Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2017-5576 (GCVE-0-2017-5576)
Vulnerability from cvelistv5
Published
2017-02-06 06:04
Modified
2024-08-05 15:04
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Integer overflow in the vc4_get_bcl function in drivers/gpu/drm/vc4/vc4_gem.c in the VideoCore DRM driver in the Linux kernel before 4.9.7 allows local users to cause a denial of service or possibly have unspecified other impact via a crafted size value in a VC4_SUBMIT_CL ioctl call.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T15:04:15.439Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "[oss-security] 20170122 CVE request: Linux kernel: vc4: int overflow leading to heap-based buffer overflow",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2017/01/21/7"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=0f2ff82e11c86c05d051cae32b58226392d33bbf"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1416436"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/torvalds/linux/commit/0f2ff82e11c86c05d051cae32b58226392d33bbf"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.7"
},
{
"name": "95767",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/95767"
},
{
"name": "[linux-kernel] 20170118 [PATCH 1/2] drm/vc4: Fix an integer overflow in temporary allocation layout.",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lkml.org/lkml/2017/1/17/761"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2017-01-18T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Integer overflow in the vc4_get_bcl function in drivers/gpu/drm/vc4/vc4_gem.c in the VideoCore DRM driver in the Linux kernel before 4.9.7 allows local users to cause a denial of service or possibly have unspecified other impact via a crafted size value in a VC4_SUBMIT_CL ioctl call."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-02-06T10:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "[oss-security] 20170122 CVE request: Linux kernel: vc4: int overflow leading to heap-based buffer overflow",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2017/01/21/7"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=0f2ff82e11c86c05d051cae32b58226392d33bbf"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1416436"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/torvalds/linux/commit/0f2ff82e11c86c05d051cae32b58226392d33bbf"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.7"
},
{
"name": "95767",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/95767"
},
{
"name": "[linux-kernel] 20170118 [PATCH 1/2] drm/vc4: Fix an integer overflow in temporary allocation layout.",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lkml.org/lkml/2017/1/17/761"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2017-5576",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Integer overflow in the vc4_get_bcl function in drivers/gpu/drm/vc4/vc4_gem.c in the VideoCore DRM driver in the Linux kernel before 4.9.7 allows local users to cause a denial of service or possibly have unspecified other impact via a crafted size value in a VC4_SUBMIT_CL ioctl call."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "[oss-security] 20170122 CVE request: Linux kernel: vc4: int overflow leading to heap-based buffer overflow",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2017/01/21/7"
},
{
"name": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=0f2ff82e11c86c05d051cae32b58226392d33bbf",
"refsource": "CONFIRM",
"url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=0f2ff82e11c86c05d051cae32b58226392d33bbf"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1416436",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1416436"
},
{
"name": "https://github.com/torvalds/linux/commit/0f2ff82e11c86c05d051cae32b58226392d33bbf",
"refsource": "CONFIRM",
"url": "https://github.com/torvalds/linux/commit/0f2ff82e11c86c05d051cae32b58226392d33bbf"
},
{
"name": "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.7",
"refsource": "CONFIRM",
"url": "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.7"
},
{
"name": "95767",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/95767"
},
{
"name": "[linux-kernel] 20170118 [PATCH 1/2] drm/vc4: Fix an integer overflow in temporary allocation layout.",
"refsource": "MLIST",
"url": "https://lkml.org/lkml/2017/1/17/761"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2017-5576",
"datePublished": "2017-02-06T06:04:00",
"dateReserved": "2017-01-24T00:00:00",
"dateUpdated": "2024-08-05T15:04:15.439Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"nvd": "{\"cve\":{\"id\":\"CVE-2017-5576\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2017-02-06T06:59:00.763\",\"lastModified\":\"2025-04-20T01:37:25.860\",\"vulnStatus\":\"Deferred\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Integer overflow in the vc4_get_bcl function in drivers/gpu/drm/vc4/vc4_gem.c in the VideoCore DRM driver in the Linux kernel before 4.9.7 allows local users to cause a denial of service or possibly have unspecified other impact via a crafted size value in a VC4_SUBMIT_CL ioctl call.\"},{\"lang\":\"es\",\"value\":\"Desbordamiento de enteros en la funci\u00f3n vc4_get_bcl en drivers/gpu/drm/vc4/vc4_gem.c en el controlador de VideoCore DRM en el kernel de Linux en versiones anteriores a 4.9.7 permite a usuarios locales provocar una denegaci\u00f3n de servicio o posiblemente tener otro impacto no especificado a trav\u00e9s de un valor de tama\u00f1o manipulado en una llamada ioctl VC4_SUBMIT_CL.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":7.8,\"baseSeverity\":\"HIGH\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.8,\"impactScore\":5.9}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:L/AC:L/Au:N/C:C/I:C/A:C\",\"baseScore\":7.2,\"accessVector\":\"LOCAL\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"COMPLETE\",\"integrityImpact\":\"COMPLETE\",\"availabilityImpact\":\"COMPLETE\"},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":3.9,\"impactScore\":10.0,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-190\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"4.5\",\"versionEndExcluding\":\"4.9.7\",\"matchCriteriaId\":\"20EE2EFD-24B9-486E-8B08-FB740ABD8585\"}]}]}],\"references\":[{\"url\":\"http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=0f2ff82e11c86c05d051cae32b58226392d33bbf\",\"source\":\"cve@mitre.org\",\"tags\":[\"Issue Tracking\",\"Patch\",\"Third Party Advisory\"]},{\"url\":\"http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.7\",\"source\":\"cve@mitre.org\",\"tags\":[\"Release Notes\",\"Vendor Advisory\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2017/01/21/7\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Patch\",\"Third Party Advisory\"]},{\"url\":\"http://www.securityfocus.com/bid/95767\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://bugzilla.redhat.com/show_bug.cgi?id=1416436\",\"source\":\"cve@mitre.org\",\"tags\":[\"Issue Tracking\",\"Patch\"]},{\"url\":\"https://github.com/torvalds/linux/commit/0f2ff82e11c86c05d051cae32b58226392d33bbf\",\"source\":\"cve@mitre.org\",\"tags\":[\"Issue Tracking\",\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://lkml.org/lkml/2017/1/17/761\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Patch\",\"Third Party Advisory\"]},{\"url\":\"http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=0f2ff82e11c86c05d051cae32b58226392d33bbf\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\",\"Patch\",\"Third Party Advisory\"]},{\"url\":\"http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.7\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Release Notes\",\"Vendor Advisory\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2017/01/21/7\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Patch\",\"Third Party Advisory\"]},{\"url\":\"http://www.securityfocus.com/bid/95767\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://bugzilla.redhat.com/show_bug.cgi?id=1416436\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\",\"Patch\"]},{\"url\":\"https://github.com/torvalds/linux/commit/0f2ff82e11c86c05d051cae32b58226392d33bbf\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\",\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://lkml.org/lkml/2017/1/17/761\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Patch\",\"Third Party Advisory\"]}]}}"
}
}
gsd-2017-5576
Vulnerability from gsd
Modified
2023-12-13 01:21
Details
Integer overflow in the vc4_get_bcl function in drivers/gpu/drm/vc4/vc4_gem.c in the VideoCore DRM driver in the Linux kernel before 4.9.7 allows local users to cause a denial of service or possibly have unspecified other impact via a crafted size value in a VC4_SUBMIT_CL ioctl call.
Aliases
Aliases
{
"GSD": {
"alias": "CVE-2017-5576",
"description": "Integer overflow in the vc4_get_bcl function in drivers/gpu/drm/vc4/vc4_gem.c in the VideoCore DRM driver in the Linux kernel before 4.9.7 allows local users to cause a denial of service or possibly have unspecified other impact via a crafted size value in a VC4_SUBMIT_CL ioctl call.",
"id": "GSD-2017-5576",
"references": [
"https://www.suse.com/security/cve/CVE-2017-5576.html",
"https://ubuntu.com/security/CVE-2017-5576"
]
},
"gsd": {
"metadata": {
"exploitCode": "unknown",
"remediation": "unknown",
"reportConfidence": "confirmed",
"type": "vulnerability"
},
"osvSchema": {
"aliases": [
"CVE-2017-5576"
],
"details": "Integer overflow in the vc4_get_bcl function in drivers/gpu/drm/vc4/vc4_gem.c in the VideoCore DRM driver in the Linux kernel before 4.9.7 allows local users to cause a denial of service or possibly have unspecified other impact via a crafted size value in a VC4_SUBMIT_CL ioctl call.",
"id": "GSD-2017-5576",
"modified": "2023-12-13T01:21:13.747781Z",
"schema_version": "1.4.0"
}
},
"namespaces": {
"cve.org": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2017-5576",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Integer overflow in the vc4_get_bcl function in drivers/gpu/drm/vc4/vc4_gem.c in the VideoCore DRM driver in the Linux kernel before 4.9.7 allows local users to cause a denial of service or possibly have unspecified other impact via a crafted size value in a VC4_SUBMIT_CL ioctl call."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "[oss-security] 20170122 CVE request: Linux kernel: vc4: int overflow leading to heap-based buffer overflow",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2017/01/21/7"
},
{
"name": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=0f2ff82e11c86c05d051cae32b58226392d33bbf",
"refsource": "CONFIRM",
"url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=0f2ff82e11c86c05d051cae32b58226392d33bbf"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1416436",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1416436"
},
{
"name": "https://github.com/torvalds/linux/commit/0f2ff82e11c86c05d051cae32b58226392d33bbf",
"refsource": "CONFIRM",
"url": "https://github.com/torvalds/linux/commit/0f2ff82e11c86c05d051cae32b58226392d33bbf"
},
{
"name": "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.7",
"refsource": "CONFIRM",
"url": "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.7"
},
{
"name": "95767",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/95767"
},
{
"name": "[linux-kernel] 20170118 [PATCH 1/2] drm/vc4: Fix an integer overflow in temporary allocation layout.",
"refsource": "MLIST",
"url": "https://lkml.org/lkml/2017/1/17/761"
}
]
}
},
"nvd.nist.gov": {
"configurations": {
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "4.9.7",
"versionStartIncluding": "4.5",
"vulnerable": true
}
],
"operator": "OR"
}
]
},
"cve": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2017-5576"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "en",
"value": "Integer overflow in the vc4_get_bcl function in drivers/gpu/drm/vc4/vc4_gem.c in the VideoCore DRM driver in the Linux kernel before 4.9.7 allows local users to cause a denial of service or possibly have unspecified other impact via a crafted size value in a VC4_SUBMIT_CL ioctl call."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "en",
"value": "CWE-190"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "[linux-kernel] 20170118 [PATCH 1/2] drm/vc4: Fix an integer overflow in temporary allocation layout.",
"refsource": "MLIST",
"tags": [
"Mailing List",
"Patch",
"Third Party Advisory"
],
"url": "https://lkml.org/lkml/2017/1/17/761"
},
{
"name": "https://github.com/torvalds/linux/commit/0f2ff82e11c86c05d051cae32b58226392d33bbf",
"refsource": "CONFIRM",
"tags": [
"Issue Tracking",
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/torvalds/linux/commit/0f2ff82e11c86c05d051cae32b58226392d33bbf"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1416436",
"refsource": "CONFIRM",
"tags": [
"Issue Tracking",
"Patch"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1416436"
},
{
"name": "[oss-security] 20170122 CVE request: Linux kernel: vc4: int overflow leading to heap-based buffer overflow",
"refsource": "MLIST",
"tags": [
"Mailing List",
"Patch",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2017/01/21/7"
},
{
"name": "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.7",
"refsource": "CONFIRM",
"tags": [
"Release Notes",
"Vendor Advisory"
],
"url": "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.7"
},
{
"name": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=0f2ff82e11c86c05d051cae32b58226392d33bbf",
"refsource": "CONFIRM",
"tags": [
"Issue Tracking",
"Patch",
"Third Party Advisory"
],
"url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=0f2ff82e11c86c05d051cae32b58226392d33bbf"
},
{
"name": "95767",
"refsource": "BID",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/95767"
}
]
}
},
"impact": {
"baseMetricV2": {
"cvssV2": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"userInteractionRequired": false
},
"baseMetricV3": {
"cvssV3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
},
"lastModifiedDate": "2023-02-10T00:53Z",
"publishedDate": "2017-02-06T06:59Z"
}
}
}
fkie_cve-2017-5576
Vulnerability from fkie_nvd
Published
2017-02-06 06:59
Modified
2025-04-20 01:37
Severity ?
Summary
Integer overflow in the vc4_get_bcl function in drivers/gpu/drm/vc4/vc4_gem.c in the VideoCore DRM driver in the Linux kernel before 4.9.7 allows local users to cause a denial of service or possibly have unspecified other impact via a crafted size value in a VC4_SUBMIT_CL ioctl call.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=0f2ff82e11c86c05d051cae32b58226392d33bbf | Issue Tracking, Patch, Third Party Advisory | |
| cve@mitre.org | http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.7 | Release Notes, Vendor Advisory | |
| cve@mitre.org | http://www.openwall.com/lists/oss-security/2017/01/21/7 | Mailing List, Patch, Third Party Advisory | |
| cve@mitre.org | http://www.securityfocus.com/bid/95767 | Third Party Advisory, VDB Entry | |
| cve@mitre.org | https://bugzilla.redhat.com/show_bug.cgi?id=1416436 | Issue Tracking, Patch | |
| cve@mitre.org | https://github.com/torvalds/linux/commit/0f2ff82e11c86c05d051cae32b58226392d33bbf | Issue Tracking, Patch, Third Party Advisory | |
| cve@mitre.org | https://lkml.org/lkml/2017/1/17/761 | Mailing List, Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=0f2ff82e11c86c05d051cae32b58226392d33bbf | Issue Tracking, Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.7 | Release Notes, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.openwall.com/lists/oss-security/2017/01/21/7 | Mailing List, Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/95767 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.redhat.com/show_bug.cgi?id=1416436 | Issue Tracking, Patch | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/torvalds/linux/commit/0f2ff82e11c86c05d051cae32b58226392d33bbf | Issue Tracking, Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://lkml.org/lkml/2017/1/17/761 | Mailing List, Patch, Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| linux | linux_kernel | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"matchCriteriaId": "20EE2EFD-24B9-486E-8B08-FB740ABD8585",
"versionEndExcluding": "4.9.7",
"versionStartIncluding": "4.5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Integer overflow in the vc4_get_bcl function in drivers/gpu/drm/vc4/vc4_gem.c in the VideoCore DRM driver in the Linux kernel before 4.9.7 allows local users to cause a denial of service or possibly have unspecified other impact via a crafted size value in a VC4_SUBMIT_CL ioctl call."
},
{
"lang": "es",
"value": "Desbordamiento de enteros en la funci\u00f3n vc4_get_bcl en drivers/gpu/drm/vc4/vc4_gem.c en el controlador de VideoCore DRM en el kernel de Linux en versiones anteriores a 4.9.7 permite a usuarios locales provocar una denegaci\u00f3n de servicio o posiblemente tener otro impacto no especificado a trav\u00e9s de un valor de tama\u00f1o manipulado en una llamada ioctl VC4_SUBMIT_CL."
}
],
"id": "CVE-2017-5576",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-02-06T06:59:00.763",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Issue Tracking",
"Patch",
"Third Party Advisory"
],
"url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=0f2ff82e11c86c05d051cae32b58226392d33bbf"
},
{
"source": "cve@mitre.org",
"tags": [
"Release Notes",
"Vendor Advisory"
],
"url": "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.7"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Patch",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2017/01/21/7"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/95767"
},
{
"source": "cve@mitre.org",
"tags": [
"Issue Tracking",
"Patch"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1416436"
},
{
"source": "cve@mitre.org",
"tags": [
"Issue Tracking",
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/torvalds/linux/commit/0f2ff82e11c86c05d051cae32b58226392d33bbf"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Patch",
"Third Party Advisory"
],
"url": "https://lkml.org/lkml/2017/1/17/761"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Patch",
"Third Party Advisory"
],
"url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=0f2ff82e11c86c05d051cae32b58226392d33bbf"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes",
"Vendor Advisory"
],
"url": "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.7"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Patch",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2017/01/21/7"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/95767"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Patch"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1416436"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/torvalds/linux/commit/0f2ff82e11c86c05d051cae32b58226392d33bbf"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Patch",
"Third Party Advisory"
],
"url": "https://lkml.org/lkml/2017/1/17/761"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-190"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
suse-su-2017:0575-1
Vulnerability from csaf_suse
Published
2017-02-28 12:17
Modified
2017-02-28 12:17
Summary
Security update for the Linux Kernel
Notes
Title of the patch
Security update for the Linux Kernel
Description of the patch
The SUSE Linux Enterprise 12 SP2 kernel was updated to 4.4.49 to receive various security and bugfixes.
The following security bugs were fixed:
- CVE-2016-7117: Use-after-free vulnerability in the __sys_recvmmsg function in
net/socket.c in the Linux kernel allowed remote attackers to execute arbitrary
code via vectors involving a recvmmsg system call that was mishandled during
error processing (bnc#1003077).
- CVE-2017-5576: Integer overflow in the vc4_get_bcl function in
drivers/gpu/drm/vc4/vc4_gem.c in the VideoCore DRM driver in the Linux kernel
allowed local users to cause a denial of service or possibly have unspecified
other impact via a crafted size value in a VC4_SUBMIT_CL ioctl call
(bnc#1021294).
- CVE-2017-5577: The vc4_get_bcl function in drivers/gpu/drm/vc4/vc4_gem.c in
the VideoCore DRM driver in the Linux kernel did not set an errno value upon
certain overflow detections, which allowed local users to cause a denial of
service (incorrect pointer dereference and OOPS) via inconsistent size values
in a VC4_SUBMIT_CL ioctl call (bnc#1021294).
- CVE-2017-5551: The simple_set_acl function in fs/posix_acl.c in the Linux
kernel preserved the setgid bit during a setxattr call involving a tmpfs
filesystem, which allowed local users to gain group privileges by leveraging
the existence of a setgid program with restrictions on execute permissions.
(bnc#1021258).
- CVE-2017-2583: The load_segment_descriptor implementation in
arch/x86/kvm/emulate.c in the Linux kernel improperly emulated a 'MOV SS,
NULL selector' instruction, which allowed guest OS users to cause a denial of
service (guest OS crash) or gain guest OS privileges via a crafted
application (bnc#1020602).
- CVE-2017-2584: arch/x86/kvm/emulate.c in the Linux kernel allowed local users
to obtain sensitive information from kernel memory or cause a denial of
service (use-after-free) via a crafted application that leverages instruction
emulation for fxrstor, fxsave, sgdt, and sidt (bnc#1019851).
- CVE-2015-8709: kernel/ptrace.c in the Linux kernel mishandled uid and gid
mappings, which allowed local users to gain privileges by establishing a user
namespace, waiting for a root process to enter that namespace with an unsafe
uid or gid, and then using the ptrace system call. NOTE: the vendor states
'there is no kernel bug here' (bnc#1010933).
- CVE-2016-9806: Race condition in the netlink_dump function in
net/netlink/af_netlink.c in the Linux kernel allowed local users to cause a
denial of service (double free) or possibly have unspecified other impact via
a crafted application that made sendmsg system calls, leading to a free
operation associated with a new dump that started earlier than anticipated
(bnc#1013540).
- CVE-2017-5897: fixed a bug in the Linux kernel IPv6 implementation which
allowed remote attackers to trigger an out-of-bounds access, leading to a
denial-of-service attack (bnc#1023762).
- CVE-2017-5970: Fixed a possible denial-of-service that could have been
triggered by sending bad IP options on a socket (bsc#1024938).
- CVE-2017-5986: an application could have triggered a BUG_ON() in
sctp_wait_for_sndbuf() if the socket TX buffer was full, a thread was waiting
on it to queue more data, and meanwhile another thread peeled off the
association being used by the first thread (bsc#1025235).
The following non-security bugs were fixed:
- 8250: fintek: rename IRQ_MODE macro (boo#1009546).
- acpi: nfit, libnvdimm: fix / harden ars_status output length handling (bsc#1023175).
- acpi: nfit: fix bus vs dimm confusion in xlat_status (bsc#1023175).
- acpi: nfit: validate ars_status output buffer size (bsc#1023175).
- arm64: numa: fix incorrect log for memory-less node (bsc#1019631).
- asoc: cht_bsw_rt5645: Fix leftover kmalloc (bsc#1010690).
- asoc: rt5670: add HS ground control (bsc#1016250).
- bcache: Make gc wakeup sane, remove set_task_state() (bsc#1021260).
- bcache: partition support: add 16 minors per bcacheN device (bsc#1019784).
- blk-mq: Allow timeouts to run while queue is freezing (bsc#1020817).
- blk-mq: Always schedule hctx->next_cpu (bsc#1020817).
- blk-mq: Avoid memory reclaim when remapping queues (bsc#1020817).
- blk-mq: Fix failed allocation path when mapping queues (bsc#1020817).
- blk-mq: do not overwrite rq->mq_ctx (bsc#1020817).
- blk-mq: improve warning for running a queue on the wrong CPU (bsc#1020817).
- block: Change extern inline to static inline (bsc#1023175).
- bluetooth: btmrvl: fix hung task warning dump (bsc#1018813).
- bnx2x: Correct ringparam estimate when DOWN (bsc#1020214).
- brcmfmac: Change error print on wlan0 existence (bsc#1000092).
- btrfs: add support for RENAME_EXCHANGE and RENAME_WHITEOUT (bsc#1020975).
- btrfs: bugfix: handle FS_IOC32_{GETFLAGS,SETFLAGS,GETVERSION} in btrfs_ioctl (bsc#1018100).
- btrfs: fix btrfs_compat_ioctl failures on non-compat ioctls (bsc#1018100).
- btrfs: fix inode leak on failure to setup whiteout inode in rename (bsc#1020975).
- btrfs: fix lockdep warning about log_mutex (bsc#1021455).
- btrfs: fix lockdep warning on deadlock against an inode's log mutex (bsc#1021455).
- btrfs: fix number of transaction units for renames with whiteout (bsc#1020975).
- btrfs: increment ctx->pos for every emitted or skipped dirent in readdir (bsc#981709).
- btrfs: incremental send, fix invalid paths for rename operations (bsc#1018316).
- btrfs: incremental send, fix premature rmdir operations (bsc#1018316).
- btrfs: pin log earlier when renaming (bsc#1020975).
- btrfs: pin logs earlier when doing a rename exchange operation (bsc#1020975).
- btrfs: remove old tree_root dirent processing in btrfs_real_readdir() (bsc#981709).
- btrfs: send, add missing error check for calls to path_loop() (bsc#1018316).
- btrfs: send, avoid incorrect leaf accesses when sending utimes operations (bsc#1018316).
- btrfs: send, fix failure to move directories with the same name around (bsc#1018316).
- btrfs: send, fix invalid leaf accesses due to incorrect utimes operations (bsc#1018316).
- btrfs: send, fix warning due to late freeing of orphan_dir_info structures (bsc#1018316).
- btrfs: test_check_exists: Fix infinite loop when searching for free space entries (bsc#987192).
- btrfs: unpin log if rename operation fails (bsc#1020975).
- btrfs: unpin logs if rename exchange operation fails (bsc#1020975).
- ceph: fix bad endianness handling in parse_reply_info_extra (bsc#1020488).
- clk: xgene: Add PMD clock (bsc#1019351).
- clk: xgene: Do not call __pa on ioremaped address (bsc#1019351).
- clk: xgene: Remove CLK_IS_ROOT (bsc#1019351).
- config: enable CONFIG_OCFS2_DEBUG_MASKLOG for ocfs2 (bsc#1015038)
- config: enable Ceph kernel client modules for ppc64le
- config: enable Ceph kernel client modules for s390x
- crypto: FIPS - allow tests to be disabled in FIPS mode (bsc#1018913).
- crypto: drbg - do not call drbg_instantiate in healt test (bsc#1018913).
- crypto: drbg - remove FIPS 140-2 continuous test (bsc#1018913).
- crypto: qat - fix bar discovery for c62x (bsc#1021251).
- crypto: qat - zero esram only for DH85x devices (bsc#1021248).
- crypto: rsa - allow keys >= 2048 bits in FIPS mode (bsc#1018913).
- crypto: xts - consolidate sanity check for keys (bsc#1018913).
- crypto: xts - fix compile errors (bsc#1018913).
- cxl: fix potential NULL dereference in free_adapter() (bsc#1016517).
- dax: fix deadlock with DAX 4k holes (bsc#1012829).
- dax: fix device-dax region base (bsc#1023175).
- device-dax: check devm_nsio_enable() return value (bsc#1023175).
- device-dax: fail all private mapping attempts (bsc#1023175).
- device-dax: fix percpu_ref_exit ordering (bsc#1023175).
- driver core: fix race between creating/querying glue dir and its cleanup (bnc#1008742).
- drivers: hv: Introduce a policy for controlling channel affinity.
- drivers: hv: balloon: Add logging for dynamic memory operations.
- drivers: hv: balloon: Disable hot add when CONFIG_MEMORY_HOTPLUG is not set.
- drivers: hv: balloon: Fix info request to show max page count.
- drivers: hv: balloon: Use available memory value in pressure report.
- drivers: hv: balloon: account for gaps in hot add regions.
- drivers: hv: balloon: keep track of where ha_region starts.
- drivers: hv: balloon: replace ha_region_mutex with spinlock.
- drivers: hv: cleanup vmbus_open() for wrap around mappings.
- drivers: hv: do not leak memory in vmbus_establish_gpadl().
- drivers: hv: get rid of id in struct vmbus_channel.
- drivers: hv: get rid of redundant messagecount in create_gpadl_header().
- drivers: hv: get rid of timeout in vmbus_open().
- drivers: hv: make VMBus bus ids persistent.
- drivers: hv: ring_buffer: count on wrap around mappings in get_next_pkt_raw() (v2).
- drivers: hv: ring_buffer: use wrap around mappings in hv_copy{from, to}_ringbuffer().
- drivers: hv: ring_buffer: wrap around mappings for ring buffers.
- drivers: hv: utils: Check VSS daemon is listening before a hot backup.
- drivers: hv: utils: Continue to poll VSS channel after handling requests.
- drivers: hv: utils: Fix the mapping between host version and protocol to use.
- drivers: hv: utils: reduce HV_UTIL_NEGO_TIMEOUT timeout.
- drivers: hv: vmbus: Base host signaling strictly on the ring state.
- drivers: hv: vmbus: Enable explicit signaling policy for NIC channels.
- drivers: hv: vmbus: Implement a mechanism to tag the channel for low latency.
- drivers: hv: vmbus: Make mmio resource local.
- drivers: hv: vmbus: On the read path cleanup the logic to interrupt the host.
- drivers: hv: vmbus: On write cleanup the logic to interrupt the host.
- drivers: hv: vmbus: Reduce the delay between retries in vmbus_post_msg().
- drivers: hv: vmbus: finally fix hv_need_to_signal_on_read().
- drivers: hv: vmbus: fix the race when querying and updating the percpu list.
- drivers: hv: vmbus: suppress some 'hv_vmbus: Unknown GUID' warnings.
- drivers: hv: vss: Improve log messages.
- drivers: hv: vss: Operation timeouts should match host expectation.
- drivers: net: phy: mdio-xgene: Add hardware dependency (bsc#1019351).
- drivers: net: phy: xgene: Fix 'remove' function (bsc#1019351).
- drivers: net: xgene: Add change_mtu function (bsc#1019351).
- drivers: net: xgene: Add flow control configuration (bsc#1019351).
- drivers: net: xgene: Add flow control initialization (bsc#1019351).
- drivers: net: xgene: Add helper function (bsc#1019351).
- drivers: net: xgene: Add support for Jumbo frame (bsc#1019351).
- drivers: net: xgene: Configure classifier with pagepool (bsc#1019351).
- drivers: net: xgene: Fix MSS programming (bsc#1019351).
- drivers: net: xgene: fix build after change_mtu function change (bsc#1019351).
- drivers: net: xgene: fix: Coalescing values for v2 hardware (bsc#1019351).
- drivers: net: xgene: fix: Disable coalescing on v1 hardware (bsc#1019351).
- drivers: net: xgene: fix: RSS for non-TCP/UDP (bsc#1019351).
- drivers: net: xgene: fix: Use GPIO to get link status (bsc#1019351).
- drivers: net: xgene: uninitialized variable in xgene_enet_free_pagepool() (bsc#1019351).
- drm: Delete previous two fixes for i915 (bsc#1019061). These upstream fixes brought some regressions, so better to revert for now.
- drm: Disable patches.drivers/drm-i915-Exit-cherryview_irq_handler-after-one-pass The patch seems leading to the instability on Wyse box (bsc#1015367).
- drm: Fix broken VT switch with video=1366x768 option (bsc#1018358).
- drm: Use u64 for intermediate dotclock calculations (bnc#1006472).
- drm: i915: Do not init hpd polling for vlv and chv from runtime_suspend() (bsc#1014120).
- drm: i915: Fix PCODE polling during CDCLK change notification (bsc#1015367).
- drm: i915: Fix watermarks for VLV/CHV (bsc#1011176).
- drm: i915: Force VDD off on the new power seqeuencer before starting to use it (bsc#1009674).
- drm: i915: Mark CPU cache as dirty when used for rendering (bsc#1015367).
- drm: i915: Mark i915_hpd_poll_init_work as static (bsc#1014120).
- drm: i915: Prevent PPS stealing from a normal DP port on VLV/CHV (bsc#1019061).
- drm: i915: Prevent enabling hpd polling in late suspend (bsc#1014120).
- drm: i915: Restore PPS HW state from the encoder resume hook (bsc#1019061).
- drm: i915: Workaround for DP DPMS D3 on Dell monitor (bsc#1019061).
- drm: vc4: Fix an integer overflow in temporary allocation layout (bsc#1021294).
- drm: vc4: Return -EINVAL on the overflow checks failing (bsc#1021294).
- drm: virtio-gpu: get the fb from the plane state for atomic updates (bsc#1023101).
- edac: xgene: Fix spelling mistake in error messages (bsc#1019351).
- efi: libstub: Move Graphics Output Protocol handling to generic code (bnc#974215).
- fbcon: Fix vc attr at deinit (bsc#1000619).
- fs: nfs: avoid including 'mountproto=' with no protocol in /proc/mounts (bsc#1019260).
- gpio: xgene: make explicitly non-modular (bsc#1019351).
- hv: acquire vmbus_connection.channel_mutex in vmbus_free_channels().
- hv: change clockevents unbind tactics.
- hv: do not reset hv_context.tsc_page on crash.
- hv_netvsc: Add handler for physical link speed change.
- hv_netvsc: Add query for initial physical link speed.
- hv_netvsc: Implement batching of receive completions.
- hv_netvsc: Revert 'make inline functions static'.
- hv_netvsc: Revert 'report vmbus name in ethtool'.
- hv_netvsc: add ethtool statistics for tx packet issues.
- hv_netvsc: count multicast packets received.
- hv_netvsc: dev hold/put reference to VF.
- hv_netvsc: fix a race between netvsc_send() and netvsc_init_buf().
- hv_netvsc: fix comments.
- hv_netvsc: fix rtnl locking in callback.
- hv_netvsc: improve VF device matching.
- hv_netvsc: init completion during alloc.
- hv_netvsc: make RSS hash key static.
- hv_netvsc: make device_remove void.
- hv_netvsc: make inline functions static.
- hv_netvsc: make netvsc_destroy_buf void.
- hv_netvsc: make variable local.
- hv_netvsc: rearrange start_xmit.
- hv_netvsc: refactor completion function.
- hv_netvsc: remove VF in flight counters.
- hv_netvsc: remove excessive logging on MTU change.
- hv_netvsc: report vmbus name in ethtool.
- hv_netvsc: simplify callback event code.
- hv_netvsc: style cleanups.
- hv_netvsc: use ARRAY_SIZE() for NDIS versions.
- hv_netvsc: use RCU to protect vf_netdev.
- hv_netvsc: use consume_skb.
- hv_netvsc: use kcalloc.
- hyperv: Fix spelling of HV_UNKOWN.
- i2c: designware-baytrail: Disallow the CPU to enter C6 or C7 while holding the punit semaphore (bsc#1011913).
- i2c: designware: Implement support for SMBus block read and write (bsc#1019351).
- i2c: designware: fix wrong Tx/Rx FIFO for ACPI (bsc#1019351).
- i2c: xgene: Fix missing code of DTB support (bsc#1019351).
- i40e: Be much more verbose about what we can and cannot offload (bsc#985561).
- ibmveth: calculate gso_segs for large packets (bsc#1019148).
- ibmveth: check return of skb_linearize in ibmveth_start_xmit (bsc#1019148).
- ibmveth: consolidate kmalloc of array, memset 0 to kcalloc (bsc#1019148).
- ibmveth: set correct gso_size and gso_type (bsc#1019148).
- igb: Workaround for igb i210 firmware issue (bsc#1009911).
- igb: add i211 to i210 PHY workaround (bsc#1009911).
- input: i8042: Trust firmware a bit more when probing on X86 (bsc#1011660).
- intel_idle: Add KBL support (bsc#1016884).
- ip6_gre: fix ip6gre_err() invalid reads (CVE-2017-5897, bsc#1023762).
- ipc: msg, make msgrcv work with LONG_MIN (bnc#1005918).
- iwlwifi: Expose the default fallback ucode API to module info (boo#1021082, boo#1023884).
- kgraft: iscsi-target: Do not block kGraft in iscsi_np kthread (bsc#1010612).
- kgraft: xen: Do not block kGraft in xenbus kthread (bsc#1017410).
- libnvdimm: pfn: fix align attribute (bsc#1023175).
- mailbox: xgene-slimpro: Fix wrong test for devm_kzalloc (bsc#1019351).
- md linear: fix a race between linear_add() and linear_congested() (bsc#1018446).
- md-cluster: convert the completion to wait queue.
- md-cluster: protect md_find_rdev_nr_rcu with rcu lock.
- md: ensure md devices are freed before module is unloaded (bsc#1022304).
- md: fix refcount problem on mddev when stopping array (bsc#1022304).
- misc: genwqe: ensure zero initialization.
- mm: do not loop on GFP_REPEAT high order requests if there is no reclaim progress (bnc#1013000).
- mm: memcg: do not retry precharge charges (bnc#1022559).
- mm: page_alloc: fix check for NULL preferred_zone (bnc#971975 VM performance -- page allocator).
- mm: page_alloc: fix fast-path race with cpuset update or removal (bnc#971975 VM performance -- page allocator).
- mm: page_alloc: fix premature OOM when racing with cpuset mems update (bnc#971975 VM performance -- page allocator).
- mm: page_alloc: keep pcp count and list contents in sync if struct page is corrupted (bnc#971975 VM performance -- page allocator).
- mm: page_alloc: move cpuset seqcount checking to slowpath (bnc#971975 VM performance -- page allocator).
- mmc: sdhci-of-arasan: Remove no-hispd and no-cmd23 quirks for sdhci-arasan4.9a (bsc#1019351).
- mwifiex: add missing check for PCIe8997 chipset (bsc#1018813).
- mwifiex: fix IBSS data path issue (bsc#1018813).
- mwifiex: fix PCIe register information for 8997 chipset (bsc#1018813).
- net: af_iucv: do not use paged skbs for TX on HiperSockets (bnc#1020945, LTC#150566).
- net: ethernet: apm: xgene: use phydev from struct net_device (bsc#1019351).
- net: ethtool: Initialize buffer when querying device channel settings (bsc#969479).
- net: hyperv: avoid uninitialized variable.
- net: implement netif_cond_dbg macro (bsc#1019168).
- net: remove useless memset's in drivers get_stats64 (bsc#1019351).
- net: xgene: avoid bogus maybe-uninitialized warning (bsc#1019351).
- net: xgene: fix backward compatibility fix (bsc#1019351).
- net: xgene: fix error handling during reset (bsc#1019351).
- net: xgene: move xgene_cle_ptree_ewdn data off stack (bsc#1019351).
- netvsc: Remove mistaken udp.h inclusion.
- netvsc: add rcu_read locking to netvsc callback.
- netvsc: fix checksum on UDP IPV6.
- netvsc: reduce maximum GSO size.
- nfit: fail DSMs that return non-zero status by default (bsc#1023175).
- nfsv4: Cap the transport reconnection timer at 1/2 lease period (bsc#1014410).
- nfsv4: Cleanup the setting of the nfs4 lease period (bsc#1014410).
- nvdimm: kabi protect nd_cmd_out_size() (bsc#1023175).
- nvme: apply DELAY_BEFORE_CHK_RDY quirk at probe time too (bsc#1020685).
- ocfs2: fix deadlock on mmapped page in ocfs2_write_begin_nolock() (bnc#921494).
- pci: Add devm_request_pci_bus_resources() (bsc#1019351).
- pci: generic: Fix pci_remap_iospace() failure path (bsc#1019630).
- pci: hv: Allocate physically contiguous hypercall params buffer.
- pci: hv: Fix hv_pci_remove() for hot-remove.
- pci: hv: Handle hv_pci_generic_compl() error case.
- pci: hv: Handle vmbus_sendpacket() failure in hv_compose_msi_msg().
- pci: hv: Make unnecessarily global IRQ masking functions static.
- pci: hv: Remove the unused 'wrk' in struct hv_pcibus_device.
- pci: hv: Use list_move_tail() instead of list_del() + list_add_tail().
- pci: hv: Use pci_function_description in struct definitions.
- pci: hv: Use the correct buffer size in new_pcichild_device().
- pci: hv: Use zero-length array in struct pci_packet.
- pci: include header file (bsc#964944).
- pci: xgene: Add local struct device pointers (bsc#1019351).
- pci: xgene: Add register accessors (bsc#1019351).
- pci: xgene: Free bridge resource list on failure (bsc#1019351).
- pci: xgene: Make explicitly non-modular (bsc#1019351).
- pci: xgene: Pass struct xgene_pcie_port to setup functions (bsc#1019351).
- pci: xgene: Remove unused platform data (bsc#1019351).
- pci: xgene: Request host bridge window resources (bsc#1019351).
- perf: xgene: Remove bogus IS_ERR() check (bsc#1019351).
- phy: xgene: rename 'enum phy_mode' to 'enum xgene_phy_mode' (bsc#1019351).
- power: reset: xgene-reboot: Unmap region obtained by of_iomap (bsc#1019351).
- powerpc: fadump: Fix the race in crash_fadump() (bsc#1022971).
- qeth: check not more than 16 SBALEs on the completion queue (bnc#1009718, LTC#148203).
- raid1: Fix a regression observed during the rebuilding of degraded MDRAID VDs (bsc#1020048).
- raid1: ignore discard error (bsc#1017164).
- reiserfs: fix race in prealloc discard (bsc#987576).
- rpm: kernel-binary.spec.in: Export a make-stderr.log file (bsc#1012422)
- rpm: kernel-binary.spec.in: Fix installation of /etc/uefi/certs (bsc#1019594)
- rtc: cmos: Clear ACPI-driven alarms upon resume (bsc#1022429).
- rtc: cmos: Do not enable interrupts in the middle of the interrupt handler (bsc#1022429).
- rtc: cmos: Restore alarm after resume (bsc#1022429).
- rtc: cmos: avoid unused function warning (bsc#1022429).
- s390: Fix invalid domain response handling (bnc#1009718).
- s390: cpuinfo: show maximum thread id (bnc#1009718, LTC#148580).
- s390: sysinfo: show partition extended name and UUID if available (bnc#1009718, LTC#150160).
- s390: time: LPAR offset handling (bnc#1009718, LTC#146920).
- s390: time: move PTFF definitions (bnc#1009718, LTC#146920).
- sched: Allow hotplug notifiers to be setup early (bnc#1022476).
- sched: Make wake_up_nohz_cpu() handle CPUs going offline (bnc#1022476).
- sched: core, x86/topology: Fix NUMA in package topology bug (bnc#1022476).
- sched: core: Fix incorrect utilization accounting when switching to fair class (bnc#1022476).
- sched: core: Fix set_user_nice() (bnc#1022476).
- sched: cputime: Add steal time support to full dynticks CPU time accounting (bnc#1022476).
- sched: cputime: Fix prev steal time accouting during CPU hotplug (bnc#1022476).
- sched: deadline: Always calculate end of period on sched_yield() (bnc#1022476).
- sched: deadline: Fix a bug in dl_overflow() (bnc#1022476).
- sched: deadline: Fix lock pinning warning during CPU hotplug (bnc#1022476).
- sched: deadline: Fix wrap-around in DL heap (bnc#1022476).
- sched: fair: Avoid using decay_load_missed() with a negative value (bnc#1022476).
- sched: fair: Fix fixed point arithmetic width for shares and effective load (bnc#1022476).
- sched: fair: Fix load_above_capacity fixed point arithmetic width (bnc#1022476).
- sched: fair: Fix min_vruntime tracking (bnc#1022476).
- sched: fair: Fix the wrong throttled clock time for cfs_rq_clock_task() (bnc#1022476).
- sched: fair: Improve PELT stuff some more (bnc#1022476).
- sched: rt, sched/dl: Do not push if task's scheduling class was changed (bnc#1022476).
- sched: rt: Fix PI handling vs. sched_setscheduler() (bnc#1022476).
- sched: rt: Kick RT bandwidth timer immediately on start up (bnc#1022476).
- scsi: Add 'AIX VDASD' to blacklist (bsc#1006469).
- scsi: Modify HITACHI OPEN-V blacklist entry (bsc#1006469).
- scsi: bfa: Increase requested firmware version to 3.2.5.1 (bsc#1013273).
- scsi: storvsc: Payload buffer incorrectly sized for 32 bit kernels.
- scsi_dh_alua: uninitialized variable in alua_rtpg() (bsc#1012910).
- sctp: avoid BUG_ON on sctp_wait_for_sndbuf (CVE-2017-5986, bsc#1025235).
- sd: always scan VPD pages if thin provisioning is enabled (bsc#1013792).
- serial: 8250: Integrate Fintek into 8250_base (boo#1016979). Update config files to change CONFIG_SERIAL_8250_FINTEK to boolean accordingly, too. Also, the corresponding entry got removed from supported.conf.
- serial: 8250_fintek: fix the mismatched IRQ mode (boo#1009546).
- serial: Update metadata for serial fixes (bsc#1013001)
- ses: Fix SAS device detection in enclosure (bsc#1016403).
- sfc: reduce severity of PIO buffer alloc failures (bsc#1019168).
- sfc: refactor debug-or-warnings printks (bsc#1019168).
- sunrpc: Fix reconnection timeouts (bsc#1014410).
- sunrpc: Limit the reconnect backoff timer to the max RPC message timeout (bsc#1014410).
- supported.conf: Support Marvell WiFi/BT SDIO and pinctrl-cherrytrail (bsc#1018813)
- supported.conf: delete xilinx/ll_temac (bsc#1011602)
- target: add XCOPY target/segment desc sense codes (bsc#991273).
- target: bounds check XCOPY segment descriptor list (bsc#991273).
- target: bounds check XCOPY total descriptor list length (bsc#991273).
- target: check XCOPY segment descriptor CSCD IDs (bsc#1017170).
- target: check for XCOPY parameter truncation (bsc#991273).
- target: return UNSUPPORTED TARGET/SEGMENT DESC TYPE CODE sense (bsc#991273).
- target: simplify XCOPY wwn->se_dev lookup helper (bsc#991273).
- target: support XCOPY requests without parameters (bsc#991273).
- target: use XCOPY TOO MANY TARGET DESCRIPTORS sense (bsc#991273).
- target: use XCOPY segment descriptor CSCD IDs (bsc#1017170).
- tools: hv: Enable network manager for bonding scripts on RHEL.
- tools: hv: fix a compile warning in snprintf.
- tools: hv: kvp: configurable external scripts path.
- tools: hv: kvp: ensure kvp device fd is closed on exec.
- tools: hv: remove unnecessary header files and netlink related code.
- tools: hv: remove unnecessary link flag.
- tty: n_hdlc, fix lockdep false positive (bnc#1015840).
- uvcvideo: uvc_scan_fallback() for webcams with broken chain (bsc#1021474).
- vmbus: make sysfs names consistent with PCI.
- x86: MCE: Dump MCE to dmesg if no consumers (bsc#1013994).
- x86: hyperv: Handle unknown NMIs on one CPU when unknown_nmi_panic.
- xfs: don't allow di_size with high bit set (bsc#1024234).
- xfs: exclude never-released buffers from buftarg I/O accounting (bsc#1024508).
- xfs: fix broken multi-fsb buffer logging (bsc#1024081).
- xfs: fix buffer overflow dm_get_dirattrs/dm_get_dirattrs2 (bsc#989056).
- xfs: fix up xfs_swap_extent_forks inline extent handling (bsc#1023888).
- xfs: track and serialize in-flight async buffers against unmount (bsc#1024508).
- xfs: track and serialize in-flight async buffers against unmount - kABI (bsc#1024508).
Patchnames
SUSE-OpenStack-Cloud-Magnum-Orchestration-7-2017-300,SUSE-SLE-DESKTOP-12-SP2-2017-300,SUSE-SLE-HA-12-SP2-2017-300,SUSE-SLE-Live-Patching-12-2017-300,SUSE-SLE-RPI-12-SP2-2017-300,SUSE-SLE-SDK-12-SP2-2017-300,SUSE-SLE-SERVER-12-SP2-2017-300,SUSE-SLE-WE-12-SP2-2017-300
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for the Linux Kernel",
"title": "Title of the patch"
},
{
"category": "description",
"text": "\nThe SUSE Linux Enterprise 12 SP2 kernel was updated to 4.4.49 to receive various security and bugfixes.\n\n\nThe following security bugs were fixed:\n\n- CVE-2016-7117: Use-after-free vulnerability in the __sys_recvmmsg function in\n net/socket.c in the Linux kernel allowed remote attackers to execute arbitrary\n code via vectors involving a recvmmsg system call that was mishandled during\n error processing (bnc#1003077).\n- CVE-2017-5576: Integer overflow in the vc4_get_bcl function in\n drivers/gpu/drm/vc4/vc4_gem.c in the VideoCore DRM driver in the Linux kernel\n allowed local users to cause a denial of service or possibly have unspecified\n other impact via a crafted size value in a VC4_SUBMIT_CL ioctl call\n (bnc#1021294).\n- CVE-2017-5577: The vc4_get_bcl function in drivers/gpu/drm/vc4/vc4_gem.c in\n the VideoCore DRM driver in the Linux kernel did not set an errno value upon\n certain overflow detections, which allowed local users to cause a denial of\n service (incorrect pointer dereference and OOPS) via inconsistent size values\n in a VC4_SUBMIT_CL ioctl call (bnc#1021294).\n- CVE-2017-5551: The simple_set_acl function in fs/posix_acl.c in the Linux\n kernel preserved the setgid bit during a setxattr call involving a tmpfs\n filesystem, which allowed local users to gain group privileges by leveraging\n the existence of a setgid program with restrictions on execute permissions.\n (bnc#1021258).\n- CVE-2017-2583: The load_segment_descriptor implementation in\n arch/x86/kvm/emulate.c in the Linux kernel improperly emulated a \u0027MOV SS,\n NULL selector\u0027 instruction, which allowed guest OS users to cause a denial of\n service (guest OS crash) or gain guest OS privileges via a crafted\n application (bnc#1020602).\n- CVE-2017-2584: arch/x86/kvm/emulate.c in the Linux kernel allowed local users\n to obtain sensitive information from kernel memory or cause a denial of\n service (use-after-free) via a crafted application that leverages instruction\n emulation for fxrstor, fxsave, sgdt, and sidt (bnc#1019851).\n- CVE-2015-8709: kernel/ptrace.c in the Linux kernel mishandled uid and gid\n mappings, which allowed local users to gain privileges by establishing a user\n namespace, waiting for a root process to enter that namespace with an unsafe\n uid or gid, and then using the ptrace system call. NOTE: the vendor states\n \u0027there is no kernel bug here\u0027 (bnc#1010933).\n- CVE-2016-9806: Race condition in the netlink_dump function in\n net/netlink/af_netlink.c in the Linux kernel allowed local users to cause a\n denial of service (double free) or possibly have unspecified other impact via\n a crafted application that made sendmsg system calls, leading to a free\n operation associated with a new dump that started earlier than anticipated\n (bnc#1013540).\n- CVE-2017-5897: fixed a bug in the Linux kernel IPv6 implementation which\n allowed remote attackers to trigger an out-of-bounds access, leading to a\n denial-of-service attack (bnc#1023762).\n- CVE-2017-5970: Fixed a possible denial-of-service that could have been\n triggered by sending bad IP options on a socket (bsc#1024938).\n- CVE-2017-5986: an application could have triggered a BUG_ON() in\n sctp_wait_for_sndbuf() if the socket TX buffer was full, a thread was waiting\n on it to queue more data, and meanwhile another thread peeled off the\n association being used by the first thread (bsc#1025235).\n\nThe following non-security bugs were fixed:\n\n- 8250: fintek: rename IRQ_MODE macro (boo#1009546).\n- acpi: nfit, libnvdimm: fix / harden ars_status output length handling (bsc#1023175).\n- acpi: nfit: fix bus vs dimm confusion in xlat_status (bsc#1023175).\n- acpi: nfit: validate ars_status output buffer size (bsc#1023175).\n- arm64: numa: fix incorrect log for memory-less node (bsc#1019631).\n- asoc: cht_bsw_rt5645: Fix leftover kmalloc (bsc#1010690).\n- asoc: rt5670: add HS ground control (bsc#1016250).\n- bcache: Make gc wakeup sane, remove set_task_state() (bsc#1021260).\n- bcache: partition support: add 16 minors per bcacheN device (bsc#1019784).\n- blk-mq: Allow timeouts to run while queue is freezing (bsc#1020817).\n- blk-mq: Always schedule hctx-\u003enext_cpu (bsc#1020817).\n- blk-mq: Avoid memory reclaim when remapping queues (bsc#1020817).\n- blk-mq: Fix failed allocation path when mapping queues (bsc#1020817).\n- blk-mq: do not overwrite rq-\u003emq_ctx (bsc#1020817).\n- blk-mq: improve warning for running a queue on the wrong CPU (bsc#1020817).\n- block: Change extern inline to static inline (bsc#1023175).\n- bluetooth: btmrvl: fix hung task warning dump (bsc#1018813).\n- bnx2x: Correct ringparam estimate when DOWN (bsc#1020214).\n- brcmfmac: Change error print on wlan0 existence (bsc#1000092).\n- btrfs: add support for RENAME_EXCHANGE and RENAME_WHITEOUT (bsc#1020975).\n- btrfs: bugfix: handle FS_IOC32_{GETFLAGS,SETFLAGS,GETVERSION} in btrfs_ioctl (bsc#1018100).\n- btrfs: fix btrfs_compat_ioctl failures on non-compat ioctls (bsc#1018100).\n- btrfs: fix inode leak on failure to setup whiteout inode in rename (bsc#1020975).\n- btrfs: fix lockdep warning about log_mutex (bsc#1021455).\n- btrfs: fix lockdep warning on deadlock against an inode\u0027s log mutex (bsc#1021455).\n- btrfs: fix number of transaction units for renames with whiteout (bsc#1020975).\n- btrfs: increment ctx-\u003epos for every emitted or skipped dirent in readdir (bsc#981709).\n- btrfs: incremental send, fix invalid paths for rename operations (bsc#1018316).\n- btrfs: incremental send, fix premature rmdir operations (bsc#1018316).\n- btrfs: pin log earlier when renaming (bsc#1020975).\n- btrfs: pin logs earlier when doing a rename exchange operation (bsc#1020975).\n- btrfs: remove old tree_root dirent processing in btrfs_real_readdir() (bsc#981709).\n- btrfs: send, add missing error check for calls to path_loop() (bsc#1018316).\n- btrfs: send, avoid incorrect leaf accesses when sending utimes operations (bsc#1018316).\n- btrfs: send, fix failure to move directories with the same name around (bsc#1018316).\n- btrfs: send, fix invalid leaf accesses due to incorrect utimes operations (bsc#1018316).\n- btrfs: send, fix warning due to late freeing of orphan_dir_info structures (bsc#1018316).\n- btrfs: test_check_exists: Fix infinite loop when searching for free space entries (bsc#987192).\n- btrfs: unpin log if rename operation fails (bsc#1020975).\n- btrfs: unpin logs if rename exchange operation fails (bsc#1020975).\n- ceph: fix bad endianness handling in parse_reply_info_extra (bsc#1020488).\n- clk: xgene: Add PMD clock (bsc#1019351).\n- clk: xgene: Do not call __pa on ioremaped address (bsc#1019351).\n- clk: xgene: Remove CLK_IS_ROOT (bsc#1019351).\n- config: enable CONFIG_OCFS2_DEBUG_MASKLOG for ocfs2 (bsc#1015038)\n- config: enable Ceph kernel client modules for ppc64le\n- config: enable Ceph kernel client modules for s390x\n- crypto: FIPS - allow tests to be disabled in FIPS mode (bsc#1018913).\n- crypto: drbg - do not call drbg_instantiate in healt test (bsc#1018913).\n- crypto: drbg - remove FIPS 140-2 continuous test (bsc#1018913).\n- crypto: qat - fix bar discovery for c62x (bsc#1021251).\n- crypto: qat - zero esram only for DH85x devices (bsc#1021248).\n- crypto: rsa - allow keys \u003e= 2048 bits in FIPS mode (bsc#1018913).\n- crypto: xts - consolidate sanity check for keys (bsc#1018913).\n- crypto: xts - fix compile errors (bsc#1018913).\n- cxl: fix potential NULL dereference in free_adapter() (bsc#1016517).\n- dax: fix deadlock with DAX 4k holes (bsc#1012829).\n- dax: fix device-dax region base (bsc#1023175).\n- device-dax: check devm_nsio_enable() return value (bsc#1023175).\n- device-dax: fail all private mapping attempts (bsc#1023175).\n- device-dax: fix percpu_ref_exit ordering (bsc#1023175).\n- driver core: fix race between creating/querying glue dir and its cleanup (bnc#1008742).\n- drivers: hv: Introduce a policy for controlling channel affinity.\n- drivers: hv: balloon: Add logging for dynamic memory operations.\n- drivers: hv: balloon: Disable hot add when CONFIG_MEMORY_HOTPLUG is not set.\n- drivers: hv: balloon: Fix info request to show max page count.\n- drivers: hv: balloon: Use available memory value in pressure report.\n- drivers: hv: balloon: account for gaps in hot add regions.\n- drivers: hv: balloon: keep track of where ha_region starts.\n- drivers: hv: balloon: replace ha_region_mutex with spinlock.\n- drivers: hv: cleanup vmbus_open() for wrap around mappings.\n- drivers: hv: do not leak memory in vmbus_establish_gpadl().\n- drivers: hv: get rid of id in struct vmbus_channel.\n- drivers: hv: get rid of redundant messagecount in create_gpadl_header().\n- drivers: hv: get rid of timeout in vmbus_open().\n- drivers: hv: make VMBus bus ids persistent.\n- drivers: hv: ring_buffer: count on wrap around mappings in get_next_pkt_raw() (v2).\n- drivers: hv: ring_buffer: use wrap around mappings in hv_copy{from, to}_ringbuffer().\n- drivers: hv: ring_buffer: wrap around mappings for ring buffers.\n- drivers: hv: utils: Check VSS daemon is listening before a hot backup.\n- drivers: hv: utils: Continue to poll VSS channel after handling requests.\n- drivers: hv: utils: Fix the mapping between host version and protocol to use.\n- drivers: hv: utils: reduce HV_UTIL_NEGO_TIMEOUT timeout.\n- drivers: hv: vmbus: Base host signaling strictly on the ring state.\n- drivers: hv: vmbus: Enable explicit signaling policy for NIC channels.\n- drivers: hv: vmbus: Implement a mechanism to tag the channel for low latency.\n- drivers: hv: vmbus: Make mmio resource local.\n- drivers: hv: vmbus: On the read path cleanup the logic to interrupt the host.\n- drivers: hv: vmbus: On write cleanup the logic to interrupt the host.\n- drivers: hv: vmbus: Reduce the delay between retries in vmbus_post_msg().\n- drivers: hv: vmbus: finally fix hv_need_to_signal_on_read().\n- drivers: hv: vmbus: fix the race when querying and updating the percpu list.\n- drivers: hv: vmbus: suppress some \u0027hv_vmbus: Unknown GUID\u0027 warnings.\n- drivers: hv: vss: Improve log messages.\n- drivers: hv: vss: Operation timeouts should match host expectation.\n- drivers: net: phy: mdio-xgene: Add hardware dependency (bsc#1019351).\n- drivers: net: phy: xgene: Fix \u0027remove\u0027 function (bsc#1019351).\n- drivers: net: xgene: Add change_mtu function (bsc#1019351).\n- drivers: net: xgene: Add flow control configuration (bsc#1019351).\n- drivers: net: xgene: Add flow control initialization (bsc#1019351).\n- drivers: net: xgene: Add helper function (bsc#1019351).\n- drivers: net: xgene: Add support for Jumbo frame (bsc#1019351).\n- drivers: net: xgene: Configure classifier with pagepool (bsc#1019351).\n- drivers: net: xgene: Fix MSS programming (bsc#1019351).\n- drivers: net: xgene: fix build after change_mtu function change (bsc#1019351).\n- drivers: net: xgene: fix: Coalescing values for v2 hardware (bsc#1019351).\n- drivers: net: xgene: fix: Disable coalescing on v1 hardware (bsc#1019351).\n- drivers: net: xgene: fix: RSS for non-TCP/UDP (bsc#1019351).\n- drivers: net: xgene: fix: Use GPIO to get link status (bsc#1019351).\n- drivers: net: xgene: uninitialized variable in xgene_enet_free_pagepool() (bsc#1019351).\n- drm: Delete previous two fixes for i915 (bsc#1019061). These upstream fixes brought some regressions, so better to revert for now.\n- drm: Disable patches.drivers/drm-i915-Exit-cherryview_irq_handler-after-one-pass The patch seems leading to the instability on Wyse box (bsc#1015367).\n- drm: Fix broken VT switch with video=1366x768 option (bsc#1018358).\n- drm: Use u64 for intermediate dotclock calculations (bnc#1006472).\n- drm: i915: Do not init hpd polling for vlv and chv from runtime_suspend() (bsc#1014120).\n- drm: i915: Fix PCODE polling during CDCLK change notification (bsc#1015367).\n- drm: i915: Fix watermarks for VLV/CHV (bsc#1011176).\n- drm: i915: Force VDD off on the new power seqeuencer before starting to use it (bsc#1009674).\n- drm: i915: Mark CPU cache as dirty when used for rendering (bsc#1015367).\n- drm: i915: Mark i915_hpd_poll_init_work as static (bsc#1014120).\n- drm: i915: Prevent PPS stealing from a normal DP port on VLV/CHV (bsc#1019061).\n- drm: i915: Prevent enabling hpd polling in late suspend (bsc#1014120).\n- drm: i915: Restore PPS HW state from the encoder resume hook (bsc#1019061).\n- drm: i915: Workaround for DP DPMS D3 on Dell monitor (bsc#1019061).\n- drm: vc4: Fix an integer overflow in temporary allocation layout (bsc#1021294).\n- drm: vc4: Return -EINVAL on the overflow checks failing (bsc#1021294).\n- drm: virtio-gpu: get the fb from the plane state for atomic updates (bsc#1023101).\n- edac: xgene: Fix spelling mistake in error messages (bsc#1019351).\n- efi: libstub: Move Graphics Output Protocol handling to generic code (bnc#974215).\n- fbcon: Fix vc attr at deinit (bsc#1000619).\n- fs: nfs: avoid including \u0027mountproto=\u0027 with no protocol in /proc/mounts (bsc#1019260).\n- gpio: xgene: make explicitly non-modular (bsc#1019351).\n- hv: acquire vmbus_connection.channel_mutex in vmbus_free_channels().\n- hv: change clockevents unbind tactics.\n- hv: do not reset hv_context.tsc_page on crash.\n- hv_netvsc: Add handler for physical link speed change.\n- hv_netvsc: Add query for initial physical link speed.\n- hv_netvsc: Implement batching of receive completions.\n- hv_netvsc: Revert \u0027make inline functions static\u0027.\n- hv_netvsc: Revert \u0027report vmbus name in ethtool\u0027.\n- hv_netvsc: add ethtool statistics for tx packet issues.\n- hv_netvsc: count multicast packets received.\n- hv_netvsc: dev hold/put reference to VF.\n- hv_netvsc: fix a race between netvsc_send() and netvsc_init_buf().\n- hv_netvsc: fix comments.\n- hv_netvsc: fix rtnl locking in callback.\n- hv_netvsc: improve VF device matching.\n- hv_netvsc: init completion during alloc.\n- hv_netvsc: make RSS hash key static.\n- hv_netvsc: make device_remove void.\n- hv_netvsc: make inline functions static.\n- hv_netvsc: make netvsc_destroy_buf void.\n- hv_netvsc: make variable local.\n- hv_netvsc: rearrange start_xmit.\n- hv_netvsc: refactor completion function.\n- hv_netvsc: remove VF in flight counters.\n- hv_netvsc: remove excessive logging on MTU change.\n- hv_netvsc: report vmbus name in ethtool.\n- hv_netvsc: simplify callback event code.\n- hv_netvsc: style cleanups.\n- hv_netvsc: use ARRAY_SIZE() for NDIS versions.\n- hv_netvsc: use RCU to protect vf_netdev.\n- hv_netvsc: use consume_skb.\n- hv_netvsc: use kcalloc.\n- hyperv: Fix spelling of HV_UNKOWN.\n- i2c: designware-baytrail: Disallow the CPU to enter C6 or C7 while holding the punit semaphore (bsc#1011913).\n- i2c: designware: Implement support for SMBus block read and write (bsc#1019351).\n- i2c: designware: fix wrong Tx/Rx FIFO for ACPI (bsc#1019351).\n- i2c: xgene: Fix missing code of DTB support (bsc#1019351).\n- i40e: Be much more verbose about what we can and cannot offload (bsc#985561).\n- ibmveth: calculate gso_segs for large packets (bsc#1019148).\n- ibmveth: check return of skb_linearize in ibmveth_start_xmit (bsc#1019148).\n- ibmveth: consolidate kmalloc of array, memset 0 to kcalloc (bsc#1019148).\n- ibmveth: set correct gso_size and gso_type (bsc#1019148).\n- igb: Workaround for igb i210 firmware issue (bsc#1009911).\n- igb: add i211 to i210 PHY workaround (bsc#1009911).\n- input: i8042: Trust firmware a bit more when probing on X86 (bsc#1011660).\n- intel_idle: Add KBL support (bsc#1016884).\n- ip6_gre: fix ip6gre_err() invalid reads (CVE-2017-5897, bsc#1023762).\n- ipc: msg, make msgrcv work with LONG_MIN (bnc#1005918).\n- iwlwifi: Expose the default fallback ucode API to module info (boo#1021082, boo#1023884).\n- kgraft: iscsi-target: Do not block kGraft in iscsi_np kthread (bsc#1010612).\n- kgraft: xen: Do not block kGraft in xenbus kthread (bsc#1017410).\n- libnvdimm: pfn: fix align attribute (bsc#1023175).\n- mailbox: xgene-slimpro: Fix wrong test for devm_kzalloc (bsc#1019351).\n- md linear: fix a race between linear_add() and linear_congested() (bsc#1018446).\n- md-cluster: convert the completion to wait queue.\n- md-cluster: protect md_find_rdev_nr_rcu with rcu lock.\n- md: ensure md devices are freed before module is unloaded (bsc#1022304).\n- md: fix refcount problem on mddev when stopping array (bsc#1022304).\n- misc: genwqe: ensure zero initialization.\n- mm: do not loop on GFP_REPEAT high order requests if there is no reclaim progress (bnc#1013000).\n- mm: memcg: do not retry precharge charges (bnc#1022559).\n- mm: page_alloc: fix check for NULL preferred_zone (bnc#971975 VM performance -- page allocator).\n- mm: page_alloc: fix fast-path race with cpuset update or removal (bnc#971975 VM performance -- page allocator).\n- mm: page_alloc: fix premature OOM when racing with cpuset mems update (bnc#971975 VM performance -- page allocator).\n- mm: page_alloc: keep pcp count and list contents in sync if struct page is corrupted (bnc#971975 VM performance -- page allocator).\n- mm: page_alloc: move cpuset seqcount checking to slowpath (bnc#971975 VM performance -- page allocator).\n- mmc: sdhci-of-arasan: Remove no-hispd and no-cmd23 quirks for sdhci-arasan4.9a (bsc#1019351).\n- mwifiex: add missing check for PCIe8997 chipset (bsc#1018813).\n- mwifiex: fix IBSS data path issue (bsc#1018813).\n- mwifiex: fix PCIe register information for 8997 chipset (bsc#1018813).\n- net: af_iucv: do not use paged skbs for TX on HiperSockets (bnc#1020945, LTC#150566).\n- net: ethernet: apm: xgene: use phydev from struct net_device (bsc#1019351).\n- net: ethtool: Initialize buffer when querying device channel settings (bsc#969479).\n- net: hyperv: avoid uninitialized variable.\n- net: implement netif_cond_dbg macro (bsc#1019168).\n- net: remove useless memset\u0027s in drivers get_stats64 (bsc#1019351).\n- net: xgene: avoid bogus maybe-uninitialized warning (bsc#1019351).\n- net: xgene: fix backward compatibility fix (bsc#1019351).\n- net: xgene: fix error handling during reset (bsc#1019351).\n- net: xgene: move xgene_cle_ptree_ewdn data off stack (bsc#1019351).\n- netvsc: Remove mistaken udp.h inclusion.\n- netvsc: add rcu_read locking to netvsc callback.\n- netvsc: fix checksum on UDP IPV6.\n- netvsc: reduce maximum GSO size.\n- nfit: fail DSMs that return non-zero status by default (bsc#1023175).\n- nfsv4: Cap the transport reconnection timer at 1/2 lease period (bsc#1014410).\n- nfsv4: Cleanup the setting of the nfs4 lease period (bsc#1014410).\n- nvdimm: kabi protect nd_cmd_out_size() (bsc#1023175).\n- nvme: apply DELAY_BEFORE_CHK_RDY quirk at probe time too (bsc#1020685).\n- ocfs2: fix deadlock on mmapped page in ocfs2_write_begin_nolock() (bnc#921494).\n- pci: Add devm_request_pci_bus_resources() (bsc#1019351).\n- pci: generic: Fix pci_remap_iospace() failure path (bsc#1019630).\n- pci: hv: Allocate physically contiguous hypercall params buffer.\n- pci: hv: Fix hv_pci_remove() for hot-remove.\n- pci: hv: Handle hv_pci_generic_compl() error case.\n- pci: hv: Handle vmbus_sendpacket() failure in hv_compose_msi_msg().\n- pci: hv: Make unnecessarily global IRQ masking functions static.\n- pci: hv: Remove the unused \u0027wrk\u0027 in struct hv_pcibus_device.\n- pci: hv: Use list_move_tail() instead of list_del() + list_add_tail().\n- pci: hv: Use pci_function_description in struct definitions.\n- pci: hv: Use the correct buffer size in new_pcichild_device().\n- pci: hv: Use zero-length array in struct pci_packet.\n- pci: include header file (bsc#964944).\n- pci: xgene: Add local struct device pointers (bsc#1019351).\n- pci: xgene: Add register accessors (bsc#1019351).\n- pci: xgene: Free bridge resource list on failure (bsc#1019351).\n- pci: xgene: Make explicitly non-modular (bsc#1019351).\n- pci: xgene: Pass struct xgene_pcie_port to setup functions (bsc#1019351).\n- pci: xgene: Remove unused platform data (bsc#1019351).\n- pci: xgene: Request host bridge window resources (bsc#1019351).\n- perf: xgene: Remove bogus IS_ERR() check (bsc#1019351).\n- phy: xgene: rename \u0027enum phy_mode\u0027 to \u0027enum xgene_phy_mode\u0027 (bsc#1019351).\n- power: reset: xgene-reboot: Unmap region obtained by of_iomap (bsc#1019351).\n- powerpc: fadump: Fix the race in crash_fadump() (bsc#1022971).\n- qeth: check not more than 16 SBALEs on the completion queue (bnc#1009718, LTC#148203).\n- raid1: Fix a regression observed during the rebuilding of degraded MDRAID VDs (bsc#1020048).\n- raid1: ignore discard error (bsc#1017164).\n- reiserfs: fix race in prealloc discard (bsc#987576).\n- rpm: kernel-binary.spec.in: Export a make-stderr.log file (bsc#1012422)\n- rpm: kernel-binary.spec.in: Fix installation of /etc/uefi/certs (bsc#1019594)\n- rtc: cmos: Clear ACPI-driven alarms upon resume (bsc#1022429).\n- rtc: cmos: Do not enable interrupts in the middle of the interrupt handler (bsc#1022429).\n- rtc: cmos: Restore alarm after resume (bsc#1022429).\n- rtc: cmos: avoid unused function warning (bsc#1022429).\n- s390: Fix invalid domain response handling (bnc#1009718).\n- s390: cpuinfo: show maximum thread id (bnc#1009718, LTC#148580).\n- s390: sysinfo: show partition extended name and UUID if available (bnc#1009718, LTC#150160).\n- s390: time: LPAR offset handling (bnc#1009718, LTC#146920).\n- s390: time: move PTFF definitions (bnc#1009718, LTC#146920).\n- sched: Allow hotplug notifiers to be setup early (bnc#1022476).\n- sched: Make wake_up_nohz_cpu() handle CPUs going offline (bnc#1022476).\n- sched: core, x86/topology: Fix NUMA in package topology bug (bnc#1022476).\n- sched: core: Fix incorrect utilization accounting when switching to fair class (bnc#1022476).\n- sched: core: Fix set_user_nice() (bnc#1022476).\n- sched: cputime: Add steal time support to full dynticks CPU time accounting (bnc#1022476).\n- sched: cputime: Fix prev steal time accouting during CPU hotplug (bnc#1022476).\n- sched: deadline: Always calculate end of period on sched_yield() (bnc#1022476).\n- sched: deadline: Fix a bug in dl_overflow() (bnc#1022476).\n- sched: deadline: Fix lock pinning warning during CPU hotplug (bnc#1022476).\n- sched: deadline: Fix wrap-around in DL heap (bnc#1022476).\n- sched: fair: Avoid using decay_load_missed() with a negative value (bnc#1022476).\n- sched: fair: Fix fixed point arithmetic width for shares and effective load (bnc#1022476).\n- sched: fair: Fix load_above_capacity fixed point arithmetic width (bnc#1022476).\n- sched: fair: Fix min_vruntime tracking (bnc#1022476).\n- sched: fair: Fix the wrong throttled clock time for cfs_rq_clock_task() (bnc#1022476).\n- sched: fair: Improve PELT stuff some more (bnc#1022476).\n- sched: rt, sched/dl: Do not push if task\u0027s scheduling class was changed (bnc#1022476).\n- sched: rt: Fix PI handling vs. sched_setscheduler() (bnc#1022476).\n- sched: rt: Kick RT bandwidth timer immediately on start up (bnc#1022476).\n- scsi: Add \u0027AIX VDASD\u0027 to blacklist (bsc#1006469).\n- scsi: Modify HITACHI OPEN-V blacklist entry (bsc#1006469).\n- scsi: bfa: Increase requested firmware version to 3.2.5.1 (bsc#1013273).\n- scsi: storvsc: Payload buffer incorrectly sized for 32 bit kernels.\n- scsi_dh_alua: uninitialized variable in alua_rtpg() (bsc#1012910).\n- sctp: avoid BUG_ON on sctp_wait_for_sndbuf (CVE-2017-5986, bsc#1025235).\n- sd: always scan VPD pages if thin provisioning is enabled (bsc#1013792).\n- serial: 8250: Integrate Fintek into 8250_base (boo#1016979). Update config files to change CONFIG_SERIAL_8250_FINTEK to boolean accordingly, too. Also, the corresponding entry got removed from supported.conf.\n- serial: 8250_fintek: fix the mismatched IRQ mode (boo#1009546).\n- serial: Update metadata for serial fixes (bsc#1013001)\n- ses: Fix SAS device detection in enclosure (bsc#1016403).\n- sfc: reduce severity of PIO buffer alloc failures (bsc#1019168).\n- sfc: refactor debug-or-warnings printks (bsc#1019168).\n- sunrpc: Fix reconnection timeouts (bsc#1014410).\n- sunrpc: Limit the reconnect backoff timer to the max RPC message timeout (bsc#1014410).\n- supported.conf: Support Marvell WiFi/BT SDIO and pinctrl-cherrytrail (bsc#1018813)\n- supported.conf: delete xilinx/ll_temac (bsc#1011602)\n- target: add XCOPY target/segment desc sense codes (bsc#991273).\n- target: bounds check XCOPY segment descriptor list (bsc#991273).\n- target: bounds check XCOPY total descriptor list length (bsc#991273).\n- target: check XCOPY segment descriptor CSCD IDs (bsc#1017170).\n- target: check for XCOPY parameter truncation (bsc#991273).\n- target: return UNSUPPORTED TARGET/SEGMENT DESC TYPE CODE sense (bsc#991273).\n- target: simplify XCOPY wwn-\u003ese_dev lookup helper (bsc#991273).\n- target: support XCOPY requests without parameters (bsc#991273).\n- target: use XCOPY TOO MANY TARGET DESCRIPTORS sense (bsc#991273).\n- target: use XCOPY segment descriptor CSCD IDs (bsc#1017170).\n- tools: hv: Enable network manager for bonding scripts on RHEL.\n- tools: hv: fix a compile warning in snprintf.\n- tools: hv: kvp: configurable external scripts path.\n- tools: hv: kvp: ensure kvp device fd is closed on exec.\n- tools: hv: remove unnecessary header files and netlink related code.\n- tools: hv: remove unnecessary link flag.\n- tty: n_hdlc, fix lockdep false positive (bnc#1015840).\n- uvcvideo: uvc_scan_fallback() for webcams with broken chain (bsc#1021474).\n- vmbus: make sysfs names consistent with PCI.\n- x86: MCE: Dump MCE to dmesg if no consumers (bsc#1013994).\n- x86: hyperv: Handle unknown NMIs on one CPU when unknown_nmi_panic.\n- xfs: don\u0027t allow di_size with high bit set (bsc#1024234).\n- xfs: exclude never-released buffers from buftarg I/O accounting (bsc#1024508).\n- xfs: fix broken multi-fsb buffer logging (bsc#1024081).\n- xfs: fix buffer overflow dm_get_dirattrs/dm_get_dirattrs2 (bsc#989056).\n- xfs: fix up xfs_swap_extent_forks inline extent handling (bsc#1023888).\n- xfs: track and serialize in-flight async buffers against unmount (bsc#1024508).\n- xfs: track and serialize in-flight async buffers against unmount - kABI (bsc#1024508).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-OpenStack-Cloud-Magnum-Orchestration-7-2017-300,SUSE-SLE-DESKTOP-12-SP2-2017-300,SUSE-SLE-HA-12-SP2-2017-300,SUSE-SLE-Live-Patching-12-2017-300,SUSE-SLE-RPI-12-SP2-2017-300,SUSE-SLE-SDK-12-SP2-2017-300,SUSE-SLE-SERVER-12-SP2-2017-300,SUSE-SLE-WE-12-SP2-2017-300",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2017_0575-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2017:0575-1",
"url": "https://www.suse.com/support/update/announcement/2017/suse-su-20170575-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2017:0575-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2017-February/002668.html"
},
{
"category": "self",
"summary": "SUSE Bug 1000092",
"url": "https://bugzilla.suse.com/1000092"
},
{
"category": "self",
"summary": "SUSE Bug 1000619",
"url": "https://bugzilla.suse.com/1000619"
},
{
"category": "self",
"summary": "SUSE Bug 1003077",
"url": "https://bugzilla.suse.com/1003077"
},
{
"category": "self",
"summary": "SUSE Bug 1005918",
"url": "https://bugzilla.suse.com/1005918"
},
{
"category": "self",
"summary": "SUSE Bug 1006469",
"url": "https://bugzilla.suse.com/1006469"
},
{
"category": "self",
"summary": "SUSE Bug 1006472",
"url": "https://bugzilla.suse.com/1006472"
},
{
"category": "self",
"summary": "SUSE Bug 1007729",
"url": "https://bugzilla.suse.com/1007729"
},
{
"category": "self",
"summary": "SUSE Bug 1008742",
"url": "https://bugzilla.suse.com/1008742"
},
{
"category": "self",
"summary": "SUSE Bug 1009546",
"url": "https://bugzilla.suse.com/1009546"
},
{
"category": "self",
"summary": "SUSE Bug 1009674",
"url": "https://bugzilla.suse.com/1009674"
},
{
"category": "self",
"summary": "SUSE Bug 1009718",
"url": "https://bugzilla.suse.com/1009718"
},
{
"category": "self",
"summary": "SUSE Bug 1009911",
"url": "https://bugzilla.suse.com/1009911"
},
{
"category": "self",
"summary": "SUSE Bug 1010612",
"url": "https://bugzilla.suse.com/1010612"
},
{
"category": "self",
"summary": "SUSE Bug 1010690",
"url": "https://bugzilla.suse.com/1010690"
},
{
"category": "self",
"summary": "SUSE Bug 1010933",
"url": "https://bugzilla.suse.com/1010933"
},
{
"category": "self",
"summary": "SUSE Bug 1011176",
"url": "https://bugzilla.suse.com/1011176"
},
{
"category": "self",
"summary": "SUSE Bug 1011602",
"url": "https://bugzilla.suse.com/1011602"
},
{
"category": "self",
"summary": "SUSE Bug 1011660",
"url": "https://bugzilla.suse.com/1011660"
},
{
"category": "self",
"summary": "SUSE Bug 1011913",
"url": "https://bugzilla.suse.com/1011913"
},
{
"category": "self",
"summary": "SUSE Bug 1012382",
"url": "https://bugzilla.suse.com/1012382"
},
{
"category": "self",
"summary": "SUSE Bug 1012422",
"url": "https://bugzilla.suse.com/1012422"
},
{
"category": "self",
"summary": "SUSE Bug 1012829",
"url": "https://bugzilla.suse.com/1012829"
},
{
"category": "self",
"summary": "SUSE Bug 1012910",
"url": "https://bugzilla.suse.com/1012910"
},
{
"category": "self",
"summary": "SUSE Bug 1013000",
"url": "https://bugzilla.suse.com/1013000"
},
{
"category": "self",
"summary": "SUSE Bug 1013001",
"url": "https://bugzilla.suse.com/1013001"
},
{
"category": "self",
"summary": "SUSE Bug 1013273",
"url": "https://bugzilla.suse.com/1013273"
},
{
"category": "self",
"summary": "SUSE Bug 1013540",
"url": "https://bugzilla.suse.com/1013540"
},
{
"category": "self",
"summary": "SUSE Bug 1013792",
"url": "https://bugzilla.suse.com/1013792"
},
{
"category": "self",
"summary": "SUSE Bug 1013994",
"url": "https://bugzilla.suse.com/1013994"
},
{
"category": "self",
"summary": "SUSE Bug 1014120",
"url": "https://bugzilla.suse.com/1014120"
},
{
"category": "self",
"summary": "SUSE Bug 1014410",
"url": "https://bugzilla.suse.com/1014410"
},
{
"category": "self",
"summary": "SUSE Bug 1015038",
"url": "https://bugzilla.suse.com/1015038"
},
{
"category": "self",
"summary": "SUSE Bug 1015367",
"url": "https://bugzilla.suse.com/1015367"
},
{
"category": "self",
"summary": "SUSE Bug 1015840",
"url": "https://bugzilla.suse.com/1015840"
},
{
"category": "self",
"summary": "SUSE Bug 1016250",
"url": "https://bugzilla.suse.com/1016250"
},
{
"category": "self",
"summary": "SUSE Bug 1016403",
"url": "https://bugzilla.suse.com/1016403"
},
{
"category": "self",
"summary": "SUSE Bug 1016517",
"url": "https://bugzilla.suse.com/1016517"
},
{
"category": "self",
"summary": "SUSE Bug 1016884",
"url": "https://bugzilla.suse.com/1016884"
},
{
"category": "self",
"summary": "SUSE Bug 1016979",
"url": "https://bugzilla.suse.com/1016979"
},
{
"category": "self",
"summary": "SUSE Bug 1017164",
"url": "https://bugzilla.suse.com/1017164"
},
{
"category": "self",
"summary": "SUSE Bug 1017170",
"url": "https://bugzilla.suse.com/1017170"
},
{
"category": "self",
"summary": "SUSE Bug 1017410",
"url": "https://bugzilla.suse.com/1017410"
},
{
"category": "self",
"summary": "SUSE Bug 1018100",
"url": "https://bugzilla.suse.com/1018100"
},
{
"category": "self",
"summary": "SUSE Bug 1018316",
"url": "https://bugzilla.suse.com/1018316"
},
{
"category": "self",
"summary": "SUSE Bug 1018358",
"url": "https://bugzilla.suse.com/1018358"
},
{
"category": "self",
"summary": "SUSE Bug 1018446",
"url": "https://bugzilla.suse.com/1018446"
},
{
"category": "self",
"summary": "SUSE Bug 1018813",
"url": "https://bugzilla.suse.com/1018813"
},
{
"category": "self",
"summary": "SUSE Bug 1018913",
"url": "https://bugzilla.suse.com/1018913"
},
{
"category": "self",
"summary": "SUSE Bug 1019061",
"url": "https://bugzilla.suse.com/1019061"
},
{
"category": "self",
"summary": "SUSE Bug 1019148",
"url": "https://bugzilla.suse.com/1019148"
},
{
"category": "self",
"summary": "SUSE Bug 1019168",
"url": "https://bugzilla.suse.com/1019168"
},
{
"category": "self",
"summary": "SUSE Bug 1019260",
"url": "https://bugzilla.suse.com/1019260"
},
{
"category": "self",
"summary": "SUSE Bug 1019351",
"url": "https://bugzilla.suse.com/1019351"
},
{
"category": "self",
"summary": "SUSE Bug 1019594",
"url": "https://bugzilla.suse.com/1019594"
},
{
"category": "self",
"summary": "SUSE Bug 1019630",
"url": "https://bugzilla.suse.com/1019630"
},
{
"category": "self",
"summary": "SUSE Bug 1019631",
"url": "https://bugzilla.suse.com/1019631"
},
{
"category": "self",
"summary": "SUSE Bug 1019784",
"url": "https://bugzilla.suse.com/1019784"
},
{
"category": "self",
"summary": "SUSE Bug 1019851",
"url": "https://bugzilla.suse.com/1019851"
},
{
"category": "self",
"summary": "SUSE Bug 1020048",
"url": "https://bugzilla.suse.com/1020048"
},
{
"category": "self",
"summary": "SUSE Bug 1020214",
"url": "https://bugzilla.suse.com/1020214"
},
{
"category": "self",
"summary": "SUSE Bug 1020488",
"url": "https://bugzilla.suse.com/1020488"
},
{
"category": "self",
"summary": "SUSE Bug 1020602",
"url": "https://bugzilla.suse.com/1020602"
},
{
"category": "self",
"summary": "SUSE Bug 1020685",
"url": "https://bugzilla.suse.com/1020685"
},
{
"category": "self",
"summary": "SUSE Bug 1020817",
"url": "https://bugzilla.suse.com/1020817"
},
{
"category": "self",
"summary": "SUSE Bug 1020945",
"url": "https://bugzilla.suse.com/1020945"
},
{
"category": "self",
"summary": "SUSE Bug 1020975",
"url": "https://bugzilla.suse.com/1020975"
},
{
"category": "self",
"summary": "SUSE Bug 1021082",
"url": "https://bugzilla.suse.com/1021082"
},
{
"category": "self",
"summary": "SUSE Bug 1021248",
"url": "https://bugzilla.suse.com/1021248"
},
{
"category": "self",
"summary": "SUSE Bug 1021251",
"url": "https://bugzilla.suse.com/1021251"
},
{
"category": "self",
"summary": "SUSE Bug 1021258",
"url": "https://bugzilla.suse.com/1021258"
},
{
"category": "self",
"summary": "SUSE Bug 1021260",
"url": "https://bugzilla.suse.com/1021260"
},
{
"category": "self",
"summary": "SUSE Bug 1021294",
"url": "https://bugzilla.suse.com/1021294"
},
{
"category": "self",
"summary": "SUSE Bug 1021455",
"url": "https://bugzilla.suse.com/1021455"
},
{
"category": "self",
"summary": "SUSE Bug 1021474",
"url": "https://bugzilla.suse.com/1021474"
},
{
"category": "self",
"summary": "SUSE Bug 1022304",
"url": "https://bugzilla.suse.com/1022304"
},
{
"category": "self",
"summary": "SUSE Bug 1022429",
"url": "https://bugzilla.suse.com/1022429"
},
{
"category": "self",
"summary": "SUSE Bug 1022476",
"url": "https://bugzilla.suse.com/1022476"
},
{
"category": "self",
"summary": "SUSE Bug 1022547",
"url": "https://bugzilla.suse.com/1022547"
},
{
"category": "self",
"summary": "SUSE Bug 1022559",
"url": "https://bugzilla.suse.com/1022559"
},
{
"category": "self",
"summary": "SUSE Bug 1022971",
"url": "https://bugzilla.suse.com/1022971"
},
{
"category": "self",
"summary": "SUSE Bug 1023101",
"url": "https://bugzilla.suse.com/1023101"
},
{
"category": "self",
"summary": "SUSE Bug 1023175",
"url": "https://bugzilla.suse.com/1023175"
},
{
"category": "self",
"summary": "SUSE Bug 1023762",
"url": "https://bugzilla.suse.com/1023762"
},
{
"category": "self",
"summary": "SUSE Bug 1023884",
"url": "https://bugzilla.suse.com/1023884"
},
{
"category": "self",
"summary": "SUSE Bug 1023888",
"url": "https://bugzilla.suse.com/1023888"
},
{
"category": "self",
"summary": "SUSE Bug 1024081",
"url": "https://bugzilla.suse.com/1024081"
},
{
"category": "self",
"summary": "SUSE Bug 1024234",
"url": "https://bugzilla.suse.com/1024234"
},
{
"category": "self",
"summary": "SUSE Bug 1024508",
"url": "https://bugzilla.suse.com/1024508"
},
{
"category": "self",
"summary": "SUSE Bug 1024938",
"url": "https://bugzilla.suse.com/1024938"
},
{
"category": "self",
"summary": "SUSE Bug 1025235",
"url": "https://bugzilla.suse.com/1025235"
},
{
"category": "self",
"summary": "SUSE Bug 921494",
"url": "https://bugzilla.suse.com/921494"
},
{
"category": "self",
"summary": "SUSE Bug 959709",
"url": "https://bugzilla.suse.com/959709"
},
{
"category": "self",
"summary": "SUSE Bug 964944",
"url": "https://bugzilla.suse.com/964944"
},
{
"category": "self",
"summary": "SUSE Bug 969476",
"url": "https://bugzilla.suse.com/969476"
},
{
"category": "self",
"summary": "SUSE Bug 969477",
"url": "https://bugzilla.suse.com/969477"
},
{
"category": "self",
"summary": "SUSE Bug 969479",
"url": "https://bugzilla.suse.com/969479"
},
{
"category": "self",
"summary": "SUSE Bug 971975",
"url": "https://bugzilla.suse.com/971975"
},
{
"category": "self",
"summary": "SUSE Bug 974215",
"url": "https://bugzilla.suse.com/974215"
},
{
"category": "self",
"summary": "SUSE Bug 981709",
"url": "https://bugzilla.suse.com/981709"
},
{
"category": "self",
"summary": "SUSE Bug 982783",
"url": "https://bugzilla.suse.com/982783"
},
{
"category": "self",
"summary": "SUSE Bug 985561",
"url": "https://bugzilla.suse.com/985561"
},
{
"category": "self",
"summary": "SUSE Bug 987192",
"url": "https://bugzilla.suse.com/987192"
},
{
"category": "self",
"summary": "SUSE Bug 987576",
"url": "https://bugzilla.suse.com/987576"
},
{
"category": "self",
"summary": "SUSE Bug 989056",
"url": "https://bugzilla.suse.com/989056"
},
{
"category": "self",
"summary": "SUSE Bug 991273",
"url": "https://bugzilla.suse.com/991273"
},
{
"category": "self",
"summary": "SUSE Bug 998106",
"url": "https://bugzilla.suse.com/998106"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-8709 page",
"url": "https://www.suse.com/security/cve/CVE-2015-8709/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-7117 page",
"url": "https://www.suse.com/security/cve/CVE-2016-7117/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-9806 page",
"url": "https://www.suse.com/security/cve/CVE-2016-9806/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-2583 page",
"url": "https://www.suse.com/security/cve/CVE-2017-2583/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-2584 page",
"url": "https://www.suse.com/security/cve/CVE-2017-2584/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-5551 page",
"url": "https://www.suse.com/security/cve/CVE-2017-5551/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-5576 page",
"url": "https://www.suse.com/security/cve/CVE-2017-5576/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-5577 page",
"url": "https://www.suse.com/security/cve/CVE-2017-5577/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-5897 page",
"url": "https://www.suse.com/security/cve/CVE-2017-5897/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-5970 page",
"url": "https://www.suse.com/security/cve/CVE-2017-5970/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-5986 page",
"url": "https://www.suse.com/security/cve/CVE-2017-5986/"
}
],
"title": "Security update for the Linux Kernel",
"tracking": {
"current_release_date": "2017-02-28T12:17:13Z",
"generator": {
"date": "2017-02-28T12:17:13Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2017:0575-1",
"initial_release_date": "2017-02-28T12:17:13Z",
"revision_history": [
{
"date": "2017-02-28T12:17:13Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "kernel-default-4.4.49-92.11.1.aarch64",
"product": {
"name": "kernel-default-4.4.49-92.11.1.aarch64",
"product_id": "kernel-default-4.4.49-92.11.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-default-base-4.4.49-92.11.1.aarch64",
"product": {
"name": "kernel-default-base-4.4.49-92.11.1.aarch64",
"product_id": "kernel-default-base-4.4.49-92.11.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-default-devel-4.4.49-92.11.1.aarch64",
"product": {
"name": "kernel-default-devel-4.4.49-92.11.1.aarch64",
"product_id": "kernel-default-devel-4.4.49-92.11.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-syms-4.4.49-92.11.1.aarch64",
"product": {
"name": "kernel-syms-4.4.49-92.11.1.aarch64",
"product_id": "kernel-syms-4.4.49-92.11.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-obs-build-4.4.49-92.11.1.aarch64",
"product": {
"name": "kernel-obs-build-4.4.49-92.11.1.aarch64",
"product_id": "kernel-obs-build-4.4.49-92.11.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-devel-4.4.49-92.11.1.noarch",
"product": {
"name": "kernel-devel-4.4.49-92.11.1.noarch",
"product_id": "kernel-devel-4.4.49-92.11.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-macros-4.4.49-92.11.1.noarch",
"product": {
"name": "kernel-macros-4.4.49-92.11.1.noarch",
"product_id": "kernel-macros-4.4.49-92.11.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-source-4.4.49-92.11.1.noarch",
"product": {
"name": "kernel-source-4.4.49-92.11.1.noarch",
"product_id": "kernel-source-4.4.49-92.11.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-docs-4.4.49-92.11.3.noarch",
"product": {
"name": "kernel-docs-4.4.49-92.11.3.noarch",
"product_id": "kernel-docs-4.4.49-92.11.3.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "cluster-md-kmp-default-4.4.49-92.11.1.ppc64le",
"product": {
"name": "cluster-md-kmp-default-4.4.49-92.11.1.ppc64le",
"product_id": "cluster-md-kmp-default-4.4.49-92.11.1.ppc64le"
}
},
{
"category": "product_version",
"name": "cluster-network-kmp-default-4.4.49-92.11.1.ppc64le",
"product": {
"name": "cluster-network-kmp-default-4.4.49-92.11.1.ppc64le",
"product_id": "cluster-network-kmp-default-4.4.49-92.11.1.ppc64le"
}
},
{
"category": "product_version",
"name": "dlm-kmp-default-4.4.49-92.11.1.ppc64le",
"product": {
"name": "dlm-kmp-default-4.4.49-92.11.1.ppc64le",
"product_id": "dlm-kmp-default-4.4.49-92.11.1.ppc64le"
}
},
{
"category": "product_version",
"name": "gfs2-kmp-default-4.4.49-92.11.1.ppc64le",
"product": {
"name": "gfs2-kmp-default-4.4.49-92.11.1.ppc64le",
"product_id": "gfs2-kmp-default-4.4.49-92.11.1.ppc64le"
}
},
{
"category": "product_version",
"name": "ocfs2-kmp-default-4.4.49-92.11.1.ppc64le",
"product": {
"name": "ocfs2-kmp-default-4.4.49-92.11.1.ppc64le",
"product_id": "ocfs2-kmp-default-4.4.49-92.11.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-obs-build-4.4.49-92.11.1.ppc64le",
"product": {
"name": "kernel-obs-build-4.4.49-92.11.1.ppc64le",
"product_id": "kernel-obs-build-4.4.49-92.11.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-default-4.4.49-92.11.1.ppc64le",
"product": {
"name": "kernel-default-4.4.49-92.11.1.ppc64le",
"product_id": "kernel-default-4.4.49-92.11.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-default-base-4.4.49-92.11.1.ppc64le",
"product": {
"name": "kernel-default-base-4.4.49-92.11.1.ppc64le",
"product_id": "kernel-default-base-4.4.49-92.11.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-default-devel-4.4.49-92.11.1.ppc64le",
"product": {
"name": "kernel-default-devel-4.4.49-92.11.1.ppc64le",
"product_id": "kernel-default-devel-4.4.49-92.11.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-syms-4.4.49-92.11.1.ppc64le",
"product": {
"name": "kernel-syms-4.4.49-92.11.1.ppc64le",
"product_id": "kernel-syms-4.4.49-92.11.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "cluster-md-kmp-default-4.4.49-92.11.1.s390x",
"product": {
"name": "cluster-md-kmp-default-4.4.49-92.11.1.s390x",
"product_id": "cluster-md-kmp-default-4.4.49-92.11.1.s390x"
}
},
{
"category": "product_version",
"name": "cluster-network-kmp-default-4.4.49-92.11.1.s390x",
"product": {
"name": "cluster-network-kmp-default-4.4.49-92.11.1.s390x",
"product_id": "cluster-network-kmp-default-4.4.49-92.11.1.s390x"
}
},
{
"category": "product_version",
"name": "dlm-kmp-default-4.4.49-92.11.1.s390x",
"product": {
"name": "dlm-kmp-default-4.4.49-92.11.1.s390x",
"product_id": "dlm-kmp-default-4.4.49-92.11.1.s390x"
}
},
{
"category": "product_version",
"name": "gfs2-kmp-default-4.4.49-92.11.1.s390x",
"product": {
"name": "gfs2-kmp-default-4.4.49-92.11.1.s390x",
"product_id": "gfs2-kmp-default-4.4.49-92.11.1.s390x"
}
},
{
"category": "product_version",
"name": "ocfs2-kmp-default-4.4.49-92.11.1.s390x",
"product": {
"name": "ocfs2-kmp-default-4.4.49-92.11.1.s390x",
"product_id": "ocfs2-kmp-default-4.4.49-92.11.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-obs-build-4.4.49-92.11.1.s390x",
"product": {
"name": "kernel-obs-build-4.4.49-92.11.1.s390x",
"product_id": "kernel-obs-build-4.4.49-92.11.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-default-4.4.49-92.11.1.s390x",
"product": {
"name": "kernel-default-4.4.49-92.11.1.s390x",
"product_id": "kernel-default-4.4.49-92.11.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-default-base-4.4.49-92.11.1.s390x",
"product": {
"name": "kernel-default-base-4.4.49-92.11.1.s390x",
"product_id": "kernel-default-base-4.4.49-92.11.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-default-devel-4.4.49-92.11.1.s390x",
"product": {
"name": "kernel-default-devel-4.4.49-92.11.1.s390x",
"product_id": "kernel-default-devel-4.4.49-92.11.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-default-man-4.4.49-92.11.1.s390x",
"product": {
"name": "kernel-default-man-4.4.49-92.11.1.s390x",
"product_id": "kernel-default-man-4.4.49-92.11.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-syms-4.4.49-92.11.1.s390x",
"product": {
"name": "kernel-syms-4.4.49-92.11.1.s390x",
"product_id": "kernel-syms-4.4.49-92.11.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-default-4.4.49-92.11.1.x86_64",
"product": {
"name": "kernel-default-4.4.49-92.11.1.x86_64",
"product_id": "kernel-default-4.4.49-92.11.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-devel-4.4.49-92.11.1.x86_64",
"product": {
"name": "kernel-default-devel-4.4.49-92.11.1.x86_64",
"product_id": "kernel-default-devel-4.4.49-92.11.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-extra-4.4.49-92.11.1.x86_64",
"product": {
"name": "kernel-default-extra-4.4.49-92.11.1.x86_64",
"product_id": "kernel-default-extra-4.4.49-92.11.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-syms-4.4.49-92.11.1.x86_64",
"product": {
"name": "kernel-syms-4.4.49-92.11.1.x86_64",
"product_id": "kernel-syms-4.4.49-92.11.1.x86_64"
}
},
{
"category": "product_version",
"name": "cluster-md-kmp-default-4.4.49-92.11.1.x86_64",
"product": {
"name": "cluster-md-kmp-default-4.4.49-92.11.1.x86_64",
"product_id": "cluster-md-kmp-default-4.4.49-92.11.1.x86_64"
}
},
{
"category": "product_version",
"name": "cluster-network-kmp-default-4.4.49-92.11.1.x86_64",
"product": {
"name": "cluster-network-kmp-default-4.4.49-92.11.1.x86_64",
"product_id": "cluster-network-kmp-default-4.4.49-92.11.1.x86_64"
}
},
{
"category": "product_version",
"name": "dlm-kmp-default-4.4.49-92.11.1.x86_64",
"product": {
"name": "dlm-kmp-default-4.4.49-92.11.1.x86_64",
"product_id": "dlm-kmp-default-4.4.49-92.11.1.x86_64"
}
},
{
"category": "product_version",
"name": "gfs2-kmp-default-4.4.49-92.11.1.x86_64",
"product": {
"name": "gfs2-kmp-default-4.4.49-92.11.1.x86_64",
"product_id": "gfs2-kmp-default-4.4.49-92.11.1.x86_64"
}
},
{
"category": "product_version",
"name": "ocfs2-kmp-default-4.4.49-92.11.1.x86_64",
"product": {
"name": "ocfs2-kmp-default-4.4.49-92.11.1.x86_64",
"product_id": "ocfs2-kmp-default-4.4.49-92.11.1.x86_64"
}
},
{
"category": "product_version",
"name": "kgraft-patch-4_4_49-92_11-default-1-6.1.x86_64",
"product": {
"name": "kgraft-patch-4_4_49-92_11-default-1-6.1.x86_64",
"product_id": "kgraft-patch-4_4_49-92_11-default-1-6.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-obs-build-4.4.49-92.11.1.x86_64",
"product": {
"name": "kernel-obs-build-4.4.49-92.11.1.x86_64",
"product_id": "kernel-obs-build-4.4.49-92.11.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-base-4.4.49-92.11.1.x86_64",
"product": {
"name": "kernel-default-base-4.4.49-92.11.1.x86_64",
"product_id": "kernel-default-base-4.4.49-92.11.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Desktop 12 SP2",
"product": {
"name": "SUSE Linux Enterprise Desktop 12 SP2",
"product_id": "SUSE Linux Enterprise Desktop 12 SP2",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sled:12:sp2"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise High Availability Extension 12 SP2",
"product": {
"name": "SUSE Linux Enterprise High Availability Extension 12 SP2",
"product_id": "SUSE Linux Enterprise High Availability Extension 12 SP2",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-ha:12:sp2"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Live Patching 12",
"product": {
"name": "SUSE Linux Enterprise Live Patching 12",
"product_id": "SUSE Linux Enterprise Live Patching 12",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-live-patching:12"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2",
"product": {
"name": "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2",
"product_id": "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles:12:sp2"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Software Development Kit 12 SP2",
"product": {
"name": "SUSE Linux Enterprise Software Development Kit 12 SP2",
"product_id": "SUSE Linux Enterprise Software Development Kit 12 SP2",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-sdk:12:sp2"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 12 SP2",
"product": {
"name": "SUSE Linux Enterprise Server 12 SP2",
"product_id": "SUSE Linux Enterprise Server 12 SP2",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles:12:sp2"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP Applications 12 SP2",
"product": {
"name": "SUSE Linux Enterprise Server for SAP Applications 12 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP2",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles_sap:12:sp2"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Workstation Extension 12 SP2",
"product": {
"name": "SUSE Linux Enterprise Workstation Extension 12 SP2",
"product_id": "SUSE Linux Enterprise Workstation Extension 12 SP2",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-we:12:sp2"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-4.4.49-92.11.1.x86_64 as component of SUSE Linux Enterprise Desktop 12 SP2",
"product_id": "SUSE Linux Enterprise Desktop 12 SP2:kernel-default-4.4.49-92.11.1.x86_64"
},
"product_reference": "kernel-default-4.4.49-92.11.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Desktop 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-4.4.49-92.11.1.x86_64 as component of SUSE Linux Enterprise Desktop 12 SP2",
"product_id": "SUSE Linux Enterprise Desktop 12 SP2:kernel-default-devel-4.4.49-92.11.1.x86_64"
},
"product_reference": "kernel-default-devel-4.4.49-92.11.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Desktop 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-extra-4.4.49-92.11.1.x86_64 as component of SUSE Linux Enterprise Desktop 12 SP2",
"product_id": "SUSE Linux Enterprise Desktop 12 SP2:kernel-default-extra-4.4.49-92.11.1.x86_64"
},
"product_reference": "kernel-default-extra-4.4.49-92.11.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Desktop 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-devel-4.4.49-92.11.1.noarch as component of SUSE Linux Enterprise Desktop 12 SP2",
"product_id": "SUSE Linux Enterprise Desktop 12 SP2:kernel-devel-4.4.49-92.11.1.noarch"
},
"product_reference": "kernel-devel-4.4.49-92.11.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Desktop 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-macros-4.4.49-92.11.1.noarch as component of SUSE Linux Enterprise Desktop 12 SP2",
"product_id": "SUSE Linux Enterprise Desktop 12 SP2:kernel-macros-4.4.49-92.11.1.noarch"
},
"product_reference": "kernel-macros-4.4.49-92.11.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Desktop 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-source-4.4.49-92.11.1.noarch as component of SUSE Linux Enterprise Desktop 12 SP2",
"product_id": "SUSE Linux Enterprise Desktop 12 SP2:kernel-source-4.4.49-92.11.1.noarch"
},
"product_reference": "kernel-source-4.4.49-92.11.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Desktop 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-4.4.49-92.11.1.x86_64 as component of SUSE Linux Enterprise Desktop 12 SP2",
"product_id": "SUSE Linux Enterprise Desktop 12 SP2:kernel-syms-4.4.49-92.11.1.x86_64"
},
"product_reference": "kernel-syms-4.4.49-92.11.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Desktop 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cluster-md-kmp-default-4.4.49-92.11.1.ppc64le as component of SUSE Linux Enterprise High Availability Extension 12 SP2",
"product_id": "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.49-92.11.1.ppc64le"
},
"product_reference": "cluster-md-kmp-default-4.4.49-92.11.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cluster-md-kmp-default-4.4.49-92.11.1.s390x as component of SUSE Linux Enterprise High Availability Extension 12 SP2",
"product_id": "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.49-92.11.1.s390x"
},
"product_reference": "cluster-md-kmp-default-4.4.49-92.11.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cluster-md-kmp-default-4.4.49-92.11.1.x86_64 as component of SUSE Linux Enterprise High Availability Extension 12 SP2",
"product_id": "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.49-92.11.1.x86_64"
},
"product_reference": "cluster-md-kmp-default-4.4.49-92.11.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cluster-network-kmp-default-4.4.49-92.11.1.ppc64le as component of SUSE Linux Enterprise High Availability Extension 12 SP2",
"product_id": "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.49-92.11.1.ppc64le"
},
"product_reference": "cluster-network-kmp-default-4.4.49-92.11.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cluster-network-kmp-default-4.4.49-92.11.1.s390x as component of SUSE Linux Enterprise High Availability Extension 12 SP2",
"product_id": "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.49-92.11.1.s390x"
},
"product_reference": "cluster-network-kmp-default-4.4.49-92.11.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cluster-network-kmp-default-4.4.49-92.11.1.x86_64 as component of SUSE Linux Enterprise High Availability Extension 12 SP2",
"product_id": "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.49-92.11.1.x86_64"
},
"product_reference": "cluster-network-kmp-default-4.4.49-92.11.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dlm-kmp-default-4.4.49-92.11.1.ppc64le as component of SUSE Linux Enterprise High Availability Extension 12 SP2",
"product_id": "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.49-92.11.1.ppc64le"
},
"product_reference": "dlm-kmp-default-4.4.49-92.11.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dlm-kmp-default-4.4.49-92.11.1.s390x as component of SUSE Linux Enterprise High Availability Extension 12 SP2",
"product_id": "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.49-92.11.1.s390x"
},
"product_reference": "dlm-kmp-default-4.4.49-92.11.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dlm-kmp-default-4.4.49-92.11.1.x86_64 as component of SUSE Linux Enterprise High Availability Extension 12 SP2",
"product_id": "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.49-92.11.1.x86_64"
},
"product_reference": "dlm-kmp-default-4.4.49-92.11.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gfs2-kmp-default-4.4.49-92.11.1.ppc64le as component of SUSE Linux Enterprise High Availability Extension 12 SP2",
"product_id": "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.49-92.11.1.ppc64le"
},
"product_reference": "gfs2-kmp-default-4.4.49-92.11.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gfs2-kmp-default-4.4.49-92.11.1.s390x as component of SUSE Linux Enterprise High Availability Extension 12 SP2",
"product_id": "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.49-92.11.1.s390x"
},
"product_reference": "gfs2-kmp-default-4.4.49-92.11.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gfs2-kmp-default-4.4.49-92.11.1.x86_64 as component of SUSE Linux Enterprise High Availability Extension 12 SP2",
"product_id": "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.49-92.11.1.x86_64"
},
"product_reference": "gfs2-kmp-default-4.4.49-92.11.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ocfs2-kmp-default-4.4.49-92.11.1.ppc64le as component of SUSE Linux Enterprise High Availability Extension 12 SP2",
"product_id": "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.49-92.11.1.ppc64le"
},
"product_reference": "ocfs2-kmp-default-4.4.49-92.11.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ocfs2-kmp-default-4.4.49-92.11.1.s390x as component of SUSE Linux Enterprise High Availability Extension 12 SP2",
"product_id": "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.49-92.11.1.s390x"
},
"product_reference": "ocfs2-kmp-default-4.4.49-92.11.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ocfs2-kmp-default-4.4.49-92.11.1.x86_64 as component of SUSE Linux Enterprise High Availability Extension 12 SP2",
"product_id": "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.49-92.11.1.x86_64"
},
"product_reference": "ocfs2-kmp-default-4.4.49-92.11.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-4_4_49-92_11-default-1-6.1.x86_64 as component of SUSE Linux Enterprise Live Patching 12",
"product_id": "SUSE Linux Enterprise Live Patching 12:kgraft-patch-4_4_49-92_11-default-1-6.1.x86_64"
},
"product_reference": "kgraft-patch-4_4_49-92_11-default-1-6.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-4.4.49-92.11.1.aarch64 as component of SUSE Linux Enterprise Server for Raspberry Pi 12 SP2",
"product_id": "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-default-4.4.49-92.11.1.aarch64"
},
"product_reference": "kernel-default-4.4.49-92.11.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-base-4.4.49-92.11.1.aarch64 as component of SUSE Linux Enterprise Server for Raspberry Pi 12 SP2",
"product_id": "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-default-base-4.4.49-92.11.1.aarch64"
},
"product_reference": "kernel-default-base-4.4.49-92.11.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-4.4.49-92.11.1.aarch64 as component of SUSE Linux Enterprise Server for Raspberry Pi 12 SP2",
"product_id": "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-default-devel-4.4.49-92.11.1.aarch64"
},
"product_reference": "kernel-default-devel-4.4.49-92.11.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-devel-4.4.49-92.11.1.noarch as component of SUSE Linux Enterprise Server for Raspberry Pi 12 SP2",
"product_id": "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-devel-4.4.49-92.11.1.noarch"
},
"product_reference": "kernel-devel-4.4.49-92.11.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-macros-4.4.49-92.11.1.noarch as component of SUSE Linux Enterprise Server for Raspberry Pi 12 SP2",
"product_id": "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-macros-4.4.49-92.11.1.noarch"
},
"product_reference": "kernel-macros-4.4.49-92.11.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-source-4.4.49-92.11.1.noarch as component of SUSE Linux Enterprise Server for Raspberry Pi 12 SP2",
"product_id": "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-source-4.4.49-92.11.1.noarch"
},
"product_reference": "kernel-source-4.4.49-92.11.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-4.4.49-92.11.1.aarch64 as component of SUSE Linux Enterprise Server for Raspberry Pi 12 SP2",
"product_id": "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-syms-4.4.49-92.11.1.aarch64"
},
"product_reference": "kernel-syms-4.4.49-92.11.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-docs-4.4.49-92.11.3.noarch as component of SUSE Linux Enterprise Software Development Kit 12 SP2",
"product_id": "SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-docs-4.4.49-92.11.3.noarch"
},
"product_reference": "kernel-docs-4.4.49-92.11.3.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-obs-build-4.4.49-92.11.1.aarch64 as component of SUSE Linux Enterprise Software Development Kit 12 SP2",
"product_id": "SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-obs-build-4.4.49-92.11.1.aarch64"
},
"product_reference": "kernel-obs-build-4.4.49-92.11.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-obs-build-4.4.49-92.11.1.ppc64le as component of SUSE Linux Enterprise Software Development Kit 12 SP2",
"product_id": "SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-obs-build-4.4.49-92.11.1.ppc64le"
},
"product_reference": "kernel-obs-build-4.4.49-92.11.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-obs-build-4.4.49-92.11.1.s390x as component of SUSE Linux Enterprise Software Development Kit 12 SP2",
"product_id": "SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-obs-build-4.4.49-92.11.1.s390x"
},
"product_reference": "kernel-obs-build-4.4.49-92.11.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-obs-build-4.4.49-92.11.1.x86_64 as component of SUSE Linux Enterprise Software Development Kit 12 SP2",
"product_id": "SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-obs-build-4.4.49-92.11.1.x86_64"
},
"product_reference": "kernel-obs-build-4.4.49-92.11.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-4.4.49-92.11.1.aarch64 as component of SUSE Linux Enterprise Server 12 SP2",
"product_id": "SUSE Linux Enterprise Server 12 SP2:kernel-default-4.4.49-92.11.1.aarch64"
},
"product_reference": "kernel-default-4.4.49-92.11.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-4.4.49-92.11.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP2",
"product_id": "SUSE Linux Enterprise Server 12 SP2:kernel-default-4.4.49-92.11.1.ppc64le"
},
"product_reference": "kernel-default-4.4.49-92.11.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-4.4.49-92.11.1.s390x as component of SUSE Linux Enterprise Server 12 SP2",
"product_id": "SUSE Linux Enterprise Server 12 SP2:kernel-default-4.4.49-92.11.1.s390x"
},
"product_reference": "kernel-default-4.4.49-92.11.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-4.4.49-92.11.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP2",
"product_id": "SUSE Linux Enterprise Server 12 SP2:kernel-default-4.4.49-92.11.1.x86_64"
},
"product_reference": "kernel-default-4.4.49-92.11.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-base-4.4.49-92.11.1.aarch64 as component of SUSE Linux Enterprise Server 12 SP2",
"product_id": "SUSE Linux Enterprise Server 12 SP2:kernel-default-base-4.4.49-92.11.1.aarch64"
},
"product_reference": "kernel-default-base-4.4.49-92.11.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-base-4.4.49-92.11.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP2",
"product_id": "SUSE Linux Enterprise Server 12 SP2:kernel-default-base-4.4.49-92.11.1.ppc64le"
},
"product_reference": "kernel-default-base-4.4.49-92.11.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-base-4.4.49-92.11.1.s390x as component of SUSE Linux Enterprise Server 12 SP2",
"product_id": "SUSE Linux Enterprise Server 12 SP2:kernel-default-base-4.4.49-92.11.1.s390x"
},
"product_reference": "kernel-default-base-4.4.49-92.11.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-base-4.4.49-92.11.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP2",
"product_id": "SUSE Linux Enterprise Server 12 SP2:kernel-default-base-4.4.49-92.11.1.x86_64"
},
"product_reference": "kernel-default-base-4.4.49-92.11.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-4.4.49-92.11.1.aarch64 as component of SUSE Linux Enterprise Server 12 SP2",
"product_id": "SUSE Linux Enterprise Server 12 SP2:kernel-default-devel-4.4.49-92.11.1.aarch64"
},
"product_reference": "kernel-default-devel-4.4.49-92.11.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-4.4.49-92.11.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP2",
