94.39.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.138-94.39.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.138-94.39.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.138-94.39.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.138-94.39.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP3:kernel-default-extra-4.4.138-94.39.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Desktop 12 SP3:kernel-default-4.4.138-94.39.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-default-devel-4.4.138-94.39.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-default-extra-4.4.138-94.39.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-devel-4.4.138-94.39.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-macros-4.4.138-94.39.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-source-4.4.138-94.39.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-syms-4.4.138-94.39.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.138-94.39.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.138-94.39.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.138-94.39.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.138-94.39.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.138-94.39.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.138-94.39.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.138-94.39.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.138-94.39.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.138-94.39.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.138-94.39.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.138-94.39.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.138-94.39.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_138-94_39-default-1-4.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_138-94_39-default-1-4.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.138-94.39.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.138-94.39.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.138-94.39.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.138-94.39.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.138-94.39.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.138-94.39.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.138-94.39.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.138-94.39.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.138-94.39.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.138-94.39.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.138-94.39.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.138-94.39.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-man-4.4.138-94.39.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-devel-4.4.138-94.39.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-macros-4.4.138-94.39.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-source-4.4.138-94.39.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.138-94.39.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.138-94.39.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.138-94.39.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.138-94.39.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.138-94.39.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.138-94.39.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.138-94.39.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.138-94.39.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.138-94.39.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.138-94.39.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.138-94.39.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.138-94.39.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.138-94.39.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.138-94.39.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.138-94.39.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.138-94.39.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-man-4.4.138-94.39.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-4.4.138-94.39.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-macros-4.4.138-94.39.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-4.4.138-94.39.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.138-94.39.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.138-94.39.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.138-94.39.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.138-94.39.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-docs-4.4.138-94.39.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.138-94.39.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.138-94.39.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.138-94.39.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.138-94.39.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP3:kernel-default-extra-4.4.138-94.39.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-06-21T11:53:03Z",
"details": "moderate"
}
],
"title": "CVE-2018-5848"
}
]
}
gsd-2017-18249
Vulnerability from gsd
Modified
2023-12-13 01:21
Details
The add_free_nid function in fs/f2fs/node.c in the Linux kernel before 4.12 does not properly track an allocated nid, which allows local users to cause a denial of service (race condition) or possibly have unspecified other impact via concurrent threads.
Aliases
Aliases
{
"GSD": {
"alias": "CVE-2017-18249",
"description": "The add_free_nid function in fs/f2fs/node.c in the Linux kernel before 4.12 does not properly track an allocated nid, which allows local users to cause a denial of service (race condition) or possibly have unspecified other impact via concurrent threads.",
"id": "GSD-2017-18249",
"references": [
"https://www.suse.com/security/cve/CVE-2017-18249.html",
"https://ubuntu.com/security/CVE-2017-18249"
]
},
"gsd": {
"metadata": {
"exploitCode": "unknown",
"remediation": "unknown",
"reportConfidence": "confirmed",
"type": "vulnerability"
},
"osvSchema": {
"aliases": [
"CVE-2017-18249"
],
"details": "The add_free_nid function in fs/f2fs/node.c in the Linux kernel before 4.12 does not properly track an allocated nid, which allows local users to cause a denial of service (race condition) or possibly have unspecified other impact via concurrent threads.",
"id": "GSD-2017-18249",
"modified": "2023-12-13T01:21:11.020272Z",
"schema_version": "1.4.0"
}
},
"namespaces": {
"cve.org": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2017-18249",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The add_free_nid function in fs/f2fs/node.c in the Linux kernel before 4.12 does not properly track an allocated nid, which allows local users to cause a denial of service (race condition) or possibly have unspecified other impact via concurrent threads."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1041432",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1041432"
},
{
"name": "https://github.com/torvalds/linux/commit/30a61ddf8117c26ac5b295e1233eaa9629a94ca3",
"refsource": "MISC",
"url": "https://github.com/torvalds/linux/commit/30a61ddf8117c26ac5b295e1233eaa9629a94ca3"
},
{
"name": "[debian-lts-announce] 20190315 [SECURITY] [DLA 1715-1] linux-4.9 security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2019/03/msg00017.html"
},
{
"name": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=30a61ddf8117c26ac5b295e1233eaa9629a94ca3",
"refsource": "MISC",
"url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=30a61ddf8117c26ac5b295e1233eaa9629a94ca3"
},
{
"name": "USN-3932-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/3932-1/"
},
{
"name": "USN-3932-2",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/3932-2/"
}
]
}
},
"nvd.nist.gov": {
"configurations": {
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "4.12",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
},
"cve": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2017-18249"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "en",
"value": "The add_free_nid function in fs/f2fs/node.c in the Linux kernel before 4.12 does not properly track an allocated nid, which allows local users to cause a denial of service (race condition) or possibly have unspecified other impact via concurrent threads."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "en",
"value": "CWE-362"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/torvalds/linux/commit/30a61ddf8117c26ac5b295e1233eaa9629a94ca3",
"refsource": "MISC",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/torvalds/linux/commit/30a61ddf8117c26ac5b295e1233eaa9629a94ca3"
},
{
"name": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=30a61ddf8117c26ac5b295e1233eaa9629a94ca3",
"refsource": "MISC",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=30a61ddf8117c26ac5b295e1233eaa9629a94ca3"
},
{
"name": "1041432",
"refsource": "SECTRACK",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1041432"
},
{
"name": "[debian-lts-announce] 20190315 [SECURITY] [DLA 1715-1] linux-4.9 security update",
"refsource": "MLIST",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2019/03/msg00017.html"
},
{
"name": "USN-3932-2",
"refsource": "UBUNTU",
"tags": [],
"url": "https://usn.ubuntu.com/3932-2/"
},
{
"name": "USN-3932-1",
"refsource": "UBUNTU",
"tags": [],
"url": "https://usn.ubuntu.com/3932-1/"
}
]
}
},
"impact": {
"baseMetricV2": {
"acInsufInfo": false,
"cvssV2": {
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.4,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.4,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"userInteractionRequired": false
},
"baseMetricV3": {
"cvssV3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.0,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 1.0,
"impactScore": 5.9
}
},
"lastModifiedDate": "2019-04-03T01:29Z",
"publishedDate": "2018-03-26T20:29Z"
}
}
}
ghsa-3g3f-97cc-fc4h
Vulnerability from github
Published
2022-05-14 01:14
Modified
2022-05-14 01:14
Severity ?