"product_id": "SUSE Linux Enterprise Server 12 SP2:kernel-default-devel-4.4.49-92.11.1.ppc64le"
},
"product_reference": "kernel-default-devel-4.4.49-92.11.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-4.4.49-92.11.1.s390x as component of SUSE Linux Enterprise Server 12 SP2",
"product_id": "SUSE Linux Enterprise Server 12 SP2:kernel-default-devel-4.4.49-92.11.1.s390x"
},
"product_reference": "kernel-default-devel-4.4.49-92.11.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-4.4.49-92.11.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP2",
"product_id": "SUSE Linux Enterprise Server 12 SP2:kernel-default-devel-4.4.49-92.11.1.x86_64"
},
"product_reference": "kernel-default-devel-4.4.49-92.11.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-man-4.4.49-92.11.1.s390x as component of SUSE Linux Enterprise Server 12 SP2",
"product_id": "SUSE Linux Enterprise Server 12 SP2:kernel-default-man-4.4.49-92.11.1.s390x"
},
"product_reference": "kernel-default-man-4.4.49-92.11.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-devel-4.4.49-92.11.1.noarch as component of SUSE Linux Enterprise Server 12 SP2",
"product_id": "SUSE Linux Enterprise Server 12 SP2:kernel-devel-4.4.49-92.11.1.noarch"
},
"product_reference": "kernel-devel-4.4.49-92.11.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-macros-4.4.49-92.11.1.noarch as component of SUSE Linux Enterprise Server 12 SP2",
"product_id": "SUSE Linux Enterprise Server 12 SP2:kernel-macros-4.4.49-92.11.1.noarch"
},
"product_reference": "kernel-macros-4.4.49-92.11.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-source-4.4.49-92.11.1.noarch as component of SUSE Linux Enterprise Server 12 SP2",
"product_id": "SUSE Linux Enterprise Server 12 SP2:kernel-source-4.4.49-92.11.1.noarch"
},
"product_reference": "kernel-source-4.4.49-92.11.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-4.4.49-92.11.1.aarch64 as component of SUSE Linux Enterprise Server 12 SP2",
"product_id": "SUSE Linux Enterprise Server 12 SP2:kernel-syms-4.4.49-92.11.1.aarch64"
},
"product_reference": "kernel-syms-4.4.49-92.11.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-4.4.49-92.11.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP2",
"product_id": "SUSE Linux Enterprise Server 12 SP2:kernel-syms-4.4.49-92.11.1.ppc64le"
},
"product_reference": "kernel-syms-4.4.49-92.11.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-4.4.49-92.11.1.s390x as component of SUSE Linux Enterprise Server 12 SP2",
"product_id": "SUSE Linux Enterprise Server 12 SP2:kernel-syms-4.4.49-92.11.1.s390x"
},
"product_reference": "kernel-syms-4.4.49-92.11.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-4.4.49-92.11.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP2",
"product_id": "SUSE Linux Enterprise Server 12 SP2:kernel-syms-4.4.49-92.11.1.x86_64"
},
"product_reference": "kernel-syms-4.4.49-92.11.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-4.4.49-92.11.1.aarch64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.49-92.11.1.aarch64"
},
"product_reference": "kernel-default-4.4.49-92.11.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-4.4.49-92.11.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.49-92.11.1.ppc64le"
},
"product_reference": "kernel-default-4.4.49-92.11.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-4.4.49-92.11.1.s390x as component of SUSE Linux Enterprise Server for SAP Applications 12 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.49-92.11.1.s390x"
},
"product_reference": "kernel-default-4.4.49-92.11.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-4.4.49-92.11.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.49-92.11.1.x86_64"
},
"product_reference": "kernel-default-4.4.49-92.11.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-base-4.4.49-92.11.1.aarch64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.49-92.11.1.aarch64"
},
"product_reference": "kernel-default-base-4.4.49-92.11.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-base-4.4.49-92.11.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.49-92.11.1.ppc64le"
},
"product_reference": "kernel-default-base-4.4.49-92.11.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-base-4.4.49-92.11.1.s390x as component of SUSE Linux Enterprise Server for SAP Applications 12 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.49-92.11.1.s390x"
},
"product_reference": "kernel-default-base-4.4.49-92.11.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-base-4.4.49-92.11.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.49-92.11.1.x86_64"
},
"product_reference": "kernel-default-base-4.4.49-92.11.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-4.4.49-92.11.1.aarch64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.49-92.11.1.aarch64"
},
"product_reference": "kernel-default-devel-4.4.49-92.11.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-4.4.49-92.11.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.49-92.11.1.ppc64le"
},
"product_reference": "kernel-default-devel-4.4.49-92.11.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-4.4.49-92.11.1.s390x as component of SUSE Linux Enterprise Server for SAP Applications 12 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.49-92.11.1.s390x"
},
"product_reference": "kernel-default-devel-4.4.49-92.11.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-4.4.49-92.11.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.49-92.11.1.x86_64"
},
"product_reference": "kernel-default-devel-4.4.49-92.11.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-man-4.4.49-92.11.1.s390x as component of SUSE Linux Enterprise Server for SAP Applications 12 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-man-4.4.49-92.11.1.s390x"
},
"product_reference": "kernel-default-man-4.4.49-92.11.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-devel-4.4.49-92.11.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 12 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-devel-4.4.49-92.11.1.noarch"
},
"product_reference": "kernel-devel-4.4.49-92.11.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-macros-4.4.49-92.11.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 12 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-macros-4.4.49-92.11.1.noarch"
},
"product_reference": "kernel-macros-4.4.49-92.11.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-source-4.4.49-92.11.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 12 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-source-4.4.49-92.11.1.noarch"
},
"product_reference": "kernel-source-4.4.49-92.11.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-4.4.49-92.11.1.aarch64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.49-92.11.1.aarch64"
},
"product_reference": "kernel-syms-4.4.49-92.11.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-4.4.49-92.11.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.49-92.11.1.ppc64le"
},
"product_reference": "kernel-syms-4.4.49-92.11.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-4.4.49-92.11.1.s390x as component of SUSE Linux Enterprise Server for SAP Applications 12 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.49-92.11.1.s390x"
},
"product_reference": "kernel-syms-4.4.49-92.11.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-4.4.49-92.11.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.49-92.11.1.x86_64"
},
"product_reference": "kernel-syms-4.4.49-92.11.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-extra-4.4.49-92.11.1.x86_64 as component of SUSE Linux Enterprise Workstation Extension 12 SP2",
"product_id": "SUSE Linux Enterprise Workstation Extension 12 SP2:kernel-default-extra-4.4.49-92.11.1.x86_64"
},
"product_reference": "kernel-default-extra-4.4.49-92.11.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Workstation Extension 12 SP2"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2015-8709",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-8709"
}
],
"notes": [
{
"category": "general",
"text": "kernel/ptrace.c in the Linux kernel through 4.4.1 mishandles uid and gid mappings, which allows local users to gain privileges by establishing a user namespace, waiting for a root process to enter that namespace with an unsafe uid or gid, and then using the ptrace system call. NOTE: the vendor states \"there is no kernel bug here.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12 SP2:kernel-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:kernel-default-devel-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:kernel-default-extra-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:kernel-devel-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP2:kernel-macros-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP2:kernel-source-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP2:kernel-syms-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-4_4_49-92_11-default-1-6.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-base-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-base-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-base-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-base-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-devel-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-devel-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-devel-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-devel-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-man-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:kernel-devel-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server 12 SP2:kernel-macros-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server 12 SP2:kernel-source-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server 12 SP2:kernel-syms-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:kernel-syms-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:kernel-syms-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:kernel-syms-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-default-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-default-base-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-default-devel-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-devel-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-macros-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-source-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-syms-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-man-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-devel-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-macros-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-source-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-docs-4.4.49-92.11.3.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-obs-build-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-obs-build-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-obs-build-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-obs-build-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP2:kernel-default-extra-4.4.49-92.11.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-8709",
"url": "https://www.suse.com/security/cve/CVE-2015-8709"
},
{
"category": "external",
"summary": "SUSE Bug 1010933 for CVE-2015-8709",
"url": "https://bugzilla.suse.com/1010933"
},
{
"category": "external",
"summary": "SUSE Bug 959709 for CVE-2015-8709",
"url": "https://bugzilla.suse.com/959709"
},
{
"category": "external",
"summary": "SUSE Bug 960561 for CVE-2015-8709",
"url": "https://bugzilla.suse.com/960561"
},
{
"category": "external",
"summary": "SUSE Bug 960563 for CVE-2015-8709",
"url": "https://bugzilla.suse.com/960563"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12 SP2:kernel-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:kernel-default-devel-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:kernel-default-extra-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:kernel-devel-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP2:kernel-macros-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP2:kernel-source-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP2:kernel-syms-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-4_4_49-92_11-default-1-6.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-base-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-base-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-base-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-base-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-devel-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-devel-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-devel-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-devel-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-man-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:kernel-devel-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server 12 SP2:kernel-macros-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server 12 SP2:kernel-source-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server 12 SP2:kernel-syms-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:kernel-syms-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:kernel-syms-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:kernel-syms-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-default-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-default-base-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-default-devel-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-devel-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-macros-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-source-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-syms-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-man-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-devel-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-macros-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-source-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-docs-4.4.49-92.11.3.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-obs-build-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-obs-build-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-obs-build-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-obs-build-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP2:kernel-default-extra-4.4.49-92.11.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Desktop 12 SP2:kernel-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:kernel-default-devel-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:kernel-default-extra-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:kernel-devel-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP2:kernel-macros-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP2:kernel-source-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP2:kernel-syms-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-4_4_49-92_11-default-1-6.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-base-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-base-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-base-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-base-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-devel-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-devel-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-devel-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-devel-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-man-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:kernel-devel-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server 12 SP2:kernel-macros-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server 12 SP2:kernel-source-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server 12 SP2:kernel-syms-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:kernel-syms-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:kernel-syms-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:kernel-syms-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-default-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-default-base-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-default-devel-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-devel-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-macros-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-source-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-syms-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-man-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-devel-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-macros-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-source-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-docs-4.4.49-92.11.3.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-obs-build-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-obs-build-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-obs-build-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-obs-build-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP2:kernel-default-extra-4.4.49-92.11.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-02-28T12:17:13Z",
"details": "moderate"
}
],
"title": "CVE-2015-8709"
},
{
"cve": "CVE-2016-7117",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-7117"
}
],
"notes": [
{
"category": "general",
"text": "Use-after-free vulnerability in the __sys_recvmmsg function in net/socket.c in the Linux kernel before 4.5.2 allows remote attackers to execute arbitrary code via vectors involving a recvmmsg system call that is mishandled during error processing.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12 SP2:kernel-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:kernel-default-devel-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:kernel-default-extra-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:kernel-devel-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP2:kernel-macros-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP2:kernel-source-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP2:kernel-syms-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-4_4_49-92_11-default-1-6.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-base-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-base-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-base-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-base-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-devel-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-devel-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-devel-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-devel-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-man-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:kernel-devel-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server 12 SP2:kernel-macros-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server 12 SP2:kernel-source-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server 12 SP2:kernel-syms-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:kernel-syms-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:kernel-syms-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:kernel-syms-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-default-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-default-base-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-default-devel-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-devel-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-macros-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-source-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-syms-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-man-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-devel-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-macros-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-source-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-docs-4.4.49-92.11.3.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-obs-build-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-obs-build-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-obs-build-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-obs-build-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP2:kernel-default-extra-4.4.49-92.11.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-7117",
"url": "https://www.suse.com/security/cve/CVE-2016-7117"
},
{
"category": "external",
"summary": "SUSE Bug 1003077 for CVE-2016-7117",
"url": "https://bugzilla.suse.com/1003077"
},
{
"category": "external",
"summary": "SUSE Bug 1003253 for CVE-2016-7117",
"url": "https://bugzilla.suse.com/1003253"
},
{
"category": "external",
"summary": "SUSE Bug 1057478 for CVE-2016-7117",
"url": "https://bugzilla.suse.com/1057478"
},
{
"category": "external",
"summary": "SUSE Bug 1071943 for CVE-2016-7117",
"url": "https://bugzilla.suse.com/1071943"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12 SP2:kernel-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:kernel-default-devel-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:kernel-default-extra-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:kernel-devel-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP2:kernel-macros-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP2:kernel-source-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP2:kernel-syms-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-4_4_49-92_11-default-1-6.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-base-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-base-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-base-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-base-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-devel-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-devel-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-devel-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-devel-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-man-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:kernel-devel-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server 12 SP2:kernel-macros-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server 12 SP2:kernel-source-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server 12 SP2:kernel-syms-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:kernel-syms-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:kernel-syms-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:kernel-syms-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-default-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-default-base-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-default-devel-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-devel-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-macros-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-source-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-syms-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-man-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-devel-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-macros-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-source-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-docs-4.4.49-92.11.3.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-obs-build-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-obs-build-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-obs-build-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-obs-build-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP2:kernel-default-extra-4.4.49-92.11.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Desktop 12 SP2:kernel-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:kernel-default-devel-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:kernel-default-extra-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:kernel-devel-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP2:kernel-macros-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP2:kernel-source-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP2:kernel-syms-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-4_4_49-92_11-default-1-6.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-base-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-base-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-base-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-base-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-devel-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-devel-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-devel-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-devel-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-man-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:kernel-devel-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server 12 SP2:kernel-macros-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server 12 SP2:kernel-source-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server 12 SP2:kernel-syms-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:kernel-syms-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:kernel-syms-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:kernel-syms-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-default-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-default-base-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-default-devel-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-devel-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-macros-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-source-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-syms-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-man-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-devel-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-macros-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-source-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-docs-4.4.49-92.11.3.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-obs-build-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-obs-build-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-obs-build-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-obs-build-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP2:kernel-default-extra-4.4.49-92.11.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-02-28T12:17:13Z",
"details": "moderate"
}
],
"title": "CVE-2016-7117"
},
{
"cve": "CVE-2016-9806",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-9806"
}
],
"notes": [
{
"category": "general",
"text": "Race condition in the netlink_dump function in net/netlink/af_netlink.c in the Linux kernel before 4.6.3 allows local users to cause a denial of service (double free) or possibly have unspecified other impact via a crafted application that makes sendmsg system calls, leading to a free operation associated with a new dump that started earlier than anticipated.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12 SP2:kernel-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:kernel-default-devel-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:kernel-default-extra-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:kernel-devel-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP2:kernel-macros-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP2:kernel-source-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP2:kernel-syms-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-4_4_49-92_11-default-1-6.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-base-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-base-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-base-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-base-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-devel-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-devel-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-devel-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-devel-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-man-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:kernel-devel-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server 12 SP2:kernel-macros-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server 12 SP2:kernel-source-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server 12 SP2:kernel-syms-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:kernel-syms-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:kernel-syms-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:kernel-syms-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-default-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-default-base-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-default-devel-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-devel-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-macros-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-source-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-syms-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-man-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-devel-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-macros-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-source-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-docs-4.4.49-92.11.3.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-obs-build-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-obs-build-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-obs-build-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-obs-build-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP2:kernel-default-extra-4.4.49-92.11.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-9806",
"url": "https://www.suse.com/security/cve/CVE-2016-9806"
},
{
"category": "external",
"summary": "SUSE Bug 1013540 for CVE-2016-9806",
"url": "https://bugzilla.suse.com/1013540"
},
{
"category": "external",
"summary": "SUSE Bug 1017589 for CVE-2016-9806",
"url": "https://bugzilla.suse.com/1017589"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12 SP2:kernel-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:kernel-default-devel-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:kernel-default-extra-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:kernel-devel-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP2:kernel-macros-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP2:kernel-source-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP2:kernel-syms-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-4_4_49-92_11-default-1-6.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-base-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-base-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-base-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-base-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-devel-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-devel-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-devel-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-devel-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-man-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:kernel-devel-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server 12 SP2:kernel-macros-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server 12 SP2:kernel-source-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server 12 SP2:kernel-syms-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:kernel-syms-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:kernel-syms-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:kernel-syms-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-default-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-default-base-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-default-devel-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-devel-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-macros-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-source-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-syms-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-man-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-devel-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-macros-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-source-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-docs-4.4.49-92.11.3.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-obs-build-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-obs-build-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-obs-build-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-obs-build-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP2:kernel-default-extra-4.4.49-92.11.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Desktop 12 SP2:kernel-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:kernel-default-devel-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:kernel-default-extra-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:kernel-devel-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP2:kernel-macros-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP2:kernel-source-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP2:kernel-syms-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-4_4_49-92_11-default-1-6.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-base-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-base-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-base-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-base-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-devel-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-devel-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-devel-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-devel-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-man-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:kernel-devel-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server 12 SP2:kernel-macros-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server 12 SP2:kernel-source-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server 12 SP2:kernel-syms-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:kernel-syms-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:kernel-syms-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:kernel-syms-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-default-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-default-base-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-default-devel-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-devel-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-macros-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-source-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-syms-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-man-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-devel-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-macros-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-source-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-docs-4.4.49-92.11.3.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-obs-build-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-obs-build-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-obs-build-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-obs-build-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP2:kernel-default-extra-4.4.49-92.11.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-02-28T12:17:13Z",
"details": "important"
}
],
"title": "CVE-2016-9806"
},
{
"cve": "CVE-2017-2583",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-2583"
}
],
"notes": [
{
"category": "general",
"text": "The load_segment_descriptor implementation in arch/x86/kvm/emulate.c in the Linux kernel before 4.9.5 improperly emulates a \"MOV SS, NULL selector\" instruction, which allows guest OS users to cause a denial of service (guest OS crash) or gain guest OS privileges via a crafted application.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12 SP2:kernel-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:kernel-default-devel-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:kernel-default-extra-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:kernel-devel-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP2:kernel-macros-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP2:kernel-source-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP2:kernel-syms-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-4_4_49-92_11-default-1-6.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-base-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-base-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-base-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-base-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-devel-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-devel-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-devel-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-devel-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-man-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:kernel-devel-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server 12 SP2:kernel-macros-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server 12 SP2:kernel-source-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server 12 SP2:kernel-syms-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:kernel-syms-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:kernel-syms-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:kernel-syms-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-default-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-default-base-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-default-devel-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-devel-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-macros-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-source-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-syms-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-man-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-devel-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-macros-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-source-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-docs-4.4.49-92.11.3.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-obs-build-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-obs-build-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-obs-build-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-obs-build-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP2:kernel-default-extra-4.4.49-92.11.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-2583",
"url": "https://www.suse.com/security/cve/CVE-2017-2583"
},
{
"category": "external",
"summary": "SUSE Bug 1020602 for CVE-2017-2583",
"url": "https://bugzilla.suse.com/1020602"
},
{
"category": "external",
"summary": "SUSE Bug 1030573 for CVE-2017-2583",
"url": "https://bugzilla.suse.com/1030573"
},
{
"category": "external",
"summary": "SUSE Bug 1087082 for CVE-2017-2583",
"url": "https://bugzilla.suse.com/1087082"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12 SP2:kernel-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:kernel-default-devel-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:kernel-default-extra-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:kernel-devel-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP2:kernel-macros-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP2:kernel-source-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP2:kernel-syms-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-4_4_49-92_11-default-1-6.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-base-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-base-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-base-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-base-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-devel-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-devel-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-devel-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-devel-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-man-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:kernel-devel-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server 12 SP2:kernel-macros-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server 12 SP2:kernel-source-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server 12 SP2:kernel-syms-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:kernel-syms-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:kernel-syms-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:kernel-syms-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-default-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-default-base-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-default-devel-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-devel-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-macros-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-source-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-syms-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-man-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-devel-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-macros-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-source-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-docs-4.4.49-92.11.3.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-obs-build-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-obs-build-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-obs-build-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-obs-build-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP2:kernel-default-extra-4.4.49-92.11.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.4,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Desktop 12 SP2:kernel-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:kernel-default-devel-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:kernel-default-extra-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:kernel-devel-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP2:kernel-macros-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP2:kernel-source-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP2:kernel-syms-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-4_4_49-92_11-default-1-6.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-base-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-base-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-base-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-base-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-devel-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-devel-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-devel-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-devel-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-man-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:kernel-devel-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server 12 SP2:kernel-macros-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server 12 SP2:kernel-source-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server 12 SP2:kernel-syms-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:kernel-syms-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:kernel-syms-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:kernel-syms-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-default-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-default-base-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-default-devel-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-devel-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-macros-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-source-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-syms-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-man-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-devel-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-macros-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-source-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-docs-4.4.49-92.11.3.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-obs-build-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-obs-build-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-obs-build-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-obs-build-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP2:kernel-default-extra-4.4.49-92.11.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-02-28T12:17:13Z",
"details": "moderate"
}
],
"title": "CVE-2017-2583"
},
{
"cve": "CVE-2017-2584",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-2584"
}
],
"notes": [
{
"category": "general",
"text": "arch/x86/kvm/emulate.c in the Linux kernel through 4.9.3 allows local users to obtain sensitive information from kernel memory or cause a denial of service (use-after-free) via a crafted application that leverages instruction emulation for fxrstor, fxsave, sgdt, and sidt.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12 SP2:kernel-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:kernel-default-devel-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:kernel-default-extra-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:kernel-devel-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP2:kernel-macros-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP2:kernel-source-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP2:kernel-syms-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-4_4_49-92_11-default-1-6.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-base-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-base-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-base-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-base-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-devel-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-devel-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-devel-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-devel-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-man-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:kernel-devel-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server 12 SP2:kernel-macros-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server 12 SP2:kernel-source-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server 12 SP2:kernel-syms-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:kernel-syms-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:kernel-syms-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:kernel-syms-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-default-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-default-base-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-default-devel-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-devel-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-macros-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-source-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-syms-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-man-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-devel-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-macros-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-source-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-docs-4.4.49-92.11.3.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-obs-build-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-obs-build-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-obs-build-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-obs-build-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP2:kernel-default-extra-4.4.49-92.11.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-2584",
"url": "https://www.suse.com/security/cve/CVE-2017-2584"
},
{
"category": "external",
"summary": "SUSE Bug 1019851 for CVE-2017-2584",
"url": "https://bugzilla.suse.com/1019851"
},
{
"category": "external",
"summary": "SUSE Bug 1087082 for CVE-2017-2584",
"url": "https://bugzilla.suse.com/1087082"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12 SP2:kernel-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:kernel-default-devel-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:kernel-default-extra-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:kernel-devel-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP2:kernel-macros-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP2:kernel-source-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP2:kernel-syms-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-4_4_49-92_11-default-1-6.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-base-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-base-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-base-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-base-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-devel-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-devel-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-devel-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-devel-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-man-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:kernel-devel-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server 12 SP2:kernel-macros-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server 12 SP2:kernel-source-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server 12 SP2:kernel-syms-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:kernel-syms-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:kernel-syms-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:kernel-syms-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-default-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-default-base-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-default-devel-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-devel-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-macros-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-source-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-syms-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-man-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-devel-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-macros-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-source-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-docs-4.4.49-92.11.3.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-obs-build-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-obs-build-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-obs-build-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-obs-build-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP2:kernel-default-extra-4.4.49-92.11.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Desktop 12 SP2:kernel-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:kernel-default-devel-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:kernel-default-extra-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:kernel-devel-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP2:kernel-macros-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP2:kernel-source-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP2:kernel-syms-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-4_4_49-92_11-default-1-6.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-base-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-base-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-base-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-base-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-devel-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-devel-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-devel-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-devel-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-man-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:kernel-devel-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server 12 SP2:kernel-macros-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server 12 SP2:kernel-source-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server 12 SP2:kernel-syms-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:kernel-syms-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:kernel-syms-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:kernel-syms-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-default-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-default-base-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-default-devel-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-devel-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-macros-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-source-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-syms-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-man-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-devel-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-macros-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-source-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-docs-4.4.49-92.11.3.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-obs-build-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-obs-build-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-obs-build-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-obs-build-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP2:kernel-default-extra-4.4.49-92.11.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-02-28T12:17:13Z",
"details": "moderate"
}
],
"title": "CVE-2017-2584"
},
{
"cve": "CVE-2017-5551",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-5551"
}
],
"notes": [
{
"category": "general",
"text": "The simple_set_acl function in fs/posix_acl.c in the Linux kernel before 4.9.6 preserves the setgid bit during a setxattr call involving a tmpfs filesystem, which allows local users to gain group privileges by leveraging the existence of a setgid program with restrictions on execute permissions. NOTE: this vulnerability exists because of an incomplete fix for CVE-2016-7097.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12 SP2:kernel-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:kernel-default-devel-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:kernel-default-extra-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:kernel-devel-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP2:kernel-macros-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP2:kernel-source-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP2:kernel-syms-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-4_4_49-92_11-default-1-6.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-base-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-base-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-base-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-base-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-devel-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-devel-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-devel-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-devel-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-man-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:kernel-devel-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server 12 SP2:kernel-macros-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server 12 SP2:kernel-source-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server 12 SP2:kernel-syms-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:kernel-syms-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:kernel-syms-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:kernel-syms-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-default-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-default-base-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-default-devel-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-devel-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-macros-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-source-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-syms-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-man-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-devel-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-macros-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-source-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-docs-4.4.49-92.11.3.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-obs-build-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-obs-build-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-obs-build-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-obs-build-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP2:kernel-default-extra-4.4.49-92.11.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-5551",
"url": "https://www.suse.com/security/cve/CVE-2017-5551"
},
{
"category": "external",
"summary": "SUSE Bug 1021258 for CVE-2017-5551",
"url": "https://bugzilla.suse.com/1021258"
},
{
"category": "external",
"summary": "SUSE Bug 995968 for CVE-2017-5551",
"url": "https://bugzilla.suse.com/995968"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12 SP2:kernel-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:kernel-default-devel-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:kernel-default-extra-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:kernel-devel-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP2:kernel-macros-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP2:kernel-source-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP2:kernel-syms-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-4_4_49-92_11-default-1-6.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-base-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-base-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-base-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-base-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-devel-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-devel-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-devel-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-devel-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-man-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:kernel-devel-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server 12 SP2:kernel-macros-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server 12 SP2:kernel-source-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server 12 SP2:kernel-syms-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:kernel-syms-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:kernel-syms-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:kernel-syms-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-default-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-default-base-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-default-devel-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-devel-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-macros-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-source-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-syms-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-man-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-devel-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-macros-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-source-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-docs-4.4.49-92.11.3.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-obs-build-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-obs-build-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-obs-build-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-obs-build-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP2:kernel-default-extra-4.4.49-92.11.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Desktop 12 SP2:kernel-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:kernel-default-devel-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:kernel-default-extra-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:kernel-devel-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP2:kernel-macros-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP2:kernel-source-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP2:kernel-syms-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-4_4_49-92_11-default-1-6.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-base-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-base-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-base-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-base-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-devel-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-devel-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-devel-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-devel-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-man-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:kernel-devel-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server 12 SP2:kernel-macros-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server 12 SP2:kernel-source-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server 12 SP2:kernel-syms-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:kernel-syms-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:kernel-syms-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:kernel-syms-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-default-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-default-base-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-default-devel-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-devel-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-macros-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-source-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-syms-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-man-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-devel-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-macros-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-source-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-docs-4.4.49-92.11.3.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-obs-build-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-obs-build-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-obs-build-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-obs-build-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP2:kernel-default-extra-4.4.49-92.11.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-02-28T12:17:13Z",
"details": "moderate"
}
],
"title": "CVE-2017-5551"
},
{
"cve": "CVE-2017-5576",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-5576"
}
],
"notes": [
{
"category": "general",
"text": "Integer overflow in the vc4_get_bcl function in drivers/gpu/drm/vc4/vc4_gem.c in the VideoCore DRM driver in the Linux kernel before 4.9.7 allows local users to cause a denial of service or possibly have unspecified other impact via a crafted size value in a VC4_SUBMIT_CL ioctl call.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12 SP2:kernel-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:kernel-default-devel-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:kernel-default-extra-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:kernel-devel-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP2:kernel-macros-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP2:kernel-source-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP2:kernel-syms-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-4_4_49-92_11-default-1-6.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-base-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-base-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-base-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-base-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-devel-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-devel-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-devel-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-devel-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-man-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:kernel-devel-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server 12 SP2:kernel-macros-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server 12 SP2:kernel-source-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server 12 SP2:kernel-syms-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:kernel-syms-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:kernel-syms-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:kernel-syms-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-default-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-default-base-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-default-devel-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-devel-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-macros-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-source-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-syms-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-man-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-devel-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-macros-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-source-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-docs-4.4.49-92.11.3.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-obs-build-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-obs-build-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-obs-build-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-obs-build-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP2:kernel-default-extra-4.4.49-92.11.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-5576",
"url": "https://www.suse.com/security/cve/CVE-2017-5576"
},
{
"category": "external",
"summary": "SUSE Bug 1021294 for CVE-2017-5576",
"url": "https://bugzilla.suse.com/1021294"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12 SP2:kernel-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:kernel-default-devel-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:kernel-default-extra-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:kernel-devel-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP2:kernel-macros-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP2:kernel-source-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP2:kernel-syms-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-4_4_49-92_11-default-1-6.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-base-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-base-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-base-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-base-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-devel-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-devel-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-devel-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-devel-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-man-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:kernel-devel-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server 12 SP2:kernel-macros-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server 12 SP2:kernel-source-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server 12 SP2:kernel-syms-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:kernel-syms-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:kernel-syms-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:kernel-syms-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-default-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-default-base-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-default-devel-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-devel-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-macros-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-source-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-syms-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-man-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-devel-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-macros-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-source-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-docs-4.4.49-92.11.3.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-obs-build-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-obs-build-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-obs-build-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-obs-build-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP2:kernel-default-extra-4.4.49-92.11.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Desktop 12 SP2:kernel-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:kernel-default-devel-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:kernel-default-extra-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:kernel-devel-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP2:kernel-macros-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP2:kernel-source-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP2:kernel-syms-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-4_4_49-92_11-default-1-6.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-base-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-base-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-base-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-base-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-devel-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-devel-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-devel-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-devel-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-man-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:kernel-devel-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server 12 SP2:kernel-macros-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server 12 SP2:kernel-source-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server 12 SP2:kernel-syms-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:kernel-syms-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:kernel-syms-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:kernel-syms-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-default-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-default-base-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-default-devel-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-devel-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-macros-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-source-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-syms-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-man-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-devel-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-macros-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-source-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-docs-4.4.49-92.11.3.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-obs-build-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-obs-build-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-obs-build-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-obs-build-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP2:kernel-default-extra-4.4.49-92.11.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-02-28T12:17:13Z",
"details": "low"
}
],
"title": "CVE-2017-5576"
},
{
"cve": "CVE-2017-5577",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-5577"
}
],
"notes": [
{
"category": "general",
"text": "The vc4_get_bcl function in drivers/gpu/drm/vc4/vc4_gem.c in the VideoCore DRM driver in the Linux kernel before 4.9.7 does not set an errno value upon certain overflow detections, which allows local users to cause a denial of service (incorrect pointer dereference and OOPS) via inconsistent size values in a VC4_SUBMIT_CL ioctl call.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12 SP2:kernel-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:kernel-default-devel-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:kernel-default-extra-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:kernel-devel-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP2:kernel-macros-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP2:kernel-source-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP2:kernel-syms-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-4_4_49-92_11-default-1-6.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-base-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-base-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-base-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-base-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-devel-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-devel-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-devel-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-devel-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-man-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:kernel-devel-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server 12 SP2:kernel-macros-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server 12 SP2:kernel-source-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server 12 SP2:kernel-syms-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:kernel-syms-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:kernel-syms-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:kernel-syms-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-default-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-default-base-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-default-devel-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-devel-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-macros-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-source-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-syms-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-man-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-devel-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-macros-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-source-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-docs-4.4.49-92.11.3.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-obs-build-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-obs-build-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-obs-build-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-obs-build-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP2:kernel-default-extra-4.4.49-92.11.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-5577",
"url": "https://www.suse.com/security/cve/CVE-2017-5577"
},
{
"category": "external",
"summary": "SUSE Bug 1021294 for CVE-2017-5577",
"url": "https://bugzilla.suse.com/1021294"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12 SP2:kernel-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:kernel-default-devel-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:kernel-default-extra-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:kernel-devel-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP2:kernel-macros-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP2:kernel-source-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP2:kernel-syms-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-4_4_49-92_11-default-1-6.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-base-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-base-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-base-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-base-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-devel-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-devel-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-devel-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-devel-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-man-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:kernel-devel-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server 12 SP2:kernel-macros-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server 12 SP2:kernel-source-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server 12 SP2:kernel-syms-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:kernel-syms-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:kernel-syms-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:kernel-syms-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-default-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-default-base-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-default-devel-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-devel-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-macros-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-source-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-syms-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-man-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-devel-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-macros-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-source-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-docs-4.4.49-92.11.3.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-obs-build-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-obs-build-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-obs-build-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-obs-build-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP2:kernel-default-extra-4.4.49-92.11.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Desktop 12 SP2:kernel-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:kernel-default-devel-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:kernel-default-extra-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:kernel-devel-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP2:kernel-macros-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP2:kernel-source-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP2:kernel-syms-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-4_4_49-92_11-default-1-6.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-base-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-base-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-base-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-base-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-devel-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-devel-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-devel-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-devel-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-man-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:kernel-devel-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server 12 SP2:kernel-macros-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server 12 SP2:kernel-source-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server 12 SP2:kernel-syms-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:kernel-syms-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:kernel-syms-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:kernel-syms-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-default-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-default-base-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-default-devel-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-devel-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-macros-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-source-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-syms-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-man-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-devel-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-macros-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-source-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-docs-4.4.49-92.11.3.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-obs-build-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-obs-build-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-obs-build-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-obs-build-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP2:kernel-default-extra-4.4.49-92.11.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-02-28T12:17:13Z",
"details": "low"
}
],
"title": "CVE-2017-5577"
},
{
"cve": "CVE-2017-5897",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-5897"
}
],
"notes": [
{
"category": "general",
"text": "The ip6gre_err function in net/ipv6/ip6_gre.c in the Linux kernel allows remote attackers to have unspecified impact via vectors involving GRE flags in an IPv6 packet, which trigger an out-of-bounds access.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12 SP2:kernel-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:kernel-default-devel-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:kernel-default-extra-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:kernel-devel-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP2:kernel-macros-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP2:kernel-source-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP2:kernel-syms-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-4_4_49-92_11-default-1-6.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-base-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-base-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-base-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-base-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-devel-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-devel-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-devel-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-devel-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-man-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:kernel-devel-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server 12 SP2:kernel-macros-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server 12 SP2:kernel-source-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server 12 SP2:kernel-syms-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:kernel-syms-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:kernel-syms-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:kernel-syms-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-default-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-default-base-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-default-devel-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-devel-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-macros-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-source-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-syms-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-man-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-devel-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-macros-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-source-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-docs-4.4.49-92.11.3.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-obs-build-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-obs-build-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-obs-build-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-obs-build-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP2:kernel-default-extra-4.4.49-92.11.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-5897",
"url": "https://www.suse.com/security/cve/CVE-2017-5897"
},
{
"category": "external",
"summary": "SUSE Bug 1023762 for CVE-2017-5897",
"url": "https://bugzilla.suse.com/1023762"
},
{
"category": "external",
"summary": "SUSE Bug 1087082 for CVE-2017-5897",
"url": "https://bugzilla.suse.com/1087082"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12 SP2:kernel-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:kernel-default-devel-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:kernel-default-extra-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:kernel-devel-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP2:kernel-macros-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP2:kernel-source-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP2:kernel-syms-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-4_4_49-92_11-default-1-6.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-base-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-base-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-base-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-base-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-devel-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-devel-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-devel-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-devel-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-man-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:kernel-devel-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server 12 SP2:kernel-macros-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server 12 SP2:kernel-source-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server 12 SP2:kernel-syms-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:kernel-syms-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:kernel-syms-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:kernel-syms-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-default-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-default-base-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-default-devel-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-devel-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-macros-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-source-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-syms-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-man-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-devel-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-macros-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-source-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-docs-4.4.49-92.11.3.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-obs-build-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-obs-build-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-obs-build-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-obs-build-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP2:kernel-default-extra-4.4.49-92.11.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.7,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Desktop 12 SP2:kernel-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:kernel-default-devel-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:kernel-default-extra-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:kernel-devel-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP2:kernel-macros-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP2:kernel-source-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP2:kernel-syms-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-4_4_49-92_11-default-1-6.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-base-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-base-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-base-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-base-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-devel-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-devel-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-devel-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-devel-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-man-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:kernel-devel-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server 12 SP2:kernel-macros-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server 12 SP2:kernel-source-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server 12 SP2:kernel-syms-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:kernel-syms-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:kernel-syms-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:kernel-syms-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-default-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-default-base-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-default-devel-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-devel-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-macros-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-source-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-syms-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-man-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-devel-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-macros-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-source-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-docs-4.4.49-92.11.3.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-obs-build-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-obs-build-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-obs-build-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-obs-build-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP2:kernel-default-extra-4.4.49-92.11.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-02-28T12:17:13Z",
"details": "low"
}
],
"title": "CVE-2017-5897"
},
{
"cve": "CVE-2017-5970",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-5970"
}
],
"notes": [
{
"category": "general",
"text": "The ipv4_pktinfo_prepare function in net/ipv4/ip_sockglue.c in the Linux kernel through 4.9.9 allows attackers to cause a denial of service (system crash) via (1) an application that makes crafted system calls or possibly (2) IPv4 traffic with invalid IP options.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12 SP2:kernel-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:kernel-default-devel-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:kernel-default-extra-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:kernel-devel-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP2:kernel-macros-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP2:kernel-source-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP2:kernel-syms-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-4_4_49-92_11-default-1-6.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-base-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-base-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-base-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-base-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-devel-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-devel-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-devel-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-devel-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-man-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:kernel-devel-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server 12 SP2:kernel-macros-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server 12 SP2:kernel-source-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server 12 SP2:kernel-syms-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:kernel-syms-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:kernel-syms-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:kernel-syms-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-default-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-default-base-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-default-devel-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-devel-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-macros-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-source-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-syms-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-man-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-devel-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-macros-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-source-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-docs-4.4.49-92.11.3.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-obs-build-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-obs-build-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-obs-build-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-obs-build-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP2:kernel-default-extra-4.4.49-92.11.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-5970",
"url": "https://www.suse.com/security/cve/CVE-2017-5970"
},
{
"category": "external",
"summary": "SUSE Bug 1024938 for CVE-2017-5970",
"url": "https://bugzilla.suse.com/1024938"
},
{
"category": "external",
"summary": "SUSE Bug 1025013 for CVE-2017-5970",
"url": "https://bugzilla.suse.com/1025013"
},
{
"category": "external",
"summary": "SUSE Bug 1115893 for CVE-2017-5970",
"url": "https://bugzilla.suse.com/1115893"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12 SP2:kernel-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:kernel-default-devel-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:kernel-default-extra-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:kernel-devel-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP2:kernel-macros-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP2:kernel-source-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP2:kernel-syms-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-4_4_49-92_11-default-1-6.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-base-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-base-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-base-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-base-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-devel-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-devel-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-devel-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-devel-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-man-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:kernel-devel-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server 12 SP2:kernel-macros-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server 12 SP2:kernel-source-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server 12 SP2:kernel-syms-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:kernel-syms-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:kernel-syms-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:kernel-syms-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-default-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-default-base-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-default-devel-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-devel-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-macros-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-source-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-syms-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-man-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-devel-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-macros-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-source-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-docs-4.4.49-92.11.3.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-obs-build-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-obs-build-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-obs-build-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-obs-build-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP2:kernel-default-extra-4.4.49-92.11.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Desktop 12 SP2:kernel-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:kernel-default-devel-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:kernel-default-extra-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:kernel-devel-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP2:kernel-macros-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP2:kernel-source-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP2:kernel-syms-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-4_4_49-92_11-default-1-6.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-base-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-base-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-base-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-base-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-devel-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-devel-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-devel-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-devel-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-man-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:kernel-devel-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server 12 SP2:kernel-macros-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server 12 SP2:kernel-source-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server 12 SP2:kernel-syms-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:kernel-syms-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:kernel-syms-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:kernel-syms-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-default-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-default-base-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-default-devel-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-devel-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-macros-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-source-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-syms-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-man-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-devel-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-macros-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-source-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-docs-4.4.49-92.11.3.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-obs-build-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-obs-build-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-obs-build-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-obs-build-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP2:kernel-default-extra-4.4.49-92.11.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-02-28T12:17:13Z",
"details": "important"
}
],
"title": "CVE-2017-5970"
},
{
"cve": "CVE-2017-5986",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-5986"
}
],
"notes": [
{
"category": "general",
"text": "Race condition in the sctp_wait_for_sndbuf function in net/sctp/socket.c in the Linux kernel before 4.9.11 allows local users to cause a denial of service (assertion failure and panic) via a multithreaded application that peels off an association in a certain buffer-full state.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12 SP2:kernel-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:kernel-default-devel-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:kernel-default-extra-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:kernel-devel-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP2:kernel-macros-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP2:kernel-source-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP2:kernel-syms-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-4_4_49-92_11-default-1-6.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-base-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-base-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-base-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-base-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-devel-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-devel-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-devel-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-devel-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-man-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:kernel-devel-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server 12 SP2:kernel-macros-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server 12 SP2:kernel-source-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server 12 SP2:kernel-syms-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:kernel-syms-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:kernel-syms-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:kernel-syms-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-default-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-default-base-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-default-devel-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-devel-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-macros-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-source-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-syms-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-man-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-devel-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-macros-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-source-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-docs-4.4.49-92.11.3.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-obs-build-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-obs-build-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-obs-build-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-obs-build-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP2:kernel-default-extra-4.4.49-92.11.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-5986",
"url": "https://www.suse.com/security/cve/CVE-2017-5986"
},
{
"category": "external",
"summary": "SUSE Bug 1025235 for CVE-2017-5986",
"url": "https://bugzilla.suse.com/1025235"
},
{
"category": "external",
"summary": "SUSE Bug 1027066 for CVE-2017-5986",
"url": "https://bugzilla.suse.com/1027066"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12 SP2:kernel-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:kernel-default-devel-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:kernel-default-extra-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:kernel-devel-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP2:kernel-macros-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP2:kernel-source-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP2:kernel-syms-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-4_4_49-92_11-default-1-6.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-base-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-base-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-base-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-base-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-devel-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-devel-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-devel-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-devel-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-man-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:kernel-devel-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server 12 SP2:kernel-macros-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server 12 SP2:kernel-source-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server 12 SP2:kernel-syms-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:kernel-syms-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:kernel-syms-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:kernel-syms-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-default-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-default-base-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-default-devel-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-devel-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-macros-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-source-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-syms-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-man-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-devel-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-macros-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-source-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-docs-4.4.49-92.11.3.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-obs-build-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-obs-build-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-obs-build-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-obs-build-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP2:kernel-default-extra-4.4.49-92.11.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Desktop 12 SP2:kernel-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:kernel-default-devel-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:kernel-default-extra-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:kernel-devel-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP2:kernel-macros-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP2:kernel-source-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP2:kernel-syms-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-4_4_49-92_11-default-1-6.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-base-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-base-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-base-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-base-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-devel-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-devel-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-devel-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-devel-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:kernel-default-man-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:kernel-devel-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server 12 SP2:kernel-macros-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server 12 SP2:kernel-source-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server 12 SP2:kernel-syms-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:kernel-syms-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:kernel-syms-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:kernel-syms-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-default-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-default-base-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-default-devel-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-devel-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-macros-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-source-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-syms-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-man-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-devel-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-macros-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-source-4.4.49-92.11.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-docs-4.4.49-92.11.3.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-obs-build-4.4.49-92.11.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-obs-build-4.4.49-92.11.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-obs-build-4.4.49-92.11.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-obs-build-4.4.49-92.11.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP2:kernel-default-extra-4.4.49-92.11.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-02-28T12:17:13Z",
"details": "moderate"
}
],
"title": "CVE-2017-5986"
}
]
}
suse-su-2017:1990-1
Vulnerability from csaf_suse
Published
2017-07-28 08:44
Modified
2017-07-28 08:44
Summary
Security update for the Linux Kernel
Notes
Title of the patch
Security update for the Linux Kernel
Description of the patch
The SUSE Linux Enterprise 12 SP2 Realtime kernel was updated to 4.4.74 to receive various security and bugfixes.