VLAI Severity ?
Details
The add_free_nid function in fs/f2fs/node.c in the Linux kernel before 4.12 does not properly track an allocated nid, which allows local users to cause a denial of service (race condition) or possibly have unspecified other impact via concurrent threads.
{
"affected": [],
"aliases": [
"CVE-2017-18249"
],
"database_specific": {
"cwe_ids": [
"CWE-362"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2018-03-26T20:29:00Z",
"severity": "HIGH"
},
"details": "The add_free_nid function in fs/f2fs/node.c in the Linux kernel before 4.12 does not properly track an allocated nid, which allows local users to cause a denial of service (race condition) or possibly have unspecified other impact via concurrent threads.",
"id": "GHSA-3g3f-97cc-fc4h",
"modified": "2022-05-14T01:14:00Z",
"published": "2022-05-14T01:14:00Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-18249"
},
{
"type": "WEB",
"url": "https://github.com/torvalds/linux/commit/30a61ddf8117c26ac5b295e1233eaa9629a94ca3"
},
{
"type": "WEB",
"url": "https://lists.debian.org/debian-lts-announce/2019/03/msg00017.html"
},
{
"type": "WEB",
"url": "https://usn.ubuntu.com/3932-1"
},
{
"type": "WEB",
"url": "https://usn.ubuntu.com/3932-2"
},
{
"type": "WEB",
"url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=30a61ddf8117c26ac5b295e1233eaa9629a94ca3"
},
{
"type": "WEB",
"url": "http://www.securitytracker.com/id/1041432"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
fkie_cve-2017-18249
Vulnerability from fkie_nvd
Published
2018-03-26 20:29
Modified
2024-11-21 03:19
Severity ?
Summary
The add_free_nid function in fs/f2fs/node.c in the Linux kernel before 4.12 does not properly track an allocated nid, which allows local users to cause a denial of service (race condition) or possibly have unspecified other impact via concurrent threads.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=30a61ddf8117c26ac5b295e1233eaa9629a94ca3 | Patch, Third Party Advisory | |
| cve@mitre.org | http://www.securitytracker.com/id/1041432 | Third Party Advisory, VDB Entry | |
| cve@mitre.org | https://github.com/torvalds/linux/commit/30a61ddf8117c26ac5b295e1233eaa9629a94ca3 | Patch, Third Party Advisory | |
| cve@mitre.org | https://lists.debian.org/debian-lts-announce/2019/03/msg00017.html | Mailing List, Third Party Advisory | |
| cve@mitre.org | https://usn.ubuntu.com/3932-1/ | ||
| cve@mitre.org | https://usn.ubuntu.com/3932-2/ | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=30a61ddf8117c26ac5b295e1233eaa9629a94ca3 | Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1041432 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/torvalds/linux/commit/30a61ddf8117c26ac5b295e1233eaa9629a94ca3 | Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.debian.org/debian-lts-announce/2019/03/msg00017.html | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://usn.ubuntu.com/3932-1/ | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://usn.ubuntu.com/3932-2/ |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| linux | linux_kernel | * | |
| debian | debian_linux | 8.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D9BBDA7A-EA95-41C5-8F4C-CA458BCB7E1F",
"versionEndExcluding": "4.12",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The add_free_nid function in fs/f2fs/node.c in the Linux kernel before 4.12 does not properly track an allocated nid, which allows local users to cause a denial of service (race condition) or possibly have unspecified other impact via concurrent threads."
},
{
"lang": "es",
"value": "La funci\u00f3n add_free_nid en fs/f2fs/noce.c en el kernel de Linux, en versiones anteriores a la 4.12, no rastrea correctamente un nid asignado, lo cual podr\u00eda permitir a los usuarios locales provocar una denegaci\u00f3n de servicio (condici\u00f3n de carrera) o, posiblemente, causar otro impacto sin especificar mediante hilos concurrentes."
}
],
"id": "CVE-2017-18249",
"lastModified": "2024-11-21T03:19:40.847",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.4,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.4,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.0,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 1.0,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2018-03-26T20:29:00.227",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=30a61ddf8117c26ac5b295e1233eaa9629a94ca3"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1041432"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/torvalds/linux/commit/30a61ddf8117c26ac5b295e1233eaa9629a94ca3"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2019/03/msg00017.html"
},
{
"source": "cve@mitre.org",
"url": "https://usn.ubuntu.com/3932-1/"
},
{
"source": "cve@mitre.org",
"url": "https://usn.ubuntu.com/3932-2/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=30a61ddf8117c26ac5b295e1233eaa9629a94ca3"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1041432"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/torvalds/linux/commit/30a61ddf8117c26ac5b295e1233eaa9629a94ca3"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2019/03/msg00017.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://usn.ubuntu.com/3932-1/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://usn.ubuntu.com/3932-2/"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-362"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…