The following security bugs were fixed:
- CVE-2017-1000364: An issue was discovered in the size of the stack guard page on Linux, specifically a 4k stack guard page is not sufficiently large and can be 'jumped' over (the stack guard page is bypassed), this affects Linux Kernel versions 4.11.5 and earlier (the stackguard page was introduced in 2010) (bnc#1039348).
- CVE-2017-1000365: The Linux Kernel imposes a size restriction on the arguments and environmental strings passed through RLIMIT_STACK/RLIM_INFINITY (1/4 of the size), but did not take the argument and environment pointers into account, which allowed attackers to bypass this limitation. (bnc#1039354).
- CVE-2017-1000380: sound/core/timer.c in the Linux kernel is vulnerable to a data race in the ALSA /dev/snd/timer driver resulting in local users being able to read information belonging to other users, i.e., uninitialized memory contents may be disclosed when a read and an ioctl happen at the same time (bnc#1044125).
- CVE-2017-7346: The vmw_gb_surface_define_ioctl function in drivers/gpu/drm/vmwgfx/vmwgfx_surface.c in the Linux kernel did not validate certain levels data, which allowed local users to cause a denial of service (system hang) via a crafted ioctl call for a /dev/dri/renderD* device (bnc#1031796).
- CVE-2017-9242: The __ip6_append_data function in net/ipv6/ip6_output.c in the Linux kernel is too late in checking whether an overwrite of an skb data structure may occur, which allowed local users to cause a denial of service (system crash) via crafted system calls (bnc#1041431).
- CVE-2017-9076: The dccp_v6_request_recv_sock function in net/dccp/ipv6.c in the Linux kernel mishandled inheritance, which allowed local users to cause a denial of service or possibly have unspecified other impact via crafted system calls, a related issue to CVE-2017-8890 (bnc#1039885).
- CVE-2017-9077: The tcp_v6_syn_recv_sock function in net/ipv6/tcp_ipv6.c in the Linux kernel mishandled inheritance, which allowed local users to cause a denial of service or possibly have unspecified other impact via crafted system calls, a related issue to CVE-2017-8890 (bnc#1040069).
- CVE-2017-9075: The sctp_v6_create_accept_sk function in net/sctp/ipv6.c in the Linux kernel mishandled inheritance, which allowed local users to cause a denial of service or possibly have unspecified other impact via crafted system calls, a related issue to CVE-2017-8890 (bnc#1039883).
- CVE-2017-9074: The IPv6 fragmentation implementation in the Linux kernel did not consider that the nexthdr field may be associated with an invalid option, which allowed local users to cause a denial of service (out-of-bounds read and BUG) or possibly have unspecified other impact via crafted socket and send system calls (bnc#1039882).
- CVE-2017-7487: The ipxitf_ioctl function in net/ipx/af_ipx.c in the Linux kernel mishandled reference counts, which allowed local users to cause a denial of service (use-after-free) or possibly have unspecified other impact via a failed SIOCGIFADDR ioctl call for an IPX interface (bnc#1038879).
- CVE-2017-8890: The inet_csk_clone_lock function in net/ipv4/inet_connection_sock.c in the Linux kernel allowed attackers to cause a denial of service (double free) or possibly have unspecified other impact by leveraging use of the accept system call (bnc#1038544).
- CVE-2017-9150: The do_check function in kernel/bpf/verifier.c in the Linux kernel did not make the allow_ptr_leaks value available for restricting the output of the print_bpf_insn function, which allowed local users to obtain sensitive address information via crafted bpf system calls (bnc#1040279).
- CVE-2017-7618: crypto/ahash.c in the Linux kernel allowed attackers to cause a denial of service (API operation calling its own callback, and infinite recursion) by triggering EBUSY on a full queue (bnc#1033340).
- CVE-2016-4997: The compat IPT_SO_SET_REPLACE and IP6T_SO_SET_REPLACE setsockopt implementations in the netfilter subsystem in the Linux kernel allow local users to gain privileges or cause a denial of service (memory corruption) by leveraging in-container root access to provide a crafted offset value that triggers an unintended decrement (bnc#986362).
- CVE-2016-4998: The IPT_SO_SET_REPLACE setsockopt implementation in the netfilter subsystem in the Linux kernel allowed local users to cause a denial of service (out-of-bounds read) or possibly obtain sensitive information from kernel heap memory by leveraging in-container root access to provide a crafted offset value that leads to crossing a ruleset blob boundary (bnc#986365).
- CVE-2017-7616: Incorrect error handling in the set_mempolicy and mbind compat syscalls in mm/mempolicy.c in the Linux kernel allowed local users to obtain sensitive information from uninitialized stack data by triggering failure of a certain bitmap operation (bnc#1033336).
- CVE-2017-2671: The ping_unhash function in net/ipv4/ping.c in the Linux kernel is too late in obtaining a certain lock and consequently cannot ensure that disconnect function calls are safe, which allowed local users to cause a denial of service (panic) by leveraging access to the protocol value of IPPROTO_ICMP in a socket system call (bnc#1031003).
- CVE-2017-7184: The xfrm_replay_verify_len function in net/xfrm/xfrm_user.c in the Linux kernel did not validate certain size data after an XFRM_MSG_NEWAE update, which allowed local users to obtain root privileges or cause a denial of service (heap-based out-of-bounds access) by leveraging the CAP_NET_ADMIN capability, as demonstrated during a Pwn2Own competition at CanSecWest 2017 for the Ubuntu 16.10 linux-image-* package 4.8.0.41.52 (bnc#1030573).
- CVE-2017-7308: The packet_set_ring function in net/packet/af_packet.c in the Linux kernel did not properly validate certain block-size data, which allowed local users to cause a denial of service (integer signedness error and out-of-bounds write), or gain privileges (if the CAP_NET_RAW capability is held), via crafted system calls (bnc#1031579).
- CVE-2017-7294: The vmw_surface_define_ioctl function in drivers/gpu/drm/vmwgfx/vmwgfx_surface.c in the Linux kernel did not validate addition of certain levels data, which allowed local users to trigger an integer overflow and out-of-bounds write, and cause a denial of service (system hang or crash) or possibly gain privileges, via a crafted ioctl call for a /dev/dri/renderD* device (bnc#1031440).
- CVE-2017-7261: The vmw_surface_define_ioctl function in drivers/gpu/drm/vmwgfx/vmwgfx_surface.c in the Linux kernel did not check for a zero value of certain levels data, which allowed local users to cause a denial of service (ZERO_SIZE_PTR dereference, and GPF and possibly panic) via a crafted ioctl call for a /dev/dri/renderD* device (bnc#1031052).
- CVE-2017-7187: The sg_ioctl function in drivers/scsi/sg.c in the Linux kernel allowed local users to cause a denial of service (stack-based buffer overflow) or possibly have unspecified other impact via a large command size in an SG_NEXT_CMD_LEN ioctl call, leading to out-of-bounds write access in the sg_write function (bnc#1030213).
- CVE-2017-7374: Use-after-free vulnerability in fs/crypto/ in the Linux kernel allowed local users to cause a denial of service (NULL pointer dereference) or possibly gain privileges by revoking keyring keys being used for ext4, f2fs, or ubifs encryption, causing cryptographic transform objects to be freed prematurely (bnc#1032006).
- CVE-2016-10200: Race condition in the L2TPv3 IP Encapsulation feature in the Linux kernel allowed local users to gain privileges or cause a denial of service (use-after-free) by making multiple bind system calls without properly ascertaining whether a socket has the SOCK_ZAPPED status, related to net/l2tp/l2tp_ip.c and net/l2tp/l2tp_ip6.c (bnc#1028415).
- CVE-2017-2636: Race condition in drivers/tty/n_hdlc.c in the Linux kernel allowed local users to gain privileges or cause a denial of service (double free) by setting the HDLC line discipline (bnc#1027565).
- CVE-2017-6345: The LLC subsystem in the Linux kernel did not ensure that a certain destructor exists in required circumstances, which allowed local users to cause a denial of service (BUG_ON) or possibly have unspecified other impact via crafted system calls (bnc#1027190).
- CVE-2017-6346: Race condition in net/packet/af_packet.c in the Linux kernel allowed local users to cause a denial of service (use-after-free) or possibly have unspecified other impact via a multithreaded application that made PACKET_FANOUT setsockopt system calls (bnc#1027189).
- CVE-2017-6353: net/sctp/socket.c in the Linux kernel did not properly restrict association peel-off operations during certain wait states, which allowed local users to cause a denial of service (invalid unlock and double free) via a multithreaded application. NOTE: this vulnerability exists because of an incorrect fix for CVE-2017-5986. (bnc#1027066).
- CVE-2017-6214: The tcp_splice_read function in net/ipv4/tcp.c in the Linux kernel allowed remote attackers to cause a denial of service (infinite loop and soft lockup) via vectors involving a TCP packet with the URG flag (bnc#1026722).
- CVE-2016-2117: The atl2_probe function in drivers/net/ethernet/atheros/atlx/atl2.c in the Linux kernel incorrectly enables scatter/gather I/O, which allowed remote attackers to obtain sensitive information from kernel memory by reading packet data (bnc#968697).
- CVE-2017-6347: The ip_cmsg_recv_checksum function in net/ipv4/ip_sockglue.c in the Linux kernel has incorrect expectations about skb data layout, which allowed local users to cause a denial of service (buffer over-read) or possibly have unspecified other impact via crafted system calls, as demonstrated by use of the MSG_MORE flag in conjunction with loopback UDP transmission (bnc#1027179).
- CVE-2016-9191: The cgroup offline implementation in the Linux kernel mishandled certain drain operations, which allowed local users to cause a denial of service (system hang) by leveraging access to a container environment for executing a crafted application, as demonstrated by trinity (bnc#1008842).
- CVE-2017-2583: The load_segment_descriptor implementation in arch/x86/kvm/emulate.c in the Linux kernel improperly emulates a 'MOV SS, NULL selector' instruction, which allowed guest OS users to cause a denial of service (guest OS crash) or gain guest OS privileges via a crafted application (bnc#1020602).
- CVE-2017-2584: arch/x86/kvm/emulate.c in the Linux kernel allowed local users to obtain sensitive information from kernel memory or cause a denial of service (use-after-free) via a crafted application that leverages instruction emulation for fxrstor, fxsave, sgdt, and sidt (bnc#1019851).
- CVE-2017-2596: The nested_vmx_check_vmptr function in arch/x86/kvm/vmx.c in the Linux kernel improperly emulates the VMXON instruction, which allowed KVM L1 guest OS users to cause a denial of service (host OS memory consumption) by leveraging the mishandling of page references (bnc#1022785).
- CVE-2017-6074: The dccp_rcv_state_process function in net/dccp/input.c in the Linux kernel mishandled DCCP_PKT_REQUEST packet data structures in the LISTEN state, which allowed local users to obtain root privileges or cause a denial of service (double free) via an application that made an IPV6_RECVPKTINFO setsockopt system call (bnc#1026024).
- CVE-2017-5986: Race condition in the sctp_wait_for_sndbuf function in net/sctp/socket.c in the Linux kernel allowed local users to cause a denial of service (assertion failure and panic) via a multithreaded application that peels off an association in a certain buffer-full state (bnc#1025235).
- CVE-2017-5970: The ipv4_pktinfo_prepare function in net/ipv4/ip_sockglue.c in the Linux kernel allowed attackers to cause a denial of service (system crash) via (1) an application that made crafted system calls or possibly (2) IPv4 traffic with invalid IP options (bnc#1024938).
- CVE-2017-5897: The ip6gre_err function in net/ipv6/ip6_gre.c in the Linux kernel allowed remote attackers to have unspecified impact via vectors involving GRE flags in an IPv6 packet, which trigger an out-of-bounds access (bnc#1023762).
- CVE-2016-7117: Use-after-free vulnerability in the __sys_recvmmsg function in net/socket.c in the Linux kernel allowed remote attackers to execute arbitrary code via vectors involving a recvmmsg system call that is mishandled during error processing (bnc#1003077).
- CVE-2017-5576: Integer overflow in the vc4_get_bcl function in drivers/gpu/drm/vc4/vc4_gem.c in the VideoCore DRM driver in the Linux kernel allowed local users to cause a denial of service or possibly have unspecified other impact via a crafted size value in a VC4_SUBMIT_CL ioctl call (bnc#1021294).
- CVE-2017-5577: The vc4_get_bcl function in drivers/gpu/drm/vc4/vc4_gem.c in the VideoCore DRM driver in the Linux kernel did not set an errno value upon certain overflow detections, which allowed local users to cause a denial of service (incorrect pointer dereference and OOPS) via inconsistent size values in a VC4_SUBMIT_CL ioctl call (bnc#1021294).
- CVE-2017-5551: The simple_set_acl function in fs/posix_acl.c in the Linux kernel preserves the setgid bit during a setxattr call involving a tmpfs filesystem, which allowed local users to gain group privileges by leveraging the existence of a setgid program with restrictions on execute permissions. NOTE: this vulnerability exists because of an incomplete fix for CVE-2016-7097. (bnc#1021258).
The following non-security bugs were fixed:
- 9p: fix a potential acl leak (4.4.68 stable queue).
- acpi / APEI: Add missing synchronize_rcu() on NOTIFY_SCI removal (bsc#1031717).
- acpi: Do not create a platform_device for IOAPIC/IOxAPIC (bsc#1028819).
- acpi, ioapic: Clear on-stack resource before using it (bsc#1028819).
- acpi, nfit: fix acpi_nfit_flush_probe() crash (bsc#1031717).
- acpi, nfit: fix bus vs dimm confusion in xlat_status (bsc#1023175).
- acpi, nfit: fix extended status translations for ACPI DSMs (bsc#1031717).
- acpi, nfit, libnvdimm: fix / harden ars_status output length handling (bsc#1023175).
- acpi, nfit: validate ars_status output buffer size (bsc#1023175).
- acpi: Remove platform devices from a bus on removal (bsc#1028819).
- acpi / scan: Drop support for force_remove (bnc#1029607).
- ahci: disable correct irq for dummy ports (bsc#1040125).
- alsa: hda - Fix deadlock of controller device lock at unbinding (4.4.68 stable queue).
- arm64: hugetlb: fix the wrong address for several functions (bsc#1032681).
- arm64: hugetlb: fix the wrong return value for huge_ptep_set_access_flags (bsc#1032681).
- arm64: hugetlb: remove the wrong pmd check in find_num_contig() (bsc#1032681).
- arm64/numa: fix incorrect log for memory-less node (bsc#1019631).
- arm64: Use full path in KBUILD_IMAGE definition (bsc#1010032).
- arm: 8452/3: PJ4: make coprocessor access sequences buildable in Thumb2 mode (4.4.68 stable queue).
- arm: OMAP5 / DRA7: Fix HYP mode boot for thumb2 build (4.4.68 stable queue).
- arm: Use full path in KBUILD_IMAGE definition (bsc#1010032).
- ASoC: cht_bsw_rt5645: Fix leftover kmalloc (bsc#1010690).
- ASoC: Intel: Skylake: Uninitialized variable in probe_codec() (bsc#1043231).
- ASoC: rt5640: use msleep() for long delays (bsc#1031717).
- ASoC: sti: Fix error handling if of_clk_get() fails (bsc#1031717).
- avoid including 'mountproto=' with no protocol in /proc/mounts (bsc#1019260).
- bcache: fix calling ida_simple_remove() with incorrect minor (bsc#1038085).
- bcache: Make gc wakeup sane, remove set_task_state() (bsc#1021260).
- bcache: partition support: add 16 minors per bcacheN device (bsc#1019784).
- blacklist 61e8a0d5a027 powerpc/pci: Fix endian bug in fixed PHB numbering (bsc#989311)
- blacklist.conf: a04a480d4392 net: Require exact match for TCP socket lookups if dif is l3mdev (v4.9-rc4) 10/11 conflicts are with code introduced by 74b20582ac38 ('net: l3mdev: Add hook in ip and ipv6', v4.7-rc1) which is not present in SP2. I think that either the problem was always there or was introduced by 74b20582ac38. If in the first case, the fix would have to be implemented differently; if in the second case, the fix is not needed in SP2.
- blacklist.conf: blacklist reverted commit Commit 82486aa6f1b9 ('ipv4: restore rt->fi for reference counting') was later reverted and replaced by commit 3fb07daff8e9 ('ipv4: add reference counting to metrics'). This solution breaks kABI, though, and I'll need to look into it more carefully to see if it can be worked around easily.
- blk-mq: Allow timeouts to run while queue is freezing (bsc#1020817).
- blk-mq: Always schedule hctx->next_cpu (bsc#1020817).
- blk-mq: Avoid memory reclaim when remapping queues (bsc#1020817).
- blk-mq: do not overwrite rq->mq_ctx (bsc#1020817).
- blk-mq: Fix failed allocation path when mapping queues (bsc#1020817).
- blk-mq: improve warning for running a queue on the wrong CPU (bsc#1020817).
- block: Change extern inline to static inline (bsc#1023175).
- block: copy NOMERGE flag from bio to request (bsc#1030070).
- block: get rid of blk_integrity_revalidate() (4.4.68 stable queue).
- bluetooth: btmrvl: fix hung task warning dump (bsc#1018813).
- bna: add missing per queue ethtool stat (bsc#966321 FATE#320156).
- bna: avoid writing uninitialized data into hw registers (bsc#966321 FATE#320156).
- bna: integer overflow bug in debugfs (bsc#966321 FATE#320156).
- bnx2x: allow adding VLANs while interface is down (bsc#1027273).
- bnx2x: Correct ringparam estimate when DOWN (bsc#1020214).
- bnxt_en: allocate enough space for ->ntp_fltr_bmap (bsc#1020412 FATE#321671).
- bonding: avoid defaulting hard_header_len to ETH_HLEN on slave removal (bsc#1042286).
- bonding: do not use stale speed and duplex information (bsc#1042286).
- bonding: fix 802.3ad aggregator reselection (bsc#1029514).
- bonding: prevent out of bound accesses (bsc#1042286).
- bpf, arm64: fix jit branch offset related to ldimm64 (4.4.68 stable queue).
- brcmfmac: add fallback for devices that do not report per-chain values (bsc#1043231).
- brcmfmac: avoid writing channel out of allocated array (bsc#1043231).
- brcmfmac: Change error print on wlan0 existence (bsc#1000092).
- brcmfmac: Ensure pointer correctly set if skb data location changes (4.4.68 stable queue).
- brcmfmac: Make skb header writable before use (4.4.68 stable queue).
- brcmfmac: restore stopping netdev queue when bus clogs up (bsc#1031717).
- btrfs: add a flags field to btrfs_fs_info (bsc#1012452).
- btrfs: add ASSERT for block group's memory leak (bsc#1012452).
- btrfs: add btrfs_trans_handle->fs_info pointer (bsc#1012452).
- btrfs: add bytes_readonly to the spaceinfo at once (bsc#1012452).
- btrfs: add check to sysfs handler of label (bsc#1012452).
- btrfs: add dynamic debug support (bsc#1012452).
- btrfs: add error handling for extent buffer in print tree (bsc#1012452).
- btrfs: add missing bytes_readonly attribute file in sysfs (bsc#1012452).
- btrfs: add missing check for writeback errors on fsync (bsc#1012452).
- btrfs: add more validation checks for superblock (bsc#1012452).
- btrfs: Add ratelimit to btrfs printing (bsc#1012452).
- btrfs: add read-only check to sysfs handler of features (bsc#1012452).
- btrfs: add semaphore to synchronize direct IO writes with fsync (bsc#1012452).
- btrfs: add support for RENAME_EXCHANGE and RENAME_WHITEOUT (bsc#1020975).
- btrfs: add tracepoint for adding block groups (bsc#1012452).
- btrfs: add tracepoints for flush events (bsc#1012452).
- btrfs: add transaction space reservation tracepoints (bsc#1012452).
- btrfs: add validadtion checks for chunk loading (bsc#1012452).
- btrfs: add write protection to SET_FEATURES ioctl (bsc#1012452).
- btrfs: allow balancing to dup with multi-device (bsc#1012452).
- btrfs: allow unlink to exceed subvolume quota (bsc#1019614).
- btrfs: always reserve metadata for delalloc extents (bsc#1012452).
- btrfs: always use trans->block_rsv for orphans (bsc#1012452).
- btrfs: avoid blocking open_ctree from cleaner_kthread (bsc#1012452).
- btrfs: avoid deadlocks during reservations in btrfs_truncate_block (bsc#1012452).
- btrfs: avoid overflowing f_bfree (bsc#1012452).
- btrfs: avoid uninitialized variable warning (bsc#1012452).
- btrfs: backref: Fix soft lockup in __merge_refs function (bsc#1017641).
- btrfs: btrfs_abort_transaction, drop root parameter (bsc#1012452).
- btrfs: __btrfs_buffered_write: Pass valid file offset when releasing delalloc space (bsc#1012452).
- btrfs: __btrfs_buffered_write: Reserve/release extents aligned to block size (bsc#1012452).
- btrfs: btrfs_check_super_valid: Allow 4096 as stripesize (bsc#1012452).
- btrfs: btrfs_debug should consume fs_info when DEBUG is not defined (bsc#1012452).
- btrfs: btrfs_ioctl_clone: Truncate complete page after performing clone operation (bsc#1012452).
- btrfs: btrfs_page_mkwrite: Reserve space in sectorsized units (bsc#1012452).
- btrfs: btrfs_relocate_chunk pass extent_root to btrfs_end_transaction (bsc#1012452).
- btrfs: btrfs_submit_direct_hook: Handle map_length < bio vector length (bsc#1012452).
- btrfs: build fixup for qgroup_account_snapshot (bsc#1012452).
- btrfs: change BUG_ON()'s to ASSERT()'s in backref_cache_cleanup() (bsc#1012452).
- btrfs: change delayed reservation fallback behavior (bsc#1012452).
- btrfs: change how we calculate the global block rsv (bsc#1012452).
- btrfs: change how we update the global block rsv (bsc#1012452).
- btrfs: Change qgroup_meta_rsv to 64bit (bsc#1019614).
- btrfs: check btree node's nritems (bsc#1012452).
- btrfs: check if extent buffer is aligned to sectorsize (bsc#1012452).
- btrfs: check inconsistence between chunk and block group (bsc#1012452).
- btrfs: check reserved when deciding to background flush (bsc#1012452).
- btrfs: clarify do_chunk_alloc()'s return value (bsc#1012452).
- btrfs: Clean pte corresponding to page straddling i_size (bsc#1012452).
- btrfs: clean the old superblocks before freeing the device (bsc#1012452).
- btrfs: clean up and optimize __check_raid_min_device() (bsc#1012452).
- btrfs: cleanup assigning next active device with a check (bsc#1012452).
- btrfs: cleanup BUG_ON in merge_bio (bsc#1012452).
- btrfs: Cleanup compress_file_range() (bsc#1012452).
- btrfs: cleanup error handling in extent_write_cached_pages (bsc#1012452).
- btrfs: clear uptodate flags of pages in sys_array eb (bsc#1012452).
- btrfs: clone: use vmalloc only as fallback for nodesize bufer (bsc#1012452).
- btrfs: Compute and look up csums based on sectorsized blocks (bsc#1012452).
- btrfs: convert nodesize macros to static inlines (bsc#1012452).
- btrfs: convert printk(KERN_* to use pr_* calls (bsc#1012452).
- btrfs: convert pr_* to btrfs_* where possible (bsc#1012452).
- btrfs: convert send's verbose_printk to btrfs_debug (bsc#1012452).
- btrfs: copy_to_sk drop unused root parameter (bsc#1012452).
- btrfs: create a helper function to read the disk super (bsc#1012452).
- btrfs: create example debugfs file only in debugging build (bsc#1012452).
- btrfs: create helper btrfs_find_device_by_user_input() (bsc#1012452).
- btrfs: create helper function __check_raid_min_devices() (bsc#1012452).
- btrfs: csum_tree_block: return proper errno value (bsc#1012452).
- btrfs: detect corruption when non-root leaf has zero item (bsc#1012452).
- btrfs: device add and remove: use GFP_KERNEL (bsc#1012452).
- btrfs: Direct I/O read: Work on sectorsized blocks (bsc#1012452).
- btrfs: divide btrfs_update_reserved_bytes() into two functions (bsc#1012452).
- btrfs: do not background blkdev_put() (bsc#1012452).
- btrfs: do not bother kicking async if there's nothing to reclaim (bsc#1012452).
- btrfs: do not BUG_ON() in btrfs_orphan_add (bsc#1012452).
- btrfs: do not create empty block group if we have allocated data (bsc#1012452).
- btrfs: do not decrease bytes_may_use when replaying extents (bsc#1012452).
- btrfs: do not do nocow check unless we have to (bsc#1012452).
- btrfs: do not do unnecessary delalloc flushes when relocating (bsc#1012452).
- btrfs: do not force mounts to wait for cleaner_kthread to delete one or more subvolumes (bsc#1012452).
- btrfs: do not wait for unrelated IO to finish before relocation (bsc#1012452).
- btrfs: do not WARN() in btrfs_transaction_abort() for IO errors (bsc#1035866).
- btrfs: do not write corrupted metadata blocks to disk (bsc#1012452).
- btrfs: end transaction if we abort when creating uuid root (bsc#1012452).
- btrfs: enhance btrfs_find_device_by_user_input() to check device path (bsc#1012452).
- btrfs: error out if generic_bin_search get invalid arguments (bsc#1012452).
- btrfs: expand cow_file_range() to support in-band dedup and subpage-blocksize (bsc#1012452).
- btrfs: extend btrfs_set_extent_delalloc and its friends to support in-band dedupe and subpage size patchset (bsc#1012452).
- btrfs: extent same: use GFP_KERNEL for page array allocations (bsc#1012452).
- btrfs: fallback to vmalloc in btrfs_compare_tree (bsc#1012452).
- btrfs: fallocate: use GFP_KERNEL (bsc#1012452).
- btrfs: fallocate: Work with sectorsized blocks (bsc#1012452).
- btrfs: fill relocation block rsv after allocation (bsc#1012452).
- btrfs: fix an integer overflow check (bsc#1012452).
- btrfs: fix a possible umount deadlock (bsc#1012452).
- btrfs: Fix block size returned to user space (bsc#1012452).
- btrfs: fix btrfs_compat_ioctl failures on non-compat ioctls (bsc#1018100).
- btrfs: fix btrfs_no_printk stub helper (bsc#1012452).
- btrfs: Fix BUG_ON condition in scrub_setup_recheck_block() (bsc#1012452).
- btrfs: fix BUG_ON in btrfs_mark_buffer_dirty (bsc#1012452).
- btrfs: fix BUG_ON in btrfs_submit_compressed_write (bsc#1012452).
- btrfs: fix build warning (bsc#1012452).
- btrfs: fix callers of btrfs_block_rsv_migrate (bsc#1012452).
- btrfs: fix check_direct_IO() for non-iovec iterators (bsc#1012452).
- btrfs: fix check_shared for fiemap ioctl (bsc#1037177).
- btrfs: fix crash when tracepoint arguments are freed by wq callbacks (bsc#1012452).
- btrfs: fix data loss after truncate when using the no-holes feature (bsc#1036214).
- btrfs: fix deadlock in delayed_ref_async_start (bsc#1012452).
- btrfs: fix delalloc accounting after copy_from_user faults (bsc#1012452).
- btrfs: fix delalloc reservation amount tracepoint (bsc#1012452).
- btrfs: fix disk_i_size update bug when fallocate() fails (bsc#1012452).
- btrfs: fix divide error upon chunk's stripe_len (bsc#1012452).
- btrfs: fix double free of fs root (bsc#1012452).
- btrfs: fix eb memory leak due to readpage failure (bsc#1012452).
- btrfs: fix em leak in find_first_block_group (bsc#1012452).
- btrfs: fix emptiness check for dirtied extent buffers at check_leaf() (bsc#1012452).
- btrfs: fix error handling in map_private_extent_buffer (bsc#1012452).
- btrfs: fix error return code in btrfs_init_test_fs() (bsc#1012452).
- btrfs: fix extent_same allowing destination offset beyond i_size (bsc#1012452).
- btrfs: fix free space calculation in dump_space_info() (bsc#1012452).
- btrfs: fix fsfreeze hang caused by delayed iputs deal (bsc#1012452).
- btrfs: fix fspath error deallocation (bsc#1012452).
- btrfs: fix handling of faults from btrfs_copy_from_user (bsc#1012452).
- btrfs: fix inode leak on failure to setup whiteout inode in rename (bsc#1020975).
- btrfs: fix int32 overflow in shrink_delalloc() (bsc#1012452).
- btrfs: Fix integer overflow when calculating bytes_per_bitmap (bsc#1012452).
- btrfs: fix invalid dereference in btrfs_retry_endio (bsc#1040395).
- btrfs: fix invalid reference in replace_path (bsc#1012452).
- btrfs: fix listxattrs not listing all xattrs packed in the same item (bsc#1012452).
- btrfs: fix lockdep deadlock warning due to dev_replace (bsc#1012452).
- btrfs: fix lockdep warning about log_mutex (bsc#1021455).
- btrfs: fix lock dep warning, move scratch dev out of device_list_mutex and uuid_mutex (bsc#1012452).
- btrfs: fix lock dep warning move scratch super outside of chunk_mutex (bsc#1012452).
- btrfs: fix lockdep warning on deadlock against an inode's log mutex (bsc#1021455).
- btrfs: fix __MAX_CSUM_ITEMS (bsc#1012452).
- btrfs: fix memory leak during RAID 5/6 device replacement (bsc#1012452).
- btrfs: fix memory leak of block group cache (bsc#1012452).
- btrfs: fix memory leak of reloc_root (bsc#1012452).
- btrfs: fix mixed block count of available space (bsc#1012452).
- btrfs: fix number of transaction units for renames with whiteout (bsc#1020975).
- btrfs: fix one bug that process may endlessly wait for ticket in wait_reserve_ticket() (bsc#1012452).
- btrfs: fix panic in balance due to EIO (bsc#1012452).
- btrfs: fix race between block group relocation and nocow writes (bsc#1012452).
- btrfs: fix race between device replace and block group removal (bsc#1012452).
- btrfs: fix race between device replace and chunk allocation (bsc#1012452).
- btrfs: fix race between device replace and discard (bsc#1012452).
- btrfs: fix race between device replace and read repair (bsc#1012452).
- btrfs: fix race between fsync and direct IO writes for prealloc extents (bsc#1012452).
- btrfs: fix race between readahead and device replace/removal (bsc#1012452).
- btrfs: fix race setting block group back to RW mode during device replace (bsc#1012452).
- btrfs: fix race setting block group readonly during device replace (bsc#1012452).
- btrfs: fix read_node_slot to return errors (bsc#1012452).
- btrfs: fix release reserved extents trace points (bsc#1012452).
- btrfs: fix segmentation fault when doing dio read (bsc#1040425).
- btrfs: Fix slab accounting flags (bsc#1012452).
- btrfs: fix truncate_space_check (bsc#1012452).
- btrfs: fix unexpected return value of fiemap (bsc#1012452).
- btrfs: fix unprotected assignment of the left cursor for device replace (bsc#1012452).
- btrfs: fix WARNING in btrfs_select_ref_head() (bsc#1012452).
- btrfs: flush_space: treat return value of do_chunk_alloc properly (bsc#1012452).
- btrfs: Force stripesize to the value of sectorsize (bsc#1012452).
- btrfs: free sys_array eb as soon as possible (bsc#1012452).
- btrfs: GFP_NOFS does not GFP_HIGHMEM (bsc#1012452).
- btrfs: Handle uninitialised inode eviction (bsc#1012452).
- btrfs: hide test-only member under ifdef (bsc#1012452).
- btrfs: improve check_node to avoid reading corrupted nodes (bsc#1012452).
- btrfs: Improve FL_KEEP_SIZE handling in fallocate (bsc#1012452).
- btrfs: incremental send, do not delay rename when parent inode is new (bsc#1028325).
- btrfs: incremental send, do not issue invalid rmdir operations (bsc#1028325).
- btrfs: introduce BTRFS_MAX_ITEM_SIZE (bsc#1012452).
- btrfs: introduce device delete by devid (bsc#1012452).
- btrfs: introduce raid-type to error-code table, for minimum device constraint (bsc#1012452).
- btrfs: introduce ticketed enospc infrastructure (bsc#1012452).
- btrfs: introduce tickets_id to determine whether asynchronous metadata reclaim work makes progress (bsc#1012452).
- btrfs: ioctl: reorder exclusive op check in RM_DEV (bsc#1012452).
- btrfs: kill BUG_ON in do_relocation (bsc#1012452).
- btrfs: kill BUG_ON in run_delayed_tree_ref (bsc#1012452).
- btrfs: kill BUG_ON()'s in btrfs_mark_extent_written (bsc#1012452).
- btrfs: kill invalid ASSERT() in process_all_refs() (bsc#1012452).
- btrfs: kill the start argument to read_extent_buffer_pages (bsc#1012452).
- btrfs: kill unused writepage_io_hook callback (bsc#1012452).
- btrfs: let callers of btrfs_alloc_root pass gfp flags (bsc#1012452).
- btrfs: Limit inline extents to root->sectorsize (bsc#1012452).
- btrfs: make find_workspace always succeed (bsc#1012452).
- btrfs: make find_workspace warn if there are no workspaces (bsc#1012452).
- btrfs: make mapping->writeback_index point to the last written page (bsc#1012452).
- btrfs: make state preallocation more speculative in __set_extent_bit (bsc#1012452).
- btrfs: make sure device is synced before return (bsc#1012452).
- btrfs: make sure we stay inside the bvec during __btrfs_lookup_bio_sums (bsc#1012452).
- btrfs: make use of btrfs_find_device_by_user_input() (bsc#1012452).
- btrfs: make use of btrfs_scratch_superblocks() in btrfs_rm_device() (bsc#1012452).
- btrfs: memset to avoid stale content in btree leaf (bsc#1012452).
- btrfs: memset to avoid stale content in btree node block (bsc#1012452).
- btrfs: move error handling code together in ctree.h (bsc#1012452).
- btrfs: optimize check for stale device (bsc#1012452).
- btrfs: Output more info for enospc_debug mount option (bsc#1012452).
- btrfs: parent_start initialization cleanup (bsc#1012452).
- btrfs: pass correct args to btrfs_async_run_delayed_refs() (bsc#1012452).
- btrfs: pass number of devices to btrfs_check_raid_min_devices (bsc#1012452).
- btrfs: pass the right error code to the btrfs_std_error (bsc#1012452).
- btrfs: pin log earlier when renaming (bsc#1020975).
- btrfs: pin logs earlier when doing a rename exchange operation (bsc#1020975).
- btrfs: preallocate compression workspaces (bsc#1012452).
- btrfs: Print Warning only if ENOSPC_DEBUG is enabled (bsc#1012452).
- btrfs: qgroup: Move half of the qgroup accounting time out of commit trans (bsc#1017461).
- btrfs: qgroups: Retry after commit on getting EDQUOT (bsc#1019614).
- btrfs: Ratelimit 'no csum found' info message (bsc#1012452).
- btrfs: reada: add all reachable mirrors into reada device list (bsc#1012452).
- btrfs: reada: Add missed segment checking in reada_find_zone (bsc#1012452).
- btrfs: reada: Avoid many times of empty loop (bsc#1012452).
- btrfs: reada: avoid undone reada extents in btrfs_reada_wait (bsc#1012452).
- btrfs: reada: bypass adding extent when all zone failed (bsc#1012452).
- btrfs: reada: Fix a debug code typo (bsc#1012452).
- btrfs: reada: Fix in-segment calculation for reada (bsc#1012452).
- btrfs: reada: ignore creating reada_extent for a non-existent device (bsc#1012452).
- btrfs: reada: Jump into cleanup in direct way for __readahead_hook() (bsc#1012452).
- btrfs: reada: limit max works count (bsc#1012452).
- btrfs: reada: Move is_need_to_readahead contition earlier (bsc#1012452).
- btrfs: reada: move reada_extent_put to place after __readahead_hook() (bsc#1012452).
- btrfs: reada: Pass reada_extent into __readahead_hook directly (bsc#1012452).
- btrfs: reada: reduce additional fs_info->reada_lock in reada_find_zone (bsc#1012452).
- btrfs: reada: Remove level argument in severial functions (bsc#1012452).
- btrfs: reada: simplify dev->reada_in_flight processing (bsc#1012452).
- btrfs: reada: Use fs_info instead of root in __readahead_hook's argument (bsc#1012452).
- btrfs: reada: use GFP_KERNEL everywhere (bsc#1012452).
- btrfs: readdir: use GFP_KERNEL (bsc#1012452).
- btrfs: refactor btrfs_dev_replace_start for reuse (bsc#1012452).
- btrfs: Refactor btrfs_lock_cluster() to kill compiler warning (bsc#1012452).
- btrfs: remove BUG() in raid56 (bsc#1012452).
- btrfs: remove BUG_ON in start_transaction (bsc#1012452).
- btrfs: remove BUG_ON()'s in btrfs_map_block (bsc#1012452).
- btrfs: remove build fixup for qgroup_account_snapshot (bsc#1012452).
- btrfs: remove redundant error check (bsc#1012452).
- btrfs: remove save_error_info() (bsc#1012452).
- btrfs: remove unnecessary btrfs_mark_buffer_dirty in split_leaf (bsc#1012452).
- btrfs: remove unused function btrfs_assert() (bsc#1012452).
- btrfs: rename and document compression workspace members (bsc#1012452).
- btrfs: rename btrfs_find_device_by_user_input (bsc#1012452).
- btrfs: rename btrfs_std_error to btrfs_handle_fs_error (bsc#1012452).
- btrfs: rename __check_raid_min_devices (bsc#1012452).
- btrfs: rename flags for vol args v2 (bsc#1012452).
- btrfs: reorg btrfs_close_one_device() (bsc#1012452).
- btrfs: Replace -ENOENT by -ERANGE in btrfs_get_acl() (bsc#1012452).
- btrfs: Reset IO error counters before start of device replacing (bsc#1012452).
- btrfs: reuse existing variable in scrub_stripe, reduce stack usage (bsc#1012452).
- btrfs: s_bdev is not null after missing replace (bsc#1012452).
- btrfs: scrub: Set bbio to NULL before calling btrfs_map_block (bsc#1012452).
- btrfs: scrub: use GFP_KERNEL on the submission path (bsc#1012452).
- btrfs: Search for all ordered extents that could span across a page (bsc#1012452).
- btrfs: send, fix failure to rename top level inode due to name collision (bsc#1028325).
- btrfs: send: silence an integer overflow warning (bsc#1012452).
- btrfs: send: use GFP_KERNEL everywhere (bsc#1012452).
- btrfs: send: use temporary variable to store allocation size (bsc#1012452).
- btrfs: send: use vmalloc only as fallback for clone_roots (bsc#1012452).
- btrfs: send: use vmalloc only as fallback for clone_sources_tmp (bsc#1012452).
- btrfs: send: use vmalloc only as fallback for read_buf (bsc#1012452).
- btrfs: send: use vmalloc only as fallback for send_buf (bsc#1012452).
- btrfs: serialize subvolume mounts with potentially mismatching rw flags (bsc#951844 bsc#1024015)
- btrfs: Simplify conditions about compress while mapping btrfs flags to inode flags (bsc#1012452).
- btrfs: sink gfp parameter to clear_extent_bits (bsc#1012452).
- btrfs: sink gfp parameter to clear_extent_dirty (bsc#1012452).
- btrfs: sink gfp parameter to clear_record_extent_bits (bsc#1012452).
- btrfs: sink gfp parameter to convert_extent_bit (bsc#1012452).
- btrfs: sink gfp parameter to set_extent_bits (bsc#1012452).
- btrfs: sink gfp parameter to set_extent_defrag (bsc#1012452).
- btrfs: sink gfp parameter to set_extent_delalloc (bsc#1012452).
- btrfs: sink gfp parameter to set_extent_new (bsc#1012452).
- btrfs: sink gfp parameter to set_record_extent_bits (bsc#1012452).
- btrfs: skip commit transaction if we do not have enough pinned bytes (bsc#1037186).
- btrfs: subpage-blocksize: Rate limit scrub error message (bsc#1012452).
- btrfs: switch to common message helpers in open_ctree, adjust messages (bsc#1012452).
- btrfs: switch to kcalloc in btrfs_cmp_data_prepare (bsc#1012452).
- btrfs: sysfs: protect reading label by lock (bsc#1012452).
- btrfs: test_check_exists: Fix infinite loop when searching for free space entries (bsc#987192).
- btrfs: trace pinned extents (bsc#1012452).
- btrfs: track transid for delayed ref flushing (bsc#1012452).
- btrfs: uapi/linux/btrfs.h migration, document subvol flags (bsc#1012452).
- btrfs: uapi/linux/btrfs.h migration, move balance flags (bsc#1012452).
- btrfs: uapi/linux/btrfs.h migration, move BTRFS_LABEL_SIZE (bsc#1012452).
- btrfs: uapi/linux/btrfs.h migration, move feature flags (bsc#1012452).
- btrfs: uapi/linux/btrfs.h migration, move struct btrfs_ioctl_defrag_range_args (bsc#1012452).
- btrfs: uapi/linux/btrfs.h migration, qgroup limit flags (bsc#1012452).
- btrfs: uapi/linux/btrfs_tree.h migration, item types and defines (bsc#1012452).
- btrfs: uapi/linux/btrfs_tree.h, use __u8 and __u64 (bsc#1012452).
- btrfs: unpin log if rename operation fails (bsc#1020975).
- btrfs: unpin logs if rename exchange operation fails (bsc#1020975).
- btrfs: unsplit printed strings (bsc#1012452).
- btrfs: untangle gotos a bit in __clear_extent_bit (bsc#1012452).
- btrfs: untangle gotos a bit in convert_extent_bit (bsc#1012452).
- btrfs: untangle gotos a bit in __set_extent_bit (bsc#1012452).
- btrfs: update btrfs_space_info's bytes_may_use timely (bsc#1012452).
- btrfs: Use correct format specifier (bsc#1012452).
- btrfs: use correct offset for reloc_inode in prealloc_file_extent_cluster() (bsc#1012452).
- btrfs: use dynamic allocation for root item in create_subvol (bsc#1012452).
- btrfs: Use (eb->start, seq) as search key for tree modification log (bsc#1012452).
- btrfs: use existing device constraints table btrfs_raid_array (bsc#1012452).
- btrfs: use FLUSH_LIMIT for relocation in reserve_metadata_bytes (bsc#1012452).
- btrfs: use fs_info directly (bsc#1012452).
- btrfs: use new error message helper in qgroup_account_snapshot (bsc#1012452).
- btrfs: use proper type for failrec in extent_state (bsc#1012452).
- btrfs: use root when checking need_async_flush (bsc#1012452).
- btrfs: use the correct struct for BTRFS_IOC_LOGICAL_INO (bsc#1012452).
- btrfs: Use __u64 in exported linux/btrfs.h (bsc#1012452).
- btrfs: warn_on for unaccounted spaces (bsc#1012452).
- ceph: check i_nlink while converting a file handle to dentry (bsc#1039864).
- ceph: Check that the new inode size is within limits in ceph_fallocate() (bsc#1037969).
- ceph: Correctly return NXIO errors from ceph_llseek (git-fixes).
- ceph: fix bad endianness handling in parse_reply_info_extra (bsc#1020488).
- ceph: fix file open flags on ppc64 (bsc#1022266).
- ceph: fix memory leak in __ceph_setxattr() (bsc#1036763).
- ceph: fix potential use-after-free (bsc#1043371).
- ceph: fix recursively call between ceph_set_acl and __ceph_setattr (bsc#1034902).
- ceph: memory leak in ceph_direct_read_write callback (bsc#1041810).
- cfq-iosched: fix the delay of cfq_group's vdisktime under iops mode (bsc#1012829).
- cgroup/pids: remove spurious suspicious RCU usage warning (bnc#1031831).
- cgroup: remove redundant cleanup in css_create (bsc#1012829).
- cifs: backport prepath matching fix (bsc#799133).
- cifs: small underflow in cnvrtDosUnixTm() (bnc#1043935).
- clk: Make x86/ conditional on CONFIG_COMMON_CLK (4.4.68 stable queue).
- clk: xgene: Add PMD clock (bsc#1019351).
- clk: xgene: Do not call __pa on ioremaped address (bsc#1019351).
- clk: xgene: Remove CLK_IS_ROOT (bsc#1019351).
- config: enable Ceph kernel client modules for ppc64le (fate#321098)
- config: enable Ceph kernel client modules for s390x (fate#321098)
- cpupower: Fix turbo frequency reporting for pre-Sandy Bridge cores (4.4.68 stable queue).
- crypto: algif_aead - Require setkey before accept(2) (bsc#1031717).
- crypto: algif_hash - avoid zero-sized array (bnc#1007962).
- crypto: drbg - do not call drbg_instantiate in healt test (bsc#1018913).
- crypto: drbg - remove FIPS 140-2 continuous test (bsc#1018913).
- crypto: FIPS - allow tests to be disabled in FIPS mode (bsc#1018913).
- crypto: qat - fix bar discovery for c62x (bsc#1021251).
- crypto: qat - zero esram only for DH85x devices (1021248).
- crypto: rsa - allow keys >= 2048 bits in FIPS mode (bsc#1018913).
- crypto: sha-mb - Fix load failure (bsc#1037384).
- crypto: xts - consolidate sanity check for keys (bsc#1018913).
- crypto: xts - fix compile errors (bsc#1018913).
- cxgb4: Add control net_device for configuring PCIe VF (bsc#1021424).
- cxgb4: Add llseek operation for flash debugfs entry (bsc#1021424).
- cxgb4: add new routine to get adapter info (bsc#1021424).
- cxgb4: Add PCI device ID for new adapter (bsc#1021424).
- cxgb4: Add port description for new cards (bsc#1021424).
- cxgb4: Add support to enable logging of firmware mailbox commands (bsc#1021424).
- cxgb4: Check for firmware errors in the mailbox command loop (bsc#1021424).
- cxgb4: correct device ID of T6 adapter (bsc#1021424).
- cxgb4/cxgb4vf: Add set VF mac address support (bsc#1021424).
- cxgb4/cxgb4vf: Allocate more queues for 25G and 100G adapter (bsc#1021424).
- cxgb4/cxgb4vf: Assign netdev->dev_port with port ID (bsc#1021424).
- cxgb4/cxgb4vf: Display 25G and 100G link speed (bsc#1021424).
- cxgb4/cxgb4vf: Remove deprecated module parameters (bsc#1021424).
- cxgb4: DCB message handler needs to use correct portid to netdev mapping (bsc#1021424).
- cxgb4: Decode link down reason code obtained from firmware (bsc#1021424).
- cxgb4: Do not assume FW_PORT_CMD reply is always port info msg (bsc#1021424).
- cxgb4: do not call napi_hash_del() (bsc#1021424).
- cxgb4: Do not sleep when mbox cmd is issued from interrupt context (bsc#1021424).
- cxgb4: Enable SR-IOV configuration via PCI sysfs interface (bsc#1021424).
- cxgb4: Fix issue while re-registering VF mgmt netdev (bsc#1021424).
- cxgb4: MU requested by Chelsio (bsc#1021424).
- cxgb4: Properly decode port module type (bsc#1021424).
- cxgb4: Refactor t4_port_init function (bsc#1021424).
- cxgb4: Reset dcb state machine and tx queue prio only if dcb is enabled (bsc#1021424).
- cxgb4: Support compressed error vector for T6 (bsc#1021424).
- cxgb4: Synchronize access to mailbox (bsc#1021424).
- cxgb4: update latest firmware version supported (bsc#1021424).
- cxgb4vf: do not offload Rx checksums for IPv6 fragments (bsc#1026692).
- dax: fix deadlock with DAX 4k holes (bsc#1012829).
- dax: fix device-dax region base (bsc#1023175).
- Delete previous two fixes for i915 (bsc#1019061). These upstream fixes brought some regressions, so better to revert for now.
- dell-laptop: Adds support for keyboard backlight timeout AC settings (bsc#1013561).
- device-dax: check devm_nsio_enable() return value (bsc#1023175).
- device-dax: fail all private mapping attempts (bsc#1023175).
- device-dax: fix percpu_ref_exit ordering (bsc#1023175).
- device-dax: fix private mapping restriction, permit read-only (bsc#1031717).
- Disable CONFIG_POWER_SUPPLY_DEBUG in debug kernel (bsc#1031500).
- dmaengine: dw: fix typo in Kconfig (bsc#1031717).
- dm: fix dm_target_io leak if clone_bio() returns an error (bsc#1040125).
- dm-mpath: fix race window in do_end_io() (bsc#1011044).
- dm round robin: do not use this_cpu_ptr() without having preemption disabled (bsc#1040125).
- dm verity fec: fix block calculation (bsc#1040125).
- dm verity fec: fix bufio leaks (bsc#1040125).
- dm verity fec: limit error correction recursion (bsc#1040125).
- drivers: base: dma-mapping: Fix typo in dmam_alloc_non_coherent comments (bsc#1031717).
- drivers: hv: util: do not forget to init host_ts.lock (bsc#1031206).
- drivers: hv: vmbus: finally fix hv_need_to_signal_on_read() (fate#320485, bug#1018385).
- drivers: hv: vmbus: Prevent sending data on a rescinded channel (fate#320485, bug#1028217).
- drivers: hv: vmbus: Raise retry/wait limits in vmbus_post_msg() (fate#320485, bsc#1023287, bsc#1028217).
- drivers: net: phy: mdio-xgene: Add hardware dependency (bsc#1019351).
- drivers: net: phy: xgene: Fix 'remove' function (bsc#1019351).
- drivers: net: xgene: Add change_mtu function (bsc#1019351).
- drivers: net: xgene: Add flow control configuration (bsc#1019351).
- drivers: net: xgene: Add flow control initialization (bsc#1019351).
- drivers: net: xgene: Add helper function (bsc#1019351).
- drivers: net: xgene: Add support for Jumbo frame (bsc#1019351).
- drivers: net: xgene: Configure classifier with pagepool (bsc#1019351).
- drivers: net: xgene: fix build after change_mtu function change (bsc#1019351).
- drivers: net: xgene: fix: Coalescing values for v2 hardware (bsc#1019351).
- drivers: net: xgene: fix: Disable coalescing on v1 hardware (bsc#1019351).
- drivers: net: xgene: Fix MSS programming (bsc#1019351).
- drivers: net: xgene: fix: RSS for non-TCP/UDP (bsc#1019351).
- drivers: net: xgene: fix: Use GPIO to get link status (bsc#1019351).
- drivers: net: xgene: uninitialized variable in xgene_enet_free_pagepool() (bsc#1019351).
- drivers/tty: 8250: only call fintek_8250_probe when doing port I/O (bsc#1031717).
- drm: Fix broken VT switch with video=1366x768 option (bsc#1018358).
- drm/i915: Add intel_uncore_suspend / resume functions (bsc#1011913).
- drm/i915: Disable tv output on i9x5gm (bsc#1039700).
- drm/i915: Do not init hpd polling for vlv and chv from runtime_suspend() (bsc#1014120).
- drm/i915: Do not touch NULL sg on i915_gem_object_get_pages_gtt() error (bsc#1031717).
- drm-i915-dp-Restore-PPS-HW-state-from-the-encoder-re
- drm/i915/dp: Restore PPS HW state from the encoder resume hook (bsc#1019061).
- drm/i915: Fix crash after S3 resume with DP MST mode change (bsc#1029634).
- drm/i915: Fix mismatched INIT power domain disabling during suspend (bsc#1031717).
- drm/i915: Fix watermarks for VLV/CHV (bsc#1011176).
- drm/i915: Force VDD off on the new power seqeuencer before starting to use it (bsc#1009674).
- drm/i915/gen9: Fix PCODE polling during CDCLK change notification (bsc#1015367).
- drm/i915: Introduce Kabypoint PCH for Kabylake H/DT (bsc#1032581).
- drm/i915: Listen for PMIC bus access notifications (bsc#1011913).
- drm/i915: Mark CPU cache as dirty when used for rendering (bsc#1015367).
- drm/i915: Mark i915_hpd_poll_init_work as static (bsc#1014120).
- drm/i915: Nuke debug messages from the pipe update critical section (bsc#1031717).
- drm/i915: Only enable hotplug interrupts if the display interrupts are enabled (bsc#1031717).
- drm-i915-Prevent-PPS-stealing-from-a-normal-DP-port
- drm/i915: Prevent PPS stealing from a normal DP port on VLV/CHV (bsc#1019061).
- drm/i915: Program iboost settings for HDMI/DVI on SKL (bsc#1031717).
- drm/i915: relax uncritical udelay_range() (bsc#1031717).
- drm/i915: relax uncritical udelay_range() settings (bsc#1031717).
- drm/i915: Use pagecache write to prepopulate shmemfs from pwrite-ioctl (bsc#1040463).
- drm/i915/vlv: Prevent enabling hpd polling in late suspend (bsc#1014120).
- drm/i915: Workaround for DP DPMS D3 on Dell monitor (bsc#1019061).
- drm/mgag200: Added support for the new device G200eH3 (bsc#1007959, fate#322780)
- drm/mgag200: Fix to always set HiPri for G200e4 (bsc#1015452, bsc#995542).
- drm/nouveau/tmr: fully separate alarm execution/pending lists (bsc#1043467).
- drm/ttm: fix use-after-free races in vm fault handling (4.4.68 stable queue).
- drm/vc4: Fix an integer overflow in temporary allocation layout (bsc#1021294).
- drm-vc4-Fix-an-integer-overflow-in-temporary-allocation-layout.patch
- drm/vc4: Return -EINVAL on the overflow checks failing (bsc#1021294).
- drm-vc4-Return-EINVAL-on-the-overflow-checks-failing.patch
- drm: virtio-gpu: get the fb from the plane state for atomic updates (bsc#1023101).
- e1000e: Do not return uninitialized stats (bug#1034635).
- edac, xgene: Fix spelling mistake in error messages (bsc#1019351).
- efi: Do not issue error message when booted under Xen (bnc#1036638).
- enic: set skb->hash type properly (bsc#922871 fate#318754).
- ext4: fix data corruption for mmap writes (bsc#1012829).
- ext4: fix data corruption with EXT4_GET_BLOCKS_ZERO (bsc#1012829).
- ext4: fix fencepost in s_first_meta_bg validation (bsc#1029986).
- ext4: fix use-after-iput when fscrypt contexts are inconsistent (bsc#1012829).
- f2fs: fix bad prefetchw of NULL page (bsc#1012829).
- f2fs: sanity check segment count (4.4.68 stable queue).
- Fix a regression reported by bsc#1020048 in patches.fixes/0003-md-lockless-I-O-submission-for-RAID1.patch (bsc#982783,bsc#998106,bsc#1020048).
- fnic: Return 'DID_IMM_RETRY' if rport is not ready (bsc#1035920).
- fs/block_dev: always invalidate cleancache in invalidate_bdev() (git-fixes).
- fs: fix data invalidation in the cleancache during direct IO (git-fixes).
- fs/xattr.c: zero out memory copied to userspace in getxattr (git-fixes).
- ftrace: Make ftrace_location_range() global (FATE#322421).
- fuse: fix clearing suid, sgid for chown() (bsc#1012829).
- futex: Add missing error handling to FUTEX_REQUEUE_PI (bsc#969755).
- futex: Fix potential use-after-free in FUTEX_REQUEUE_PI (bsc#969755).
- gpio: xgene: make explicitly non-modular (bsc#1019351).
- hid: usbhid: Quirk a AMI virtual mouse and keyboard with ALWAYS_POLL (bsc#1022340).
- hv: do not reset hv_context.tsc_page on crash (fate#320485, bnc#1007729).
- hv: export current Hyper-V clocksource (bsc#1031206).
- hv_utils: implement Hyper-V PTP source (bsc#1031206).
- i2c: designware-baytrail: Acquire P-Unit access on bus acquire (bsc#1011913).
- i2c: designware-baytrail: Call pmic_bus_access_notifier_chain (bsc#1011913).
- i2c: designware-baytrail: Fix race when resetting the semaphore (bsc#1011913).
- i2c: designware-baytrail: Only check iosf_mbi_available() for shared hosts (bsc#1011913).
- i2c: designware: Disable pm for PMIC i2c-bus even if there is no _SEM method (bsc#1011913).
- i2c: designware: fix wrong Tx/Rx FIFO for ACPI (bsc#1019351).
- i2c: designware: Implement support for SMBus block read and write (bsc#1019351).
- i2c-designware: increase timeout (bsc#1011913).
- i2c: designware: Never suspend i2c-busses used for accessing the system PMIC (bsc#1011913).
- i2c: designware: Rename accessor_flags to flags (bsc#1011913).
- i2c: xgene: Fix missing code of DTB support (bsc#1019351).
- i40e: Be much more verbose about what we can and cannot offload (bsc#985561).
- ib/addr: Fix setting source address in addr6_resolve() (bsc#1044082).
- ib/core: Fix kernel crash during fail to initialize device (bsc#1022595 FATE#322350).
- ib/core: For multicast functions, verify that LIDs are multicast LIDs (bsc#1022595 FATE#322350).
- ib/core: If the MGID/MLID pair is not on the list return an error (bsc#1022595 FATE#322350).
- ib/ipoib: Fix deadlock between ipoib_stop and mcast join flow (bsc#1022595 FATE#322350).
- ib/mlx5: Assign DSCP for R-RoCE QPs Address Path (bsc#966170 bsc#966172 bsc#966191).
- ib/mlx5: Check supported flow table size (bsc#966170 bsc#966172 bsc#966191).
- ib/mlx5: Enlarge autogroup flow table (bsc#966170 bsc#966172 bsc#966191).
- ib/mlx5: Fix kernel to user leak prevention logic (bsc#966170 bsc#966172 bsc#966191).
- ibmveth: calculate gso_segs for large packets (bsc#1019148).
- ibmveth: check return of skb_linearize in ibmveth_start_xmit (bsc#1019148).
- ibmveth: consolidate kmalloc of array, memset 0 to kcalloc (bsc#1019148).
- ibmveth: set correct gso_size and gso_type (bsc#1019148).
- ibmvnic: Activate disabled RX buffer pools on reset (bsc#1044767).
- ibmvnic: Add set_link_state routine for setting adapter link state (fate#322021, bsc#1031512).
- ibmvnic: Allocate number of rx/tx buffers agreed on by firmware (fate#322021, bsc#1031512).
- ibmvnic: Allocate zero-filled memory for sub crqs (fate#322021, bsc#1031512).
- ibmvnic: Call napi_disable instead of napi_enable in failure path (fate#322021, bsc#1031512).
- ibmvnic: Check adapter state during ibmvnic_poll (fate#322021, bsc#1040855).
- ibmvnic: Check for driver reset first in ibmvnic_xmit (fate#322021, bsc#1038297).
- ibmvnic: Cleanup failure path in ibmvnic_open (fate#322021, bsc#1031512).
- ibmvnic: Clean up tx pools when closing (fate#322021, bsc#1038297).
- ibmvnic: Client-initiated failover (bsc#1043990).
- ibmvnic: Continue skb processing after skb completion error (fate#322021, bsc#1038297).
- ibmvnic: Correct crq and resource releasing (fate#322021, bsc#1031512).
- ibmvnic: Correct ibmvnic handling of device open/close (fate#322021, bsc#1031512).
- ibmvnic: Create init and release routines for the bounce buffer (fate#322021, bsc#1031512).
- ibmvnic: Create init and release routines for the rx pool (fate#322021, bsc#1031512).
- ibmvnic: Create init and release routines for the tx pool (fate#322021, bsc#1031512).
- ibmvnic: Create init/release routines for stats token (fate#322021, bsc#1031512).
- ibmvnic: Deactivate RX pool buffer replenishment on H_CLOSED (fate#322021, bsc#1040855).
- ibmvnic: Delete napi's when releasing driver resources (fate#322021, bsc#1038297).
- ibmvnic: Disable irq prior to close (fate#322021, bsc#1031512).
- ibmvnic: Do not disable IRQ after scheduling tasklet (fate#322021, bsc#1031512).
- ibmvnic: driver initialization for kdump/kexec (bsc#1044772).
- ibmvnic: Ensure that TX queues are disabled in __ibmvnic_close (bsc#1044767).
- ibmvnic: Exit polling routine correctly during adapter reset (bsc#1044767).
- ibmvnic: Fix cleanup of SKB's on driver close (fate#322021, bsc#1040855).
- ibmvnic: Fix endian errors in error reporting output (fate#322021, bsc#1031512).
- ibmvnic: Fix endian error when requesting device capabilities (fate#322021, bsc#1031512).
- ibmvnic: Fix ibmvnic_change_mac_addr struct format (fate#322021, bsc#1031512).
- ibmvnic: Fix initial MTU settings (bsc#1031512).
- ibmvnic: fix missing unlock on error in __ibmvnic_reset() (fate#322021, bsc#1038297, Fixes: ed651a10875f).
- ibmvnic: Fix overflowing firmware/hardware TX queue (fate#322021, bsc#1031512).
- ibmvnic: Fixup atomic API usage (fate#322021, bsc#1031512).
- ibmvnic: Free skb's in cases of failure in transmit (fate#322021, bsc#1031512).
- ibmvnic: Free tx/rx scrq pointer array when releasing sub-crqs (fate#322021, bsc#1031512).
- ibmvnic: Halt TX and report carrier off on H_CLOSED return code (fate#322021, bsc#1040855).
- ibmvnic: Handle failover after failed init crq (fate#322021, bsc#1040855).
- ibmvnic: Handle processing of CRQ messages in a tasklet (fate#322021, bsc#1031512).
- ibmvnic: Initialize completion variables before starting work (fate#322021, bsc#1031512).
- ibmvnic: Insert header on VLAN tagged received frame (fate#322021, bsc#1031512).
- ibmvnic: Make CRQ interrupt tasklet wait for all capabilities crqs (fate#322021, bsc#1031512).
- ibmvnic: Merge the two release_sub_crq_queue routines (fate#322021, bsc#1031512).
- ibmvnic: Move ibmvnic adapter intialization to its own routine (fate#322021, bsc#1031512).
- ibmvnic: Move initialization of sub crqs to ibmvnic_init (fate#322021, bsc#1031512).
- ibmvnic: Move initialization of the stats token to ibmvnic_open (fate#322021, bsc#1031512).
- ibmvnic: Move login and queue negotiation into ibmvnic_open (fate#322021, bsc#1031512).
- ibmvnic: Move login to its own routine (fate#322021, bsc#1031512).
- ibmvnic: Move queue restarting in ibmvnic_tx_complete (fate#322021, bsc#1038297).
- ibmvnic: Move resource initialization to its own routine (fate#322021, bsc#1038297).
- ibmvnic: Non-fatal error handling (fate#322021, bsc#1040855).
- ibmvnic: Only retrieve error info if present (fate#322021, bsc#1031512).
- ibmvnic: Record SKB RX queue during poll (fate#322021, bsc#1038297).
- ibmvnic: Remove debugfs support (fate#322021, bsc#1031512).
- ibmvnic: Remove inflight list (fate#322021, bsc#1031512).
- ibmvnic: Remove netdev notify for failover resets (bsc#1044120).
- ibmvnic: Remove unused bouce buffer (fate#322021, bsc#1031512).
- ibmvnic: Remove VNIC_CLOSING check from pending_scrq (bsc#1044767).
- ibmvnic: Replace is_closed with state field (fate#322021, bsc#1038297).
- ibmvnic: Report errors when failing to release sub-crqs (fate#322021, bsc#1031512).
- ibmvnic: Reset sub-crqs during driver reset (fate#322021, bsc#1040855).
- ibmvnic: Reset the CRQ queue during driver reset (fate#322021, bsc#1040855).
- ibmvnic: Reset tx/rx pools on driver reset (fate#322021, bsc#1040855).
- ibmvnic: Return failure on attempted mtu change (bsc#1043236).
- ibmvnic: Sanitize entire SCRQ buffer on reset (bsc#1044767).
- ibmvnic: Send gratuitous arp on reset (fate#322021, bsc#1040855).
- ibmvnic: Set real number of rx queues (fate#322021, bsc#1031512).
- ibmvnic: Split initialization of scrqs to its own routine (fate#322021, bsc#1031512).
- ibmvnic: Track state of adapter napis (fate#322021, bsc#1040855).
- ibmvnic: Unmap longer term buffer before free (fate#322021, bsc#1031512).
- ibmvnic: Updated reset handling (fate#322021, bsc#1038297).
- ibmvnic: Update main crq initialization and release (fate#322021, bsc#1031512).
- ibmvnic: Use common counter for capabilities checks (fate#322021, bsc#1031512).
- ibmvnic: use max_mtu instead of req_mtu for MTU range check (bsc#1031512).
- ibmvnic: Validate napi exist before disabling them (fate#322021, bsc#1031512).
- ibmvnic: Wait for any pending scrqs entries at driver close (fate#322021, bsc#1038297).
- ibmvnic: Whitespace correction in release_rx_pools (fate#322021, bsc#1038297).
- iio: hid-sensor: Store restore poll and hysteresis on S3 (bsc#1031717).
- infiniband: avoid dereferencing uninitialized dst on error path (git-fixes).
- iommu/arm-smmu: Disable stalling faults for all endpoints (bsc#1038843).
- iommu/dma: Respect IOMMU aperture when allocating (bsc#1038842).
- iommu/exynos: Block SYSMMU while invalidating FLPD cache (bsc#1038848).
- iommu: Handle default domain attach failure (bsc#1038846).
- iommu/vt-d: Do not over-free page table directories (bsc#1038847).
- iommu/vt-d: Make sure IOMMUs are off when intel_iommu=off (bsc#1031208).
- ipv4, ipv6: ensure raw socket message is big enough to hold an IP header (4.4.68 stable queue).
- ipv6: Do not use ufo handling on later transformed packets (bsc#1042286).
- ipv6: fix endianness error in icmpv6_err (bsc#1042286).
- ipv6: initialize route null entry in addrconf_init() (4.4.68 stable queue).
- ipv6: release dst on error in ip6_dst_lookup_tail (git-fixes).
- ipv6: reorder ip6_route_dev_notifier after ipv6_dev_notf (4.4.68 stable queue).
- isa: Call isa_bus_init before dependent ISA bus drivers register (bsc#1031717).
- iscsi-target: Return error if unable to add network portal (bsc#1032803).
- iw_cxgb4: Guard against null cm_id in dump_ep/qp (bsc#1026570).
- iwlwifi: Expose the default fallback ucode API to module info (boo#1021082, boo#1023884).
- jump label: fix passing kbuild_cflags when checking for asm goto support (git-fixes).
- kabi: Hide new include in arch/powerpc/kernel/process.c (fate#322421).
- kABI: move and hide new cxgbi device owner field (bsc#1018885).
- kABI: protect cgroup include in kernel/kthread (kabi).
- kABI: protect struct fib_info (kabi).
- kABI: protect struct iscsi_conn (kabi).
- kABI: protect struct mnt_namespace (kabi).
- kABI: protect struct musb_platform_ops (kabi).
- kABI: protect struct pglist_data (kabi).
- kABI: protect struct se_node_acl (kabi).
- kABI: protect struct snd_fw_async_midi_port (kabi).
- kABI: protect struct tcp_fastopen_cookie (kabi).
- kABI: protect struct user_fpsimd_state (kabi).
- kABI: protect struct wake_irq (kabi).
- kABI: protect struct xhci_hcd (kabi).
- kABI: protect struct xlog (bsc#1043598).
- kABI: restore can_rx_register parameters (kabi).
- kABI: restore ttm_ref_object_add parameters (kabi).
- kABI workaround 4.4.65 adding #include <linux/mount.h> to kernel/sysctl.c
- kabi workaround for net: ipv6: Fix processing of RAs in presence of VRF (bsc#1042286).
- kernel-binary.spec: Propagate MAKE_ARGS to %build (bsc#1012422)
- kernel: Fix invalid domain response handling (bnc#1009718, LTC#149851).
- kgraft/iscsi-target: Do not block kGraft in iscsi_np kthread (bsc#1010612, fate#313296).
- kgraft/xen: Do not block kGraft in xenbus kthread (bsc#1017410, fate#313296).
- kgr: Mark eeh_event_handler() kthread safe using a timeout (bsc#1031662).
- kgr/module: make a taint flag module-specific (fate#313296).
- kgr: remove all arch-specific kgraft header files (fate#313296).
- kprobes/x86: Fix kernel panic when certain exception-handling addresses are probed (4.4.68 stable queue).
- kvm: better MWAIT emulation for guests (bsc#1031142).
- kvm: nVMX: do not leak PML full vmexit to L1 (4.4.68 stable queue).
- kvm: nVMX: initialize PML fields in vmcs02 (4.4.68 stable queue).
- kvm: svm: add support for RDTSCP (bsc#1033117).
- l2tp: fix address test in __l2tp_ip6_bind_lookup() (bsc#1028415).
- l2tp: fix lookup for sockets not bound to a device in l2tp_ip (bsc#1028415).
- l2tp: fix race in l2tp_recv_common() (bsc#1042286).
- l2tp: fix racy socket lookup in l2tp_ip and l2tp_ip6 bind() (bsc#1028415).
- l2tp: hold socket before dropping lock in l2tp_ip{, 6}_recv() (bsc#1028415).
- l2tp: hold tunnel socket when handling control frames in l2tp_ip and l2tp_ip6 (bsc#1028415).
- l2tp: lock socket before checking flags in connect() (bsc#1028415).
- leds: ktd2692: avoid harmless maybe-uninitialized warning (4.4.68 stable queue).
- libata-scsi: Fixup ata_gen_passthru_sense() (bsc#1040125).
- libceph: NULL deref on crush_decode() error path (bsc#1044015).
- libcxgb: add library module for Chelsio drivers (bsc#1021424).
- lib/mpi: mpi_read_raw_data(): fix nbits calculation (bsc#1003581).
- lib/mpi: mpi_read_raw_data(): purge redundant clearing of nbits (bsc#1003581).
- lib/mpi: mpi_read_raw_from_sgl(): do not include leading zero SGEs in nbytes (bsc#1003581).
- lib/mpi: mpi_read_raw_from_sgl(): fix nbits calculation (bsc#1003581).
- lib/mpi: mpi_read_raw_from_sgl(): fix out-of-bounds buffer access (bsc#1003581).
- lib/mpi: mpi_read_raw_from_sgl(): purge redundant clearing of nbits (bsc#1003581).
- lib/mpi: mpi_read_raw_from_sgl(): replace len argument by nbytes (bsc#1003581).
- lib/mpi: mpi_read_raw_from_sgl(): sanitize meaning of indices (bsc#1003581).
- libnvdimm, pfn: fix align attribute (bsc#1023175).
- libnvdimm, pfn: fix memmap reservation size versus 4K alignment (bsc#1031717).
- libnvdimm, pfn: fix 'npfns' vs section alignment (bsc#1040125).
- livepatch: Allow architectures to specify an alternate ftrace location (FATE#322421).
- locking/semaphore: Add down_interruptible_timeout() (bsc#1031662).
- locking/ww_mutex: Fix compilation of __WW_MUTEX_INITIALIZER (bsc#1031717).
- lpfc: remove incorrect lockdep assertion (bsc#1040125).
- mailbox: xgene-slimpro: Fix wrong test for devm_kzalloc (bsc#1019351).
- md: allow creation of mdNNN arrays via md_mod/parameters/new_array (bsc#1032339).
- md.c:didn't unlock the mddev before return EINVAL in array_size_store (bsc#1038143).
- md-cluster: convert the completion to wait queue (fate#316335).
- md-cluster: fix potential lock issue in add_new_disk (bsc#1041087).
- md-cluster: protect md_find_rdev_nr_rcu with rcu lock (fate#316335).
- md: ensure md devices are freed before module is unloaded (bsc#1022304).
- md: fix refcount problem on mddev when stopping array (bsc#1022304).
- md: handle read-only member devices better (bsc#1033281).
- md linear: fix a race between linear_add() and linear_congested() (bsc#1018446).
- md: MD_CLOSING needs to be cleared after called md_set_readonly or do_md_stop (bsc#1038142).
- md/raid1: add rcu protection to rdev in fix_read_error (References: bsc#998106,bsc#1020048,bsc#982783).
- md/raid1: avoid reusing a resync bio after error handling (Fate#311379).
- md/raid1: fix a use-after-free bug (bsc#998106,bsc#1020048,bsc#982783).
- md/raid1: handle flush request correctly (bsc#998106,bsc#1020048,bsc#982783).
- md/raid1: Refactor raid1_make_request (bsc#998106,bsc#1020048,bsc#982783).
- md: support disabling of create-on-open semantics (bsc#1032339).
- media: am437x-vpfe: fix an uninitialized variable bug (bsc#1031717).
- media: b2c2: use IS_REACHABLE() instead of open-coding it (bsc#1031717).
- media: c8sectpfe: Rework firmware loading mechanism (bsc#1031717).
- media: cx231xx-audio: fix NULL-deref at probe (bsc#1031717).
- media: cx231xx-cards: fix NULL-deref at probe (bsc#1031717).
- media: cx23885: uninitialized variable in cx23885_av_work_handler() (bsc#1031717).
- media: DaVinci-VPBE: Check return value of a setup_if_config() call in vpbe_set_output() (bsc#1031717).
- media: DaVinci-VPFE-Capture: fix error handling (bsc#1031717).
- media: dib0700: fix NULL-deref at probe (bsc#1031717).
- media: dvb-usb: avoid link error with dib3000m{b,c| (bsc#1031717).
- media: exynos4-is: fix a format string bug (bsc#1031717).
- media: gspca: konica: add missing endpoint sanity check (bsc#1031717).
- media: lirc_imon: do not leave imon_probe() with mutex held (bsc#1031717).
- media: pvrusb2: reduce stack usage pvr2_eeprom_analyze() (bsc#1031717).
- media: rc: allow rc modules to be loaded if rc-main is not a module (bsc#1031717).
- media: s5p-mfc: Fix unbalanced call to clock management (bsc#1031717).
- media: sh-vou: clarify videobuf2 dependency (bsc#1031717).
- media: staging: media: davinci_vpfe: unlock on error in vpfe_reqbufs() (bsc#1031717).
- media: usbvision: fix NULL-deref at probe (bsc#1031717).
- media: uvcvideo: Fix empty packet statistic (bsc#1031717).
- media: uvcvideo: uvc_scan_fallback() for webcams with broken chain (bsc#1021474).
- media: vb2: Fix an off by one error in 'vb2_plane_vaddr' (bsc#1043231).
- mem-hotplug: fix node spanned pages when we have a movable node (bnc#1034671).
- mips: R2-on-R6 MULTU/MADDU/MSUBU emulation bugfix (4.4.68 stable queue).
- mlx4: Fix memory leak after mlx4_en_update_priv() (bsc#966170 bsc#966172 bsc#966191).
- mmc: debugfs: correct wrong voltage value (bsc#1031717).
- mmc: Downgrade error level (bsc#1042536).
- mm,compaction: serialize waitqueue_active() checks (bsc#971975).
- mmc: sdhci-of-arasan: Remove no-hispd and no-cmd23 quirks for sdhci-arasan4.9a (bsc#1019351).
- mmc: sdhci-pxav3: fix higher speed mode capabilities (bsc#1031717).
- mmc: sdhci: restore behavior when setting VDD via external regulator (bsc#1031717).
- mm: fix <linux/pagemap.h> stray kernel-doc notation (bnc#971975 VM -- git fixes).
- mm: fix set pageblock migratetype in deferred struct page init (bnc#1027195).
- mm/huge_memory.c: respect FOLL_FORCE/FOLL_COW for thp (bnc#1030118).
- mm/hugetlb: check for reserved hugepages during memory offline (bnc#971975 VM -- git fixes).
- mm/hugetlb: fix incorrect hugepages count during mem hotplug (bnc#971975 VM -- git fixes).
- mm/memblock.c: fix memblock_next_valid_pfn() (bnc#1031200).
- mm, memcg: do not retry precharge charges (bnc#1022559).
- mm, page_alloc: fix check for NULL preferred_zone (bnc#971975 VM performance -- page allocator).
- mm, page_alloc: fix fast-path race with cpuset update or removal (bnc#971975 VM performance -- page allocator).
- mm, page_alloc: fix premature OOM when racing with cpuset mems update (bnc#971975 VM performance -- page allocator).
- mm, page_alloc: keep pcp count and list contents in sync if struct page is corrupted (bnc#971975 VM performance -- page allocator).
- mm, page_alloc: move cpuset seqcount checking to slowpath (bnc#971975 VM performance -- page allocator).
- mm/page_alloc: Remove useless parameter of __free_pages_boot_core (bnc#1027195).
- mm: page_alloc: skip over regions of invalid pfns where possible (bnc#1031200).
- module: fix memory leak on early load_module() failures (bsc#1043014).
- module: move add_taint_module() to a header file (fate#313296).
- mountproto.patch: Add commit id
- mwifiex: add missing check for PCIe8997 chipset (bsc#1018813).
- mwifiex: Avoid skipping WEP key deletion for AP (4.4.68 stable queue).
- mwifiex: debugfs: Fix (sometimes) off-by-1 SSID print (4.4.68 stable queue).
- mwifiex: fix IBSS data path issue (bsc#1018813).
- mwifiex: fix PCIe register information for 8997 chipset (bsc#1018813).
- mwifiex: pcie: fix cmd_buf use-after-free in remove/reset (bsc#1031717).
- mwifiex: Removed unused 'pkt_type' variable (bsc#1031717).
- mwifiex: remove redundant dma padding in AMSDU (4.4.68 stable queue).
- mwifiex: Remove unused 'bcd_usb' variable (bsc#1031717).
- mwifiex: Remove unused 'chan_num' variable (bsc#1031717).
- mwifiex: Remove unused 'pm_flag' variable (bsc#1031717).
- mwifiex: Remove unused 'sta_ptr' variable (bsc#1031717).
- net/af_iucv: do not use paged skbs for TX on HiperSockets (bnc#1020945, LTC#150566).
- net: bridge: start hello timer only if device is up (bnc#1012382).
- net/ena: change condition for host attribute configuration (bsc#1026509).
- net/ena: change driver's default timeouts (bsc#1026509).
- net: ena: change the return type of ena_set_push_mode() to be void (bsc#1026509).
- net: ena: Fix error return code in ena_device_init() (bsc#1026509).
- net/ena: fix ethtool RSS flow configuration (bsc#1026509).
- net/ena: fix NULL dereference when removing the driver after device reset failed (bsc#1026509).
- net/ena: fix potential access to freed memory during device reset (bsc#1026509).
- net/ena: fix queues number calculation (bsc#1026509).
- net/ena: fix RSS default hash configuration (bsc#1026509).
- net/ena: reduce the severity of ena printouts (bsc#1026509).
- net/ena: refactor ena_get_stats64 to be atomic context safe (bsc#1026509).
- net/ena: remove ntuple filter support from device feature list (bsc#1026509).
- net: ena: remove superfluous check in ena_remove() (bsc#1026509).
- net: ena: Remove unnecessary pci_set_drvdata() (bsc#1026509).
- net/ena: update driver version to 1.1.2 (bsc#1026509).
- net/ena: use READ_ONCE to access completion descriptors (bsc#1026509).
- net: ena: use setup_timer() and mod_timer() (bsc#1026509).
- net: ethernet: apm: xgene: use phydev from struct net_device (bsc#1019351).
- net: ethtool: Initialize buffer when querying device channel settings (bsc#969479 FATE#320634).
- netfilter: allow logging from non-init namespaces (bsc#970083).
- netfilter: nf_conntrack_sip: extend request line validation (bsc#1042286).
- netfilter: nf_ct_expect: remove the redundant slash when policy name is empty (bsc#1042286).
- netfilter: nf_dup_ipv6: set again FLOWI_FLAG_KNOWN_NH at flowi6_flags (bsc#1042286).
- netfilter: nf_nat_snmp: Fix panic when snmp_trap_helper fails to register (bsc#1042286).
- netfilter: nfnetlink_queue: reject verdict request from different portid (bsc#1042286).
- netfilter: restart search if moved to other chain (bsc#1042286).
- netfilter: use fwmark_reflect in nf_send_reset (bsc#1042286).
- net: fix compile error in skb_orphan_partial() (bnc#1012382).
- net: ibmvnic: Remove unused net_stats member from struct ibmvnic_adapter (fate#322021, bsc#1031512).
- net: icmp_route_lookup should use rt dev to determine L3 domain (bsc#1042286).
- net: implement netif_cond_dbg macro (bsc#1019168).
- net: ipv6: Fix processing of RAs in presence of VRF (bsc#1042286).
- net: ipv6: set route type for anycast routes (bsc#1042286).
- net: l3mdev: Add master device lookup by index (bsc#1042286).
- net: make netdev_for_each_lower_dev safe for device removal (bsc#1042286).
- net/mlx4_core: Avoid command timeouts during VF driver device shutdown (bsc#1028017).
- net/mlx4_core: Avoid delays during VF driver device shutdown (bsc#1028017).
- net/mlx4_core: Fix racy CQ (Completion Queue) free (bsc#1028017).
- net/mlx4_core: Fix when to save some qp context flags for dynamic VST to VGT transitions (bsc#1028017).
- net/mlx4_core: Use cq quota in SRIOV when creating completion EQs (bsc#1028017).
- net/mlx4_en: Fix bad WQE issue (bsc#1028017).
- net/mlx5: Do not unlock fte while still using it (bsc#966170 bsc#966172 bsc#966191).
- net/mlx5e: Modify TIRs hash only when it's needed (bsc#966170 bsc#966172 bsc#966191).
- net/mlx5: Fix create autogroup prev initializer (bsc#966170 bsc#966172 bsc#966191).
- net/mlx5: Prevent setting multicast macs for VFs (bsc#966170 bsc#966172 bsc#966191).
- net/mlx5: Release FTE lock in error flow (bsc#966170 bsc#966172 bsc#966191).
- net: remove useless memset's in drivers get_stats64 (bsc#1019351).
- net: vrf: Create FIB tables on link create (bsc#1042286).
- net: vrf: Fix crash when IPv6 is disabled at boot time (bsc#1042286).
- net: vrf: Fix dev refcnt leak due to IPv6 prefix route (bsc#1042286).
- net: vrf: Fix dst reference counting (bsc#1042286).
- net: vrf: protect changes to private data with rcu (bsc#1042286).
- net: vrf: Switch dst dev to loopback on device delete (bsc#1042286).
- netvsc: add rcu_read locking to netvsc callback (fate#320485).
- netxen_nic: set rcode to the return status from the call to netxen_issue_cmd (bsc#966339 FATE#320150).
- net: xgene: avoid bogus maybe-uninitialized warning (bsc#1019351).
- net: xgene: fix backward compatibility fix (bsc#1019351).
- net/xgene: fix error handling during reset (bsc#1019351).
- net: xgene: move xgene_cle_ptree_ewdn data off stack (bsc#1019351).
- nfit: fail DSMs that return non-zero status by default (bsc#1023175).
- nfsd4: minor NFSv2/v3 write decoding cleanup (bsc#1034670).
- nfsd: check for oversized NFSv2/v3 arguments (bsc#1034670).
- nfs: do not try to cross a mountpount when there isn't one there (bsc#1028041).
- nfsd: stricter decoding of write-like NFSv2/v3 ops (bsc#1034670).
- nfs: Fix an LOCK/OPEN race when unlinking an open file (git-fixes).
- nfs: Fix 'Do not increment lock sequence ID after NFS4ERR_MOVED' (git-fixes).
- nfs: Fix inode corruption in nfs_prime_dcache() (git-fixes).
- nfs: Fix missing pg_cleanup after nfs_pageio_cond_complete() (git-fixes).
- nfs: Fix NFS4 nfs4_do_reclaim() might_sleep()/scheduling while atomic splats. Bug exists in all RT trees >= v3.16, was spotted/fixed in v4.8-rt, but with no stable-rt backport. Pick it up.
- nfs: flush out dirty data on file fput() (bsc#1021762).
- nfs: Use GFP_NOIO for two allocations in writeback (git-fixes).
- nfsv4.1: Fix Oopsable condition in server callback races (git-fixes).
- nfsv4: fix a reference leak caused WARNING messages (git-fixes).
- nfsv4: Fix the underestimation of delegation XDR space reservation (git-fixes).
- nsfs: mark dentry with DCACHE_RCUACCESS (bsc#1012829).
- nvdimm: kabi protect nd_cmd_out_size() (bsc#1023175).
- nvme: apply DELAY_BEFORE_CHK_RDY quirk at probe time too (bsc#1020685).
- nvme: Delete created IO queues on reset (bsc#1031717).
- nvme: Do not suspend admin queue that wasn't created (bsc#1026505).
- nvme: submit nvme_admin_activate_fw to admin queue (bsc#1044532).
- nvme: Suspend all queues before deletion (bsc#1026505).
- ocfs2/dlmglue: prepare tracking logic to avoid recursive cluster lock (bsc#1004003).
- ocfs2: fix deadlock issue when taking inode lock at vfs entry points (bsc#1004003).
- overlayfs: compat, fix incorrect dentry use in ovl_rename2 (bsc#1032400).
- overlayfs: compat, use correct dentry to detect compat mode in ovl_compat_is_whiteout (bsc#1032400).
- pci: Add devm_request_pci_bus_resources() (bsc#1019351).
- pci/AER: include header file (bsc#964944,FATE#319965).
- pci: generic: Fix pci_remap_iospace() failure path (bsc#1019630).
- pci: hv: Fix wslot_to_devfn() to fix warnings on device removal (fate#320485, bug#1028217).
- pci: hv: Use device serial number as PCI domain (fate#320485, bug#1028217).
- pci: pciehp: Prioritize data-link event over presence detect (bsc#1031040,bsc#1037483).
- pci: Reverse standard ACS vs device-specific ACS enabling (bsc#1030057).
- pci: Work around Intel Sunrise Point PCH incorrect ACS capability (bsc#1030057).
- pci: xgene: Add local struct device pointers (bsc#1019351).
- pci: xgene: Add register accessors (bsc#1019351).
- pci: xgene: Free bridge resource list on failure (bsc#1019351).
- pci: xgene: Make explicitly non-modular (bsc#1019351).
- pci: xgene: Pass struct xgene_pcie_port to setup functions (bsc#1019351).
- pci: xgene: Remove unused platform data (bsc#1019351).
- pci: xgene: Request host bridge window resources (bsc#1019351).
- percpu: remove unused chunk_alloc parameter from pcpu_get_pages() (bnc#971975 VM -- git fixes).
- perf/x86/intel/rapl: Make Knights Landings support functional (bsc#1042517).
- perf/x86/intel/uncore: Remove SBOX support for Broadwell server (bsc#1035887).
- perf: xgene: Remove bogus IS_ERR() check (bsc#1019351).
- phy: qcom-usb-hs: Add depends on EXTCON (4.4.68 stable queue).
- phy: xgene: rename 'enum phy_mode' to 'enum xgene_phy_mode' (bsc#1019351).
- pid_ns: Sleep in TASK_INTERRUPTIBLE in zap_pid_ns_processes (bnc#1012985).
- ping: implement proper locking (bsc#1031003).
- pkcs#7: fix missing break on OID_sha224 case (bsc#1031717).
- platform/x86: fujitsu-laptop: use brightness_set_blocking for LED-setting callbacks (bsc#1031717).
- pm / QoS: Fix memory leak on resume_latency.notifiers (bsc#1043231).
- pm / wakeirq: Enable dedicated wakeirq for suspend (bsc#1031717).
- pm / wakeirq: Fix spurious wake-up events for dedicated wakeirqs (bsc#1031717).
- pm / wakeirq: report a wakeup_event on dedicated wekup irq (bsc#1031717).
- power: bq27xxx: fix register numbers of bq27500 (bsc#1031717).
- powerpc/64: Fix flush_(d|i)cache_range() called from modules (bnc#863764 fate#315275, LTC#103998).
- powerpc: Blacklist GCC 5.4 6.1 and 6.2 (boo#1028895).
- powerpc: Create a helper for getting the kernel toc value (FATE#322421).
- powerpc/fadump: Fix the race in crash_fadump() (bsc#1022971).
- powerpc/fadump: Reserve memory at an offset closer to bottom of RAM (bsc#1032141).
- powerpc/fadump: Update fadump documentation (bsc#1032141).
- powerpc/ftrace: Add Kconfig & Make glue for mprofile-kernel (FATE#322421).
- powerpc/ftrace: Add support for -mprofile-kernel ftrace ABI (FATE#322421).
- powerpc/ftrace: Use $(CC_FLAGS_FTRACE) when disabling ftrace (FATE#322421).
- powerpc/ftrace: Use generic ftrace_modify_all_code() (FATE#322421).
- powerpc: introduce TIF_KGR_IN_PROGRESS thread flag (FATE#322421).
- powerpc/livepatch: Add livepatch header (FATE#322421).
- powerpc/livepatch: Add live patching support on ppc64le (FATE#322421).
- powerpc/livepatch: Add livepatch stack to struct thread_info (FATE#322421).
- powerpc/module: Create a special stub for ftrace_caller() (FATE#322421).
- powerpc/module: Mark module stubs with a magic value (FATE#322421).
- powerpc/module: Only try to generate the ftrace_caller() stub once (FATE#322421).
- powerpc/modules: Never restore r2 for a mprofile-kernel style mcount() call (FATE#322421).
- powerpc/powernv: Fix opal_exit tracepoint opcode (4.4.68 stable queue).
- power: reset: xgene-reboot: Unmap region obtained by of_iomap (bsc#1019351).
- power: supply: bq24190_charger: Call power_supply_changed() for relevant component (4.4.68 stable queue).
- power: supply: bq24190_charger: Call set_mode_host() on pm_resume() (4.4.68 stable queue).
- power: supply: bq24190_charger: Do not read fault register outside irq_handle_thread() (4.4.68 stable queue).
- power: supply: bq24190_charger: Fix irq trigger to IRQF_TRIGGER_FALLING (4.4.68 stable queue).
- power: supply: bq24190_charger: Handle fault before status on interrupt (4.4.68 stable queue).
- power: supply: bq24190_charger: Install irq_handler_thread() at end of probe() (4.4.68 stable queue).
- printk: Switch to the sync mode when an emergency message is printed (bsc#1034995).
- qeth: check not more than 16 SBALEs on the completion queue (bnc#1009718, LTC#148203).
- quota: fill in Q_XGETQSTAT inode information for inactive quotas (bsc#1042356).
- radix-tree: fix radix_tree_iter_retry() for tagged iterators (bsc#1012829).
- raid1: a new I/O barrier implementation to remove resync window (bsc#998106,bsc#1020048,bsc#982783).
- raid1: avoid unnecessary spin locks in I/O barrier code (bsc#998106,bsc#1020048,bsc#982783).
- raid1: ignore discard error (bsc#1017164).
- ravb: Fix use-after-free on `ifconfig eth0 down` (git-fixes).
- rdma/iw_cxgb4: Add missing error codes for act open cmd (bsc#1026570).
- rdma/iw_cxgb4: Low resource fixes for Completion queue (bsc#1026570).
- rdma/iw_cxgb4: only read markers_enabled mod param once (bsc#1026570).
- Refresh patches.suse/blk-timeout-no-round. Refresh patches.drivers/0041-block-add-ability-to-flag-write-back-caching-on-a-device.patch Do not collide with QUEUE_FLAG_WC from upstream (bsc#1022547)
- regulator: isl9305: fix array size (bsc#1031717).
- reiserfs: fix race in prealloc discard (bsc#987576).
- Revert 'acpi, nfit, libnvdimm: fix interleave set cookie calculation (64-bit comparison)' (kabi).
- Revert 'btrfs: qgroup: Move half of the qgroup accounting time out of' (bsc#1017461 bsc#1033885).
- Revert 'btrfs: qgroup: Move half of the qgroup accounting time out of' This reverts commit f69c1d0f6254c73529a48fd2f87815d047ad7288.
- Revert 'give up on gcc ilog2() constant optimizations' (kabi).
- Revert 'KVM: nested VMX: disable perf cpuid reporting' (4.4.68 stable queue).
- Revert 'l2tp: take reference on sessions being dumped' (kabi).
- Revert 'mac80211: pass block ack session timeout to to driver' (kabi).
- Revert 'mac80211: RX BA support for sta max_rx_aggregation_subframes' (kabi).
- Revert 'net: introduce device min_header_len' (kabi).
- Revert 'net/mlx4_en: Avoid unregister_netdev at shutdown flow' (bsc#1028017).
- Revert 'nfit, libnvdimm: fix interleave set cookie calculation' (kabi).
- Revert 'RDMA/core: Fix incorrect structure packing for booleans' (kabi).
- Revert 'target: Fix NULL dereference during LUN lookup + active I/O shutdown' (kabi).
- Revert 'wlcore: Add RX_BA_WIN_SIZE_CHANGE_EVENT event' (kabi).
- rpm/kernel-binary.spec.in: Fix installation of /etc/uefi/certs (bsc#1019594)
- rpm/kernel-binary.spec: remove superfluous flags This should make build logs more readable and people adding more flags should have easier time finding a place to add them in the spec file.
- rpm/kernel-spec-macros: Fix the check if there is no rebuild counter (bsc#1012060)
- rpm/SLES-UEFI-SIGN-Certificate-2048.crt: Update the certificate (bsc#1035922)
- rtc: cmos: avoid unused function warning (bsc#1022429).
- rtc: cmos: Clear ACPI-driven alarms upon resume (bsc#1022429).
- rtc: cmos: Do not enable interrupts in the middle of the interrupt handler (bsc#1022429).
- rtc: cmos: Restore alarm after resume (bsc#1022429).
- rtlwifi: rtl_usb: Fix missing entry in USB driver's private data (bsc#1026462).
- rtnetlink: NUL-terminate IFLA_PHYS_PORT_NAME string (4.4.68 stable queue).
- rtnl: reset calcit fptr in rtnl_unregister() (bsc#1042286).
- s390/cpuinfo: show maximum thread id (bnc#1009718, LTC#148580).
- s390/dasd: check if query host access feature is supported (bsc#1037871).
- s390/kmsg: add missing kmsg descriptions (bnc#1025683, LTC#151573).
- s390/mm: fix zone calculation in arch_add_memory() (bnc#1025683, LTC#152318).
- s390/sysinfo: show partition extended name and UUID if available (bnc#1009718, LTC#150160).
- s390/time: LPAR offset handling (bnc#1009718, LTC#146920).
- s390/time: move PTFF definitions (bnc#1009718, LTC#146920).
- sbp-target: Fix second argument of percpu_ida_alloc() (bsc#1032803).
- sched: Allow hotplug notifiers to be setup early (bnc#1022476).
- sched/core: Fix incorrect utilization accounting when switching to fair class (bnc#1022476).
- sched/core: Fix set_user_nice() (bnc#1022476).
- sched/core, x86/topology: Fix NUMA in package topology bug (bnc#1022476).
- sched/cputime: Add steal time support to full dynticks CPU time accounting (bnc#1022476).
- sched/cputime: Fix prev steal time accouting during CPU hotplug (bnc#1022476).
- sched/deadline: Always calculate end of period on sched_yield() (bnc#1022476).
- sched/deadline: Fix a bug in dl_overflow() (bnc#1022476).
- sched/deadline: Fix lock pinning warning during CPU hotplug (bnc#1022476).
- sched/deadline: Fix wrap-around in DL heap (bnc#1022476).
- sched/fair: Avoid using decay_load_missed() with a negative value (bnc#1022476).
- sched/fair: Fix fixed point arithmetic width for shares and effective load (bnc#1022476).
- sched/fair: Fix load_above_capacity fixed point arithmetic width (bnc#1022476).
- sched/fair: Fix min_vruntime tracking (bnc#1022476).
- sched/fair: Fix the wrong throttled clock time for cfs_rq_clock_task() (bnc#1022476).
- sched/fair: Improve PELT stuff some more (bnc#1022476).
- sched/loadavg: Avoid loadavg spikes caused by delayed NO_HZ accounting (bsc#1018419).
- sched: Make wake_up_nohz_cpu() handle CPUs going offline (bnc#1022476).
- sched/rt: Fix PI handling vs. sched_setscheduler() (bnc#1022476).
- sched/rt: Kick RT bandwidth timer immediately on start up (bnc#1022476).
- sched/rt, sched/dl: Do not push if task's scheduling class was changed (bnc#1022476).
- scsi: be2iscsi: Add FUNCTION_RESET during driver unload (bsc#1038458).
- scsi: be2iscsi: Add IOCTL to check UER supported (bsc#1038458).
- scsi: be2iscsi: Add TPE recovery feature (bsc#1038458).
- scsi: be2iscsi: Add V1 of EPFW cleanup IOCTL (bsc#1038458).
- scsi: be2iscsi: allocate enough memory in beiscsi_boot_get_sinfo() (bsc#1038458).
- scsi: be2iscsi: Check all zeroes IP before issuing IOCTL (bsc#1038458).
- scsi: be2iscsi: Fail the sessions immediately after TPE (bsc#1038458).
- scsi: be2iscsi: Fix async PDU handling path (bsc#1038458).
- scsi: be2iscsi: Fix bad WRB index error (bsc#1038458).
- scsi: be2iscsi: Fix checks for HBA in error state (bsc#1038458).
- scsi: be2iscsi: Fix gateway APIs to support IPv4 & IPv6 (bsc#1038458).
- scsi: be2iscsi: Fix POST check and reset sequence (bsc#1038458).
- scsi: be2iscsi: Fix queue and connection parameters (bsc#1038458).
- scsi: be2iscsi: Fix release of DHCP IP in static mode (bsc#1038458).
- scsi: be2iscsi: Fix to add timer for UE detection (bsc#1038458).
- scsi: be2iscsi: Fix to make boot discovery non-blocking (bsc#1038458).
- scsi: be2iscsi: Fix to use correct configuration values (bsc#1038458).
- scsi: be2iscsi: Handle only NET_PARAM in iface_get_param (bsc#1038458).
- scsi: be2iscsi: Move functions to right files (bsc#1038458).
- scsi: be2iscsi: Move VLAN code to common iface_set_param (bsc#1038458).
- scsi: be2iscsi: Reduce driver load/unload time (bsc#1038458).
- scsi: be2iscsi: Remove alloc_mcc_tag & beiscsi_pci_soft_reset (bsc#1038458).
- scsi: be2iscsi: Remove isr_lock and dead code (bsc#1038458).
- scsi: be2iscsi: Rename iface get/set/create/destroy APIs (bsc#1038458).
- scsi: be2iscsi: Replace _bh version for mcc_lock spinlock (bsc#1038458).
- scsi: be2iscsi: Set and return right iface v4/v6 states (bsc#1038458).
- scsi: be2iscsi: Update copyright information (bsc#1038458).
- scsi: be2iscsi: Update iface handle before any set param (bsc#1038458).
- scsi: be2iscsi: Update the driver version (bsc#1038458).
- scsi: cxgb4i: libcxgbi: add missing module_put() (bsc#1018885).
- scsi: cxgb4i: libcxgbi: cxgb4: add T6 iSCSI completion feature (bsc#1021424).
- scsi: cxlflash: Remove the device cleanly in the system shutdown path (bsc#1028310, fate#321597, bsc#1034762). cherry-pick from SP3
- scsi_dh_alua: do not call BUG_ON when updating port group (bsc#1028340).
- scsi_dh_alua: Do not modify the interval value for retries (bsc#1012910).
- scsi_dh_alua: Do not retry for unmapped device (bsc#1012910).
- scsi: do not print 'reservation conflict' for TEST UNIT READY (bsc#1027054).
- scsi_error: count medium access timeout only once per EH run (bsc#993832, bsc#1032345).
- scsi: fnic: Correcting rport check location in fnic_queuecommand_lck (bsc#1035920).
- scsi: ipr: do not set DID_PASSTHROUGH on CHECK CONDITION (bsc#1034419).
- scsi: ipr: Driver version 2.6.4 (bsc#1031555, fate#321595).
- scsi: ipr: Error path locking fixes (bsc#1031555, fate#321595).
- scsi: ipr: Fix abort path race condition (bsc#1031555, fate#321595).
- scsi: ipr: Fix missed EH wakeup (bsc#1031555, fate#321595).
- scsi: ipr: Fix SATA EH hang (bsc#1031555, fate#321595).
- scsi: ipr: Remove redundant initialization (bsc#1031555, fate#321595).
- scsi: mac_scsi: Fix MAC_SCSI=m option when SCSI=m (4.4.68 stable queue).
- scsi: scsi_dh_alua: Check scsi_device_get() return value (bsc#1040125).
- scsi: scsi_dh_emc: return success in clariion_std_inquiry() (4.4.68 stable queue).
- scsi_transport_fc: do not call queue_work under lock (bsc#1013887).
- scsi_transport_fc: fixup race condition in fc_rport_final_delete() (bsc#1013887).
- scsi_transport_fc: return -EBUSY for deleted vport (bsc#1013887).
- sctp: check af before verify address in sctp_addr_id2transport (git-fixes).
- sd: always scan VPD pages if thin provisioning is enabled (bsc#1013792).
- serial: 8250_omap: Fix probe and remove for PM runtime (4.4.68 stable queue).
- series.conf cosmetic adjustment (missing rt version placeholders)
- series.conf: remove silly comment
- ses: Fix SAS device detection in enclosure (bsc#1016403).
- sfc: reduce severity of PIO buffer alloc failures (bsc#1019168).
- sfc: refactor debug-or-warnings printks (bsc#1019168).
- softirq: Let ksoftirqd do its job (bsc#1019618).
- staging: emxx_udc: remove incorrect __init annotations (4.4.68 stable queue).
- staging: rtl8188eu: prevent an underflow in rtw_check_beacon_data() (bsc#1031717).
- staging: wlan-ng: add missing byte order conversion (4.4.68 stable queue).
- sunrpc: Allow xprt->ops->timer method to sleep (git-fixes).
- sunrpc: ensure correct error is reported by xs_tcp_setup_socket() (git-fixes).
- sunrpc: fix UDP memory accounting (git-fixes).
- sunrpc: Silence WARN_ON when NFSv4.1 over RDMA is in use (git-fixes).
- supported.conf: added drivers/net/ethernet/chelsio/libcxgb/libcxgb
- supported.conf: Add tcp_westwood as supported module (fate#322432)
- supported.conf: Bugzilla and FATE references for dcdbas and dell_rbu
- sysfs: be careful of error returns from ops->show() (bsc#1028883).
- taint/module: Clean up global and module taint flags handling (fate#313296).
- target: add XCOPY target/segment desc sense codes (bsc#991273).
- target: bounds check XCOPY segment descriptor list (bsc#991273).
- target: bounds check XCOPY total descriptor list length (bsc#991273).
- target: check for XCOPY parameter truncation (bsc#991273).
- target: check XCOPY segment descriptor CSCD IDs (bsc#1017170).
- target: return UNSUPPORTED TARGET/SEGMENT DESC TYPE CODE sense (bsc#991273).
- target: simplify XCOPY wwn->se_dev lookup helper (bsc#991273).
- target: support XCOPY requests without parameters (bsc#991273).
- target: use XCOPY segment descriptor CSCD IDs (bsc#1017170).
- target: use XCOPY TOO MANY TARGET DESCRIPTORS sense (bsc#991273).
- tcp: account for ts offset only if tsecr not zero (bsc#1042286).
- tcp: do not inherit fastopen_req from parent (4.4.68 stable queue).
- tcp: do not underestimate skb->truesize in tcp_trim_head() (4.4.68 stable queue).
- tcp: fastopen: accept data/FIN present in SYNACK message (bsc#1042286).
- tcp: fastopen: avoid negative sk_forward_alloc (bsc#1042286).
- tcp: fastopen: call tcp_fin() if FIN present in SYNACK (bsc#1042286).
- tcp: fastopen: fix rcv_wup initialization for TFO server on SYN/data (bsc#1042286).
- tcp: fix wraparound issue in tcp_lp (4.4.68 stable queue).
- thp: fix MADV_DONTNEED vs. numa balancing race (bnc#1027974).
- thp: reduce indentation level in change_huge_pmd() (bnc#1027974).
- tpm: Downgrade error level (bsc#1042535).
- tpm: fix checks for policy digest existence in tpm2_seal_trusted() (bsc#1034048, Pending fixes 2017-04-10).
- tpm: fix RC value check in tpm2_seal_trusted (bsc#1034048, Pending fixes 2017-04-10).
- tpm: fix: set continueSession attribute for the unseal operation (bsc#1034048, Pending fixes 2017-04-10).
- tracing/kprobes: Enforce kprobes teardown after testing (bnc#1012985).
- udp: avoid ufo handling on IP payload compression packets (bsc#1042286).
- udplite: call proper backlog handlers (bsc#1042286).
- Update mainline reference in patches.drivers/drm-ast-Fix-memleaks-in-error-path-in-ast_fb_create.patch See (bsc#1028158) for the context in which this was discovered upstream.
- Update metadata for serial fixes (bsc#1013001)
- Update patches.fixes/xen-silence-efi-error-messge.patch (bnc#1039900).
- Update patches.kernel.org/patch-4.4.47-48 (bnc#1012382 bnc#1022181). Add a bnc reference.
- usb: chipidea: Handle extcon events properly (4.4.68 stable queue).
- usb: chipidea: Only read/write OTGSC from one place (4.4.68 stable queue).
- usb: host: ehci-exynos: Decrese node refcount on exynos_ehci_get_phy() error paths (4.4.68 stable queue).
- usb: host: ohci-exynos: Decrese node refcount on exynos_ehci_get_phy() error paths (4.4.68 stable queue).
- usb: musb: ux500: Fix NULL pointer dereference at system PM (bsc#1038033).
- usb: serial: ark3116: fix open error handling (bnc#1038043).
- usb: serial: ch341: add register and USB request definitions (bnc#1038043).
- usb: serial: ch341: add support for parity, frame length, stop bits (bnc#1038043).
- usb: serial: ch341: fix baud rate and line-control handling (bnc#1038043).
- usb: serial: ch341: fix line settings after reset-resume (bnc#1038043).
- usb: serial: ch341: fix modem-status handling (bnc#1038043).
- usb: serial: ch341: reinitialize chip on reconfiguration (bnc#1038043).
- usb: serial: digi_acceleport: fix incomplete rx sanity check (4.4.68 stable queue).
- usb: serial: fix compare_const_fl.cocci warnings (bnc#1038043).
- usb: serial: ftdi_sio: fix latency-timer error handling (4.4.68 stable queue).
- usb: serial: io_edgeport: fix descriptor error handling (4.4.68 stable queue).
- usb: serial: io_edgeport: fix epic-descriptor handling (bnc#1038043).
- usb: serial: keyspan_pda: fix receive sanity checks (4.4.68 stable queue).
- usb: serial: mct_u232: fix modem-status error handling (4.4.68 stable queue).
- usb: serial: quatech2: fix control-message error handling (bnc#1038043).
- usb: serial: sierra: fix bogus alternate-setting assumption (bnc#1038043).
- usb: serial: ssu100: fix control-message error handling (bnc#1038043).
- usb: serial: ti_usb_3410_5052: fix control-message error handling (4.4.68 stable queue).
- Use make --output-sync feature when available (bsc#1012422). The mesages in make output can interleave making it impossible to extract warnings reliably. Since version 4 GNU Make supports --output-sync flag that prints output of each sub-command atomically preventing this issue. Detect the flag and use it if available.
- Use up spare in struct module for livepatch (FATE#322421).
- vmxnet3: segCnt can be 1 for LRO packets (bsc#988065).
- vrf: remove slave queue and private slave struct (bsc#1042286).
- vsock: Detach QP check should filter out non matching QPs (bsc#1036752).
- x86/apic/uv: Silence a shift wrapping warning (bsc#1023866).
- x86/CPU/AMD: Fix Zen SMT topology (bsc#1027512).
- x86/ioapic: Change prototype of acpi_ioapic_add() (bsc#1027153, bsc#1027616).
- x86/ioapic: Fix incorrect pointers in ioapic_setup_resources() (bsc#1027153, bsc#1027616).
- x86/ioapic: Fix IOAPIC failing to request resource (bsc#1027153, bsc#1027616).
- x86/ioapic: fix kABI (hide added include) (bsc#1027153, bsc#1027616).
- x86/ioapic: Fix lost IOAPIC resource after hot-removal and hotadd (bsc#1027153, bsc#1027616).
- x86/ioapic: Fix setup_res() failing to get resource (bsc#1027153, bsc#1027616).
- x86/ioapic: Ignore root bridges without a companion ACPI device (bsc#1027153, bsc#1027616).
- x86/ioapic: Restore IO-APIC irq_chip retrigger callback (4.4.68 stable queue).
- x86/ioapic: Simplify ioapic_setup_resources() (bsc#1027153, bsc#1027616).
- x86/ioapic: Support hot-removal of IOAPICs present during boot (bsc#1027153, bsc#1027616).
- x86/mce: Do not print MCEs when mcelog is active (bsc#1013994).
- x86/MCE: Dump MCE to dmesg if no consumers (bsc#1013994).
- x86/mce: Fix copy/paste error in exception table entries (fate#319858).
- x86, mm: fix gup_pte_range() vs DAX mappings (bsc#1026405).
- x86/mm/gup: Simplify get_user_pages() PTE bit handling (bsc#1026405).
- x86/pci-calgary: Fix iommu_free() comparison of unsigned expression >= 0 (4.4.68 stable queue).
- x86/PCI: Mark Broadwell-EP Home Agent 1 as having non-compliant BARs (bsc#9048891).
- x86/platform/intel/iosf_mbi: Add a mutex for P-Unit access (bsc#1011913).
- x86/platform/intel/iosf_mbi: Add a PMIC bus access notifier (bsc#1011913).
- x86/platform/intel-mid: Correct MSI IRQ line for watchdog device (4.4.68 stable queue).
- x86/platform: Remove warning message for duplicate NMI handlers (bsc#1029220).
- x86/platform/UV: Add basic CPU NMI health check (bsc#1023866).
- x86/platform/UV: Add Support for UV4 Hubless NMIs (bsc#1023866).
- x86/platform/UV: Add Support for UV4 Hubless systems (bsc#1023866).
- x86/platform/uv/BAU: Add generic function pointers (bsc#1035024).
- x86/platform/uv/BAU: Add payload descriptor qualifier (bsc#1035024).
- x86/platform/uv/BAU: Add status mmr location fields to bau_control (bsc#1035024).
- x86/platform/uv/BAU: Add UV4-specific functions (bsc#1035024).
- x86/platform/uv/BAU: Add uv_bau_version enumerated constants (bsc#1035024).
- x86/platform/uv/BAU: Add wait_completion to bau_operations (bsc#1035024).
- x86/platform/uv/BAU: Clean up and update printks (bsc#1035024).
- x86/platform/uv/BAU: Cleanup bau_operations declaration and instances (bsc#1035024).
- x86/platform/uv/BAU: Clean up pq_init() (bsc#1035024).
- x86/platform/uv/BAU: Clean up vertical alignment (bsc#1035024).
- x86/platform/uv/BAU: Convert uv_physnodeaddr() use to uv_gpa_to_offset() (bsc#1035024).
- x86/platform/uv/BAU: Disable software timeout on UV4 hardware (bsc#1035024).
- x86/platform/uv/BAU: Fix HUB errors by remove initial write to sw-ack register (bsc#1035024).
- x86/platform/uv/BAU: Fix payload queue setup on UV4 hardware (bsc#1035024).
- x86/platform/uv/BAU: Implement uv4_wait_completion with read_status (bsc#1035024).
- x86/platform/uv/BAU: Populate ->uvhub_version with UV4 version information (bsc#1035024).
- x86/platform/uv/BAU: Use generic function pointers (bsc#1035024).
- x86/platform/UV: Clean up the NMI code to match current coding style (bsc#1023866).
- x86/platform/UV: Clean up the UV APIC code (bsc#1023866).
- x86/platform/UV: Ensure uv_system_init is called when necessary (bsc#1023866).
- x86/platform/UV: Fix 2 socket config problem (bsc#1023866).
- x86/platform/uv: Fix calculation of Global Physical Address (bsc#1031147).
- x86/platform/UV: Fix panic with missing UVsystab support (bsc#1023866).
- x86/platform/UV: Initialize PCH GPP_D_0 NMI Pin to be NMI source (bsc#1023866).
- x86/platform/UV: Verify NMI action is valid, default is standard (bsc#1023866).
- x86/ras/therm_throt: Do not log a fake MCE for thermal events (bsc#1028027).
- xen: add sysfs node for guest type (bnc#1037840).
- xen: adjust early dom0 p2m handling to xen hypervisor behavior (bnc#1031470).
- xen-blkback: do not leak stack data via response ring (bsc#1042863 XSA-216).
- xen-blkfront: correct maximum segment accounting (bsc#1018263).
- xen-blkfront: do not call talk_to_blkback when already connected to blkback.
- xen/blkfront: Fix crash if backend does not follow the right states.
- xen-blkfront: free resources if xlvbd_alloc_gendisk fails.
- xen/mce: do not issue error message for failed /dev/mcelog registration (bnc#1036638).
- xen/netback: set default upper limit of tx/rx queues to 8 (bnc#1019163).
- xen/netfront: set default upper limit of tx/rx queues to 8 (bnc#1019163).
- xen: Use machine addresses in /sys/kernel/vmcoreinfo when PV (bsc#1014136)
- xfrm: Fix memory leak of aead algorithm name (bsc#1042286).
- xfrm: Only add l3mdev oif to dst lookups (bsc#1042286).
- xfs: add missing include dependencies to xfs_dir2.h (bsc#1042421).
- xfs_dmapi: fix the debug compilation of xfs_dmapi (bsc#989056).
- xfs: do not allow di_size with high bit set (bsc#1024234).
- xfs: do not assert fail on non-async buffers on ioacct decrement (bsc#1041160).
- xfs: do not take the IOLOCK exclusive for direct I/O page invalidation (bsc#1015609).
- xfs: do not warn on buffers not being recovered due to LSN (bsc#1043598).
- xfs: exclude never-released buffers from buftarg I/O accounting (bsc#1024508).
- xfs: fix broken multi-fsb buffer logging (bsc#1024081).
- xfs: fix buffer overflow dm_get_dirattrs/dm_get_dirattrs2 (bsc#989056).
- xfs: fix eofblocks race with file extending async dio writes (bsc#1040929).
- xfs: Fix missed holes in SEEK_HOLE implementation (bsc#1041168).
- xfs: fix off-by-one on max nr_pages in xfs_find_get_desired_pgoff() (bsc#1041168).
- xfs: fix up xfs_swap_extent_forks inline extent handling (bsc#1023888).
- xfs: fix xfs_mode_to_ftype() prototype (bsc#1043598).
- xfs: in _attrlist_by_handle, copy the cursor back to userspace (bsc#1041242).
- xfs: log recovery tracepoints to track current lsn and buffer submission (bsc#1043598).
- xfs: Make __xfs_xattr_put_listen preperly report errors (bsc#1041242).
- xfs: only return -errno or success from attr ->put_listent (bsc#1041242).
- xfs: pass current lsn to log recovery buffer validation (bsc#1043598).
- xfs: refactor log record unpack and data processing (bsc#1043598).
- xfs: replace xfs_mode_to_ftype table with switch statement (bsc#1042421).
- xfs: rework log recovery to submit buffers on LSN boundaries (bsc#1043598).
- xfs: rework the inline directory verifiers (bsc#1042421).
- xfs: sanity check directory inode di_size (bsc#1042421).
- xfs: sanity check inode di_mode (bsc#1042421).
- xfs: Split default quota limits by quota type (bsc#1040941).
- xfs: track and serialize in-flight async buffers against unmount (bsc#1024508).
- xfs: track and serialize in-flight async buffers against unmount - kABI (bsc#1024508).
- xfs: update metadata LSN in buffers during log recovery (bsc#1043598).
- xfs: use ->b_state to fix buffer I/O accounting release race (bsc#1041160).
- xfs: verify inline directory data forks (bsc#1042421).
- xgene_enet: remove bogus forward declarations (bsc#1032673).
- zswap: do not param_set_charp while holding spinlock (VM Functionality, bsc#1042886).
- blacklist.conf: add non-applicable fixes for iwlwifi (FATE#323335)
- blacklist.conf: blacklist c34a69059d78 (bnc#1044880)
- btrfs: disable possible cause of premature ENOSPC (bsc#1040182)
- btrfs: Manually implement device_total_bytes getter/setter (bsc#1043912).
- btrfs: Round down values which are written for total_bytes_size (bsc#1043912).
- dm: remove dummy dm_table definition (bsc#1045307)
- Fix soft lockup in svc_rdma_send (bsc#1044854).
- fs/exec.c: account for argv/envp pointers (bnc#1039354, CVE-2017-1000365).
- hpsa: limit transfer length to 1MB (bsc#1025461).
- hwpoison, memcg: forcibly uncharge LRU pages (bnc#1046105).
- IB/ipoib: Fix memory leak in create child syscall (bsc#1022595 FATE#322350).
- ibmvnic: Correct return code checking for ibmvnic_init during probe (bsc#1045286).
- ibmvnic: Fix assignment of RX/TX IRQ's (bsc#1046589).
- ibmvnic: Fix error handling when registering long-term-mapped buffers (bsc#1045568).
- ibmvnic: Fix incorrectly defined ibmvnic_request_map_rsp structure (bsc#1045568).
- ibmvnic: Remove module author mailing address (bsc#1045467).
- ibmvnic: Return from ibmvnic_resume if not in VNIC_OPEN state (bsc#1045235).
- iw_cxgb4: Fix error return code in c4iw_rdev_open() (bsc#1026570).
- iwlwifi: 8000: fix MODULE_FIRMWARE input.
- iwlwifi: 9000: increase the number of queues.
- iwlwifi: add device ID for 8265.
- iwlwifi: add device IDs for the 8265 device.
- iwlwifi: add disable_11ac module param.
- iwlwifi: add new 3168 series devices support.
- iwlwifi: add new 8260 PCI IDs.
- iwlwifi: add new 8265.
- iwlwifi: add new 8265 series PCI ID.
- iwlwifi: Add new PCI IDs for 9260 and 5165 series.
- iwlwifi: Add PCI IDs for the new 3168 series.
- iwlwifi: Add PCI IDs for the new series 8165.
- iwlwifi: add support for 12K Receive Buffers.
- iwlwifi: add support for getting HW address from CSR.
- iwlwifi: avoid d0i3 commands when no/init ucode is loaded.
- iwlwifi: bail out in case of bad trans state.
- iwlwifi: block the queues when we send ADD_STA for uAPSD.
- iwlwifi: change the Intel Wireless email address.
- iwlwifi: check for valid ethernet address provided by OEM.
- iwlwifi: clean up transport debugfs handling.
- iwlwifi: clear ieee80211_tx_info->driver_data in the op_mode.
- iwlwifi: Document missing module options.
- iwlwifi: dump prph registers in a common place for all transports.
- iwlwifi: dvm: advertise NETIF_F_SG.
- iwlwifi: dvm: fix compare_const_fl.cocci warnings.
- iwlwifi: dvm: handle zero brightness for wifi LED.
- iwlwifi: dvm: remove a wrong dependency on m.
- iwlwifi: dvm: remove Kconfig default.
- iwlwifi: dvm: remove stray debug code.
- iwlwifi: export the _no_grab version of PRPH IO functions.
- iwlwifi: expose fw usniffer mode to more utilities.
- iwlwifi: fix double hyphen in MODULE_FIRMWARE for 8000.
- iwlwifi: Fix firmware name maximum length definition.
- iwlwifi: fix name of ucode loaded for 8265 series.
- iwlwifi: fix printf specifier.
- iwlwifi: generalize d0i3_entry_timeout module parameter.
- iwlwifi: mvm: adapt the firmware assert log to new firmware.
- iwlwifi: mvm: add 9000-series RX API.
- iwlwifi: mvm: add 9000 series RX processing.
- iwlwifi: mvm: add a non-trigger window to fw dbg triggers.
- iwlwifi: mvm: add an option to start rs from HT/VHT rates.
- iwlwifi: mvm: Add a station in monitor mode.
- iwlwifi: mvm: add bt rrc and ttc to debugfs.
- iwlwifi: mvm: add bt settings to debugfs.
- iwlwifi: mvm: add ctdp operations to debugfs.
- iwlwifi: mvm: add CT-KILL notification.
- iwlwifi: mvm: add debug print if scan config is ignored.
- iwlwifi: mvm: add extended dwell time.
- iwlwifi: mvm: add new ADD_STA command version.
- iwlwifi: mvm: Add P2P client snoozing.
- iwlwifi: mvm: add registration to cooling device.
- iwlwifi: mvm: add registration to thermal zone.
- iwlwifi: mvm: add support for negative temperatures.
- iwlwifi: mvm: add tlv for multi queue rx support.
- iwlwifi: mvm: add trigger for firmware dump upon TDLS events.
- iwlwifi: mvm: add trigger for firmware dump upon TX response status.
- iwlwifi: mvm: advertise NETIF_F_SG.
- iwlwifi: mvm: Align bt-coex priority with requirements.
- iwlwifi: mvm: allow to disable beacon filtering for AP/GO interface.
- iwlwifi: mvm: avoid harmless -Wmaybe-uninialized warning.
- iwlwifi: mvm: avoid panics with thermal device usage.
- iwlwifi: mvm: avoid to WARN about gscan capabilities.
- iwlwifi: mvm: bail out if CTDP start operation fails.
- iwlwifi: mvm: bump firmware API to 21.
- iwlwifi: mvm: bump max API to 20.
- iwlwifi: mvm: change access to ieee80211_hdr.
- iwlwifi: mvm: change iwl_mvm_get_key_sta_id() to return the station.
- iwlwifi: mvm: change mcc update API.
- iwlwifi: mvm: change name of iwl_mvm_d3_update_gtk.
- iwlwifi: mvm: Change number of associated stations when station becomes associated.
- iwlwifi: mvm: change protocol offload flows.
- iwlwifi: mvm: change the check for ADD_STA status.
- iwlwifi: mvm: check FW's response for nvm access write cmd.
- iwlwifi: mvm: check iwl_mvm_wowlan_config_key_params() return value.
- iwlwifi: mvm: check minimum temperature notification length.
- iwlwifi: mvm: cleanup roc te on restart cleanup.
- iwlwifi: mvm: Configure fragmented scan for scheduled scan.
- iwlwifi: mvm: configure scheduled scan according to traffic conditions.
- iwlwifi: mvm: constify the parameters of a few functions in fw-dbg.c.
- iwlwifi: mvm: Disable beacon storing in D3 when WOWLAN configured.
- iwlwifi: mvm: disable DQA support.
- iwlwifi: mvm: Do not switch to D3 image on suspend.
- iwlwifi: mvm: don't ask beacons when P2P GO vif and no assoc sta.
- iwlwifi: mvm: don't keep an mvm ref when the interface is down.
- iwlwifi: mvm: don't let NDPs mess the packet tracking.
- iwlwifi: mvm: don't restart HW if suspend fails with unified image.
- iwlwifi: mvm: don't try to offload AES-CMAC in AP/IBSS modes.
- iwlwifi: mvm: drop low_latency_agg_frame_cnt_limit.
- iwlwifi: mvm: dump more registers upon error.
- iwlwifi: mvm: dump the radio registers when the firmware crashes.
- iwlwifi: mvm: enable L3 filtering.
- iwlwifi: mvm: Enable MPLUT only on supported hw.
- iwlwifi: mvm: enable VHT MU-MIMO for supported hardware.
- iwlwifi: mvm: extend time event duration.
- iwlwifi: mvm: fix accessing Null pointer during fw dump collection.
- iwlwifi: mvm: fix d3_test with unified D0/D3 images.
- iwlwifi: mvm: fix debugfs signedness warning.
- iwlwifi: mvm: fix extended dwell time.
- iwlwifi: mvm: fix incorrect fallthrough in iwl_mvm_check_running_scans().
- iwlwifi: mvm: fix memory leaks in error paths upon fw error dump.
- iwlwifi: mvm: fix netdetect starting/stopping for unified images.
- iwlwifi: mvm: fix RSS key sizing.
- iwlwifi: mvm: fix unregistration of thermal in some error flows.
- iwlwifi: mvm: flush all used TX queues before suspending.
- iwlwifi: mvm: forbid U-APSD for P2P Client if the firmware doesn't support it.
- iwlwifi: mvm: handle pass all scan reporting.
- iwlwifi: mvm: ignore LMAC scan notifications when running UMAC scans.
- iwlwifi: mvm: infrastructure for frame-release message.
- iwlwifi: mvm: kill iwl_mvm_enable_agg_txq.
- iwlwifi: mvm: let the firmware choose the antenna for beacons.
- iwlwifi: mvm: make collecting fw debug data optional.
- iwlwifi: mvm: move fw-dbg code to separate file.
- iwlwifi: mvm: only release the trans ref if d0i3 is supported in fw.
- iwlwifi: mvm: prepare the code towards TSO implementation.
- iwlwifi: mvm: refactor d3 key update functions.
- iwlwifi: mvm: refactor the way fw_key_table is handled.
- iwlwifi: mvm: remove an extra tab.
- iwlwifi: mvm: Remove bf_vif from iwl_power_vifs.
- iwlwifi: mvm: Remove iwl_mvm_update_beacon_abort.
- iwlwifi: mvm: remove redundant d0i3 flag from the config struct.
- iwlwifi: mvm: remove shadowing variable.
- iwlwifi: mvm: remove stray nd_config element.
- iwlwifi: mvm: remove the vif parameter of iwl_mvm_configure_bcast_filter().
- iwlwifi: mvm: remove unnecessary check in iwl_mvm_is_d0i3_supported().
- iwlwifi: mvm: remove useless WARN_ON and rely on cfg80211's combination.
- iwlwifi: mvm: report wakeup for wowlan.
- iwlwifi: mvm: reset mvm->scan_type when firmware is started.
- iwlwifi: mvm: return the cooling state index instead of the budget.
- iwlwifi: mvm: ROC: cleanup time event info on FW failure.
- iwlwifi: mvm: ROC: Extend the ROC max delay duration & limit ROC duration.
- iwlwifi: mvm: rs: fix a potential out of bounds access.
- iwlwifi: mvm: rs: fix a theoretical access to uninitialized array elements.
- iwlwifi: mvm: rs: fix a warning message.
- iwlwifi: mvm: rs: fix TPC action decision algorithm.
- iwlwifi: mvm: rs: fix TPC statistics handling.
- iwlwifi: mvm: Send power command on BSS_CHANGED_BEACON_INFO if needed.
- iwlwifi: mvm: set default new STA as non-aggregated.
- iwlwifi: mvm: set the correct amsdu enum values.
- iwlwifi: mvm: set the correct descriptor size for tracing.
- iwlwifi: mvm: small update in the firmware API.
- iwlwifi: mvm: support A-MSDU in A-MPDU.
- iwlwifi: mvm: support beacon storing.
- iwlwifi: mvm: support description for user triggered fw dbg collection.
- iwlwifi: mvm: support rss queues configuration command.
- iwlwifi: mvm: Support setting continuous recording debug mode.
- iwlwifi: mvm: support setting minimum quota from debugfs.
- iwlwifi: mvm: support sw queue start/stop from mvm.
- iwlwifi: mvm: take care of padded packets.
- iwlwifi: mvm: take the transport ref back when leaving.
- iwlwifi: mvm: track low-latency sources separately.
- iwlwifi: mvm: update GSCAN capabilities.
- iwlwifi: mvm: update ucode status before stopping device.
- iwlwifi: mvm: use build-time assertion for fw trigger ID.
- iwlwifi: mvm: use firmware station lookup, combine code.
- iwlwifi: mvm: various trivial cleanups.
- iwlwifi: mvm: writing zero bytes to debugfs causes a crash.
- iwlwifi: nvm: fix loading default NVM file.
- iwlwifi: nvm: fix up phy section when reading it.
- iwlwifi: pcie: add 9000 series multi queue rx DMA support.
- iwlwifi: pcie: add infrastructure for multi-queue rx.
- iwlwifi: pcie: add initial RTPM support for PCI.
- iwlwifi: pcie: Add new configuration to enable MSIX.
- iwlwifi: pcie: add pm_prepare and pm_complete ops.
- iwlwifi: pcie: add RTPM support when wifi is enabled.
- iwlwifi: pcie: aggregate Flow Handler configuration writes.
- iwlwifi: pcie: allow the op_mode to block the tx queues.
- iwlwifi: pcie: allow to pretend to have Tx CSUM for debug.
- iwlwifi: pcie: avoid restocks inside rx loop if not emergency.
- iwlwifi: pcie: buffer packets to avoid overflowing Tx queues.
- iwlwifi: pcie: build an A-MSDU using TSO core.
- iwlwifi: pcie: configure more RFH settings.
- iwlwifi: pcie: detect and workaround invalid write ptr behavior.
- iwlwifi: pcie: don't increment / decrement a bool.
- iwlwifi: pcie: enable interrupts before releasing the NIC's CPU.
- iwlwifi: pcie: enable multi-queue rx path.
- iwlwifi: pcie: extend device reset delay.
- iwlwifi: pcie: fine tune number of rxbs.
- iwlwifi: pcie: fix a race in firmware loading flow.
- iwlwifi: pcie: fix erroneous return value.
- iwlwifi: pcie: fix global table size.
- iwlwifi: pcie: fix identation in trans.c.
- iwlwifi: pcie: fix RF-Kill vs. firmware load race.
- iwlwifi: pcie: forbid RTPM on device removal.
- iwlwifi: pcie: mark command queue lock with separate lockdep class.
- iwlwifi: pcie: prevent skbs shadowing in iwl_trans_pcie_reclaim.
- iwlwifi: pcie: refactor RXBs reclaiming code.
- iwlwifi: pcie: remove ICT allocation message.
- iwlwifi: pcie: remove pointer from debug message.
- iwlwifi: pcie: re-organize code towards TSO.
- iwlwifi: pcie: set RB chunk size back to 64.
- iwlwifi: pcie: update iwl_mpdu_desc fields.
- iwlwifi: print index in api/capa flags parsing message.
- iwlwifi: refactor the code that reads the MAC address from the NVM.
- iwlwifi: remove IWL_DL_LED.
- iwlwifi: remove unused parameter from grab_nic_access.
- iwlwifi: replace d0i3_mode and wowlan_d0i3 with more generic variables.
- iwlwifi: set max firmware version of 7265 to 17.
- iwlwifi: support ucode with d0 unified image - regular and usniffer.
- iwlwifi: trans: make various conversion macros inlines.
- iwlwifi: trans: support a callback for ASYNC commands.
- iwlwifi: treat iwl_parse_nvm_data() MAC addr as little endian.
- iwlwifi: tt: move ucode_loaded check under mutex.
- iwlwifi: uninline iwl_trans_send_cmd.
- iwlwifi: update host command messages to new format.
- iwlwifi: Update PCI IDs for 8000 and 9000 series.
- iwlwifi: update support for 3168 series firmware and NVM.
- iwlwifi: various comments and code cleanups.
- kabi: ignore fs_info parameter for tracepoints that didn't have it (bsc#1044912).
- kabi/severities: ignore kABi changes in iwlwifi stuff itself
- lan78xx: use skb_cow_head() to deal with cloned skbs (bsc#1045154).
- Linux 4.4.74 (CVE-2017-1000364 bnc#1012382 bnc#1039348 bnc#1045340 bsc#1031717 bsc#1043231).
- loop: Add PF_LESS_THROTTLE to block/loop device thread (bsc#1027101).
- md: fix a null dereference (bsc#1040351).
- md: use a separate bio_set for synchronous IO (bsc#1040351).
- mm: fix new crash in unmapped_area_topdown() (bnc#1039348).
- mm: larger stack guard gap, between vmas (bnc#1039348, CVE-2017-1000364, bnc#1045340).
- net/mlx5e: Fix timestamping capabilities reporting (bsc#966170 bsc#1015342).
- NFSv4: don't let hanging mounts block other mounts (bsc#1040364).
- powerpc/fadump: add reschedule point while releasing memory (bsc#1040609).
- powerpc/fadump: avoid duplicates in crash memory ranges (bsc#1037669).
- powerpc/fadump: avoid holes in boot memory area when fadump is registered (bsc#1037669).
- powerpc/fadump: provide a helpful error message (bsc#1037669).
- powerpc/fadump: return error when fadump registration fails (bsc#1040567).
- powerpc/ftrace: Pass the correct stack pointer for DYNAMIC_FTRACE_WITH_REGS (FATE#322421).
- printk: Correctly handle preemption in console_unlock() (bsc#1046434).
- printk/xen: Force printk sync mode when migrating Xen guest (bsc#1043347).
- RDMA/iw_cxgb4: Always wake up waiter in c4iw_peer_abort_intr() (bsc#1026570).
- Reenable and refresh patches.suse/iwlwifi-expose-default-fallback-ucode-api.
- reiserfs: don't preallocate blocks for extended attributes (bsc#990682).
- smartpqi: limit transfer length to 1MB (bsc#1025461).
- tty: Destroy ldisc instance on hangup (bnc#1043488).
- tty: Fix ldisc crash on reopened tty (bnc#1043488).
- tty: Handle NULL tty->ldisc (bnc#1043488).
- tty: Move tty_ldisc_kill() (bnc#1043488).
- tty: Prepare for destroying line discipline on hangup (bnc#1043488).
- tty: Refactor tty_ldisc_reinit() for reuse (bnc#1043488).
- tty: Reset c_line from driver's init_termios (bnc#1043488).
- tty: Simplify tty_set_ldisc() exit handling (bnc#1043488).
- tty: Use 'disc' for line discipline index name (bnc#1043488).
- Update config files: add CONFIG_IWLWIFI_PCIE_RTPM=y (FATE#323335)
- Update patches.fixes/xfs-split-default-quota-limits-by-quota-type.patch (bsc#1040941). Fix the bug nr used.
Patchnames
SUSE-SLE-RT-12-SP2-2017-1231
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for the Linux Kernel",
"title": "Title of the patch"
},
{
"category": "description",
"text": "\n\nThe SUSE Linux Enterprise 12 SP2 Realtime kernel was updated to 4.4.74 to receive various security and bugfixes.\n\n\nThe following security bugs were fixed:\n\n\n- CVE-2017-1000364: An issue was discovered in the size of the stack guard page on Linux, specifically a 4k stack guard page is not sufficiently large and can be \u0027jumped\u0027 over (the stack guard page is bypassed), this affects Linux Kernel versions 4.11.5 and earlier (the stackguard page was introduced in 2010) (bnc#1039348).\n- CVE-2017-1000365: The Linux Kernel imposes a size restriction on the arguments and environmental strings passed through RLIMIT_STACK/RLIM_INFINITY (1/4 of the size), but did not take the argument and environment pointers into account, which allowed attackers to bypass this limitation. (bnc#1039354).\n- CVE-2017-1000380: sound/core/timer.c in the Linux kernel is vulnerable to a data race in the ALSA /dev/snd/timer driver resulting in local users being able to read information belonging to other users, i.e., uninitialized memory contents may be disclosed when a read and an ioctl happen at the same time (bnc#1044125).\n- CVE-2017-7346: The vmw_gb_surface_define_ioctl function in drivers/gpu/drm/vmwgfx/vmwgfx_surface.c in the Linux kernel did not validate certain levels data, which allowed local users to cause a denial of service (system hang) via a crafted ioctl call for a /dev/dri/renderD* device (bnc#1031796).\n- CVE-2017-9242: The __ip6_append_data function in net/ipv6/ip6_output.c in the Linux kernel is too late in checking whether an overwrite of an skb data structure may occur, which allowed local users to cause a denial of service (system crash) via crafted system calls (bnc#1041431).\n- CVE-2017-9076: The dccp_v6_request_recv_sock function in net/dccp/ipv6.c in the Linux kernel mishandled inheritance, which allowed local users to cause a denial of service or possibly have unspecified other impact via crafted system calls, a related issue to CVE-2017-8890 (bnc#1039885).\n- CVE-2017-9077: The tcp_v6_syn_recv_sock function in net/ipv6/tcp_ipv6.c in the Linux kernel mishandled inheritance, which allowed local users to cause a denial of service or possibly have unspecified other impact via crafted system calls, a related issue to CVE-2017-8890 (bnc#1040069).\n- CVE-2017-9075: The sctp_v6_create_accept_sk function in net/sctp/ipv6.c in the Linux kernel mishandled inheritance, which allowed local users to cause a denial of service or possibly have unspecified other impact via crafted system calls, a related issue to CVE-2017-8890 (bnc#1039883).\n- CVE-2017-9074: The IPv6 fragmentation implementation in the Linux kernel did not consider that the nexthdr field may be associated with an invalid option, which allowed local users to cause a denial of service (out-of-bounds read and BUG) or possibly have unspecified other impact via crafted socket and send system calls (bnc#1039882).\n- CVE-2017-7487: The ipxitf_ioctl function in net/ipx/af_ipx.c in the Linux kernel mishandled reference counts, which allowed local users to cause a denial of service (use-after-free) or possibly have unspecified other impact via a failed SIOCGIFADDR ioctl call for an IPX interface (bnc#1038879).\n- CVE-2017-8890: The inet_csk_clone_lock function in net/ipv4/inet_connection_sock.c in the Linux kernel allowed attackers to cause a denial of service (double free) or possibly have unspecified other impact by leveraging use of the accept system call (bnc#1038544).\n- CVE-2017-9150: The do_check function in kernel/bpf/verifier.c in the Linux kernel did not make the allow_ptr_leaks value available for restricting the output of the print_bpf_insn function, which allowed local users to obtain sensitive address information via crafted bpf system calls (bnc#1040279).\n- CVE-2017-7618: crypto/ahash.c in the Linux kernel allowed attackers to cause a denial of service (API operation calling its own callback, and infinite recursion) by triggering EBUSY on a full queue (bnc#1033340).\n- CVE-2016-4997: The compat IPT_SO_SET_REPLACE and IP6T_SO_SET_REPLACE setsockopt implementations in the netfilter subsystem in the Linux kernel allow local users to gain privileges or cause a denial of service (memory corruption) by leveraging in-container root access to provide a crafted offset value that triggers an unintended decrement (bnc#986362).\n- CVE-2016-4998: The IPT_SO_SET_REPLACE setsockopt implementation in the netfilter subsystem in the Linux kernel allowed local users to cause a denial of service (out-of-bounds read) or possibly obtain sensitive information from kernel heap memory by leveraging in-container root access to provide a crafted offset value that leads to crossing a ruleset blob boundary (bnc#986365).\n- CVE-2017-7616: Incorrect error handling in the set_mempolicy and mbind compat syscalls in mm/mempolicy.c in the Linux kernel allowed local users to obtain sensitive information from uninitialized stack data by triggering failure of a certain bitmap operation (bnc#1033336).\n- CVE-2017-2671: The ping_unhash function in net/ipv4/ping.c in the Linux kernel is too late in obtaining a certain lock and consequently cannot ensure that disconnect function calls are safe, which allowed local users to cause a denial of service (panic) by leveraging access to the protocol value of IPPROTO_ICMP in a socket system call (bnc#1031003).\n- CVE-2017-7184: The xfrm_replay_verify_len function in net/xfrm/xfrm_user.c in the Linux kernel did not validate certain size data after an XFRM_MSG_NEWAE update, which allowed local users to obtain root privileges or cause a denial of service (heap-based out-of-bounds access) by leveraging the CAP_NET_ADMIN capability, as demonstrated during a Pwn2Own competition at CanSecWest 2017 for the Ubuntu 16.10 linux-image-* package 4.8.0.41.52 (bnc#1030573).\n- CVE-2017-7308: The packet_set_ring function in net/packet/af_packet.c in the Linux kernel did not properly validate certain block-size data, which allowed local users to cause a denial of service (integer signedness error and out-of-bounds write), or gain privileges (if the CAP_NET_RAW capability is held), via crafted system calls (bnc#1031579).\n- CVE-2017-7294: The vmw_surface_define_ioctl function in drivers/gpu/drm/vmwgfx/vmwgfx_surface.c in the Linux kernel did not validate addition of certain levels data, which allowed local users to trigger an integer overflow and out-of-bounds write, and cause a denial of service (system hang or crash) or possibly gain privileges, via a crafted ioctl call for a /dev/dri/renderD* device (bnc#1031440).\n- CVE-2017-7261: The vmw_surface_define_ioctl function in drivers/gpu/drm/vmwgfx/vmwgfx_surface.c in the Linux kernel did not check for a zero value of certain levels data, which allowed local users to cause a denial of service (ZERO_SIZE_PTR dereference, and GPF and possibly panic) via a crafted ioctl call for a /dev/dri/renderD* device (bnc#1031052).\n- CVE-2017-7187: The sg_ioctl function in drivers/scsi/sg.c in the Linux kernel allowed local users to cause a denial of service (stack-based buffer overflow) or possibly have unspecified other impact via a large command size in an SG_NEXT_CMD_LEN ioctl call, leading to out-of-bounds write access in the sg_write function (bnc#1030213).\n- CVE-2017-7374: Use-after-free vulnerability in fs/crypto/ in the Linux kernel allowed local users to cause a denial of service (NULL pointer dereference) or possibly gain privileges by revoking keyring keys being used for ext4, f2fs, or ubifs encryption, causing cryptographic transform objects to be freed prematurely (bnc#1032006).\n- CVE-2016-10200: Race condition in the L2TPv3 IP Encapsulation feature in the Linux kernel allowed local users to gain privileges or cause a denial of service (use-after-free) by making multiple bind system calls without properly ascertaining whether a socket has the SOCK_ZAPPED status, related to net/l2tp/l2tp_ip.c and net/l2tp/l2tp_ip6.c (bnc#1028415).\n- CVE-2017-2636: Race condition in drivers/tty/n_hdlc.c in the Linux kernel allowed local users to gain privileges or cause a denial of service (double free) by setting the HDLC line discipline (bnc#1027565).\n- CVE-2017-6345: The LLC subsystem in the Linux kernel did not ensure that a certain destructor exists in required circumstances, which allowed local users to cause a denial of service (BUG_ON) or possibly have unspecified other impact via crafted system calls (bnc#1027190).\n- CVE-2017-6346: Race condition in net/packet/af_packet.c in the Linux kernel allowed local users to cause a denial of service (use-after-free) or possibly have unspecified other impact via a multithreaded application that made PACKET_FANOUT setsockopt system calls (bnc#1027189).\n- CVE-2017-6353: net/sctp/socket.c in the Linux kernel did not properly restrict association peel-off operations during certain wait states, which allowed local users to cause a denial of service (invalid unlock and double free) via a multithreaded application. NOTE: this vulnerability exists because of an incorrect fix for CVE-2017-5986. (bnc#1027066).\n- CVE-2017-6214: The tcp_splice_read function in net/ipv4/tcp.c in the Linux kernel allowed remote attackers to cause a denial of service (infinite loop and soft lockup) via vectors involving a TCP packet with the URG flag (bnc#1026722).\n- CVE-2016-2117: The atl2_probe function in drivers/net/ethernet/atheros/atlx/atl2.c in the Linux kernel incorrectly enables scatter/gather I/O, which allowed remote attackers to obtain sensitive information from kernel memory by reading packet data (bnc#968697).\n- CVE-2017-6347: The ip_cmsg_recv_checksum function in net/ipv4/ip_sockglue.c in the Linux kernel has incorrect expectations about skb data layout, which allowed local users to cause a denial of service (buffer over-read) or possibly have unspecified other impact via crafted system calls, as demonstrated by use of the MSG_MORE flag in conjunction with loopback UDP transmission (bnc#1027179).\n- CVE-2016-9191: The cgroup offline implementation in the Linux kernel mishandled certain drain operations, which allowed local users to cause a denial of service (system hang) by leveraging access to a container environment for executing a crafted application, as demonstrated by trinity (bnc#1008842).\n- CVE-2017-2583: The load_segment_descriptor implementation in arch/x86/kvm/emulate.c in the Linux kernel improperly emulates a \u0027MOV SS, NULL selector\u0027 instruction, which allowed guest OS users to cause a denial of service (guest OS crash) or gain guest OS privileges via a crafted application (bnc#1020602).\n- CVE-2017-2584: arch/x86/kvm/emulate.c in the Linux kernel allowed local users to obtain sensitive information from kernel memory or cause a denial of service (use-after-free) via a crafted application that leverages instruction emulation for fxrstor, fxsave, sgdt, and sidt (bnc#1019851).\n- CVE-2017-2596: The nested_vmx_check_vmptr function in arch/x86/kvm/vmx.c in the Linux kernel improperly emulates the VMXON instruction, which allowed KVM L1 guest OS users to cause a denial of service (host OS memory consumption) by leveraging the mishandling of page references (bnc#1022785).\n- CVE-2017-6074: The dccp_rcv_state_process function in net/dccp/input.c in the Linux kernel mishandled DCCP_PKT_REQUEST packet data structures in the LISTEN state, which allowed local users to obtain root privileges or cause a denial of service (double free) via an application that made an IPV6_RECVPKTINFO setsockopt system call (bnc#1026024).\n- CVE-2017-5986: Race condition in the sctp_wait_for_sndbuf function in net/sctp/socket.c in the Linux kernel allowed local users to cause a denial of service (assertion failure and panic) via a multithreaded application that peels off an association in a certain buffer-full state (bnc#1025235).\n- CVE-2017-5970: The ipv4_pktinfo_prepare function in net/ipv4/ip_sockglue.c in the Linux kernel allowed attackers to cause a denial of service (system crash) via (1) an application that made crafted system calls or possibly (2) IPv4 traffic with invalid IP options (bnc#1024938).\n- CVE-2017-5897: The ip6gre_err function in net/ipv6/ip6_gre.c in the Linux kernel allowed remote attackers to have unspecified impact via vectors involving GRE flags in an IPv6 packet, which trigger an out-of-bounds access (bnc#1023762).\n- CVE-2016-7117: Use-after-free vulnerability in the __sys_recvmmsg function in net/socket.c in the Linux kernel allowed remote attackers to execute arbitrary code via vectors involving a recvmmsg system call that is mishandled during error processing (bnc#1003077).\n- CVE-2017-5576: Integer overflow in the vc4_get_bcl function in drivers/gpu/drm/vc4/vc4_gem.c in the VideoCore DRM driver in the Linux kernel allowed local users to cause a denial of service or possibly have unspecified other impact via a crafted size value in a VC4_SUBMIT_CL ioctl call (bnc#1021294).\n- CVE-2017-5577: The vc4_get_bcl function in drivers/gpu/drm/vc4/vc4_gem.c in the VideoCore DRM driver in the Linux kernel did not set an errno value upon certain overflow detections, which allowed local users to cause a denial of service (incorrect pointer dereference and OOPS) via inconsistent size values in a VC4_SUBMIT_CL ioctl call (bnc#1021294).\n- CVE-2017-5551: The simple_set_acl function in fs/posix_acl.c in the Linux kernel preserves the setgid bit during a setxattr call involving a tmpfs filesystem, which allowed local users to gain group privileges by leveraging the existence of a setgid program with restrictions on execute permissions. NOTE: this vulnerability exists because of an incomplete fix for CVE-2016-7097. (bnc#1021258).\n\nThe following non-security bugs were fixed:\n\n- 9p: fix a potential acl leak (4.4.68 stable queue).\n- acpi / APEI: Add missing synchronize_rcu() on NOTIFY_SCI removal (bsc#1031717).\n- acpi: Do not create a platform_device for IOAPIC/IOxAPIC (bsc#1028819).\n- acpi, ioapic: Clear on-stack resource before using it (bsc#1028819).\n- acpi, nfit: fix acpi_nfit_flush_probe() crash (bsc#1031717).\n- acpi, nfit: fix bus vs dimm confusion in xlat_status (bsc#1023175).\n- acpi, nfit: fix extended status translations for ACPI DSMs (bsc#1031717).\n- acpi, nfit, libnvdimm: fix / harden ars_status output length handling (bsc#1023175).\n- acpi, nfit: validate ars_status output buffer size (bsc#1023175).\n- acpi: Remove platform devices from a bus on removal (bsc#1028819).\n- acpi / scan: Drop support for force_remove (bnc#1029607).\n- ahci: disable correct irq for dummy ports (bsc#1040125).\n- alsa: hda - Fix deadlock of controller device lock at unbinding (4.4.68 stable queue).\n- arm64: hugetlb: fix the wrong address for several functions (bsc#1032681).\n- arm64: hugetlb: fix the wrong return value for huge_ptep_set_access_flags (bsc#1032681).\n- arm64: hugetlb: remove the wrong pmd check in find_num_contig() (bsc#1032681).\n- arm64/numa: fix incorrect log for memory-less node (bsc#1019631).\n- arm64: Use full path in KBUILD_IMAGE definition (bsc#1010032).\n- arm: 8452/3: PJ4: make coprocessor access sequences buildable in Thumb2 mode (4.4.68 stable queue).\n- arm: OMAP5 / DRA7: Fix HYP mode boot for thumb2 build (4.4.68 stable queue).\n- arm: Use full path in KBUILD_IMAGE definition (bsc#1010032).\n- ASoC: cht_bsw_rt5645: Fix leftover kmalloc (bsc#1010690).\n- ASoC: Intel: Skylake: Uninitialized variable in probe_codec() (bsc#1043231).\n- ASoC: rt5640: use msleep() for long delays (bsc#1031717).\n- ASoC: sti: Fix error handling if of_clk_get() fails (bsc#1031717).\n- avoid including \u0027mountproto=\u0027 with no protocol in /proc/mounts (bsc#1019260).\n- bcache: fix calling ida_simple_remove() with incorrect minor (bsc#1038085).\n- bcache: Make gc wakeup sane, remove set_task_state() (bsc#1021260).\n- bcache: partition support: add 16 minors per bcacheN device (bsc#1019784).\n- blacklist 61e8a0d5a027 powerpc/pci: Fix endian bug in fixed PHB numbering (bsc#989311)\n- blacklist.conf: a04a480d4392 net: Require exact match for TCP socket lookups if dif is l3mdev (v4.9-rc4) 10/11 conflicts are with code introduced by 74b20582ac38 (\u0027net: l3mdev: Add hook in ip and ipv6\u0027, v4.7-rc1) which is not present in SP2. I think that either the problem was always there or was introduced by 74b20582ac38. If in the first case, the fix would have to be implemented differently; if in the second case, the fix is not needed in SP2.\n- blacklist.conf: blacklist reverted commit Commit 82486aa6f1b9 (\u0027ipv4: restore rt-\u0026gt;fi for reference counting\u0027) was later reverted and replaced by commit 3fb07daff8e9 (\u0027ipv4: add reference counting to metrics\u0027). This solution breaks kABI, though, and I\u0027ll need to look into it more carefully to see if it can be worked around easily.\n- blk-mq: Allow timeouts to run while queue is freezing (bsc#1020817).\n- blk-mq: Always schedule hctx-\u003enext_cpu (bsc#1020817).\n- blk-mq: Avoid memory reclaim when remapping queues (bsc#1020817).\n- blk-mq: do not overwrite rq-\u003emq_ctx (bsc#1020817).\n- blk-mq: Fix failed allocation path when mapping queues (bsc#1020817).\n- blk-mq: improve warning for running a queue on the wrong CPU (bsc#1020817).\n- block: Change extern inline to static inline (bsc#1023175).\n- block: copy NOMERGE flag from bio to request (bsc#1030070).\n- block: get rid of blk_integrity_revalidate() (4.4.68 stable queue).\n- bluetooth: btmrvl: fix hung task warning dump (bsc#1018813).\n- bna: add missing per queue ethtool stat (bsc#966321 FATE#320156).\n- bna: avoid writing uninitialized data into hw registers (bsc#966321 FATE#320156).\n- bna: integer overflow bug in debugfs (bsc#966321 FATE#320156).\n- bnx2x: allow adding VLANs while interface is down (bsc#1027273).\n- bnx2x: Correct ringparam estimate when DOWN (bsc#1020214).\n- bnxt_en: allocate enough space for -\u003entp_fltr_bmap (bsc#1020412 FATE#321671).\n- bonding: avoid defaulting hard_header_len to ETH_HLEN on slave removal (bsc#1042286).\n- bonding: do not use stale speed and duplex information (bsc#1042286).\n- bonding: fix 802.3ad aggregator reselection (bsc#1029514).\n- bonding: prevent out of bound accesses (bsc#1042286).\n- bpf, arm64: fix jit branch offset related to ldimm64 (4.4.68 stable queue).\n- brcmfmac: add fallback for devices that do not report per-chain values (bsc#1043231).\n- brcmfmac: avoid writing channel out of allocated array (bsc#1043231).\n- brcmfmac: Change error print on wlan0 existence (bsc#1000092).\n- brcmfmac: Ensure pointer correctly set if skb data location changes (4.4.68 stable queue).\n- brcmfmac: Make skb header writable before use (4.4.68 stable queue).\n- brcmfmac: restore stopping netdev queue when bus clogs up (bsc#1031717).\n- btrfs: add a flags field to btrfs_fs_info (bsc#1012452).\n- btrfs: add ASSERT for block group\u0027s memory leak (bsc#1012452).\n- btrfs: add btrfs_trans_handle-\u003efs_info pointer (bsc#1012452).\n- btrfs: add bytes_readonly to the spaceinfo at once (bsc#1012452).\n- btrfs: add check to sysfs handler of label (bsc#1012452).\n- btrfs: add dynamic debug support (bsc#1012452).\n- btrfs: add error handling for extent buffer in print tree (bsc#1012452).\n- btrfs: add missing bytes_readonly attribute file in sysfs (bsc#1012452).\n- btrfs: add missing check for writeback errors on fsync (bsc#1012452).\n- btrfs: add more validation checks for superblock (bsc#1012452).\n- btrfs: Add ratelimit to btrfs printing (bsc#1012452).\n- btrfs: add read-only check to sysfs handler of features (bsc#1012452).\n- btrfs: add semaphore to synchronize direct IO writes with fsync (bsc#1012452).\n- btrfs: add support for RENAME_EXCHANGE and RENAME_WHITEOUT (bsc#1020975).\n- btrfs: add tracepoint for adding block groups (bsc#1012452).\n- btrfs: add tracepoints for flush events (bsc#1012452).\n- btrfs: add transaction space reservation tracepoints (bsc#1012452).\n- btrfs: add validadtion checks for chunk loading (bsc#1012452).\n- btrfs: add write protection to SET_FEATURES ioctl (bsc#1012452).\n- btrfs: allow balancing to dup with multi-device (bsc#1012452).\n- btrfs: allow unlink to exceed subvolume quota (bsc#1019614).\n- btrfs: always reserve metadata for delalloc extents (bsc#1012452).\n- btrfs: always use trans-\u0026gt;block_rsv for orphans (bsc#1012452).\n- btrfs: avoid blocking open_ctree from cleaner_kthread (bsc#1012452).\n- btrfs: avoid deadlocks during reservations in btrfs_truncate_block (bsc#1012452).\n- btrfs: avoid overflowing f_bfree (bsc#1012452).\n- btrfs: avoid uninitialized variable warning (bsc#1012452).\n- btrfs: backref: Fix soft lockup in __merge_refs function (bsc#1017641).\n- btrfs: btrfs_abort_transaction, drop root parameter (bsc#1012452).\n- btrfs: __btrfs_buffered_write: Pass valid file offset when releasing delalloc space (bsc#1012452).\n- btrfs: __btrfs_buffered_write: Reserve/release extents aligned to block size (bsc#1012452).\n- btrfs: btrfs_check_super_valid: Allow 4096 as stripesize (bsc#1012452).\n- btrfs: btrfs_debug should consume fs_info when DEBUG is not defined (bsc#1012452).\n- btrfs: btrfs_ioctl_clone: Truncate complete page after performing clone operation (bsc#1012452).\n- btrfs: btrfs_page_mkwrite: Reserve space in sectorsized units (bsc#1012452).\n- btrfs: btrfs_relocate_chunk pass extent_root to btrfs_end_transaction (bsc#1012452).\n- btrfs: btrfs_submit_direct_hook: Handle map_length \u0026lt; bio vector length (bsc#1012452).\n- btrfs: build fixup for qgroup_account_snapshot (bsc#1012452).\n- btrfs: change BUG_ON()\u0027s to ASSERT()\u0027s in backref_cache_cleanup() (bsc#1012452).\n- btrfs: change delayed reservation fallback behavior (bsc#1012452).\n- btrfs: change how we calculate the global block rsv (bsc#1012452).\n- btrfs: change how we update the global block rsv (bsc#1012452).\n- btrfs: Change qgroup_meta_rsv to 64bit (bsc#1019614).\n- btrfs: check btree node\u0027s nritems (bsc#1012452).\n- btrfs: check if extent buffer is aligned to sectorsize (bsc#1012452).\n- btrfs: check inconsistence between chunk and block group (bsc#1012452).\n- btrfs: check reserved when deciding to background flush (bsc#1012452).\n- btrfs: clarify do_chunk_alloc()\u0027s return value (bsc#1012452).\n- btrfs: Clean pte corresponding to page straddling i_size (bsc#1012452).\n- btrfs: clean the old superblocks before freeing the device (bsc#1012452).\n- btrfs: clean up and optimize __check_raid_min_device() (bsc#1012452).\n- btrfs: cleanup assigning next active device with a check (bsc#1012452).\n- btrfs: cleanup BUG_ON in merge_bio (bsc#1012452).\n- btrfs: Cleanup compress_file_range() (bsc#1012452).\n- btrfs: cleanup error handling in extent_write_cached_pages (bsc#1012452).\n- btrfs: clear uptodate flags of pages in sys_array eb (bsc#1012452).\n- btrfs: clone: use vmalloc only as fallback for nodesize bufer (bsc#1012452).\n- btrfs: Compute and look up csums based on sectorsized blocks (bsc#1012452).\n- btrfs: convert nodesize macros to static inlines (bsc#1012452).\n- btrfs: convert printk(KERN_* to use pr_* calls (bsc#1012452).\n- btrfs: convert pr_* to btrfs_* where possible (bsc#1012452).\n- btrfs: convert send\u0027s verbose_printk to btrfs_debug (bsc#1012452).\n- btrfs: copy_to_sk drop unused root parameter (bsc#1012452).\n- btrfs: create a helper function to read the disk super (bsc#1012452).\n- btrfs: create example debugfs file only in debugging build (bsc#1012452).\n- btrfs: create helper btrfs_find_device_by_user_input() (bsc#1012452).\n- btrfs: create helper function __check_raid_min_devices() (bsc#1012452).\n- btrfs: csum_tree_block: return proper errno value (bsc#1012452).\n- btrfs: detect corruption when non-root leaf has zero item (bsc#1012452).\n- btrfs: device add and remove: use GFP_KERNEL (bsc#1012452).\n- btrfs: Direct I/O read: Work on sectorsized blocks (bsc#1012452).\n- btrfs: divide btrfs_update_reserved_bytes() into two functions (bsc#1012452).\n- btrfs: do not background blkdev_put() (bsc#1012452).\n- btrfs: do not bother kicking async if there\u0027s nothing to reclaim (bsc#1012452).\n- btrfs: do not BUG_ON() in btrfs_orphan_add (bsc#1012452).\n- btrfs: do not create empty block group if we have allocated data (bsc#1012452).\n- btrfs: do not decrease bytes_may_use when replaying extents (bsc#1012452).\n- btrfs: do not do nocow check unless we have to (bsc#1012452).\n- btrfs: do not do unnecessary delalloc flushes when relocating (bsc#1012452).\n- btrfs: do not force mounts to wait for cleaner_kthread to delete one or more subvolumes (bsc#1012452).\n- btrfs: do not wait for unrelated IO to finish before relocation (bsc#1012452).\n- btrfs: do not WARN() in btrfs_transaction_abort() for IO errors (bsc#1035866).\n- btrfs: do not write corrupted metadata blocks to disk (bsc#1012452).\n- btrfs: end transaction if we abort when creating uuid root (bsc#1012452).\n- btrfs: enhance btrfs_find_device_by_user_input() to check device path (bsc#1012452).\n- btrfs: error out if generic_bin_search get invalid arguments (bsc#1012452).\n- btrfs: expand cow_file_range() to support in-band dedup and subpage-blocksize (bsc#1012452).\n- btrfs: extend btrfs_set_extent_delalloc and its friends to support in-band dedupe and subpage size patchset (bsc#1012452).\n- btrfs: extent same: use GFP_KERNEL for page array allocations (bsc#1012452).\n- btrfs: fallback to vmalloc in btrfs_compare_tree (bsc#1012452).\n- btrfs: fallocate: use GFP_KERNEL (bsc#1012452).\n- btrfs: fallocate: Work with sectorsized blocks (bsc#1012452).\n- btrfs: fill relocation block rsv after allocation (bsc#1012452).\n- btrfs: fix an integer overflow check (bsc#1012452).\n- btrfs: fix a possible umount deadlock (bsc#1012452).\n- btrfs: Fix block size returned to user space (bsc#1012452).\n- btrfs: fix btrfs_compat_ioctl failures on non-compat ioctls (bsc#1018100).\n- btrfs: fix btrfs_no_printk stub helper (bsc#1012452).\n- btrfs: Fix BUG_ON condition in scrub_setup_recheck_block() (bsc#1012452).\n- btrfs: fix BUG_ON in btrfs_mark_buffer_dirty (bsc#1012452).\n- btrfs: fix BUG_ON in btrfs_submit_compressed_write (bsc#1012452).\n- btrfs: fix build warning (bsc#1012452).\n- btrfs: fix callers of btrfs_block_rsv_migrate (bsc#1012452).\n- btrfs: fix check_direct_IO() for non-iovec iterators (bsc#1012452).\n- btrfs: fix check_shared for fiemap ioctl (bsc#1037177).\n- btrfs: fix crash when tracepoint arguments are freed by wq callbacks (bsc#1012452).\n- btrfs: fix data loss after truncate when using the no-holes feature (bsc#1036214).\n- btrfs: fix deadlock in delayed_ref_async_start (bsc#1012452).\n- btrfs: fix delalloc accounting after copy_from_user faults (bsc#1012452).\n- btrfs: fix delalloc reservation amount tracepoint (bsc#1012452).\n- btrfs: fix disk_i_size update bug when fallocate() fails (bsc#1012452).\n- btrfs: fix divide error upon chunk\u0027s stripe_len (bsc#1012452).\n- btrfs: fix double free of fs root (bsc#1012452).\n- btrfs: fix eb memory leak due to readpage failure (bsc#1012452).\n- btrfs: fix em leak in find_first_block_group (bsc#1012452).\n- btrfs: fix emptiness check for dirtied extent buffers at check_leaf() (bsc#1012452).\n- btrfs: fix error handling in map_private_extent_buffer (bsc#1012452).\n- btrfs: fix error return code in btrfs_init_test_fs() (bsc#1012452).\n- btrfs: fix extent_same allowing destination offset beyond i_size (bsc#1012452).\n- btrfs: fix free space calculation in dump_space_info() (bsc#1012452).\n- btrfs: fix fsfreeze hang caused by delayed iputs deal (bsc#1012452).\n- btrfs: fix fspath error deallocation (bsc#1012452).\n- btrfs: fix handling of faults from btrfs_copy_from_user (bsc#1012452).\n- btrfs: fix inode leak on failure to setup whiteout inode in rename (bsc#1020975).\n- btrfs: fix int32 overflow in shrink_delalloc() (bsc#1012452).\n- btrfs: Fix integer overflow when calculating bytes_per_bitmap (bsc#1012452).\n- btrfs: fix invalid dereference in btrfs_retry_endio (bsc#1040395).\n- btrfs: fix invalid reference in replace_path (bsc#1012452).\n- btrfs: fix listxattrs not listing all xattrs packed in the same item (bsc#1012452).\n- btrfs: fix lockdep deadlock warning due to dev_replace (bsc#1012452).\n- btrfs: fix lockdep warning about log_mutex (bsc#1021455).\n- btrfs: fix lock dep warning, move scratch dev out of device_list_mutex and uuid_mutex (bsc#1012452).\n- btrfs: fix lock dep warning move scratch super outside of chunk_mutex (bsc#1012452).\n- btrfs: fix lockdep warning on deadlock against an inode\u0027s log mutex (bsc#1021455).\n- btrfs: fix __MAX_CSUM_ITEMS (bsc#1012452).\n- btrfs: fix memory leak during RAID 5/6 device replacement (bsc#1012452).\n- btrfs: fix memory leak of block group cache (bsc#1012452).\n- btrfs: fix memory leak of reloc_root (bsc#1012452).\n- btrfs: fix mixed block count of available space (bsc#1012452).\n- btrfs: fix number of transaction units for renames with whiteout (bsc#1020975).\n- btrfs: fix one bug that process may endlessly wait for ticket in wait_reserve_ticket() (bsc#1012452).\n- btrfs: fix panic in balance due to EIO (bsc#1012452).\n- btrfs: fix race between block group relocation and nocow writes (bsc#1012452).\n- btrfs: fix race between device replace and block group removal (bsc#1012452).\n- btrfs: fix race between device replace and chunk allocation (bsc#1012452).\n- btrfs: fix race between device replace and discard (bsc#1012452).\n- btrfs: fix race between device replace and read repair (bsc#1012452).\n- btrfs: fix race between fsync and direct IO writes for prealloc extents (bsc#1012452).\n- btrfs: fix race between readahead and device replace/removal (bsc#1012452).\n- btrfs: fix race setting block group back to RW mode during device replace (bsc#1012452).\n- btrfs: fix race setting block group readonly during device replace (bsc#1012452).\n- btrfs: fix read_node_slot to return errors (bsc#1012452).\n- btrfs: fix release reserved extents trace points (bsc#1012452).\n- btrfs: fix segmentation fault when doing dio read (bsc#1040425).\n- btrfs: Fix slab accounting flags (bsc#1012452).\n- btrfs: fix truncate_space_check (bsc#1012452).\n- btrfs: fix unexpected return value of fiemap (bsc#1012452).\n- btrfs: fix unprotected assignment of the left cursor for device replace (bsc#1012452).\n- btrfs: fix WARNING in btrfs_select_ref_head() (bsc#1012452).\n- btrfs: flush_space: treat return value of do_chunk_alloc properly (bsc#1012452).\n- btrfs: Force stripesize to the value of sectorsize (bsc#1012452).\n- btrfs: free sys_array eb as soon as possible (bsc#1012452).\n- btrfs: GFP_NOFS does not GFP_HIGHMEM (bsc#1012452).\n- btrfs: Handle uninitialised inode eviction (bsc#1012452).\n- btrfs: hide test-only member under ifdef (bsc#1012452).\n- btrfs: improve check_node to avoid reading corrupted nodes (bsc#1012452).\n- btrfs: Improve FL_KEEP_SIZE handling in fallocate (bsc#1012452).\n- btrfs: incremental send, do not delay rename when parent inode is new (bsc#1028325).\n- btrfs: incremental send, do not issue invalid rmdir operations (bsc#1028325).\n- btrfs: introduce BTRFS_MAX_ITEM_SIZE (bsc#1012452).\n- btrfs: introduce device delete by devid (bsc#1012452).\n- btrfs: introduce raid-type to error-code table, for minimum device constraint (bsc#1012452).\n- btrfs: introduce ticketed enospc infrastructure (bsc#1012452).\n- btrfs: introduce tickets_id to determine whether asynchronous metadata reclaim work makes progress (bsc#1012452).\n- btrfs: ioctl: reorder exclusive op check in RM_DEV (bsc#1012452).\n- btrfs: kill BUG_ON in do_relocation (bsc#1012452).\n- btrfs: kill BUG_ON in run_delayed_tree_ref (bsc#1012452).\n- btrfs: kill BUG_ON()\u0027s in btrfs_mark_extent_written (bsc#1012452).\n- btrfs: kill invalid ASSERT() in process_all_refs() (bsc#1012452).\n- btrfs: kill the start argument to read_extent_buffer_pages (bsc#1012452).\n- btrfs: kill unused writepage_io_hook callback (bsc#1012452).\n- btrfs: let callers of btrfs_alloc_root pass gfp flags (bsc#1012452).\n- btrfs: Limit inline extents to root-\u0026gt;sectorsize (bsc#1012452).\n- btrfs: make find_workspace always succeed (bsc#1012452).\n- btrfs: make find_workspace warn if there are no workspaces (bsc#1012452).\n- btrfs: make mapping-\u0026gt;writeback_index point to the last written page (bsc#1012452).\n- btrfs: make state preallocation more speculative in __set_extent_bit (bsc#1012452).\n- btrfs: make sure device is synced before return (bsc#1012452).\n- btrfs: make sure we stay inside the bvec during __btrfs_lookup_bio_sums (bsc#1012452).\n- btrfs: make use of btrfs_find_device_by_user_input() (bsc#1012452).\n- btrfs: make use of btrfs_scratch_superblocks() in btrfs_rm_device() (bsc#1012452).\n- btrfs: memset to avoid stale content in btree leaf (bsc#1012452).\n- btrfs: memset to avoid stale content in btree node block (bsc#1012452).\n- btrfs: move error handling code together in ctree.h (bsc#1012452).\n- btrfs: optimize check for stale device (bsc#1012452).\n- btrfs: Output more info for enospc_debug mount option (bsc#1012452).\n- btrfs: parent_start initialization cleanup (bsc#1012452).\n- btrfs: pass correct args to btrfs_async_run_delayed_refs() (bsc#1012452).\n- btrfs: pass number of devices to btrfs_check_raid_min_devices (bsc#1012452).\n- btrfs: pass the right error code to the btrfs_std_error (bsc#1012452).\n- btrfs: pin log earlier when renaming (bsc#1020975).\n- btrfs: pin logs earlier when doing a rename exchange operation (bsc#1020975).\n- btrfs: preallocate compression workspaces (bsc#1012452).\n- btrfs: Print Warning only if ENOSPC_DEBUG is enabled (bsc#1012452).\n- btrfs: qgroup: Move half of the qgroup accounting time out of commit trans (bsc#1017461).\n- btrfs: qgroups: Retry after commit on getting EDQUOT (bsc#1019614).\n- btrfs: Ratelimit \u0027no csum found\u0027 info message (bsc#1012452).\n- btrfs: reada: add all reachable mirrors into reada device list (bsc#1012452).\n- btrfs: reada: Add missed segment checking in reada_find_zone (bsc#1012452).\n- btrfs: reada: Avoid many times of empty loop (bsc#1012452).\n- btrfs: reada: avoid undone reada extents in btrfs_reada_wait (bsc#1012452).\n- btrfs: reada: bypass adding extent when all zone failed (bsc#1012452).\n- btrfs: reada: Fix a debug code typo (bsc#1012452).\n- btrfs: reada: Fix in-segment calculation for reada (bsc#1012452).\n- btrfs: reada: ignore creating reada_extent for a non-existent device (bsc#1012452).\n- btrfs: reada: Jump into cleanup in direct way for __readahead_hook() (bsc#1012452).\n- btrfs: reada: limit max works count (bsc#1012452).\n- btrfs: reada: Move is_need_to_readahead contition earlier (bsc#1012452).\n- btrfs: reada: move reada_extent_put to place after __readahead_hook() (bsc#1012452).\n- btrfs: reada: Pass reada_extent into __readahead_hook directly (bsc#1012452).\n- btrfs: reada: reduce additional fs_info-\u003ereada_lock in reada_find_zone (bsc#1012452).\n- btrfs: reada: Remove level argument in severial functions (bsc#1012452).\n- btrfs: reada: simplify dev-\u003ereada_in_flight processing (bsc#1012452).\n- btrfs: reada: Use fs_info instead of root in __readahead_hook\u0027s argument (bsc#1012452).\n- btrfs: reada: use GFP_KERNEL everywhere (bsc#1012452).\n- btrfs: readdir: use GFP_KERNEL (bsc#1012452).\n- btrfs: refactor btrfs_dev_replace_start for reuse (bsc#1012452).\n- btrfs: Refactor btrfs_lock_cluster() to kill compiler warning (bsc#1012452).\n- btrfs: remove BUG() in raid56 (bsc#1012452).\n- btrfs: remove BUG_ON in start_transaction (bsc#1012452).\n- btrfs: remove BUG_ON()\u0027s in btrfs_map_block (bsc#1012452).\n- btrfs: remove build fixup for qgroup_account_snapshot (bsc#1012452).\n- btrfs: remove redundant error check (bsc#1012452).\n- btrfs: remove save_error_info() (bsc#1012452).\n- btrfs: remove unnecessary btrfs_mark_buffer_dirty in split_leaf (bsc#1012452).\n- btrfs: remove unused function btrfs_assert() (bsc#1012452).\n- btrfs: rename and document compression workspace members (bsc#1012452).\n- btrfs: rename btrfs_find_device_by_user_input (bsc#1012452).\n- btrfs: rename btrfs_std_error to btrfs_handle_fs_error (bsc#1012452).\n- btrfs: rename __check_raid_min_devices (bsc#1012452).\n- btrfs: rename flags for vol args v2 (bsc#1012452).\n- btrfs: reorg btrfs_close_one_device() (bsc#1012452).\n- btrfs: Replace -ENOENT by -ERANGE in btrfs_get_acl() (bsc#1012452).\n- btrfs: Reset IO error counters before start of device replacing (bsc#1012452).\n- btrfs: reuse existing variable in scrub_stripe, reduce stack usage (bsc#1012452).\n- btrfs: s_bdev is not null after missing replace (bsc#1012452).\n- btrfs: scrub: Set bbio to NULL before calling btrfs_map_block (bsc#1012452).\n- btrfs: scrub: use GFP_KERNEL on the submission path (bsc#1012452).\n- btrfs: Search for all ordered extents that could span across a page (bsc#1012452).\n- btrfs: send, fix failure to rename top level inode due to name collision (bsc#1028325).\n- btrfs: send: silence an integer overflow warning (bsc#1012452).\n- btrfs: send: use GFP_KERNEL everywhere (bsc#1012452).\n- btrfs: send: use temporary variable to store allocation size (bsc#1012452).\n- btrfs: send: use vmalloc only as fallback for clone_roots (bsc#1012452).\n- btrfs: send: use vmalloc only as fallback for clone_sources_tmp (bsc#1012452).\n- btrfs: send: use vmalloc only as fallback for read_buf (bsc#1012452).\n- btrfs: send: use vmalloc only as fallback for send_buf (bsc#1012452).\n- btrfs: serialize subvolume mounts with potentially mismatching rw flags (bsc#951844 bsc#1024015)\n- btrfs: Simplify conditions about compress while mapping btrfs flags to inode flags (bsc#1012452).\n- btrfs: sink gfp parameter to clear_extent_bits (bsc#1012452).\n- btrfs: sink gfp parameter to clear_extent_dirty (bsc#1012452).\n- btrfs: sink gfp parameter to clear_record_extent_bits (bsc#1012452).\n- btrfs: sink gfp parameter to convert_extent_bit (bsc#1012452).\n- btrfs: sink gfp parameter to set_extent_bits (bsc#1012452).\n- btrfs: sink gfp parameter to set_extent_defrag (bsc#1012452).\n- btrfs: sink gfp parameter to set_extent_delalloc (bsc#1012452).\n- btrfs: sink gfp parameter to set_extent_new (bsc#1012452).\n- btrfs: sink gfp parameter to set_record_extent_bits (bsc#1012452).\n- btrfs: skip commit transaction if we do not have enough pinned bytes (bsc#1037186).\n- btrfs: subpage-blocksize: Rate limit scrub error message (bsc#1012452).\n- btrfs: switch to common message helpers in open_ctree, adjust messages (bsc#1012452).\n- btrfs: switch to kcalloc in btrfs_cmp_data_prepare (bsc#1012452).\n- btrfs: sysfs: protect reading label by lock (bsc#1012452).\n- btrfs: test_check_exists: Fix infinite loop when searching for free space entries (bsc#987192).\n- btrfs: trace pinned extents (bsc#1012452).\n- btrfs: track transid for delayed ref flushing (bsc#1012452).\n- btrfs: uapi/linux/btrfs.h migration, document subvol flags (bsc#1012452).\n- btrfs: uapi/linux/btrfs.h migration, move balance flags (bsc#1012452).\n- btrfs: uapi/linux/btrfs.h migration, move BTRFS_LABEL_SIZE (bsc#1012452).\n- btrfs: uapi/linux/btrfs.h migration, move feature flags (bsc#1012452).\n- btrfs: uapi/linux/btrfs.h migration, move struct btrfs_ioctl_defrag_range_args (bsc#1012452).\n- btrfs: uapi/linux/btrfs.h migration, qgroup limit flags (bsc#1012452).\n- btrfs: uapi/linux/btrfs_tree.h migration, item types and defines (bsc#1012452).\n- btrfs: uapi/linux/btrfs_tree.h, use __u8 and __u64 (bsc#1012452).\n- btrfs: unpin log if rename operation fails (bsc#1020975).\n- btrfs: unpin logs if rename exchange operation fails (bsc#1020975).\n- btrfs: unsplit printed strings (bsc#1012452).\n- btrfs: untangle gotos a bit in __clear_extent_bit (bsc#1012452).\n- btrfs: untangle gotos a bit in convert_extent_bit (bsc#1012452).\n- btrfs: untangle gotos a bit in __set_extent_bit (bsc#1012452).\n- btrfs: update btrfs_space_info\u0027s bytes_may_use timely (bsc#1012452).\n- btrfs: Use correct format specifier (bsc#1012452).\n- btrfs: use correct offset for reloc_inode in prealloc_file_extent_cluster() (bsc#1012452).\n- btrfs: use dynamic allocation for root item in create_subvol (bsc#1012452).\n- btrfs: Use (eb-\u0026gt;start, seq) as search key for tree modification log (bsc#1012452).\n- btrfs: use existing device constraints table btrfs_raid_array (bsc#1012452).\n- btrfs: use FLUSH_LIMIT for relocation in reserve_metadata_bytes (bsc#1012452).\n- btrfs: use fs_info directly (bsc#1012452).\n- btrfs: use new error message helper in qgroup_account_snapshot (bsc#1012452).\n- btrfs: use proper type for failrec in extent_state (bsc#1012452).\n- btrfs: use root when checking need_async_flush (bsc#1012452).\n- btrfs: use the correct struct for BTRFS_IOC_LOGICAL_INO (bsc#1012452).\n- btrfs: Use __u64 in exported linux/btrfs.h (bsc#1012452).\n- btrfs: warn_on for unaccounted spaces (bsc#1012452).\n- ceph: check i_nlink while converting a file handle to dentry (bsc#1039864).\n- ceph: Check that the new inode size is within limits in ceph_fallocate() (bsc#1037969).\n- ceph: Correctly return NXIO errors from ceph_llseek (git-fixes).\n- ceph: fix bad endianness handling in parse_reply_info_extra (bsc#1020488).\n- ceph: fix file open flags on ppc64 (bsc#1022266).\n- ceph: fix memory leak in __ceph_setxattr() (bsc#1036763).\n- ceph: fix potential use-after-free (bsc#1043371).\n- ceph: fix recursively call between ceph_set_acl and __ceph_setattr (bsc#1034902).\n- ceph: memory leak in ceph_direct_read_write callback (bsc#1041810).\n- cfq-iosched: fix the delay of cfq_group\u0027s vdisktime under iops mode (bsc#1012829).\n- cgroup/pids: remove spurious suspicious RCU usage warning (bnc#1031831).\n- cgroup: remove redundant cleanup in css_create (bsc#1012829).\n- cifs: backport prepath matching fix (bsc#799133).\n- cifs: small underflow in cnvrtDosUnixTm() (bnc#1043935).\n- clk: Make x86/ conditional on CONFIG_COMMON_CLK (4.4.68 stable queue).\n- clk: xgene: Add PMD clock (bsc#1019351).\n- clk: xgene: Do not call __pa on ioremaped address (bsc#1019351).\n- clk: xgene: Remove CLK_IS_ROOT (bsc#1019351).\n- config: enable Ceph kernel client modules for ppc64le (fate#321098)\n- config: enable Ceph kernel client modules for s390x (fate#321098)\n- cpupower: Fix turbo frequency reporting for pre-Sandy Bridge cores (4.4.68 stable queue).\n- crypto: algif_aead - Require setkey before accept(2) (bsc#1031717).\n- crypto: algif_hash - avoid zero-sized array (bnc#1007962).\n- crypto: drbg - do not call drbg_instantiate in healt test (bsc#1018913).\n- crypto: drbg - remove FIPS 140-2 continuous test (bsc#1018913).\n- crypto: FIPS - allow tests to be disabled in FIPS mode (bsc#1018913).\n- crypto: qat - fix bar discovery for c62x (bsc#1021251).\n- crypto: qat - zero esram only for DH85x devices (1021248).\n- crypto: rsa - allow keys \u003e= 2048 bits in FIPS mode (bsc#1018913).\n- crypto: sha-mb - Fix load failure (bsc#1037384).\n- crypto: xts - consolidate sanity check for keys (bsc#1018913).\n- crypto: xts - fix compile errors (bsc#1018913).\n- cxgb4: Add control net_device for configuring PCIe VF (bsc#1021424).\n- cxgb4: Add llseek operation for flash debugfs entry (bsc#1021424).\n- cxgb4: add new routine to get adapter info (bsc#1021424).\n- cxgb4: Add PCI device ID for new adapter (bsc#1021424).\n- cxgb4: Add port description for new cards (bsc#1021424).\n- cxgb4: Add support to enable logging of firmware mailbox commands (bsc#1021424).\n- cxgb4: Check for firmware errors in the mailbox command loop (bsc#1021424).\n- cxgb4: correct device ID of T6 adapter (bsc#1021424).\n- cxgb4/cxgb4vf: Add set VF mac address support (bsc#1021424).\n- cxgb4/cxgb4vf: Allocate more queues for 25G and 100G adapter (bsc#1021424).\n- cxgb4/cxgb4vf: Assign netdev-\u003edev_port with port ID (bsc#1021424).\n- cxgb4/cxgb4vf: Display 25G and 100G link speed (bsc#1021424).\n- cxgb4/cxgb4vf: Remove deprecated module parameters (bsc#1021424).\n- cxgb4: DCB message handler needs to use correct portid to netdev mapping (bsc#1021424).\n- cxgb4: Decode link down reason code obtained from firmware (bsc#1021424).\n- cxgb4: Do not assume FW_PORT_CMD reply is always port info msg (bsc#1021424).\n- cxgb4: do not call napi_hash_del() (bsc#1021424).\n- cxgb4: Do not sleep when mbox cmd is issued from interrupt context (bsc#1021424).\n- cxgb4: Enable SR-IOV configuration via PCI sysfs interface (bsc#1021424).\n- cxgb4: Fix issue while re-registering VF mgmt netdev (bsc#1021424).\n- cxgb4: MU requested by Chelsio (bsc#1021424).\n- cxgb4: Properly decode port module type (bsc#1021424).\n- cxgb4: Refactor t4_port_init function (bsc#1021424).\n- cxgb4: Reset dcb state machine and tx queue prio only if dcb is enabled (bsc#1021424).\n- cxgb4: Support compressed error vector for T6 (bsc#1021424).\n- cxgb4: Synchronize access to mailbox (bsc#1021424).\n- cxgb4: update latest firmware version supported (bsc#1021424).\n- cxgb4vf: do not offload Rx checksums for IPv6 fragments (bsc#1026692).\n- dax: fix deadlock with DAX 4k holes (bsc#1012829).\n- dax: fix device-dax region base (bsc#1023175).\n- Delete previous two fixes for i915 (bsc#1019061). These upstream fixes brought some regressions, so better to revert for now.\n- dell-laptop: Adds support for keyboard backlight timeout AC settings (bsc#1013561).\n- device-dax: check devm_nsio_enable() return value (bsc#1023175).\n- device-dax: fail all private mapping attempts (bsc#1023175).\n- device-dax: fix percpu_ref_exit ordering (bsc#1023175).\n- device-dax: fix private mapping restriction, permit read-only (bsc#1031717).\n- Disable CONFIG_POWER_SUPPLY_DEBUG in debug kernel (bsc#1031500).\n- dmaengine: dw: fix typo in Kconfig (bsc#1031717).\n- dm: fix dm_target_io leak if clone_bio() returns an error (bsc#1040125).\n- dm-mpath: fix race window in do_end_io() (bsc#1011044).\n- dm round robin: do not use this_cpu_ptr() without having preemption disabled (bsc#1040125).\n- dm verity fec: fix block calculation (bsc#1040125).\n- dm verity fec: fix bufio leaks (bsc#1040125).\n- dm verity fec: limit error correction recursion (bsc#1040125).\n- drivers: base: dma-mapping: Fix typo in dmam_alloc_non_coherent comments (bsc#1031717).\n- drivers: hv: util: do not forget to init host_ts.lock (bsc#1031206).\n- drivers: hv: vmbus: finally fix hv_need_to_signal_on_read() (fate#320485, bug#1018385).\n- drivers: hv: vmbus: Prevent sending data on a rescinded channel (fate#320485, bug#1028217).\n- drivers: hv: vmbus: Raise retry/wait limits in vmbus_post_msg() (fate#320485, bsc#1023287, bsc#1028217).\n- drivers: net: phy: mdio-xgene: Add hardware dependency (bsc#1019351).\n- drivers: net: phy: xgene: Fix \u0027remove\u0027 function (bsc#1019351).\n- drivers: net: xgene: Add change_mtu function (bsc#1019351).\n- drivers: net: xgene: Add flow control configuration (bsc#1019351).\n- drivers: net: xgene: Add flow control initialization (bsc#1019351).\n- drivers: net: xgene: Add helper function (bsc#1019351).\n- drivers: net: xgene: Add support for Jumbo frame (bsc#1019351).\n- drivers: net: xgene: Configure classifier with pagepool (bsc#1019351).\n- drivers: net: xgene: fix build after change_mtu function change (bsc#1019351).\n- drivers: net: xgene: fix: Coalescing values for v2 hardware (bsc#1019351).\n- drivers: net: xgene: fix: Disable coalescing on v1 hardware (bsc#1019351).\n- drivers: net: xgene: Fix MSS programming (bsc#1019351).\n- drivers: net: xgene: fix: RSS for non-TCP/UDP (bsc#1019351).\n- drivers: net: xgene: fix: Use GPIO to get link status (bsc#1019351).\n- drivers: net: xgene: uninitialized variable in xgene_enet_free_pagepool() (bsc#1019351).\n- drivers/tty: 8250: only call fintek_8250_probe when doing port I/O (bsc#1031717).\n- drm: Fix broken VT switch with video=1366x768 option (bsc#1018358).\n- drm/i915: Add intel_uncore_suspend / resume functions (bsc#1011913).\n- drm/i915: Disable tv output on i9x5gm (bsc#1039700).\n- drm/i915: Do not init hpd polling for vlv and chv from runtime_suspend() (bsc#1014120).\n- drm/i915: Do not touch NULL sg on i915_gem_object_get_pages_gtt() error (bsc#1031717).\n- drm-i915-dp-Restore-PPS-HW-state-from-the-encoder-re\n- drm/i915/dp: Restore PPS HW state from the encoder resume hook (bsc#1019061).\n- drm/i915: Fix crash after S3 resume with DP MST mode change (bsc#1029634).\n- drm/i915: Fix mismatched INIT power domain disabling during suspend (bsc#1031717).\n- drm/i915: Fix watermarks for VLV/CHV (bsc#1011176).\n- drm/i915: Force VDD off on the new power seqeuencer before starting to use it (bsc#1009674).\n- drm/i915/gen9: Fix PCODE polling during CDCLK change notification (bsc#1015367).\n- drm/i915: Introduce Kabypoint PCH for Kabylake H/DT (bsc#1032581).\n- drm/i915: Listen for PMIC bus access notifications (bsc#1011913).\n- drm/i915: Mark CPU cache as dirty when used for rendering (bsc#1015367).\n- drm/i915: Mark i915_hpd_poll_init_work as static (bsc#1014120).\n- drm/i915: Nuke debug messages from the pipe update critical section (bsc#1031717).\n- drm/i915: Only enable hotplug interrupts if the display interrupts are enabled (bsc#1031717).\n- drm-i915-Prevent-PPS-stealing-from-a-normal-DP-port\n- drm/i915: Prevent PPS stealing from a normal DP port on VLV/CHV (bsc#1019061).\n- drm/i915: Program iboost settings for HDMI/DVI on SKL (bsc#1031717).\n- drm/i915: relax uncritical udelay_range() (bsc#1031717).\n- drm/i915: relax uncritical udelay_range() settings (bsc#1031717).\n- drm/i915: Use pagecache write to prepopulate shmemfs from pwrite-ioctl (bsc#1040463).\n- drm/i915/vlv: Prevent enabling hpd polling in late suspend (bsc#1014120).\n- drm/i915: Workaround for DP DPMS D3 on Dell monitor (bsc#1019061).\n- drm/mgag200: Added support for the new device G200eH3 (bsc#1007959, fate#322780)\n- drm/mgag200: Fix to always set HiPri for G200e4 (bsc#1015452, bsc#995542).\n- drm/nouveau/tmr: fully separate alarm execution/pending lists (bsc#1043467).\n- drm/ttm: fix use-after-free races in vm fault handling (4.4.68 stable queue).\n- drm/vc4: Fix an integer overflow in temporary allocation layout (bsc#1021294).\n- drm-vc4-Fix-an-integer-overflow-in-temporary-allocation-layout.patch\n- drm/vc4: Return -EINVAL on the overflow checks failing (bsc#1021294).\n- drm-vc4-Return-EINVAL-on-the-overflow-checks-failing.patch\n- drm: virtio-gpu: get the fb from the plane state for atomic updates (bsc#1023101).\n- e1000e: Do not return uninitialized stats (bug#1034635).\n- edac, xgene: Fix spelling mistake in error messages (bsc#1019351).\n- efi: Do not issue error message when booted under Xen (bnc#1036638).\n- enic: set skb-\u003ehash type properly (bsc#922871 fate#318754).\n- ext4: fix data corruption for mmap writes (bsc#1012829).\n- ext4: fix data corruption with EXT4_GET_BLOCKS_ZERO (bsc#1012829).\n- ext4: fix fencepost in s_first_meta_bg validation (bsc#1029986).\n- ext4: fix use-after-iput when fscrypt contexts are inconsistent (bsc#1012829).\n- f2fs: fix bad prefetchw of NULL page (bsc#1012829).\n- f2fs: sanity check segment count (4.4.68 stable queue).\n- Fix a regression reported by bsc#1020048 in patches.fixes/0003-md-lockless-I-O-submission-for-RAID1.patch (bsc#982783,bsc#998106,bsc#1020048).\n- fnic: Return \u0027DID_IMM_RETRY\u0027 if rport is not ready (bsc#1035920).\n- fs/block_dev: always invalidate cleancache in invalidate_bdev() (git-fixes).\n- fs: fix data invalidation in the cleancache during direct IO (git-fixes).\n- fs/xattr.c: zero out memory copied to userspace in getxattr (git-fixes).\n- ftrace: Make ftrace_location_range() global (FATE#322421).\n- fuse: fix clearing suid, sgid for chown() (bsc#1012829).\n- futex: Add missing error handling to FUTEX_REQUEUE_PI (bsc#969755).\n- futex: Fix potential use-after-free in FUTEX_REQUEUE_PI (bsc#969755).\n- gpio: xgene: make explicitly non-modular (bsc#1019351).\n- hid: usbhid: Quirk a AMI virtual mouse and keyboard with ALWAYS_POLL (bsc#1022340).\n- hv: do not reset hv_context.tsc_page on crash (fate#320485, bnc#1007729).\n- hv: export current Hyper-V clocksource (bsc#1031206).\n- hv_utils: implement Hyper-V PTP source (bsc#1031206).\n- i2c: designware-baytrail: Acquire P-Unit access on bus acquire (bsc#1011913).\n- i2c: designware-baytrail: Call pmic_bus_access_notifier_chain (bsc#1011913).\n- i2c: designware-baytrail: Fix race when resetting the semaphore (bsc#1011913).\n- i2c: designware-baytrail: Only check iosf_mbi_available() for shared hosts (bsc#1011913).\n- i2c: designware: Disable pm for PMIC i2c-bus even if there is no _SEM method (bsc#1011913).\n- i2c: designware: fix wrong Tx/Rx FIFO for ACPI (bsc#1019351).\n- i2c: designware: Implement support for SMBus block read and write (bsc#1019351).\n- i2c-designware: increase timeout (bsc#1011913).\n- i2c: designware: Never suspend i2c-busses used for accessing the system PMIC (bsc#1011913).\n- i2c: designware: Rename accessor_flags to flags (bsc#1011913).\n- i2c: xgene: Fix missing code of DTB support (bsc#1019351).\n- i40e: Be much more verbose about what we can and cannot offload (bsc#985561).\n- ib/addr: Fix setting source address in addr6_resolve() (bsc#1044082).\n- ib/core: Fix kernel crash during fail to initialize device (bsc#1022595 FATE#322350).\n- ib/core: For multicast functions, verify that LIDs are multicast LIDs (bsc#1022595 FATE#322350).\n- ib/core: If the MGID/MLID pair is not on the list return an error (bsc#1022595 FATE#322350).\n- ib/ipoib: Fix deadlock between ipoib_stop and mcast join flow (bsc#1022595 FATE#322350).\n- ib/mlx5: Assign DSCP for R-RoCE QPs Address Path (bsc#966170 bsc#966172 bsc#966191).\n- ib/mlx5: Check supported flow table size (bsc#966170 bsc#966172 bsc#966191).\n- ib/mlx5: Enlarge autogroup flow table (bsc#966170 bsc#966172 bsc#966191).\n- ib/mlx5: Fix kernel to user leak prevention logic (bsc#966170 bsc#966172 bsc#966191).\n- ibmveth: calculate gso_segs for large packets (bsc#1019148).\n- ibmveth: check return of skb_linearize in ibmveth_start_xmit (bsc#1019148).\n- ibmveth: consolidate kmalloc of array, memset 0 to kcalloc (bsc#1019148).\n- ibmveth: set correct gso_size and gso_type (bsc#1019148).\n- ibmvnic: Activate disabled RX buffer pools on reset (bsc#1044767).\n- ibmvnic: Add set_link_state routine for setting adapter link state (fate#322021, bsc#1031512).\n- ibmvnic: Allocate number of rx/tx buffers agreed on by firmware (fate#322021, bsc#1031512).\n- ibmvnic: Allocate zero-filled memory for sub crqs (fate#322021, bsc#1031512).\n- ibmvnic: Call napi_disable instead of napi_enable in failure path (fate#322021, bsc#1031512).\n- ibmvnic: Check adapter state during ibmvnic_poll (fate#322021, bsc#1040855).\n- ibmvnic: Check for driver reset first in ibmvnic_xmit (fate#322021, bsc#1038297).\n- ibmvnic: Cleanup failure path in ibmvnic_open (fate#322021, bsc#1031512).\n- ibmvnic: Clean up tx pools when closing (fate#322021, bsc#1038297).\n- ibmvnic: Client-initiated failover (bsc#1043990).\n- ibmvnic: Continue skb processing after skb completion error (fate#322021, bsc#1038297).\n- ibmvnic: Correct crq and resource releasing (fate#322021, bsc#1031512).\n- ibmvnic: Correct ibmvnic handling of device open/close (fate#322021, bsc#1031512).\n- ibmvnic: Create init and release routines for the bounce buffer (fate#322021, bsc#1031512).\n- ibmvnic: Create init and release routines for the rx pool (fate#322021, bsc#1031512).\n- ibmvnic: Create init and release routines for the tx pool (fate#322021, bsc#1031512).\n- ibmvnic: Create init/release routines for stats token (fate#322021, bsc#1031512).\n- ibmvnic: Deactivate RX pool buffer replenishment on H_CLOSED (fate#322021, bsc#1040855).\n- ibmvnic: Delete napi\u0027s when releasing driver resources (fate#322021, bsc#1038297).\n- ibmvnic: Disable irq prior to close (fate#322021, bsc#1031512).\n- ibmvnic: Do not disable IRQ after scheduling tasklet (fate#322021, bsc#1031512).\n- ibmvnic: driver initialization for kdump/kexec (bsc#1044772).\n- ibmvnic: Ensure that TX queues are disabled in __ibmvnic_close (bsc#1044767).\n- ibmvnic: Exit polling routine correctly during adapter reset (bsc#1044767).\n- ibmvnic: Fix cleanup of SKB\u0027s on driver close (fate#322021, bsc#1040855).\n- ibmvnic: Fix endian errors in error reporting output (fate#322021, bsc#1031512).\n- ibmvnic: Fix endian error when requesting device capabilities (fate#322021, bsc#1031512).\n- ibmvnic: Fix ibmvnic_change_mac_addr struct format (fate#322021, bsc#1031512).\n- ibmvnic: Fix initial MTU settings (bsc#1031512).\n- ibmvnic: fix missing unlock on error in __ibmvnic_reset() (fate#322021, bsc#1038297, Fixes: ed651a10875f).\n- ibmvnic: Fix overflowing firmware/hardware TX queue (fate#322021, bsc#1031512).\n- ibmvnic: Fixup atomic API usage (fate#322021, bsc#1031512).\n- ibmvnic: Free skb\u0027s in cases of failure in transmit (fate#322021, bsc#1031512).\n- ibmvnic: Free tx/rx scrq pointer array when releasing sub-crqs (fate#322021, bsc#1031512).\n- ibmvnic: Halt TX and report carrier off on H_CLOSED return code (fate#322021, bsc#1040855).\n- ibmvnic: Handle failover after failed init crq (fate#322021, bsc#1040855).\n- ibmvnic: Handle processing of CRQ messages in a tasklet (fate#322021, bsc#1031512).\n- ibmvnic: Initialize completion variables before starting work (fate#322021, bsc#1031512).\n- ibmvnic: Insert header on VLAN tagged received frame (fate#322021, bsc#1031512).\n- ibmvnic: Make CRQ interrupt tasklet wait for all capabilities crqs (fate#322021, bsc#1031512).\n- ibmvnic: Merge the two release_sub_crq_queue routines (fate#322021, bsc#1031512).\n- ibmvnic: Move ibmvnic adapter intialization to its own routine (fate#322021, bsc#1031512).\n- ibmvnic: Move initialization of sub crqs to ibmvnic_init (fate#322021, bsc#1031512).\n- ibmvnic: Move initialization of the stats token to ibmvnic_open (fate#322021, bsc#1031512).\n- ibmvnic: Move login and queue negotiation into ibmvnic_open (fate#322021, bsc#1031512).\n- ibmvnic: Move login to its own routine (fate#322021, bsc#1031512).\n- ibmvnic: Move queue restarting in ibmvnic_tx_complete (fate#322021, bsc#1038297).\n- ibmvnic: Move resource initialization to its own routine (fate#322021, bsc#1038297).\n- ibmvnic: Non-fatal error handling (fate#322021, bsc#1040855).\n- ibmvnic: Only retrieve error info if present (fate#322021, bsc#1031512).\n- ibmvnic: Record SKB RX queue during poll (fate#322021, bsc#1038297).\n- ibmvnic: Remove debugfs support (fate#322021, bsc#1031512).\n- ibmvnic: Remove inflight list (fate#322021, bsc#1031512).\n- ibmvnic: Remove netdev notify for failover resets (bsc#1044120).\n- ibmvnic: Remove unused bouce buffer (fate#322021, bsc#1031512).\n- ibmvnic: Remove VNIC_CLOSING check from pending_scrq (bsc#1044767).\n- ibmvnic: Replace is_closed with state field (fate#322021, bsc#1038297).\n- ibmvnic: Report errors when failing to release sub-crqs (fate#322021, bsc#1031512).\n- ibmvnic: Reset sub-crqs during driver reset (fate#322021, bsc#1040855).\n- ibmvnic: Reset the CRQ queue during driver reset (fate#322021, bsc#1040855).\n- ibmvnic: Reset tx/rx pools on driver reset (fate#322021, bsc#1040855).\n- ibmvnic: Return failure on attempted mtu change (bsc#1043236).\n- ibmvnic: Sanitize entire SCRQ buffer on reset (bsc#1044767).\n- ibmvnic: Send gratuitous arp on reset (fate#322021, bsc#1040855).\n- ibmvnic: Set real number of rx queues (fate#322021, bsc#1031512).\n- ibmvnic: Split initialization of scrqs to its own routine (fate#322021, bsc#1031512).\n- ibmvnic: Track state of adapter napis (fate#322021, bsc#1040855).\n- ibmvnic: Unmap longer term buffer before free (fate#322021, bsc#1031512).\n- ibmvnic: Updated reset handling (fate#322021, bsc#1038297).\n- ibmvnic: Update main crq initialization and release (fate#322021, bsc#1031512).\n- ibmvnic: Use common counter for capabilities checks (fate#322021, bsc#1031512).\n- ibmvnic: use max_mtu instead of req_mtu for MTU range check (bsc#1031512).\n- ibmvnic: Validate napi exist before disabling them (fate#322021, bsc#1031512).\n- ibmvnic: Wait for any pending scrqs entries at driver close (fate#322021, bsc#1038297).\n- ibmvnic: Whitespace correction in release_rx_pools (fate#322021, bsc#1038297).\n- iio: hid-sensor: Store restore poll and hysteresis on S3 (bsc#1031717).\n- infiniband: avoid dereferencing uninitialized dst on error path (git-fixes).\n- iommu/arm-smmu: Disable stalling faults for all endpoints (bsc#1038843).\n- iommu/dma: Respect IOMMU aperture when allocating (bsc#1038842).\n- iommu/exynos: Block SYSMMU while invalidating FLPD cache (bsc#1038848).\n- iommu: Handle default domain attach failure (bsc#1038846).\n- iommu/vt-d: Do not over-free page table directories (bsc#1038847).\n- iommu/vt-d: Make sure IOMMUs are off when intel_iommu=off (bsc#1031208).\n- ipv4, ipv6: ensure raw socket message is big enough to hold an IP header (4.4.68 stable queue).\n- ipv6: Do not use ufo handling on later transformed packets (bsc#1042286).\n- ipv6: fix endianness error in icmpv6_err (bsc#1042286).\n- ipv6: initialize route null entry in addrconf_init() (4.4.68 stable queue).\n- ipv6: release dst on error in ip6_dst_lookup_tail (git-fixes).\n- ipv6: reorder ip6_route_dev_notifier after ipv6_dev_notf (4.4.68 stable queue).\n- isa: Call isa_bus_init before dependent ISA bus drivers register (bsc#1031717).\n- iscsi-target: Return error if unable to add network portal (bsc#1032803).\n- iw_cxgb4: Guard against null cm_id in dump_ep/qp (bsc#1026570).\n- iwlwifi: Expose the default fallback ucode API to module info (boo#1021082, boo#1023884).\n- jump label: fix passing kbuild_cflags when checking for asm goto support (git-fixes).\n- kabi: Hide new include in arch/powerpc/kernel/process.c (fate#322421).\n- kABI: move and hide new cxgbi device owner field (bsc#1018885).\n- kABI: protect cgroup include in kernel/kthread (kabi).\n- kABI: protect struct fib_info (kabi).\n- kABI: protect struct iscsi_conn (kabi).\n- kABI: protect struct mnt_namespace (kabi).\n- kABI: protect struct musb_platform_ops (kabi).\n- kABI: protect struct pglist_data (kabi).\n- kABI: protect struct se_node_acl (kabi).\n- kABI: protect struct snd_fw_async_midi_port (kabi).\n- kABI: protect struct tcp_fastopen_cookie (kabi).\n- kABI: protect struct user_fpsimd_state (kabi).\n- kABI: protect struct wake_irq (kabi).\n- kABI: protect struct xhci_hcd (kabi).\n- kABI: protect struct xlog (bsc#1043598).\n- kABI: restore can_rx_register parameters (kabi).\n- kABI: restore ttm_ref_object_add parameters (kabi).\n- kABI workaround 4.4.65 adding #include \u003clinux/mount.h\u003e to kernel/sysctl.c\n- kabi workaround for net: ipv6: Fix processing of RAs in presence of VRF (bsc#1042286).\n- kernel-binary.spec: Propagate MAKE_ARGS to %build (bsc#1012422)\n- kernel: Fix invalid domain response handling (bnc#1009718, LTC#149851).\n- kgraft/iscsi-target: Do not block kGraft in iscsi_np kthread (bsc#1010612, fate#313296).\n- kgraft/xen: Do not block kGraft in xenbus kthread (bsc#1017410, fate#313296).\n- kgr: Mark eeh_event_handler() kthread safe using a timeout (bsc#1031662).\n- kgr/module: make a taint flag module-specific (fate#313296).\n- kgr: remove all arch-specific kgraft header files (fate#313296).\n- kprobes/x86: Fix kernel panic when certain exception-handling addresses are probed (4.4.68 stable queue).\n- kvm: better MWAIT emulation for guests (bsc#1031142).\n- kvm: nVMX: do not leak PML full vmexit to L1 (4.4.68 stable queue).\n- kvm: nVMX: initialize PML fields in vmcs02 (4.4.68 stable queue).\n- kvm: svm: add support for RDTSCP (bsc#1033117).\n- l2tp: fix address test in __l2tp_ip6_bind_lookup() (bsc#1028415).\n- l2tp: fix lookup for sockets not bound to a device in l2tp_ip (bsc#1028415).\n- l2tp: fix race in l2tp_recv_common() (bsc#1042286).\n- l2tp: fix racy socket lookup in l2tp_ip and l2tp_ip6 bind() (bsc#1028415).\n- l2tp: hold socket before dropping lock in l2tp_ip{, 6}_recv() (bsc#1028415).\n- l2tp: hold tunnel socket when handling control frames in l2tp_ip and l2tp_ip6 (bsc#1028415).\n- l2tp: lock socket before checking flags in connect() (bsc#1028415).\n- leds: ktd2692: avoid harmless maybe-uninitialized warning (4.4.68 stable queue).\n- libata-scsi: Fixup ata_gen_passthru_sense() (bsc#1040125).\n- libceph: NULL deref on crush_decode() error path (bsc#1044015).\n- libcxgb: add library module for Chelsio drivers (bsc#1021424).\n- lib/mpi: mpi_read_raw_data(): fix nbits calculation (bsc#1003581).\n- lib/mpi: mpi_read_raw_data(): purge redundant clearing of nbits (bsc#1003581).\n- lib/mpi: mpi_read_raw_from_sgl(): do not include leading zero SGEs in nbytes (bsc#1003581).\n- lib/mpi: mpi_read_raw_from_sgl(): fix nbits calculation (bsc#1003581).\n- lib/mpi: mpi_read_raw_from_sgl(): fix out-of-bounds buffer access (bsc#1003581).\n- lib/mpi: mpi_read_raw_from_sgl(): purge redundant clearing of nbits (bsc#1003581).\n- lib/mpi: mpi_read_raw_from_sgl(): replace len argument by nbytes (bsc#1003581).\n- lib/mpi: mpi_read_raw_from_sgl(): sanitize meaning of indices (bsc#1003581).\n- libnvdimm, pfn: fix align attribute (bsc#1023175).\n- libnvdimm, pfn: fix memmap reservation size versus 4K alignment (bsc#1031717).\n- libnvdimm, pfn: fix \u0027npfns\u0027 vs section alignment (bsc#1040125).\n- livepatch: Allow architectures to specify an alternate ftrace location (FATE#322421).\n- locking/semaphore: Add down_interruptible_timeout() (bsc#1031662).\n- locking/ww_mutex: Fix compilation of __WW_MUTEX_INITIALIZER (bsc#1031717).\n- lpfc: remove incorrect lockdep assertion (bsc#1040125).\n- mailbox: xgene-slimpro: Fix wrong test for devm_kzalloc (bsc#1019351).\n- md: allow creation of mdNNN arrays via md_mod/parameters/new_array (bsc#1032339).\n- md.c:didn\u0027t unlock the mddev before return EINVAL in array_size_store (bsc#1038143).\n- md-cluster: convert the completion to wait queue (fate#316335).\n- md-cluster: fix potential lock issue in add_new_disk (bsc#1041087).\n- md-cluster: protect md_find_rdev_nr_rcu with rcu lock (fate#316335).\n- md: ensure md devices are freed before module is unloaded (bsc#1022304).\n- md: fix refcount problem on mddev when stopping array (bsc#1022304).\n- md: handle read-only member devices better (bsc#1033281).\n- md linear: fix a race between linear_add() and linear_congested() (bsc#1018446).\n- md: MD_CLOSING needs to be cleared after called md_set_readonly or do_md_stop (bsc#1038142).\n- md/raid1: add rcu protection to rdev in fix_read_error (References: bsc#998106,bsc#1020048,bsc#982783).\n- md/raid1: avoid reusing a resync bio after error handling (Fate#311379).\n- md/raid1: fix a use-after-free bug (bsc#998106,bsc#1020048,bsc#982783).\n- md/raid1: handle flush request correctly (bsc#998106,bsc#1020048,bsc#982783).\n- md/raid1: Refactor raid1_make_request (bsc#998106,bsc#1020048,bsc#982783).\n- md: support disabling of create-on-open semantics (bsc#1032339).\n- media: am437x-vpfe: fix an uninitialized variable bug (bsc#1031717).\n- media: b2c2: use IS_REACHABLE() instead of open-coding it (bsc#1031717).\n- media: c8sectpfe: Rework firmware loading mechanism (bsc#1031717).\n- media: cx231xx-audio: fix NULL-deref at probe (bsc#1031717).\n- media: cx231xx-cards: fix NULL-deref at probe (bsc#1031717).\n- media: cx23885: uninitialized variable in cx23885_av_work_handler() (bsc#1031717).\n- media: DaVinci-VPBE: Check return value of a setup_if_config() call in vpbe_set_output() (bsc#1031717).\n- media: DaVinci-VPFE-Capture: fix error handling (bsc#1031717).\n- media: dib0700: fix NULL-deref at probe (bsc#1031717).\n- media: dvb-usb: avoid link error with dib3000m{b,c| (bsc#1031717).\n- media: exynos4-is: fix a format string bug (bsc#1031717).\n- media: gspca: konica: add missing endpoint sanity check (bsc#1031717).\n- media: lirc_imon: do not leave imon_probe() with mutex held (bsc#1031717).\n- media: pvrusb2: reduce stack usage pvr2_eeprom_analyze() (bsc#1031717).\n- media: rc: allow rc modules to be loaded if rc-main is not a module (bsc#1031717).\n- media: s5p-mfc: Fix unbalanced call to clock management (bsc#1031717).\n- media: sh-vou: clarify videobuf2 dependency (bsc#1031717).\n- media: staging: media: davinci_vpfe: unlock on error in vpfe_reqbufs() (bsc#1031717).\n- media: usbvision: fix NULL-deref at probe (bsc#1031717).\n- media: uvcvideo: Fix empty packet statistic (bsc#1031717).\n- media: uvcvideo: uvc_scan_fallback() for webcams with broken chain (bsc#1021474).\n- media: vb2: Fix an off by one error in \u0027vb2_plane_vaddr\u0027 (bsc#1043231).\n- mem-hotplug: fix node spanned pages when we have a movable node (bnc#1034671).\n- mips: R2-on-R6 MULTU/MADDU/MSUBU emulation bugfix (4.4.68 stable queue).\n- mlx4: Fix memory leak after mlx4_en_update_priv() (bsc#966170 bsc#966172 bsc#966191).\n- mmc: debugfs: correct wrong voltage value (bsc#1031717).\n- mmc: Downgrade error level (bsc#1042536).\n- mm,compaction: serialize waitqueue_active() checks (bsc#971975).\n- mmc: sdhci-of-arasan: Remove no-hispd and no-cmd23 quirks for sdhci-arasan4.9a (bsc#1019351).\n- mmc: sdhci-pxav3: fix higher speed mode capabilities (bsc#1031717).\n- mmc: sdhci: restore behavior when setting VDD via external regulator (bsc#1031717).\n- mm: fix \u003clinux/pagemap.h\u003e stray kernel-doc notation (bnc#971975 VM -- git fixes).\n- mm: fix set pageblock migratetype in deferred struct page init (bnc#1027195).\n- mm/huge_memory.c: respect FOLL_FORCE/FOLL_COW for thp (bnc#1030118).\n- mm/hugetlb: check for reserved hugepages during memory offline (bnc#971975 VM -- git fixes).\n- mm/hugetlb: fix incorrect hugepages count during mem hotplug (bnc#971975 VM -- git fixes).\n- mm/memblock.c: fix memblock_next_valid_pfn() (bnc#1031200).\n- mm, memcg: do not retry precharge charges (bnc#1022559).\n- mm, page_alloc: fix check for NULL preferred_zone (bnc#971975 VM performance -- page allocator).\n- mm, page_alloc: fix fast-path race with cpuset update or removal (bnc#971975 VM performance -- page allocator).\n- mm, page_alloc: fix premature OOM when racing with cpuset mems update (bnc#971975 VM performance -- page allocator).\n- mm, page_alloc: keep pcp count and list contents in sync if struct page is corrupted (bnc#971975 VM performance -- page allocator).\n- mm, page_alloc: move cpuset seqcount checking to slowpath (bnc#971975 VM performance -- page allocator).\n- mm/page_alloc: Remove useless parameter of __free_pages_boot_core (bnc#1027195).\n- mm: page_alloc: skip over regions of invalid pfns where possible (bnc#1031200).\n- module: fix memory leak on early load_module() failures (bsc#1043014).\n- module: move add_taint_module() to a header file (fate#313296).\n- mountproto.patch: Add commit id\n- mwifiex: add missing check for PCIe8997 chipset (bsc#1018813).\n- mwifiex: Avoid skipping WEP key deletion for AP (4.4.68 stable queue).\n- mwifiex: debugfs: Fix (sometimes) off-by-1 SSID print (4.4.68 stable queue).\n- mwifiex: fix IBSS data path issue (bsc#1018813).\n- mwifiex: fix PCIe register information for 8997 chipset (bsc#1018813).\n- mwifiex: pcie: fix cmd_buf use-after-free in remove/reset (bsc#1031717).\n- mwifiex: Removed unused \u0027pkt_type\u0027 variable (bsc#1031717).\n- mwifiex: remove redundant dma padding in AMSDU (4.4.68 stable queue).\n- mwifiex: Remove unused \u0027bcd_usb\u0027 variable (bsc#1031717).\n- mwifiex: Remove unused \u0027chan_num\u0027 variable (bsc#1031717).\n- mwifiex: Remove unused \u0027pm_flag\u0027 variable (bsc#1031717).\n- mwifiex: Remove unused \u0027sta_ptr\u0027 variable (bsc#1031717).\n- net/af_iucv: do not use paged skbs for TX on HiperSockets (bnc#1020945, LTC#150566).\n- net: bridge: start hello timer only if device is up (bnc#1012382).\n- net/ena: change condition for host attribute configuration (bsc#1026509).\n- net/ena: change driver\u0027s default timeouts (bsc#1026509).\n- net: ena: change the return type of ena_set_push_mode() to be void (bsc#1026509).\n- net: ena: Fix error return code in ena_device_init() (bsc#1026509).\n- net/ena: fix ethtool RSS flow configuration (bsc#1026509).\n- net/ena: fix NULL dereference when removing the driver after device reset failed (bsc#1026509).\n- net/ena: fix potential access to freed memory during device reset (bsc#1026509).\n- net/ena: fix queues number calculation (bsc#1026509).\n- net/ena: fix RSS default hash configuration (bsc#1026509).\n- net/ena: reduce the severity of ena printouts (bsc#1026509).\n- net/ena: refactor ena_get_stats64 to be atomic context safe (bsc#1026509).\n- net/ena: remove ntuple filter support from device feature list (bsc#1026509).\n- net: ena: remove superfluous check in ena_remove() (bsc#1026509).\n- net: ena: Remove unnecessary pci_set_drvdata() (bsc#1026509).\n- net/ena: update driver version to 1.1.2 (bsc#1026509).\n- net/ena: use READ_ONCE to access completion descriptors (bsc#1026509).\n- net: ena: use setup_timer() and mod_timer() (bsc#1026509).\n- net: ethernet: apm: xgene: use phydev from struct net_device (bsc#1019351).\n- net: ethtool: Initialize buffer when querying device channel settings (bsc#969479 FATE#320634).\n- netfilter: allow logging from non-init namespaces (bsc#970083).\n- netfilter: nf_conntrack_sip: extend request line validation (bsc#1042286).\n- netfilter: nf_ct_expect: remove the redundant slash when policy name is empty (bsc#1042286).\n- netfilter: nf_dup_ipv6: set again FLOWI_FLAG_KNOWN_NH at flowi6_flags (bsc#1042286).\n- netfilter: nf_nat_snmp: Fix panic when snmp_trap_helper fails to register (bsc#1042286).\n- netfilter: nfnetlink_queue: reject verdict request from different portid (bsc#1042286).\n- netfilter: restart search if moved to other chain (bsc#1042286).\n- netfilter: use fwmark_reflect in nf_send_reset (bsc#1042286).\n- net: fix compile error in skb_orphan_partial() (bnc#1012382).\n- net: ibmvnic: Remove unused net_stats member from struct ibmvnic_adapter (fate#322021, bsc#1031512).\n- net: icmp_route_lookup should use rt dev to determine L3 domain (bsc#1042286).\n- net: implement netif_cond_dbg macro (bsc#1019168).\n- net: ipv6: Fix processing of RAs in presence of VRF (bsc#1042286).\n- net: ipv6: set route type for anycast routes (bsc#1042286).\n- net: l3mdev: Add master device lookup by index (bsc#1042286).\n- net: make netdev_for_each_lower_dev safe for device removal (bsc#1042286).\n- net/mlx4_core: Avoid command timeouts during VF driver device shutdown (bsc#1028017).\n- net/mlx4_core: Avoid delays during VF driver device shutdown (bsc#1028017).\n- net/mlx4_core: Fix racy CQ (Completion Queue) free (bsc#1028017).\n- net/mlx4_core: Fix when to save some qp context flags for dynamic VST to VGT transitions (bsc#1028017).\n- net/mlx4_core: Use cq quota in SRIOV when creating completion EQs (bsc#1028017).\n- net/mlx4_en: Fix bad WQE issue (bsc#1028017).\n- net/mlx5: Do not unlock fte while still using it (bsc#966170 bsc#966172 bsc#966191).\n- net/mlx5e: Modify TIRs hash only when it\u0027s needed (bsc#966170 bsc#966172 bsc#966191).\n- net/mlx5: Fix create autogroup prev initializer (bsc#966170 bsc#966172 bsc#966191).\n- net/mlx5: Prevent setting multicast macs for VFs (bsc#966170 bsc#966172 bsc#966191).\n- net/mlx5: Release FTE lock in error flow (bsc#966170 bsc#966172 bsc#966191).\n- net: remove useless memset\u0027s in drivers get_stats64 (bsc#1019351).\n- net: vrf: Create FIB tables on link create (bsc#1042286).\n- net: vrf: Fix crash when IPv6 is disabled at boot time (bsc#1042286).\n- net: vrf: Fix dev refcnt leak due to IPv6 prefix route (bsc#1042286).\n- net: vrf: Fix dst reference counting (bsc#1042286).\n- net: vrf: protect changes to private data with rcu (bsc#1042286).\n- net: vrf: Switch dst dev to loopback on device delete (bsc#1042286).\n- netvsc: add rcu_read locking to netvsc callback (fate#320485).\n- netxen_nic: set rcode to the return status from the call to netxen_issue_cmd (bsc#966339 FATE#320150).\n- net: xgene: avoid bogus maybe-uninitialized warning (bsc#1019351).\n- net: xgene: fix backward compatibility fix (bsc#1019351).\n- net/xgene: fix error handling during reset (bsc#1019351).\n- net: xgene: move xgene_cle_ptree_ewdn data off stack (bsc#1019351).\n- nfit: fail DSMs that return non-zero status by default (bsc#1023175).\n- nfsd4: minor NFSv2/v3 write decoding cleanup (bsc#1034670).\n- nfsd: check for oversized NFSv2/v3 arguments (bsc#1034670).\n- nfs: do not try to cross a mountpount when there isn\u0027t one there (bsc#1028041).\n- nfsd: stricter decoding of write-like NFSv2/v3 ops (bsc#1034670).\n- nfs: Fix an LOCK/OPEN race when unlinking an open file (git-fixes).\n- nfs: Fix \u0027Do not increment lock sequence ID after NFS4ERR_MOVED\u0027 (git-fixes).\n- nfs: Fix inode corruption in nfs_prime_dcache() (git-fixes).\n- nfs: Fix missing pg_cleanup after nfs_pageio_cond_complete() (git-fixes).\n- nfs: Fix NFS4 nfs4_do_reclaim() might_sleep()/scheduling while atomic splats. Bug exists in all RT trees \u0026gt;= v3.16, was spotted/fixed in v4.8-rt, but with no stable-rt backport. Pick it up.\n- nfs: flush out dirty data on file fput() (bsc#1021762).\n- nfs: Use GFP_NOIO for two allocations in writeback (git-fixes).\n- nfsv4.1: Fix Oopsable condition in server callback races (git-fixes).\n- nfsv4: fix a reference leak caused WARNING messages (git-fixes).\n- nfsv4: Fix the underestimation of delegation XDR space reservation (git-fixes).\n- nsfs: mark dentry with DCACHE_RCUACCESS (bsc#1012829).\n- nvdimm: kabi protect nd_cmd_out_size() (bsc#1023175).\n- nvme: apply DELAY_BEFORE_CHK_RDY quirk at probe time too (bsc#1020685).\n- nvme: Delete created IO queues on reset (bsc#1031717).\n- nvme: Do not suspend admin queue that wasn\u0027t created (bsc#1026505).\n- nvme: submit nvme_admin_activate_fw to admin queue (bsc#1044532).\n- nvme: Suspend all queues before deletion (bsc#1026505).\n- ocfs2/dlmglue: prepare tracking logic to avoid recursive cluster lock (bsc#1004003).\n- ocfs2: fix deadlock issue when taking inode lock at vfs entry points (bsc#1004003).\n- overlayfs: compat, fix incorrect dentry use in ovl_rename2 (bsc#1032400).\n- overlayfs: compat, use correct dentry to detect compat mode in ovl_compat_is_whiteout (bsc#1032400).\n- pci: Add devm_request_pci_bus_resources() (bsc#1019351).\n- pci/AER: include header file (bsc#964944,FATE#319965).\n- pci: generic: Fix pci_remap_iospace() failure path (bsc#1019630).\n- pci: hv: Fix wslot_to_devfn() to fix warnings on device removal (fate#320485, bug#1028217).\n- pci: hv: Use device serial number as PCI domain (fate#320485, bug#1028217).\n- pci: pciehp: Prioritize data-link event over presence detect (bsc#1031040,bsc#1037483).\n- pci: Reverse standard ACS vs device-specific ACS enabling (bsc#1030057).\n- pci: Work around Intel Sunrise Point PCH incorrect ACS capability (bsc#1030057).\n- pci: xgene: Add local struct device pointers (bsc#1019351).\n- pci: xgene: Add register accessors (bsc#1019351).\n- pci: xgene: Free bridge resource list on failure (bsc#1019351).\n- pci: xgene: Make explicitly non-modular (bsc#1019351).\n- pci: xgene: Pass struct xgene_pcie_port to setup functions (bsc#1019351).\n- pci: xgene: Remove unused platform data (bsc#1019351).\n- pci: xgene: Request host bridge window resources (bsc#1019351).\n- percpu: remove unused chunk_alloc parameter from pcpu_get_pages() (bnc#971975 VM -- git fixes).\n- perf/x86/intel/rapl: Make Knights Landings support functional (bsc#1042517).\n- perf/x86/intel/uncore: Remove SBOX support for Broadwell server (bsc#1035887).\n- perf: xgene: Remove bogus IS_ERR() check (bsc#1019351).\n- phy: qcom-usb-hs: Add depends on EXTCON (4.4.68 stable queue).\n- phy: xgene: rename \u0027enum phy_mode\u0027 to \u0027enum xgene_phy_mode\u0027 (bsc#1019351).\n- pid_ns: Sleep in TASK_INTERRUPTIBLE in zap_pid_ns_processes (bnc#1012985).\n- ping: implement proper locking (bsc#1031003).\n- pkcs#7: fix missing break on OID_sha224 case (bsc#1031717).\n- platform/x86: fujitsu-laptop: use brightness_set_blocking for LED-setting callbacks (bsc#1031717).\n- pm / QoS: Fix memory leak on resume_latency.notifiers (bsc#1043231).\n- pm / wakeirq: Enable dedicated wakeirq for suspend (bsc#1031717).\n- pm / wakeirq: Fix spurious wake-up events for dedicated wakeirqs (bsc#1031717).\n- pm / wakeirq: report a wakeup_event on dedicated wekup irq (bsc#1031717).\n- power: bq27xxx: fix register numbers of bq27500 (bsc#1031717).\n- powerpc/64: Fix flush_(d|i)cache_range() called from modules (bnc#863764 fate#315275, LTC#103998).\n- powerpc: Blacklist GCC 5.4 6.1 and 6.2 (boo#1028895).\n- powerpc: Create a helper for getting the kernel toc value (FATE#322421).\n- powerpc/fadump: Fix the race in crash_fadump() (bsc#1022971).\n- powerpc/fadump: Reserve memory at an offset closer to bottom of RAM (bsc#1032141).\n- powerpc/fadump: Update fadump documentation (bsc#1032141).\n- powerpc/ftrace: Add Kconfig \u0026 Make glue for mprofile-kernel (FATE#322421).\n- powerpc/ftrace: Add support for -mprofile-kernel ftrace ABI (FATE#322421).\n- powerpc/ftrace: Use $(CC_FLAGS_FTRACE) when disabling ftrace (FATE#322421).\n- powerpc/ftrace: Use generic ftrace_modify_all_code() (FATE#322421).\n- powerpc: introduce TIF_KGR_IN_PROGRESS thread flag (FATE#322421).\n- powerpc/livepatch: Add livepatch header (FATE#322421).\n- powerpc/livepatch: Add live patching support on ppc64le (FATE#322421).\n- powerpc/livepatch: Add livepatch stack to struct thread_info (FATE#322421).\n- powerpc/module: Create a special stub for ftrace_caller() (FATE#322421).\n- powerpc/module: Mark module stubs with a magic value (FATE#322421).\n- powerpc/module: Only try to generate the ftrace_caller() stub once (FATE#322421).\n- powerpc/modules: Never restore r2 for a mprofile-kernel style mcount() call (FATE#322421).\n- powerpc/powernv: Fix opal_exit tracepoint opcode (4.4.68 stable queue).\n- power: reset: xgene-reboot: Unmap region obtained by of_iomap (bsc#1019351).\n- power: supply: bq24190_charger: Call power_supply_changed() for relevant component (4.4.68 stable queue).\n- power: supply: bq24190_charger: Call set_mode_host() on pm_resume() (4.4.68 stable queue).\n- power: supply: bq24190_charger: Do not read fault register outside irq_handle_thread() (4.4.68 stable queue).\n- power: supply: bq24190_charger: Fix irq trigger to IRQF_TRIGGER_FALLING (4.4.68 stable queue).\n- power: supply: bq24190_charger: Handle fault before status on interrupt (4.4.68 stable queue).\n- power: supply: bq24190_charger: Install irq_handler_thread() at end of probe() (4.4.68 stable queue).\n- printk: Switch to the sync mode when an emergency message is printed (bsc#1034995).\n- qeth: check not more than 16 SBALEs on the completion queue (bnc#1009718, LTC#148203).\n- quota: fill in Q_XGETQSTAT inode information for inactive quotas (bsc#1042356).\n- radix-tree: fix radix_tree_iter_retry() for tagged iterators (bsc#1012829).\n- raid1: a new I/O barrier implementation to remove resync window (bsc#998106,bsc#1020048,bsc#982783).\n- raid1: avoid unnecessary spin locks in I/O barrier code (bsc#998106,bsc#1020048,bsc#982783).\n- raid1: ignore discard error (bsc#1017164).\n- ravb: Fix use-after-free on `ifconfig eth0 down` (git-fixes).\n- rdma/iw_cxgb4: Add missing error codes for act open cmd (bsc#1026570).\n- rdma/iw_cxgb4: Low resource fixes for Completion queue (bsc#1026570).\n- rdma/iw_cxgb4: only read markers_enabled mod param once (bsc#1026570).\n- Refresh patches.suse/blk-timeout-no-round. Refresh patches.drivers/0041-block-add-ability-to-flag-write-back-caching-on-a-device.patch Do not collide with QUEUE_FLAG_WC from upstream (bsc#1022547)\n- regulator: isl9305: fix array size (bsc#1031717).\n- reiserfs: fix race in prealloc discard (bsc#987576).\n- Revert \u0027acpi, nfit, libnvdimm: fix interleave set cookie calculation (64-bit comparison)\u0027 (kabi).\n- Revert \u0027btrfs: qgroup: Move half of the qgroup accounting time out of\u0027 (bsc#1017461 bsc#1033885).\n- Revert \u0027btrfs: qgroup: Move half of the qgroup accounting time out of\u0027 This reverts commit f69c1d0f6254c73529a48fd2f87815d047ad7288.\n- Revert \u0027give up on gcc ilog2() constant optimizations\u0027 (kabi).\n- Revert \u0027KVM: nested VMX: disable perf cpuid reporting\u0027 (4.4.68 stable queue).\n- Revert \u0027l2tp: take reference on sessions being dumped\u0027 (kabi).\n- Revert \u0027mac80211: pass block ack session timeout to to driver\u0027 (kabi).\n- Revert \u0027mac80211: RX BA support for sta max_rx_aggregation_subframes\u0027 (kabi).\n- Revert \u0027net: introduce device min_header_len\u0027 (kabi).\n- Revert \u0027net/mlx4_en: Avoid unregister_netdev at shutdown flow\u0027 (bsc#1028017).\n- Revert \u0027nfit, libnvdimm: fix interleave set cookie calculation\u0027 (kabi).\n- Revert \u0027RDMA/core: Fix incorrect structure packing for booleans\u0027 (kabi).\n- Revert \u0027target: Fix NULL dereference during LUN lookup + active I/O shutdown\u0027 (kabi).\n- Revert \u0027wlcore: Add RX_BA_WIN_SIZE_CHANGE_EVENT event\u0027 (kabi).\n- rpm/kernel-binary.spec.in: Fix installation of /etc/uefi/certs (bsc#1019594)\n- rpm/kernel-binary.spec: remove superfluous flags This should make build logs more readable and people adding more flags should have easier time finding a place to add them in the spec file.\n- rpm/kernel-spec-macros: Fix the check if there is no rebuild counter (bsc#1012060)\n- rpm/SLES-UEFI-SIGN-Certificate-2048.crt: Update the certificate (bsc#1035922)\n- rtc: cmos: avoid unused function warning (bsc#1022429).\n- rtc: cmos: Clear ACPI-driven alarms upon resume (bsc#1022429).\n- rtc: cmos: Do not enable interrupts in the middle of the interrupt handler (bsc#1022429).\n- rtc: cmos: Restore alarm after resume (bsc#1022429).\n- rtlwifi: rtl_usb: Fix missing entry in USB driver\u0027s private data (bsc#1026462).\n- rtnetlink: NUL-terminate IFLA_PHYS_PORT_NAME string (4.4.68 stable queue).\n- rtnl: reset calcit fptr in rtnl_unregister() (bsc#1042286).\n- s390/cpuinfo: show maximum thread id (bnc#1009718, LTC#148580).\n- s390/dasd: check if query host access feature is supported (bsc#1037871).\n- s390/kmsg: add missing kmsg descriptions (bnc#1025683, LTC#151573).\n- s390/mm: fix zone calculation in arch_add_memory() (bnc#1025683, LTC#152318).\n- s390/sysinfo: show partition extended name and UUID if available (bnc#1009718, LTC#150160).\n- s390/time: LPAR offset handling (bnc#1009718, LTC#146920).\n- s390/time: move PTFF definitions (bnc#1009718, LTC#146920).\n- sbp-target: Fix second argument of percpu_ida_alloc() (bsc#1032803).\n- sched: Allow hotplug notifiers to be setup early (bnc#1022476).\n- sched/core: Fix incorrect utilization accounting when switching to fair class (bnc#1022476).\n- sched/core: Fix set_user_nice() (bnc#1022476).\n- sched/core, x86/topology: Fix NUMA in package topology bug (bnc#1022476).\n- sched/cputime: Add steal time support to full dynticks CPU time accounting (bnc#1022476).\n- sched/cputime: Fix prev steal time accouting during CPU hotplug (bnc#1022476).\n- sched/deadline: Always calculate end of period on sched_yield() (bnc#1022476).\n- sched/deadline: Fix a bug in dl_overflow() (bnc#1022476).\n- sched/deadline: Fix lock pinning warning during CPU hotplug (bnc#1022476).\n- sched/deadline: Fix wrap-around in DL heap (bnc#1022476).\n- sched/fair: Avoid using decay_load_missed() with a negative value (bnc#1022476).\n- sched/fair: Fix fixed point arithmetic width for shares and effective load (bnc#1022476).\n- sched/fair: Fix load_above_capacity fixed point arithmetic width (bnc#1022476).\n- sched/fair: Fix min_vruntime tracking (bnc#1022476).\n- sched/fair: Fix the wrong throttled clock time for cfs_rq_clock_task() (bnc#1022476).\n- sched/fair: Improve PELT stuff some more (bnc#1022476).\n- sched/loadavg: Avoid loadavg spikes caused by delayed NO_HZ accounting (bsc#1018419).\n- sched: Make wake_up_nohz_cpu() handle CPUs going offline (bnc#1022476).\n- sched/rt: Fix PI handling vs. sched_setscheduler() (bnc#1022476).\n- sched/rt: Kick RT bandwidth timer immediately on start up (bnc#1022476).\n- sched/rt, sched/dl: Do not push if task\u0027s scheduling class was changed (bnc#1022476).\n- scsi: be2iscsi: Add FUNCTION_RESET during driver unload (bsc#1038458).\n- scsi: be2iscsi: Add IOCTL to check UER supported (bsc#1038458).\n- scsi: be2iscsi: Add TPE recovery feature (bsc#1038458).\n- scsi: be2iscsi: Add V1 of EPFW cleanup IOCTL (bsc#1038458).\n- scsi: be2iscsi: allocate enough memory in beiscsi_boot_get_sinfo() (bsc#1038458).\n- scsi: be2iscsi: Check all zeroes IP before issuing IOCTL (bsc#1038458).\n- scsi: be2iscsi: Fail the sessions immediately after TPE (bsc#1038458).\n- scsi: be2iscsi: Fix async PDU handling path (bsc#1038458).\n- scsi: be2iscsi: Fix bad WRB index error (bsc#1038458).\n- scsi: be2iscsi: Fix checks for HBA in error state (bsc#1038458).\n- scsi: be2iscsi: Fix gateway APIs to support IPv4 \u0026 IPv6 (bsc#1038458).\n- scsi: be2iscsi: Fix POST check and reset sequence (bsc#1038458).\n- scsi: be2iscsi: Fix queue and connection parameters (bsc#1038458).\n- scsi: be2iscsi: Fix release of DHCP IP in static mode (bsc#1038458).\n- scsi: be2iscsi: Fix to add timer for UE detection (bsc#1038458).\n- scsi: be2iscsi: Fix to make boot discovery non-blocking (bsc#1038458).\n- scsi: be2iscsi: Fix to use correct configuration values (bsc#1038458).\n- scsi: be2iscsi: Handle only NET_PARAM in iface_get_param (bsc#1038458).\n- scsi: be2iscsi: Move functions to right files (bsc#1038458).\n- scsi: be2iscsi: Move VLAN code to common iface_set_param (bsc#1038458).\n- scsi: be2iscsi: Reduce driver load/unload time (bsc#1038458).\n- scsi: be2iscsi: Remove alloc_mcc_tag \u0026 beiscsi_pci_soft_reset (bsc#1038458).\n- scsi: be2iscsi: Remove isr_lock and dead code (bsc#1038458).\n- scsi: be2iscsi: Rename iface get/set/create/destroy APIs (bsc#1038458).\n- scsi: be2iscsi: Replace _bh version for mcc_lock spinlock (bsc#1038458).\n- scsi: be2iscsi: Set and return right iface v4/v6 states (bsc#1038458).\n- scsi: be2iscsi: Update copyright information (bsc#1038458).\n- scsi: be2iscsi: Update iface handle before any set param (bsc#1038458).\n- scsi: be2iscsi: Update the driver version (bsc#1038458).\n- scsi: cxgb4i: libcxgbi: add missing module_put() (bsc#1018885).\n- scsi: cxgb4i: libcxgbi: cxgb4: add T6 iSCSI completion feature (bsc#1021424).\n- scsi: cxlflash: Remove the device cleanly in the system shutdown path (bsc#1028310, fate#321597, bsc#1034762). cherry-pick from SP3\n- scsi_dh_alua: do not call BUG_ON when updating port group (bsc#1028340).\n- scsi_dh_alua: Do not modify the interval value for retries (bsc#1012910).\n- scsi_dh_alua: Do not retry for unmapped device (bsc#1012910).\n- scsi: do not print \u0027reservation conflict\u0027 for TEST UNIT READY (bsc#1027054).\n- scsi_error: count medium access timeout only once per EH run (bsc#993832, bsc#1032345).\n- scsi: fnic: Correcting rport check location in fnic_queuecommand_lck (bsc#1035920).\n- scsi: ipr: do not set DID_PASSTHROUGH on CHECK CONDITION (bsc#1034419).\n- scsi: ipr: Driver version 2.6.4 (bsc#1031555, fate#321595).\n- scsi: ipr: Error path locking fixes (bsc#1031555, fate#321595).\n- scsi: ipr: Fix abort path race condition (bsc#1031555, fate#321595).\n- scsi: ipr: Fix missed EH wakeup (bsc#1031555, fate#321595).\n- scsi: ipr: Fix SATA EH hang (bsc#1031555, fate#321595).\n- scsi: ipr: Remove redundant initialization (bsc#1031555, fate#321595).\n- scsi: mac_scsi: Fix MAC_SCSI=m option when SCSI=m (4.4.68 stable queue).\n- scsi: scsi_dh_alua: Check scsi_device_get() return value (bsc#1040125).\n- scsi: scsi_dh_emc: return success in clariion_std_inquiry() (4.4.68 stable queue).\n- scsi_transport_fc: do not call queue_work under lock (bsc#1013887).\n- scsi_transport_fc: fixup race condition in fc_rport_final_delete() (bsc#1013887).\n- scsi_transport_fc: return -EBUSY for deleted vport (bsc#1013887).\n- sctp: check af before verify address in sctp_addr_id2transport (git-fixes).\n- sd: always scan VPD pages if thin provisioning is enabled (bsc#1013792).\n- serial: 8250_omap: Fix probe and remove for PM runtime (4.4.68 stable queue).\n- series.conf cosmetic adjustment (missing rt version placeholders)\n- series.conf: remove silly comment\n- ses: Fix SAS device detection in enclosure (bsc#1016403).\n- sfc: reduce severity of PIO buffer alloc failures (bsc#1019168).\n- sfc: refactor debug-or-warnings printks (bsc#1019168).\n- softirq: Let ksoftirqd do its job (bsc#1019618).\n- staging: emxx_udc: remove incorrect __init annotations (4.4.68 stable queue).\n- staging: rtl8188eu: prevent an underflow in rtw_check_beacon_data() (bsc#1031717).\n- staging: wlan-ng: add missing byte order conversion (4.4.68 stable queue).\n- sunrpc: Allow xprt-\u003eops-\u003etimer method to sleep (git-fixes).\n- sunrpc: ensure correct error is reported by xs_tcp_setup_socket() (git-fixes).\n- sunrpc: fix UDP memory accounting (git-fixes).\n- sunrpc: Silence WARN_ON when NFSv4.1 over RDMA is in use (git-fixes).\n- supported.conf: added drivers/net/ethernet/chelsio/libcxgb/libcxgb\n- supported.conf: Add tcp_westwood as supported module (fate#322432)\n- supported.conf: Bugzilla and FATE references for dcdbas and dell_rbu\n- sysfs: be careful of error returns from ops-\u003eshow() (bsc#1028883).\n- taint/module: Clean up global and module taint flags handling (fate#313296).\n- target: add XCOPY target/segment desc sense codes (bsc#991273).\n- target: bounds check XCOPY segment descriptor list (bsc#991273).\n- target: bounds check XCOPY total descriptor list length (bsc#991273).\n- target: check for XCOPY parameter truncation (bsc#991273).\n- target: check XCOPY segment descriptor CSCD IDs (bsc#1017170).\n- target: return UNSUPPORTED TARGET/SEGMENT DESC TYPE CODE sense (bsc#991273).\n- target: simplify XCOPY wwn-\u003ese_dev lookup helper (bsc#991273).\n- target: support XCOPY requests without parameters (bsc#991273).\n- target: use XCOPY segment descriptor CSCD IDs (bsc#1017170).\n- target: use XCOPY TOO MANY TARGET DESCRIPTORS sense (bsc#991273).\n- tcp: account for ts offset only if tsecr not zero (bsc#1042286).\n- tcp: do not inherit fastopen_req from parent (4.4.68 stable queue).\n- tcp: do not underestimate skb-\u003etruesize in tcp_trim_head() (4.4.68 stable queue).\n- tcp: fastopen: accept data/FIN present in SYNACK message (bsc#1042286).\n- tcp: fastopen: avoid negative sk_forward_alloc (bsc#1042286).\n- tcp: fastopen: call tcp_fin() if FIN present in SYNACK (bsc#1042286).\n- tcp: fastopen: fix rcv_wup initialization for TFO server on SYN/data (bsc#1042286).\n- tcp: fix wraparound issue in tcp_lp (4.4.68 stable queue).\n- thp: fix MADV_DONTNEED vs. numa balancing race (bnc#1027974).\n- thp: reduce indentation level in change_huge_pmd() (bnc#1027974).\n- tpm: Downgrade error level (bsc#1042535).\n- tpm: fix checks for policy digest existence in tpm2_seal_trusted() (bsc#1034048, Pending fixes 2017-04-10).\n- tpm: fix RC value check in tpm2_seal_trusted (bsc#1034048, Pending fixes 2017-04-10).\n- tpm: fix: set continueSession attribute for the unseal operation (bsc#1034048, Pending fixes 2017-04-10).\n- tracing/kprobes: Enforce kprobes teardown after testing (bnc#1012985).\n- udp: avoid ufo handling on IP payload compression packets (bsc#1042286).\n- udplite: call proper backlog handlers (bsc#1042286).\n- Update mainline reference in patches.drivers/drm-ast-Fix-memleaks-in-error-path-in-ast_fb_create.patch See (bsc#1028158) for the context in which this was discovered upstream.\n- Update metadata for serial fixes (bsc#1013001)\n- Update patches.fixes/xen-silence-efi-error-messge.patch (bnc#1039900).\n- Update patches.kernel.org/patch-4.4.47-48 (bnc#1012382 bnc#1022181). Add a bnc reference.\n- usb: chipidea: Handle extcon events properly (4.4.68 stable queue).\n- usb: chipidea: Only read/write OTGSC from one place (4.4.68 stable queue).\n- usb: host: ehci-exynos: Decrese node refcount on exynos_ehci_get_phy() error paths (4.4.68 stable queue).\n- usb: host: ohci-exynos: Decrese node refcount on exynos_ehci_get_phy() error paths (4.4.68 stable queue).\n- usb: musb: ux500: Fix NULL pointer dereference at system PM (bsc#1038033).\n- usb: serial: ark3116: fix open error handling (bnc#1038043).\n- usb: serial: ch341: add register and USB request definitions (bnc#1038043).\n- usb: serial: ch341: add support for parity, frame length, stop bits (bnc#1038043).\n- usb: serial: ch341: fix baud rate and line-control handling (bnc#1038043).\n- usb: serial: ch341: fix line settings after reset-resume (bnc#1038043).\n- usb: serial: ch341: fix modem-status handling (bnc#1038043).\n- usb: serial: ch341: reinitialize chip on reconfiguration (bnc#1038043).\n- usb: serial: digi_acceleport: fix incomplete rx sanity check (4.4.68 stable queue).\n- usb: serial: fix compare_const_fl.cocci warnings (bnc#1038043).\n- usb: serial: ftdi_sio: fix latency-timer error handling (4.4.68 stable queue).\n- usb: serial: io_edgeport: fix descriptor error handling (4.4.68 stable queue).\n- usb: serial: io_edgeport: fix epic-descriptor handling (bnc#1038043).\n- usb: serial: keyspan_pda: fix receive sanity checks (4.4.68 stable queue).\n- usb: serial: mct_u232: fix modem-status error handling (4.4.68 stable queue).\n- usb: serial: quatech2: fix control-message error handling (bnc#1038043).\n- usb: serial: sierra: fix bogus alternate-setting assumption (bnc#1038043).\n- usb: serial: ssu100: fix control-message error handling (bnc#1038043).\n- usb: serial: ti_usb_3410_5052: fix control-message error handling (4.4.68 stable queue).\n- Use make --output-sync feature when available (bsc#1012422). The mesages in make output can interleave making it impossible to extract warnings reliably. Since version 4 GNU Make supports --output-sync flag that prints output of each sub-command atomically preventing this issue. Detect the flag and use it if available.\n- Use up spare in struct module for livepatch (FATE#322421).\n- vmxnet3: segCnt can be 1 for LRO packets (bsc#988065).\n- vrf: remove slave queue and private slave struct (bsc#1042286).\n- vsock: Detach QP check should filter out non matching QPs (bsc#1036752).\n- x86/apic/uv: Silence a shift wrapping warning (bsc#1023866).\n- x86/CPU/AMD: Fix Zen SMT topology (bsc#1027512).\n- x86/ioapic: Change prototype of acpi_ioapic_add() (bsc#1027153, bsc#1027616).\n- x86/ioapic: Fix incorrect pointers in ioapic_setup_resources() (bsc#1027153, bsc#1027616).\n- x86/ioapic: Fix IOAPIC failing to request resource (bsc#1027153, bsc#1027616).\n- x86/ioapic: fix kABI (hide added include) (bsc#1027153, bsc#1027616).\n- x86/ioapic: Fix lost IOAPIC resource after hot-removal and hotadd (bsc#1027153, bsc#1027616).\n- x86/ioapic: Fix setup_res() failing to get resource (bsc#1027153, bsc#1027616).\n- x86/ioapic: Ignore root bridges without a companion ACPI device (bsc#1027153, bsc#1027616).\n- x86/ioapic: Restore IO-APIC irq_chip retrigger callback (4.4.68 stable queue).\n- x86/ioapic: Simplify ioapic_setup_resources() (bsc#1027153, bsc#1027616).\n- x86/ioapic: Support hot-removal of IOAPICs present during boot (bsc#1027153, bsc#1027616).\n- x86/mce: Do not print MCEs when mcelog is active (bsc#1013994).\n- x86/MCE: Dump MCE to dmesg if no consumers (bsc#1013994).\n- x86/mce: Fix copy/paste error in exception table entries (fate#319858).\n- x86, mm: fix gup_pte_range() vs DAX mappings (bsc#1026405).\n- x86/mm/gup: Simplify get_user_pages() PTE bit handling (bsc#1026405).\n- x86/pci-calgary: Fix iommu_free() comparison of unsigned expression \u003e= 0 (4.4.68 stable queue).\n- x86/PCI: Mark Broadwell-EP Home Agent 1 as having non-compliant BARs (bsc#9048891).\n- x86/platform/intel/iosf_mbi: Add a mutex for P-Unit access (bsc#1011913).\n- x86/platform/intel/iosf_mbi: Add a PMIC bus access notifier (bsc#1011913).\n- x86/platform/intel-mid: Correct MSI IRQ line for watchdog device (4.4.68 stable queue).\n- x86/platform: Remove warning message for duplicate NMI handlers (bsc#1029220).\n- x86/platform/UV: Add basic CPU NMI health check (bsc#1023866).\n- x86/platform/UV: Add Support for UV4 Hubless NMIs (bsc#1023866).\n- x86/platform/UV: Add Support for UV4 Hubless systems (bsc#1023866).\n- x86/platform/uv/BAU: Add generic function pointers (bsc#1035024).\n- x86/platform/uv/BAU: Add payload descriptor qualifier (bsc#1035024).\n- x86/platform/uv/BAU: Add status mmr location fields to bau_control (bsc#1035024).\n- x86/platform/uv/BAU: Add UV4-specific functions (bsc#1035024).\n- x86/platform/uv/BAU: Add uv_bau_version enumerated constants (bsc#1035024).\n- x86/platform/uv/BAU: Add wait_completion to bau_operations (bsc#1035024).\n- x86/platform/uv/BAU: Clean up and update printks (bsc#1035024).\n- x86/platform/uv/BAU: Cleanup bau_operations declaration and instances (bsc#1035024).\n- x86/platform/uv/BAU: Clean up pq_init() (bsc#1035024).\n- x86/platform/uv/BAU: Clean up vertical alignment (bsc#1035024).\n- x86/platform/uv/BAU: Convert uv_physnodeaddr() use to uv_gpa_to_offset() (bsc#1035024).\n- x86/platform/uv/BAU: Disable software timeout on UV4 hardware (bsc#1035024).\n- x86/platform/uv/BAU: Fix HUB errors by remove initial write to sw-ack register (bsc#1035024).\n- x86/platform/uv/BAU: Fix payload queue setup on UV4 hardware (bsc#1035024).\n- x86/platform/uv/BAU: Implement uv4_wait_completion with read_status (bsc#1035024).\n- x86/platform/uv/BAU: Populate -\u003euvhub_version with UV4 version information (bsc#1035024).\n- x86/platform/uv/BAU: Use generic function pointers (bsc#1035024).\n- x86/platform/UV: Clean up the NMI code to match current coding style (bsc#1023866).\n- x86/platform/UV: Clean up the UV APIC code (bsc#1023866).\n- x86/platform/UV: Ensure uv_system_init is called when necessary (bsc#1023866).\n- x86/platform/UV: Fix 2 socket config problem (bsc#1023866).\n- x86/platform/uv: Fix calculation of Global Physical Address (bsc#1031147).\n- x86/platform/UV: Fix panic with missing UVsystab support (bsc#1023866).\n- x86/platform/UV: Initialize PCH GPP_D_0 NMI Pin to be NMI source (bsc#1023866).\n- x86/platform/UV: Verify NMI action is valid, default is standard (bsc#1023866).\n- x86/ras/therm_throt: Do not log a fake MCE for thermal events (bsc#1028027).\n- xen: add sysfs node for guest type (bnc#1037840).\n- xen: adjust early dom0 p2m handling to xen hypervisor behavior (bnc#1031470).\n- xen-blkback: do not leak stack data via response ring (bsc#1042863 XSA-216).\n- xen-blkfront: correct maximum segment accounting (bsc#1018263).\n- xen-blkfront: do not call talk_to_blkback when already connected to blkback.\n- xen/blkfront: Fix crash if backend does not follow the right states.\n- xen-blkfront: free resources if xlvbd_alloc_gendisk fails.\n- xen/mce: do not issue error message for failed /dev/mcelog registration (bnc#1036638).\n- xen/netback: set default upper limit of tx/rx queues to 8 (bnc#1019163).\n- xen/netfront: set default upper limit of tx/rx queues to 8 (bnc#1019163).\n- xen: Use machine addresses in /sys/kernel/vmcoreinfo when PV (bsc#1014136)\n- xfrm: Fix memory leak of aead algorithm name (bsc#1042286).\n- xfrm: Only add l3mdev oif to dst lookups (bsc#1042286).\n- xfs: add missing include dependencies to xfs_dir2.h (bsc#1042421).\n- xfs_dmapi: fix the debug compilation of xfs_dmapi (bsc#989056).\n- xfs: do not allow di_size with high bit set (bsc#1024234).\n- xfs: do not assert fail on non-async buffers on ioacct decrement (bsc#1041160).\n- xfs: do not take the IOLOCK exclusive for direct I/O page invalidation (bsc#1015609).\n- xfs: do not warn on buffers not being recovered due to LSN (bsc#1043598).\n- xfs: exclude never-released buffers from buftarg I/O accounting (bsc#1024508).\n- xfs: fix broken multi-fsb buffer logging (bsc#1024081).\n- xfs: fix buffer overflow dm_get_dirattrs/dm_get_dirattrs2 (bsc#989056).\n- xfs: fix eofblocks race with file extending async dio writes (bsc#1040929).\n- xfs: Fix missed holes in SEEK_HOLE implementation (bsc#1041168).\n- xfs: fix off-by-one on max nr_pages in xfs_find_get_desired_pgoff() (bsc#1041168).\n- xfs: fix up xfs_swap_extent_forks inline extent handling (bsc#1023888).\n- xfs: fix xfs_mode_to_ftype() prototype (bsc#1043598).\n- xfs: in _attrlist_by_handle, copy the cursor back to userspace (bsc#1041242).\n- xfs: log recovery tracepoints to track current lsn and buffer submission (bsc#1043598).\n- xfs: Make __xfs_xattr_put_listen preperly report errors (bsc#1041242).\n- xfs: only return -errno or success from attr -\u003eput_listent (bsc#1041242).\n- xfs: pass current lsn to log recovery buffer validation (bsc#1043598).\n- xfs: refactor log record unpack and data processing (bsc#1043598).\n- xfs: replace xfs_mode_to_ftype table with switch statement (bsc#1042421).\n- xfs: rework log recovery to submit buffers on LSN boundaries (bsc#1043598).\n- xfs: rework the inline directory verifiers (bsc#1042421).\n- xfs: sanity check directory inode di_size (bsc#1042421).\n- xfs: sanity check inode di_mode (bsc#1042421).\n- xfs: Split default quota limits by quota type (bsc#1040941).\n- xfs: track and serialize in-flight async buffers against unmount (bsc#1024508).\n- xfs: track and serialize in-flight async buffers against unmount - kABI (bsc#1024508).\n- xfs: update metadata LSN in buffers during log recovery (bsc#1043598).\n- xfs: use -\u003eb_state to fix buffer I/O accounting release race (bsc#1041160).\n- xfs: verify inline directory data forks (bsc#1042421).\n- xgene_enet: remove bogus forward declarations (bsc#1032673).\n- zswap: do not param_set_charp while holding spinlock (VM Functionality, bsc#1042886).\n- blacklist.conf: add non-applicable fixes for iwlwifi (FATE#323335)\n- blacklist.conf: blacklist c34a69059d78 (bnc#1044880)\n- btrfs: disable possible cause of premature ENOSPC (bsc#1040182)\n- btrfs: Manually implement device_total_bytes getter/setter (bsc#1043912).\n- btrfs: Round down values which are written for total_bytes_size (bsc#1043912).\n- dm: remove dummy dm_table definition (bsc#1045307)\n- Fix soft lockup in svc_rdma_send (bsc#1044854).\n- fs/exec.c: account for argv/envp pointers (bnc#1039354, CVE-2017-1000365).\n- hpsa: limit transfer length to 1MB (bsc#1025461).\n- hwpoison, memcg: forcibly uncharge LRU pages (bnc#1046105).\n- IB/ipoib: Fix memory leak in create child syscall (bsc#1022595 FATE#322350).\n- ibmvnic: Correct return code checking for ibmvnic_init during probe (bsc#1045286).\n- ibmvnic: Fix assignment of RX/TX IRQ\u0027s (bsc#1046589).\n- ibmvnic: Fix error handling when registering long-term-mapped buffers (bsc#1045568).\n- ibmvnic: Fix incorrectly defined ibmvnic_request_map_rsp structure (bsc#1045568).\n- ibmvnic: Remove module author mailing address (bsc#1045467).\n- ibmvnic: Return from ibmvnic_resume if not in VNIC_OPEN state (bsc#1045235).\n- iw_cxgb4: Fix error return code in c4iw_rdev_open() (bsc#1026570).\n- iwlwifi: 8000: fix MODULE_FIRMWARE input.\n- iwlwifi: 9000: increase the number of queues.\n- iwlwifi: add device ID for 8265.\n- iwlwifi: add device IDs for the 8265 device.\n- iwlwifi: add disable_11ac module param.\n- iwlwifi: add new 3168 series devices support.\n- iwlwifi: add new 8260 PCI IDs.\n- iwlwifi: add new 8265.\n- iwlwifi: add new 8265 series PCI ID.\n- iwlwifi: Add new PCI IDs for 9260 and 5165 series.\n- iwlwifi: Add PCI IDs for the new 3168 series.\n- iwlwifi: Add PCI IDs for the new series 8165.\n- iwlwifi: add support for 12K Receive Buffers.\n- iwlwifi: add support for getting HW address from CSR.\n- iwlwifi: avoid d0i3 commands when no/init ucode is loaded.\n- iwlwifi: bail out in case of bad trans state.\n- iwlwifi: block the queues when we send ADD_STA for uAPSD.\n- iwlwifi: change the Intel Wireless email address.\n- iwlwifi: check for valid ethernet address provided by OEM.\n- iwlwifi: clean up transport debugfs handling.\n- iwlwifi: clear ieee80211_tx_info-\u003edriver_data in the op_mode.\n- iwlwifi: Document missing module options.\n- iwlwifi: dump prph registers in a common place for all transports.\n- iwlwifi: dvm: advertise NETIF_F_SG.\n- iwlwifi: dvm: fix compare_const_fl.cocci warnings.\n- iwlwifi: dvm: handle zero brightness for wifi LED.\n- iwlwifi: dvm: remove a wrong dependency on m.\n- iwlwifi: dvm: remove Kconfig default.\n- iwlwifi: dvm: remove stray debug code.\n- iwlwifi: export the _no_grab version of PRPH IO functions.\n- iwlwifi: expose fw usniffer mode to more utilities.\n- iwlwifi: fix double hyphen in MODULE_FIRMWARE for 8000.\n- iwlwifi: Fix firmware name maximum length definition.\n- iwlwifi: fix name of ucode loaded for 8265 series.\n- iwlwifi: fix printf specifier.\n- iwlwifi: generalize d0i3_entry_timeout module parameter.\n- iwlwifi: mvm: adapt the firmware assert log to new firmware.\n- iwlwifi: mvm: add 9000-series RX API.\n- iwlwifi: mvm: add 9000 series RX processing.\n- iwlwifi: mvm: add a non-trigger window to fw dbg triggers.\n- iwlwifi: mvm: add an option to start rs from HT/VHT rates.\n- iwlwifi: mvm: Add a station in monitor mode.\n- iwlwifi: mvm: add bt rrc and ttc to debugfs.\n- iwlwifi: mvm: add bt settings to debugfs.\n- iwlwifi: mvm: add ctdp operations to debugfs.\n- iwlwifi: mvm: add CT-KILL notification.\n- iwlwifi: mvm: add debug print if scan config is ignored.\n- iwlwifi: mvm: add extended dwell time.\n- iwlwifi: mvm: add new ADD_STA command version.\n- iwlwifi: mvm: Add P2P client snoozing.\n- iwlwifi: mvm: add registration to cooling device.\n- iwlwifi: mvm: add registration to thermal zone.\n- iwlwifi: mvm: add support for negative temperatures.\n- iwlwifi: mvm: add tlv for multi queue rx support.\n- iwlwifi: mvm: add trigger for firmware dump upon TDLS events.\n- iwlwifi: mvm: add trigger for firmware dump upon TX response status.\n- iwlwifi: mvm: advertise NETIF_F_SG.\n- iwlwifi: mvm: Align bt-coex priority with requirements.\n- iwlwifi: mvm: allow to disable beacon filtering for AP/GO interface.\n- iwlwifi: mvm: avoid harmless -Wmaybe-uninialized warning.\n- iwlwifi: mvm: avoid panics with thermal device usage.\n- iwlwifi: mvm: avoid to WARN about gscan capabilities.\n- iwlwifi: mvm: bail out if CTDP start operation fails.\n- iwlwifi: mvm: bump firmware API to 21.\n- iwlwifi: mvm: bump max API to 20.\n- iwlwifi: mvm: change access to ieee80211_hdr.\n- iwlwifi: mvm: change iwl_mvm_get_key_sta_id() to return the station.\n- iwlwifi: mvm: change mcc update API.\n- iwlwifi: mvm: change name of iwl_mvm_d3_update_gtk.\n- iwlwifi: mvm: Change number of associated stations when station becomes associated.\n- iwlwifi: mvm: change protocol offload flows.\n- iwlwifi: mvm: change the check for ADD_STA status.\n- iwlwifi: mvm: check FW\u0027s response for nvm access write cmd.\n- iwlwifi: mvm: check iwl_mvm_wowlan_config_key_params() return value.\n- iwlwifi: mvm: check minimum temperature notification length.\n- iwlwifi: mvm: cleanup roc te on restart cleanup.\n- iwlwifi: mvm: Configure fragmented scan for scheduled scan.\n- iwlwifi: mvm: configure scheduled scan according to traffic conditions.\n- iwlwifi: mvm: constify the parameters of a few functions in fw-dbg.c.\n- iwlwifi: mvm: Disable beacon storing in D3 when WOWLAN configured.\n- iwlwifi: mvm: disable DQA support.\n- iwlwifi: mvm: Do not switch to D3 image on suspend.\n- iwlwifi: mvm: don\u0027t ask beacons when P2P GO vif and no assoc sta.\n- iwlwifi: mvm: don\u0027t keep an mvm ref when the interface is down.\n- iwlwifi: mvm: don\u0027t let NDPs mess the packet tracking.\n- iwlwifi: mvm: don\u0027t restart HW if suspend fails with unified image.\n- iwlwifi: mvm: don\u0027t try to offload AES-CMAC in AP/IBSS modes.\n- iwlwifi: mvm: drop low_latency_agg_frame_cnt_limit.\n- iwlwifi: mvm: dump more registers upon error.\n- iwlwifi: mvm: dump the radio registers when the firmware crashes.\n- iwlwifi: mvm: enable L3 filtering.\n- iwlwifi: mvm: Enable MPLUT only on supported hw.\n- iwlwifi: mvm: enable VHT MU-MIMO for supported hardware.\n- iwlwifi: mvm: extend time event duration.\n- iwlwifi: mvm: fix accessing Null pointer during fw dump collection.\n- iwlwifi: mvm: fix d3_test with unified D0/D3 images.\n- iwlwifi: mvm: fix debugfs signedness warning.\n- iwlwifi: mvm: fix extended dwell time.\n- iwlwifi: mvm: fix incorrect fallthrough in iwl_mvm_check_running_scans().\n- iwlwifi: mvm: fix memory leaks in error paths upon fw error dump.\n- iwlwifi: mvm: fix netdetect starting/stopping for unified images.\n- iwlwifi: mvm: fix RSS key sizing.\n- iwlwifi: mvm: fix unregistration of thermal in some error flows.\n- iwlwifi: mvm: flush all used TX queues before suspending.\n- iwlwifi: mvm: forbid U-APSD for P2P Client if the firmware doesn\u0027t support it.\n- iwlwifi: mvm: handle pass all scan reporting.\n- iwlwifi: mvm: ignore LMAC scan notifications when running UMAC scans.\n- iwlwifi: mvm: infrastructure for frame-release message.\n- iwlwifi: mvm: kill iwl_mvm_enable_agg_txq.\n- iwlwifi: mvm: let the firmware choose the antenna for beacons.\n- iwlwifi: mvm: make collecting fw debug data optional.\n- iwlwifi: mvm: move fw-dbg code to separate file.\n- iwlwifi: mvm: only release the trans ref if d0i3 is supported in fw.\n- iwlwifi: mvm: prepare the code towards TSO implementation.\n- iwlwifi: mvm: refactor d3 key update functions.\n- iwlwifi: mvm: refactor the way fw_key_table is handled.\n- iwlwifi: mvm: remove an extra tab.\n- iwlwifi: mvm: Remove bf_vif from iwl_power_vifs.\n- iwlwifi: mvm: Remove iwl_mvm_update_beacon_abort.\n- iwlwifi: mvm: remove redundant d0i3 flag from the config struct.\n- iwlwifi: mvm: remove shadowing variable.\n- iwlwifi: mvm: remove stray nd_config element.\n- iwlwifi: mvm: remove the vif parameter of iwl_mvm_configure_bcast_filter().\n- iwlwifi: mvm: remove unnecessary check in iwl_mvm_is_d0i3_supported().\n- iwlwifi: mvm: remove useless WARN_ON and rely on cfg80211\u0027s combination.\n- iwlwifi: mvm: report wakeup for wowlan.\n- iwlwifi: mvm: reset mvm-\u003escan_type when firmware is started.\n- iwlwifi: mvm: return the cooling state index instead of the budget.\n- iwlwifi: mvm: ROC: cleanup time event info on FW failure.\n- iwlwifi: mvm: ROC: Extend the ROC max delay duration \u0026 limit ROC duration.\n- iwlwifi: mvm: rs: fix a potential out of bounds access.\n- iwlwifi: mvm: rs: fix a theoretical access to uninitialized array elements.\n- iwlwifi: mvm: rs: fix a warning message.\n- iwlwifi: mvm: rs: fix TPC action decision algorithm.\n- iwlwifi: mvm: rs: fix TPC statistics handling.\n- iwlwifi: mvm: Send power command on BSS_CHANGED_BEACON_INFO if needed.\n- iwlwifi: mvm: set default new STA as non-aggregated.\n- iwlwifi: mvm: set the correct amsdu enum values.\n- iwlwifi: mvm: set the correct descriptor size for tracing.\n- iwlwifi: mvm: small update in the firmware API.\n- iwlwifi: mvm: support A-MSDU in A-MPDU.\n- iwlwifi: mvm: support beacon storing.\n- iwlwifi: mvm: support description for user triggered fw dbg collection.\n- iwlwifi: mvm: support rss queues configuration command.\n- iwlwifi: mvm: Support setting continuous recording debug mode.\n- iwlwifi: mvm: support setting minimum quota from debugfs.\n- iwlwifi: mvm: support sw queue start/stop from mvm.\n- iwlwifi: mvm: take care of padded packets.\n- iwlwifi: mvm: take the transport ref back when leaving.\n- iwlwifi: mvm: track low-latency sources separately.\n- iwlwifi: mvm: update GSCAN capabilities.\n- iwlwifi: mvm: update ucode status before stopping device.\n- iwlwifi: mvm: use build-time assertion for fw trigger ID.\n- iwlwifi: mvm: use firmware station lookup, combine code.\n- iwlwifi: mvm: various trivial cleanups.\n- iwlwifi: mvm: writing zero bytes to debugfs causes a crash.\n- iwlwifi: nvm: fix loading default NVM file.\n- iwlwifi: nvm: fix up phy section when reading it.\n- iwlwifi: pcie: add 9000 series multi queue rx DMA support.\n- iwlwifi: pcie: add infrastructure for multi-queue rx.\n- iwlwifi: pcie: add initial RTPM support for PCI.\n- iwlwifi: pcie: Add new configuration to enable MSIX.\n- iwlwifi: pcie: add pm_prepare and pm_complete ops.\n- iwlwifi: pcie: add RTPM support when wifi is enabled.\n- iwlwifi: pcie: aggregate Flow Handler configuration writes.\n- iwlwifi: pcie: allow the op_mode to block the tx queues.\n- iwlwifi: pcie: allow to pretend to have Tx CSUM for debug.\n- iwlwifi: pcie: avoid restocks inside rx loop if not emergency.\n- iwlwifi: pcie: buffer packets to avoid overflowing Tx queues.\n- iwlwifi: pcie: build an A-MSDU using TSO core.\n- iwlwifi: pcie: configure more RFH settings.\n- iwlwifi: pcie: detect and workaround invalid write ptr behavior.\n- iwlwifi: pcie: don\u0027t increment / decrement a bool.\n- iwlwifi: pcie: enable interrupts before releasing the NIC\u0027s CPU.\n- iwlwifi: pcie: enable multi-queue rx path.\n- iwlwifi: pcie: extend device reset delay.\n- iwlwifi: pcie: fine tune number of rxbs.\n- iwlwifi: pcie: fix a race in firmware loading flow.\n- iwlwifi: pcie: fix erroneous return value.\n- iwlwifi: pcie: fix global table size.\n- iwlwifi: pcie: fix identation in trans.c.\n- iwlwifi: pcie: fix RF-Kill vs. firmware load race.\n- iwlwifi: pcie: forbid RTPM on device removal.\n- iwlwifi: pcie: mark command queue lock with separate lockdep class.\n- iwlwifi: pcie: prevent skbs shadowing in iwl_trans_pcie_reclaim.\n- iwlwifi: pcie: refactor RXBs reclaiming code.\n- iwlwifi: pcie: remove ICT allocation message.\n- iwlwifi: pcie: remove pointer from debug message.\n- iwlwifi: pcie: re-organize code towards TSO.\n- iwlwifi: pcie: set RB chunk size back to 64.\n- iwlwifi: pcie: update iwl_mpdu_desc fields.\n- iwlwifi: print index in api/capa flags parsing message.\n- iwlwifi: refactor the code that reads the MAC address from the NVM.\n- iwlwifi: remove IWL_DL_LED.\n- iwlwifi: remove unused parameter from grab_nic_access.\n- iwlwifi: replace d0i3_mode and wowlan_d0i3 with more generic variables.\n- iwlwifi: set max firmware version of 7265 to 17.\n- iwlwifi: support ucode with d0 unified image - regular and usniffer.\n- iwlwifi: trans: make various conversion macros inlines.\n- iwlwifi: trans: support a callback for ASYNC commands.\n- iwlwifi: treat iwl_parse_nvm_data() MAC addr as little endian.\n- iwlwifi: tt: move ucode_loaded check under mutex.\n- iwlwifi: uninline iwl_trans_send_cmd.\n- iwlwifi: update host command messages to new format.\n- iwlwifi: Update PCI IDs for 8000 and 9000 series.\n- iwlwifi: update support for 3168 series firmware and NVM.\n- iwlwifi: various comments and code cleanups.\n- kabi: ignore fs_info parameter for tracepoints that didn\u0027t have it (bsc#1044912).\n- kabi/severities: ignore kABi changes in iwlwifi stuff itself\n- lan78xx: use skb_cow_head() to deal with cloned skbs (bsc#1045154).\n- Linux 4.4.74 (CVE-2017-1000364 bnc#1012382 bnc#1039348 bnc#1045340 bsc#1031717 bsc#1043231).\n- loop: Add PF_LESS_THROTTLE to block/loop device thread (bsc#1027101).\n- md: fix a null dereference (bsc#1040351).\n- md: use a separate bio_set for synchronous IO (bsc#1040351).\n- mm: fix new crash in unmapped_area_topdown() (bnc#1039348).\n- mm: larger stack guard gap, between vmas (bnc#1039348, CVE-2017-1000364, bnc#1045340).\n- net/mlx5e: Fix timestamping capabilities reporting (bsc#966170 bsc#1015342).\n- NFSv4: don\u0027t let hanging mounts block other mounts (bsc#1040364).\n- powerpc/fadump: add reschedule point while releasing memory (bsc#1040609).\n- powerpc/fadump: avoid duplicates in crash memory ranges (bsc#1037669).\n- powerpc/fadump: avoid holes in boot memory area when fadump is registered (bsc#1037669).\n- powerpc/fadump: provide a helpful error message (bsc#1037669).\n- powerpc/fadump: return error when fadump registration fails (bsc#1040567).\n- powerpc/ftrace: Pass the correct stack pointer for DYNAMIC_FTRACE_WITH_REGS (FATE#322421).\n- printk: Correctly handle preemption in console_unlock() (bsc#1046434).\n- printk/xen: Force printk sync mode when migrating Xen guest (bsc#1043347).\n- RDMA/iw_cxgb4: Always wake up waiter in c4iw_peer_abort_intr() (bsc#1026570).\n- Reenable and refresh patches.suse/iwlwifi-expose-default-fallback-ucode-api.\n- reiserfs: don\u0027t preallocate blocks for extended attributes (bsc#990682).\n- smartpqi: limit transfer length to 1MB (bsc#1025461).\n- tty: Destroy ldisc instance on hangup (bnc#1043488).\n- tty: Fix ldisc crash on reopened tty (bnc#1043488).\n- tty: Handle NULL tty-\u003eldisc (bnc#1043488).\n- tty: Move tty_ldisc_kill() (bnc#1043488).\n- tty: Prepare for destroying line discipline on hangup (bnc#1043488).\n- tty: Refactor tty_ldisc_reinit() for reuse (bnc#1043488).\n- tty: Reset c_line from driver\u0027s init_termios (bnc#1043488).\n- tty: Simplify tty_set_ldisc() exit handling (bnc#1043488).\n- tty: Use \u0027disc\u0027 for line discipline index name (bnc#1043488).\n- Update config files: add CONFIG_IWLWIFI_PCIE_RTPM=y (FATE#323335)\n- Update patches.fixes/xfs-split-default-quota-limits-by-quota-type.patch (bsc#1040941). Fix the bug nr used.\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-SLE-RT-12-SP2-2017-1231",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2017_1990-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2017:1990-1",
"url": "https://www.suse.com/support/update/announcement/2017/suse-su-20171990-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2017:1990-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2017-July/003073.html"
},
{
"category": "self",
"summary": "SUSE Bug 1000092",
"url": "https://bugzilla.suse.com/1000092"
},
{
"category": "self",
"summary": "SUSE Bug 1003077",
"url": "https://bugzilla.suse.com/1003077"
},
{
"category": "self",
"summary": "SUSE Bug 1003581",
"url": "https://bugzilla.suse.com/1003581"
},
{
"category": "self",
"summary": "SUSE Bug 1004003",
"url": "https://bugzilla.suse.com/1004003"
},
{
"category": "self",
"summary": "SUSE Bug 1007729",
"url": "https://bugzilla.suse.com/1007729"
},
{
"category": "self",
"summary": "SUSE Bug 1007959",
"url": "https://bugzilla.suse.com/1007959"
},
{
"category": "self",
"summary": "SUSE Bug 1007962",
"url": "https://bugzilla.suse.com/1007962"
},
{
"category": "self",
"summary": "SUSE Bug 1008842",
"url": "https://bugzilla.suse.com/1008842"
},
{
"category": "self",
"summary": "SUSE Bug 1009674",
"url": "https://bugzilla.suse.com/1009674"
},
{
"category": "self",
"summary": "SUSE Bug 1009718",
"url": "https://bugzilla.suse.com/1009718"
},
{
"category": "self",
"summary": "SUSE Bug 1010032",
"url": "https://bugzilla.suse.com/1010032"
},
{
"category": "self",
"summary": "SUSE Bug 1010612",
"url": "https://bugzilla.suse.com/1010612"
},
{
"category": "self",
"summary": "SUSE Bug 1010690",
"url": "https://bugzilla.suse.com/1010690"
},
{
"category": "self",
"summary": "SUSE Bug 1011044",
"url": "https://bugzilla.suse.com/1011044"
},
{
"category": "self",
"summary": "SUSE Bug 1011176",
"url": "https://bugzilla.suse.com/1011176"
},
{
"category": "self",
"summary": "SUSE Bug 1011913",
"url": "https://bugzilla.suse.com/1011913"
},
{
"category": "self",
"summary": "SUSE Bug 1012060",
"url": "https://bugzilla.suse.com/1012060"
},
{
"category": "self",
"summary": "SUSE Bug 1012382",
"url": "https://bugzilla.suse.com/1012382"
},
{
"category": "self",
"summary": "SUSE Bug 1012422",
"url": "https://bugzilla.suse.com/1012422"
},
{
"category": "self",
"summary": "SUSE Bug 1012452",
"url": "https://bugzilla.suse.com/1012452"
},
{
"category": "self",
"summary": "SUSE Bug 1012829",
"url": "https://bugzilla.suse.com/1012829"
},
{
"category": "self",
"summary": "SUSE Bug 1012910",
"url": "https://bugzilla.suse.com/1012910"
},
{
"category": "self",
"summary": "SUSE Bug 1012985",
"url": "https://bugzilla.suse.com/1012985"
},
{
"category": "self",
"summary": "SUSE Bug 1013001",
"url": "https://bugzilla.suse.com/1013001"
},
{
"category": "self",
"summary": "SUSE Bug 1013561",
"url": "https://bugzilla.suse.com/1013561"
},
{
"category": "self",
"summary": "SUSE Bug 1013792",
"url": "https://bugzilla.suse.com/1013792"
},
{
"category": "self",
"summary": "SUSE Bug 1013887",
"url": "https://bugzilla.suse.com/1013887"
},
{
"category": "self",
"summary": "SUSE Bug 1013994",
"url": "https://bugzilla.suse.com/1013994"
},
{
"category": "self",
"summary": "SUSE Bug 1014120",
"url": "https://bugzilla.suse.com/1014120"
},
{
"category": "self",
"summary": "SUSE Bug 1014136",
"url": "https://bugzilla.suse.com/1014136"
},
{
"category": "self",
"summary": "SUSE Bug 1015342",
"url": "https://bugzilla.suse.com/1015342"
},
{
"category": "self",
"summary": "SUSE Bug 1015367",
"url": "https://bugzilla.suse.com/1015367"
},
{
"category": "self",
"summary": "SUSE Bug 1015452",
"url": "https://bugzilla.suse.com/1015452"
},
{
"category": "self",
"summary": "SUSE Bug 1015609",
"url": "https://bugzilla.suse.com/1015609"
},
{
"category": "self",
"summary": "SUSE Bug 1016403",
"url": "https://bugzilla.suse.com/1016403"
},
{
"category": "self",
"summary": "SUSE Bug 1017164",
"url": "https://bugzilla.suse.com/1017164"
},
{
"category": "self",
"summary": "SUSE Bug 1017170",
"url": "https://bugzilla.suse.com/1017170"
},
{
"category": "self",
"summary": "SUSE Bug 1017410",
"url": "https://bugzilla.suse.com/1017410"
},
{
"category": "self",
"summary": "SUSE Bug 1017461",
"url": "https://bugzilla.suse.com/1017461"
},
{
"category": "self",
"summary": "SUSE Bug 1017641",
"url": "https://bugzilla.suse.com/1017641"
},
{
"category": "self",
"summary": "SUSE Bug 1018100",
"url": "https://bugzilla.suse.com/1018100"
},
{
"category": "self",
"summary": "SUSE Bug 1018263",
"url": "https://bugzilla.suse.com/1018263"
},
{
"category": "self",
"summary": "SUSE Bug 1018358",
"url": "https://bugzilla.suse.com/1018358"
},
{
"category": "self",
"summary": "SUSE Bug 1018385",
"url": "https://bugzilla.suse.com/1018385"
},
{
"category": "self",
"summary": "SUSE Bug 1018419",
"url": "https://bugzilla.suse.com/1018419"
},
{
"category": "self",
"summary": "SUSE Bug 1018446",
"url": "https://bugzilla.suse.com/1018446"
},
{
"category": "self",
"summary": "SUSE Bug 1018813",
"url": "https://bugzilla.suse.com/1018813"
},
{
"category": "self",
"summary": "SUSE Bug 1018885",
"url": "https://bugzilla.suse.com/1018885"
},
{
"category": "self",
"summary": "SUSE Bug 1018913",
"url": "https://bugzilla.suse.com/1018913"
},
{
"category": "self",
"summary": "SUSE Bug 1019061",
"url": "https://bugzilla.suse.com/1019061"
},
{
"category": "self",
"summary": "SUSE Bug 1019148",
"url": "https://bugzilla.suse.com/1019148"
},
{
"category": "self",
"summary": "SUSE Bug 1019163",
"url": "https://bugzilla.suse.com/1019163"
},
{
"category": "self",
"summary": "SUSE Bug 1019168",
"url": "https://bugzilla.suse.com/1019168"
},
{
"category": "self",
"summary": "SUSE Bug 1019260",
"url": "https://bugzilla.suse.com/1019260"
},
{
"category": "self",
"summary": "SUSE Bug 1019351",
"url": "https://bugzilla.suse.com/1019351"
},
{
"category": "self",
"summary": "SUSE Bug 1019594",
"url": "https://bugzilla.suse.com/1019594"
},
{
"category": "self",
"summary": "SUSE Bug 1019614",
"url": "https://bugzilla.suse.com/1019614"
},
{
"category": "self",
"summary": "SUSE Bug 1019618",
"url": "https://bugzilla.suse.com/1019618"
},
{
"category": "self",
"summary": "SUSE Bug 1019630",
"url": "https://bugzilla.suse.com/1019630"
},
{
"category": "self",
"summary": "SUSE Bug 1019631",
"url": "https://bugzilla.suse.com/1019631"
},
{
"category": "self",
"summary": "SUSE Bug 1019784",
"url": "https://bugzilla.suse.com/1019784"
},
{
"category": "self",
"summary": "SUSE Bug 1019851",
"url": "https://bugzilla.suse.com/1019851"
},
{
"category": "self",
"summary": "SUSE Bug 1020048",
"url": "https://bugzilla.suse.com/1020048"
},
{
"category": "self",
"summary": "SUSE Bug 1020214",
"url": "https://bugzilla.suse.com/1020214"
},
{
"category": "self",
"summary": "SUSE Bug 1020412",
"url": "https://bugzilla.suse.com/1020412"
},
{
"category": "self",
"summary": "SUSE Bug 1020488",
"url": "https://bugzilla.suse.com/1020488"
},
{
"category": "self",
"summary": "SUSE Bug 1020602",
"url": "https://bugzilla.suse.com/1020602"
},
{
"category": "self",
"summary": "SUSE Bug 1020685",
"url": "https://bugzilla.suse.com/1020685"
},
{
"category": "self",
"summary": "SUSE Bug 1020817",
"url": "https://bugzilla.suse.com/1020817"
},
{
"category": "self",
"summary": "SUSE Bug 1020945",
"url": "https://bugzilla.suse.com/1020945"
},
{
"category": "self",
"summary": "SUSE Bug 1020975",
"url": "https://bugzilla.suse.com/1020975"
},
{
"category": "self",
"summary": "SUSE Bug 1021082",
"url": "https://bugzilla.suse.com/1021082"
},
{
"category": "self",
"summary": "SUSE Bug 1021248",
"url": "https://bugzilla.suse.com/1021248"
},
{
"category": "self",
"summary": "SUSE Bug 1021251",
"url": "https://bugzilla.suse.com/1021251"
},
{
"category": "self",
"summary": "SUSE Bug 1021258",
"url": "https://bugzilla.suse.com/1021258"
},
{
"category": "self",
"summary": "SUSE Bug 1021260",
"url": "https://bugzilla.suse.com/1021260"
},
{
"category": "self",
"summary": "SUSE Bug 1021294",
"url": "https://bugzilla.suse.com/1021294"
},
{
"category": "self",
"summary": "SUSE Bug 1021424",
"url": "https://bugzilla.suse.com/1021424"
},
{
"category": "self",
"summary": "SUSE Bug 1021455",
"url": "https://bugzilla.suse.com/1021455"
},
{
"category": "self",
"summary": "SUSE Bug 1021474",
"url": "https://bugzilla.suse.com/1021474"
},
{
"category": "self",
"summary": "SUSE Bug 1021762",
"url": "https://bugzilla.suse.com/1021762"
},
{
"category": "self",
"summary": "SUSE Bug 1022181",
"url": "https://bugzilla.suse.com/1022181"
},
{
"category": "self",
"summary": "SUSE Bug 1022266",
"url": "https://bugzilla.suse.com/1022266"
},
{
"category": "self",
"summary": "SUSE Bug 1022304",
"url": "https://bugzilla.suse.com/1022304"
},
{
"category": "self",
"summary": "SUSE Bug 1022340",
"url": "https://bugzilla.suse.com/1022340"
},
{
"category": "self",
"summary": "SUSE Bug 1022429",
"url": "https://bugzilla.suse.com/1022429"
},
{
"category": "self",
"summary": "SUSE Bug 1022476",
"url": "https://bugzilla.suse.com/1022476"
},
{
"category": "self",
"summary": "SUSE Bug 1022547",
"url": "https://bugzilla.suse.com/1022547"
},
{
"category": "self",
"summary": "SUSE Bug 1022559",
"url": "https://bugzilla.suse.com/1022559"
},
{
"category": "self",
"summary": "SUSE Bug 1022595",
"url": "https://bugzilla.suse.com/1022595"
},
{
"category": "self",
"summary": "SUSE Bug 1022785",
"url": "https://bugzilla.suse.com/1022785"
},
{
"category": "self",
"summary": "SUSE Bug 1022971",
"url": "https://bugzilla.suse.com/1022971"
},
{
"category": "self",
"summary": "SUSE Bug 1023101",
"url": "https://bugzilla.suse.com/1023101"
},
{
"category": "self",
"summary": "SUSE Bug 1023175",
"url": "https://bugzilla.suse.com/1023175"
},
{
"category": "self",
"summary": "SUSE Bug 1023287",
"url": "https://bugzilla.suse.com/1023287"
},
{
"category": "self",
"summary": "SUSE Bug 1023762",
"url": "https://bugzilla.suse.com/1023762"
},
{
"category": "self",
"summary": "SUSE Bug 1023866",
"url": "https://bugzilla.suse.com/1023866"
},
{
"category": "self",
"summary": "SUSE Bug 1023884",
"url": "https://bugzilla.suse.com/1023884"
},
{
"category": "self",
"summary": "SUSE Bug 1023888",
"url": "https://bugzilla.suse.com/1023888"
},
{
"category": "self",
"summary": "SUSE Bug 1024015",
"url": "https://bugzilla.suse.com/1024015"
},
{
"category": "self",
"summary": "SUSE Bug 1024081",
"url": "https://bugzilla.suse.com/1024081"
},
{
"category": "self",
"summary": "SUSE Bug 1024234",
"url": "https://bugzilla.suse.com/1024234"
},
{
"category": "self",
"summary": "SUSE Bug 1024508",
"url": "https://bugzilla.suse.com/1024508"
},
{
"category": "self",
"summary": "SUSE Bug 1024938",
"url": "https://bugzilla.suse.com/1024938"
},
{
"category": "self",
"summary": "SUSE Bug 1025039",
"url": "https://bugzilla.suse.com/1025039"
},
{
"category": "self",
"summary": "SUSE Bug 1025235",
"url": "https://bugzilla.suse.com/1025235"
},
{
"category": "self",
"summary": "SUSE Bug 1025461",
"url": "https://bugzilla.suse.com/1025461"
},
{
"category": "self",
"summary": "SUSE Bug 1025683",
"url": "https://bugzilla.suse.com/1025683"
},
{
"category": "self",
"summary": "SUSE Bug 1026024",
"url": "https://bugzilla.suse.com/1026024"
},
{
"category": "self",
"summary": "SUSE Bug 1026405",
"url": "https://bugzilla.suse.com/1026405"
},
{
"category": "self",
"summary": "SUSE Bug 1026462",
"url": "https://bugzilla.suse.com/1026462"
},
{
"category": "self",
"summary": "SUSE Bug 1026505",
"url": "https://bugzilla.suse.com/1026505"
},
{
"category": "self",
"summary": "SUSE Bug 1026509",
"url": "https://bugzilla.suse.com/1026509"
},
{
"category": "self",
"summary": "SUSE Bug 1026570",
"url": "https://bugzilla.suse.com/1026570"
},
{
"category": "self",
"summary": "SUSE Bug 1026692",
"url": "https://bugzilla.suse.com/1026692"
},
{
"category": "self",
"summary": "SUSE Bug 1026722",
"url": "https://bugzilla.suse.com/1026722"
},
{
"category": "self",
"summary": "SUSE Bug 1027054",
"url": "https://bugzilla.suse.com/1027054"
},
{
"category": "self",
"summary": "SUSE Bug 1027066",
"url": "https://bugzilla.suse.com/1027066"
},
{
"category": "self",
"summary": "SUSE Bug 1027101",
"url": "https://bugzilla.suse.com/1027101"
},
{
"category": "self",
"summary": "SUSE Bug 1027153",
"url": "https://bugzilla.suse.com/1027153"
},
{
"category": "self",
"summary": "SUSE Bug 1027179",
"url": "https://bugzilla.suse.com/1027179"
},
{
"category": "self",
"summary": "SUSE Bug 1027189",
"url": "https://bugzilla.suse.com/1027189"
},
{
"category": "self",
"summary": "SUSE Bug 1027190",
"url": "https://bugzilla.suse.com/1027190"
},
{
"category": "self",
"summary": "SUSE Bug 1027195",
"url": "https://bugzilla.suse.com/1027195"
},
{
"category": "self",
"summary": "SUSE Bug 1027273",
"url": "https://bugzilla.suse.com/1027273"
},
{
"category": "self",
"summary": "SUSE Bug 1027512",
"url": "https://bugzilla.suse.com/1027512"
},
{
"category": "self",
"summary": "SUSE Bug 1027565",
"url": "https://bugzilla.suse.com/1027565"
},
{
"category": "self",
"summary": "SUSE Bug 1027616",
"url": "https://bugzilla.suse.com/1027616"
},
{
"category": "self",
"summary": "SUSE Bug 1027974",
"url": "https://bugzilla.suse.com/1027974"
},
{
"category": "self",
"summary": "SUSE Bug 1028017",
"url": "https://bugzilla.suse.com/1028017"
},
{
"category": "self",
"summary": "SUSE Bug 1028027",
"url": "https://bugzilla.suse.com/1028027"
},
{
"category": "self",
"summary": "SUSE Bug 1028041",
"url": "https://bugzilla.suse.com/1028041"
},
{
"category": "self",
"summary": "SUSE Bug 1028158",
"url": "https://bugzilla.suse.com/1028158"
},
{
"category": "self",
"summary": "SUSE Bug 1028217",
"url": "https://bugzilla.suse.com/1028217"
},
{
"category": "self",
"summary": "SUSE Bug 1028310",
"url": "https://bugzilla.suse.com/1028310"
},
{
"category": "self",
"summary": "SUSE Bug 1028325",
"url": "https://bugzilla.suse.com/1028325"
},
{
"category": "self",
"summary": "SUSE Bug 1028340",
"url": "https://bugzilla.suse.com/1028340"
},
{
"category": "self",
"summary": "SUSE Bug 1028372",
"url": "https://bugzilla.suse.com/1028372"
},
{
"category": "self",
"summary": "SUSE Bug 1028415",
"url": "https://bugzilla.suse.com/1028415"
},
{
"category": "self",
"summary": "SUSE Bug 1028819",
"url": "https://bugzilla.suse.com/1028819"
},
{
"category": "self",
"summary": "SUSE Bug 1028883",
"url": "https://bugzilla.suse.com/1028883"
},
{
"category": "self",
"summary": "SUSE Bug 1028895",
"url": "https://bugzilla.suse.com/1028895"
},
{
"category": "self",
"summary": "SUSE Bug 1029220",
"url": "https://bugzilla.suse.com/1029220"
},
{
"category": "self",
"summary": "SUSE Bug 1029514",
"url": "https://bugzilla.suse.com/1029514"
},
{
"category": "self",
"summary": "SUSE Bug 1029607",
"url": "https://bugzilla.suse.com/1029607"
},
{
"category": "self",
"summary": "SUSE Bug 1029634",
"url": "https://bugzilla.suse.com/1029634"
},
{
"category": "self",
"summary": "SUSE Bug 1029986",
"url": "https://bugzilla.suse.com/1029986"
},
{
"category": "self",
"summary": "SUSE Bug 1030057",
"url": "https://bugzilla.suse.com/1030057"
},
{
"category": "self",
"summary": "SUSE Bug 1030070",
"url": "https://bugzilla.suse.com/1030070"
},
{
"category": "self",
"summary": "SUSE Bug 1030118",
"url": "https://bugzilla.suse.com/1030118"
},
{
"category": "self",
"summary": "SUSE Bug 1030213",
"url": "https://bugzilla.suse.com/1030213"
},
{
"category": "self",
"summary": "SUSE Bug 1030573",
"url": "https://bugzilla.suse.com/1030573"
},
{
"category": "self",
"summary": "SUSE Bug 1031003",
"url": "https://bugzilla.suse.com/1031003"
},
{
"category": "self",
"summary": "SUSE Bug 1031040",
"url": "https://bugzilla.suse.com/1031040"
},
{
"category": "self",
"summary": "SUSE Bug 1031052",
"url": "https://bugzilla.suse.com/1031052"
},
{
"category": "self",
"summary": "SUSE Bug 1031142",
"url": "https://bugzilla.suse.com/1031142"
},
{
"category": "self",
"summary": "SUSE Bug 1031147",
"url": "https://bugzilla.suse.com/1031147"
},
{
"category": "self",
"summary": "SUSE Bug 1031200",
"url": "https://bugzilla.suse.com/1031200"
},
{
"category": "self",
"summary": "SUSE Bug 1031206",
"url": "https://bugzilla.suse.com/1031206"
},
{
"category": "self",
"summary": "SUSE Bug 1031208",
"url": "https://bugzilla.suse.com/1031208"
},
{
"category": "self",
"summary": "SUSE Bug 1031440",
"url": "https://bugzilla.suse.com/1031440"
},
{
"category": "self",
"summary": "SUSE Bug 1031470",
"url": "https://bugzilla.suse.com/1031470"
},
{
"category": "self",
"summary": "SUSE Bug 1031500",
"url": "https://bugzilla.suse.com/1031500"
},
{
"category": "self",
"summary": "SUSE Bug 1031512",
"url": "https://bugzilla.suse.com/1031512"
},
{
"category": "self",
"summary": "SUSE Bug 1031555",
"url": "https://bugzilla.suse.com/1031555"
},
{
"category": "self",
"summary": "SUSE Bug 1031579",
"url": "https://bugzilla.suse.com/1031579"
},
{
"category": "self",
"summary": "SUSE Bug 1031662",
"url": "https://bugzilla.suse.com/1031662"
},
{
"category": "self",
"summary": "SUSE Bug 1031717",
"url": "https://bugzilla.suse.com/1031717"
},
{
"category": "self",
"summary": "SUSE Bug 1031796",
"url": "https://bugzilla.suse.com/1031796"
},
{
"category": "self",
"summary": "SUSE Bug 1031831",
"url": "https://bugzilla.suse.com/1031831"
},
{
"category": "self",
"summary": "SUSE Bug 1032006",
"url": "https://bugzilla.suse.com/1032006"
},
{
"category": "self",
"summary": "SUSE Bug 1032141",
"url": "https://bugzilla.suse.com/1032141"
},
{
"category": "self",
"summary": "SUSE Bug 1032339",
"url": "https://bugzilla.suse.com/1032339"
},
{
"category": "self",
"summary": "SUSE Bug 1032345",
"url": "https://bugzilla.suse.com/1032345"
},
{
"category": "self",
"summary": "SUSE Bug 1032400",
"url": "https://bugzilla.suse.com/1032400"
},
{
"category": "self",
"summary": "SUSE Bug 1032581",
"url": "https://bugzilla.suse.com/1032581"
},
{
"category": "self",
"summary": "SUSE Bug 1032673",
"url": "https://bugzilla.suse.com/1032673"
},
{
"category": "self",
"summary": "SUSE Bug 1032681",
"url": "https://bugzilla.suse.com/1032681"
},
{
"category": "self",
"summary": "SUSE Bug 1032803",
"url": "https://bugzilla.suse.com/1032803"
},
{
"category": "self",
"summary": "SUSE Bug 1033117",
"url": "https://bugzilla.suse.com/1033117"
},
{
"category": "self",
"summary": "SUSE Bug 1033281",
"url": "https://bugzilla.suse.com/1033281"
},
{
"category": "self",
"summary": "SUSE Bug 1033287",
"url": "https://bugzilla.suse.com/1033287"
},
{
"category": "self",
"summary": "SUSE Bug 1033336",
"url": "https://bugzilla.suse.com/1033336"
},
{
"category": "self",
"summary": "SUSE Bug 1033340",
"url": "https://bugzilla.suse.com/1033340"
},
{
"category": "self",
"summary": "SUSE Bug 1033885",
"url": "https://bugzilla.suse.com/1033885"
},
{
"category": "self",
"summary": "SUSE Bug 1034048",
"url": "https://bugzilla.suse.com/1034048"
},
{
"category": "self",
"summary": "SUSE Bug 1034419",
"url": "https://bugzilla.suse.com/1034419"
},
{
"category": "self",
"summary": "SUSE Bug 1034635",
"url": "https://bugzilla.suse.com/1034635"
},
{
"category": "self",
"summary": "SUSE Bug 1034670",
"url": "https://bugzilla.suse.com/1034670"
},
{
"category": "self",
"summary": "SUSE Bug 1034671",
"url": "https://bugzilla.suse.com/1034671"
},
{
"category": "self",
"summary": "SUSE Bug 1034762",
"url": "https://bugzilla.suse.com/1034762"
},
{
"category": "self",
"summary": "SUSE Bug 1034902",
"url": "https://bugzilla.suse.com/1034902"
},
{
"category": "self",
"summary": "SUSE Bug 1034995",
"url": "https://bugzilla.suse.com/1034995"
},
{
"category": "self",
"summary": "SUSE Bug 1035024",
"url": "https://bugzilla.suse.com/1035024"
},
{
"category": "self",
"summary": "SUSE Bug 1035866",
"url": "https://bugzilla.suse.com/1035866"
},
{
"category": "self",
"summary": "SUSE Bug 1035887",
"url": "https://bugzilla.suse.com/1035887"
},
{
"category": "self",
"summary": "SUSE Bug 1035920",
"url": "https://bugzilla.suse.com/1035920"
},
{
"category": "self",
"summary": "SUSE Bug 1035922",
"url": "https://bugzilla.suse.com/1035922"
},
{
"category": "self",
"summary": "SUSE Bug 1036214",
"url": "https://bugzilla.suse.com/1036214"
},
{
"category": "self",
"summary": "SUSE Bug 1036638",
"url": "https://bugzilla.suse.com/1036638"
},
{
"category": "self",
"summary": "SUSE Bug 1036752",
"url": "https://bugzilla.suse.com/1036752"
},
{
"category": "self",
"summary": "SUSE Bug 1036763",
"url": "https://bugzilla.suse.com/1036763"
},
{
"category": "self",
"summary": "SUSE Bug 1037177",
"url": "https://bugzilla.suse.com/1037177"
},
{
"category": "self",
"summary": "SUSE Bug 1037186",
"url": "https://bugzilla.suse.com/1037186"
},
{
"category": "self",
"summary": "SUSE Bug 1037384",
"url": "https://bugzilla.suse.com/1037384"
},
{
"category": "self",
"summary": "SUSE Bug 1037483",
"url": "https://bugzilla.suse.com/1037483"
},
{
"category": "self",
"summary": "SUSE Bug 1037669",
"url": "https://bugzilla.suse.com/1037669"
},
{
"category": "self",
"summary": "SUSE Bug 1037840",
"url": "https://bugzilla.suse.com/1037840"
},
{
"category": "self",
"summary": "SUSE Bug 1037871",
"url": "https://bugzilla.suse.com/1037871"
},
{
"category": "self",
"summary": "SUSE Bug 1037969",
"url": "https://bugzilla.suse.com/1037969"
},
{
"category": "self",
"summary": "SUSE Bug 1038033",
"url": "https://bugzilla.suse.com/1038033"
},
{
"category": "self",
"summary": "SUSE Bug 1038043",
"url": "https://bugzilla.suse.com/1038043"
},
{
"category": "self",
"summary": "SUSE Bug 1038085",
"url": "https://bugzilla.suse.com/1038085"
},
{
"category": "self",
"summary": "SUSE Bug 1038142",
"url": "https://bugzilla.suse.com/1038142"
},
{
"category": "self",
"summary": "SUSE Bug 1038143",
"url": "https://bugzilla.suse.com/1038143"
},
{
"category": "self",
"summary": "SUSE Bug 1038297",
"url": "https://bugzilla.suse.com/1038297"
},
{
"category": "self",
"summary": "SUSE Bug 1038458",
"url": "https://bugzilla.suse.com/1038458"
},
{
"category": "self",
"summary": "SUSE Bug 1038544",
"url": "https://bugzilla.suse.com/1038544"
},
{
"category": "self",
"summary": "SUSE Bug 1038842",
"url": "https://bugzilla.suse.com/1038842"
},
{
"category": "self",
"summary": "SUSE Bug 1038843",
"url": "https://bugzilla.suse.com/1038843"
},
{
"category": "self",
"summary": "SUSE Bug 1038846",
"url": "https://bugzilla.suse.com/1038846"
},
{
"category": "self",
"summary": "SUSE Bug 1038847",
"url": "https://bugzilla.suse.com/1038847"
},
{
"category": "self",
"summary": "SUSE Bug 1038848",
"url": "https://bugzilla.suse.com/1038848"
},
{
"category": "self",
"summary": "SUSE Bug 1038879",
"url": "https://bugzilla.suse.com/1038879"
},
{
"category": "self",
"summary": "SUSE Bug 1038981",
"url": "https://bugzilla.suse.com/1038981"
},
{
"category": "self",
"summary": "SUSE Bug 1038982",
"url": "https://bugzilla.suse.com/1038982"
},
{
"category": "self",
"summary": "SUSE Bug 1039348",
"url": "https://bugzilla.suse.com/1039348"
},
{
"category": "self",
"summary": "SUSE Bug 1039354",
"url": "https://bugzilla.suse.com/1039354"
},
{
"category": "self",
"summary": "SUSE Bug 1039700",
"url": "https://bugzilla.suse.com/1039700"
},
{
"category": "self",
"summary": "SUSE Bug 1039864",
"url": "https://bugzilla.suse.com/1039864"
},
{
"category": "self",
"summary": "SUSE Bug 1039882",
"url": "https://bugzilla.suse.com/1039882"
},
{
"category": "self",
"summary": "SUSE Bug 1039883",
"url": "https://bugzilla.suse.com/1039883"
},
{
"category": "self",
"summary": "SUSE Bug 1039885",
"url": "https://bugzilla.suse.com/1039885"
},
{
"category": "self",
"summary": "SUSE Bug 1039900",
"url": "https://bugzilla.suse.com/1039900"
},
{
"category": "self",
"summary": "SUSE Bug 1040069",
"url": "https://bugzilla.suse.com/1040069"
},
{
"category": "self",
"summary": "SUSE Bug 1040125",
"url": "https://bugzilla.suse.com/1040125"
},
{
"category": "self",
"summary": "SUSE Bug 1040182",
"url": "https://bugzilla.suse.com/1040182"
},
{
"category": "self",
"summary": "SUSE Bug 1040279",
"url": "https://bugzilla.suse.com/1040279"
},
{
"category": "self",
"summary": "SUSE Bug 1040351",
"url": "https://bugzilla.suse.com/1040351"
},
{
"category": "self",
"summary": "SUSE Bug 1040364",
"url": "https://bugzilla.suse.com/1040364"
},
{
"category": "self",
"summary": "SUSE Bug 1040395",
"url": "https://bugzilla.suse.com/1040395"
},
{
"category": "self",
"summary": "SUSE Bug 1040425",
"url": "https://bugzilla.suse.com/1040425"
},
{
"category": "self",
"summary": "SUSE Bug 1040463",
"url": "https://bugzilla.suse.com/1040463"
},
{
"category": "self",
"summary": "SUSE Bug 1040567",
"url": "https://bugzilla.suse.com/1040567"
},
{
"category": "self",
"summary": "SUSE Bug 1040609",
"url": "https://bugzilla.suse.com/1040609"
},
{
"category": "self",
"summary": "SUSE Bug 1040855",
"url": "https://bugzilla.suse.com/1040855"
},
{
"category": "self",
"summary": "SUSE Bug 1040929",
"url": "https://bugzilla.suse.com/1040929"
},
{
"category": "self",
"summary": "SUSE Bug 1040941",
"url": "https://bugzilla.suse.com/1040941"
},
{
"category": "self",
"summary": "SUSE Bug 1041087",
"url": "https://bugzilla.suse.com/1041087"
},
{
"category": "self",
"summary": "SUSE Bug 1041160",
"url": "https://bugzilla.suse.com/1041160"
},
{
"category": "self",
"summary": "SUSE Bug 1041168",
"url": "https://bugzilla.suse.com/1041168"
},
{
"category": "self",
"summary": "SUSE Bug 1041242",
"url": "https://bugzilla.suse.com/1041242"
},
{
"category": "self",
"summary": "SUSE Bug 1041431",
"url": "https://bugzilla.suse.com/1041431"
},
{
"category": "self",
"summary": "SUSE Bug 1041810",
"url": "https://bugzilla.suse.com/1041810"
},
{
"category": "self",
"summary": "SUSE Bug 1042200",
"url": "https://bugzilla.suse.com/1042200"
},
{
"category": "self",
"summary": "SUSE Bug 1042286",
"url": "https://bugzilla.suse.com/1042286"
},
{
"category": "self",
"summary": "SUSE Bug 1042356",
"url": "https://bugzilla.suse.com/1042356"
},
{
"category": "self",
"summary": "SUSE Bug 1042421",
"url": "https://bugzilla.suse.com/1042421"
},
{
"category": "self",
"summary": "SUSE Bug 1042517",
"url": "https://bugzilla.suse.com/1042517"
},
{
"category": "self",
"summary": "SUSE Bug 1042535",
"url": "https://bugzilla.suse.com/1042535"
},
{
"category": "self",
"summary": "SUSE Bug 1042536",
"url": "https://bugzilla.suse.com/1042536"
},
{
"category": "self",
"summary": "SUSE Bug 1042863",
"url": "https://bugzilla.suse.com/1042863"
},
{
"category": "self",
"summary": "SUSE Bug 1042886",
"url": "https://bugzilla.suse.com/1042886"
},
{
"category": "self",
"summary": "SUSE Bug 1043014",
"url": "https://bugzilla.suse.com/1043014"
},
{
"category": "self",
"summary": "SUSE Bug 1043231",
"url": "https://bugzilla.suse.com/1043231"
},
{
"category": "self",
"summary": "SUSE Bug 1043236",
"url": "https://bugzilla.suse.com/1043236"
},
{
"category": "self",
"summary": "SUSE Bug 1043347",
"url": "https://bugzilla.suse.com/1043347"
},
{
"category": "self",
"summary": "SUSE Bug 1043371",
"url": "https://bugzilla.suse.com/1043371"
},
{
"category": "self",
"summary": "SUSE Bug 1043467",
"url": "https://bugzilla.suse.com/1043467"
},
{
"category": "self",
"summary": "SUSE Bug 1043488",
"url": "https://bugzilla.suse.com/1043488"
},
{
"category": "self",
"summary": "SUSE Bug 1043598",
"url": "https://bugzilla.suse.com/1043598"
},
{
"category": "self",
"summary": "SUSE Bug 1043912",
"url": "https://bugzilla.suse.com/1043912"
},
{
"category": "self",
"summary": "SUSE Bug 1043935",
"url": "https://bugzilla.suse.com/1043935"
},
{
"category": "self",
"summary": "SUSE Bug 1043990",
"url": "https://bugzilla.suse.com/1043990"
},
{
"category": "self",
"summary": "SUSE Bug 1044015",
"url": "https://bugzilla.suse.com/1044015"
},
{
"category": "self",
"summary": "SUSE Bug 1044082",
"url": "https://bugzilla.suse.com/1044082"
},
{
"category": "self",
"summary": "SUSE Bug 1044120",
"url": "https://bugzilla.suse.com/1044120"
},
{
"category": "self",
"summary": "SUSE Bug 1044125",
"url": "https://bugzilla.suse.com/1044125"
},
{
"category": "self",
"summary": "SUSE Bug 1044532",
"url": "https://bugzilla.suse.com/1044532"
},
{
"category": "self",
"summary": "SUSE Bug 1044767",
"url": "https://bugzilla.suse.com/1044767"
},
{
"category": "self",
"summary": "SUSE Bug 1044772",
"url": "https://bugzilla.suse.com/1044772"
},
{
"category": "self",
"summary": "SUSE Bug 1044854",
"url": "https://bugzilla.suse.com/1044854"
},
{
"category": "self",
"summary": "SUSE Bug 1044880",
"url": "https://bugzilla.suse.com/1044880"
},
{
"category": "self",
"summary": "SUSE Bug 1044912",
"url": "https://bugzilla.suse.com/1044912"
},
{
"category": "self",
"summary": "SUSE Bug 1045154",
"url": "https://bugzilla.suse.com/1045154"
},
{
"category": "self",
"summary": "SUSE Bug 1045235",
"url": "https://bugzilla.suse.com/1045235"
},
{
"category": "self",
"summary": "SUSE Bug 1045286",
"url": "https://bugzilla.suse.com/1045286"
},
{
"category": "self",
"summary": "SUSE Bug 1045307",
"url": "https://bugzilla.suse.com/1045307"
},
{
"category": "self",
"summary": "SUSE Bug 1045340",
"url": "https://bugzilla.suse.com/1045340"
},
{
"category": "self",
"summary": "SUSE Bug 1045467",
"url": "https://bugzilla.suse.com/1045467"
},
{
"category": "self",
"summary": "SUSE Bug 1045568",
"url": "https://bugzilla.suse.com/1045568"
},
{
"category": "self",
"summary": "SUSE Bug 1046105",
"url": "https://bugzilla.suse.com/1046105"
},
{
"category": "self",
"summary": "SUSE Bug 1046434",
"url": "https://bugzilla.suse.com/1046434"
},
{
"category": "self",
"summary": "SUSE Bug 1046589",
"url": "https://bugzilla.suse.com/1046589"
},
{
"category": "self",
"summary": "SUSE Bug 799133",
"url": "https://bugzilla.suse.com/799133"
},
{
"category": "self",
"summary": "SUSE Bug 863764",
"url": "https://bugzilla.suse.com/863764"
},
{
"category": "self",
"summary": "SUSE Bug 870618",
"url": "https://bugzilla.suse.com/870618"
},
{
"category": "self",
"summary": "SUSE Bug 922871",
"url": "https://bugzilla.suse.com/922871"
},
{
"category": "self",
"summary": "SUSE Bug 951844",
"url": "https://bugzilla.suse.com/951844"
},
{
"category": "self",
"summary": "SUSE Bug 966170",
"url": "https://bugzilla.suse.com/966170"
},
{
"category": "self",
"summary": "SUSE Bug 966172",
"url": "https://bugzilla.suse.com/966172"
},
{
"category": "self",
"summary": "SUSE Bug 966191",
"url": "https://bugzilla.suse.com/966191"
},
{
"category": "self",
"summary": "SUSE Bug 966321",
"url": "https://bugzilla.suse.com/966321"
},
{
"category": "self",
"summary": "SUSE Bug 966339",
"url": "https://bugzilla.suse.com/966339"
},
{
"category": "self",
"summary": "SUSE Bug 968697",
"url": "https://bugzilla.suse.com/968697"
},
{
"category": "self",
"summary": "SUSE Bug 969479",
"url": "https://bugzilla.suse.com/969479"
},
{
"category": "self",
"summary": "SUSE Bug 969755",
"url": "https://bugzilla.suse.com/969755"
},
{
"category": "self",
"summary": "SUSE Bug 970083",
"url": "https://bugzilla.suse.com/970083"
},
{
"category": "self",
"summary": "SUSE Bug 971975",
"url": "https://bugzilla.suse.com/971975"
},
{
"category": "self",
"summary": "SUSE Bug 982783",
"url": "https://bugzilla.suse.com/982783"
},
{
"category": "self",
"summary": "SUSE Bug 985561",
"url": "https://bugzilla.suse.com/985561"
},
{
"category": "self",
"summary": "SUSE Bug 986362",
"url": "https://bugzilla.suse.com/986362"
},
{
"category": "self",
"summary": "SUSE Bug 986365",
"url": "https://bugzilla.suse.com/986365"
},
{
"category": "self",
"summary": "SUSE Bug 987192",
"url": "https://bugzilla.suse.com/987192"
},
{
"category": "self",
"summary": "SUSE Bug 987576",
"url": "https://bugzilla.suse.com/987576"
},
{
"category": "self",
"summary": "SUSE Bug 988065",
"url": "https://bugzilla.suse.com/988065"
},
{
"category": "self",
"summary": "SUSE Bug 989056",
"url": "https://bugzilla.suse.com/989056"
},
{
"category": "self",
"summary": "SUSE Bug 989311",
"url": "https://bugzilla.suse.com/989311"
},
{
"category": "self",
"summary": "SUSE Bug 990058",
"url": "https://bugzilla.suse.com/990058"
},
{
"category": "self",
"summary": "SUSE Bug 990682",
"url": "https://bugzilla.suse.com/990682"
},
{
"category": "self",
"summary": "SUSE Bug 991273",
"url": "https://bugzilla.suse.com/991273"
},
{
"category": "self",
"summary": "SUSE Bug 993832",
"url": "https://bugzilla.suse.com/993832"
},
{
"category": "self",
"summary": "SUSE Bug 995542",
"url": "https://bugzilla.suse.com/995542"
},
{
"category": "self",
"summary": "SUSE Bug 995968",
"url": "https://bugzilla.suse.com/995968"
},
{
"category": "self",
"summary": "SUSE Bug 998106",
"url": "https://bugzilla.suse.com/998106"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-10200 page",
"url": "https://www.suse.com/security/cve/CVE-2016-10200/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-2117 page",
"url": "https://www.suse.com/security/cve/CVE-2016-2117/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-4997 page",
"url": "https://www.suse.com/security/cve/CVE-2016-4997/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-7117 page",
"url": "https://www.suse.com/security/cve/CVE-2016-7117/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-9191 page",
"url": "https://www.suse.com/security/cve/CVE-2016-9191/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-1000364 page",
"url": "https://www.suse.com/security/cve/CVE-2017-1000364/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-1000365 page",
"url": "https://www.suse.com/security/cve/CVE-2017-1000365/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-1000380 page",
"url": "https://www.suse.com/security/cve/CVE-2017-1000380/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-2583 page",
"url": "https://www.suse.com/security/cve/CVE-2017-2583/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-2584 page",
"url": "https://www.suse.com/security/cve/CVE-2017-2584/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-2596 page",
"url": "https://www.suse.com/security/cve/CVE-2017-2596/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-2636 page",
"url": "https://www.suse.com/security/cve/CVE-2017-2636/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-2671 page",
"url": "https://www.suse.com/security/cve/CVE-2017-2671/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-5551 page",
"url": "https://www.suse.com/security/cve/CVE-2017-5551/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-5576 page",
"url": "https://www.suse.com/security/cve/CVE-2017-5576/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-5577 page",
"url": "https://www.suse.com/security/cve/CVE-2017-5577/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-5897 page",
"url": "https://www.suse.com/security/cve/CVE-2017-5897/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-5970 page",
"url": "https://www.suse.com/security/cve/CVE-2017-5970/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-5986 page",
"url": "https://www.suse.com/security/cve/CVE-2017-5986/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-6074 page",
"url": "https://www.suse.com/security/cve/CVE-2017-6074/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-6214 page",
"url": "https://www.suse.com/security/cve/CVE-2017-6214/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-6345 page",
"url": "https://www.suse.com/security/cve/CVE-2017-6345/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-6346 page",
"url": "https://www.suse.com/security/cve/CVE-2017-6346/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-6347 page",
"url": "https://www.suse.com/security/cve/CVE-2017-6347/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-6353 page",
"url": "https://www.suse.com/security/cve/CVE-2017-6353/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-7184 page",
"url": "https://www.suse.com/security/cve/CVE-2017-7184/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-7187 page",
"url": "https://www.suse.com/security/cve/CVE-2017-7187/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-7261 page",
"url": "https://www.suse.com/security/cve/CVE-2017-7261/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-7294 page",
"url": "https://www.suse.com/security/cve/CVE-2017-7294/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-7308 page",
"url": "https://www.suse.com/security/cve/CVE-2017-7308/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-7346 page",
"url": "https://www.suse.com/security/cve/CVE-2017-7346/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-7374 page",
"url": "https://www.suse.com/security/cve/CVE-2017-7374/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-7487 page",
"url": "https://www.suse.com/security/cve/CVE-2017-7487/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-7616 page",
"url": "https://www.suse.com/security/cve/CVE-2017-7616/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-7618 page",
"url": "https://www.suse.com/security/cve/CVE-2017-7618/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-8890 page",
"url": "https://www.suse.com/security/cve/CVE-2017-8890/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-9074 page",
"url": "https://www.suse.com/security/cve/CVE-2017-9074/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-9075 page",
"url": "https://www.suse.com/security/cve/CVE-2017-9075/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-9076 page",
"url": "https://www.suse.com/security/cve/CVE-2017-9076/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-9077 page",
"url": "https://www.suse.com/security/cve/CVE-2017-9077/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-9150 page",
"url": "https://www.suse.com/security/cve/CVE-2017-9150/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-9242 page",
"url": "https://www.suse.com/security/cve/CVE-2017-9242/"
}
],
"title": "Security update for the Linux Kernel",
"tracking": {
"current_release_date": "2017-07-28T08:44:16Z",
"generator": {
"date": "2017-07-28T08:44:16Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2017:1990-1",
"initial_release_date": "2017-07-28T08:44:16Z",
"revision_history": [
{
"date": "2017-07-28T08:44:16Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "kernel-devel-rt-4.4.74-7.10.1.noarch",
"product": {
"name": "kernel-devel-rt-4.4.74-7.10.1.noarch",
"product_id": "kernel-devel-rt-4.4.74-7.10.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-source-rt-4.4.74-7.10.1.noarch",
"product": {
"name": "kernel-source-rt-4.4.74-7.10.1.noarch",
"product_id": "kernel-source-rt-4.4.74-7.10.1.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "cluster-md-kmp-rt-4.4.74-7.10.1.x86_64",
"product": {
"name": "cluster-md-kmp-rt-4.4.74-7.10.1.x86_64",
"product_id": "cluster-md-kmp-rt-4.4.74-7.10.1.x86_64"
}
},
{
"category": "product_version",
"name": "cluster-network-kmp-rt-4.4.74-7.10.1.x86_64",
"product": {
"name": "cluster-network-kmp-rt-4.4.74-7.10.1.x86_64",
"product_id": "cluster-network-kmp-rt-4.4.74-7.10.1.x86_64"
}
},
{
"category": "product_version",
"name": "dlm-kmp-rt-4.4.74-7.10.1.x86_64",
"product": {
"name": "dlm-kmp-rt-4.4.74-7.10.1.x86_64",
"product_id": "dlm-kmp-rt-4.4.74-7.10.1.x86_64"
}
},
{
"category": "product_version",
"name": "gfs2-kmp-rt-4.4.74-7.10.1.x86_64",
"product": {
"name": "gfs2-kmp-rt-4.4.74-7.10.1.x86_64",
"product_id": "gfs2-kmp-rt-4.4.74-7.10.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt-4.4.74-7.10.1.x86_64",
"product": {
"name": "kernel-rt-4.4.74-7.10.1.x86_64",
"product_id": "kernel-rt-4.4.74-7.10.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt-base-4.4.74-7.10.1.x86_64",
"product": {
"name": "kernel-rt-base-4.4.74-7.10.1.x86_64",
"product_id": "kernel-rt-base-4.4.74-7.10.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt-devel-4.4.74-7.10.1.x86_64",
"product": {
"name": "kernel-rt-devel-4.4.74-7.10.1.x86_64",
"product_id": "kernel-rt-devel-4.4.74-7.10.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt_debug-devel-4.4.74-7.10.1.x86_64",
"product": {
"name": "kernel-rt_debug-devel-4.4.74-7.10.1.x86_64",
"product_id": "kernel-rt_debug-devel-4.4.74-7.10.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-syms-rt-4.4.74-7.10.1.x86_64",
"product": {
"name": "kernel-syms-rt-4.4.74-7.10.1.x86_64",
"product_id": "kernel-syms-rt-4.4.74-7.10.1.x86_64"
}
},
{
"category": "product_version",
"name": "ocfs2-kmp-rt-4.4.74-7.10.1.x86_64",
"product": {
"name": "ocfs2-kmp-rt-4.4.74-7.10.1.x86_64",
"product_id": "ocfs2-kmp-rt-4.4.74-7.10.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Real Time 12 SP2",
"product": {
"name": "SUSE Linux Enterprise Real Time 12 SP2",
"product_id": "SUSE Linux Enterprise Real Time 12 SP2",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse-linux-enterprise-rt:12:sp2"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "cluster-md-kmp-rt-4.4.74-7.10.1.x86_64 as component of SUSE Linux Enterprise Real Time 12 SP2",
"product_id": "SUSE Linux Enterprise Real Time 12 SP2:cluster-md-kmp-rt-4.4.74-7.10.1.x86_64"
},
"product_reference": "cluster-md-kmp-rt-4.4.74-7.10.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Real Time 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cluster-network-kmp-rt-4.4.74-7.10.1.x86_64 as component of SUSE Linux Enterprise Real Time 12 SP2",
"product_id": "SUSE Linux Enterprise Real Time 12 SP2:cluster-network-kmp-rt-4.4.74-7.10.1.x86_64"
},
"product_reference": "cluster-network-kmp-rt-4.4.74-7.10.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Real Time 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dlm-kmp-rt-4.4.74-7.10.1.x86_64 as component of SUSE Linux Enterprise Real Time 12 SP2",
"product_id": "SUSE Linux Enterprise Real Time 12 SP2:dlm-kmp-rt-4.4.74-7.10.1.x86_64"
},
"product_reference": "dlm-kmp-rt-4.4.74-7.10.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Real Time 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gfs2-kmp-rt-4.4.74-7.10.1.x86_64 as component of SUSE Linux Enterprise Real Time 12 SP2",
"product_id": "SUSE Linux Enterprise Real Time 12 SP2:gfs2-kmp-rt-4.4.74-7.10.1.x86_64"
},
"product_reference": "gfs2-kmp-rt-4.4.74-7.10.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Real Time 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-devel-rt-4.4.74-7.10.1.noarch as component of SUSE Linux Enterprise Real Time 12 SP2",
"product_id": "SUSE Linux Enterprise Real Time 12 SP2:kernel-devel-rt-4.4.74-7.10.1.noarch"
},
"product_reference": "kernel-devel-rt-4.4.74-7.10.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Real Time 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-4.4.74-7.10.1.x86_64 as component of SUSE Linux Enterprise Real Time 12 SP2",
"product_id": "SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-4.4.74-7.10.1.x86_64"
},
"product_reference": "kernel-rt-4.4.74-7.10.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Real Time 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-base-4.4.74-7.10.1.x86_64 as component of SUSE Linux Enterprise Real Time 12 SP2",
"product_id": "SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-base-4.4.74-7.10.1.x86_64"
},
"product_reference": "kernel-rt-base-4.4.74-7.10.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Real Time 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-devel-4.4.74-7.10.1.x86_64 as component of SUSE Linux Enterprise Real Time 12 SP2",
"product_id": "SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-devel-4.4.74-7.10.1.x86_64"
},
"product_reference": "kernel-rt-devel-4.4.74-7.10.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Real Time 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt_debug-devel-4.4.74-7.10.1.x86_64 as component of SUSE Linux Enterprise Real Time 12 SP2",
"product_id": "SUSE Linux Enterprise Real Time 12 SP2:kernel-rt_debug-devel-4.4.74-7.10.1.x86_64"
},
"product_reference": "kernel-rt_debug-devel-4.4.74-7.10.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Real Time 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-source-rt-4.4.74-7.10.1.noarch as component of SUSE Linux Enterprise Real Time 12 SP2",
"product_id": "SUSE Linux Enterprise Real Time 12 SP2:kernel-source-rt-4.4.74-7.10.1.noarch"
},
"product_reference": "kernel-source-rt-4.4.74-7.10.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Real Time 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-rt-4.4.74-7.10.1.x86_64 as component of SUSE Linux Enterprise Real Time 12 SP2",
"product_id": "SUSE Linux Enterprise Real Time 12 SP2:kernel-syms-rt-4.4.74-7.10.1.x86_64"
},
"product_reference": "kernel-syms-rt-4.4.74-7.10.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Real Time 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ocfs2-kmp-rt-4.4.74-7.10.1.x86_64 as component of SUSE Linux Enterprise Real Time 12 SP2",
"product_id": "SUSE Linux Enterprise Real Time 12 SP2:ocfs2-kmp-rt-4.4.74-7.10.1.x86_64"
},
"product_reference": "ocfs2-kmp-rt-4.4.74-7.10.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Real Time 12 SP2"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2016-10200",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-10200"
}
],
"notes": [
{
"category": "general",
"text": "Race condition in the L2TPv3 IP Encapsulation feature in the Linux kernel before 4.8.14 allows local users to gain privileges or cause a denial of service (use-after-free) by making multiple bind system calls without properly ascertaining whether a socket has the SOCK_ZAPPED status, related to net/l2tp/l2tp_ip.c and net/l2tp/l2tp_ip6.c.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP2:cluster-md-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:cluster-network-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:dlm-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:gfs2-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-devel-rt-4.4.74-7.10.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-base-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-devel-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt_debug-devel-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-source-rt-4.4.74-7.10.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-syms-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:ocfs2-kmp-rt-4.4.74-7.10.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-10200",
"url": "https://www.suse.com/security/cve/CVE-2016-10200"
},
{
"category": "external",
"summary": "SUSE Bug 1027179 for CVE-2016-10200",
"url": "https://bugzilla.suse.com/1027179"
},
{
"category": "external",
"summary": "SUSE Bug 1028415 for CVE-2016-10200",
"url": "https://bugzilla.suse.com/1028415"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP2:cluster-md-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:cluster-network-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:dlm-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:gfs2-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-devel-rt-4.4.74-7.10.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-base-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-devel-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt_debug-devel-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-source-rt-4.4.74-7.10.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-syms-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:ocfs2-kmp-rt-4.4.74-7.10.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP2:cluster-md-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:cluster-network-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:dlm-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:gfs2-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-devel-rt-4.4.74-7.10.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-base-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-devel-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt_debug-devel-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-source-rt-4.4.74-7.10.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-syms-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:ocfs2-kmp-rt-4.4.74-7.10.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-07-28T08:44:16Z",
"details": "low"
}
],
"title": "CVE-2016-10200"
},
{
"cve": "CVE-2016-2117",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-2117"
}
],
"notes": [
{
"category": "general",
"text": "The atl2_probe function in drivers/net/ethernet/atheros/atlx/atl2.c in the Linux kernel through 4.5.2 incorrectly enables scatter/gather I/O, which allows remote attackers to obtain sensitive information from kernel memory by reading packet data.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP2:cluster-md-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:cluster-network-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:dlm-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:gfs2-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-devel-rt-4.4.74-7.10.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-base-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-devel-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt_debug-devel-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-source-rt-4.4.74-7.10.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-syms-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:ocfs2-kmp-rt-4.4.74-7.10.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-2117",
"url": "https://www.suse.com/security/cve/CVE-2016-2117"
},
{
"category": "external",
"summary": "SUSE Bug 1027179 for CVE-2016-2117",
"url": "https://bugzilla.suse.com/1027179"
},
{
"category": "external",
"summary": "SUSE Bug 968697 for CVE-2016-2117",
"url": "https://bugzilla.suse.com/968697"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP2:cluster-md-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:cluster-network-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:dlm-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:gfs2-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-devel-rt-4.4.74-7.10.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-base-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-devel-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt_debug-devel-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-source-rt-4.4.74-7.10.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-syms-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:ocfs2-kmp-rt-4.4.74-7.10.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP2:cluster-md-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:cluster-network-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:dlm-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:gfs2-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-devel-rt-4.4.74-7.10.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-base-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-devel-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt_debug-devel-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-source-rt-4.4.74-7.10.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-syms-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:ocfs2-kmp-rt-4.4.74-7.10.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-07-28T08:44:16Z",
"details": "important"
}
],
"title": "CVE-2016-2117"
},
{
"cve": "CVE-2016-4997",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-4997"
}
],
"notes": [
{
"category": "general",
"text": "The compat IPT_SO_SET_REPLACE and IP6T_SO_SET_REPLACE setsockopt implementations in the netfilter subsystem in the Linux kernel before 4.6.3 allow local users to gain privileges or cause a denial of service (memory corruption) by leveraging in-container root access to provide a crafted offset value that triggers an unintended decrement.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP2:cluster-md-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:cluster-network-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:dlm-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:gfs2-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-devel-rt-4.4.74-7.10.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-base-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-devel-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt_debug-devel-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-source-rt-4.4.74-7.10.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-syms-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:ocfs2-kmp-rt-4.4.74-7.10.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-4997",
"url": "https://www.suse.com/security/cve/CVE-2016-4997"
},
{
"category": "external",
"summary": "SUSE Bug 1020452 for CVE-2016-4997",
"url": "https://bugzilla.suse.com/1020452"
},
{
"category": "external",
"summary": "SUSE Bug 986362 for CVE-2016-4997",
"url": "https://bugzilla.suse.com/986362"
},
{
"category": "external",
"summary": "SUSE Bug 986365 for CVE-2016-4997",
"url": "https://bugzilla.suse.com/986365"
},
{
"category": "external",
"summary": "SUSE Bug 986377 for CVE-2016-4997",
"url": "https://bugzilla.suse.com/986377"
},
{
"category": "external",
"summary": "SUSE Bug 991651 for CVE-2016-4997",
"url": "https://bugzilla.suse.com/991651"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP2:cluster-md-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:cluster-network-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:dlm-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:gfs2-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-devel-rt-4.4.74-7.10.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-base-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-devel-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt_debug-devel-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-source-rt-4.4.74-7.10.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-syms-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:ocfs2-kmp-rt-4.4.74-7.10.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP2:cluster-md-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:cluster-network-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:dlm-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:gfs2-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-devel-rt-4.4.74-7.10.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-base-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-devel-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt_debug-devel-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-source-rt-4.4.74-7.10.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-syms-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:ocfs2-kmp-rt-4.4.74-7.10.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-07-28T08:44:16Z",
"details": "important"
}
],
"title": "CVE-2016-4997"
},
{
"cve": "CVE-2016-7117",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-7117"
}
],
"notes": [
{
"category": "general",
"text": "Use-after-free vulnerability in the __sys_recvmmsg function in net/socket.c in the Linux kernel before 4.5.2 allows remote attackers to execute arbitrary code via vectors involving a recvmmsg system call that is mishandled during error processing.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP2:cluster-md-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:cluster-network-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:dlm-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:gfs2-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-devel-rt-4.4.74-7.10.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-base-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-devel-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt_debug-devel-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-source-rt-4.4.74-7.10.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-syms-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:ocfs2-kmp-rt-4.4.74-7.10.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-7117",
"url": "https://www.suse.com/security/cve/CVE-2016-7117"
},
{
"category": "external",
"summary": "SUSE Bug 1003077 for CVE-2016-7117",
"url": "https://bugzilla.suse.com/1003077"
},
{
"category": "external",
"summary": "SUSE Bug 1003253 for CVE-2016-7117",
"url": "https://bugzilla.suse.com/1003253"
},
{
"category": "external",
"summary": "SUSE Bug 1057478 for CVE-2016-7117",
"url": "https://bugzilla.suse.com/1057478"
},
{
"category": "external",
"summary": "SUSE Bug 1071943 for CVE-2016-7117",
"url": "https://bugzilla.suse.com/1071943"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP2:cluster-md-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:cluster-network-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:dlm-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:gfs2-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-devel-rt-4.4.74-7.10.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-base-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-devel-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt_debug-devel-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-source-rt-4.4.74-7.10.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-syms-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:ocfs2-kmp-rt-4.4.74-7.10.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP2:cluster-md-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:cluster-network-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:dlm-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:gfs2-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-devel-rt-4.4.74-7.10.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-base-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-devel-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt_debug-devel-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-source-rt-4.4.74-7.10.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-syms-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:ocfs2-kmp-rt-4.4.74-7.10.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-07-28T08:44:16Z",
"details": "moderate"
}
],
"title": "CVE-2016-7117"
},
{
"cve": "CVE-2016-9191",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-9191"
}
],
"notes": [
{
"category": "general",
"text": "The cgroup offline implementation in the Linux kernel through 4.8.11 mishandles certain drain operations, which allows local users to cause a denial of service (system hang) by leveraging access to a container environment for executing a crafted application, as demonstrated by trinity.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP2:cluster-md-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:cluster-network-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:dlm-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:gfs2-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-devel-rt-4.4.74-7.10.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-base-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-devel-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt_debug-devel-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-source-rt-4.4.74-7.10.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-syms-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:ocfs2-kmp-rt-4.4.74-7.10.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-9191",
"url": "https://www.suse.com/security/cve/CVE-2016-9191"
},
{
"category": "external",
"summary": "SUSE Bug 1008842 for CVE-2016-9191",
"url": "https://bugzilla.suse.com/1008842"
},
{
"category": "external",
"summary": "SUSE Bug 1027179 for CVE-2016-9191",
"url": "https://bugzilla.suse.com/1027179"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP2:cluster-md-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:cluster-network-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:dlm-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:gfs2-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-devel-rt-4.4.74-7.10.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-base-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-devel-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt_debug-devel-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-source-rt-4.4.74-7.10.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-syms-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:ocfs2-kmp-rt-4.4.74-7.10.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP2:cluster-md-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:cluster-network-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:dlm-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:gfs2-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-devel-rt-4.4.74-7.10.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-base-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-devel-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt_debug-devel-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-source-rt-4.4.74-7.10.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-syms-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:ocfs2-kmp-rt-4.4.74-7.10.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-07-28T08:44:16Z",
"details": "moderate"
}
],
"title": "CVE-2016-9191"
},
{
"cve": "CVE-2017-1000364",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-1000364"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in the size of the stack guard page on Linux, specifically a 4k stack guard page is not sufficiently large and can be \"jumped\" over (the stack guard page is bypassed), this affects Linux Kernel versions 4.11.5 and earlier (the stackguard page was introduced in 2010).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP2:cluster-md-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:cluster-network-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:dlm-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:gfs2-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-devel-rt-4.4.74-7.10.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-base-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-devel-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt_debug-devel-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-source-rt-4.4.74-7.10.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-syms-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:ocfs2-kmp-rt-4.4.74-7.10.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-1000364",
"url": "https://www.suse.com/security/cve/CVE-2017-1000364"
},
{
"category": "external",
"summary": "SUSE Bug 1039346 for CVE-2017-1000364",
"url": "https://bugzilla.suse.com/1039346"
},
{
"category": "external",
"summary": "SUSE Bug 1039348 for CVE-2017-1000364",
"url": "https://bugzilla.suse.com/1039348"
},
{
"category": "external",
"summary": "SUSE Bug 1042200 for CVE-2017-1000364",
"url": "https://bugzilla.suse.com/1042200"
},
{
"category": "external",
"summary": "SUSE Bug 1044985 for CVE-2017-1000364",
"url": "https://bugzilla.suse.com/1044985"
},
{
"category": "external",
"summary": "SUSE Bug 1071943 for CVE-2017-1000364",
"url": "https://bugzilla.suse.com/1071943"
},
{
"category": "external",
"summary": "SUSE Bug 1075506 for CVE-2017-1000364",
"url": "https://bugzilla.suse.com/1075506"
},
{
"category": "external",
"summary": "SUSE Bug 1077345 for CVE-2017-1000364",
"url": "https://bugzilla.suse.com/1077345"
},
{
"category": "external",
"summary": "SUSE Bug 1115893 for CVE-2017-1000364",
"url": "https://bugzilla.suse.com/1115893"
},
{
"category": "external",
"summary": "SUSE Bug 1149726 for CVE-2017-1000364",
"url": "https://bugzilla.suse.com/1149726"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP2:cluster-md-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:cluster-network-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:dlm-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:gfs2-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-devel-rt-4.4.74-7.10.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-base-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-devel-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt_debug-devel-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-source-rt-4.4.74-7.10.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-syms-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:ocfs2-kmp-rt-4.4.74-7.10.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.4,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP2:cluster-md-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:cluster-network-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:dlm-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:gfs2-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-devel-rt-4.4.74-7.10.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-base-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-devel-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt_debug-devel-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-source-rt-4.4.74-7.10.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-syms-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:ocfs2-kmp-rt-4.4.74-7.10.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-07-28T08:44:16Z",
"details": "important"
}
],
"title": "CVE-2017-1000364"
},
{
"cve": "CVE-2017-1000365",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-1000365"
}
],
"notes": [
{
"category": "general",
"text": "The Linux Kernel imposes a size restriction on the arguments and environmental strings passed through RLIMIT_STACK/RLIM_INFINITY (1/4 of the size), but does not take the argument and environment pointers into account, which allows attackers to bypass this limitation. This affects Linux Kernel versions 4.11.5 and earlier. It appears that this feature was introduced in the Linux Kernel version 2.6.23.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP2:cluster-md-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:cluster-network-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:dlm-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:gfs2-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-devel-rt-4.4.74-7.10.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-base-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-devel-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt_debug-devel-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-source-rt-4.4.74-7.10.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-syms-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:ocfs2-kmp-rt-4.4.74-7.10.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-1000365",
"url": "https://www.suse.com/security/cve/CVE-2017-1000365"
},
{
"category": "external",
"summary": "SUSE Bug 1037551 for CVE-2017-1000365",
"url": "https://bugzilla.suse.com/1037551"
},
{
"category": "external",
"summary": "SUSE Bug 1039346 for CVE-2017-1000365",
"url": "https://bugzilla.suse.com/1039346"
},
{
"category": "external",
"summary": "SUSE Bug 1039349 for CVE-2017-1000365",
"url": "https://bugzilla.suse.com/1039349"
},
{
"category": "external",
"summary": "SUSE Bug 1039354 for CVE-2017-1000365",
"url": "https://bugzilla.suse.com/1039354"
},
{
"category": "external",
"summary": "SUSE Bug 1054557 for CVE-2017-1000365",
"url": "https://bugzilla.suse.com/1054557"
},
{
"category": "external",
"summary": "SUSE Bug 1077345 for CVE-2017-1000365",
"url": "https://bugzilla.suse.com/1077345"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP2:cluster-md-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:cluster-network-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:dlm-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:gfs2-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-devel-rt-4.4.74-7.10.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-base-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-devel-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt_debug-devel-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-source-rt-4.4.74-7.10.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-syms-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:ocfs2-kmp-rt-4.4.74-7.10.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 2.9,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP2:cluster-md-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:cluster-network-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:dlm-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:gfs2-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-devel-rt-4.4.74-7.10.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-base-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-devel-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt_debug-devel-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-source-rt-4.4.74-7.10.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-syms-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:ocfs2-kmp-rt-4.4.74-7.10.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-07-28T08:44:16Z",
"details": "low"
}
],
"title": "CVE-2017-1000365"
},
{
"cve": "CVE-2017-1000380",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-1000380"
}
],
"notes": [
{
"category": "general",
"text": "sound/core/timer.c in the Linux kernel before 4.11.5 is vulnerable to a data race in the ALSA /dev/snd/timer driver resulting in local users being able to read information belonging to other users, i.e., uninitialized memory contents may be disclosed when a read and an ioctl happen at the same time.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP2:cluster-md-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:cluster-network-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:dlm-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:gfs2-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-devel-rt-4.4.74-7.10.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-base-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-devel-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt_debug-devel-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-source-rt-4.4.74-7.10.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-syms-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:ocfs2-kmp-rt-4.4.74-7.10.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-1000380",
"url": "https://www.suse.com/security/cve/CVE-2017-1000380"
},
{
"category": "external",
"summary": "SUSE Bug 1044125 for CVE-2017-1000380",
"url": "https://bugzilla.suse.com/1044125"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP2:cluster-md-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:cluster-network-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:dlm-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:gfs2-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-devel-rt-4.4.74-7.10.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-base-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-devel-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt_debug-devel-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-source-rt-4.4.74-7.10.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-syms-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:ocfs2-kmp-rt-4.4.74-7.10.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP2:cluster-md-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:cluster-network-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:dlm-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:gfs2-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-devel-rt-4.4.74-7.10.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-base-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-devel-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt_debug-devel-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-source-rt-4.4.74-7.10.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-syms-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:ocfs2-kmp-rt-4.4.74-7.10.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-07-28T08:44:16Z",
"details": "low"
}
],
"title": "CVE-2017-1000380"
},
{
"cve": "CVE-2017-2583",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-2583"
}
],
"notes": [
{
"category": "general",
"text": "The load_segment_descriptor implementation in arch/x86/kvm/emulate.c in the Linux kernel before 4.9.5 improperly emulates a \"MOV SS, NULL selector\" instruction, which allows guest OS users to cause a denial of service (guest OS crash) or gain guest OS privileges via a crafted application.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP2:cluster-md-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:cluster-network-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:dlm-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:gfs2-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-devel-rt-4.4.74-7.10.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-base-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-devel-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt_debug-devel-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-source-rt-4.4.74-7.10.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-syms-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:ocfs2-kmp-rt-4.4.74-7.10.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-2583",
"url": "https://www.suse.com/security/cve/CVE-2017-2583"
},
{
"category": "external",
"summary": "SUSE Bug 1020602 for CVE-2017-2583",
"url": "https://bugzilla.suse.com/1020602"
},
{
"category": "external",
"summary": "SUSE Bug 1030573 for CVE-2017-2583",
"url": "https://bugzilla.suse.com/1030573"
},
{
"category": "external",
"summary": "SUSE Bug 1087082 for CVE-2017-2583",
"url": "https://bugzilla.suse.com/1087082"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP2:cluster-md-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:cluster-network-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:dlm-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:gfs2-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-devel-rt-4.4.74-7.10.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-base-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-devel-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt_debug-devel-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-source-rt-4.4.74-7.10.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-syms-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:ocfs2-kmp-rt-4.4.74-7.10.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.4,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP2:cluster-md-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:cluster-network-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:dlm-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:gfs2-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-devel-rt-4.4.74-7.10.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-base-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-devel-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt_debug-devel-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-source-rt-4.4.74-7.10.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-syms-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:ocfs2-kmp-rt-4.4.74-7.10.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-07-28T08:44:16Z",
"details": "moderate"
}
],
"title": "CVE-2017-2583"
},
{
"cve": "CVE-2017-2584",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-2584"
}
],
"notes": [
{
"category": "general",
"text": "arch/x86/kvm/emulate.c in the Linux kernel through 4.9.3 allows local users to obtain sensitive information from kernel memory or cause a denial of service (use-after-free) via a crafted application that leverages instruction emulation for fxrstor, fxsave, sgdt, and sidt.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP2:cluster-md-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:cluster-network-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:dlm-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:gfs2-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-devel-rt-4.4.74-7.10.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-base-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-devel-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt_debug-devel-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-source-rt-4.4.74-7.10.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-syms-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:ocfs2-kmp-rt-4.4.74-7.10.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-2584",
"url": "https://www.suse.com/security/cve/CVE-2017-2584"
},
{
"category": "external",
"summary": "SUSE Bug 1019851 for CVE-2017-2584",
"url": "https://bugzilla.suse.com/1019851"
},
{
"category": "external",
"summary": "SUSE Bug 1087082 for CVE-2017-2584",
"url": "https://bugzilla.suse.com/1087082"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP2:cluster-md-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:cluster-network-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:dlm-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:gfs2-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-devel-rt-4.4.74-7.10.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-base-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-devel-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt_debug-devel-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-source-rt-4.4.74-7.10.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-syms-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:ocfs2-kmp-rt-4.4.74-7.10.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP2:cluster-md-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:cluster-network-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:dlm-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:gfs2-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-devel-rt-4.4.74-7.10.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-base-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-devel-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt_debug-devel-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-source-rt-4.4.74-7.10.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-syms-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:ocfs2-kmp-rt-4.4.74-7.10.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-07-28T08:44:16Z",
"details": "moderate"
}
],
"title": "CVE-2017-2584"
},
{
"cve": "CVE-2017-2596",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-2596"
}
],
"notes": [
{
"category": "general",
"text": "The nested_vmx_check_vmptr function in arch/x86/kvm/vmx.c in the Linux kernel through 4.9.8 improperly emulates the VMXON instruction, which allows KVM L1 guest OS users to cause a denial of service (host OS memory consumption) by leveraging the mishandling of page references.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP2:cluster-md-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:cluster-network-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:dlm-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:gfs2-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-devel-rt-4.4.74-7.10.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-base-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-devel-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt_debug-devel-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-source-rt-4.4.74-7.10.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-syms-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:ocfs2-kmp-rt-4.4.74-7.10.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-2596",
"url": "https://www.suse.com/security/cve/CVE-2017-2596"
},
{
"category": "external",
"summary": "SUSE Bug 1022785 for CVE-2017-2596",
"url": "https://bugzilla.suse.com/1022785"
},
{
"category": "external",
"summary": "SUSE Bug 1027179 for CVE-2017-2596",
"url": "https://bugzilla.suse.com/1027179"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP2:cluster-md-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:cluster-network-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:dlm-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:gfs2-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-devel-rt-4.4.74-7.10.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-base-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-devel-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt_debug-devel-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-source-rt-4.4.74-7.10.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-syms-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:ocfs2-kmp-rt-4.4.74-7.10.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP2:cluster-md-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:cluster-network-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:dlm-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:gfs2-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-devel-rt-4.4.74-7.10.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-base-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-devel-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt_debug-devel-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-source-rt-4.4.74-7.10.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-syms-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:ocfs2-kmp-rt-4.4.74-7.10.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-07-28T08:44:16Z",
"details": "low"
}
],
"title": "CVE-2017-2596"
},
{
"cve": "CVE-2017-2636",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-2636"
}
],
"notes": [
{
"category": "general",
"text": "Race condition in drivers/tty/n_hdlc.c in the Linux kernel through 4.10.1 allows local users to gain privileges or cause a denial of service (double free) by setting the HDLC line discipline.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP2:cluster-md-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:cluster-network-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:dlm-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:gfs2-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-devel-rt-4.4.74-7.10.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-base-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-devel-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt_debug-devel-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-source-rt-4.4.74-7.10.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-syms-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:ocfs2-kmp-rt-4.4.74-7.10.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-2636",
"url": "https://www.suse.com/security/cve/CVE-2017-2636"
},
{
"category": "external",
"summary": "SUSE Bug 1027565 for CVE-2017-2636",
"url": "https://bugzilla.suse.com/1027565"
},
{
"category": "external",
"summary": "SUSE Bug 1027575 for CVE-2017-2636",
"url": "https://bugzilla.suse.com/1027575"
},
{
"category": "external",
"summary": "SUSE Bug 1028372 for CVE-2017-2636",
"url": "https://bugzilla.suse.com/1028372"
},
{
"category": "external",
"summary": "SUSE Bug 1115893 for CVE-2017-2636",
"url": "https://bugzilla.suse.com/1115893"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP2:cluster-md-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:cluster-network-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:dlm-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:gfs2-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-devel-rt-4.4.74-7.10.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-base-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-devel-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt_debug-devel-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-source-rt-4.4.74-7.10.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-syms-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:ocfs2-kmp-rt-4.4.74-7.10.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP2:cluster-md-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:cluster-network-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:dlm-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:gfs2-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-devel-rt-4.4.74-7.10.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-base-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-devel-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt_debug-devel-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-source-rt-4.4.74-7.10.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-syms-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:ocfs2-kmp-rt-4.4.74-7.10.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-07-28T08:44:16Z",
"details": "moderate"
}
],
"title": "CVE-2017-2636"
},
{
"cve": "CVE-2017-2671",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-2671"
}
],
"notes": [
{
"category": "general",
"text": "The ping_unhash function in net/ipv4/ping.c in the Linux kernel through 4.10.8 is too late in obtaining a certain lock and consequently cannot ensure that disconnect function calls are safe, which allows local users to cause a denial of service (panic) by leveraging access to the protocol value of IPPROTO_ICMP in a socket system call.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP2:cluster-md-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:cluster-network-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:dlm-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:gfs2-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-devel-rt-4.4.74-7.10.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-base-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-devel-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt_debug-devel-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-source-rt-4.4.74-7.10.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-syms-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:ocfs2-kmp-rt-4.4.74-7.10.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-2671",
"url": "https://www.suse.com/security/cve/CVE-2017-2671"
},
{
"category": "external",
"summary": "SUSE Bug 1027179 for CVE-2017-2671",
"url": "https://bugzilla.suse.com/1027179"
},
{
"category": "external",
"summary": "SUSE Bug 1031003 for CVE-2017-2671",
"url": "https://bugzilla.suse.com/1031003"
},
{
"category": "external",
"summary": "SUSE Bug 1087082 for CVE-2017-2671",
"url": "https://bugzilla.suse.com/1087082"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP2:cluster-md-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:cluster-network-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:dlm-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:gfs2-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-devel-rt-4.4.74-7.10.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-base-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-devel-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt_debug-devel-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-source-rt-4.4.74-7.10.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-syms-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:ocfs2-kmp-rt-4.4.74-7.10.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP2:cluster-md-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:cluster-network-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:dlm-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:gfs2-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-devel-rt-4.4.74-7.10.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-base-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-devel-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt_debug-devel-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-source-rt-4.4.74-7.10.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-syms-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:ocfs2-kmp-rt-4.4.74-7.10.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-07-28T08:44:16Z",
"details": "important"
}
],
"title": "CVE-2017-2671"
},
{
"cve": "CVE-2017-5551",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-5551"
}
],
"notes": [
{
"category": "general",
"text": "The simple_set_acl function in fs/posix_acl.c in the Linux kernel before 4.9.6 preserves the setgid bit during a setxattr call involving a tmpfs filesystem, which allows local users to gain group privileges by leveraging the existence of a setgid program with restrictions on execute permissions. NOTE: this vulnerability exists because of an incomplete fix for CVE-2016-7097.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP2:cluster-md-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:cluster-network-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:dlm-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:gfs2-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-devel-rt-4.4.74-7.10.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-base-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-devel-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt_debug-devel-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-source-rt-4.4.74-7.10.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-syms-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:ocfs2-kmp-rt-4.4.74-7.10.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-5551",
"url": "https://www.suse.com/security/cve/CVE-2017-5551"
},
{
"category": "external",
"summary": "SUSE Bug 1021258 for CVE-2017-5551",
"url": "https://bugzilla.suse.com/1021258"
},
{
"category": "external",
"summary": "SUSE Bug 995968 for CVE-2017-5551",
"url": "https://bugzilla.suse.com/995968"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP2:cluster-md-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:cluster-network-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:dlm-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:gfs2-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-devel-rt-4.4.74-7.10.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-base-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-devel-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt_debug-devel-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-source-rt-4.4.74-7.10.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-syms-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:ocfs2-kmp-rt-4.4.74-7.10.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP2:cluster-md-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:cluster-network-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:dlm-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:gfs2-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-devel-rt-4.4.74-7.10.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-base-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-devel-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt_debug-devel-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-source-rt-4.4.74-7.10.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-syms-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:ocfs2-kmp-rt-4.4.74-7.10.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-07-28T08:44:16Z",
"details": "moderate"
}
],
"title": "CVE-2017-5551"
},
{
"cve": "CVE-2017-5576",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-5576"
}
],
"notes": [
{
"category": "general",
"text": "Integer overflow in the vc4_get_bcl function in drivers/gpu/drm/vc4/vc4_gem.c in the VideoCore DRM driver in the Linux kernel before 4.9.7 allows local users to cause a denial of service or possibly have unspecified other impact via a crafted size value in a VC4_SUBMIT_CL ioctl call.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP2:cluster-md-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:cluster-network-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:dlm-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:gfs2-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-devel-rt-4.4.74-7.10.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-base-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-devel-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt_debug-devel-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-source-rt-4.4.74-7.10.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-syms-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:ocfs2-kmp-rt-4.4.74-7.10.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-5576",
"url": "https://www.suse.com/security/cve/CVE-2017-5576"
},
{
"category": "external",
"summary": "SUSE Bug 1021294 for CVE-2017-5576",
"url": "https://bugzilla.suse.com/1021294"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP2:cluster-md-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:cluster-network-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:dlm-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:gfs2-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-devel-rt-4.4.74-7.10.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-base-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-devel-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt_debug-devel-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-source-rt-4.4.74-7.10.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-syms-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:ocfs2-kmp-rt-4.4.74-7.10.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP2:cluster-md-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:cluster-network-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:dlm-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:gfs2-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-devel-rt-4.4.74-7.10.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-base-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-devel-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt_debug-devel-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-source-rt-4.4.74-7.10.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-syms-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:ocfs2-kmp-rt-4.4.74-7.10.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-07-28T08:44:16Z",
"details": "low"
}
],
"title": "CVE-2017-5576"
},
{
"cve": "CVE-2017-5577",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-5577"
}
],
"notes": [
{
"category": "general",
"text": "The vc4_get_bcl function in drivers/gpu/drm/vc4/vc4_gem.c in the VideoCore DRM driver in the Linux kernel before 4.9.7 does not set an errno value upon certain overflow detections, which allows local users to cause a denial of service (incorrect pointer dereference and OOPS) via inconsistent size values in a VC4_SUBMIT_CL ioctl call.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP2:cluster-md-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:cluster-network-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:dlm-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:gfs2-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-devel-rt-4.4.74-7.10.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-base-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-devel-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt_debug-devel-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-source-rt-4.4.74-7.10.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-syms-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:ocfs2-kmp-rt-4.4.74-7.10.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-5577",
"url": "https://www.suse.com/security/cve/CVE-2017-5577"
},
{
"category": "external",
"summary": "SUSE Bug 1021294 for CVE-2017-5577",
"url": "https://bugzilla.suse.com/1021294"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP2:cluster-md-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:cluster-network-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:dlm-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:gfs2-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-devel-rt-4.4.74-7.10.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-base-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-devel-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt_debug-devel-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-source-rt-4.4.74-7.10.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-syms-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:ocfs2-kmp-rt-4.4.74-7.10.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP2:cluster-md-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:cluster-network-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:dlm-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:gfs2-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-devel-rt-4.4.74-7.10.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-base-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-devel-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt_debug-devel-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-source-rt-4.4.74-7.10.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-syms-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:ocfs2-kmp-rt-4.4.74-7.10.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-07-28T08:44:16Z",
"details": "low"
}
],
"title": "CVE-2017-5577"
},
{
"cve": "CVE-2017-5897",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-5897"
}
],
"notes": [
{
"category": "general",
"text": "The ip6gre_err function in net/ipv6/ip6_gre.c in the Linux kernel allows remote attackers to have unspecified impact via vectors involving GRE flags in an IPv6 packet, which trigger an out-of-bounds access.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP2:cluster-md-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:cluster-network-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:dlm-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:gfs2-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-devel-rt-4.4.74-7.10.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-base-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-devel-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt_debug-devel-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-source-rt-4.4.74-7.10.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-syms-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:ocfs2-kmp-rt-4.4.74-7.10.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-5897",
"url": "https://www.suse.com/security/cve/CVE-2017-5897"
},
{
"category": "external",
"summary": "SUSE Bug 1023762 for CVE-2017-5897",
"url": "https://bugzilla.suse.com/1023762"
},
{
"category": "external",
"summary": "SUSE Bug 1087082 for CVE-2017-5897",
"url": "https://bugzilla.suse.com/1087082"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP2:cluster-md-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:cluster-network-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:dlm-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:gfs2-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-devel-rt-4.4.74-7.10.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-base-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-devel-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt_debug-devel-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-source-rt-4.4.74-7.10.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-syms-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:ocfs2-kmp-rt-4.4.74-7.10.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.7,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP2:cluster-md-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:cluster-network-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:dlm-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:gfs2-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-devel-rt-4.4.74-7.10.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-base-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-devel-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt_debug-devel-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-source-rt-4.4.74-7.10.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-syms-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:ocfs2-kmp-rt-4.4.74-7.10.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-07-28T08:44:16Z",
"details": "low"
}
],
"title": "CVE-2017-5897"
},
{
"cve": "CVE-2017-5970",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-5970"
}
],
"notes": [
{
"category": "general",
"text": "The ipv4_pktinfo_prepare function in net/ipv4/ip_sockglue.c in the Linux kernel through 4.9.9 allows attackers to cause a denial of service (system crash) via (1) an application that makes crafted system calls or possibly (2) IPv4 traffic with invalid IP options.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP2:cluster-md-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:cluster-network-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:dlm-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:gfs2-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-devel-rt-4.4.74-7.10.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-base-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-devel-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt_debug-devel-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-source-rt-4.4.74-7.10.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-syms-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:ocfs2-kmp-rt-4.4.74-7.10.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-5970",
"url": "https://www.suse.com/security/cve/CVE-2017-5970"
},
{
"category": "external",
"summary": "SUSE Bug 1024938 for CVE-2017-5970",
"url": "https://bugzilla.suse.com/1024938"
},
{
"category": "external",
"summary": "SUSE Bug 1025013 for CVE-2017-5970",
"url": "https://bugzilla.suse.com/1025013"
},
{
"category": "external",
"summary": "SUSE Bug 1115893 for CVE-2017-5970",
"url": "https://bugzilla.suse.com/1115893"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP2:cluster-md-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:cluster-network-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:dlm-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:gfs2-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-devel-rt-4.4.74-7.10.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-base-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-devel-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt_debug-devel-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-source-rt-4.4.74-7.10.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-syms-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:ocfs2-kmp-rt-4.4.74-7.10.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP2:cluster-md-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:cluster-network-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:dlm-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:gfs2-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-devel-rt-4.4.74-7.10.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-base-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-devel-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt_debug-devel-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-source-rt-4.4.74-7.10.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-syms-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:ocfs2-kmp-rt-4.4.74-7.10.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-07-28T08:44:16Z",
"details": "important"
}
],
"title": "CVE-2017-5970"
},
{
"cve": "CVE-2017-5986",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-5986"
}
],
"notes": [
{
"category": "general",
"text": "Race condition in the sctp_wait_for_sndbuf function in net/sctp/socket.c in the Linux kernel before 4.9.11 allows local users to cause a denial of service (assertion failure and panic) via a multithreaded application that peels off an association in a certain buffer-full state.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP2:cluster-md-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:cluster-network-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:dlm-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:gfs2-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-devel-rt-4.4.74-7.10.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-base-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-devel-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt_debug-devel-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-source-rt-4.4.74-7.10.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-syms-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:ocfs2-kmp-rt-4.4.74-7.10.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-5986",
"url": "https://www.suse.com/security/cve/CVE-2017-5986"
},
{
"category": "external",
"summary": "SUSE Bug 1025235 for CVE-2017-5986",
"url": "https://bugzilla.suse.com/1025235"
},
{
"category": "external",
"summary": "SUSE Bug 1027066 for CVE-2017-5986",
"url": "https://bugzilla.suse.com/1027066"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP2:cluster-md-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:cluster-network-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:dlm-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:gfs2-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-devel-rt-4.4.74-7.10.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-base-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-devel-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt_debug-devel-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-source-rt-4.4.74-7.10.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-syms-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:ocfs2-kmp-rt-4.4.74-7.10.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP2:cluster-md-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:cluster-network-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:dlm-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:gfs2-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-devel-rt-4.4.74-7.10.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-base-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-devel-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt_debug-devel-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-source-rt-4.4.74-7.10.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-syms-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:ocfs2-kmp-rt-4.4.74-7.10.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-07-28T08:44:16Z",
"details": "moderate"
}
],
"title": "CVE-2017-5986"
},
{
"cve": "CVE-2017-6074",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-6074"
}
],
"notes": [
{
"category": "general",
"text": "The dccp_rcv_state_process function in net/dccp/input.c in the Linux kernel through 4.9.11 mishandles DCCP_PKT_REQUEST packet data structures in the LISTEN state, which allows local users to obtain root privileges or cause a denial of service (double free) via an application that makes an IPV6_RECVPKTINFO setsockopt system call.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP2:cluster-md-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:cluster-network-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:dlm-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:gfs2-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-devel-rt-4.4.74-7.10.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-base-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-devel-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt_debug-devel-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-source-rt-4.4.74-7.10.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-syms-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:ocfs2-kmp-rt-4.4.74-7.10.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-6074",
"url": "https://www.suse.com/security/cve/CVE-2017-6074"
},
{
"category": "external",
"summary": "SUSE Bug 1026024 for CVE-2017-6074",
"url": "https://bugzilla.suse.com/1026024"
},
{
"category": "external",
"summary": "SUSE Bug 1072204 for CVE-2017-6074",
"url": "https://bugzilla.suse.com/1072204"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP2:cluster-md-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:cluster-network-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:dlm-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:gfs2-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-devel-rt-4.4.74-7.10.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-base-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-devel-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt_debug-devel-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-source-rt-4.4.74-7.10.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-syms-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:ocfs2-kmp-rt-4.4.74-7.10.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP2:cluster-md-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:cluster-network-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:dlm-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:gfs2-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-devel-rt-4.4.74-7.10.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-base-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-devel-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt_debug-devel-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-source-rt-4.4.74-7.10.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-syms-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:ocfs2-kmp-rt-4.4.74-7.10.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-07-28T08:44:16Z",
"details": "important"
}
],
"title": "CVE-2017-6074"
},
{
"cve": "CVE-2017-6214",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-6214"
}
],
"notes": [
{
"category": "general",
"text": "The tcp_splice_read function in net/ipv4/tcp.c in the Linux kernel before 4.9.11 allows remote attackers to cause a denial of service (infinite loop and soft lockup) via vectors involving a TCP packet with the URG flag.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP2:cluster-md-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:cluster-network-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:dlm-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:gfs2-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-devel-rt-4.4.74-7.10.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-base-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-devel-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt_debug-devel-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-source-rt-4.4.74-7.10.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-syms-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:ocfs2-kmp-rt-4.4.74-7.10.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-6214",
"url": "https://www.suse.com/security/cve/CVE-2017-6214"
},
{
"category": "external",
"summary": "SUSE Bug 1026722 for CVE-2017-6214",
"url": "https://bugzilla.suse.com/1026722"
},
{
"category": "external",
"summary": "SUSE Bug 1027179 for CVE-2017-6214",
"url": "https://bugzilla.suse.com/1027179"
},
{
"category": "external",
"summary": "SUSE Bug 1115893 for CVE-2017-6214",
"url": "https://bugzilla.suse.com/1115893"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP2:cluster-md-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:cluster-network-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:dlm-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:gfs2-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-devel-rt-4.4.74-7.10.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-base-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-devel-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt_debug-devel-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-source-rt-4.4.74-7.10.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-syms-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:ocfs2-kmp-rt-4.4.74-7.10.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP2:cluster-md-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:cluster-network-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:dlm-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:gfs2-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-devel-rt-4.4.74-7.10.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-base-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-devel-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt_debug-devel-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-source-rt-4.4.74-7.10.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-syms-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:ocfs2-kmp-rt-4.4.74-7.10.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-07-28T08:44:16Z",
"details": "moderate"
}
],
"title": "CVE-2017-6214"
},
{
"cve": "CVE-2017-6345",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-6345"
}
],
"notes": [
{
"category": "general",
"text": "The LLC subsystem in the Linux kernel before 4.9.13 does not ensure that a certain destructor exists in required circumstances, which allows local users to cause a denial of service (BUG_ON) or possibly have unspecified other impact via crafted system calls.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP2:cluster-md-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:cluster-network-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:dlm-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:gfs2-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-devel-rt-4.4.74-7.10.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-base-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-devel-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt_debug-devel-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-source-rt-4.4.74-7.10.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-syms-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:ocfs2-kmp-rt-4.4.74-7.10.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-6345",
"url": "https://www.suse.com/security/cve/CVE-2017-6345"
},
{
"category": "external",
"summary": "SUSE Bug 1027179 for CVE-2017-6345",
"url": "https://bugzilla.suse.com/1027179"
},
{
"category": "external",
"summary": "SUSE Bug 1027190 for CVE-2017-6345",
"url": "https://bugzilla.suse.com/1027190"
},
{
"category": "external",
"summary": "SUSE Bug 1087082 for CVE-2017-6345",
"url": "https://bugzilla.suse.com/1087082"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP2:cluster-md-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:cluster-network-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:dlm-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:gfs2-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-devel-rt-4.4.74-7.10.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-base-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-devel-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt_debug-devel-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-source-rt-4.4.74-7.10.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-syms-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:ocfs2-kmp-rt-4.4.74-7.10.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.2,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP2:cluster-md-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:cluster-network-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:dlm-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:gfs2-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-devel-rt-4.4.74-7.10.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-base-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-devel-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt_debug-devel-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-source-rt-4.4.74-7.10.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-syms-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:ocfs2-kmp-rt-4.4.74-7.10.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-07-28T08:44:16Z",
"details": "moderate"
}
],
"title": "CVE-2017-6345"
},
{
"cve": "CVE-2017-6346",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-6346"
}
],
"notes": [
{
"category": "general",
"text": "Race condition in net/packet/af_packet.c in the Linux kernel before 4.9.13 allows local users to cause a denial of service (use-after-free) or possibly have unspecified other impact via a multithreaded application that makes PACKET_FANOUT setsockopt system calls.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP2:cluster-md-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:cluster-network-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:dlm-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:gfs2-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-devel-rt-4.4.74-7.10.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-base-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-devel-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt_debug-devel-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-source-rt-4.4.74-7.10.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-syms-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:ocfs2-kmp-rt-4.4.74-7.10.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-6346",
"url": "https://www.suse.com/security/cve/CVE-2017-6346"
},
{
"category": "external",
"summary": "SUSE Bug 1027179 for CVE-2017-6346",
"url": "https://bugzilla.suse.com/1027179"
},
{
"category": "external",
"summary": "SUSE Bug 1027189 for CVE-2017-6346",
"url": "https://bugzilla.suse.com/1027189"
},
{
"category": "external",
"summary": "SUSE Bug 1064388 for CVE-2017-6346",
"url": "https://bugzilla.suse.com/1064388"
},
{
"category": "external",
"summary": "SUSE Bug 1064392 for CVE-2017-6346",
"url": "https://bugzilla.suse.com/1064392"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP2:cluster-md-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:cluster-network-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:dlm-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:gfs2-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-devel-rt-4.4.74-7.10.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-base-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-devel-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt_debug-devel-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-source-rt-4.4.74-7.10.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-syms-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:ocfs2-kmp-rt-4.4.74-7.10.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP2:cluster-md-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:cluster-network-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:dlm-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:gfs2-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-devel-rt-4.4.74-7.10.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-base-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-devel-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt_debug-devel-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-source-rt-4.4.74-7.10.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-syms-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:ocfs2-kmp-rt-4.4.74-7.10.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-07-28T08:44:16Z",
"details": "low"
}
],
"title": "CVE-2017-6346"
},
{
"cve": "CVE-2017-6347",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-6347"
}
],
"notes": [
{
"category": "general",
"text": "The ip_cmsg_recv_checksum function in net/ipv4/ip_sockglue.c in the Linux kernel before 4.10.1 has incorrect expectations about skb data layout, which allows local users to cause a denial of service (buffer over-read) or possibly have unspecified other impact via crafted system calls, as demonstrated by use of the MSG_MORE flag in conjunction with loopback UDP transmission.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP2:cluster-md-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:cluster-network-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:dlm-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:gfs2-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-devel-rt-4.4.74-7.10.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-base-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-devel-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt_debug-devel-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-source-rt-4.4.74-7.10.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-syms-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:ocfs2-kmp-rt-4.4.74-7.10.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-6347",
"url": "https://www.suse.com/security/cve/CVE-2017-6347"
},
{
"category": "external",
"summary": "SUSE Bug 1027179 for CVE-2017-6347",
"url": "https://bugzilla.suse.com/1027179"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP2:cluster-md-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:cluster-network-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:dlm-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:gfs2-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-devel-rt-4.4.74-7.10.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-base-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-devel-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt_debug-devel-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-source-rt-4.4.74-7.10.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-syms-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:ocfs2-kmp-rt-4.4.74-7.10.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP2:cluster-md-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:cluster-network-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:dlm-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:gfs2-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-devel-rt-4.4.74-7.10.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-base-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-devel-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt_debug-devel-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-source-rt-4.4.74-7.10.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-syms-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:ocfs2-kmp-rt-4.4.74-7.10.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-07-28T08:44:16Z",
"details": "low"
}
],
"title": "CVE-2017-6347"
},
{
"cve": "CVE-2017-6353",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-6353"
}
],
"notes": [
{
"category": "general",
"text": "net/sctp/socket.c in the Linux kernel through 4.10.1 does not properly restrict association peel-off operations during certain wait states, which allows local users to cause a denial of service (invalid unlock and double free) via a multithreaded application. NOTE: this vulnerability exists because of an incorrect fix for CVE-2017-5986.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP2:cluster-md-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:cluster-network-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:dlm-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:gfs2-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-devel-rt-4.4.74-7.10.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-base-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-devel-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt_debug-devel-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-source-rt-4.4.74-7.10.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-syms-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:ocfs2-kmp-rt-4.4.74-7.10.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-6353",
"url": "https://www.suse.com/security/cve/CVE-2017-6353"
},
{
"category": "external",
"summary": "SUSE Bug 1025235 for CVE-2017-6353",
"url": "https://bugzilla.suse.com/1025235"
},
{
"category": "external",
"summary": "SUSE Bug 1027066 for CVE-2017-6353",
"url": "https://bugzilla.suse.com/1027066"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP2:cluster-md-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:cluster-network-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:dlm-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:gfs2-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-devel-rt-4.4.74-7.10.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-base-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-devel-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt_debug-devel-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-source-rt-4.4.74-7.10.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-syms-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:ocfs2-kmp-rt-4.4.74-7.10.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP2:cluster-md-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:cluster-network-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:dlm-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:gfs2-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-devel-rt-4.4.74-7.10.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-base-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-devel-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt_debug-devel-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-source-rt-4.4.74-7.10.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-syms-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:ocfs2-kmp-rt-4.4.74-7.10.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-07-28T08:44:16Z",
"details": "moderate"
}
],
"title": "CVE-2017-6353"
},
{
"cve": "CVE-2017-7184",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-7184"
}
],
"notes": [
{
"category": "general",
"text": "The xfrm_replay_verify_len function in net/xfrm/xfrm_user.c in the Linux kernel through 4.10.6 does not validate certain size data after an XFRM_MSG_NEWAE update, which allows local users to obtain root privileges or cause a denial of service (heap-based out-of-bounds access) by leveraging the CAP_NET_ADMIN capability, as demonstrated during a Pwn2Own competition at CanSecWest 2017 for the Ubuntu 16.10 linux-image-* package 4.8.0.41.52.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP2:cluster-md-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:cluster-network-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:dlm-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:gfs2-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-devel-rt-4.4.74-7.10.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-base-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-devel-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt_debug-devel-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-source-rt-4.4.74-7.10.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-syms-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:ocfs2-kmp-rt-4.4.74-7.10.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-7184",
"url": "https://www.suse.com/security/cve/CVE-2017-7184"
},
{
"category": "external",
"summary": "SUSE Bug 1030573 for CVE-2017-7184",
"url": "https://bugzilla.suse.com/1030573"
},
{
"category": "external",
"summary": "SUSE Bug 1030575 for CVE-2017-7184",
"url": "https://bugzilla.suse.com/1030575"
},
{
"category": "external",
"summary": "SUSE Bug 1115893 for CVE-2017-7184",
"url": "https://bugzilla.suse.com/1115893"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP2:cluster-md-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:cluster-network-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:dlm-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:gfs2-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-devel-rt-4.4.74-7.10.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-base-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-devel-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt_debug-devel-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-source-rt-4.4.74-7.10.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-syms-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:ocfs2-kmp-rt-4.4.74-7.10.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP2:cluster-md-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:cluster-network-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:dlm-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:gfs2-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-devel-rt-4.4.74-7.10.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-base-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-devel-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt_debug-devel-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-source-rt-4.4.74-7.10.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-syms-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:ocfs2-kmp-rt-4.4.74-7.10.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-07-28T08:44:16Z",
"details": "moderate"
}
],
"title": "CVE-2017-7184"
},
{
"cve": "CVE-2017-7187",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-7187"
}
],
"notes": [
{
"category": "general",
"text": "The sg_ioctl function in drivers/scsi/sg.c in the Linux kernel through 4.10.4 allows local users to cause a denial of service (stack-based buffer overflow) or possibly have unspecified other impact via a large command size in an SG_NEXT_CMD_LEN ioctl call, leading to out-of-bounds write access in the sg_write function.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP2:cluster-md-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:cluster-network-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:dlm-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:gfs2-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-devel-rt-4.4.74-7.10.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-base-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-devel-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt_debug-devel-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-source-rt-4.4.74-7.10.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-syms-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:ocfs2-kmp-rt-4.4.74-7.10.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-7187",
"url": "https://www.suse.com/security/cve/CVE-2017-7187"
},
{
"category": "external",
"summary": "SUSE Bug 1027179 for CVE-2017-7187",
"url": "https://bugzilla.suse.com/1027179"
},
{
"category": "external",
"summary": "SUSE Bug 1030213 for CVE-2017-7187",
"url": "https://bugzilla.suse.com/1030213"
},
{
"category": "external",
"summary": "SUSE Bug 1115893 for CVE-2017-7187",
"url": "https://bugzilla.suse.com/1115893"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP2:cluster-md-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:cluster-network-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:dlm-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:gfs2-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-devel-rt-4.4.74-7.10.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-base-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-devel-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt_debug-devel-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-source-rt-4.4.74-7.10.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-syms-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:ocfs2-kmp-rt-4.4.74-7.10.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP2:cluster-md-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:cluster-network-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:dlm-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:gfs2-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-devel-rt-4.4.74-7.10.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-base-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-devel-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt_debug-devel-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-source-rt-4.4.74-7.10.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-syms-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:ocfs2-kmp-rt-4.4.74-7.10.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-07-28T08:44:16Z",
"details": "moderate"
}
],
"title": "CVE-2017-7187"
},
{
"cve": "CVE-2017-7261",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-7261"
}
],
"notes": [
{
"category": "general",
"text": "The vmw_surface_define_ioctl function in drivers/gpu/drm/vmwgfx/vmwgfx_surface.c in the Linux kernel through 4.10.5 does not check for a zero value of certain levels data, which allows local users to cause a denial of service (ZERO_SIZE_PTR dereference, and GPF and possibly panic) via a crafted ioctl call for a /dev/dri/renderD* device.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP2:cluster-md-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:cluster-network-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:dlm-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:gfs2-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-devel-rt-4.4.74-7.10.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-base-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-devel-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt_debug-devel-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-source-rt-4.4.74-7.10.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-syms-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:ocfs2-kmp-rt-4.4.74-7.10.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-7261",
"url": "https://www.suse.com/security/cve/CVE-2017-7261"
},
{
"category": "external",
"summary": "SUSE Bug 1027179 for CVE-2017-7261",
"url": "https://bugzilla.suse.com/1027179"
},
{
"category": "external",
"summary": "SUSE Bug 1031052 for CVE-2017-7261",
"url": "https://bugzilla.suse.com/1031052"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP2:cluster-md-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:cluster-network-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:dlm-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:gfs2-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-devel-rt-4.4.74-7.10.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-base-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-devel-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt_debug-devel-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-source-rt-4.4.74-7.10.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-syms-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:ocfs2-kmp-rt-4.4.74-7.10.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP2:cluster-md-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:cluster-network-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:dlm-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:gfs2-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-devel-rt-4.4.74-7.10.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-base-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-devel-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt_debug-devel-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-source-rt-4.4.74-7.10.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-syms-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:ocfs2-kmp-rt-4.4.74-7.10.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-07-28T08:44:16Z",
"details": "moderate"
}
],
"title": "CVE-2017-7261"
},
{
"cve": "CVE-2017-7294",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-7294"
}
],
"notes": [
{
"category": "general",
"text": "The vmw_surface_define_ioctl function in drivers/gpu/drm/vmwgfx/vmwgfx_surface.c in the Linux kernel through 4.10.6 does not validate addition of certain levels data, which allows local users to trigger an integer overflow and out-of-bounds write, and cause a denial of service (system hang or crash) or possibly gain privileges, via a crafted ioctl call for a /dev/dri/renderD* device.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP2:cluster-md-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:cluster-network-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:dlm-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:gfs2-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-devel-rt-4.4.74-7.10.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-base-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-devel-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt_debug-devel-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-source-rt-4.4.74-7.10.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-syms-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:ocfs2-kmp-rt-4.4.74-7.10.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-7294",
"url": "https://www.suse.com/security/cve/CVE-2017-7294"
},
{
"category": "external",
"summary": "SUSE Bug 1027179 for CVE-2017-7294",
"url": "https://bugzilla.suse.com/1027179"
},
{
"category": "external",
"summary": "SUSE Bug 1031440 for CVE-2017-7294",
"url": "https://bugzilla.suse.com/1031440"
},
{
"category": "external",
"summary": "SUSE Bug 1031481 for CVE-2017-7294",
"url": "https://bugzilla.suse.com/1031481"
},
{
"category": "external",
"summary": "SUSE Bug 1115893 for CVE-2017-7294",
"url": "https://bugzilla.suse.com/1115893"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP2:cluster-md-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:cluster-network-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:dlm-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:gfs2-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-devel-rt-4.4.74-7.10.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-base-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-devel-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt_debug-devel-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-source-rt-4.4.74-7.10.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-syms-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:ocfs2-kmp-rt-4.4.74-7.10.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP2:cluster-md-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:cluster-network-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:dlm-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:gfs2-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-devel-rt-4.4.74-7.10.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-base-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-devel-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt_debug-devel-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-source-rt-4.4.74-7.10.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-syms-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:ocfs2-kmp-rt-4.4.74-7.10.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-07-28T08:44:16Z",
"details": "moderate"
}
],
"title": "CVE-2017-7294"
},
{
"cve": "CVE-2017-7308",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-7308"
}
],
"notes": [
{
"category": "general",
"text": "The packet_set_ring function in net/packet/af_packet.c in the Linux kernel through 4.10.6 does not properly validate certain block-size data, which allows local users to cause a denial of service (integer signedness error and out-of-bounds write), or gain privileges (if the CAP_NET_RAW capability is held), via crafted system calls.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP2:cluster-md-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:cluster-network-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:dlm-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:gfs2-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-devel-rt-4.4.74-7.10.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-base-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-devel-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt_debug-devel-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-source-rt-4.4.74-7.10.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-syms-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:ocfs2-kmp-rt-4.4.74-7.10.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-7308",
"url": "https://www.suse.com/security/cve/CVE-2017-7308"
},
{
"category": "external",
"summary": "SUSE Bug 1027179 for CVE-2017-7308",
"url": "https://bugzilla.suse.com/1027179"
},
{
"category": "external",
"summary": "SUSE Bug 1031579 for CVE-2017-7308",
"url": "https://bugzilla.suse.com/1031579"
},
{
"category": "external",
"summary": "SUSE Bug 1031660 for CVE-2017-7308",
"url": "https://bugzilla.suse.com/1031660"
},
{
"category": "external",
"summary": "SUSE Bug 1115893 for CVE-2017-7308",
"url": "https://bugzilla.suse.com/1115893"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP2:cluster-md-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:cluster-network-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:dlm-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:gfs2-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-devel-rt-4.4.74-7.10.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-base-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-devel-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt_debug-devel-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-source-rt-4.4.74-7.10.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-syms-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:ocfs2-kmp-rt-4.4.74-7.10.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP2:cluster-md-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:cluster-network-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:dlm-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:gfs2-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-devel-rt-4.4.74-7.10.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-base-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-devel-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt_debug-devel-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-source-rt-4.4.74-7.10.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-syms-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:ocfs2-kmp-rt-4.4.74-7.10.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-07-28T08:44:16Z",
"details": "moderate"
}
],
"title": "CVE-2017-7308"
},
{
"cve": "CVE-2017-7346",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-7346"
}
],
"notes": [
{
"category": "general",
"text": "The vmw_gb_surface_define_ioctl function in drivers/gpu/drm/vmwgfx/vmwgfx_surface.c in the Linux kernel through 4.10.7 does not validate certain levels data, which allows local users to cause a denial of service (system hang) via a crafted ioctl call for a /dev/dri/renderD* device.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP2:cluster-md-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:cluster-network-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:dlm-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:gfs2-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-devel-rt-4.4.74-7.10.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-base-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-devel-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt_debug-devel-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-source-rt-4.4.74-7.10.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-syms-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:ocfs2-kmp-rt-4.4.74-7.10.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-7346",
"url": "https://www.suse.com/security/cve/CVE-2017-7346"
},
{
"category": "external",
"summary": "SUSE Bug 1031796 for CVE-2017-7346",
"url": "https://bugzilla.suse.com/1031796"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP2:cluster-md-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:cluster-network-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:dlm-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:gfs2-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-devel-rt-4.4.74-7.10.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-base-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-devel-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt_debug-devel-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-source-rt-4.4.74-7.10.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-syms-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:ocfs2-kmp-rt-4.4.74-7.10.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP2:cluster-md-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:cluster-network-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:dlm-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:gfs2-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-devel-rt-4.4.74-7.10.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-base-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-devel-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt_debug-devel-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-source-rt-4.4.74-7.10.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-syms-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:ocfs2-kmp-rt-4.4.74-7.10.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-07-28T08:44:16Z",
"details": "moderate"
}
],
"title": "CVE-2017-7346"
},
{
"cve": "CVE-2017-7374",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-7374"
}
],
"notes": [
{
"category": "general",
"text": "Use-after-free vulnerability in fs/crypto/ in the Linux kernel before 4.10.7 allows local users to cause a denial of service (NULL pointer dereference) or possibly gain privileges by revoking keyring keys being used for ext4, f2fs, or ubifs encryption, causing cryptographic transform objects to be freed prematurely.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP2:cluster-md-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:cluster-network-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:dlm-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:gfs2-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-devel-rt-4.4.74-7.10.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-base-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-devel-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt_debug-devel-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-source-rt-4.4.74-7.10.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-syms-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:ocfs2-kmp-rt-4.4.74-7.10.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-7374",
"url": "https://www.suse.com/security/cve/CVE-2017-7374"
},
{
"category": "external",
"summary": "SUSE Bug 1027179 for CVE-2017-7374",
"url": "https://bugzilla.suse.com/1027179"
},
{
"category": "external",
"summary": "SUSE Bug 1032006 for CVE-2017-7374",
"url": "https://bugzilla.suse.com/1032006"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP2:cluster-md-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:cluster-network-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:dlm-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:gfs2-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-devel-rt-4.4.74-7.10.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-base-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-devel-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt_debug-devel-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-source-rt-4.4.74-7.10.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-syms-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:ocfs2-kmp-rt-4.4.74-7.10.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP2:cluster-md-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:cluster-network-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:dlm-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:gfs2-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-devel-rt-4.4.74-7.10.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-base-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-devel-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt_debug-devel-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-source-rt-4.4.74-7.10.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-syms-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:ocfs2-kmp-rt-4.4.74-7.10.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-07-28T08:44:16Z",
"details": "moderate"
}
],
"title": "CVE-2017-7374"
},
{
"cve": "CVE-2017-7487",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-7487"
}
],
"notes": [
{
"category": "general",
"text": "The ipxitf_ioctl function in net/ipx/af_ipx.c in the Linux kernel through 4.11.1 mishandles reference counts, which allows local users to cause a denial of service (use-after-free) or possibly have unspecified other impact via a failed SIOCGIFADDR ioctl call for an IPX interface.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP2:cluster-md-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:cluster-network-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:dlm-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:gfs2-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-devel-rt-4.4.74-7.10.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-base-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-devel-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt_debug-devel-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-source-rt-4.4.74-7.10.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-syms-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:ocfs2-kmp-rt-4.4.74-7.10.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-7487",
"url": "https://www.suse.com/security/cve/CVE-2017-7487"
},
{
"category": "external",
"summary": "SUSE Bug 1038879 for CVE-2017-7487",
"url": "https://bugzilla.suse.com/1038879"
},
{
"category": "external",
"summary": "SUSE Bug 1038883 for CVE-2017-7487",
"url": "https://bugzilla.suse.com/1038883"
},
{
"category": "external",
"summary": "SUSE Bug 1038981 for CVE-2017-7487",
"url": "https://bugzilla.suse.com/1038981"
},
{
"category": "external",
"summary": "SUSE Bug 1038982 for CVE-2017-7487",
"url": "https://bugzilla.suse.com/1038982"
},
{
"category": "external",
"summary": "SUSE Bug 1072204 for CVE-2017-7487",
"url": "https://bugzilla.suse.com/1072204"
},
{
"category": "external",
"summary": "SUSE Bug 1115893 for CVE-2017-7487",
"url": "https://bugzilla.suse.com/1115893"
},
{
"category": "external",
"summary": "SUSE Bug 870618 for CVE-2017-7487",
"url": "https://bugzilla.suse.com/870618"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP2:cluster-md-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:cluster-network-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:dlm-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:gfs2-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-devel-rt-4.4.74-7.10.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-base-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-devel-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt_debug-devel-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-source-rt-4.4.74-7.10.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-syms-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:ocfs2-kmp-rt-4.4.74-7.10.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP2:cluster-md-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:cluster-network-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:dlm-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:gfs2-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-devel-rt-4.4.74-7.10.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-base-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-devel-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt_debug-devel-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-source-rt-4.4.74-7.10.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-syms-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:ocfs2-kmp-rt-4.4.74-7.10.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-07-28T08:44:16Z",
"details": "moderate"
}
],
"title": "CVE-2017-7487"
},
{
"cve": "CVE-2017-7616",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-7616"
}
],
"notes": [
{
"category": "general",
"text": "Incorrect error handling in the set_mempolicy and mbind compat syscalls in mm/mempolicy.c in the Linux kernel through 4.10.9 allows local users to obtain sensitive information from uninitialized stack data by triggering failure of a certain bitmap operation.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP2:cluster-md-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:cluster-network-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:dlm-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:gfs2-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-devel-rt-4.4.74-7.10.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-base-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-devel-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt_debug-devel-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-source-rt-4.4.74-7.10.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-syms-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:ocfs2-kmp-rt-4.4.74-7.10.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-7616",
"url": "https://www.suse.com/security/cve/CVE-2017-7616"
},
{
"category": "external",
"summary": "SUSE Bug 1033336 for CVE-2017-7616",
"url": "https://bugzilla.suse.com/1033336"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP2:cluster-md-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:cluster-network-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:dlm-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:gfs2-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-devel-rt-4.4.74-7.10.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-base-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-devel-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt_debug-devel-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-source-rt-4.4.74-7.10.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-syms-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:ocfs2-kmp-rt-4.4.74-7.10.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP2:cluster-md-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:cluster-network-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:dlm-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:gfs2-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-devel-rt-4.4.74-7.10.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-base-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-devel-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt_debug-devel-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-source-rt-4.4.74-7.10.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-syms-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:ocfs2-kmp-rt-4.4.74-7.10.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-07-28T08:44:16Z",
"details": "moderate"
}
],
"title": "CVE-2017-7616"
},
{
"cve": "CVE-2017-7618",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-7618"
}
],
"notes": [
{
"category": "general",
"text": "crypto/ahash.c in the Linux kernel through 4.10.9 allows attackers to cause a denial of service (API operation calling its own callback, and infinite recursion) by triggering EBUSY on a full queue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP2:cluster-md-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:cluster-network-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:dlm-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:gfs2-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-devel-rt-4.4.74-7.10.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-base-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-devel-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt_debug-devel-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-source-rt-4.4.74-7.10.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-syms-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:ocfs2-kmp-rt-4.4.74-7.10.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-7618",
"url": "https://www.suse.com/security/cve/CVE-2017-7618"
},
{
"category": "external",
"summary": "SUSE Bug 1033340 for CVE-2017-7618",
"url": "https://bugzilla.suse.com/1033340"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP2:cluster-md-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:cluster-network-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:dlm-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:gfs2-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-devel-rt-4.4.74-7.10.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-base-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-devel-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt_debug-devel-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-source-rt-4.4.74-7.10.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-syms-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:ocfs2-kmp-rt-4.4.74-7.10.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP2:cluster-md-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:cluster-network-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:dlm-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:gfs2-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-devel-rt-4.4.74-7.10.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-base-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-devel-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt_debug-devel-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-source-rt-4.4.74-7.10.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-syms-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:ocfs2-kmp-rt-4.4.74-7.10.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-07-28T08:44:16Z",
"details": "important"
}
],
"title": "CVE-2017-7618"
},
{
"cve": "CVE-2017-8890",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-8890"
}
],
"notes": [
{
"category": "general",
"text": "The inet_csk_clone_lock function in net/ipv4/inet_connection_sock.c in the Linux kernel through 4.10.15 allows attackers to cause a denial of service (double free) or possibly have unspecified other impact by leveraging use of the accept system call.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP2:cluster-md-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:cluster-network-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:dlm-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:gfs2-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-devel-rt-4.4.74-7.10.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-base-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-devel-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt_debug-devel-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-source-rt-4.4.74-7.10.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-syms-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:ocfs2-kmp-rt-4.4.74-7.10.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-8890",
"url": "https://www.suse.com/security/cve/CVE-2017-8890"
},
{
"category": "external",
"summary": "SUSE Bug 1038544 for CVE-2017-8890",
"url": "https://bugzilla.suse.com/1038544"
},
{
"category": "external",
"summary": "SUSE Bug 1038564 for CVE-2017-8890",
"url": "https://bugzilla.suse.com/1038564"
},
{
"category": "external",
"summary": "SUSE Bug 1039883 for CVE-2017-8890",
"url": "https://bugzilla.suse.com/1039883"
},
{
"category": "external",
"summary": "SUSE Bug 1039885 for CVE-2017-8890",
"url": "https://bugzilla.suse.com/1039885"
},
{
"category": "external",
"summary": "SUSE Bug 1040069 for CVE-2017-8890",
"url": "https://bugzilla.suse.com/1040069"
},
{
"category": "external",
"summary": "SUSE Bug 1042364 for CVE-2017-8890",
"url": "https://bugzilla.suse.com/1042364"
},
{
"category": "external",
"summary": "SUSE Bug 1051906 for CVE-2017-8890",
"url": "https://bugzilla.suse.com/1051906"
},
{
"category": "external",
"summary": "SUSE Bug 1115893 for CVE-2017-8890",
"url": "https://bugzilla.suse.com/1115893"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP2:cluster-md-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:cluster-network-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:dlm-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:gfs2-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-devel-rt-4.4.74-7.10.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-base-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-devel-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt_debug-devel-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-source-rt-4.4.74-7.10.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-syms-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:ocfs2-kmp-rt-4.4.74-7.10.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP2:cluster-md-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:cluster-network-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:dlm-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:gfs2-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-devel-rt-4.4.74-7.10.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-base-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-devel-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt_debug-devel-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-source-rt-4.4.74-7.10.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-syms-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:ocfs2-kmp-rt-4.4.74-7.10.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-07-28T08:44:16Z",
"details": "important"
}
],
"title": "CVE-2017-8890"
},
{
"cve": "CVE-2017-9074",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-9074"
}
],
"notes": [
{
"category": "general",
"text": "The IPv6 fragmentation implementation in the Linux kernel through 4.11.1 does not consider that the nexthdr field may be associated with an invalid option, which allows local users to cause a denial of service (out-of-bounds read and BUG) or possibly have unspecified other impact via crafted socket and send system calls.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP2:cluster-md-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:cluster-network-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:dlm-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:gfs2-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-devel-rt-4.4.74-7.10.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-base-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-devel-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt_debug-devel-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-source-rt-4.4.74-7.10.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-syms-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:ocfs2-kmp-rt-4.4.74-7.10.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-9074",
"url": "https://www.suse.com/security/cve/CVE-2017-9074"
},
{
"category": "external",
"summary": "SUSE Bug 1039882 for CVE-2017-9074",
"url": "https://bugzilla.suse.com/1039882"
},
{
"category": "external",
"summary": "SUSE Bug 1115893 for CVE-2017-9074",
"url": "https://bugzilla.suse.com/1115893"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP2:cluster-md-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:cluster-network-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:dlm-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:gfs2-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-devel-rt-4.4.74-7.10.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-base-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-devel-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt_debug-devel-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-source-rt-4.4.74-7.10.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-syms-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:ocfs2-kmp-rt-4.4.74-7.10.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP2:cluster-md-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:cluster-network-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:dlm-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:gfs2-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-devel-rt-4.4.74-7.10.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-base-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-devel-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt_debug-devel-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-source-rt-4.4.74-7.10.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-syms-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:ocfs2-kmp-rt-4.4.74-7.10.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-07-28T08:44:16Z",
"details": "moderate"
}
],
"title": "CVE-2017-9074"
},
{
"cve": "CVE-2017-9075",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-9075"
}
],
"notes": [
{
"category": "general",
"text": "The sctp_v6_create_accept_sk function in net/sctp/ipv6.c in the Linux kernel through 4.11.1 mishandles inheritance, which allows local users to cause a denial of service or possibly have unspecified other impact via crafted system calls, a related issue to CVE-2017-8890.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP2:cluster-md-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:cluster-network-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:dlm-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:gfs2-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-devel-rt-4.4.74-7.10.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-base-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-devel-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt_debug-devel-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-source-rt-4.4.74-7.10.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-syms-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:ocfs2-kmp-rt-4.4.74-7.10.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-9075",
"url": "https://www.suse.com/security/cve/CVE-2017-9075"
},
{
"category": "external",
"summary": "SUSE Bug 1038544 for CVE-2017-9075",
"url": "https://bugzilla.suse.com/1038544"
},
{
"category": "external",
"summary": "SUSE Bug 1039883 for CVE-2017-9075",
"url": "https://bugzilla.suse.com/1039883"
},
{
"category": "external",
"summary": "SUSE Bug 1051906 for CVE-2017-9075",
"url": "https://bugzilla.suse.com/1051906"
},
{
"category": "external",
"summary": "SUSE Bug 1115893 for CVE-2017-9075",
"url": "https://bugzilla.suse.com/1115893"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP2:cluster-md-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:cluster-network-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:dlm-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:gfs2-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-devel-rt-4.4.74-7.10.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-base-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-devel-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt_debug-devel-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-source-rt-4.4.74-7.10.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-syms-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:ocfs2-kmp-rt-4.4.74-7.10.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP2:cluster-md-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:cluster-network-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:dlm-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:gfs2-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-devel-rt-4.4.74-7.10.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-base-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-devel-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt_debug-devel-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-source-rt-4.4.74-7.10.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-syms-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:ocfs2-kmp-rt-4.4.74-7.10.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-07-28T08:44:16Z",
"details": "moderate"
}
],
"title": "CVE-2017-9075"
},
{
"cve": "CVE-2017-9076",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-9076"
}
],
"notes": [
{
"category": "general",
"text": "The dccp_v6_request_recv_sock function in net/dccp/ipv6.c in the Linux kernel through 4.11.1 mishandles inheritance, which allows local users to cause a denial of service or possibly have unspecified other impact via crafted system calls, a related issue to CVE-2017-8890.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP2:cluster-md-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:cluster-network-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:dlm-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:gfs2-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-devel-rt-4.4.74-7.10.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-base-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-devel-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt_debug-devel-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-source-rt-4.4.74-7.10.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-syms-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:ocfs2-kmp-rt-4.4.74-7.10.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-9076",
"url": "https://www.suse.com/security/cve/CVE-2017-9076"
},
{
"category": "external",
"summary": "SUSE Bug 1038544 for CVE-2017-9076",
"url": "https://bugzilla.suse.com/1038544"
},
{
"category": "external",
"summary": "SUSE Bug 1039885 for CVE-2017-9076",
"url": "https://bugzilla.suse.com/1039885"
},
{
"category": "external",
"summary": "SUSE Bug 1040069 for CVE-2017-9076",
"url": "https://bugzilla.suse.com/1040069"
},
{
"category": "external",
"summary": "SUSE Bug 1051906 for CVE-2017-9076",
"url": "https://bugzilla.suse.com/1051906"
},
{
"category": "external",
"summary": "SUSE Bug 1115893 for CVE-2017-9076",
"url": "https://bugzilla.suse.com/1115893"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP2:cluster-md-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:cluster-network-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:dlm-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:gfs2-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-devel-rt-4.4.74-7.10.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-base-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-devel-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt_debug-devel-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-source-rt-4.4.74-7.10.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-syms-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:ocfs2-kmp-rt-4.4.74-7.10.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.2,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP2:cluster-md-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:cluster-network-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:dlm-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:gfs2-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-devel-rt-4.4.74-7.10.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-base-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-devel-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt_debug-devel-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-source-rt-4.4.74-7.10.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-syms-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:ocfs2-kmp-rt-4.4.74-7.10.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-07-28T08:44:16Z",
"details": "moderate"
}
],
"title": "CVE-2017-9076"
},
{
"cve": "CVE-2017-9077",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-9077"
}
],
"notes": [
{
"category": "general",
"text": "The tcp_v6_syn_recv_sock function in net/ipv6/tcp_ipv6.c in the Linux kernel through 4.11.1 mishandles inheritance, which allows local users to cause a denial of service or possibly have unspecified other impact via crafted system calls, a related issue to CVE-2017-8890.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP2:cluster-md-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:cluster-network-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:dlm-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:gfs2-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-devel-rt-4.4.74-7.10.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-base-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-devel-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt_debug-devel-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-source-rt-4.4.74-7.10.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-syms-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:ocfs2-kmp-rt-4.4.74-7.10.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-9077",
"url": "https://www.suse.com/security/cve/CVE-2017-9077"
},
{
"category": "external",
"summary": "SUSE Bug 1038544 for CVE-2017-9077",
"url": "https://bugzilla.suse.com/1038544"
},
{
"category": "external",
"summary": "SUSE Bug 1040069 for CVE-2017-9077",
"url": "https://bugzilla.suse.com/1040069"
},
{
"category": "external",
"summary": "SUSE Bug 1042364 for CVE-2017-9077",
"url": "https://bugzilla.suse.com/1042364"
},
{
"category": "external",
"summary": "SUSE Bug 1115893 for CVE-2017-9077",
"url": "https://bugzilla.suse.com/1115893"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP2:cluster-md-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:cluster-network-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:dlm-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:gfs2-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-devel-rt-4.4.74-7.10.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-base-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-devel-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt_debug-devel-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-source-rt-4.4.74-7.10.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-syms-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:ocfs2-kmp-rt-4.4.74-7.10.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP2:cluster-md-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:cluster-network-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:dlm-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:gfs2-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-devel-rt-4.4.74-7.10.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-base-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-devel-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt_debug-devel-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-source-rt-4.4.74-7.10.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-syms-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:ocfs2-kmp-rt-4.4.74-7.10.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-07-28T08:44:16Z",
"details": "moderate"
}
],
"title": "CVE-2017-9077"
},
{
"cve": "CVE-2017-9150",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-9150"
}
],
"notes": [
{
"category": "general",
"text": "The do_check function in kernel/bpf/verifier.c in the Linux kernel before 4.11.1 does not make the allow_ptr_leaks value available for restricting the output of the print_bpf_insn function, which allows local users to obtain sensitive address information via crafted bpf system calls.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP2:cluster-md-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:cluster-network-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:dlm-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:gfs2-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-devel-rt-4.4.74-7.10.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-base-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-devel-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt_debug-devel-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-source-rt-4.4.74-7.10.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-syms-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:ocfs2-kmp-rt-4.4.74-7.10.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-9150",
"url": "https://www.suse.com/security/cve/CVE-2017-9150"
},
{
"category": "external",
"summary": "SUSE Bug 1040279 for CVE-2017-9150",
"url": "https://bugzilla.suse.com/1040279"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP2:cluster-md-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:cluster-network-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:dlm-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:gfs2-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-devel-rt-4.4.74-7.10.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-base-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-devel-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt_debug-devel-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-source-rt-4.4.74-7.10.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-syms-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:ocfs2-kmp-rt-4.4.74-7.10.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP2:cluster-md-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:cluster-network-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:dlm-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:gfs2-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-devel-rt-4.4.74-7.10.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-base-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-devel-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt_debug-devel-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-source-rt-4.4.74-7.10.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-syms-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:ocfs2-kmp-rt-4.4.74-7.10.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-07-28T08:44:16Z",
"details": "low"
}
],
"title": "CVE-2017-9150"
},
{
"cve": "CVE-2017-9242",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-9242"
}
],
"notes": [
{
"category": "general",
"text": "The __ip6_append_data function in net/ipv6/ip6_output.c in the Linux kernel through 4.11.3 is too late in checking whether an overwrite of an skb data structure may occur, which allows local users to cause a denial of service (system crash) via crafted system calls.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP2:cluster-md-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:cluster-network-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:dlm-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:gfs2-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-devel-rt-4.4.74-7.10.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-base-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-devel-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt_debug-devel-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-source-rt-4.4.74-7.10.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-syms-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:ocfs2-kmp-rt-4.4.74-7.10.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-9242",
"url": "https://www.suse.com/security/cve/CVE-2017-9242"
},
{
"category": "external",
"summary": "SUSE Bug 1041431 for CVE-2017-9242",
"url": "https://bugzilla.suse.com/1041431"
},
{
"category": "external",
"summary": "SUSE Bug 1042892 for CVE-2017-9242",
"url": "https://bugzilla.suse.com/1042892"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP2:cluster-md-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:cluster-network-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:dlm-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:gfs2-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-devel-rt-4.4.74-7.10.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-base-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-devel-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt_debug-devel-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-source-rt-4.4.74-7.10.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-syms-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:ocfs2-kmp-rt-4.4.74-7.10.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP2:cluster-md-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:cluster-network-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:dlm-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:gfs2-kmp-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-devel-rt-4.4.74-7.10.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-base-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-devel-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-rt_debug-devel-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-source-rt-4.4.74-7.10.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP2:kernel-syms-rt-4.4.74-7.10.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP2:ocfs2-kmp-rt-4.4.74-7.10.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-07-28T08:44:16Z",
"details": "important"
}
],
"title": "CVE-2017-9242"
}
]
}
ghsa-x83c-3wr5-hrwp
Vulnerability from github
Published
2022-05-17 03:00
Modified
2022-05-17 03:00
Severity ?
VLAI Severity ?
Details
Integer overflow in the vc4_get_bcl function in drivers/gpu/drm/vc4/vc4_gem.c in the VideoCore DRM driver in the Linux kernel before 4.9.7 allows local users to cause a denial of service or possibly have unspecified other impact via a crafted size value in a VC4_SUBMIT_CL ioctl call.
{
"affected": [],
"aliases": [
"CVE-2017-5576"
],
"database_specific": {
"cwe_ids": [
"CWE-190"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2017-02-06T06:59:00Z",
"severity": "HIGH"
},
"details": "Integer overflow in the vc4_get_bcl function in drivers/gpu/drm/vc4/vc4_gem.c in the VideoCore DRM driver in the Linux kernel before 4.9.7 allows local users to cause a denial of service or possibly have unspecified other impact via a crafted size value in a VC4_SUBMIT_CL ioctl call.",
"id": "GHSA-x83c-3wr5-hrwp",
"modified": "2022-05-17T03:00:56Z",
"published": "2022-05-17T03:00:56Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-5576"
},
{
"type": "WEB",
"url": "https://github.com/torvalds/linux/commit/0f2ff82e11c86c05d051cae32b58226392d33bbf"
},
{
"type": "WEB",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1416436"
},
{
"type": "WEB",
"url": "https://lkml.org/lkml/2017/1/17/761"
},
{
"type": "WEB",
"url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=0f2ff82e11c86c05d051cae32b58226392d33bbf"
},
{
"type": "WEB",
"url": "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.7"
},
{
"type": "WEB",
"url": "http://www.openwall.com/lists/oss-security/2017/01/21/7"
},
{
"type": "WEB",
"url": "http://www.securityfocus.com/bid/95767"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…